From 069c15ac24a3050d6989247761dda24ebc55a08f Mon Sep 17 00:00:00 2001 From: asomers Date: Mon, 11 Jul 2016 23:15:54 +0000 Subject: [PATCH] MFC r300356 Better document security_show_{success,info,badconfig} in /etc/periodic.conf periodic(8) already handles the security_show_{success,info,badconfig} variables correctly. However, those variables aren't explicitly set in /etc/defaults/periodic.conf or anywhere else, which suggests to the user that they shouldn't be used. etc/defaults/periodic.conf Explicitly set defaults for security_show_{success,info,badconfig} usr.sbin/periodic/periodic.sh Update usage string usr.sbin/periodic/periodic.8 Minor man page updates One thing I'm _not_ doing is recommending setting security_output to /var/log/security.log or adding that file to /etc/newsyslog.conf, because periodic(8) would create it with default permissions, usually 644, and that's probably a bad idea. git-svn-id: svn://svn.freebsd.org/base/stable/10@302600 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f --- etc/defaults/periodic.conf | 4 ++++ usr.sbin/periodic/periodic.8 | 9 +++++---- usr.sbin/periodic/periodic.sh | 4 ++-- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/etc/defaults/periodic.conf b/etc/defaults/periodic.conf index e21e241e8..db62520e5 100644 --- a/etc/defaults/periodic.conf +++ b/etc/defaults/periodic.conf @@ -225,6 +225,10 @@ monthly_local="/etc/monthly.local" # Local scripts # Security options +security_show_success="YES" # scripts returning 0 +security_show_info="YES" # scripts returning 1 +security_show_badconfig="NO" # scripts returning 2 + # These options are used by the security periodic(8) scripts spawned in # daily and weekly 450.status-security. security_status_logdir="/var/log" # Directory for logs diff --git a/usr.sbin/periodic/periodic.8 b/usr.sbin/periodic/periodic.8 index 22a96a2a6..65aa01188 100644 --- a/usr.sbin/periodic/periodic.8 +++ b/usr.sbin/periodic/periodic.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 30, 2007 +.Dd May 20, 2016 .Dt PERIODIC 8 .Os .Sh NAME @@ -166,8 +166,9 @@ table the top level directory containing .Pa daily , .Pa weekly , +.Pa monthly , and -.Pa monthly +.Pa security subdirectories which contain standard system periodic executables .It Pa /etc/defaults/periodic.conf the @@ -175,9 +176,9 @@ the system registry contains variables that control the behaviour of .Nm and the standard -.Pa daily , weekly , +.Pa daily , weekly , monthly , and -.Pa monthly +.Pa security scripts .It Pa /etc/periodic.conf this file contains local overrides for the default diff --git a/usr.sbin/periodic/periodic.sh b/usr.sbin/periodic/periodic.sh index c27aeee1d..b2605200f 100644 --- a/usr.sbin/periodic/periodic.sh +++ b/usr.sbin/periodic/periodic.sh @@ -4,13 +4,13 @@ # # Run nightly periodic scripts # -# usage: periodic { daily | weekly | monthly } - run standard periodic scripts +# usage: periodic { daily | weekly | monthly | security } - run standard scripts # periodic /absolute/path/to/directory - run periodic scripts in dir # usage () { echo "usage: $0 " 1>&2 - echo "or $0 { daily | weekly | monthly }" 1>&2 + echo "or $0 { daily | weekly | monthly | security }" 1>&2 exit 1 } -- 2.42.0