1 |
On 10/22/2013 10:02 AM, Linlin Yan (颜林林) wrote: |
2 |
> Hi there, |
3 |
> |
4 |
> After net-firewall/iptables-1.4.16.3 (amd64) installed, I occasionally |
5 |
> found that it put iptables-xml ('s symbolic link) in /usr/bin/, but |
6 |
> other tools (like iptables-restore and iptables-save) are not. Is |
7 |
> there any trick about this? |
8 |
> |
9 |
|
10 |
The others are in /sbin because, |
11 |
|
12 |
a) They can't be run by anyone other than root |
13 |
|
14 |
b) You want them available at boot time |
15 |
|
16 |
But as a normal user, suppose I have an old iptables-save dump lying |
17 |
around. There's no problem with me running iptables-xml on it, since |
18 |
that will just read a file and write some XML to stdout. No special |
19 |
privileges necessary. |