# You may do everything with this code except misrepresent its origin.
# PROVIDED `AS IS' WITH ABSOLUTELY NO WARRANTY OF ANY KIND!
-#The following list should contain the mount points of all filesystems
-#that are to be scanned as a space-separated list within parentheses.
-#/ will usually be in this list and if you have /usr
-#on a separate partition, it will also be in this list. Other non-special
-#filesystems where suspicious files could be located should also be put in
-#this list.
-#Mount points whose filesystems are special, such as procfs or sysfs should
-#not be in this list.
-
-## Bastard settings
-# fs_to_scan=(/ /opt /usr /usr/local /var)
+# The following list should contain the mount points of all filesystems
+# that are to be scanned as a space-separated list within parentheses.
+# / will usually be in this list and if you have /usr
+# on a separate partition, it will also be in this list. Other non-special
+# filesystems where suspicious files could be located should also be put in
+# this list.
+# Mount points whose filesystems are special, such as procfs or sysfs should
+# not be in this list.
fs_to_scan=(/)
-#Files with a path prefix found in the following list are ignored.
-#DO !!!!NOT!!! PUT /usr/src OR WHATEVER THE HOME DIRECTORY prefix is for your
-#package users into this list!!! You DO want to scan those directories in
-#order to spot e.g. world-writable tarballs and other abominations that
-#may have crept in.
-#Ideally, this list should be empty.
-
## Bastard settings
-# prune_prefixes=(/*/\{arch\}) #NO TRAILING SLASHES!!!
+#fs_to_scan=(\
+# / \
+# /opt \
+# /usr \
+# /usr/X11R6 \
+# /usr/lib \
+# /usr/share \
+# /usr/src \
+# /var)
+
+# Files with a path prefix found in the following list are ignored.
+# DO !!!!NOT!!! PUT /usr/src OR WHATEVER THE HOME DIRECTORY prefix is for your
+# package users into this list!!! You DO want to scan those directories in
+# order to spot e.g. world-writable tarballs and other abominations that
+# may have crept in.
+# Ideally, this list should be empty.
+
+prune_prefixes=(/root /*/lost+found) #NO TRAILING SLASHES!!!
-prune_prefixes=()
-
-#If the following variable is set to "yes", then files that contain
-#control characters or other non-printable characters (except for space)
-#will be reported as suspicious.
-#This test slows down the search considerably!
+## Bastard settings
+#prune_prefixes=(\
+# /root \
+# /{,*/{,*/}}lost+found \
+# /etc/polkit-1/localauthority \
+# /etc/sudoers.d \
+# /opt/pgsql/data \
+# /var/lib/{polkit-1,sasl,net-snmp,udisks} \
+# /var/log/syslog-ng \
+# /mnt \
+# /media)
+
+# If the following variable is set to "yes", then files that contain
+# control characters or other non-printable characters (except for space)
+# will be reported as suspicious.
+# This test slows down the search considerably!
enable_illchars=yes
-#suppress ugly debug output from shell
+# suppress ugly debug output from shell
trap ':' SIGPIPE
-#"-false" as 1st argument is used when called by list_suspicious_files_from
+# "-false" as 1st argument is used when called by list_suspicious_files_from
if [ $# -ge 1 -a "$1" != "-false" ]; then
echo 1>&2
echo 1>&2 "USAGE: ${0##*/}"