conf/183137: r254974 periodic security status regression, compatibility shim doesn't work
Adam McDougall
mcdouga9 at egr.msu.edu
Mon Oct 21 00:00:01 UTC 2013
>Number: 183137
>Category: conf
>Synopsis: r254974 periodic security status regression, compatibility shim doesn't work
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Oct 21 00:00:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Adam McDougall
>Release: 10.0-ALPHA2
>Organization:
>Environment:
FreeBSD hostname 10.0-ALPHA2 FreeBSD 10.0-ALPHA2 #0 r255793: Sun Sep 22 17:05:25 EDT 2013 root at build9:/usr/obj/proto/src10/src/sys/AMD64-10 amd64
>Description:
r254974 introduced "Make the period of each periodic security script configurable" which I am quite interested in, but also with "A compatibility shim has been introduced for the old variable names". The compat shim doesn't seem to work for me. I will eventually update my configurations to the new standard, however this particular system was setup to use the old variables such as daily_status_security_pfdenied_enable="NO" and daily_status_security_loginfail_enable=no. For the sake of having the shim work, I am reporting this. This system has been reporting login failures and pf denied statistics daily which was not my intention per the variables mentioned above which I have set in /etc/periodic.conf.
I made a few attempts to change the contents of the "security_daily_compat_var" line in /etc/periodic/security/520.pfdenied but was unsuccessful.
>How-To-Repeat:
put in /etc/periodic.conf:
daily_status_security_pfdenied_enable="NO" daily_status_security_loginfail_enable=no
Run it or wait overnight, those scripts run anyway.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list