Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 29 Jun 2000 17:30:24 +0100
From:      Konstantin Chuguev <Konstantin.Chuguev@dante.org.uk>
To:        freebsd-hackers@freebsd.org
Subject:   Periodic scripts [Was: Re: /etc/security -> /etc/periodic/security ?]
Message-ID:  <395B79A0.AB99EA21@dante.org.uk>
References:  <200006291558.LAA26175@rac9.wam.umd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
James Howard wrote:

> Will we be seeing a move in this direction towards a more configurable
> security script?  Is anyone planning it?
>
> I am porting the scripts to Linux and will hold off on security if
> nothing is being planned or make the changes myself.  I just do not want
> to duplicate efforts.
>

I have administered quite a big network of FreeBSD servers and routers for
more than 3 years. These periodic scripts are one of the most attractive
features for a sysadmin/netadmin in FreeBSD. I really enjoyed just reading
a few dozens messages from my FreeBSD boxes every morning, telling me about
problems or that everything is all right.
Fortunately, all right was much more often :-) Unfortunately, the
OK-messages are of the same size as any alerts, so one needs to read them
carefully to notice any suspicious conditions.
IMO, introducing a sort of silent mode to these periodic scripts would help
sysadmins. The idea is as follows:
At present there are groups of scripts (daily, weekly, monthly, security)
that write their reports to one email message per group. Often that message
consists just of OK or empty lines from every script.
In the silent mode, scripts produce no output in case of success (each
script knows its success condition itself). Or they can output something,
but then they should return the 0 result code for success, non-zero
otherwise. A meta-script (periodic) intercepts their output, waits for
their results and sends the output to mail agent only if the results are
non-zero.
If all scripts finished successfully, the meta-script can send just one
line (or even empty message, indicating that everything is OK) to a
sysadmin.
The silent mode could be enabled in rc.conf for instance...

Your suggestions?

Regards,
    Konstantin.

--
          * *        Konstantin Chuguev - Application Engineer
       *      *              Francis House, 112 Hills Road
     *                       Cambridge CB2 1PQ, United Kingdom
 D  A  N  T  E       WWW:    http://www.dante.net





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?395B79A0.AB99EA21>