diff options
| author | asomers <asomers@FreeBSD.org> | 2016-05-21 02:14:11 +0000 |
|---|---|---|
| committer | asomers <asomers@FreeBSD.org> | 2016-05-21 02:14:11 +0000 |
| commit | 4e1ba42e3dd20b6d2041570f6fa86db235291db2 (patch) | |
| tree | 29679b7b3828de6f1776bb4d7619840849d2b146 | |
| parent | c234fb9e56ba00354c976646e5854ce24f18d8eb (diff) | |
| download | FreeBSD-src-4e1ba42e3dd20b6d2041570f6fa86db235291db2.zip FreeBSD-src-4e1ba42e3dd20b6d2041570f6fa86db235291db2.tar.gz | |
Better document security_show_{success,info,badconfig} in /etc/periodic.conf
periodic(8) already handles the security_show_{success,info,badconfig}
variables correctly. However, those variables aren't explicitly set in
/etc/defaults/periodic.conf or anywhere else, which suggests to the user
that they shouldn't be used.
etc/defaults/periodic.conf
Explicitly set defaults for security_show_{success,info,badconfig}
usr.sbin/periodic/periodic.sh
Update usage string
usr.sbin/periodic/periodic.8
Minor man page updates
One thing I'm _not_ doing is recommending setting security_output to
/var/log/security.log or adding that file to /etc/newsyslog.conf, because
periodic(8) would create it with default permissions, usually 644, and
that's probably a bad idea.
Reviewed by: brd
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6477
| -rw-r--r-- | etc/defaults/periodic.conf | 4 | ||||
| -rw-r--r-- | usr.sbin/periodic/periodic.8 | 9 | ||||
| -rw-r--r-- | usr.sbin/periodic/periodic.sh | 4 |
3 files changed, 11 insertions, 6 deletions
diff --git a/etc/defaults/periodic.conf b/etc/defaults/periodic.conf index 2364d7f..eeadae5 100644 --- a/etc/defaults/periodic.conf +++ b/etc/defaults/periodic.conf @@ -222,6 +222,10 @@ monthly_local="/etc/monthly.local" # Local scripts # Security options +security_show_success="YES" # scripts returning 0 +security_show_info="YES" # scripts returning 1 +security_show_badconfig="NO" # scripts returning 2 + # These options are used by the security periodic(8) scripts spawned in # daily and weekly 450.status-security. security_status_logdir="/var/log" # Directory for logs diff --git a/usr.sbin/periodic/periodic.8 b/usr.sbin/periodic/periodic.8 index 175119d..b7bfdf6 100644 --- a/usr.sbin/periodic/periodic.8 +++ b/usr.sbin/periodic/periodic.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 30, 2007 +.Dd May 20, 2016 .Dt PERIODIC 8 .Os .Sh NAME @@ -166,8 +166,9 @@ table the top level directory containing .Pa daily , .Pa weekly , +.Pa monthly , and -.Pa monthly +.Pa security subdirectories which contain standard system periodic executables .It Pa /etc/defaults/periodic.conf the @@ -175,9 +176,9 @@ the system registry contains variables that control the behaviour of .Nm and the standard -.Pa daily , weekly , +.Pa daily , weekly , monthly , and -.Pa monthly +.Pa security scripts .It Pa /etc/periodic.conf this file contains local overrides for the default diff --git a/usr.sbin/periodic/periodic.sh b/usr.sbin/periodic/periodic.sh index c27aeee..b260520 100644 --- a/usr.sbin/periodic/periodic.sh +++ b/usr.sbin/periodic/periodic.sh @@ -4,13 +4,13 @@ # # Run nightly periodic scripts # -# usage: periodic { daily | weekly | monthly } - run standard periodic scripts +# usage: periodic { daily | weekly | monthly | security } - run standard scripts # periodic /absolute/path/to/directory - run periodic scripts in dir # usage () { echo "usage: $0 <directory of files to execute>" 1>&2 - echo "or $0 { daily | weekly | monthly }" 1>&2 + echo "or $0 { daily | weekly | monthly | security }" 1>&2 exit 1 } |
