git: 6a7c8c922455 - main - periodic/security: Introduce $security_status_loginfail_ignore for 800.loginfail

From: Michael Osipov <michaelo_at_FreeBSD.org>
Date: Sat, 20 Jun 2026 20:34:59 UTC 
The branch main has been updated by michaelo:

URL: https://cgit.FreeBSD.org/src/commit/?id=6a7c8c92245562cfd9b900dedacab99a13d5ca86

commit 6a7c8c92245562cfd9b900dedacab99a13d5ca86
Author:     Andre Albsmeier <mail@fbsd2.e4m.org>
AuthorDate: 2026-06-19 13:50:00 +0000
Commit:     Michael Osipov <michaelo@FreeBSD.org>
CommitDate: 2026-06-20 20:34:30 +0000

    periodic/security: Introduce $security_status_loginfail_ignore for 800.loginfail
    
    Introduce a new variable "security_status_loginfail_ignore" to filter unwanted
    login failure messages from the daily security checks.
    
    Co-authored-by: Michael Osipov <michaelo@FreeBSD.org>
    Co-authored-by: Joseph Mingrone <jrm@FreeBSD.org>
    PR:             295191
    Reviewed by:    jrm
    MFC after:      1 week
    Differential Revision:  https://reviews.freebsd.org/D57671
---
 share/man/man5/periodic.conf.5               | 6 +++++-
 usr.sbin/periodic/etc/security/800.loginfail | 1 +
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/share/man/man5/periodic.conf.5 b/share/man/man5/periodic.conf.5
index 8910895d9b89..568493154558 100644
--- a/share/man/man5/periodic.conf.5
+++ b/share/man/man5/periodic.conf.5
@@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd April 9, 2024
+.Dd June 19, 2026
 .Dt PERIODIC.CONF 5
 .Os
 .Sh NAME
@@ -1036,6 +1036,10 @@ Set to either
 .Dq Li monthly
 or
 .Dq Li NO .
+.It Va security_status_loginfail_ignore
+.Pq Vt str
+Set to an extended regular expression to filter out unwanted messages.
+By default, no messages are filtered.
 .It Va security_status_tcpwrap_enable
 .Pq Vt bool
 Set to
diff --git a/usr.sbin/periodic/etc/security/800.loginfail b/usr.sbin/periodic/etc/security/800.loginfail
index 91564185b653..562201439794 100755
--- a/usr.sbin/periodic/etc/security/800.loginfail
+++ b/usr.sbin/periodic/etc/security/800.loginfail
@@ -65,6 +65,7 @@ then
 	echo ""
 	echo "${host} login failures:"
 	n=$(catmsgs | egrep -ia "${prefix}.*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
+	    grep -Eva "${security_status_loginfail_ignore-^\$}" |
 	    tee /dev/stderr | wc -l)
 	[ $n -gt 0 ] && rc=1 || rc=0
 fi