Commit Graph

20 Commits

Author SHA1 Message Date
Stefan Eßer
2068678af4 Add support for bzip2ed log files. 2003-01-05 21:32:50 +00:00
Giorgos Keramidas
0333ea509d Avoid using perl in the periodic & security scripts. This brings the
base system one step closer to being totally perl-free.

Approved by:	re (jhb)
2002-12-07 23:37:44 +00:00
Thomas Quinot
da509dd293 Do not emit a message on stderr when one of the compared files
is shorter than the other.

Reviewed by:	roberto
MFC after:	3 days
2002-11-16 14:58:39 +00:00
Thomas Quinot
68c2bacd8d Remove incorrect output redirection.
Reviewed by:	roberto
Committed from:	EuroBSDCon Amsterdam
MFC after:	3 days
2002-11-16 14:57:12 +00:00
Thomas Quinot
77ee1b9798 Add newly-added sripts to FILES.
Reviewed by:	roberto
2002-10-25 15:23:26 +00:00
Thomas Quinot
7644e396f3 Add a new /etc/periodic/security script to check for packets
rejected by ipfilter (510.ipfdenied), and a corresponding periodic.conf
knob (daily_status_security_ipfdenied_enable).

Reviewed by:	roberto
Approved by:	re@
2002-10-25 15:16:54 +00:00
Thomas Quinot
cb9eff8a9e Factor out code across various /etc/periodic/security scripts into a
separate file, /etc/periodic/security/security.functions.

Reviewed by:	roberto (mentor)
Approved by:	re@
2002-10-25 15:14:16 +00:00
Andrey A. Chernov
15897030c6 Make it work with POSIX sort (POS arg).
All old sorts understand -k too.
2002-09-24 18:53:46 +00:00
Crist J. Clark
10f23b4ad0 Only create a temporary file if we are actually going to do something
in the script. Eliminates a bug where we create a temp file, but don't
delete it since the rm(1) is only done if the check is enabled.

PR:		bin/40960
Submitted by:	frf <frf@xocolatl.com>
MFC after:	3 days
2002-08-25 04:09:17 +00:00
Gregory Neil Shapiro
b31d4126e3 If all file systems are marked nosuid, the line:
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`

sets ${MP} to an empty string so the next line:

	set ${MP}

actually just dumps all of the shells variables to stdout (and therefore
the security report).  Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.

Reviewed by:	brian
MFC after:	3 days
2002-08-03 22:33:34 +00:00
Ruslan Ermilov
bff0acee63 Install scripts via FILES (purposedly not via SCRIPTS that would
strip the suffixes).
2002-07-18 12:33:01 +00:00
Brian Somers
103efc95e8 Mention that we're checking kernel log messages, even if there's
no output.

PR:		39618
MFC after:	1 week
2002-06-28 10:32:18 +00:00
Brian Somers
740b91b560 Change `dmesg -a'' to `dmesg''.
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.

However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.

MFC after:	3 days
2002-05-17 13:38:36 +00:00
Brian Somers
db1d04d6d9 Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}
Problem reported by:	lumpy <lumpy@the.whole.net>
MFC after:		3 days
2002-05-17 11:34:12 +00:00
Crist J. Clark
f5a8f1482c Remove leading whitespace from the setuid file lists.
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."

PR:		conf/37618
Reviewed by:	brian
MFC after:	3 days
2002-05-05 00:59:37 +00:00
Robert Watson
2e1fc052bc No need to explicitly check for both cases when using grep -i. 2002-03-12 21:44:33 +00:00
Robert Watson
cd9281b380 Update login failure checking to check auth.log instead of messages,
and teach it to look for more general classes of failures, including
SSH login failures.  This is similar but not identical to a patch
submitted by aeonflux@synapse.subneural.net.
2002-03-11 19:39:08 +00:00
Crist J. Clark
d15413fe2f Fix a stray character that found its way into a filename. 2001-12-14 22:25:04 +00:00
Ruslan Ermilov
ac47c95eea Work around the bugfeature of test(1).
PR:		bin/32822
2001-12-14 08:58:21 +00:00
Crist J. Clark
2204f3ce42 Long ago, there was just /etc/daily. Then /etc/security was split out
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.

Reviewed by:	ru
Approved by:	ru
2001-12-07 23:57:39 +00:00