Three '450.status-security' scripts enabled by default

Ian Smith smithi at
Tue Oct 31 13:13:49 UTC 2017

In freebsd-questions Digest, Vol 700, Issue 2, Message: 10
On Tue, 31 Oct 2017 19:52:58 +0900 (JST) Yasuhiro KIMURA <yasu at> wrote:

 > Hello,


 > While investigating the delay of daily periodic jobs, I found there
 > are three '450.status-security' scripts under /etc/periodic, that is,
 > /etc/periodic/{dairy,monthry,weekly}/450.status-security. All of them
 > executes 'periodic security' and only difference is how often they are
 > executed. So I think the purpose of them is to provide user option
 > how often 'periodic security' is executed. OK, I understand it. But I
 > can't understand setting about them in /etc/defaults/periodic.conf
 > because all of them are enabled by default. If the purpose is what I
 > explained, normal user expects at most one of them is enabled. So are
 > there any reason that all of them are enabled by default?

450.status-security is run (YES) each of those times, but unless you set 
variables in /etc/periodic.conf that override /etc/default/periodic.conf 
settings, it'll still use the default of 'daily' for the various scripts 
run by that one.  See periodic.conf(5) and /etc/defaults/periodic.conf 
near the end.

I was curious as my (cough) 9.3 system precedes this feature, so dug 
around to find this, which likely explains the rationale well enough:

Most people likely won't exercise this feature, if they know it exists.

Oh, and whether using pkg(8) or source updating isn't relevant to this.

cheers, Ian

More information about the freebsd-questions mailing list