From owner-freebsd-bugs@FreeBSD.ORG Wed Apr 9 18:00:05 2008 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1BD751065680 for ; Wed, 9 Apr 2008 18:00:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 031FD8FC0C for ; Wed, 9 Apr 2008 18:00:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m39I04ab059895 for ; Wed, 9 Apr 2008 18:00:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m39I04mx059894; Wed, 9 Apr 2008 18:00:04 GMT (envelope-from gnats) Date: Wed, 9 Apr 2008 18:00:04 GMT Message-Id: <200804091800.m39I04mx059894@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Christopher Cowart Cc: Subject: Re: conf/113913: [patch] [requst] new file /etc/periodic/daily/490.status-pkg-changes X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Christopher Cowart List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2008 18:00:05 -0000 The following reply was made to PR conf/113913; it has been noted by GNATS. From: Christopher Cowart To: bug-followup@FreeBSD.org, olli@secnetix.de Cc: Subject: Re: conf/113913: [patch] [requst] new file /etc/periodic/daily/490.status-pkg-changes Date: Wed, 9 Apr 2008 10:53:11 -0700 --EeQfGwPcQSOJBaQU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, I'm also interested in seeing a daily report of changes in installed packages. We see this as a security feature. The following is a more concise implementation using the security functions framework. We're maintaining it with our internal package management in /usr/local/etc/periodic/security, but would love to see it make its way into /etc/periodic/security. 300.pkginfo: : #!/bin/sh -f :=20 : # If there is a global system configuration file, suck it in. : if [ -r /etc/defaults/periodic.conf ]; then : . /etc/defaults/periodic.conf : source_periodic_confs : fi :=20 : . /etc/periodic/security/security.functions :=20 : rc=3D0 : case "${daily_status_security_pkginfo_enable:-YES}" in : [Nn][Oo]) : ;; : *) : pkg_info | check_diff pkginfo - \ : "${host} changes in installed packages:" : ;; : esac :=20 : exit "$rc" --=20 Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley --EeQfGwPcQSOJBaQU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iQIVAwUBR/0ChyPHEDszU3zYAQLhChAAq+3sw7SW65NhlU1ioBBYWtFpZfXjEEcW dwqKdfv8qFibdFFOAc+ugHE3vjXzB0tpO5+0OzX1CrO9tI0yHAyF88G2/T18ELWx GsudVmrFjW1xqgw/P8SIT8wh/XpttvC3/V7H9F3FIm0bZbegQvm9UNvy2mfFPOb2 ffPrf0nCYpk3FI0Z7IakkpIosvmGx0qENG3dxgFqm4Gr4VPrajOsDaaZCqhGkqqa c2crTOxvPhXW1TLx96Kj/q9TxpzkhJhpePaP7pZ3LNL59DrAfJ6m5u78bfqjm0JE pp6ahzUr+WS9Lhu4/RvEO0v68dlM2FX8reEKqFKUnp+IIZPYYmkd5IorFP7EbUAh PK1PwWPJPl2+CzcawnMBTTLe13L8lpQHj2IqGCbZwr+FWj7qEr3erksCM9GfLALS euMoDY4I9R8v5mzrAPICQf5H7NnEOGlkiRHPjAjJff6rT6iciktBlQd6uMq/E+Ff YXuBD9JWr+w18ZADFXIKHNExiI4FMPoaTwMeZLGHmfOqIDnekQUZS2KUy1jiq4DS 2doVsx3QgVsMaJLULeMn/4/gMDvNLk0gGGfWkeHTnBZXAVQbMtrldaUrTrdQGpbz qvrU0P1ECTqY6BaMBsgJJzg7Wmzupo9pW9ZAlWAlLJGiZ+cvynLMIoGVyhXJ2zz9 zt74F0ZOtOQ= =Vs5H -----END PGP SIGNATURE----- --EeQfGwPcQSOJBaQU--