Date: Tue, 21 Feb 2012 18:50:08 GMT From: Garance A Drosehn <gad@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/165331: periodic security run output gives false positives after 1 year Message-ID: <201202211850.q1LIo8LL078315@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/165331; it has been noted by GNATS. From: Garance A Drosehn <gad@FreeBSD.org> To: bug-followup@FreeBSD.org Cc: Subject: Re: conf/165331: periodic security run output gives false positives after 1 year Date: Tue, 21 Feb 2012 12:32:40 -0500 Note that catmsgs() function in periodic/security/800.loginfail starts off with: find ${LOG} -name 'auth.log.*' -mtime -2 | [...etc...] Note the '-mtime -2' on that 'find' command. It is *not* reading all archived logs on the disk. It is reading all files which have a last-modified time within 2 days of the time the command is executed. It would still be a good idea to do something to fix the problem as described, but that problem would be fixed by having the log files rotated just once-per-year. (Or it could be fixed by including the year in timestamps written to the log files). -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201202211850.q1LIo8LL078315>