[osiris] Re: What are your recommendations on recursive symlinks?

[David Vasil]

Justis Peters wrote:
> We are attempting to make our own default.linux file that starts out
> very inclusive and excludes anything that gets too noisy.  The
> difficulty I am encountering is in symlinks that refer back to a
> location higher in its own tree (e.g. a symlink to ../).  Whenever it
> encounters one of these, osiris devolves into an infinite loop and I
> never receive any notifications about this until the next scheduled scan
> fails (because one is already running).

Personally, I try to avoid symlinks like these as they have a tendency
to produce unexpected behavior in various programs.  In Osiris's case,
as long as you know where these symlinks are going to be, I think the
'FollowLinks no' directive should fix your problem.

> Does anyone have recommendations on a best practice to address this? 
> Ideally, I'd like some way to just not follow symlinks when they are
> recursive.  I have tried other tactics, though, like an explicit NoEntry
> or Exclude filter for the symlink in question.  Even then, though, it
> gets into its endless loop.

So if you have a link like this:

/boot/grub/grub -> /boot/grub

You could use this block to scan /boot

<Directory /boot>
Recursive yes
FollowLinks no
IncludeAll
</Directory>

> Thanks in advance for your advice.

Hope this helps!

-- 
-dave