Page MenuHomeFreeBSD

Quiet 450.status-security when *_inline="YES"
ClosedPublic

Authored by asomers on Apr 3 2017, 11:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 18, 1:34 PM
Unknown Object (File)
Oct 20 2024, 4:32 PM
Unknown Object (File)
Oct 3 2024, 11:13 AM
Unknown Object (File)
Sep 30 2024, 5:48 PM
Unknown Object (File)
Sep 23 2024, 6:18 PM
Unknown Object (File)
Sep 20 2024, 8:46 PM
Unknown Object (File)
Sep 17 2024, 4:42 AM
Unknown Object (File)
Sep 16 2024, 11:49 AM
Subscribers

Details

Summary

Quiet 450.status-security when *_inline="YES"

Previously, 450.status-security would always set rc=3 in inline mode,
because it doesn't know whether "periodic security" is going to find
anything interesting. But this annoyingly results in daily reports that
simply say "Security check: \n\n-- End of daily output --".

This change fixes that by testing whether "periodic security" printed
anything, and setting 450.status-security's exit status to 3 if it did. An
alternative would be to change the exit status of periodic(8) to be the
worst of its scripts' exit statuses, but that would be a more intrusive
change.

Test Plan

Manually run 450.status-periodic with and without _inline, and with and
without any interesting results.

Diff Detail