diff options
author | cjc <cjc@FreeBSD.org> | 2001-12-07 23:57:39 +0000 |
---|---|---|
committer | cjc <cjc@FreeBSD.org> | 2001-12-07 23:57:39 +0000 |
commit | ba1e7b85770ec4a614f79c25d579dcd341018bdd (patch) | |
tree | a90b7b90f63cfbd9961c5d653c2f3a139806e2b1 /etc/defaults | |
parent | be29456bc43b8c5ac3ee45ea4f345a65df0637ff (diff) | |
download | FreeBSD-src-ba1e7b85770ec4a614f79c25d579dcd341018bdd.zip FreeBSD-src-ba1e7b85770ec4a614f79c25d579dcd341018bdd.tar.gz |
Long ago, there was just /etc/daily. Then /etc/security was split out
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.
Reviewed by: ru
Approved by: ru
Diffstat (limited to 'etc/defaults')
-rw-r--r-- | etc/defaults/periodic.conf | 49 |
1 files changed, 46 insertions, 3 deletions
diff --git a/etc/defaults/periodic.conf b/etc/defaults/periodic.conf index c14a4a0..19c25dc 100644 --- a/etc/defaults/periodic.conf +++ b/etc/defaults/periodic.conf @@ -105,9 +105,7 @@ daily_status_mailq_shorten="NO" # Shorten output # 450.status-security daily_status_security_enable="YES" # Security check -daily_status_security_inline="NO" # Run inline ? -daily_status_security_output="root" # user or /file -daily_status_security_noamd="NO" # Don't check amd mounts +# See "Security options" below for more options # 460.status-mail-rejects daily_status_mail_rejects_enable="YES" # Check mail rejects @@ -124,6 +122,51 @@ daily_queuerun_enable="YES" # Run mail queue daily_local="/etc/daily.local" # Local scripts +# Security options + +# These options are used by the security periodic(8) scripts spawned in +# 450.status-security above. +daily_status_security_inline="NO" # Run inline ? +daily_status_security_output="root" # user or /file +daily_status_security_noamd="NO" # Don't check amd mounts +daily_status_security_logdir="/var/log" # Directory for logs + +# 100.chksetuid +daily_status_security_chksetuid_enable="YES" + +# 200.chkmounts +daily_status_security_chkmounts_enable="YES" +#daily_status_security_chkmounts_ignore="^amd:" # Don't check matching + # FS types + +# 300.chkuid0 +daily_status_security_chkuid0_enable="YES" + +# 400.passwdless +daily_status_security_passwdless_enable="YES" + +# 500.ipfwdenied +daily_status_security_ipfwdenied_enable="YES" + +# 550.ipfwlimit +daily_status_security_ipfwlimit_enable="YES" + +# 600.ip6fwdenied +daily_status_security_ip6fwdenied_enable="YES" + +# 650.ip6fwlimit +daily_status_security_ip6fwlimit_enable="YES" + +# 700.kernelmsg +daily_status_security_kernelmsg_enable="YES" + +# 800.loginfail +daily_status_security_loginfail_enable="YES" + +# 900.tcpwrap +daily_status_security_tcpwrap_enable="YES" + + # Weekly options # These options are used by periodic(8) itself to determine what to do |