d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
202,212 Commits 72 Branches 135 Tags 3.2 GiB
628683cb81
Commit Graph

14 Commits

Author SHA1 Message Date
Baptiste Daroussin
81e6fb172f Avoid installing security.functions with executable bits, periodic(8) will 
try to execute all files with an executable bit in /etc/periodic/*/ while
this file is supposed only to be sourced by others

MFC after:	1 week
 2014-11-05 06:42:07 +00:00
Warner Losh
c6063d0da8 Use src.opts.mk in preference to bsd.own.mk except where we need stuff 
from the latter.
 2014-05-06 04:22:01 +00:00
Baptiste Daroussin
c92d635ad3 After around 20 years of duty it is time for pkg_install to retire 2013-10-31 13:00:35 +00:00
Doug Barton
f09b508c66 Hook the 220.backup-pkgdb script I added to the build unconditionally 
Hook up 610.ipf6denied based on MK_IPFILTER as 510.ipfdenied is now

Poked by:	Andrzej Tobola <ato@iem.pw.edu.pl>
 2011-03-27 03:06:58 +00:00
Brooks Davis
7cdc1c0007 Add an (off by default) check for negative permissions (where the 
group on a object has less permissions that everyone).  These
permissions will not work reliably over NFS if you have more than
14 supplemental groups and are usually not what you mean.

MFC after:	1 week
 2010-11-13 00:40:43 +00:00
Xin LI
65a1c46588 Hide 460.chkportsum in MK_PKGTOOLS != no case. 
Submitted by:	Alex Kozlov <spam rm-rf kiev ua>
MFC after:	2 weeks
 2010-11-09 18:46:44 +00:00
Gabor Kovesdan
d8456aa881 - Add a periodic script, which can be used to find installed ports' files with 
mismatched checksum

PR:		conf/124641
Submitted by:	Alex Kozlov <spam@rm-rf.kiev.ua>
Approved by:	delphij (mentor)
 2010-07-19 20:19:14 +00:00
Sam Leffler
690f477d75 add new build knobs and jigger some existing controls to improve 
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd

Reviewed by:	various (posted to arch)
MFC after:	1 month
 2008-09-21 22:02:26 +00:00
Tom Rhodes
b5aea37f80 Add login.conf checking to periodic security scripts. If the login.conf file 
is not UID/GID 0, limits will be ignored and a strange error sent to auth.log.

Head nod:	ru, rwatson
 2006-08-25 07:34:36 +00:00
Max Laier
9277da52e1 Move etc/rc.firewall6 to ipfw2+v6, update related rc.d and periodic scripts. 
Since ipfw2 now does dual-stack, statistics for IPv6 come from the ipfw
scripts as well.
 2006-05-12 19:17:34 +00:00
Max Laier
66754ab3f1 Teach periodic(8) security output to display information about blocked 
packet counts by pf(4).

This adds a ``daily_status_security_pfdenied_enable'' variable to
periodic.conf, which defaults to ``YES'' as the matching IPF(W) versions.

The output will look like this (line wrapped):

  pf denied packets:
  > block drop log on rl0 proto tcp all [ Evaluations: 504986 Packets: 0
    Bytes: 0 States: 0 ]
  > block drop log on rl0 all [ Evaluations: 18559 Packets: 427 Bytes: 140578
    States: 0 ]

Submitted by:	clive (thanks a lot!)
MFC after:	2 weeks
 2004-11-24 18:41:53 +00:00
Thomas Quinot
77ee1b9798 Add newly-added sripts to FILES. 
Reviewed by:	roberto
 2002-10-25 15:23:26 +00:00
Ruslan Ermilov
bff0acee63 Install scripts via FILES (purposedly not via SCRIPTS that would 
strip the suffixes).
 2002-07-18 12:33:01 +00:00
Crist J. Clark
2204f3ce42 Long ago, there was just /etc/daily. Then /etc/security was split out 
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.

Reviewed by:	ru
Approved by:	ru
 2001-12-07 23:57:39 +00:00