Environment:

/etc/rc.conf inside the jail:
cron_flags="-J 60"
hostname="qbittorrent.example.org"
# sendmail disabled, no custom periodic-related entries

/etc/periodic.conf inside the jail:
daily_status_network_enable="NO"
security_status_ipfwlimit_enable="NO"
security_status_ipfwdenied_enable="NO"
weekly_whatis_enable="NO"
weekly_locate_enable="NO"
security_status_neggrpperm_enable="NO"
daily_status_disks_enable="NO"
daily_status_uptime_enable="NO"
daily_ntpd_leapfile_enable="NO"
security_status_chksetuid_enable="NO"
security_status_chkuid0_enable="NO"
security_status_ipfdenied_enable="NO"
security_status_ipf6denied_enable="NO"
security_status_tcpwrap_enable="NO"]​



Description:

The effect is that the weekly and daily security outputs from the jail contain the same blocks printed twice in the same message/run.

On the host system (outside jails), periodic daily/weekly behave normally; each script is executed once and there are no duplicated blocks in the output.]​



How to reproduce (weekly in the jail):

1 3 * * * root periodic daily
15 4 * * 6 root periodic weekly
30 5 1 * * root periodic monthly

Inside the jail, temporarily set:

weekly_output=/tmp/weekly.debug

in /etc/periodic.conf.

Run periodic weekly manually inside the jail.

Inspect the file /tmp/weekly.debug.]​

Actual result (weekly in the jail):

For example (simplified):

Security check:
(output mailed separately)

[...]

Security check:
(output mailed separately)

-- End of weekly output --

In other words, the Security check: (output mailed separately) block from the weekly status-security script appears twice in a single periodic weekly run inside the jail.]​



How to reproduce (daily security in the jail):

1. Use the same qbittorrent jail with /etc/periodic.conf as described in the Environment section.
2. Let cron run normally inside the jail with the default periodic daily line in /etc/crontab.
3. Observe the daily security run output mail from that jail (or redirect daily_output to a file and run periodic security manually).​

Actual result (daily security in the jail):

Checking for passwordless accounts:
root::0:0::0:0:Charlie &:/root:/bin/sh

Checking login.conf permissions:

qbittorrent.example.org login failures:

Checking for passwordless accounts:
root::0:0::0:0:Charlie &:/root:/bin/sh

Checking login.conf permissions:

qbittorrent.example.org login failures:

-- End of security output --

This is from a single daily security run, not from two separate mails.]​



Expected result:


One Security check: (output mailed separately) block per weekly run.

One set of daily security checks (passwordless accounts, login.conf permissions, login failures, etc.) per daily security run.]​



Additional information:

/etc/crontab contains only the standard periodic lines.

crontab -l -u root is empty (no additional cron jobs for periodic).

/var/log/cron inside the jail shows exactly one (root) CMD (periodic daily) per day and one (root) CMD (periodic weekly) per week.

ps aux inside the jail shows exactly one /usr/sbin/cron process.

The duplication happens even when periodic weekly or periodic security is run manually inside the jail with weekly_output / daily_output pointed to a file, confirming that it is not caused by cron running the jobs twice.

Jails are created and managed with BastilleBSD. The generated jail.conf for the qbittorrent jail looks like:

qbittorrent {
exec.start = '/bin/sh /etc/rc';
exec.stop = '/bin/sh /etc/rc.shutdown';
[...]
}

There are no extra exec.start lines and no jexec ... periodic jobs on the host.

The basejail release directory /usr/local/bastille/releases/14.3-RELEASE contains only the standard /etc/periodic/{daily,weekly,monthly,security} directories and no custom periodic scripts; /usr/local/etc/periodic in the release is empty.



Given that:

The host behaves normally.

All jails show duplicated weekly and daily security output for a single periodic run.

Cron is not running these jobs twice.

this seems to indicate an issue with how periodic runs weekly/security classes inside jails in this environment.]​