Better document security_show_{success,info,badconfig} in /etc/periodic.conf

periodic(8) already handles the security_show_{success,info,badconfig} variables correctly. However, those variables aren't explicitly set in /etc/defaults/periodic.conf or anywhere else, which suggests to the user that they shouldn't be used. etc/defaults/periodic.conf Explicitly set defaults for security_show_{success,info,badconfig} usr.sbin/periodic/periodic.sh Update usage string usr.sbin/periodic/periodic.8 Minor man page updates One thing I'm _not_ doing is recommending setting security_output to /var/log/security.log or adding that file to /etc/newsyslog.conf, because periodic(8) would create it with default permissions, usually 644, and that's probably a bad idea. Reviewed by: brd MFC after: 4 weeks Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D6477
2016-05-21 02:14:11 +00:00 · 2016-05-21 02:14:11 +00:00 · c5b5b50ded
commit c5b5b50ded
parent a9da9b86d0
3 changed files with 11 additions and 6 deletions
--- a/etc/defaults/periodic.conf
+++ b/etc/defaults/periodic.conf
@ -222,6 +222,10 @@ monthly_local="/etc/monthly.local"			# Local scripts

 # Security options

+security_show_success="YES"				# scripts returning 0
+security_show_info="YES"				# scripts returning 1
+security_show_badconfig="NO"				# scripts returning 2
+
 # These options are used by the security periodic(8) scripts spawned in
 # daily and weekly 450.status-security.
 security_status_logdir="/var/log"			# Directory for logs
--- a/usr.sbin/periodic/periodic.8
+++ b/usr.sbin/periodic/periodic.8
@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd August 30, 2007
+.Dd May 20, 2016
 .Dt PERIODIC 8
 .Os
 .Sh NAME
@ -166,8 +166,9 @@ table
 the top level directory containing
 .Pa daily ,
 .Pa weekly ,
+.Pa monthly ,
 and
-.Pa monthly
+.Pa security
 subdirectories which contain standard system periodic executables
 .It Pa /etc/defaults/periodic.conf
 the
@ -175,9 +176,9 @@ the
 system registry contains variables that control the behaviour of
 .Nm
 and the standard
-.Pa daily , weekly ,
+.Pa daily , weekly , monthly ,
 and
-.Pa monthly
+.Pa security
 scripts
 .It Pa /etc/periodic.conf
 this file contains local overrides for the default
--- a/usr.sbin/periodic/periodic.sh
+++ b/usr.sbin/periodic/periodic.sh
@ -4,13 +4,13 @@
 #
 # Run nightly periodic scripts
 #
-# usage: periodic { daily | weekly | monthly } - run standard periodic scripts
+# usage: periodic { daily | weekly | monthly | security } - run standard scripts
 #        periodic /absolute/path/to/directory  - run periodic scripts in dir
 #

 usage () {
    echo "usage: $0 <directory of files to execute>" 1>&2
-    echo "or     $0 { daily | weekly | monthly }"    1>&2
+    echo "or     $0 { daily | weekly | monthly | security }"    1>&2
    exit 1
 }