summaryrefslogtreecommitdiffstats
path: root/etc/periodic
Commit message (Collapse)AuthorAgeFilesLines
* Remove 220.backup-distfile since it has been deleted.jhb2003-04-011-1/+0
| | | | | Reported by: mdodd Pointy hat to: jhb
* Complete removal of 320.rdist by removing its entry from periodic.conf andjhb2003-04-011-39/+0
| | | | | | | removing the related 220.backup-distfile script and associatd periodic.conf entry. Discussed with: obrien
* 320.rdist is OBE as we don't have rdist in the base system any more.obrien2003-03-291-1/+0
|
* This is OBE as we don't have rdist in the base system any longer.obrien2003-03-291-31/+0
|
* Do not do manually what sendmail(8) can do better automatically.wollman2003-01-081-25/+4
| | | | | Tell sendmail to clean up its own host status cache. The error condition handling could probably be done better.
* Add support for bzip2ed log files.se2003-01-053-3/+21
|
* Avoid using perl in the periodic & security scripts. This brings thekeramida2002-12-075-32/+37
| | | | | | base system one step closer to being totally perl-free. Approved by: re (jhb)
* Do not emit a message on stderr when one of the compared filesthomas2002-11-161-1/+1
| | | | | | | is shorter than the other. Reviewed by: roberto MFC after: 3 days
* Remove incorrect output redirection.thomas2002-11-161-1/+1
| | | | | | Reviewed by: roberto Committed from: EuroBSDCon Amsterdam MFC after: 3 days
* Add newly-added sripts to FILES.thomas2002-10-251-1/+3
| | | | Reviewed by: roberto
* Add a new /etc/periodic/security script to check for packetsthomas2002-10-251-0/+53
| | | | | | | | rejected by ipfilter (510.ipfdenied), and a corresponding periodic.conf knob (daily_status_security_ipfdenied_enable). Reviewed by: roberto Approved by: re@
* Factor out code across various /etc/periodic/security scripts into athomas2002-10-256-99/+101
| | | | | | | separate file, /etc/periodic/security/security.functions. Reviewed by: roberto (mentor) Approved by: re@
* When considering temporary files for deletion, don't examine the mtimejoerg2002-10-061-0/+1
| | | | | | | | | and atime only, but also the ctime. Otherwise, files extracted from tar or zip archives will immediately be declared stale since they've got their mtime reset to the original mtime. Reviewed by: brian MFC after: 1 week
* Add a pkg_version variable so that it's possible to run portsversion insteadbrian2002-09-251-1/+1
| | | | of pkg_version in periodic/weekly/400.status-pkg.
* Make it work with POSIX sort (POS arg).ache2002-09-245-5/+5
| | | | All old sorts understand -k too.
* Only create a temporary file if we are actually going to do somethingcjc2002-08-257-7/+7
| | | | | | | | | in the script. Eliminates a bug where we create a temp file, but don't delete it since the rm(1) is only done if the check is enabled. PR: bin/40960 Submitted by: frf <frf@xocolatl.com> MFC after: 3 days
* o Test and change to the correct directory, /var/spool/.hoststatschweikh2002-08-121-8/+5
| | | | | | | | o Bring if/then style in sync with /etc/rc scripts PR: conf/41570 Submitted by: Konstantin M Volevatch <cox@rosnet.ru> MFC after: 1 week
* If all file systems are marked nosuid, the line:gshapiro2002-08-031-8/+11
| | | | | | | | | | | | | | | MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort` sets ${MP} to an empty string so the next line: set ${MP} actually just dumps all of the shells variables to stdout (and therefore the security report). Fixed by surrounding the code which goes through the mounts with a test for an empty string before using ${MP}. Reviewed by: brian MFC after: 3 days
* Install scripts via FILES (purposedly not via SCRIPTS that wouldru2002-07-185-8/+5
| | | | strip the suffixes).
* s/${INSTALL} -c/${INSTALL} ${COPY}/ru2002-07-181-1/+1
|
* Mention that we're checking kernel log messages, even if there'sbrian2002-06-281-2/+2
| | | | | | | no output. PR: 39618 MFC after: 1 week
* Temporarily change our umask to 066 so that the potential creationbrian2002-05-171-0/+3
| | | | | | | | | | of wtmp.0 is done as mode 600. This ensures that tight permissions set in /etc/newsyslog.conf for wtmp logging aren't ``betrayed''. Suggested by: lumpy <lumpy@the.whole.net> MFC after: 3 days
* Change ``dmesg -a'' to ``dmesg''.brian2002-05-171-1/+1
| | | | | | | | | | | The change was introduced in src/etc/security 1.53 almost a year ago in an attempt to see ipfw deny message logs. However, ipfw deny/reject logs have been displayed since version 1.13 of the same file as a separate ``job'' and have since moved to src/etc/periodic/security/500.ipfwdenied. MFC after: 3 days
* Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}brian2002-05-177-7/+7
| | | | | Problem reported by: lumpy <lumpy@the.whole.net> MFC after: 3 days
* Return 3 unless $daily_status_security_enable != YES.brian2002-05-171-1/+1
| | | | | | Returning $? masks security output when ``periodic security'' is successful ! MFC after: 3 days
* Fix the output when daily_status_mailq_shorten is set to YESbrian2002-05-071-4/+4
| | | | | | PR: 23766 Mostly submitted by: lambert@ssabsd.csw.net MFC after: 3 days
* Remove leading whitespace from the setuid file lists.cjc2002-05-051-2/+2
| | | | | | | | | | | | | | Due to the way we run ls(1), through xargs(1), the leading whitespace can change even when the setuid files haven't. To avoid displaying these lines, we currently run diff(1) with the '-w' option. However, this is probably not the ideal way to go; there is a very, very small possibility for diff(1) to miss things is shouldn't. So, with the leading space cleaned, we can revert to the '-b' option which is "safer." PR: conf/37618 Reviewed by: brian MFC after: 3 days
* Handle .bz2 files created by newsyslogbrian2002-04-302-0/+7
| | | | | | PR: 37529 Partially submitted by: Peter Hollaubek <fifteen@inext.hu> MFC after: 1 week
* Update mail queue related periodic scripts to account for sendmail 8.12'sgshapiro2002-04-102-11/+30
| | | | | | | | | | | | | | | | | | | | clientmqueue (submit mail queue). The new mailq display is only active if both the old daily_status_mailq_enable is set to "YES" and the new daily_status_include_submit_mailq is set to "YES" so people who disabled 440.status-mailq won't have any surprises. Likewise, the new queue run is only active if both the old daily_queuerun_enable is set to "YES" and the new daily_submit_queuerun is set to "YES" so people who disabled 500.queuerun won't have any surprises. While I am here, remove the [ ! -d /var/spool/mqueue ] checks from both scripts as the queue directory isn't always /var/spool/mqueue for the main daemon -- it can be set to anything in the sendmail.cf file. MFC after: 1 week
* No need to explicitly check for both cases when using grep -i.rwatson2002-03-121-1/+1
|
* Update login failure checking to check auth.log instead of messages,rwatson2002-03-111-3/+3
| | | | | | and teach it to look for more general classes of failures, including SSH login failures. This is similar but not identical to a patch submitted by aeonflux@synapse.subneural.net.
* Environmental variable was not being passed to a subshell as intended.cjc2002-03-051-2/+2
| | | | | PR: bin/35558 Submitted by: Nicolas Rachinsky <list@rachinsky.de>
* Set rc=1 rather than 0 so that setting daily_show_success=YES masksbrian2002-02-131-1/+1
| | | | | | | | the output of all goes well. PR: 34825 Submitted by: Valentin Nechayev <netch@netch.kiev.ua> MFC after: 3 weeks
* Fix a stray character that found its way into a filename.cjc2001-12-141-1/+1
|
* Work around the bugfeature of test(1).ru2001-12-142-2/+2
| | | | PR: bin/32822
* Long ago, there was just /etc/daily. Then /etc/security was split outcjc2001-12-0714-19/+726
| | | | | | | | | | of /etc/daily. Some time later, /etc/daily became a set of periodic(8) scripts. Now, this evolution continues, and /etc/security has been broken into periodic(8) scripts to make local customization easier and more maintainable. Reviewed by: ru Approved by: ru
* Make sure the security check output includes a To: line in thesilby2001-11-281-1/+1
| | | | same way the daily run output does.
* Handle wtmp.0 being compressedbrian2001-11-201-5/+16
| | | | | | PR: 32113 Submitted by: Yar Tikhiy <yar@comp.chem.msu.su> MFC after: 1 week
* After further discussion on -CURRENT, some people (jhb) do not likecjc2001-11-141-2/+2
| | | | | | | | | the idea of not masking passwords on comments in case the administrator comments out an entry without clearing the password. Instead completely ignore comments (since they have no security impact) when doing the diff of the old and new passwd file. Suggested by: rwatson
* No need to hide stuff in the $FreeBSD$ tag or in other comments like,cjc2001-11-111-1/+1
| | | | | | | | | | Backup passwd and group files: 1c1 < # $FreeBSD:(password):09:07 peter Exp $ --- > # $FreeBSD:(password):27:16 ache Exp $ MFC after: 1 week
* UUCP removal Phase III.kris2001-10-015-120/+0
|
* Run the uustat command as the uucp user, not as root.kris2001-09-091-1/+1
|
* Remove $daily_status_named_logs and figure out which /var/log/messages*brian2001-07-261-46/+33
| | | | | | | | files to look an (in the same way that /etc/security does). Don't single-quote $start, reducing it to an empty string. MFC after: 3 days
* Don't try to remove directories unless we've emptied them firstbrian2001-07-191-1/+1
| | | | | | Submitted by: NIIMI Satoshi <sa2c@and.or.jp> PR: 28355 MFC after: 1 week
* Recognize and support new output which pkg_version(1) might produce.tobez2001-06-111-1/+2
| | | | | PR: 27707 Approved by: bmah, markm
* Small adjustment to whitespace in outputdougb2001-06-013-3/+3
|
* Remove vestiges of MFS.ru2001-06-011-5/+0
|
* Truly limit the path to local filesystems.dougb2001-05-311-2/+4
|
* Default daily_accounting_flags to -q. I thought this was a typo in thebrian2001-05-301-0/+5
| | | | | | | | originally submitted patch (oops!). Also check for an empty $daily_accounting_save. Submitted by: Udo Schweigert <Udo.Schweigert@cert.siemens.de>
* Add $daily_accounting_save and $daily_accounting_flagsbrian2001-05-301-9/+13
| | | | | Submitted by: Udo Schweigert <Udo.Schweigert@cert.siemens.de> MFC after: 2 weeks
OpenPOWER on IntegriCloud