Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 21 Feb 2012 18:50:08 GMT
From:      Garance A Drosehn <gad@FreeBSD.org>
To:        freebsd-bugs@FreeBSD.org
Subject:   Re: conf/165331: periodic security run output gives false positives after 1 year
Message-ID:  <201202211850.q1LIo8LL078315@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/165331; it has been noted by GNATS.

From: Garance A Drosehn <gad@FreeBSD.org>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: conf/165331: periodic security run output gives false positives
 after 1 year
Date: Tue, 21 Feb 2012 12:32:40 -0500

 Note that catmsgs() function in periodic/security/800.loginfail
 starts off with:
 
     find ${LOG} -name 'auth.log.*' -mtime -2   | [...etc...]
 
 Note the '-mtime -2' on that 'find' command.  It is *not* reading
 all archived logs on the disk.  It is reading all files which have
 a last-modified time within 2 days of the time the command is
 executed.
 
 It would still be a good idea to do something to fix the problem
 as described, but that problem would be fixed by having the log
 files rotated just once-per-year.  (Or it could be fixed by
 including the year in timestamps written to the log files).
 
 -- 
 Garance Alistair Drosehn            =   gad@gilead.netel.rpi.edu
 Senior Systems Programmer           or  gad@freebsd.org
 Rensselaer Polytechnic Institute    or  drosih@rpi.edu



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201202211850.q1LIo8LL078315>