summaryrefslogtreecommitdiffstats
path: root/etc/periodic
Commit message (Collapse)AuthorAgeFilesLines
* Add an (off by default) check for negative permissions (where thebrooks2010-11-132-0/+55
| | | | | | | | group on a object has less permissions that everyone). These permissions will not work reliably over NFS if you have more than 14 supplemental groups and are usually not what you mean. MFC after: 1 week
* Hide 460.chkportsum in MK_PKGTOOLS != no case.delphij2010-11-091-1/+4
| | | | | Submitted by: Alex Kozlov <spam rm-rf kiev ua> MFC after: 2 weeks
* - Change the threshold from 'running next scrub the <value+1>th day after thenetchild2010-08-251-3/+3
| | | | | | | | last one' to 'running next scrub the <value>th day after the last one'. - Improve wording. Requested by: jhell <jhell@DataIX.net> MFC after: 1 week
* Connect the new script 490.status-pkg-changes (see r210863)olli2010-08-101-0/+4
| | | | | | | to the build, so it gets actually installed. Approved by: des (mentor) MFC after: 17 days
* - Fixes to the chkportsum script to handle better some special cases,gabor2010-08-101-9/+9
| | | | | | | like spaces in filename Submitted by: Alex Kozlov <spam@rm-rf.kiev.ua> Approved by: delphij (mentor)
* Add a daily script to the periodic framework that reportsolli2010-08-051-0/+43
| | | | | | | | | | | | | | | | | | changes to the package database, i.e. any packages that have been added, updated or deleted in the past 24 hours. The format is intentionally simple and concise. That information is particularly useful on servers that are maintained by multiple administrators. When someone adds, updates or deletes a package, the others will see it in the daily periodic output. This script is disabled by default. PR: conf/113913 Submitted by: olli Approved by: des (mentor) MFC after: 3 weeks
* - Add a periodic script, which can be used to find installed ports' files withgabor2010-07-192-0/+69
| | | | | | | | mismatched checksum PR: conf/124641 Submitted by: Alex Kozlov <spam@rm-rf.kiev.ua> Approved by: delphij (mentor)
* - add the zfs scrub scriptnetchild2010-06-171-1/+5
| | | | | | | - move the zfs status script into the MK_ZFS conditional to respect WITHOUT_ZFS Noticed by: Andrzej Tobola <ato@iem.pw.edu.pl>
* Add a periodic zfs scrub script.netchild2010-06-151-0/+86
| | | | | | | | | | | | | | | | | Features: - configurable amount of days between scrubs (default value or per pool) - do not scrub directly after pool creation (respects the configured number of days between scrubs) - do not scrub if a scrub is in progress - tells how to see the status of the scrub - tells how many days since the last scrub if it skips the scrubbing - warns if a non-existent pool is specified explicitely (default: no pools specified -> all currently imported pools are handled) - runs late in the periodic run to not slow down the other periodic daily scripts Discussed on: fs@
* Add a new build option, MAN_UTILS. This option lets you control buildingjkim2010-05-191-1/+1
| | | | | | | | | utilities and related support files for manual pages, which were previously controlled by MAN. For POLA, the default depends on MAN, i.e., WITHOUT_MAN implies WITHOUT_MAN_UTILS and WITH_MAN implies WITH_MAN_UTILS. This patch is slightly improved by me from: PR: misc/145212
* Remove trailing white space. No functional changes.dougb2010-05-143-5/+5
|
* Let rc and periodic infrastructure and newsyslog use the utmpx files.ed2010-01-131-1/+1
|
* Silence warning printed by getfsspec(3) when /etc/fstab does not existcperciva2009-09-282-0/+6
| | | | | | | | | | | fstab: /etc/fstab:0: No such file or directory and from dump(8) when setfsent(3) fails due to /etc/fstab not existing: DUMP: Can't open /etc/fstab for dump table information: No such... This makes daily and security periodic runs somewhat cleaner in jails which lack /etc/fstab files. MFC after: 1 month
* Rather than using both -prune (which requires directory-first tree traversal)brian2009-06-021-4/+4
| | | | | | | | | | | | and -delete (which implies depth-first traversal), avoid using -delete in favour of -execdir. This has a side-effect of not removing directories that contain files, even if we delete all of those files, but IMHO that's a better option than specifying all possible local filesystem types in this script. PR: 122811 MFC after: 3 weeks
* Update this script so that it handles different ruleset failuresbrian2009-05-281-8/+12
| | | | | | | | | | differently. The output now shows the ruleset and shortens to slightly different text (using $daily_status_mail_rejects_shorten), but it should be more descriptive. PR: 35018 Inspired by: Mikhail Teterin - mi at aldan dot algebra dot com MFC after: 3 weeks
* Fix typo to install 400.status-pkg, again.ume2009-01-141-1/+1
|
* Sort `mount -p' output by name before checking for any differences.ed2008-10-251-1/+1
| | | | | | | | | | | | I noticed on a system at home that restarting named(8) causes the /var/named/dev mount to be moved to the bottom of the mount list, because it gets remounted. When I received the daily security email this morning, I was quite amazed to see that the security report listed the differences, while it was nothing out of the ordinary. If we just throw the `mount -p' output through sort(1), we'll only receive notifications about changes to mounts if something has really changed.
* add new build knobs and jigger some existing controls to improvesam2008-09-214-23/+80
| | | | | | | | control over the result of buildworld and installworld; this especially helps packaging systems such as nanobsd Reviewed by: various (posted to arch) MFC after: 1 month
* Improve periodic/security/550.ipfwlimit a bit:antoine2008-08-101-6/+3
| | | | | | | | | - don't run it if net.inet.ip.fw.verbose = 0 as it is pointless - handle rules without logging limit correctly [1] (those rules show up without logamount in "ipfw -a list") PR: conf/126060 [1] MFC after: 1 month
* Rev. 1.8 broke matching on lines where the failure mode is at the headmtm2008-06-301-1/+1
| | | | | | | | of the message, such as: Jun 30 10:49:21 rogue sshd[17553]: Invalid user iceman from 127.0.0.1 PR: conf/124569 Submitted by: Taku <taku@tekipaki.jp>
* Add a missing ;.remko2008-03-251-1/+1
| | | | | | | PR: misc/122069 Submitted by: taku@tekipaki.jp MFC after: 3 days Approved by: imp (mentor, implicit trivial change).
* Eliminate xargs in favor of find -exec {} +des2008-02-031-2/+1
|
* Rewrite to consume significantly less memory, by using find -s instead ofdes2008-02-021-16/+11
| | | | | | | | | | | | | find | sort. As a bonus, this simplifies the logic considerably. Also remove the bogus "overruning the args to ls" comment and the corresponding "-n 20" argument to xargs; the whole point with xargs is precisely that it knows how large the argument list can safely get. Note that the first run of the updated script may hypotheticall produce false positives due to differences between find's and sort's sorting algorithm. I haven't seen this during testing, but others might. MFC after: 2 weeks
* A new configuration variable, daily_status_mail_rejects_shorten, allowsdds2008-01-081-1/+8
| | | | | | | | the rejected mail reports to tally the rejects per blacklist without providing details about individual sender hosts. The default configuration keeps the reports in their original form. MFC after: 1 week
* Also check setuid executables on ZFS.ru2007-11-231-1/+1
|
* o Install 480.status-ntpd.maxim2007-05-141-0/+1
| | | | Pointed out by: Henrik Brix Anders
* o Add a script to check ntpd(8) state. Default is off.maxim2007-05-131-0/+28
| | | | | | PR: conf/112604 Submitted by: Oliver Fromme MFC after: 1 month
* Add ZFS periodic scripts that monitors status of ZFS pools.pjd2007-04-062-0/+37
| | | | Submitted by: des
* Only match on log messages containing fail,invalid,remko2007-02-231-1/+1
| | | | | | | | | | bad or illegal. This prevents matching on systems that have a name that matches the query. PR: conf/107560 Submitted by: Christian Laursen <cfsl at pil dot dk> MFC after: 3 days Approved by: imp (mentor)
* Move to the preferred syntax for nice (-n) insteadremko2007-02-231-1/+1
| | | | | | | | of the depricated one. PR: conf/108611 Submitted by: TAOKA Fumiyoshi <fmysh at iijmio-mail dot jp> Approved by: imp (mentor)
* Use egrep instead of grep so that reporting of login failures (brokenjdp2007-02-051-1/+1
| | | | | by revision 1.6) works again. This fix is already in RELENG_6, but was never committed to HEAD.
* The kvm_mkdb(8) is long dead.ru2006-08-292-51/+1
|
* Add login.conf checking to periodic security scripts. If the login.conf filetrhodes2006-08-252-0/+53
| | | | | | is not UID/GID 0, limits will be ignored and a strange error sent to auth.log. Head nod: ru, rwatson
* o Add missed $start variable in the grep statement back.maxim2006-06-111-1/+1
| | | | | | PR: conf/96658 Submitted by: James Snow MFC after: 1 week
* Move etc/rc.firewall6 to ipfw2+v6, update related rc.d and periodic scripts.mlaier2006-05-123-118/+0
| | | | | Since ipfw2 now does dual-stack, statistics for IPv6 come from the ipfw scripts as well.
* Fix output and exit status when daily_mailq_shorten is set to YESmatteo2006-03-081-6/+8
| | | | | PR: conf/93472 MFC after: 3
* Enhance loginfail: it will catch sshd, proftpd and su errors, as well as ↵matteo2006-03-051-1/+1
| | | | | | | | | other programs PR: conf/70973 Submitted by: Ryan Sommers" <ryans@gamersimpact.com> Approved by: philip (mentor) MFC after: 3 days
* Add periodic scripts that check the status of graid3(8), gstripe(8)brueffer2006-03-024-0/+105
| | | | | | and gconcat(8) devices, respectively. Approved by: rwatson (mentor)
* When there are no interesting information in output, exit with 0.matteo2006-02-071-3/+3
| | | | | | | PR: conf/92299 Submitted by: Petr Rehor <prehor@gmail.com> Approved by: philip (mentor) MFC after: 3 days
* o Add 406.status-gmirror, sort.maxim2006-01-211-1/+2
| | | | Submitted by: brueffer
* Add a daily script to show the status of gmirror(8) devices.wollman2006-01-131-0/+34
|
* Update the test for failed zone transfers to reflect BIND 9.3.1 semanticsdougb2005-11-221-10/+8
| | | | | | | | | | Simplify the shell scripting a bit, and remove a useless grep | sed The problem was pointed out by the PR, and I used part of the solution suggested there, but the semantics changed again for 9.2.x -> 9.3.x. PR: conf/74228 Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com>
* A new version of rev. 1.4: postpone a temporary file creationmaxim2005-09-111-1/+1
| | | | | | | | until we realize if ipfw(4) ever used. PR: bin/85970 Submitted by: Andre Albsmeier MFC after: 3 days
* Fix braino in last commit. Print nothing if ipfw(4) is not present.glebius2005-08-311-2/+2
|
* When looking for new lines in diff output, grep for '^[>+]' instead ofcperciva2005-08-221-1/+1
| | | | | | | '^>', in order to catch both normal and unified diffs. Problem reported by: volker at vwsoft dot com via -stable MFC after: 3 days
* - Correctly parse output, when logging amount is limited in theglebius2005-08-201-7/+15
| | | | | | | | | | rule itself, not in verbose_limit sysctl. [1] - Do check rules, even if verbose_limit is set 0. Rules may have their own log limits. PR: conf/77929 Submitted by: Andriy Gapon [1] Reviewed by: matteo
* Purge orphan catpages.ru2005-03-301-2/+2
| | | | | PR: conf/35242 Submitted by: Annihilator <annihilator.c@usa.net>
* Replace "ipfw l", which is now deprecated, with "ipfw list".ssouhlal2005-02-232-2/+2
| | | | Approved by: grehan (mentor)
* Don't do setuid checks on file systems mounted with noexec option.glebius2005-01-131-1/+1
| | | | | Reviewed by: brian, ru MFC after: 1 week
* Sed doesn't grok '[ \t]' -- it doesn't expand the \t :(brian2005-01-121-1/+1
| | | | | | | As there are no tabs in maillog, reduce the expression so that only spaces are used. Problem raised by: Leif Neland root at internet dot dk
OpenPOWER on IntegriCloud