From owner-freebsd-hackers@FreeBSD.ORG Sat May 3 13:49:45 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 71F2E37B401 for ; Sat, 3 May 2003 13:49:45 -0700 (PDT) Received: from thalia.otenet.gr (thalia.otenet.gr [195.170.0.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id C690F43F3F for ; Sat, 3 May 2003 13:49:43 -0700 (PDT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.gr (patr530-b207.otenet.gr [212.205.244.215]) by thalia.otenet.gr (8.12.9/8.12.9) with ESMTP id h43KndmX025914 for ; Sat, 3 May 2003 23:49:40 +0300 (EEST) Received: from gothmog.gr (gothmog [127.0.0.1]) by gothmog.gr (8.12.9/8.12.9) with ESMTP id h43KndoP004068 for ; Sat, 3 May 2003 23:49:39 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.gr (8.12.9/8.12.9/Submit) id h43KncUl004067 for freebsd-hackers@freebsd.org; Sat, 3 May 2003 23:49:38 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Sat, 3 May 2003 23:49:38 +0300 From: Giorgos Keramidas To: freebsd-hackers@freebsd.org Message-ID: <20030503204938.GA3907@gothmog.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Periodic email about security notifications X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 May 2003 20:49:45 -0000 Hi all, A friend asked me a while ago on IRC if it was possible to receive periodic email notifications with new security advisories. The following script for /etc/periodic/security implements exactly this idea. It depends on lynx(1) to run, which isn't part of the base system, so I'm not sure if it's ok to add it to the base system at all. Here it is for anyone who might find it useful though: : #!/bin/sh - : # : # Copyright (c) 2003 Giorgos Keramidas : # All rights reserved. : # : # Redistribution and use in source and binary forms, with or without : # modification, are permitted provided that the following conditions : # are met: : # 1. Redistributions of source code must retain the above copyright : # notice, this list of conditions and the following disclaimer. : # 2. Redistributions in binary form must reproduce the above copyright : # notice, this list of conditions and the following disclaimer in the : # documentation and/or other materials provided with the distribution. : # : # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND : # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE : # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE : # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE : # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL : # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS : # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) : # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT : # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY : # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF : # SUCH DAMAGE. : # : # $FreeBSD$ : # : : sa_url='ftp://ftp.jp.freebsd.org/pub/FreeBSD/CERT/advisories/' : : # If there is a global system configuration file, suck it in. : # : if [ -r /etc/defaults/periodic.conf ] : then : . /etc/defaults/periodic.conf : source_periodic_confs : fi : : . /etc/periodic/security/security.functions : : rc=0 : : case "$daily_status_security_advisory_enable" in : [Yy][Ee][Ss]) : echo "" : echo 'Checking for new security advisories or notifications:' : : lynx -dump ftp://ftp.jp.freebsd.org/pub/FreeBSD/CERT/advisories/ | \ : grep 'text/plain[[:space:]].*\]FreeBSD-S[AN]-' | sort | \ : sed -e 's/^.*]//' -e 's/ .*$//' -e 's|^| '"${sa_url}"'|' | \ : check_diff advisory - "${host} security advisories:" : rc=$? ;; : *) rc=0;; : esac : : exit $rc Just save it as /etc/periodic/security/999.advisory and then create two empty logfiles: # touch /var/log/advisory.today # touch /var/log/advisory.yesterday Enable it by setting daily_status_security_advisory_enable=yes in your /etc/periodic.conf file and have fun :-) - Giorgos