479b7f4288
group on a object has less permissions that everyone). These permissions will not work reliably over NFS if you have more than 14 supplemental groups and are usually not what you mean. MFC after: 1 week
281 lines
8.6 KiB
Bash
281 lines
8.6 KiB
Bash
#!/bin/sh
|
|
#
|
|
# This is defaults/periodic.conf - a file full of useful variables that
|
|
# you can set to change the default behaviour of periodic jobs on your
|
|
# system. You should not edit this file! Put any overrides into one of the
|
|
# $periodic_conf_files instead and you will be able to update these defaults
|
|
# later without spamming your local configuration information.
|
|
#
|
|
# The $periodic_conf_files files should only contain values which override
|
|
# values set in this file. This eases the upgrade path when defaults
|
|
# are changed and new features are added.
|
|
#
|
|
# For a more detailed explanation of all the periodic.conf variables, please
|
|
# refer to the periodic.conf(5) manual page.
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# What files override these defaults ?
|
|
periodic_conf_files="/etc/periodic.conf /etc/periodic.conf.local"
|
|
|
|
# periodic script dirs
|
|
local_periodic="/usr/local/etc/periodic"
|
|
|
|
|
|
# Daily options
|
|
|
|
# These options are used by periodic(8) itself to determine what to do
|
|
# with the output of the sub-programs that are run, and where to send
|
|
# that output. $daily_output might be set to /var/log/daily.log if you
|
|
# wish to log the daily output and have the files rotated by newsyslog(8)
|
|
#
|
|
daily_output="root" # user or /file
|
|
daily_show_success="YES" # scripts returning 0
|
|
daily_show_info="YES" # scripts returning 1
|
|
daily_show_badconfig="NO" # scripts returning 2
|
|
|
|
# 100.clean-disks
|
|
daily_clean_disks_enable="NO" # Delete files daily
|
|
daily_clean_disks_files="[#,]* .#* a.out *.core *.CKP .emacs_[0-9]*"
|
|
daily_clean_disks_days=3 # If older than this
|
|
daily_clean_disks_verbose="YES" # Mention files deleted
|
|
|
|
# 110.clean-tmps
|
|
daily_clean_tmps_enable="NO" # Delete stuff daily
|
|
daily_clean_tmps_dirs="/tmp" # Delete under here
|
|
daily_clean_tmps_days="3" # If not accessed for
|
|
daily_clean_tmps_ignore=".X*-lock .X11-unix .ICE-unix .font-unix .XIM-unix"
|
|
daily_clean_tmps_ignore="$daily_clean_tmps_ignore quota.user quota.group .snap"
|
|
# Don't delete these
|
|
daily_clean_tmps_verbose="YES" # Mention files deleted
|
|
|
|
# 120.clean-preserve
|
|
daily_clean_preserve_enable="YES" # Delete files daily
|
|
daily_clean_preserve_days=7 # If not modified for
|
|
daily_clean_preserve_verbose="YES" # Mention files deleted
|
|
|
|
# 130.clean-msgs
|
|
daily_clean_msgs_enable="YES" # Delete msgs daily
|
|
daily_clean_msgs_days= # If not modified for
|
|
|
|
# 140.clean-rwho
|
|
daily_clean_rwho_enable="YES" # Delete rwho daily
|
|
daily_clean_rwho_days=7 # If not modified for
|
|
daily_clean_rwho_verbose="YES" # Mention files deleted
|
|
|
|
# 150.clean-hoststat
|
|
daily_clean_hoststat_enable="YES" # Purge sendmail host
|
|
# status cache daily
|
|
|
|
# 200.backup-passwd
|
|
daily_backup_passwd_enable="YES" # Backup passwd & group
|
|
|
|
# 210.backup-aliases
|
|
daily_backup_aliases_enable="YES" # Backup mail aliases
|
|
|
|
# 300.calendar
|
|
daily_calendar_enable="NO" # Run calendar -a
|
|
|
|
# 310.accounting
|
|
daily_accounting_enable="YES" # Rotate acct files
|
|
daily_accounting_compress="NO" # Gzip rotated files
|
|
daily_accounting_flags=-q # Flags to /usr/sbin/sa
|
|
daily_accounting_save=3 # How many files to save
|
|
|
|
# 330.news
|
|
daily_news_expire_enable="YES" # Run news.expire
|
|
|
|
# 400.status-disks
|
|
daily_status_disks_enable="YES" # Check disk status
|
|
daily_status_disks_df_flags="-l -h" # df(1) flags for check
|
|
|
|
# 404.status-zfs
|
|
daily_status_zfs_enable="NO" # Check ZFS
|
|
|
|
# 405.status-ata_raid
|
|
daily_status_ata_raid_enable="NO" # Check ATA raid status
|
|
|
|
# 406.status-gmirror
|
|
daily_status_gmirror_enable="NO" # Check gmirror(8)
|
|
|
|
# 407.status-graid3
|
|
daily_status_graid3_enable="NO" # Check graid3(8)
|
|
|
|
# 408.status-gstripe
|
|
daily_status_gstripe_enable="NO" # Check gstripe(8)
|
|
|
|
# 409.status-gconcat
|
|
daily_status_gconcat_enable="NO" # Check gconcat(8)
|
|
|
|
# 420.status-network
|
|
daily_status_network_enable="YES" # Check network status
|
|
daily_status_network_usedns="YES" # DNS lookups are ok
|
|
|
|
# 430.status-rwho
|
|
daily_status_rwho_enable="YES" # Check system status
|
|
|
|
# 440.status-mailq
|
|
daily_status_mailq_enable="YES" # Check mail status
|
|
daily_status_mailq_shorten="NO" # Shorten output
|
|
daily_status_include_submit_mailq="YES" # Also submit queue
|
|
|
|
# 450.status-security
|
|
daily_status_security_enable="YES" # Security check
|
|
# See "Security options" below for more options
|
|
|
|
# 460.status-mail-rejects
|
|
daily_status_mail_rejects_enable="YES" # Check mail rejects
|
|
daily_status_mail_rejects_logs=3 # How many logs to check
|
|
daily_status_mail_rejects_shorten="NO" # Shorten output
|
|
|
|
# 470.status-named
|
|
daily_status_named_enable="YES"
|
|
daily_status_named_usedns="YES" # DNS lookups are ok
|
|
|
|
# 480.status-ntpd
|
|
daily_status_ntpd_enable="NO" # Check NTP status
|
|
|
|
# 490.status-pkg-changes
|
|
daily_status_pkg_changes_enable="NO" # Show package changes
|
|
|
|
# 500.queuerun
|
|
daily_queuerun_enable="YES" # Run mail queue
|
|
daily_submit_queuerun="YES" # Also submit queue
|
|
|
|
# 999.local
|
|
daily_local="/etc/daily.local" # Local scripts
|
|
|
|
|
|
# Security options
|
|
|
|
# These options are used by the security periodic(8) scripts spawned in
|
|
# 450.status-security above.
|
|
daily_status_security_inline="NO" # Run inline ?
|
|
daily_status_security_output="root" # user or /file
|
|
daily_status_security_noamd="NO" # Don't check amd mounts
|
|
daily_status_security_logdir="/var/log" # Directory for logs
|
|
daily_status_security_diff_flags="-b -u" # flags for diff output
|
|
|
|
# 100.chksetuid
|
|
daily_status_security_chksetuid_enable="YES"
|
|
|
|
# 110.neggrpperm
|
|
daily_status_security_neggrpperm_enable="NO"
|
|
|
|
# 200.chkmounts
|
|
daily_status_security_chkmounts_enable="YES"
|
|
#daily_status_security_chkmounts_ignore="^amd:" # Don't check matching
|
|
# FS types
|
|
|
|
# 300.chkuid0
|
|
daily_status_security_chkuid0_enable="YES"
|
|
|
|
# 400.passwdless
|
|
daily_status_security_passwdless_enable="YES"
|
|
|
|
# 410.logincheck
|
|
daily_status_security_logincheck_enable="YES"
|
|
|
|
# 460.chkportsum
|
|
daily_status_security_chkportsum_enable="NO" # Check ports w/ wrong checksum
|
|
|
|
# 500.ipfwdenied
|
|
daily_status_security_ipfwdenied_enable="YES"
|
|
|
|
# 510.ipfdenied
|
|
daily_status_security_ipfdenied_enable="YES"
|
|
|
|
# 520.pfdenied
|
|
daily_status_security_pfdenied_enable="YES"
|
|
|
|
# 550.ipfwlimit
|
|
daily_status_security_ipfwlimit_enable="YES"
|
|
|
|
# 610.ipf6denied
|
|
daily_status_security_ipf6denied_enable="YES"
|
|
|
|
# 700.kernelmsg
|
|
daily_status_security_kernelmsg_enable="YES"
|
|
|
|
# 800.loginfail
|
|
daily_status_security_loginfail_enable="YES"
|
|
|
|
# 900.tcpwrap
|
|
daily_status_security_tcpwrap_enable="YES"
|
|
|
|
|
|
# Weekly options
|
|
|
|
# These options are used by periodic(8) itself to determine what to do
|
|
# with the output of the sub-programs that are run, and where to send
|
|
# that output. $weekly_output might be set to /var/log/weekly.log if you
|
|
# wish to log the weekly output and have the files rotated by newsyslog(8)
|
|
#
|
|
weekly_output="root" # user or /file
|
|
weekly_show_success="YES" # scripts returning 0
|
|
weekly_show_info="YES" # scripts returning 1
|
|
weekly_show_badconfig="NO" # scripts returning 2
|
|
|
|
# 310.locate
|
|
weekly_locate_enable="YES" # Update locate weekly
|
|
|
|
# 320.whatis
|
|
weekly_whatis_enable="YES" # Update whatis weekly
|
|
|
|
# 330.catman
|
|
weekly_catman_enable="NO" # Preformat man pages
|
|
|
|
# 340.noid
|
|
weekly_noid_enable="NO" # Find unowned files
|
|
weekly_noid_dirs="/" # Look here
|
|
|
|
# 400.status-pkg
|
|
weekly_status_pkg_enable="NO" # Find out-of-date pkgs
|
|
pkg_version=pkg_version # Use this program
|
|
pkg_version_index=/usr/ports/INDEX-9 # Use this index file
|
|
|
|
# 999.local
|
|
weekly_local="/etc/weekly.local" # Local scripts
|
|
|
|
|
|
# Monthly options
|
|
|
|
# These options are used by periodic(8) itself to determine what to do
|
|
# with the output of the sub-programs that are run, and where to send
|
|
# that output. $monthly_output might be set to /var/log/monthly.log if you
|
|
# wish to log the monthly output and have the files rotated by newsyslog(8)
|
|
#
|
|
monthly_output="root" # user or /file
|
|
monthly_show_success="YES" # scripts returning 0
|
|
monthly_show_info="YES" # scripts returning 1
|
|
monthly_show_badconfig="NO" # scripts returning 2
|
|
|
|
# 200.accounting
|
|
monthly_accounting_enable="YES" # Login accounting
|
|
|
|
# 999.local
|
|
monthly_local="/etc/monthly.local" # Local scripts
|
|
|
|
|
|
# Define source_periodic_confs, the mechanism used by /etc/periodic/*/*
|
|
# scripts to source defaults/periodic.conf overrides safely.
|
|
|
|
if [ -z "${source_periodic_confs_defined}" ]; then
|
|
source_periodic_confs_defined=yes
|
|
source_periodic_confs () {
|
|
local i sourced_files
|
|
|
|
for i in ${periodic_conf_files}; do
|
|
case ${sourced_files} in
|
|
*:$i:*)
|
|
;;
|
|
*)
|
|
sourced_files="${sourced_files}:$i:"
|
|
[ -r $i ] && . $i
|
|
;;
|
|
esac
|
|
done
|
|
}
|
|
fi
|