diff --git a/etc/periodic/security/100.chksetuid b/etc/periodic/security/100.chksetuid index 2bc6c52d2988..9f979191e95d 100755 --- a/etc/periodic/security/100.chksetuid +++ b/etc/periodic/security/100.chksetuid @@ -35,12 +35,12 @@ then source_periodic_confs fi -TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` LOG="${daily_status_security_logdir}" rc=0 case "$daily_status_security_chksetuid_enable" in [Yy][Ee][Ss]) + TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` echo "" echo 'Checking setuid files and devices:' # XXX Note that there is the possibility of overrunning the args to ls diff --git a/etc/periodic/security/200.chkmounts b/etc/periodic/security/200.chkmounts index 5d3116b15227..dbd2907d77f5 100755 --- a/etc/periodic/security/200.chkmounts +++ b/etc/periodic/security/200.chkmounts @@ -38,13 +38,13 @@ then source_periodic_confs fi -TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` LOG="${daily_status_security_logdir}" ignore="${daily_status_security_chkmounts_ignore}" rc=0 case "$daily_status_security_chkmounts_enable" in [Yy][Ee][Ss]) + TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` case "$daily_status_security_noamd" in [Yy][Ee][Ss]) ignore="${ignore}|^amd:" diff --git a/etc/periodic/security/500.ipfwdenied b/etc/periodic/security/500.ipfwdenied index b18e1cfc8143..d65d72bfae79 100755 --- a/etc/periodic/security/500.ipfwdenied +++ b/etc/periodic/security/500.ipfwdenied @@ -39,12 +39,12 @@ then source_periodic_confs fi -TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` LOG="${daily_status_security_logdir}" rc=0 case "$daily_status_security_ipfwdenied_enable" in [Yy][Ee][Ss]) + TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` if ipfw -a l 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then if [ ! -f ${LOG}/ipfw.today ]; then rc=1 diff --git a/etc/periodic/security/550.ipfwlimit b/etc/periodic/security/550.ipfwlimit index 3d54331f057e..653dcf16a0e2 100755 --- a/etc/periodic/security/550.ipfwlimit +++ b/etc/periodic/security/550.ipfwlimit @@ -38,11 +38,11 @@ then source_periodic_confs fi -TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` rc=0 case "$daily_status_security_ipfwlimit_enable" in [Yy][Ee][Ss]) + TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then ipfw -a l | grep " log " | perl -n -e \ diff --git a/etc/periodic/security/600.ip6fwdenied b/etc/periodic/security/600.ip6fwdenied index 5ab175934435..82058762099d 100755 --- a/etc/periodic/security/600.ip6fwdenied +++ b/etc/periodic/security/600.ip6fwdenied @@ -38,12 +38,12 @@ then source_periodic_confs fi -TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` LOG="${daily_status_security_logdir}" rc=0 case "$daily_status_security_ip6fwdenied_enable" in [Yy][Ee][Ss]) + TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` if ip6fw -a l 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then if [ ! -f ${LOG}/ip6fw.today ]; then rc=1 diff --git a/etc/periodic/security/650.ip6fwlimit b/etc/periodic/security/650.ip6fwlimit index 2a1af3980cb7..3a19c9981c12 100755 --- a/etc/periodic/security/650.ip6fwlimit +++ b/etc/periodic/security/650.ip6fwlimit @@ -38,11 +38,11 @@ then source_periodic_confs fi -TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` rc=0 case "$daily_status_security_ip6fwlimit_enable" in [Yy][Ee][Ss]) + TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` IP6FW_LOG_LIMIT=`sysctl -n net.inet6.ip6.fw.verbose_limit 2> /dev/null` if [ $? -eq 0 ] && [ "${IP6FW_LOG_LIMIT}" -ne 0 ]; then ip6fw -a l | grep " log " | perl -n -e \ diff --git a/etc/periodic/security/700.kernelmsg b/etc/periodic/security/700.kernelmsg index c1af58448f85..5ac15c21e03f 100755 --- a/etc/periodic/security/700.kernelmsg +++ b/etc/periodic/security/700.kernelmsg @@ -38,12 +38,12 @@ then source_periodic_confs fi -TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` LOG="${daily_status_security_logdir}" rc=0 case "$daily_status_security_kernelmsg_enable" in [Yy][Ee][Ss]) + TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` if dmesg 2>/dev/null > ${TMP}; then if [ ! -f ${LOG}/dmesg.today ]; then rc=1