freebsd-dev/share/man/man5/periodic.conf.5

.\"-
.\" Copyright (c) 2000 Brian Somers <brian@Awfulhak.org>
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd June 22, 2000
.Dt PERIODIC.CONF 5
.Os
.Sh NAME
.Nm periodic.conf
.Nd periodic job configuration information
.Sh DESCRIPTION
The file
.Nm
contains a description of how daily, weekly and monthly system maintenance
jobs should run.
It resides in the
.Pa /etc/defaults
directory and parts may be overridden by a file of the same name in
.Pa /etc ,
which itself may be overridden by the
.Pa /etc/periodic.conf.local
file.
.Pp
.Nm
is actually sourced as a shell script from each of the periodic scripts
and is intended to simply provide default configuration variables.
.Pp
The following variables are used by
.Xr periodic 8
itself:
.Bl -tag -offset 4n -width 2n
.It Va local_periodic
.Pq Vt str
List of directories to search for periodic scripts.
This list is always prefixed with
.Pa /etc/periodic ,
and is only used when an argument to
.Xr periodic 8
is not an absolute directory name.
.It Va dir Ns No _output
.Pq Vt path No or Vt list
What to do with the output of the scripts executed from
the directory
.Ar dir .
If this variable is set to an absolute path name, output is logged to
that file, otherwise it is taken as one or more space separated email
addresses and mailed to those users.
If this variable is not set or is empty, output is sent to standard output.
.Pp
For an unattended machine, suitable values for
.Va daily_output ,
.Va weekly_output ,
and
.Va monthly_output
might be
.Dq /var/log/daily.log ,
.Dq /var/log/weekly.log ,
and
.Dq /var/log/monthly.log
respectively, as
.Xr newsyslog 8
will rotate these files (if they exists) at the appropriate times.
.It Va dir Ns No _show_success
.It Va dir Ns No _show_info
.It Va dir Ns No _show_badconfig
.Pq Vt bool
These variables control whether
.Xr periodic 8
will mask the output of the executed scripts based on their return code
(where
.Ar dir
is the base directory name in which each script resides).
If the return code of a script is
.Sq 0
and
.Va dir Ns No _show_success
is set to
.Dq NO ,
.Xr periodic 8
will mask the script's output.
If the return code of a script is
.Sq 1
and
.Va dir Ns No _show_info
is set to
.Dq NO ,
.Xr periodic 8
will mask the script's output.
If the return code of a script is
.Sq 2
and
.Va dir Ns No _show_badconfig
is set to
.Dq NO ,
.Xr periodic 8
will mask the script's output.
If these variables are set to neither
.Dq YES
nor
.Dq NO ,
they default to
.Dq YES ,
.Dq YES
and
.Dq NO
respectively.
.Pp
Refer to the
.Xr periodic 8
man page for how script return codes are interpreted.
.El
.Pp
The following variables are used by the standard scripts that reside in
.Pa /etc/periodic/daily :
.Bl -tag -offset 4n -width 2n
.It Va daily_clean_disks_enable
.Pq Vt bool
Set to
.Dq YES
if you want to remove all files matching
.Va daily_clean_disks_files
daily.
.It Va daily_clean_disks_files
.Pq Vt str
Set to a list of file names to match.
Wild cards are permitted.
.It Va daily_clean_disks_days
.Pq Vt num
When
.Va daily_clean_disks_enable
is set to
.Dq YES ,
this must also be set to the number of days old that a file's access
and modification times must be before it's deleted.
.It Va daily_clean_disks_verbose
.Pq Vt bool
Set to
.Dq YES
if you want the removed files to be reported in your daily output.
.It Va daily_clean_tmps_enable
.Pq Vt bool
Set to
.Dq YES
if you want to clear temporary directories daily.
.It Va daily_clean_tmps_dirs
.Pq Vt str
Set to the list of directories to clear if
.Va daily_clean_tmps_enable
is set to
.Dq YES .
.It Va daily_clean_tmps_days
.Pq Vt num
When
.Va daily_clean_tmps_enable
is set, this must also be set to the number of days old that a file's access
and modification times must be before it's deleted.
.It Va daily_clean_tmps_ignore
.Pq Vt str
Set to the list of files that should not be deleted when
.Va daily_clean_tmps_enable
is set to
.Dq YES .
Wild card characters are permitted.
.It Va daily_clean_tmps_verbose
.Pq Vt bool
Set to
.Dq YES
if you want the removed files to be reported in your daily output.
.It Va daily_clean_preserve_enable
.Pq Vt bool
Set to
.Dq YES
if you wish to remove old files from
.Pa /var/preserve .
.It Va daily_clean_preserve_days
.Pq Vt num
Set to the number of days that files must not have been modified before
they are deleted.
.It Va daily_clean_preserve_verbose
.Pq Vt bool
Set to
.Dq YES
if you want the removed files to be reported in your daily output.
.It Va daily_clean_msgs_enable
.Pq Vt bool
Set to
.Dq YES
if you wish old system messages to be purged.
.It Va daily_clean_msgs_days
.Pq Vt num
Set to the number of days that files must not have been modified before
they are deleted.
If this variable is left blank, the
.Xr msgs 1
default is used.
.It Va daily_clean_rwho_enable
.Pq Vt bool
Set to
.Dq YES
if you wish old files in
.Pa /var/who
to be purged.
.It Va daily_clean_rwho_days
.Pq Vt num
Set to the number of days that files must not have been modified before
they are deleted.
.It Va daily_clean_rwho_verbose
.Pq Vt bool
Set to
.Dq YES
if you want the removed files to be reported in your daily output.
.It Va daily_clean_hoststat_enable
.Pq Vt bool
Set to
.Dq YES
if you wish old files in
.Pa /var/spool/.hoststat
to be purged.
.It Va daily_clean_hoststat_days
.Pq Vt num
Set to the number of days that files must not have been modified before
they are deleted.
.It Va daily_clean_hoststat_verbose
.Pq Vt bool
Set to
.Dq YES
if you want the removed files to be reported in your daily output.
.It Va daily_backup_passwd_enable
.Pq Vt bool
Set to
.Dq YES
if you want the
.Pa /etc/master.passwd
and
.Pa /etc/group
files backed up and reported on.
Reporting consists of checking both files for modifications and running
.Xr chkgrp 8
on the
.Pa group
file.
.It Va daily_backup_aliases_enable
.Pq Vt bool
Set to
.Dq YES
if you want the
.Pa /etc/mail/aliases
file backed up and modifications to be displayed in your daily output.
.It Va daily_backup_distfile_enable
.Pq Vt bool
Set to
.Dq YES
if you want the
.Pa /etc/Distfile
file backed up and modifications to be displayed in your daily output.
.It Va daily_calendar_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Ic calendar -a
daily.
.It Va daily_accounting_enable
.Pq Vt bool
Set to
.Dq YES
if you want to rotate your daily accounting files.
No rotations are necessary unless
.Va accounting_enable
is enabled in
.Xr rc.conf 5 .
.It Va daily_accounting_compress
.Pq Vt bool
Set to
.Dq YES
if you want your daily accounting files to be compressed using
.Xr gzip 1 .
.It Va daily_accounting_save
.Pq Vt num
When
.Va daily_accounting_enable
is set, this may also be set to the number of daily accounting files that are
to be saved.
The default is
.Dq 3 .
.It Va daily_accounting_flags
.Pq Vt str
Set to the arguments to pass to the
.Xr sa 8
utility (in addition to
.Fl s )
when
.Va daily_accounting_enable
is set to
.Dq YES .
The default is
.Fl q .
.It Va daily_distfile_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Xr rdist 1
daily.
The
.Pa /etc/Distfile
file must also exist.
.It Va daily_news_expire_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Pa /etc/news.expire .
.It Va daily_status_disks_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Xr df 1
(with the arguments supplied in
.Va daily_status_disks_df_flags )
and
.Ic dump -W .
.It Va daily_status_disks_df_flags
.Pq Vt str
Set to the arguments for the
.Xr df 1
utility when
.Va daily_status_disks_enable
is set to
.Dq YES .
.It Va daily_status_network_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Ic netstat -i .
.It Va daily_status_network_usedns
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Xr netstat 1
without the
.Fl n
option (to do DNS lookups).
.It Va daily_status_rwho_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Xr uptime 1
(or
.Xr ruptime 1
if
.Va rwhod_enable
is set to
.Dq YES
in
.Pa /etc/rc.conf ) .
.It Va daily_status_mailq_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Xr mailq 1 .
.It Va daily_status_mailq_shorten
.Pq Vt bool
Set to
.Dq YES
if you want to shorten the
.Nm mailq
output when
.Va daily_status_mailq_enable
is set to
.Dq YES .
.It Va daily_status_security_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run the security check.
The security check is another set of
.Xr periodic 8
scripts.
The system defaults are in
.Pa /etc/periodic/security .
Local scripts should be placed in
.Pa /usr/local/etc/periodic/security .
See the
.Xr periodic 8
manual page for more information.
.It Va daily_status_security_inline
.Pq Vt bool
Set to
.Dq YES
if you want the security check output inline.
The default is to either mail or log the output according to the value of
.Va daily_status_security_output .
.It Va daily_status_security_output
.Pq Vt str
Where to send the output of the security check if
.Va daily_status_security_inline
is set to
.Dq NO .
This variable behaves in the same way as the
.Va *_output
variables above, namely it can be set either to one or more email addresses
or to an absolute file name.
.It Va daily_status_security_chksetuid_enable
.Pq Vt bool
Set to
.Dq YES
to compare the modes and modification times of setuid executables with
the previous day's values.
.It Va daily_status_security_chkmounts_enable
.Pq Vt bool
Set to
.Dq YES
to check for changes mounted filesystems to the previous day's values.
.It Va daily_status_security_noamd
.Pq Vt bool
Set to
.Dq YES
if you want to ignore
.Xr amd 8
mounts when comparing against yesterdays filesystem mounts in the
.Va daily_status_security_chkmounts_enable
check.
.It Va daily_status_security_chkuid0_enable
.Pq Vt bool
Set to
.Dq YES
to check
.Pa /etc/master.passwd
for accounts with uid 0.
.It Va daily_status_security_passwdless_enable
.Pq Vt bool
Set to
.Dq YES
to check
.Pa /etc/master.passwd
for accounts with empty passwords.
.It Va daily_status_security_ipfwdenied_enable
.Pq Vt bool
Set to
.Dq YES
to show log entries for packets denied by
.Xr ipfw 8
since yesterday's check.
.It Va daily_status_security_ipfwlimit_enable
.Pq Vt bool
Set to
.Dq YES
to display
.Xr ipfw 8
rules that have reached their verbosity limit.
.It Va daily_status_security_ip6fwdenied_enable
.Pq Vt bool
Set to
.Dq YES
to show log entries for packets denied by
.Xr ip6fw 8
since yesterday's check.
.It Va daily_status_security_ip6fwlimit_enable
.Pq Vt bool
Set to
.Dq YES
to display
.Xr ip6fw 8
rules that have reached their verbosity limit.
.It Va daily_status_security_kernelmsg_enable
.Pq Vt bool
Set to
.Dq YES
to show new
.Xr dmesg 8
entries since yesterday's check.
.It Va daily_status_security_loginfail_enable
.Pq Vt bool
Set to
.Dq YES
to display failed logins from
.Pa /var/log/messages
in the previous day.
.It Va daily_status_security_tcpwrap_enable
.Pq Vt bool
Set to
.Dq YES
to display connections denied by tcpwrappers (see
.Xr hosts_access 5 )
from
.Pa /var/log/messages
during the previous day.
.It Va daily_status_mail_rejects_enable
.Pq Vt bool
Set to
.Dq YES
if you want to summarise mail rejections logged to
.Pa /var/log/maillog
for the previous day.
.It Va daily_status_mail_rejects_logs
.Pq Vt num
Set to the number of maillog files that should be checked
for yesterday's mail rejects.
.It Va daily_status_named_enable
.Pq Vt bool
Set to
.Dq YES
if you want to summarise denied zone transfers (AXFR and IXFR)
for the previous day.
.It Va daily_status_named_usedns
.Pq Vt bool
Set to
.Dq YES
if you want to enable reverse DNS lookups.
.It Va daily_queuerun_enable
.Pq Vt bool
Set to
.Dq YES
if you want to manually run the mail queue at least once a day.
.It Va daily_local
.Pq Vt str
Set to a list of extra scripts that should be run after all other
daily scripts.
All scripts must be absolute path names.
.El
.Pp
The following variables are used by the standard scripts that reside in
.Pa /etc/periodic/weekly :
.Bl -tag -offset 4n -width 2n
.It Va weekly_clean_kvmdb_enable
.Pq Vt bool
Set to
.Dq YES
if you want to purge old
.Pa /var/db/kvm_*.db
files.
The kvm file for the current kernel will not be purged.
.It Va weekly_clean_kvmdb_days
.Pq Vt num
Set to the number of days that the file must not have been accessed
before being deleted.
.It Va weekly_clean_kvmdb_verbose
.Pq Vt bool
Set to
.Dq YES
if you want the removed files to be reported in your weekly output.
.It Va weekly_locate_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Pa /usr/libexec/locate.updatedb .
This script is run using
.Ic nice -5
as user
.An nobody ,
and generates the table used by the
.Xr locate 1
command.
.It Va weekly_whatis_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Pa /usr/libexec/makewhatis.local .
This script regenerates the database used by the
.Xr apropos 1
command.
.It Va weekly_catman_enable
.Pq Vt bool
Set to
.Dq YES
if you want to run
.Pa /usr/libexec/catman.local .
This script processes all out of date man pages, speeding up the
.Xr man 1
command at the expense of disk space.
.It Va weekly_noid_enable
.Pq Vt bool
Set to
.Dq YES
if you want to locate orphaned files on the system.
An orphaned file is one with an invalid owner or group.
.It Va weekly_noid_dirs
.Pq Vt str
A list of directories under which orphaned files are searched for.
This would usually be set to
.Pa / .
.It Va weekly_status_pkg_enable
.Pq Vt bool
Set to
.Dq YES
if you want to use
.Xr pkg_version 1
to list installed packages which are out of date.
.It Va weekly_local
.Pq Vt str
Set to a list of extra scripts that should be run after all other
weekly scripts.
All scripts must be absolute path names.
.El
.Pp
The following variables are used by the standard scripts that reside in
.Pa /etc/periodic/monthly :
.Bl -tag -offset 4n -width 2n
.It Va monthly_accounting_enable
.Pq Vt bool
Set to
.Dq YES
if you want to do login accounting using the
.Xr ac 8
command.
.It Va monthly_local
.Pq Vt str
Set to a list of extra scripts that should be run after all other
monthly scripts.
All scripts must be absolute path names.
.El
.Sh FILES
.Bl -tag -width /etc/defaults/periodic.conf
.It Pa /etc/defaults/periodic.conf
The default configuration file.
This file contains all default variables and values.
.It Pa /etc/periodic.conf
The usual system specific variable override file.
.It Pa /etc/periodic.conf.local
An additional override file, useful when
.Pa /etc/periodic.conf
is shared or distributed.
.El
.Sh SEE ALSO
.Xr apropos 1 ,
.Xr calendar 1 ,
.Xr df 1 ,
.Xr gzip 1 ,
.Xr locate 1 ,
.Xr man 1 ,
.Xr msgs 1 ,
.Xr netstat 1 ,
.Xr nice 1 ,
.Xr pkg_version 1 ,
.Xr rdist 1 ,
.Xr rc.conf 5 ,
.Xr ac 8 ,
.Xr chkgrp 8 ,
.Xr dump 8 ,
.Xr newsyslog 8 ,
.Xr periodic 8
.Sh HISTORY
The
.Nm
file appeared in
.Fx 4.1 .
.Sh AUTHORS
.An Brian Somers Aq brian@Awfulhak.org .