Commit Graph

21 Commits

Author SHA1 Message Date
mtm
016c135dba Have mktemp(1) construct the temporary file name for us instead
of providing a template manually.

Submitted by:	Lars Eggert <larse@isi.edu>
2003-06-30 22:06:26 +00:00
se
6f580108ee Add support for bzip2ed log files. 2003-01-05 21:32:50 +00:00
keramida
f973c892f0 Avoid using perl in the periodic & security scripts. This brings the
base system one step closer to being totally perl-free.

Approved by:	re (jhb)
2002-12-07 23:37:44 +00:00
thomas
dfc9d731c3 Do not emit a message on stderr when one of the compared files
is shorter than the other.

Reviewed by:	roberto
MFC after:	3 days
2002-11-16 14:58:39 +00:00
thomas
e4fc2471bb Remove incorrect output redirection.
Reviewed by:	roberto
Committed from:	EuroBSDCon Amsterdam
MFC after:	3 days
2002-11-16 14:57:12 +00:00
thomas
08d4d01809 Add newly-added sripts to FILES.
Reviewed by:	roberto
2002-10-25 15:23:26 +00:00
thomas
0eb26ce875 Add a new /etc/periodic/security script to check for packets
rejected by ipfilter (510.ipfdenied), and a corresponding periodic.conf
knob (daily_status_security_ipfdenied_enable).

Reviewed by:	roberto
Approved by:	re@
2002-10-25 15:16:54 +00:00
thomas
24742dd0fd Factor out code across various /etc/periodic/security scripts into a
separate file, /etc/periodic/security/security.functions.

Reviewed by:	roberto (mentor)
Approved by:	re@
2002-10-25 15:14:16 +00:00
ache
ac09299ab9 Make it work with POSIX sort (POS arg).
All old sorts understand -k too.
2002-09-24 18:53:46 +00:00
cjc
1bdbc52de7 Only create a temporary file if we are actually going to do something
in the script. Eliminates a bug where we create a temp file, but don't
delete it since the rm(1) is only done if the check is enabled.

PR:		bin/40960
Submitted by:	frf <frf@xocolatl.com>
MFC after:	3 days
2002-08-25 04:09:17 +00:00
gshapiro
8cc0839b13 If all file systems are marked nosuid, the line:
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`

sets ${MP} to an empty string so the next line:

	set ${MP}

actually just dumps all of the shells variables to stdout (and therefore
the security report).  Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.

Reviewed by:	brian
MFC after:	3 days
2002-08-03 22:33:34 +00:00
ru
ed13465e59 Install scripts via FILES (purposedly not via SCRIPTS that would
strip the suffixes).
2002-07-18 12:33:01 +00:00
brian
c4dd2bd45f Mention that we're checking kernel log messages, even if there's
no output.

PR:		39618
MFC after:	1 week
2002-06-28 10:32:18 +00:00
brian
e0be427440 Change `dmesg -a'' to `dmesg''.
The change was introduced in src/etc/security 1.53 almost a year ago
in an attempt to see ipfw deny message logs.

However, ipfw deny/reject logs have been displayed since version 1.13
of the same file as a separate ``job'' and have since moved to
src/etc/periodic/security/500.ipfwdenied.

MFC after:	3 days
2002-05-17 13:38:36 +00:00
brian
e0e62927af Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}
Problem reported by:	lumpy <lumpy@the.whole.net>
MFC after:		3 days
2002-05-17 11:34:12 +00:00
cjc
560bc9d245 Remove leading whitespace from the setuid file lists.
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."

PR:		conf/37618
Reviewed by:	brian
MFC after:	3 days
2002-05-05 00:59:37 +00:00
rwatson
5ccd83be46 No need to explicitly check for both cases when using grep -i. 2002-03-12 21:44:33 +00:00
rwatson
dcb54d0614 Update login failure checking to check auth.log instead of messages,
and teach it to look for more general classes of failures, including
SSH login failures.  This is similar but not identical to a patch
submitted by aeonflux@synapse.subneural.net.
2002-03-11 19:39:08 +00:00
cjc
1a95751be8 Fix a stray character that found its way into a filename. 2001-12-14 22:25:04 +00:00
ru
1255b8caf5 Work around the bugfeature of test(1).
PR:		bin/32822
2001-12-14 08:58:21 +00:00
cjc
ba1e7b8577 Long ago, there was just /etc/daily. Then /etc/security was split out
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.

Reviewed by:	ru
Approved by:	ru
2001-12-07 23:57:39 +00:00