Page MenuHomeFreeBSD

Quiet 450.status-security when *_inline="YES"
ClosedPublic

Authored by asomers on Apr 3 2017, 11:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Jan 13 2024, 3:46 AM
Unknown Object (File)
Nov 15 2023, 11:14 PM
Unknown Object (File)
Nov 7 2023, 4:17 PM
Unknown Object (File)
Nov 6 2023, 4:11 PM
Unknown Object (File)
Nov 6 2023, 6:52 AM
Unknown Object (File)
Nov 5 2023, 3:29 PM
Unknown Object (File)
Oct 14 2023, 10:16 PM
Unknown Object (File)
Oct 12 2023, 12:16 AM
Subscribers

Details

Summary

Quiet 450.status-security when *_inline="YES"

Previously, 450.status-security would always set rc=3 in inline mode,
because it doesn't know whether "periodic security" is going to find
anything interesting. But this annoyingly results in daily reports that
simply say "Security check: \n\n-- End of daily output --".

This change fixes that by testing whether "periodic security" printed
anything, and setting 450.status-security's exit status to 3 if it did. An
alternative would be to change the exit status of periodic(8) to be the
worst of its scripts' exit statuses, but that would be a more intrusive
change.

Test Plan

Manually run 450.status-periodic with and without _inline, and with and
without any interesting results.

Diff Detail