Date: Mon, 11 Jul 2016 23:15:54 +0000 (UTC) From: Alan Somers <asomers@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r302600 - in stable/10: etc/defaults usr.sbin/periodic Message-ID: <201607112315.u6BNFs6H025129@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: asomers Date: Mon Jul 11 23:15:54 2016 New Revision: 302600 URL: https://svnweb.freebsd.org/changeset/base/302600 Log: MFC r300356 Better document security_show_{success,info,badconfig} in /etc/periodic.conf periodic(8) already handles the security_show_{success,info,badconfig} variables correctly. However, those variables aren't explicitly set in /etc/defaults/periodic.conf or anywhere else, which suggests to the user that they shouldn't be used. etc/defaults/periodic.conf Explicitly set defaults for security_show_{success,info,badconfig} usr.sbin/periodic/periodic.sh Update usage string usr.sbin/periodic/periodic.8 Minor man page updates One thing I'm _not_ doing is recommending setting security_output to /var/log/security.log or adding that file to /etc/newsyslog.conf, because periodic(8) would create it with default permissions, usually 644, and that's probably a bad idea. Modified: stable/10/etc/defaults/periodic.conf stable/10/usr.sbin/periodic/periodic.8 stable/10/usr.sbin/periodic/periodic.sh Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/defaults/periodic.conf ============================================================================== --- stable/10/etc/defaults/periodic.conf Mon Jul 11 23:06:11 2016 (r302599) +++ stable/10/etc/defaults/periodic.conf Mon Jul 11 23:15:54 2016 (r302600) @@ -225,6 +225,10 @@ monthly_local="/etc/monthly.local" # L # Security options +security_show_success="YES" # scripts returning 0 +security_show_info="YES" # scripts returning 1 +security_show_badconfig="NO" # scripts returning 2 + # These options are used by the security periodic(8) scripts spawned in # daily and weekly 450.status-security. security_status_logdir="/var/log" # Directory for logs Modified: stable/10/usr.sbin/periodic/periodic.8 ============================================================================== --- stable/10/usr.sbin/periodic/periodic.8 Mon Jul 11 23:06:11 2016 (r302599) +++ stable/10/usr.sbin/periodic/periodic.8 Mon Jul 11 23:15:54 2016 (r302600) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 30, 2007 +.Dd May 20, 2016 .Dt PERIODIC 8 .Os .Sh NAME @@ -166,8 +166,9 @@ table the top level directory containing .Pa daily , .Pa weekly , +.Pa monthly , and -.Pa monthly +.Pa security subdirectories which contain standard system periodic executables .It Pa /etc/defaults/periodic.conf the @@ -175,9 +176,9 @@ the system registry contains variables that control the behaviour of .Nm and the standard -.Pa daily , weekly , +.Pa daily , weekly , monthly , and -.Pa monthly +.Pa security scripts .It Pa /etc/periodic.conf this file contains local overrides for the default Modified: stable/10/usr.sbin/periodic/periodic.sh ============================================================================== --- stable/10/usr.sbin/periodic/periodic.sh Mon Jul 11 23:06:11 2016 (r302599) +++ stable/10/usr.sbin/periodic/periodic.sh Mon Jul 11 23:15:54 2016 (r302600) @@ -4,13 +4,13 @@ # # Run nightly periodic scripts # -# usage: periodic { daily | weekly | monthly } - run standard periodic scripts +# usage: periodic { daily | weekly | monthly | security } - run standard scripts # periodic /absolute/path/to/directory - run periodic scripts in dir # usage () { echo "usage: $0 <directory of files to execute>" 1>&2 - echo "or $0 { daily | weekly | monthly }" 1>&2 + echo "or $0 { daily | weekly | monthly | security }" 1>&2 exit 1 }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201607112315.u6BNFs6H025129>