Joerg Wunsch
6e84ba78c1
When considering temporary files for deletion, don't examine the mtime
...
and atime only, but also the ctime. Otherwise, files extracted from
tar or zip archives will immediately be declared stale since they've
got their mtime reset to the original mtime.
Reviewed by: brian
MFC after: 1 week
2002-10-06 18:48:20 +00:00
Brian Somers
df93d794dc
Add a pkg_version variable so that it's possible to run portsversion instead
...
of pkg_version in periodic/weekly/400.status-pkg.
2002-09-25 03:01:42 +00:00
Andrey A. Chernov
15897030c6
Make it work with POSIX sort (POS arg).
...
All old sorts understand -k too.
2002-09-24 18:53:46 +00:00
Crist J. Clark
10f23b4ad0
Only create a temporary file if we are actually going to do something
...
in the script. Eliminates a bug where we create a temp file, but don't
delete it since the rm(1) is only done if the check is enabled.
PR: bin/40960
Submitted by: frf <frf@xocolatl.com>
MFC after: 3 days
2002-08-25 04:09:17 +00:00
Jens Schweikhardt
f017edb1bf
o Test and change to the correct directory, /var/spool/.hoststat
...
o Bring if/then style in sync with /etc/rc scripts
PR: conf/41570
Submitted by: Konstantin M Volevatch <cox@rosnet.ru>
MFC after: 1 week
2002-08-12 11:09:01 +00:00
Gregory Neil Shapiro
b31d4126e3
If all file systems are marked nosuid, the line:
...
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`
sets ${MP} to an empty string so the next line:
set ${MP}
actually just dumps all of the shells variables to stdout (and therefore
the security report). Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.
Reviewed by: brian
MFC after: 3 days
2002-08-03 22:33:34 +00:00
Ruslan Ermilov
bff0acee63
Install scripts via FILES (purposedly not via SCRIPTS that would
...
strip the suffixes).
2002-07-18 12:33:01 +00:00
Ruslan Ermilov
0b87f79976
s/${INSTALL} -c/${INSTALL} ${COPY}/
2002-07-18 12:07:49 +00:00
Brian Somers
103efc95e8
Mention that we're checking kernel log messages, even if there's
...
no output.
PR: 39618
MFC after: 1 week
2002-06-28 10:32:18 +00:00
Brian Somers
9e280368ad
Temporarily change our umask to 066 so that the potential creation
...
of wtmp.0 is done as mode 600.
This ensures that tight permissions set in /etc/newsyslog.conf for
wtmp logging aren't ``betrayed''.
Suggested by: lumpy <lumpy@the.whole.net>
MFC after: 3 days
2002-05-17 14:05:08 +00:00
Brian Somers
740b91b560
Change `dmesg -a'' to
`dmesg''.
...
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.
However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.
MFC after: 3 days
2002-05-17 13:38:36 +00:00
Brian Somers
db1d04d6d9
Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}
...
Problem reported by: lumpy <lumpy@the.whole.net>
MFC after: 3 days
2002-05-17 11:34:12 +00:00
Brian Somers
afa3985979
Return 3 unless $daily_status_security_enable != YES.
...
Returning $? masks security output when ``periodic security'' is successful !
MFC after: 3 days
2002-05-17 11:31:45 +00:00
Brian Somers
9472aac628
Fix the output when daily_status_mailq_shorten is set to YES
...
PR: 23766
Mostly submitted by: lambert@ssabsd.csw.net
MFC after: 3 days
2002-05-07 13:11:05 +00:00
Crist J. Clark
f5a8f1482c
Remove leading whitespace from the setuid file lists.
...
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."
PR: conf/37618
Reviewed by: brian
MFC after: 3 days
2002-05-05 00:59:37 +00:00
Brian Somers
ee9336d9b7
Handle .bz2 files created by newsyslog
...
PR: 37529
Partially submitted by: Peter Hollaubek <fifteen@inext.hu>
MFC after: 1 week
2002-04-30 17:07:32 +00:00
Gregory Neil Shapiro
14a349d554
Update mail queue related periodic scripts to account for sendmail 8.12's
...
clientmqueue (submit mail queue).
The new mailq display is only active if both the old
daily_status_mailq_enable is set to "YES" and the new
daily_status_include_submit_mailq is set to "YES" so people who disabled
440.status-mailq won't have any surprises.
Likewise, the new queue run is only active if both the old
daily_queuerun_enable is set to "YES" and the new daily_submit_queuerun
is set to "YES" so people who disabled 500.queuerun won't have any
surprises.
While I am here, remove the [ ! -d /var/spool/mqueue ] checks from
both scripts as the queue directory isn't always /var/spool/mqueue for
the main daemon -- it can be set to anything in the sendmail.cf file.
MFC after: 1 week
2002-04-10 03:58:40 +00:00
Robert Watson
2e1fc052bc
No need to explicitly check for both cases when using grep -i.
2002-03-12 21:44:33 +00:00
Robert Watson
cd9281b380
Update login failure checking to check auth.log instead of messages,
...
and teach it to look for more general classes of failures, including
SSH login failures. This is similar but not identical to a patch
submitted by aeonflux@synapse.subneural.net .
2002-03-11 19:39:08 +00:00
Crist J. Clark
90bbf5454c
Environmental variable was not being passed to a subshell as intended.
...
PR: bin/35558
Submitted by: Nicolas Rachinsky <list@rachinsky.de>
2002-03-05 19:13:05 +00:00
Brian Somers
55ade43025
Set rc=1 rather than 0 so that setting daily_show_success=YES masks
...
the output of all goes well.
PR: 34825
Submitted by: Valentin Nechayev <netch@netch.kiev.ua>
MFC after: 3 weeks
2002-02-13 19:10:07 +00:00
Crist J. Clark
d15413fe2f
Fix a stray character that found its way into a filename.
2001-12-14 22:25:04 +00:00
Ruslan Ermilov
ac47c95eea
Work around the bugfeature of test(1).
...
PR: bin/32822
2001-12-14 08:58:21 +00:00
Crist J. Clark
2204f3ce42
Long ago, there was just /etc/daily. Then /etc/security was split out
...
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.
Reviewed by: ru
Approved by: ru
2001-12-07 23:57:39 +00:00
Mike Silbersack
b5c013b6b9
Make sure the security check output includes a To: line in the
...
same way the daily run output does.
2001-11-28 04:07:03 +00:00
Brian Somers
6eb9bd2d1f
Handle wtmp.0 being compressed
...
PR: 32113
Submitted by: Yar Tikhiy <yar@comp.chem.msu.su>
MFC after: 1 week
2001-11-20 15:01:24 +00:00
Crist J. Clark
6d852b5bdb
After further discussion on -CURRENT, some people (jhb) do not like
...
the idea of not masking passwords on comments in case the
administrator comments out an entry without clearing the
password. Instead completely ignore comments (since they have no
security impact) when doing the diff of the old and new passwd file.
Suggested by: rwatson
2001-11-14 09:30:01 +00:00
Crist J. Clark
c2f9738fda
No need to hide stuff in the $FreeBSD$ tag or in other comments like,
...
Backup passwd and group files:
1c1
< # $FreeBSD:(password):09:07 peter Exp $
---
> # $FreeBSD:(password):27:16 ache Exp $
MFC after: 1 week
2001-11-11 07:15:19 +00:00
Kris Kennaway
7080a34335
UUCP removal Phase III.
2001-10-01 06:27:44 +00:00
Kris Kennaway
77fb35234d
Run the uustat command as the uucp user, not as root.
2001-09-09 05:53:01 +00:00
Brian Somers
c5f947aa7f
Remove $daily_status_named_logs and figure out which /var/log/messages*
...
files to look an (in the same way that /etc/security does).
Don't single-quote $start, reducing it to an empty string.
MFC after: 3 days
2001-07-26 02:37:12 +00:00
Brian Somers
cce7f73d72
Don't try to remove directories unless we've emptied them first
...
Submitted by: NIIMI Satoshi <sa2c@and.or.jp>
PR: 28355
MFC after: 1 week
2001-07-19 12:08:24 +00:00
Anton Berezin
33ea028f0f
Recognize and support new output which pkg_version(1) might produce.
...
PR: 27707
Approved by: bmah, markm
2001-06-11 21:31:50 +00:00
Doug Barton
ebb4c1b9a4
Small adjustment to whitespace in output
2001-06-01 16:40:57 +00:00
Ruslan Ermilov
0b381bf1fd
Remove vestiges of MFS.
2001-06-01 10:07:28 +00:00
Doug Barton
311176d1c5
Truly limit the path to local filesystems.
2001-05-31 09:53:53 +00:00
Brian Somers
f8fb1acb36
Default daily_accounting_flags to -q. I thought this was a typo in the
...
originally submitted patch (oops!).
Also check for an empty $daily_accounting_save.
Submitted by: Udo Schweigert <Udo.Schweigert@cert.siemens.de>
2001-05-30 20:23:43 +00:00
Brian Somers
c4d5bb5129
Add $daily_accounting_save and $daily_accounting_flags
...
Submitted by: Udo Schweigert <Udo.Schweigert@cert.siemens.de>
MFC after: 2 weeks
2001-05-30 16:46:53 +00:00
Dirk Froemberg
2828b33147
Add 470.status-named.
...
Reminded by: gshapiro
2001-05-11 09:32:48 +00:00
Josef Karthauser
dc9c693750
Remind the user that they need to check CPAN manually for updates
...
to perl5 modules installed by hand.
2001-04-28 16:15:50 +00:00
Ruslan Ermilov
2c1f07ae14
Fixed typo.
...
PR: bin/26836
Submitted by: Matthew Seaman <matthew.seaman@tornadogroup.com>
2001-04-25 12:11:54 +00:00
Dirk Froemberg
56f25ab092
Check for denied zone transfers (AXFR and IXFR).
2001-04-21 22:36:30 +00:00
Brian Somers
a1f792ba64
Identify obsolete ports
2001-03-25 11:35:22 +00:00
Ruslan Ermilov
afcf05e46a
setlocale(3) has been fixed to match POSIX standard:
...
LC_ALL takes precedence over other LC_* envariables.
2001-03-02 16:52:14 +00:00
Andrey A. Chernov
fa94f1388d
Add 500.queuerun
2001-02-19 07:12:37 +00:00
Peter Wemm
6edba32695
Move the sendmail -q from cron to periodic, as suggested by a few people.
...
This has the benefit of adding a random start time element as daily
processing takes a different amount of time on different machines.
2001-02-19 02:47:42 +00:00
Brian Somers
afcf65b56b
Allow the output of /etc/security to be logged or mailed to different
...
users in line with ${daily,weekly,monthly}_output using a new
$daily_status_security_output variable.
PR: 24643
2001-01-30 10:24:18 +00:00
Brian Somers
542e394c1c
Cope with ports that have multiple versions *and* have embedded ``-''s
...
in their name.
2001-01-02 15:17:59 +00:00
Brian Somers
7d9e9f8884
Understand ``multiple versions'' lines emitted from pkg_version.
2001-01-02 13:28:47 +00:00
Brian Somers
f02b264114
Handle multiple words in $daily_clean_disks_files
...
PR: 23805
Submitted mostly by: Norbert Papke <npapke@telus.net>
2000-12-24 03:22:45 +00:00
Doug Barton
9fc9ecb643
Finish the job of conditionalizing UUCP by preventing files in /etc/uucp
...
from being installed, and make rmail conditional on neither of
NO_SENDMAIL and NOUUCP.
PR: bin/21321
Submitted by: Me
2000-10-29 06:57:59 +00:00
Brian Somers
0655ee8d72
Case is irrelevant when sorting mail redirects
...
PR: 21600
Submitted by: David Wolfskill <dhw@whistle.com>
2000-10-02 21:54:38 +00:00
Brian Somers
ca60fa1ad6
Remove a forgotten line
...
Submitted by: Philipp Mergenthaler <un1i@rz.uni-karlsruhe.de>
2000-09-22 06:54:28 +00:00
Brian Somers
9ed55d1192
Another overhaul of the periodic stuff.
...
All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8). Output may be masked based on variable values in
periodic.conf.
It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.
The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).
PR: 21250
2000-09-14 17:19:15 +00:00
Brian Somers
bf9263a3e2
Correct variable spelling
...
PR: 20841
2000-08-25 18:50:54 +00:00
Gregory Neil Shapiro
2216e2a2cd
Complete migration of aliases file to /etc/mail/aliases.
...
The maintainers of share/examples/diskless/README.TEMPLATING and mergemaster
have been contacted so those may be updated as well.
2000-08-13 18:38:58 +00:00
Brian Somers
3a5cb44818
Correct dodgy wild card expansion
...
PR: 20514
2000-08-10 10:58:44 +00:00
Sheldon Hearn
afc3b53891
Introduce a new option, daily_status_disks_df_flags, which specifies
...
the command-line arguments to be used for the call to df(1) when
daily_status_disks_enable is set to YES.
The name of the new variable was chosen by the maintainer of our
periodic hierarchy, Brian Somers.
PR: 19631
2000-07-05 10:47:01 +00:00
Brian Somers
2d60050a94
Add $daily_status_mail_rejects_logs, defaulting to 3 to control
...
how many /var/log/maillog* files to check
PR: 19587
2000-06-30 09:41:16 +00:00
Brian Somers
7c26f8927b
Correct two variable names
...
Mostly submitted by: howardjp@wam.umd.edu
PR: 19567
2000-06-30 09:39:51 +00:00
Josef Karthauser
ae8ac23395
Added 400.status-pkg.
...
Forgotten by: brian
2000-06-28 14:37:22 +00:00
Brian Somers
0ae3b944b5
Add weekly_status_pkg_enable (defaults to NO)
2000-06-27 11:20:08 +00:00
Brian Somers
1a36977ec2
Allow compressed acct files
...
PR: 19483
Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-06-25 08:59:26 +00:00
Brian Somers
126bc2411c
daily_status_network_enable -> daily_status_network_usedns
...
Submitted by: Alexander Leidinger <Alexander@leidinger.net>
2000-06-23 12:33:16 +00:00
Brian Somers
f3e285ba7d
Introduce /etc/defaults/periodic.conf, similar in concept to rc.conf.
...
The only change in the default functionality should be that
the output reports are slightly more verbose WRT files deleted.
Not objected to by: freebsd-arch
2000-06-23 01:18:31 +00:00
Brian Somers
008c5376df
Use $clear_daily_* from rc.conf to decide what should be deleted
...
Reviewed by: The silence of -committers
2000-06-09 17:05:11 +00:00
Brian Somers
335844a6c3
Clean /tmp and /var/tmp if $clear_tmp_enable is set to YES in rc.conf
...
Clean /compat/linux/tmp if $linux_enable is also set to YES in rc.conf
2000-06-08 08:48:15 +00:00
David E. O'Brien
072229cdbb
Revert to rev 1.3 since the sed'ing is wrong. Revisit this after 4.0-RELEASE.
2000-01-27 22:52:43 +00:00
David E. O'Brien
c95a5e9ebd
Update the sed action to match the change to "diff -u".
...
Otherwise the encrypted password of any account who's information changed
was shown in the daily email to root.
Submitted by: jhb
2000-01-20 03:12:57 +00:00
David E. O'Brien
4b99719cb0
Use the *much* more readable unified diff format.
1999-12-28 21:38:12 +00:00
Andrey A. Chernov
6e31a7f7fc
Use manpath -L for man locales
1999-11-23 03:21:19 +00:00
Guy Helmer
c12c023aa4
"make install" did not install 150.clean-hoststat.
...
PR: bin/12497
1999-11-04 03:00:33 +00:00
Andrey A. Chernov
77adc291c6
localize it
...
Submitted by: "Alexey Zelkin" <phantom@crimea.edu>
1999-09-11 18:55:02 +00:00
Peter Wemm
9b7a44a60e
$Id$ -> $FreeBSD$
1999-08-27 23:37:10 +00:00
Sheldon Hearn
e9ebca08d7
Update the locate database even if user nobody can't stat root's
...
home directory.
PR: 10700
Submitted by: Sergey Korsak <skif@1plus1.net>
1999-06-21 18:36:18 +00:00
Brian Somers
cf2df276f9
Don't delete quota files when clean-tmps is enabled.
1999-06-10 00:34:15 +00:00
Garrett Wollman
94678b53d5
Remove remaining traces of the prototype...
1999-03-30 15:31:35 +00:00
Garrett Wollman
960b7106f5
Clean up persistent host status from sendmail(8) (if so configured).
...
I had accumulated years' worth of junk files; now others won't
have to.
1999-03-30 15:30:44 +00:00
Joerg Wunsch
0e20a72001
Finally remove the ancient `-exec rm -f {} ;' cruft that used to be
...
used to cleanup old files, and replace it by -delete which has been
present in our find(1) for ages now.
1999-03-21 12:34:06 +00:00
Garrett Wollman
19f1101052
Now that newsyslog is capable of doing this at a specific time,
...
let it rotate /var/log/wtmp again, and update monthly/200.accounting to
take this into account. (Some sites might want to change the parameters
of the rotation; it's easier to do this when it's all centralized in
newsyslog.conf.)
1999-01-28 20:03:31 +00:00
Bill Fumerola
0a54a0549a
UUCP Cleanup should be done by the UUCP user.
...
PR: bin/7749
Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua>
1999-01-01 21:07:39 +00:00
Joerg Wunsch
3dc4ead535
Avoid the ``ruptime: no hosts in /var/rwho.'' message by not calling
...
rwho iff /var/rwho is empty. Call `uptime' instead. This doesn't
belong under `network' right away, but at least reports the same
informaton about the local system. rwhod is not turned on by default
(for good reason), and i've already seen too many of the above
messages...
1998-10-06 09:46:46 +00:00
David E. O'Brien
be0cde6f10
Remove useless `BINOWN=root' now that it is the default.
1998-09-19 22:42:06 +00:00
Bruce Evans
326f1e2f2f
Fixed double slashes in a pathname.
...
Fixed some style bugs. Ensure no creation of an obj directory so that
we don't need to chdir before installing.
1998-05-31 11:38:25 +00:00
Dag-Erling Smørgrav
1d70d1dd0a
Add a chkgrp run after backing up the passwd and group files.
...
Suggested-by: Andreas Klemm
1998-05-24 15:57:31 +00:00
Dag-Erling Smørgrav
03d4e44189
Changed /usr/sbin/mailq to /usr/bin/mailq
1998-04-17 22:53:59 +00:00
Daniel O'Callaghan
8e525b0803
PR: 1708, 5448
...
Reviewed by: Alex Nash, Steve Price
Enhance wtmp monthly handling
1998-02-09 11:36:43 +00:00
Wolfram Schneider
b2ba580390
Count _all_ rejects, not made by check_mail and check_relay only.
...
There can be private rules which produce rejects.
Pointed out by: áÎÄÒÅÊ þÅÒÎÏ×
1998-02-09 11:28:59 +00:00
Wolfram Schneider
a4f897aa96
Count hosts and sort by score.
1998-02-05 15:38:17 +00:00
Wolfram Schneider
011e8ccf1f
Replace sed(1) with perl(1). The 4.4BSD sed programm is
...
200 times slower than perl or SunOS 5.5.1 sed.
1998-02-05 15:33:54 +00:00
Brian Somers
87c2f276be
Remove ``start='' used when testing :-(
1998-01-26 02:26:29 +00:00
Brian Somers
c5227e754c
Just list one of each domain that was rejected
...
(although only by Scheck_relay or Scheck_mail).
Suggested by: ache
1998-01-23 01:58:18 +00:00
Wolfram Schneider
74f3544ed2
Add an example for busy mail servers, commented out.
1998-01-18 22:28:06 +00:00
Andrey A. Chernov
41051eb9e7
Do not run by default. Can grow your root mailbox up to 2Mb per day
...
since SPAMmers like to retry often
1998-01-18 12:06:40 +00:00
Steve Price
e98d6de67c
Use manpath(1) to determine the value of ${MANPATH} instead of
...
using one of two hard-coded values.
PR: 5365
Submitted by: Ruslan Shevchenko <rssh@cam.grad.kiev.ua>
1998-01-09 23:56:45 +00:00
Bruce Evans
7083bd1e7d
Don't test for executability of /usr/sbin/sysctl [before execing
...
plain sysctl]. We already assumed that many standard commands
exist, and sysctl is not special.
1998-01-01 09:04:47 +00:00
Brian Somers
ac4c6ef8a9
Check for rejected mail
...
Not commented on by: freebsd-hackers
1997-11-22 04:02:51 +00:00
Wolfram Schneider
7010605e55
Check for files belongs to an unknown user or unknown group.
...
Do not run by default.
1997-11-01 15:03:05 +00:00
Wolfram Schneider
d5c1fb3ee9
Delete unused code.
1997-11-01 15:00:40 +00:00
Andrey A. Chernov
57e9de7714
Fix typo in my prev. commit
1997-09-11 15:21:30 +00:00