Secure Locate v3.1 Stable ------------------------- Released March 7, 2006 Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Kevin Lindsay Table of Contents ----------------- Setting up Secure Locate Manually ................................... I Creating the Database ............................................... II Options ............................................................. III Configuration File................................................... IV Ports ............................................................... V Author and Bugs .................................................... VI -------------------------------------------------------------------------- I. SETTING UP SECURE LOCATE MANUALLY --------------------------------- 1. If the install script does not work, a manual setup will have to be done. The first thing to do is copy the slocate binary to a directory in your path. Usually the directory: /usr/local/bin/ 2. Next you must create a group called: slocate You can do this by either editing the /etc/group file manually or use a group add utility. The following is supported by Linux: groupadd slocate 3. Once the group has been created, you must now change the ownership and permissions of the slocate binary. To do this execute the following commands. chown root:slocate /usr/local/bin/slocate chmod 2755 /usr/local/bin/slocate 4. To make Secure Locate more convenient to use, you can symlink 'slocate' to 'locate'. Move the old version of locate to something else if it exists. ln -s /usr/local/bin/slocate /usr/local/bin/locate 5. To make updating the database more convenient, you may link 'slocate' to 'updatedb'. This way, just running 'updatedb' will index from the '/' root directory. ln -s /usr/local/bin/slocate /usr/local/bin/updatedb 6. Then all you have to do is make sure this path exits: /var/lib/slocate You can do this by executing this command: mkdir -p /var/lib/slocate Now just give it the proper ownership and permissions: chown root:slocate /var/lib/slocate chmod 0750 /var/lib/slocate II. CREATING THE DATABASE --------------------- When creating the database, there are a few options that you may use to customize which files get indexed and how. The database will be stored in /var/lib/slocate/. The two main options are: -u - Indexes every file on your system. -U - Indexes every file in the directory . Below are some examles of different types of indexing options: Create an index of everyfile in every directory on your system. slocate -u Create an index of everyfile in the specified directory . slocate -U Create an index of everyfile excluding the specified files/directories, /proc /dev and /tmp slocate -e "/proc,/dev/,/tmp" -u Create an index of everyfile excluding files on NFS and iso9660 type file systems. slocate -f "NFS,iso9660" -u Create an index of everyfile but do not mark the database as secure. This will cause slocate to NOT check file permissions before displaying them to the user. This will allow every user on the system to gain knowledge of filenames that they would not normally have access to. The advantage to this option is to make searching faster. slocate -l0 -u If you symlinked /usr/local/bin/slocate to /usr/local/bin/updatedb, then executing the updatedb command will automatically index the root filesystem starting at '/'. This will also cause the file '/etc/updatedb.conf' to be parsed. This file is in the same format as the original updatedb.sh configuration file. III. OPTIONS ------- -u - Create slocate database starting at path /. -U - Create slocate database starting at path . -e - Exclude directories from slocate database. -f - Exclude files on specified file system types from the slocate database. -c - Force slocate to parse '/etc/updatedb.conf' when updating the database. -l <[01]> - Security level. 0 turns security checks off. This will make searchs faster. 1 turns security checks on. This is the default. -q - Quite mode. Error messages are suppressed. -n - Limit the amount of results shown to . -i - Does a case insensitive search. -r --regexp= - Search the database using a basic POSIX regular expression. -o --output= - Specfies the database to create. -d --database=path - Specfies path of database to search in. -h --help - Display this help. -v --verbose - Verbose mode. Display files when creating database. -V --version - Display version. IV. CONFIGURATION FILE ------------------ Secure Locate will parse GNU Locate's '/etc/updatedb.conf' when the '-c' argument is provided with 'slocate' or automatically when 'updatedb' is run. But please be aware that Secure Locate currently does NOT support all options provided by GNU Locate's configuration file. Options currently supported by Secure Locate are PRUNEFS and PRUNEPATHS. V. PORTS ----- v3.0 is a complete rewrite. As of this version it has only been tested on Linux. VI. AUTHOR AND BUGS --------------- Author: Kevin Lindsay Bug Reports: slocate@trakker.ca HTTP: http://slocate.trakker.ca/