Bug 142114 - periodic(8): security report from 'periodic daily' doesn't respect the "daily_show_*" configurables
Summary: periodic(8): security report from 'periodic daily' doesn't respect the "daily...
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: conf (show other bugs)
Version: 8.0-STABLE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-12-29 06:00 UTC by Eric Lakin
Modified: 2017-12-31 22:34 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Eric Lakin 2009-12-29 06:00:09 UTC
the daily system report that gets run ("periodic daily") from cron has a couple varibles that can be used in /etc/periodic.conf to fine-tune what output is seen -- in particular:

% grep daily_show /etc/defaults/periodic.conf
daily_show_success="YES"				# scripts returning 0
daily_show_info="YES"					# scripts returning 1
daily_show_badconfig="NO"				# scripts returning 2

One would expect that the security portion of the daily report would obey these settings -- but it doesn't. The security report gets implemented by running "periodic security" which has the effect that it's controlled by security_show_success, security_show_info, and security_show_badconfig.

These aren't documented in /etc/defaults/periodic.conf.

Fix: 

I would suggest modifying /etc/periodic/450.status-security to include:

        export security_show_success=${daily_show_success}
        export security_show_info=${daily_show_info}
        export security_show_badconfig=${daily_show_badconfig}

just prior to the execution of "periodic security". This will cause the security output to inherit the daily output's settings, but if somebody REALLY wants different settings for the security output, putting security_show_* in /etc/periodic.conf will override.
How-To-Repeat: # echo 'daily_show_success="NO"' >> /etc/periodic.conf
# periodic daily

the security report will include things that it shouldn't by the above setting.
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:59:25 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped