diff options
| author | asomers <asomers@FreeBSD.org> | 2017-04-28 14:43:14 +0000 |
|---|---|---|
| committer | asomers <asomers@FreeBSD.org> | 2017-04-28 14:43:14 +0000 |
| commit | 88c95c3a98f96b1976bf7a590e19eba556faa588 (patch) | |
| tree | f84fc04ec6f978f22c4afeecfb06c77e5148ebb7 /etc | |
| parent | 0de8f3b2f0a04cc5b9c321fd929577f2c86706e2 (diff) | |
| download | FreeBSD-src-88c95c3a98f96b1976bf7a590e19eba556faa588.zip FreeBSD-src-88c95c3a98f96b1976bf7a590e19eba556faa588.tar.gz | |
MFC r316548:
Quiet 450.status-security when *_inline="YES"
Previously, 450.status-security would always set rc=3 in inline mode,
because it doesn't know whether "periodic security" is going to find
anything interesting. But this annoyingly results in daily reports that
simply say "Security check: \n\n-- End of daily output --".
This change fixes that by testing whether "periodic security" printed
anything, and setting 450.status-security's exit status to 3 if it did. An
alternative would be to change the exit status of periodic(8) to be the
worst of its scripts' exit statuses, but that would be a more intrusive
change.
Reviewed by: brian
Differential Revision: https://reviews.freebsd.org/D10267
Diffstat (limited to 'etc')
| -rwxr-xr-x | etc/periodic/daily/450.status-security | 20 | ||||
| -rwxr-xr-x | etc/periodic/monthly/450.status-security | 20 | ||||
| -rwxr-xr-x | etc/periodic/weekly/450.status-security | 20 |
3 files changed, 39 insertions, 21 deletions
diff --git a/etc/periodic/daily/450.status-security b/etc/periodic/daily/450.status-security index 38a1c3c..31b6d4c 100755 --- a/etc/periodic/daily/450.status-security +++ b/etc/periodic/daily/450.status-security @@ -22,19 +22,25 @@ case "$daily_status_security_enable" in esac export security_output="${daily_status_security_output}" + rc=0 case "${daily_status_security_output}" in "") - rc=3;; + if tempfile=`mktemp ${TMPDIR:-/tmp}/450.status-security.XXXXXX` + then + periodic security > $tempfile || rc=3 + if [ -s "$tempfile" ]; then + cat "$tempfile" + rc=3 + fi + rm -f "$tempfile" + fi;; /*) echo " (output logged separately)" - rc=0;; + periodic security || rc=3;; *) echo " (output mailed separately)" - rc=0;; - esac - - periodic security || rc=3;; - + periodic security || rc=3;; + esac;; *) rc=0;; esac diff --git a/etc/periodic/monthly/450.status-security b/etc/periodic/monthly/450.status-security index 027c896..61e6b92 100755 --- a/etc/periodic/monthly/450.status-security +++ b/etc/periodic/monthly/450.status-security @@ -22,19 +22,25 @@ case "$monthly_status_security_enable" in esac export security_output="${monthly_status_security_output}" + rc=0 case "${monthly_status_security_output}" in "") - rc=3;; + if tempfile=`mktemp ${TMPDIR:-/tmp}/450.status-security.XXXXXX` + then + periodic security > $tempfile || rc=3 + if [ -s "$tempfile" ]; then + cat "$tempfile" + rc=3 + fi + rm -f "$tempfile" + fi;; /*) echo " (output logged separately)" - rc=0;; + periodic security || rc=3;; *) echo " (output mailed separately)" - rc=0;; - esac - - periodic security || rc=3;; - + periodic security || rc=3;; + esac;; *) rc=0;; esac diff --git a/etc/periodic/weekly/450.status-security b/etc/periodic/weekly/450.status-security index 513fbda..d224e44 100755 --- a/etc/periodic/weekly/450.status-security +++ b/etc/periodic/weekly/450.status-security @@ -22,19 +22,25 @@ case "$weekly_status_security_enable" in esac export security_output="${weekly_status_security_output}" + rc=0 case "${weekly_status_security_output}" in "") - rc=3;; + if tempfile=`mktemp ${TMPDIR:-/tmp}/450.status-security.XXXXXX` + then + periodic security > $tempfile || rc=3 + if [ -s "$tempfile" ]; then + cat "$tempfile" + rc=3 + fi + rm -f "$tempfile" + fi;; /*) echo " (output logged separately)" - rc=0;; + periodic security || rc=3;; *) echo " (output mailed separately)" - rc=0;; - esac - - periodic security || rc=3;; - + periodic security || rc=3;; + esac;; *) rc=0;; esac |
