Commit Graph

62 Commits

Author SHA1 Message Date
erh
7da8bb106d PR misc/7716: add configuration options find_core_ignore_fstypes and
check_devices_ignore_fstypes to allow the filesystem types that are
ignored during the daily and security runs to be adjusted.
2004-09-28 15:03:58 +00:00
martin
5a942efb7b If not doing full_netstat, use the -v option anyway to avoid truncating
interface names like bridge0 or pppoe0 - the awk post processing reserves
enough space for the column already.
2004-05-28 03:55:30 +00:00
kim
ed816845e6 Avoid the output "Running xxx.local" if the "xxx.local" script
does not produce any output.  This matches what /etc/security
already does with /etc/security.local output.
2004-04-09 17:35:21 +00:00
jmmv
3c8a1444d9 Introduce and use the rcvar_manpage variable, which contains the manual page
name where the user should look at for documentation about rcvar.  It defaults
to 'rc.subr(5)', as rc.subr is mainly used by rc.d scripts.

This variable is useful to let the daily, weekly, monthly and security scripts
tune the warning message shown when any of the variables they handle is not
properly set.

Closes PR misc/23908.
2004-04-02 13:13:47 +00:00
mrg
9be30af863 apply kre's patch from PR#18628:
if /var/account/acct.0.gz exists, keep all the old accounting files
in gzipped format.
2004-03-29 02:17:26 +00:00
atatat
da4f7330e5 Also supress speling erors. 2003-12-28 16:34:03 +00:00
lukem
8d18845ac2 add null & fdesc to the list of file system types to skip in check_disks 2003-12-10 09:25:36 +00:00
perry
16a3b1f9cc Add back nfs partition display if show_remote_fs is on.
As requested by Grant.
2003-12-08 01:17:37 +00:00
perry
43a0fc6fac Change the default behavior of the netstat run during check_network to
print a summary rather than the full (and not usually desired) output
of netstat -inv. The old behavior can be returned by simply setting
full_netstat to YES in daily.conf.

Original idea by me, cleaner and more correct execution via small awk
script from Greg Woods.
2003-12-07 22:22:15 +00:00
perry
760b3486e4 suppress disk reports about nfs mounts, kernfs and procfs. 2003-12-07 16:55:04 +00:00
perry
eda014eade Don't print "Last dump" report if /etc/dumpdates is zero length or absent.
Don't print OTP/skey report if /etc/skeyskeys is zero length or absent.
2003-12-07 16:35:04 +00:00
perry
d9adb3cb0f use -h ("human readable") instead of -k on nightly df 2003-12-07 16:20:18 +00:00
jhawk
74f5f0da45 Redirect stderr as well as stdout in run_calendar (calendar -a) 2003-10-01 05:34:50 +00:00
jhawk
3b390ffb5f Suppress emailing the daily security report if it is empty, unless
send_empty_security=YES. Implements change-request PR security/17249
from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.
2003-02-21 22:35:46 +00:00
atatat
3ce3a9a2c4 When finding core files, only print the names of things that are
*files*, (ie, not directories, or symlinks, or...).  Also remove
the -a instances.  They're implicit.
2003-02-04 05:31:18 +00:00
grant
47224db054 fix /etc/security stderr redirection.
from rad@twig.com in PR bin/19553.
2002-12-25 02:41:03 +00:00
bouyer
42b4a64371 If check_disks=YES, check for failed components in RAIDframe devices. 2002-01-27 22:08:50 +00:00
lukem
6297d767ef Ignore errors from /var/account/acct.[123] rotation.
Fix from Katsuomi Hamajima in [misc/13804]
2001-12-18 00:51:16 +00:00
lukem
0770a23f52 Correctly detect empty mailq with new sendmail versions.
Fix from Anne Bennett in [bin/12901]
2001-12-18 00:48:05 +00:00
lukem
9fe1ef5dc8 Add nullfs to the list of file system types to skip during the "big finds".
Fix from Alan Barrett in [misc/14957].
2001-12-18 00:44:20 +00:00
atatat
8d76c9bee4 Watching inode usage is important, too. 2001-11-23 04:20:27 +00:00
perry
b159dba912 Fix a mysterious
csh: Permission denied
	csh: Trying to start from "/var/log"
message.

This was caused by the
	su -m uucp -c "uustat -a"
line being executed in a directory not readable by uucp. The login
shell implied by -m is of course root's shell, /bin/csh, which doesn't
like not being able to read the dir it is in, and thus the errors. By
temporarily cd'ing to /tmp the problem is fixed.

What is really needed, of course, is a way to tell su what shell you
want to use explicitly, especially for use in scripts where the
vagaries of which shell the login executing the script uses should not
be depended on. No such method exists. One should be added.

Indeed, it might also be nice to have a way of telling su to directly
execute a command with -c rather than using a shell to interpret the
command.

I cannot find any standards documents that specify su at the moment,
though. SuSv2 is silent on su(8).
2001-10-23 18:39:03 +00:00
perry
0d724a7b06 stylistic nit: dump -W, not dump W 2001-10-23 17:34:53 +00:00
veego
0674841150 Put the 'uustat -a' into double quotes.
It still doesn't work, but you won't get the error about an Unknown option: `-a'
anymore.

The login shell for uucp is /usr/libexec/uucp/uucico, so su -m doesn't work.
This needs to be fixed.
2001-10-09 05:28:42 +00:00
hubertf
a6d42bbc31 Run uustat with uid=uucp, not with euid=uucp/uid=root, to prevent
some badboys gaining back root privs. Inspided by OpenBSD.
Not that we didn't have this forever... (SA, anyone?)
2001-09-17 23:41:32 +00:00
lukem
e2773e5d61 run fsck with "-n -f" instead of just "-n"; recent changes to fsck
mean that file systems mounted read-write are skipped unless -f is given.
problem noted by andrew brown.
2001-08-09 15:30:30 +00:00
lukem
684e89f355 use mktemp(1) to create temporary directories, and ensure that cleanup traps
are setup asap.
2001-06-18 10:54:02 +00:00
aymeric
eea58e8475 don't remove /var/tmp/vi.recover in (commented *out*) find's.
this fixes PR 11120.
XXX note that this is supposed never to be uncommented due to a security
    issue (see /etc/daily) but there is no reason to do things doubly wrong.
2001-04-22 20:34:48 +00:00
hubertf
389581c1cf run skeyaudit, if run_skeyaudit is set to yes 2000-08-25 01:11:42 +00:00
itojun
2ece7fc42f use netstat -inv for all address familires. PR 10249. 2000-06-04 08:35:10 +00:00
itojun
7f4bafc7bd add "-n" to netstat -i to avoid reverse query and better audit.
print IPv6 interface stat by netstat -inv separately.

comments from: hubertf and others
2000-01-20 04:13:54 +00:00
ad
645ee40728 - Make /etc/daily run /etc/daily.local if it exists. Make similar change for
weekly and monthly scripts.
- Update FILES section in manpages.
2000-01-10 17:03:49 +00:00
enami
b614ae7a89 Use %d instead of %e to generate rdist log filename using date(1) so that
the resulting filename doesn't contain white space.
2000-01-07 03:52:23 +00:00
abs
0780a6b041 Add a comment about why you do not want to uncomment the finds. 1999-01-06 03:24:06 +00:00
lukem
d1f7e40ebd * daily/weekly/monthly:
- change to always output a valid To: and Subject: line.
    - To: recipient obtained from $MAILTO (defaults to root).
    - add date to Subject: line. closes [bin/4526] from Giles Lean
      <giles@nemeton.com.au>
* daily: explicitly print 'Nothing to report' if /etc/security didn't
  report anything.
* crontab: pass output of scripts through sendmail -t instead of
1998-09-15 05:06:30 +00:00
mycroft
bd8157b7d3 Format police. 1998-07-16 05:21:56 +00:00
nathanw
a93021e9be Find core files named "core" as well as "*.core". 1998-06-28 21:37:59 +00:00
lukem
8f59ce8e35 include rc.subr and use appropriately 1998-01-26 12:02:43 +00:00
lukem
7c5015bdd6 for $check_uucp:
- use /usr/libexec/uucp/clean.daily instead of /etc/uuclean.daily
- use 'su daemon -c command' instead of 'echo "command" | su daemon'
1997-10-27 04:18:06 +00:00
phil
ce3196e8dd Allows root to specify a MAILTO and have the security report mailed to
the same user as the daily output.  If $USER is not root or MAILTO is
not set, MAILTO is set to root.  Closes PR 2409.
1997-07-11 00:36:55 +00:00
lukem
f067035d68 Add output of uptime to report.
From Hubert Feyrer <feyrer@smaug.fh-regensburg.de> in [bin/3220]
1997-06-23 01:45:21 +00:00
mikel
d351214af2 bug fix and improvements, mostly from Enami Tsugutomo in PR misc/3681. 1997-05-30 05:18:59 +00:00
mikel
ef538c3176 cleanup Lite-1 merge 1997-02-15 10:02:07 +00:00
mikel
a4b0df8ac6 fix typo 1997-01-09 05:44:46 +00:00
mrg
016b324a94 add configuration file for daily, weekly, montly, as
daily.conf, weekly.conf and montly.conf.  the file
allows each action taken by all scripts to be turned
on or off.
1997-01-05 11:21:09 +00:00
jtc
4371fb2956 Comment out code which traverses the directory hierarchy and removes
files, as the ``find . ... -exec rm'' used to do so can be subverted
and used to remove arbitrary files.
1996-07-02 23:10:35 +00:00
mrg
f01ac0c37f add rcsid and remove dated /var/preserve check. 1996-03-26 04:21:27 +00:00
pk
e471d816de Don't stomp on arbitrary directories.
(Perhaps there should be a `source /etc/daily.local' hook..)
1996-03-25 09:23:15 +00:00
mycroft
3df08b7f25 Fix the fstype-based pruning algorithms. Partly suggested by John Kohl. 1994-10-18 16:52:56 +00:00
cgd
91778fe0ca update to new security script 1994-06-15 04:28:06 +00:00