conf/183137: r254974 periodic security status regression, compatibility shim doesn't work

Adam McDougall mcdouga9 at egr.msu.edu
Mon Oct 21 00:00:01 UTC 2013


>Number:         183137
>Category:       conf
>Synopsis:       r254974 periodic security status regression, compatibility shim doesn't work
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 21 00:00:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Adam McDougall
>Release:        10.0-ALPHA2
>Organization:
>Environment:
FreeBSD hostname 10.0-ALPHA2 FreeBSD 10.0-ALPHA2 #0 r255793: Sun Sep 22 17:05:25 EDT 2013     root at build9:/usr/obj/proto/src10/src/sys/AMD64-10  amd64

>Description:
r254974 introduced "Make the period of each periodic security script configurable" which I am quite interested in, but also with "A compatibility shim has been introduced for the old variable names".  The compat shim doesn't seem to work for me.  I will eventually update my configurations to the new standard, however this particular system was setup to use the old variables such as daily_status_security_pfdenied_enable="NO" and daily_status_security_loginfail_enable=no.  For the sake of having the shim work, I am reporting this.  This system has been reporting login failures and pf denied statistics daily which was not my intention per the variables mentioned above which I have set in /etc/periodic.conf.

I made a few attempts to change the contents of the "security_daily_compat_var" line in /etc/periodic/security/520.pfdenied but was unsuccessful.
>How-To-Repeat:
put in /etc/periodic.conf:
daily_status_security_pfdenied_enable="NO" daily_status_security_loginfail_enable=no
Run it or wait overnight, those scripts run anyway.
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:


More information about the freebsd-bugs mailing list