The final product contains work from the originator, and
Florent Thoumie <florent.thoumie@gmail.com>. The final
product contains considerable re-working by me, so all
responsibility for bugs rests under my pointy hat.
PR: ports/145957
Submitted by: Eitan Adler <EitanAdlerList@gmail.com>
The old version had a race between the time that the old file was
cp'ed to acct.0 and the time that 'sa -s' was run that prevented
the commands that occurred in the meantime from being backed up.
It's also arguable that the old version was inefficient in using
cp which can be a problem on a space-constrained system.
This version avoids both problems, albeit it's considerably more
complicated. The advantage of putting the log rotation in the rc.d
script is that it can handle the _enable and _file questions without
having to do gymnastics to discover either value in the periodic script.
As a side effect of reviewing the rc.d script I cleaned it up a bit.
zpool the output causes the script to bail out with syntax errors.
Since a scrub of a faulted zpool is pointless, just skip over any pools
marked as such.
PR: conf/150228
Submitted by: jpaetzel
Approved by: kib (mentor)
MFC after: 3 days
MFC note: only for RELENG_8
group on a object has less permissions that everyone). These
permissions will not work reliably over NFS if you have more than
14 supplemental groups and are usually not what you mean.
MFC after: 1 week
changes to the package database, i.e. any packages that
have been added, updated or deleted in the past 24 hours.
The format is intentionally simple and concise.
That information is particularly useful on servers that
are maintained by multiple administrators. When someone
adds, updates or deletes a package, the others will see
it in the daily periodic output.
This script is disabled by default.
PR: conf/113913
Submitted by: olli
Approved by: des (mentor)
MFC after: 3 weeks
Features:
- configurable amount of days between scrubs (default value or per pool)
- do not scrub directly after pool creation (respects the configured
number of days between scrubs)
- do not scrub if a scrub is in progress
- tells how to see the status of the scrub
- tells how many days since the last scrub if it skips the scrubbing
- warns if a non-existent pool is specified explicitely
(default: no pools specified -> all currently imported pools are
handled)
- runs late in the periodic run to not slow down the other periodic daily
scripts
Discussed on: fs@
utilities and related support files for manual pages, which were previously
controlled by MAN. For POLA, the default depends on MAN, i.e., WITHOUT_MAN
implies WITHOUT_MAN_UTILS and WITH_MAN implies WITH_MAN_UTILS. This patch
is slightly improved by me from:
PR: misc/145212
fstab: /etc/fstab:0: No such file or directory
and from dump(8) when setfsent(3) fails due to /etc/fstab not existing:
DUMP: Can't open /etc/fstab for dump table information: No such...
This makes daily and security periodic runs somewhat cleaner in jails
which lack /etc/fstab files.
MFC after: 1 month
and -delete (which implies depth-first traversal), avoid using -delete in
favour of -execdir.
This has a side-effect of not removing directories that contain files,
even if we delete all of those files, but IMHO that's a better option
than specifying all possible local filesystem types in this script.
PR: 122811
MFC after: 3 weeks
differently. The output now shows the ruleset and shortens to
slightly different text (using $daily_status_mail_rejects_shorten),
but it should be more descriptive.
PR: 35018
Inspired by: Mikhail Teterin - mi at aldan dot algebra dot com
MFC after: 3 weeks
I noticed on a system at home that restarting named(8) causes the
/var/named/dev mount to be moved to the bottom of the mount list,
because it gets remounted. When I received the daily security email this
morning, I was quite amazed to see that the security report listed the
differences, while it was nothing out of the ordinary.
If we just throw the `mount -p' output through sort(1), we'll only
receive notifications about changes to mounts if something has really
changed.
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd
Reviewed by: various (posted to arch)
MFC after: 1 month
- don't run it if net.inet.ip.fw.verbose = 0 as it is pointless
- handle rules without logging limit correctly [1]
(those rules show up without logamount in "ipfw -a list")
PR: conf/126060 [1]
MFC after: 1 month
find | sort. As a bonus, this simplifies the logic considerably. Also
remove the bogus "overruning the args to ls" comment and the corresponding
"-n 20" argument to xargs; the whole point with xargs is precisely that it
knows how large the argument list can safely get.
Note that the first run of the updated script may hypotheticall produce
false positives due to differences between find's and sort's sorting
algorithm. I haven't seen this during testing, but others might.
MFC after: 2 weeks
the rejected mail reports to tally the rejects per blacklist without
providing details about individual sender hosts. The default configuration
keeps the reports in their original form.
MFC after: 1 week
bad or illegal. This prevents matching on systems that
have a name that matches the query.
PR: conf/107560
Submitted by: Christian Laursen <cfsl at pil dot dk>
MFC after: 3 days
Approved by: imp (mentor)
Simplify the shell scripting a bit, and remove a useless grep | sed
The problem was pointed out by the PR, and I used part of the solution
suggested there, but the semantics changed again for 9.2.x -> 9.3.x.
PR: conf/74228
Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com>
rule itself, not in verbose_limit sysctl. [1]
- Do check rules, even if verbose_limit is set 0. Rules may have
their own log limits.
PR: conf/77929
Submitted by: Andriy Gapon [1]
Reviewed by: matteo
reject. For example:
Checking for rejected mail hosts:
48 getherbalnow.info (451... resolve)
46 absorb.com (451... resolve)
4 tgmart01.codns.com (553... exist)
3 kali.com.cn (451... resolve)
2 genie.com (451... resolve)
1 zv.qy (553... exist)
1 zd.hinet.hr (553... exist)
....
The bit in parenthesis is the reject code and the last word on the line -
enough to give the admin a better chance of seeing real problems (hopefully!).
While I'm here, remove the "<" at the start of rejects coming from "from"
addresses without a name@ part.
I had to rewrite the patch given by the submitter as this script has been
sed'ified (used to be perl) and I think the reject code is useful....
PR: 17377
Idea from: root at ns dot internet dot dk
MFC after: 7 days
packet counts by pf(4).
This adds a ``daily_status_security_pfdenied_enable'' variable to
periodic.conf, which defaults to ``YES'' as the matching IPF(W) versions.
The output will look like this (line wrapped):
pf denied packets:
> block drop log on rl0 proto tcp all [ Evaluations: 504986 Packets: 0
Bytes: 0 States: 0 ]
> block drop log on rl0 all [ Evaluations: 18559 Packets: 427 Bytes: 140578
States: 0 ]
Submitted by: clive (thanks a lot!)
MFC after: 2 weeks
and atime only, but also the ctime. Otherwise, files extracted from
tar or zip archives will immediately be declared stale since they've
got their mtime reset to the original mtime.
Reviewed by: brian
MFC after: 1 week
in the script. Eliminates a bug where we create a temp file, but don't
delete it since the rm(1) is only done if the check is enabled.
PR: bin/40960
Submitted by: frf <frf@xocolatl.com>
MFC after: 3 days
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`
sets ${MP} to an empty string so the next line:
set ${MP}
actually just dumps all of the shells variables to stdout (and therefore
the security report). Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.
Reviewed by: brian
MFC after: 3 days
of wtmp.0 is done as mode 600.
This ensures that tight permissions set in /etc/newsyslog.conf for
wtmp logging aren't ``betrayed''.
Suggested by: lumpy <lumpy@the.whole.net>
MFC after: 3 days
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.
However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.
MFC after: 3 days
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."
PR: conf/37618
Reviewed by: brian
MFC after: 3 days
clientmqueue (submit mail queue).
The new mailq display is only active if both the old
daily_status_mailq_enable is set to "YES" and the new
daily_status_include_submit_mailq is set to "YES" so people who disabled
440.status-mailq won't have any surprises.
Likewise, the new queue run is only active if both the old
daily_queuerun_enable is set to "YES" and the new daily_submit_queuerun
is set to "YES" so people who disabled 500.queuerun won't have any
surprises.
While I am here, remove the [ ! -d /var/spool/mqueue ] checks from
both scripts as the queue directory isn't always /var/spool/mqueue for
the main daemon -- it can be set to anything in the sendmail.cf file.
MFC after: 1 week
