Date: Thu, 25 Jan 2001 15:44:03 -0500 (EST) From: Eric Cronin <ecronin@tail.eecs.umich.edu> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/24643: /etc/periodic/daily/450.status-security ignores daily_output Message-ID: <200101252044.f0PKi3G24405@tail.eecs.umich.edu>
next in thread | raw e-mail | index | archive | help
>Number: 24643
>Category: bin
>Synopsis: /etc/periodic/daily/450.status-security ignores daily_output
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jan 25 12:50:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: Eric Cronin
>Release: FreeBSD 4.2-STABLE i386
>Organization:
>Environment:
FreeBSD tail.eecs.umich.edu 4.2-STABLE FreeBSD 4.2-STABLE #0: Fri Dec
1 13:27:56 EST 2000 root@tail.eecs.umich.edu:/z/obj/z/src/sys/TAIL-IPF i386
>Description:
The $daily_output variable in periodic.conf lets a user other than root or a file
be selected for the output of periodic daily. The security check however has root
hard coded in. Yes, I know enabling inline security gets around this but I like
having the two messages so I can check security ones quickly.
The part in question is:
case "$daily_status_security_inline" in
[Yy][Ee][Ss])
sh /etc/security -s $args
rc=$?;;
*)
echo " (output mailed separately)"
sh /etc/security $args 2>&1 |
sendmail root && rc=0 || rc=3;;
esac;;
I don't know enough about the periodic scripts working to offer a patch since
daily_output could be a file or e-mail...
>How-To-Repeat:
Set daily_output != root, watch security mailings still go to root
>Fix:
Modify above case to recognize daily_output
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101252044.f0PKi3G24405>