Date: Mon, 2 Jan 2012 17:19:12 -0800 From: Garrett Cooper <yanegomi@gmail.com> To: Doug Barton <dougb@freebsd.org> Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, FreeBSD current mailing list <freebsd-current@freebsd.org> Subject: Re: periodic emails Message-ID: <CAGH67wQkDOewrquuCB6TAFcyhx3nBd9pUEt7=w3GQ1LMVv1EXg@mail.gmail.com> In-Reply-To: <4F02350D.2050500@FreeBSD.org> References: <E4CECE08-C9BE-4CA5-842B-420A44DCF461@lists.zabbadoz.net> <CAGH67wSUuzMtS51gOV5POEmuw3Do-Kcg6H3dawpDJ39a=OSw7A@mail.gmail.com> <4F023387.1060300@FreeBSD.org> <CAGH67wQOhsqBCRSWwH%2BaUVZWXzN0X6jLZr5L1MZycPx_-Ldygg@mail.gmail.com> <4F02350D.2050500@FreeBSD.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
On Mon, Jan 2, 2012 at 2:51 PM, Doug Barton <dougb@freebsd.org> wrote:
> On 01/02/2012 14:49, Garrett Cooper wrote:
>> On Mon, Jan 2, 2012 at 2:45 PM, Doug Barton <dougb@freebsd.org> wrote:
>>> On 01/02/2012 14:14, Garrett Cooper wrote:
>>>
>>>> How does this look for starters? The attached patch's goal is to
>>>> provide a generic, rc(5)-like infrastructure that would quiet down the
>>>> periodic emails for 120.clean-preserve .
>>>
>>> The periodic scripts are badly in need of attention, so effort in that
>>> area is much appreciated.
>>>
>>> Regarding your patch, rather than copying functions from rc.subr, why
>>> not just source it? Yes, you will get more than you need, but I think
>>> that the virtue of not having to maintain the same code in 2 places far
>>> outweighs that minor drawback.
>>
>> That works too, assuming that rc.subr isn't too rc(5) centric.
>
> Well of course it's rc-centric, but that's not the point. :) If you're
> going to be using the exact same code from rc.subr, you might as well
> just source it. The things that you'll get by doing that which are only
> relevant to rc you just ignore.
>
>> Thanks for the feedback!
>
> Glad to help.
Here's a patch (untested apart from sh -n, but I'm going to toss
it into a VM to watch the sparks fly), based on stable/9 that makes
periodic(5) a bit more like rc(5).
Apart from that it resolves some inconsistencies with
800.zfs-scrub (the defaults were in the script and not
/etc/defaults/periodic.conf), removes duplicate rc=0 declarations,
consolidates and generalizes the "catmsgs" function, catches more
errors, and some other good stuff.
Thanks!
-Garrett
[-- Attachment #2 --]
Index: etc/periodic/weekly/320.whatis
===================================================================
--- etc/periodic/weekly/320.whatis (revision 229323)
+++ etc/periodic/weekly/320.whatis (working copy)
@@ -3,21 +3,15 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$weekly_whatis_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno weekly_whatis_enable; then
echo ""
echo "Rebuilding whatis database:"
- MANPATH=`/usr/bin/manpath -q`
- if [ $? = 0 ]
+ if MANPATH=$(/usr/bin/manpath -q); then
then
if [ -z "${MANPATH}" ]
then
@@ -25,7 +19,6 @@
rc=3
else
man_locales=`/usr/bin/manpath -qL`
- rc=0
# Build whatis(1) database(s) for original, non-localized
# manpages.
@@ -43,9 +36,7 @@
fi
else
rc=3
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/weekly/999.local
===================================================================
--- etc/periodic/weekly/999.local (revision 229323)
+++ etc/periodic/weekly/999.local (working copy)
@@ -3,15 +3,10 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
rc=0
+
for script in $weekly_local
do
echo ''
Index: etc/periodic/weekly/400.status-pkg
===================================================================
--- etc/periodic/weekly/400.status-pkg (revision 229323)
+++ etc/periodic/weekly/400.status-pkg (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$weekly_status_pkg_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno weekly_status_pkg_enable; then
echo ""
echo "Check for out of date packages:"
@@ -25,9 +20,7 @@
-e 's/^\([^ ]*-[^ ]*\) *? *\(orphaned:.*\)$/ \1 was \2/p' |
tee /dev/stderr |
wc -l)
- [ $rc -gt 1 ] && rc=1;;
+ [ $rc -gt 1 ] && rc=1
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/weekly/330.catman
===================================================================
--- etc/periodic/weekly/330.catman (revision 229323)
+++ etc/periodic/weekly/330.catman (working copy)
@@ -3,56 +3,44 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$weekly_catman_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno weekly_catman_enable; then
if [ ! -d /usr/share/man/cat1 ]
then
- echo '$weekly_catman_enable is set but /usr/share/man/cat1' \
+ err 2 '$weekly_catman_enable is set but /usr/share/man/cat1' \
"doesn't exist"
- rc=2
- else
- echo ""
- echo "Reformatting manual pages:"
+ fi
+ echo ""
+ echo "Reformatting manual pages:"
- MANPATH=`/usr/bin/manpath -q`
- if [ $? = 0 ]
+ if MANPATH=`/usr/bin/manpath -q`; then
+ then
+ if [ -z "${MANPATH}" ]
then
- if [ -z "${MANPATH}" ]
- then
- echo "manpath failed to find any manpath directories"
- rc=3
- else
- man_locales=`/usr/bin/manpath -qL`
- rc=0
+ err 3 "manpath failed to find any manpath directories"
+ else
+ man_locales=`/usr/bin/manpath -qL`
- # Preformat original, non-localized manpages
- echo /usr/libexec/catman.local -r "$MANPATH" |
- su -fm man || rc=3
+ # Preformat original, non-localized manpages
+ echo /usr/libexec/catman.local -r "$MANPATH" |
+ su -fm man || rc=3
- # Preformat localized manpages.
- if [ -n "$man_locales" ]
- then
- for i in $man_locales
- do
- echo /usr/libexec/catman.local -Lr \
- "$MANPATH" | LC_ALL=$i su -fm man || rc=3
- done
- fi
+ # Preformat localized manpages.
+ if [ -n "$man_locales" ]
+ then
+ for i in $man_locales
+ do
+ echo /usr/libexec/catman.local -Lr \
+ "$MANPATH" | LC_ALL=$i su -fm man || rc=3
+ done
fi
- else
- rc=3
fi
- fi;;
+ else
+ rc=3
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/weekly/310.locate
===================================================================
--- etc/periodic/weekly/310.locate (revision 229323)
+++ etc/periodic/weekly/310.locate (working copy)
@@ -3,30 +3,23 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$weekly_locate_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno weekly_locate_enable; then
echo ""
echo "Rebuilding locate database:"
locdb=/var/db/locate.database
- touch $locdb && rc=0 || rc=3
+ touch $locdb || rc=3
chown nobody $locdb || rc=3
chmod 644 $locdb || rc=3
cd /
echo /usr/libexec/locate.updatedb | nice -n 5 su -fm nobody || rc=3
- chmod 444 $locdb || rc=3;;
+ chmod 444 $locdb || rc=3
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/weekly/340.noid
===================================================================
--- etc/periodic/weekly/340.noid (revision 229323)
+++ etc/periodic/weekly/340.noid (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$weekly_noid_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno weekly_noid_enable; then
echo ""
echo "Check for files with an unknown user or group:"
@@ -21,9 +16,6 @@
\( -nogroup -o -nouser \) -print | sed 's/^/ /' |
tee /dev/stderr | wc -l)
[ $rc -gt 1 ] && rc=1
- ;;
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/330.news
===================================================================
--- etc/periodic/daily/330.news (revision 229323)
+++ etc/periodic/daily/330.news (working copy)
@@ -6,29 +6,21 @@
# (This is present only for backwards compatibility, usually the news
# system handles this on its own).
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_news_expire_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_news_expire_enable; then
if [ ! -f /etc/news.expire ]
then
- echo '$daily_news_expire_enable is set but /etc/news.expire' \
+ err 2 '$daily_news_expire_enable is set but /etc/news.expire' \
"doesn't exist"
- rc=2
else
echo ""
echo "Running news.expire:"
/etc/news.expire && rc=0 || rc=3
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/490.status-pkg-changes
===================================================================
--- etc/periodic/daily/490.status-pkg-changes (revision 229323)
+++ etc/periodic/daily/490.status-pkg-changes (working copy)
@@ -3,22 +3,16 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]; then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_pkg_changes_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_pkg_changes_enable; then
if [ ! -f /usr/sbin/pkg_info ]; then
- echo '$daily_status_pkg_changes_enable is enabled but' \
+ err 2 '$daily_status_pkg_changes_enable is enabled but' \
"/usr/sbin/pkg_info doesn't exist"
- rc=2
else
bak=/var/backups
- rc=0
if [ -f $bak/pkg_info.bak ]; then
mv -f $bak/pkg_info.bak $bak/pkg_info.bak2
@@ -33,11 +27,6 @@
| grep '^[-+][^-+]' | sort -k 1.2
fi
fi
- ;;
+fi
- *)
- rc=0
- ;;
-esac
-
exit $rc
Index: etc/periodic/daily/999.local
===================================================================
--- etc/periodic/daily/999.local (revision 229323)
+++ etc/periodic/daily/999.local (working copy)
@@ -6,13 +6,7 @@
# compatibility more than anything else.
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
rc=0
for script in $daily_local
Index: etc/periodic/daily/800.scrub-zfs
===================================================================
--- etc/periodic/daily/800.scrub-zfs (revision 229323)
+++ etc/periodic/daily/800.scrub-zfs (working copy)
@@ -3,22 +3,16 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
+. /etc/periodic.subr
newline="
" # A single newline
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+rc=0
: ${daily_scrub_zfs_default_threshold=30}
-case "$daily_scrub_zfs_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_scrub_zfs_enable; then
echo
echo 'Scrubbing of zfs pools:'
@@ -26,7 +20,6 @@
daily_scrub_zfs_pools="$(zpool list -H -o name)"
fi
- rc=0
for pool in ${daily_scrub_zfs_pools}; do
# sanity check
_status=$(zpool list "${pool}" 2> /dev/null)
@@ -88,11 +81,6 @@
echo " consult 'zpool status ${pool}' for the result"
done
- ;;
+fi
- *)
- rc=0
- ;;
-esac
-
exit $rc
Index: etc/periodic/daily/440.status-mailq
===================================================================
--- etc/periodic/daily/440.status-mailq (revision 229323)
+++ etc/periodic/daily/440.status-mailq (working copy)
@@ -3,64 +3,53 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_mailq_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_mailq_enable; then
if [ ! -x /usr/bin/mailq ]
then
- echo '$daily_status_mailq_enable is set but /usr/bin/mailq' \
+ err 2 '$daily_status_mailq_enable is set but /usr/bin/mailq' \
"isn't executable"
- rc=2
else
echo ""
echo "Mail in local queue:"
- rc=$(case "$daily_status_mailq_shorten" in
- [Yy][Ee][Ss])
+ n=$(if checkyesno daily_status_mailq_shorten; then
mailq |
egrep -e '^[[:space:]]+[^[:space:]]+@' |
sort |
uniq -c |
sort -nr |
- awk '$1 >= 1 {print $1, $2}';;
- *)
- mailq;;
- esac | tee /dev/stderr |
+ awk '$1 >= 1 {print $1, $2}'
+ else
+ mailq
+ fi | tee /dev/stderr |
egrep -v '(mqueue is empty|Total requests)' | wc -l)
- [ $rc -gt 0 ] && rc=1 || rc=0
+ [ $n -gt 0 ] && rc=1
- case "$daily_status_include_submit_mailq" in
- [Yy][Ee][Ss])
+ if checkyesno daily_status_include_submit_mailq; then
if [ -f /etc/mail/submit.cf ]
then
echo ""
echo "Mail in submit queue:"
- rc_submit=$(case "$daily_status_mailq_shorten" in
- [Yy][Ee][Ss])
+ n=$(if checkyesno daily_status_mailq_shorten; then
mailq -Ac |
egrep -e '^[[:space:]]+[^[:space:]]+@' |
sort |
uniq -c |
sort -nr |
- awk '$1 >= 1 {print $1, $2}';;
- *)
- mailq -Ac;;
- esac | tee /dev/stderr |
+ awk '$1 >= 1 {print $1, $2}'
+ else
+ mailq -Ac
+ fi | tee /dev/stderr |
egrep -v '(mqueue is empty|Total requests)' | wc -l)
- [ $rc_submit -gt 0 ] && rc=1
- fi;;
- esac
- fi;;
+ [ $n -gt 0 ] && rc=1
+ fi
+ fi
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/130.clean-msgs
===================================================================
--- etc/periodic/daily/130.clean-msgs (revision 229323)
+++ etc/periodic/daily/130.clean-msgs (working copy)
@@ -5,21 +5,15 @@
# Remove system messages
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_clean_msgs_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_clean_msgs_enable; then
if [ ! -d /var/msgs ]
then
- echo '$daily_clean_msgs_enable is set but /var/msgs' \
+ err 2 '$daily_clean_msgs_enable is set but /var/msgs' \
"doesn't exist"
- rc=2
else
echo ""
echo "Cleaning out old system announcements:"
@@ -27,9 +21,7 @@
[ -n "$daily_clean_msgs_days" ] &&
arg=-${daily_clean_msgs_days#-} || arg=
msgs -c $arg && rc=0 || rc=3
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/100.clean-disks
===================================================================
--- etc/periodic/daily/100.clean-disks (revision 229323)
+++ etc/periodic/daily/100.clean-disks (working copy)
@@ -5,51 +5,40 @@
# Remove garbage files more than $daily_clean_disks_days days old
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_clean_disks_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_clean_disks_enable; then
if [ -z "$daily_clean_disks_days" ]
then
- echo '$daily_clean_disks_enable is set but' \
+ err 2 '$daily_clean_disks_enable is set but' \
'$daily_clean_disks_days is not'
- rc=2
elif [ -z "$daily_clean_disks_files" ]
then
- echo '$daily_clean_disks_enable is set but' \
+ err 2 '$daily_clean_disks_enable is set but' \
'$daily_clean_disks_files is not'
- rc=2
else
- echo ""
- echo "Cleaning disks:"
+ if checkyesno daily_clean_disks_verbose; then
+ echo ""
+ echo "Cleaning disks:"
+
+ print=-print
+ else
+ print=
+ fi
set -f noglob
args="-name "`echo "$daily_clean_disks_files" |
sed -e 's/^[ ]*//' \
-e 's/[ ]*$//' \
-e 's/[ ][ ]*/ -o -name /g'`
- case "$daily_clean_disks_verbose" in
- [Yy][Ee][Ss])
- print=-print;;
- *)
- print=;;
- esac
-
rc=$(find / \( ! -fstype local -o -fstype rdonly \) -prune -o \
\( $args \) -atime +$daily_clean_disks_days \
-execdir rm -df {} \; $print | tee /dev/stderr | wc -l)
- [ -z "$print" ] && rc=0
[ $rc -gt 1 ] && rc=1
set -f glob
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/450.status-security
===================================================================
--- etc/periodic/daily/450.status-security (revision 229323)
+++ etc/periodic/daily/450.status-security (working copy)
@@ -3,39 +3,31 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_security_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_security_enable; then
echo ""
echo "Security check:"
- case "$daily_status_security_inline" in
- [Yy][Ee][Ss])
+ if checkyesno daily_status_security_inline; then
export security_output="";;
- *)
+ else
export security_output="${daily_status_security_output}"
case "${daily_status_security_output}" in
"")
rc=3;;
/*)
echo " (output logged separately)"
- rc=0;;
+ ;;
*)
echo " (output mailed separately)"
- rc=0;;
- esac;;
- esac
+ ;;
+ esac
+ fi
- periodic security || rc=3;;
+ periodic security || rc=3
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/140.clean-rwho
===================================================================
--- etc/periodic/daily/140.clean-rwho (revision 229323)
+++ etc/periodic/daily/140.clean-rwho (working copy)
@@ -5,49 +5,37 @@
# Remove stale files in /var/rwho
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_clean_rwho_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_clean_rwho_enable; then
if [ -z "$daily_clean_rwho_days" ]
then
- echo '$daily_clean_rwho_enable is enabled but' \
+ err 2 '$daily_clean_rwho_enable is enabled but' \
'$daily_clean_rwho_days is not set'
- rc=2
elif [ ! -d /var/rwho ]
then
- echo '$daily_clean_rwho_enable is enabled but /var/rwho' \
+ err 2 '$daily_clean_rwho_enable is enabled but /var/rwho' \
"doesn't exist"
- rc=2
else
- echo ""
- echo "Removing stale files from /var/rwho:"
+ if checkyesno daily_clean_rwho_verbose; then
+ echo ""
+ echo "Removing stale files from /var/rwho:"
- case "$daily_clean_rwho_verbose" in
- [Yy][Ee][Ss])
- print=-print;;
- *)
- print=;;
- esac
-
+ print=-print
+ else
+ print=
+ fi
if cd /var/rwho
then
rc=$(find . ! -name . -mtime +$daily_clean_rwho_days \
-delete $print | tee /dev/stderr | wc -l)
- [ -z "$print" ] && rc=0
[ $rc -gt 1 ] && rc=1
else
rc=3
fi
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/110.clean-tmps
===================================================================
--- etc/periodic/daily/110.clean-tmps (revision 229323)
+++ etc/periodic/daily/110.clean-tmps (working copy)
@@ -6,25 +6,24 @@
# don't end up with excessively old files there.
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_clean_tmps_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_clean_tmps_enable; then
if [ -z "$daily_clean_tmps_days" ]
then
- echo '$daily_clean_tmps_enable is set but' \
+ err 2 '$daily_clean_tmps_enable is set but' \
'$daily_clean_tmps_days is not'
- rc=2
else
- echo ""
- echo "Removing old temporary files:"
+ if checkyesno daily_clean_tmps_verbose; then
+ echo ""
+ echo "Removing old temporary files:"
+ print=-print
+ else
+ print=
+ fi
set -f noglob
args="-atime +$daily_clean_tmps_days -mtime +$daily_clean_tmps_days"
args="${args} -ctime +$daily_clean_tmps_days"
@@ -35,13 +34,6 @@
dargs="$dargs "`echo " ${daily_clean_tmps_ignore% }" |
sed 's/[ ][ ]*/ ! -name /g'`
}
- case "$daily_clean_tmps_verbose" in
- [Yy][Ee][Ss])
- print=-print;;
- *)
- print=;;
- esac
-
rc=$(for dir in $daily_clean_tmps_dirs
do
[ ."${dir#/}" != ."$dir" -a -d $dir ] && cd $dir && {
@@ -49,12 +41,9 @@
find -d . ! -name . -type d $dargs -delete $print
} | sed "s,^\\., $dir,"
done | tee /dev/stderr | wc -l)
- [ -z "$print" ] && rc=0
[ $rc -gt 1 ] && rc=1
set -f glob
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/430.status-rwho
===================================================================
--- etc/periodic/daily/430.status-rwho (revision 229323)
+++ etc/periodic/daily/430.status-rwho (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_rwho_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_rwho_enable; then
rwho=$(echo /var/rwho/*)
if [ -f "${rwho%% *}" ]
then
@@ -24,15 +19,13 @@
echo "Local system status:"
prog=uptime
fi
- rc=$($prog | tee /dev/stderr | wc -l)
+ n=$($prog | tee /dev/stderr | wc -l)
if [ $? -eq 0 ]
then
- [ $rc -gt 1 ] && rc=1
+ [ $n -gt 1 ] && rc=1
else
rc=3
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/460.status-mail-rejects
===================================================================
--- etc/periodic/daily/460.status-mail-rejects (revision 229323)
+++ etc/periodic/daily/460.status-mail-rejects (working copy)
@@ -3,36 +3,29 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
+. /etc/periodic.subr
+
+rc=0
+
+if checkyesno daily_status_mail_rejects_shorten; then
+ shorten='cut -d" " -f2,3'
+else
+ shorten=cat
fi
-case "$daily_status_mail_rejects_shorten" in
-[Yy][Ee][Ss]) shorten='cut -d" " -f2,3';;
-*) shorten=cat;;
-esac
-
-case "$daily_status_mail_rejects_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_mail_rejects_enable; then
if [ ! -d /etc/mail ]
then
- echo '$daily_status_mail_rejects_enable is set but /etc/mail' \
+ err 2 '$daily_status_mail_rejects_enable is set but /etc/mail' \
"doesn't exist"
- rc=2
elif [ ! -f /var/log/maillog ]
then
- echo '$daily_status_mail_rejects_enable is set but ' \
+ err 2 '$daily_status_mail_rejects_enable is set but ' \
"/var/log/maillog doesn't exist"
- rc=2
elif [ "$daily_status_mail_rejects_logs" -le 0 ]
then
- echo '$daily_status_mail_rejects_enable is set but ' \
+ err 2 '$daily_status_mail_rejects_enable is set but ' \
'$daily_status_mail_rejects_logs is not greater than zero'
- rc=2
else
echo
echo Checking for rejected mail hosts:
@@ -65,9 +58,7 @@
:end
}' | eval $shorten | sort -f | uniq -ic | sort -fnr | tee /dev/stderr | wc -l)
[ $rc -gt 0 ] && rc=1
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/405.status-ata-raid
===================================================================
--- etc/periodic/daily/405.status-ata-raid (revision 229323)
+++ etc/periodic/daily/405.status-ata-raid (working copy)
@@ -1,33 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
-case "$daily_status_ata_raid_enable" in
- [Yy][Ee][Ss])
- echo
- echo 'Checking status of ATA raid partitions:'
-
- rc=0
- for raid in `find /dev/ -name 'ar[0-9]*' -type c | egrep '[0-9]$' \
- | egrep -v 's[0-9]' | cut -d / -f 3`
- do
- status=`/sbin/atacontrol status $raid`
- echo $status
- raid_rc=`echo $status | grep -v READY | wc -l`
- [ $rc -eq 0 ] && [ $raid_rc -gt 0 ] && rc=3
- done
- ;;
-
- *) rc=0;;
-esac
-
-exit $rc
Index: etc/periodic/daily/409.status-gconcat
===================================================================
--- etc/periodic/daily/409.status-gconcat (revision 229323)
+++ etc/periodic/daily/409.status-gconcat (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_gconcat_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_gconcat_enable; then
echo
echo 'Checking status of gconcat(8) devices:'
@@ -20,15 +15,10 @@
components="$(gconcat status -s | fgrep -v UP)"
if [ "${components}" ]; then
rc=3
- else
- rc=0
fi
else
rc=2
fi
- ;;
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/406.status-gmirror
===================================================================
--- etc/periodic/daily/406.status-gmirror (revision 229323)
+++ etc/periodic/daily/406.status-gmirror (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_gmirror_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_gmirror_enable; then
echo
echo 'Checking status of gmirror(8) devices:'
@@ -20,15 +15,10 @@
components="$(gmirror status -s | fgrep -v COMPLETE)"
if [ "${components}" ]; then
rc=3
- else
- rc=0
fi
else
rc=2
fi
- ;;
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/300.calendar
===================================================================
--- etc/periodic/daily/300.calendar (revision 229323)
+++ etc/periodic/daily/300.calendar (working copy)
@@ -8,22 +8,15 @@
# or run it from your ~/.profile or ~/.login.
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_calendar_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_calendar_enable; then
echo ""
echo "Running calendar:"
- calendar -a && rc=0 || rc=3;;
+ calendar -a && rc=0 || rc=3
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/500.queuerun
===================================================================
--- etc/periodic/daily/500.queuerun (revision 229323)
+++ etc/periodic/daily/500.queuerun (working copy)
@@ -3,34 +3,22 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_queuerun_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_queuerun_enable; then
if [ ! -x /usr/sbin/sendmail ]
then
- echo '$daily_queuerun_enable is set but /usr/sbin/sendmail' \
+ err 2 '$daily_queuerun_enable is set but /usr/sbin/sendmail' \
"isn't executable"
- rc=2
- else
- /usr/sbin/sendmail -q >/dev/null 2>&1 &
- case "$daily_submit_queuerun" in
- [Yy][Ee][Ss])
- if [ -f /etc/mail/submit.cf ]
- then
- /usr/sbin/sendmail -q -Ac >/dev/null 2>&1 &
- fi;;
- esac
- rc=0
- fi;;
+ fi
+ /usr/sbin/sendmail -q >/dev/null 2>&1 &
+ if checkyesno daily_submit_queuerun; then
+ if [ -f /etc/mail/submit.cf ]; then
+ /usr/sbin/sendmail -q -Ac >/dev/null 2>&1 &
+ fi
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/420.status-network
===================================================================
--- etc/periodic/daily/420.status-network (revision 229323)
+++ etc/periodic/daily/420.status-network (working copy)
@@ -3,27 +3,20 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_network_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_network_enable; then
echo ""
echo "Network interface status:"
- case "$daily_status_network_usedns" in
- [Yy][Ee][Ss])
- netstat -i && rc=0 || rc=3;;
- *)
- netstat -in && rc=0 || rc=3;;
- esac;;
+ if checkyesno daily_status_network_usedns; then
+ netstat_flags="-i"
+ else
+ netstat_flags="-in"
+ fi
+ netstat $netstat_flags && rc=0 || rc=3
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/470.status-named
===================================================================
--- etc/periodic/daily/470.status-named (revision 229323)
+++ etc/periodic/daily/470.status-named (working copy)
@@ -3,43 +3,24 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-catmsgs() {
- find /var/log -name 'messages.*' -mtime -2 |
- sort -t. -r -n -k 2,2 |
- while read f
- do
- case $f in
- *.gz) zcat -f $f;;
- *.bz2) bzcat -f $f;;
- esac
- done
- [ -f /var/log/messages ] && cat /var/log/messages
-}
+rc=0
-case "$daily_status_named_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_named_enable; then
echo
echo 'Checking for denied zone transfers (AXFR and IXFR):'
start=`date -v-1d '+%b %e'`
- rc=$(catmsgs |
+ rc=$(catlogs "messages" /var/log |
fgrep -E "^$start.*named\[[[:digit:]]+\]: transfer of .*failed .*: REFUSED" |
sed -e "s/.*transfer of \'\(.*\)\/IN\' from \(.*\)#[0-9]*: .*/\1 from \2/" |
sort -f | uniq -ic | (
- usedns=0
- case "$daily_status_named_usedns" in
- '') ;;
- [yY][eE][sS]) usedns=1 ;;
- esac
-
+ if checkyesno daily_status_named_usedns; then
+ usedns=1
+ else
+ usedns=0
+ fi
while read line ;do
ipaddr=`echo "$line" | sed -e 's/^.*from //'`
if [ $usedns -eq 1 ]; then
@@ -54,9 +35,6 @@
done ) | \
tee /dev/stderr | wc -l)
[ $rc -gt 0 ] && rc=1
- ;;
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/210.backup-aliases
===================================================================
--- etc/periodic/daily/210.backup-aliases (revision 229323)
+++ etc/periodic/daily/210.backup-aliases (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_backup_aliases_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_backup_aliases_enable; then
if [ ! -f /etc/mail/aliases ]
then
echo '$daily_backup_aliases_enable is enabled but' \
@@ -20,7 +15,6 @@
rc=2
else
bak=/var/backups
- rc=0
echo ""
echo "Backing up mail aliases:"
@@ -31,17 +25,14 @@
cp -p /etc/mail/aliases $bak/aliases.bak || rc=3
fi
- if ! cmp -s $bak/aliases.bak /etc/mail/aliases
+ if [ $rc -eq 0 ] && ! cmp -s $bak/aliases.bak /etc/mail/aliases
then
- [ $rc -lt 1 ] && rc=1
echo "$host aliases diffs:"
diff -u $bak/aliases.bak /etc/mail/aliases
mv $bak/aliases.bak $bak/aliases.bak2
cp -p /etc/mail/aliases $bak/aliases.bak || rc=3
fi
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/404.status-zfs
===================================================================
--- etc/periodic/daily/404.status-zfs (revision 229323)
+++ etc/periodic/daily/404.status-zfs (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_zfs_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_zfs_enable; then
echo
echo 'Checking status of zfs pools:'
@@ -26,11 +21,6 @@
else
rc=1
fi
- ;;
+fi
- *)
- rc=0
- ;;
-esac
-
exit $rc
Index: etc/periodic/daily/220.backup-pkgdb
===================================================================
--- etc/periodic/daily/220.backup-pkgdb (revision 229323)
+++ etc/periodic/daily/220.backup-pkgdb (working copy)
@@ -3,18 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
rc=0
-case "$daily_backup_pkgdb_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_backup_pkgdb_enable; then
bak="${daily_backup_pkgdb_dir:-/var/backups}"
bak_file="${bak}/pkgdb.bak.tbz"
@@ -23,10 +16,10 @@
if [ ! -d "$bak" ]
then
- install -d -o root -g wheel -m 750 $bak || {
- echo '$daily_backup_pkgdb_enable is enabled but' \
+ if ! install -d -o root -g wheel -m 750 $bak; then
+ err 2 '$daily_backup_pkgdb_enable is enabled but' \
"$daily_backup_pkgdb_dbdir doesn't exist" ;
- exit 2 ; }
+ fi
fi
echo ''
@@ -45,7 +38,7 @@
mv "${new_bak_file}" "${bak_file}"
else
rc=3
- fi ;;
-esac
+ fi
+fi
exit $rc
Index: etc/periodic/daily/310.accounting
===================================================================
--- etc/periodic/daily/310.accounting (revision 229323)
+++ etc/periodic/daily/310.accounting (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_accounting_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_accounting_enable; then
if [ ! -f /var/account/acct ]
then
echo '$daily_accounting_enable is set but /var/account/acct' \
@@ -28,7 +23,6 @@
echo "Rotating accounting logs and gathering statistics:"
cd /var/account
- rc=0
n=$(( $daily_accounting_save - 1 ))
for f in acct.*; do
@@ -53,13 +47,10 @@
sa -s $daily_accounting_flags /var/account/acct.merge || rc=3
rm acct.merge
- case "$daily_accounting_compress" in
- [Yy][Ee][Ss])
- gzip -f acct.0 || rc=3;;
- esac
- fi;;
+ if checkyesno daily_accounting_compress; then
+ gzip -f acct.0 || rc=3
+ fi
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/150.clean-hoststat
===================================================================
--- etc/periodic/daily/150.clean-hoststat (revision 229323)
+++ etc/periodic/daily/150.clean-hoststat (working copy)
@@ -5,25 +5,18 @@
# Remove stale persistent host status files
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]; then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_clean_hoststat_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_clean_hoststat_enable; then
if [ -z "$(hoststat 2>&1)" ]; then
rc=2
else
echo ""
echo "Removing stale entries from sendmail host status cache:"
- rc=0
purgestat || rc=1
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/480.status-ntpd
===================================================================
--- etc/periodic/daily/480.status-ntpd (revision 229323)
+++ etc/periodic/daily/480.status-ntpd (working copy)
@@ -3,18 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
rc=0
-case "$daily_status_ntpd_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_ntpd_enable; then
echo ""
echo "NTP status:"
@@ -22,7 +15,6 @@
if [ -z "$synchronized" ]; then
rc=1
fi
- ;;
-esac
+fi
exit $rc
Index: etc/periodic/daily/400.status-disks
===================================================================
--- etc/periodic/daily/400.status-disks (revision 229323)
+++ etc/periodic/daily/400.status-disks (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_disks_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_disks_enable; then
echo ""
echo "Disk status:"
@@ -24,9 +19,7 @@
fi
echo ""
- dump W || rc=3;;
+ dump W || rc=3
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/407.status-graid3
===================================================================
--- etc/periodic/daily/407.status-graid3 (revision 229323)
+++ etc/periodic/daily/407.status-graid3 (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_graid3_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_graid3_enable; then
echo
echo 'Checking status of graid3(8) devices:'
@@ -20,15 +15,10 @@
components="$(graid3 status -s | fgrep -v COMPLETE)"
if [ "${components}" ]; then
rc=3
- else
- rc=0
fi
else
rc=2
fi
- ;;
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/200.backup-passwd
===================================================================
--- etc/periodic/daily/200.backup-passwd (revision 229323)
+++ etc/periodic/daily/200.backup-passwd (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_backup_passwd_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_backup_passwd_enable; then
if [ ! -f /etc/master.passwd ]
then
echo '$daily_backup_passwd_enable" is set but /etc/master.passwd' \
@@ -25,7 +20,6 @@
rc=2
else
bak=/var/backups
- rc=0
echo ""
echo "Backup passwd and group files:"
@@ -69,9 +63,7 @@
echo "Verifying group file syntax:"
chkgrp /etc/group || rc=3
fi
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/408.status-gstripe
===================================================================
--- etc/periodic/daily/408.status-gstripe (revision 229323)
+++ etc/periodic/daily/408.status-gstripe (working copy)
@@ -3,16 +3,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_gstripe_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_gstripe_enable; then
echo
echo 'Checking status of gstripe(8) devices:'
@@ -20,15 +15,10 @@
components="$(gstripe status -s | fgrep -v UP)"
if [ "${components}" ]; then
rc=3
- else
- rc=0
fi
else
rc=2
fi
- ;;
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/daily/120.clean-preserve
===================================================================
--- etc/periodic/daily/120.clean-preserve (revision 229323)
+++ etc/periodic/daily/120.clean-preserve (working copy)
@@ -5,49 +5,37 @@
# Remove stale files in /var/preserve
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_clean_preserve_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_clean_preserve_enable; then
if [ -z "$daily_clean_preserve_days" ]
then
- echo '$daily_clean_preserve_enable is set but' \
+ err 2 '$daily_clean_preserve_enable is set but' \
'$daily_clean_preserve_days is not'
- rc=2
elif [ ! -d /var/preserve ]
then
- echo '$daily_clean_preserve_enable is set but /var/preserve' \
+ err 2 '$daily_clean_preserve_enable is set but /var/preserve' \
"doesn't exist"
- rc=2
else
- echo ""
- echo "Removing stale files from /var/preserve:"
+ if checkyesno daily_clean_preserve_verbose; then
+ echo ""
+ echo "Removing stale files from /var/preserve:"
+ print=-print
+ else
+ print=
+ fi
if cd /var/preserve
then
- case "$daily_clean_preserve_verbose" in
- [Yy][Ee][Ss])
- print=-print;;
- *)
- print=;;
- esac
-
rc=$(find . ! -name . -mtime +$daily_clean_preserve_days \
-delete $print | tee /dev/stderr | wc -l)
- [ -z "$print" ] && rc=0
[ $rc -gt 1 ] && rc=1
else
rc=3
fi
- fi;;
+ fi
+fi
- *) rc=0;;
-esac
-
exit $rc
Index: etc/periodic/security/500.ipfwdenied
===================================================================
--- etc/periodic/security/500.ipfwdenied (revision 229323)
+++ etc/periodic/security/500.ipfwdenied (working copy)
@@ -27,27 +27,24 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
rc=0
-case "$daily_status_security_ipfwdenied_enable" in
- [Yy][Ee][Ss])
- TMP=`mktemp -t security`
- if ipfw -a list 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then
- check_diff new_only ipfw ${TMP} "${host} ipfw denied packets:"
+if checkyesno daily_status_security_ipfwdenied_enable; then
+ if TMP=$(mktemp -t security); then
+ if ipfw -a list 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then
+ check_diff new_only ipfw ${TMP} \
+ "${host} ipfw denied packets:"
+ rc=$?
+ else
+ rc=1
+ fi
+ rm -f ${TMP}
+ else
+ rc=3
fi
- rc=$?
- rm -f ${TMP};;
- *) rc=0;;
-esac
+fi
exit $rc
Index: etc/periodic/security/100.chksetuid
===================================================================
--- etc/periodic/security/100.chksetuid (revision 229323)
+++ etc/periodic/security/100.chksetuid (working copy)
@@ -27,20 +27,12 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
rc=0
-case "$daily_status_security_chksetuid_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_chksetuid_enable; then
echo ""
echo 'Checking setuid files and devices:'
MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
@@ -49,10 +41,6 @@
\( -perm -u+s -or -perm -g+s \) -exec ls -liTd \{\} \+ |
check_diff setuid - "${host} setuid diffs:"
rc=$?
- ;;
- *)
- rc=0
- ;;
-esac
+fi
exit $rc
Index: etc/periodic/security/520.pfdenied
===================================================================
--- etc/periodic/security/520.pfdenied (revision 229323)
+++ etc/periodic/security/520.pfdenied (working copy)
@@ -27,27 +27,32 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
rc=0
-case "$daily_status_security_pfdenied_enable" in
- [Yy][Ee][Ss])
- TMP=`mktemp -t security`
- if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); print buf$0;} }' > ${TMP}; then
- check_diff new_only pf ${TMP} "${host} pf denied packets:"
+if checkyesno daily_status_security_pfdenied_enable; then
+ if TMP=$(mktemp -t security); then
+ pfctl -sr -v 2>/dev/null | \
+ nawk '{
+ if (/^block/) {
+ buf=$0;
+ getline;
+ gsub(" +"," ",$0);
+ print buf$0;
+ }
+ }' > ${TMP}
+ if [ $? -eq 0 ]; then
+ check_diff new_only pf ${TMP} "${host} pf denied packets:"
+ rc=$?
+ else
+ rc=1
+ fi
+ rm -f ${TMP}
+ else
+ rc=3
fi
- rc=$?
- rm -f ${TMP};;
- *) rc=0;;
-esac
+fi
exit $rc
Index: etc/periodic/security/300.chkuid0
===================================================================
--- etc/periodic/security/300.chkuid0 (revision 229323)
+++ etc/periodic/security/300.chkuid0 (working copy)
@@ -27,25 +27,18 @@
# $FreeBSD$
#
+. /etc/periodic.subr
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+rc=0
-case "$daily_status_security_chkuid0_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_chkuid0_enable; then
echo ""
echo 'Checking for uids of 0:'
n=$(awk -F: '/^#/ {next} $3==0 {print $1,$3}' /etc/master.passwd |
tee /dev/stderr |
sed -e '/^root 0$/d' -e '/^toor 0$/d' |
wc -l)
- [ $n -gt 0 ] && rc=1 || rc=0;;
- *) rc=0;;
-esac
+ [ $n -gt 0 ] && rc=1
+fi
-exit "$rc"
+exit $rc
Index: etc/periodic/security/700.kernelmsg
===================================================================
--- etc/periodic/security/700.kernelmsg (revision 229323)
+++ etc/periodic/security/700.kernelmsg (working copy)
@@ -30,24 +30,15 @@
# Show kernel log messages
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
rc=0
-case "$daily_status_security_kernelmsg_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_kernelmsg_enable; then
dmesg 2>/dev/null |
check_diff new_only dmesg - "${host} kernel log messages:"
- rc=$?;;
- *) rc=0;;
-esac
+ rc=$?
+fi
exit $rc
Index: etc/periodic/security/460.chkportsum
===================================================================
--- etc/periodic/security/460.chkportsum (revision 229323)
+++ etc/periodic/security/460.chkportsum (working copy)
@@ -27,42 +27,40 @@
# $FreeBSD$
#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
rc=0
-echo ""
-echo 'Checking for ports with mismatched checksums:'
-
-case "${daily_status_security_chkportsum_enable}" in
- [Yy][Ee][Ss])
- set -f
- pkg_info -ga 2>/dev/null | \
- while IFS= read -r line; do
- set -- $line
- case $1 in
+if checkyesno daily_status_security_chkportsum_enable; then
+ if TMP=$(mktemp -t chkportsum); then
+ echo ""
+ echo 'Checking for ports with mismatched checksums:'
+ set -f
+ pkg_info -ga 2>/dev/null | \
+ while IFS= read -r line; do
+ set -- $line
+ case $1 in
Information)
- case $2 in
+ case $2 in
for) name="${3%%:}" ;;
*) name='??' ;;
- esac
- ;;
+ esac
+ ;;
Mismatched|'') ;;
*) [ -n "${name}" ] &&
echo "${name}: ${line%% fails the original MD5 checksum}"
- ;;
- esac
- done
- ;;
- *)
- rc=0
- ;;
-esac
+ ;;
+ esac
+ done > $TMP
+ if [ $(wc -l $TMP) -gt 0 ]; then
+ cat $TMP
+ rc=1
+ fi
+ rm -f $TMP
+ else
+ rc=3
+ fi
+fi
exit $rc
Index: etc/periodic/security/410.logincheck
===================================================================
--- etc/periodic/security/410.logincheck (revision 229323)
+++ etc/periodic/security/410.logincheck (working copy)
@@ -27,26 +27,16 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_security_logincheck_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_security_logincheck_enable; then
echo ""
echo 'Checking login.conf permissions:'
- if [ -G /etc/login.conf -a -O /etc/login.conf ]; then
- n=0
- else
- echo "Bad ownership of /etc/login.conf"
- n=1
+ if ! [ -G /etc/login.conf -a -O /etc/login.conf ]; then
+ err 1 "Bad ownership of /etc/login.conf"
fi
- [ $n -gt 0 ] && rc=1 || rc=0;;
- *) rc=0;;
-esac
+fi
-exit "$rc"
+exit $rc
Index: etc/periodic/security/800.loginfail
===================================================================
--- etc/periodic/security/800.loginfail (revision 229323)
+++ etc/periodic/security/800.loginfail (working copy)
@@ -30,39 +30,20 @@
# Show login failures
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
LOG="${daily_status_security_logdir}"
+rc=0
+
yesterday=`date -v-1d "+%b %e "`
-catmsgs() {
- find ${LOG} -name 'auth.log.*' -mtime -2 |
- sort -t. -r -n -k 2,2 |
- while read f
- do
- case $f in
- *.gz) zcat -f $f;;
- *.bz2) bzcat -f $f;;
- esac
- done
- [ -f ${LOG}/auth.log ] && cat $LOG/auth.log
-}
-
-case "$daily_status_security_loginfail_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_loginfail_enable; then
echo ""
echo "${host} login failures:"
- n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
+ n=$(catlogs $LOG auth | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
tee /dev/stderr | wc -l)
- [ $n -gt 0 ] && rc=1 || rc=0;;
- *) rc=0;;
-esac
+ [ $n -gt 0 ] && rc=1
+fi
exit $rc
Index: etc/periodic/security/200.chkmounts
===================================================================
--- etc/periodic/security/200.chkmounts (revision 229323)
+++ etc/periodic/security/200.chkmounts (working copy)
@@ -30,33 +30,27 @@
# Show changes in the way filesystems are mounted
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
ignore="${daily_status_security_chkmounts_ignore}"
+
rc=0
-case "$daily_status_security_chkmounts_enable" in
- [Yy][Ee][Ss])
- case "$daily_status_security_noamd" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_chkmounts_enable; then
+ if checkyesno daily_status_security_noamd; then
ignore="${ignore}|^amd:"
- esac
- [ -n "$ignore" ] && cmd="egrep -v ${ignore#|}" || cmd=cat
- if ! [ -f /etc/fstab ]; then
+ fi
+ if [ -n "$ignore" ]; then
+ cmd="egrep -v ${ignore#|}"
+ else
+ cmd=cat
+ fi
+ if [ ! -f /etc/fstab ]; then
export PATH_FSTAB=/dev/null
fi
mount -p | sort | ${cmd} |
check_diff mount - "${host} changes in mounted filesystems:"
- rc=$?;;
- *) rc=0;;
-esac
-
-exit "$rc"
+ rc=$?
+fi
+exit $rc
Index: etc/periodic/security/550.ipfwlimit
===================================================================
--- etc/periodic/security/550.ipfwlimit (revision 229323)
+++ etc/periodic/security/550.ipfwlimit (working copy)
@@ -30,39 +30,33 @@
# Show ipfw rules which have reached the log limit
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
rc=0
-case "$daily_status_security_ipfwlimit_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_ipfwlimit_enable; then
IPFW_VERBOSE=`sysctl -n net.inet.ip.fw.verbose 2> /dev/null`
- if [ $? -ne 0 ] || [ "$IPFW_VERBOSE" -eq 0 ]; then
+ if [ $? -ne 0 -o "$IPFW_VERBOSE" -eq 0 ]; then
exit 0
fi
- TMP=`mktemp -t security`
- ipfw -a list | grep " log " | \
- grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
- awk \
- '{if ($6 == "logamount") {
- if ($2 > $7)
- {print $0}}
- }' > ${TMP}
+ if TMP=`mktemp -t security`; then
+ ipfw -a list | grep " log " | \
+ grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
+ awk \
+ '{if ($6 == "logamount") {
+ if ($2 > $7)
+ {print $0}}
+ }' > ${TMP}
- if [ -s "${TMP}" ]; then
- rc=1
- echo ""
- echo 'ipfw log limit reached:'
- cat ${TMP}
+ if [ -s "${TMP}" ]; then
+ rc=1
+ echo ""
+ echo 'ipfw log limit reached:'
+ cat ${TMP}
+ fi
+ rm -f ${TMP}
+ else
+ rc=3
fi
- rm -f ${TMP};;
- *) rc=0;;
-esac
-
+fi
exit $rc
Index: etc/periodic/security/security.functions
===================================================================
--- etc/periodic/security/security.functions (revision 229323)
+++ etc/periodic/security/security.functions (working copy)
@@ -73,6 +73,5 @@
mv ${tmpf} ${LOG}/${label}.today || rc=3
fi
- rm -f ${tmpf}
- exit ${rc}
+ return ${rc}
}
Index: etc/periodic/security/610.ipf6denied
===================================================================
--- etc/periodic/security/610.ipf6denied (revision 229323)
+++ etc/periodic/security/610.ipf6denied (working copy)
@@ -27,27 +27,23 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
rc=0
-case "$daily_status_security_ipf6denied_enable" in
- [Yy][Ee][Ss])
- TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
- if ipfstat -nhio6 2>/dev/null | grep block > ${TMP}; then
- check_diff new_only ipf6 ${TMP} "${host} ipf6 denied packets:"
+if checkyesno daily_status_security_ipf6denied_enable; then
+ if TMP=$(mktemp -t security); then
+ if ipfstat -nhio6 2>/dev/null | grep block > ${TMP}; then
+ check_diff new_only ipf6 ${TMP} "${host} ipf6 denied packets:"
+ rc=$?
+ else
+ rc=1
+ fi
+ rm -f ${TMP}
+ else
+ rc=3
fi
- rc=$?
- rm -f ${TMP};;
- *) rc=0;;
-esac
+fi
exit $rc
Index: etc/periodic/security/900.tcpwrap
===================================================================
--- etc/periodic/security/900.tcpwrap (revision 229323)
+++ etc/periodic/security/900.tcpwrap (working copy)
@@ -30,39 +30,20 @@
# Show tcp_wrapper warning messages
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
LOG="${daily_status_security_logdir}"
+rc=0
+
yesterday=`date -v-1d "+%b %e "`
-catmsgs() {
- find ${LOG} -name 'messages.*' -mtime -2 |
- sort -t. -r -n -k 2,2 |
- while read f
- do
- case $f in
- *.gz) zcat -f $f;;
- *.bz2) bzcat -f $f;;
- esac
- done
- [ -f ${LOG}/messages ] && cat $LOG/messages
-}
-
-case "$daily_status_security_tcpwrap_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_tcpwrap_enable; then
echo ""
echo "${host} refused connections:"
- n=$(catmsgs | grep -i "^$yesterday.*refused connect" |
+ n=$(catlogs $LOG messages | grep -i "^$yesterday.*refused connect" |
tee /dev/stderr | wc -l)
- [ $n -gt 0 ] && rc=1 || rc=0;;
- *) rc=0;;
-esac
+ [ $n -gt 0 ] && rc=1
+fi
exit $rc
Index: etc/periodic/security/400.passwdless
===================================================================
--- etc/periodic/security/400.passwdless (revision 229323)
+++ etc/periodic/security/400.passwdless (working copy)
@@ -27,22 +27,16 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
-case "$daily_status_security_passwdless_enable" in
- [Yy][Ee][Ss])
+rc=0
+
+if checkyesno daily_status_security_passwdless_enable; then
echo ""
echo 'Checking for passwordless accounts:'
n=$(awk -F: 'NF > 1 && $1 !~ /^[#+-]/ && $2=="" {print $0}' /etc/master.passwd |
tee /dev/stderr | wc -l)
- [ $n -gt 0 ] && rc=1 || rc=0;;
- *) rc=0;;
-esac
+ [ $n -gt 0 ] && rc=1
+fi
-exit "$rc"
+exit $rc
Index: etc/periodic/security/510.ipfdenied
===================================================================
--- etc/periodic/security/510.ipfdenied (revision 229323)
+++ etc/periodic/security/510.ipfdenied (working copy)
@@ -27,27 +27,23 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
-
+. /etc/periodic.subr
. /etc/periodic/security/security.functions
rc=0
-case "$daily_status_security_ipfdenied_enable" in
- [Yy][Ee][Ss])
- TMP=`mktemp -t security`
- if ipfstat -nhio 2>/dev/null | grep block > ${TMP}; then
- check_diff new_only ipf ${TMP} "${host} ipf denied packets:"
+if checkyesno daily_status_security_ipfdenied_enable; then
+ if TMP=$(mktemp -t security); then
+ if ipfstat -nhio 2>/dev/null | grep block > ${TMP}; then
+ check_diff new_only ipf ${TMP} "${host} ipf denied packets:"
+ rc=$?
+ else
+ rc=1
+ fi
+ rm -f ${TMP}
+ else
+ rc=3
fi
- rc=$?
- rm -f ${TMP};;
- *) rc=0;;
-esac
+fi
exit $rc
Index: etc/periodic/security/110.neggrpperm
===================================================================
--- etc/periodic/security/110.neggrpperm (revision 229323)
+++ etc/periodic/security/110.neggrpperm (working copy)
@@ -27,18 +27,11 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.subr
rc=0
-case "$daily_status_security_neggrpperm_enable" in
- [Yy][Ee][Ss])
+if checkyesno daily_status_security_neggrpperm_enable; then
echo ""
echo 'Checking negative group permissions:'
MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
@@ -47,8 +40,7 @@
\( ! -perm +020 -and -perm +002 \) -or \
\( ! -perm +040 -and -perm +004 \) \) \
-exec ls -liTd \{\} \+ | tee /dev/stderr | wc -l)
- [ $n -gt 0 ] && rc=1 || rc=0
- ;;
-esac
+ [ $n -gt 0 ] && rc=1
+fi
exit $rc
Index: etc/periodic/monthly/999.local
===================================================================
--- etc/periodic/monthly/999.local (revision 229323)
+++ etc/periodic/monthly/999.local (working copy)
@@ -3,15 +3,10 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.conf
rc=0
+
for script in $monthly_local
do
echo ''
Index: etc/periodic/monthly/200.accounting
===================================================================
--- etc/periodic/monthly/200.accounting (revision 229323)
+++ etc/periodic/monthly/200.accounting (working copy)
@@ -3,20 +3,13 @@
# $FreeBSD$
#
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
- . /etc/defaults/periodic.conf
- source_periodic_confs
-fi
+. /etc/periodic.conf
-oldmask=$(umask)
+rc=0
+
umask 066
-case "$monthly_accounting_enable" in
- [Yy][Ee][Ss])
+if checkyesno monthly_accounting_enable; then
W=/var/log/utx.log
- rc=0
remove=NO
if [ ! -f $W.0 ]
then
@@ -29,23 +22,20 @@
remove=YES
bzcat $W.0.bz2 > $W.0 || rc=1
else
- echo '$monthly_accounting_enable is set but' \
+ err 2 '$monthly_accounting_enable is set but' \
"$W.0 doesn't exist"
- rc=2
fi
fi
if [ $rc -eq 0 ]
then
- echo ""
- echo "Doing login accounting:"
-
+ if checkyesno monthly_accounting_verbose; then
+ echo ""
+ echo "Doing login accounting:"
+ fi
rc=$(ac -p -w $W.0 | sort -nr -k 2 | tee /dev/stderr | wc -l)
[ $rc -gt 0 ] && rc=1
fi
- [ $remove = YES ] && rm -f $W.0;;
+ [ $remove = YES ] && rm -f $W.0
+fi
- *) rc=0;;
-esac
-
-umask $oldmask
exit $rc
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGH67wQkDOewrquuCB6TAFcyhx3nBd9pUEt7=w3GQ1LMVv1EXg>