Page MenuHomeFreeBSD

periodic/security: Introduce $security_status_loginfail_ignore for 800.loginfail
ClosedPublic

Authored by michaelo on Fri, Jun 19, 5:24 PM.
Tags
None
Referenced Files
F162638429: D57671.diff
Wed, Jul 15, 7:26 AM
F162638428: D57671.diff
Wed, Jul 15, 7:26 AM
Unknown Object (File)
Sat, Jul 11, 8:47 AM
Unknown Object (File)
Mon, Jul 6, 4:13 AM
Unknown Object (File)
Sun, Jul 5, 7:22 PM
Unknown Object (File)
Sat, Jul 4, 8:09 AM
Unknown Object (File)
Wed, Jul 1, 11:18 PM
Unknown Object (File)
Wed, Jul 1, 2:14 AM

Details

Summary

Introduce a new variable "security_status_loginfail_ignore" to filter unwanted
login failure messages from the daily security checks.

Co-authored-by: Michael Osipov <michaelo@FreeBSD.org>
PR: 295191
MFC after: 1 week

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

The commit message says "are no" instead of "are not". You might consider something simpler because users can really filter out whatever they want.

Introduce a new variable "security_status_loginfail_ignore" to filter unwanted login failure messages from the daily security checks.

share/man/man5/periodic.conf.5
1041–1043
  1. Rather than egrep(1), say extended regular expression, since egrep is deprecated in POSIX in favor of grep -E.
  2. Simplify the text. Users can really filter out whatever they want.

@jrm, reasonable points. Thank you!

michaelo marked an inline comment as done.
This revision is now accepted and ready to land.Sat, Jun 20, 8:24 PM