From owner-freebsd-hackers@FreeBSD.ORG Mon Aug 26 21:09:14 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 13D9279D; Mon, 26 Aug 2013 21:09:14 +0000 (UTC) (envelope-from jlh@FreeBSD.org) Received: from caravan.chchile.org (caravan.chchile.org [178.32.125.136]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CB6E520C1; Mon, 26 Aug 2013 21:09:13 +0000 (UTC) Received: by caravan.chchile.org (Postfix, from userid 1000) id 3D84DC0645; Mon, 26 Aug 2013 21:09:06 +0000 (UTC) Date: Mon, 26 Aug 2013 23:09:06 +0200 From: Jeremie Le Hen To: Darren Pilgrim Subject: Re: weekly periodic security status Message-ID: <20130826210906.GO24767@caravan.chchile.org> Mail-Followup-To: Darren Pilgrim , FreeBSD Hackers References: <20130822204958.GC24767@caravan.chchile.org> <5217AD9E.1000100@bluerosetech.com> <20130824165704.GD24767@caravan.chchile.org> <20130825110520.GJ24767@caravan.chchile.org> <521A34A2.303@bluerosetech.com> <20130825173715.GK24767@caravan.chchile.org> <521B826A.6020402@bluerosetech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <521B826A.6020402@bluerosetech.com> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: Jeremie Le Hen , FreeBSD Hackers X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Aug 2013 21:09:14 -0000 Darren On Mon, Aug 26, 2013 at 12:29:30PM -0400, Darren Pilgrim wrote: > >> On 8/25/2013 7:05 AM, Jeremie Le Hen wrote: > >>> And the following variables to control whether you want each check to > >>> run "daily", "weekly" or directly from "crontab" (the default, backward > >>> compatible values are shown): > >> > >> What do we do if we want to run a check both daily and weekly? > > > > I really don't see the point of running some checks weekly when you do > > daily. Do you have a particular example in mind? > > On one set of systems, I have a log analyser run as a periodic script. > On a daily run, it grabs and filters logs into a database. On weekly > runs, it does some statistical analysis of the filtered logs in the > database. On monthly runs, it does a larger set of stats and a bit of > housekeeping. The script lives in /usr/local/libexec and is hardlinked > into the /usr/local/etc/periodic/ subtree and cases out the value of $0. > > The new framework would let me rely on the environment instead of $0, > which, IMO, is more reliable. I'd need to be able to tell periodic to > run that script with the daily, weekly and monthly security runs, though. If I understand what you say correctly, this should continue to work. -- Jeremie Le Hen Scientists say the world is made up of Protons, Neutrons and Electrons. They forgot to mention Morons.