diff options
| author | brian <brian@FreeBSD.org> | 2001-01-30 10:24:18 +0000 |
|---|---|---|
| committer | brian <brian@FreeBSD.org> | 2001-01-30 10:24:18 +0000 |
| commit | 9233b23065666a1692fd4310c5792a4abbafd1b2 (patch) | |
| tree | 8371b8f0418c051e8f678315f0858dc155b7c1a0 | |
| parent | a3eebfdb498127601f3c0d93833e2917107d993b (diff) | |
| download | FreeBSD-src-9233b23065666a1692fd4310c5792a4abbafd1b2.zip FreeBSD-src-9233b23065666a1692fd4310c5792a4abbafd1b2.tar.gz | |
Allow the output of /etc/security to be logged or mailed to different
users in line with ${daily,weekly,monthly}_output using a new
$daily_status_security_output variable.
PR: 24643
| -rw-r--r-- | etc/defaults/periodic.conf | 1 | ||||
| -rwxr-xr-x | etc/periodic/daily/450.status-security | 17 | ||||
| -rw-r--r-- | share/man/man5/periodic.conf.5 | 15 |
3 files changed, 26 insertions, 7 deletions
diff --git a/etc/defaults/periodic.conf b/etc/defaults/periodic.conf index c50d28a..f72b146 100644 --- a/etc/defaults/periodic.conf +++ b/etc/defaults/periodic.conf @@ -110,6 +110,7 @@ daily_status_mailq_shorten="NO" # Shorten output # 450.status-security daily_status_security_enable="YES" # Security check daily_status_security_inline="NO" # Run inline ? +daily_status_security_output="root" # user or /file daily_status_security_noamd="NO" # Don't check amd mounts daily_status_security_nomfs="NO" # Don't check mfs mounts diff --git a/etc/periodic/daily/450.status-security b/etc/periodic/daily/450.status-security index 61fcf8b..4953fbb 100755 --- a/etc/periodic/daily/450.status-security +++ b/etc/periodic/daily/450.status-security @@ -30,13 +30,20 @@ case "$daily_status_security_enable" in case "$daily_status_security_inline" in [Yy][Ee][Ss]) - sh /etc/security -s $args - rc=$?;; + sh /etc/security -s $args + rc=$?;; *) - echo " (output mailed separately)" - sh /etc/security $args 2>&1 | - sendmail root && rc=0 || rc=3;; + case "${daily_status_security_output:=root}" in + /*) + echo " (output logged separately)" + sh /etc/security -s $args \ + >$daily_status_security_output 2>&1;; + *) + echo " (output mailed separately)" + sh /etc/security $args 2>&1 | + sendmail $daily_status_security_output;; + esac;; esac;; *) rc=0;; diff --git a/share/man/man5/periodic.conf.5 b/share/man/man5/periodic.conf.5 index e48d2e3..74a3937 100644 --- a/share/man/man5/periodic.conf.5 +++ b/share/man/man5/periodic.conf.5 @@ -359,8 +359,19 @@ if you want to run if you want to run .Pa /etc/security inline. -The alternative is to run it as a background job, mailing the output to -.An root . +The default is to either mail or log the output according to the value of +.Ar $daily_status_security_output . +.It Ar daily_status_security_output +(str) Where to send the output of +.Pa /etc/security +if +.Ar $daily_status_security_inline +is set to +.Dq NO . +This variable behaves in the same way as the +.Ar *_output +variables above, namely it can be set either to one or more email addresses +or to an absolute file name. .It Ar daily_status_security_noamd (bool) Set to .Dq YES |
