From ecronin@tail.eecs.umich.edu  Thu Jan 25 12:44:13 2001
Return-Path: <ecronin@tail.eecs.umich.edu>
Received: from tail.eecs.umich.edu (tail.eecs.umich.edu [141.213.11.30])
	by hub.freebsd.org (Postfix) with ESMTP id E5EAF37B400
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 25 Jan 2001 12:44:12 -0800 (PST)
Received: (from ecronin@localhost)
	by tail.eecs.umich.edu (8.11.1/8.11.1) id f0PKi3G24405;
	Thu, 25 Jan 2001 15:44:03 -0500 (EST)
	(envelope-from ecronin)
Message-Id: <200101252044.f0PKi3G24405@tail.eecs.umich.edu>
Date: Thu, 25 Jan 2001 15:44:03 -0500 (EST)
From: Eric Cronin <ecronin@tail.eecs.umich.edu>
Reply-To: ecronin@tail.eecs.umich.edu
To: FreeBSD-gnats-submit@freebsd.org
Subject: /etc/periodic/daily/450.status-security ignores daily_output
X-Send-Pr-Version: 3.2

>Number:         24643
>Category:       bin
>Synopsis:       /etc/periodic/daily/450.status-security ignores daily_output
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    brian
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 25 12:50:01 PST 2001
>Closed-Date:    Tue Jan 30 02:24:30 PST 2001
>Last-Modified:  Tue Jan 30 02:25:14 PST 2001
>Originator:     Eric Cronin
>Release:        FreeBSD 4.2-STABLE i386
>Organization:
>Environment:

FreeBSD tail.eecs.umich.edu 4.2-STABLE FreeBSD 4.2-STABLE #0: Fri Dec  
1 13:27:56 EST 2000     root@tail.eecs.umich.edu:/z/obj/z/src/sys/TAIL-IPF  i386

>Description:

The $daily_output variable in periodic.conf lets a user other than root or a file
be selected for the output of periodic daily.  The security check however has root
hard coded in.  Yes, I know enabling inline security gets around this but I like
having the two messages so I can check security ones quickly.

The part in question is:

        case "$daily_status_security_inline" in
            [Yy][Ee][Ss])
                    sh /etc/security -s $args
                    rc=$?;;

            *)
                    echo "    (output mailed separately)"
                    sh /etc/security $args 2>&1 |
                        sendmail root && rc=0 || rc=3;;
        esac;;


I don't know enough about the periodic scripts working to offer a patch since
daily_output could be a file or e-mail...

>How-To-Repeat:

Set daily_output != root, watch security mailings still go to root

>Fix:

Modify above case to recognize daily_output

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: brian 
State-Changed-When: Fri Jan 26 05:45:24 PST 2001 
State-Changed-Why:  


http://www.freebsd.org/cgi/query-pr.cgi?pr=24643 
State-Changed-From-To: closed->open 
State-Changed-By: brian 
State-Changed-When: Fri Jan 26 05:45:59 PST 2001 
State-Changed-Why:  
Re-open (closing this was an accident) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=24643 
Responsible-Changed-From-To: freebsd-bugs->brian 
Responsible-Changed-By: brian 
Responsible-Changed-When: Fri Jan 26 07:39:17 PST 2001 
Responsible-Changed-Why:  
I'll do this.  If anyone's interested in the patch I'm testing they can 
find it at http://people.freebsd.org/~brian/periodic.patch 

http://www.freebsd.org/cgi/query-pr.cgi?pr=24643 
State-Changed-From-To: open->closed 
State-Changed-By: brian 
State-Changed-When: Tue Jan 30 02:24:30 PST 2001 
State-Changed-Why:  
A fix has been applied to current (see periodic.conf.5).  I'll MFC in 
two weeks if there are no problems. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=24643 
>Unformatted:
