conf/181681: periodic inline security output missing with daily_show_success=NO
freebsd at omnilan.de
freebsd at omnilan.de
Fri Aug 30 11:10:01 UTC 2013
>Number: 181681
>Category: conf
>Synopsis: periodic inline security output missing with daily_show_success=NO
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Aug 30 11:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Harald Schmalzbauer
>Release: FreeBSD 9.2-RC3+FP1 amd64
>Organization:
OmniLAN
>Environment:
System: FreeBSD altair.aquila.inop.dcm1.omnilan.net 9.2-RC3+FP1 FreeBSD 9.2-RC3+FP1 #5 r254954M: Tue Aug 27 15:22:39 CEST 2013 admin at preed.labshop.wdn.omnilan.net:/usr/local/share/deploy-tools/obj-amd64/VMWARE/usr/local/share/deploy-tools/RELENG_9_2/src/sys/VMWARE.altair amd64
>Description:
If you don't want to get extra security letters from periodic,
you set daily_status_security_inline="YES" in your periodic.conf.
If you also don't want to get results from successfull scripts,
you set daily_show_success="NO" in your periodic.conf.
Having this combination leads to no security letter at all, since
450.status-security script starts security/* scripts and terminates
successfull at the end, regardless if security scripts return with >0.
>How-To-Repeat:
Set the above described two option in periodic.conf and run 'periodic daily'
>Fix:
--- etc/periodic/daily/450.status-security 2013-08-30 12:35:17.000000000 +0200
+++ etc/periodic/daily/450.status-security 2013-08-30 12:38:21.000000000 +0200
@@ -18,7 +18,11 @@
case "$daily_status_security_inline" in
[Yy][Ee][Ss])
- daily_status_security_output="";;
+ daily_status_security_output=""
+ if [ "$daily_show_success" != "[Yy][Ee][Ss]" ]
+ then
+ rc=1
+ fi;;
esac
export security_output="${daily_status_security_output}"
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list