Re: portaudit and periodic
I believe I am incorrect. I checked further and it looks like $daily_status_security_portaudit_enable defaults to YES in the portaudit script so it should run fine. Everything seems to be working. I don't know why I thought it wasn't running before. Sorry for the trouble. Thanks. On Sat, Dec 20, 2008 at 5:42 PM, kareemy kare...@gmail.com wrote: I am using FreeBSD 7-RELEASE. I installed portaudit. The FreeBSD handbook stated that during the install process, the configuration files for periodic will be updated, permitting portaudit output in the daily security runs. portaudit was not run in my daily security runs. There is no mention of portaudit in /etc/periodic.conf or /etc/defaults/periodic.conf. I read /usr/local/etc/periodic/security/410.portaudit and found that it references 3 variables: daily_status_security_portaudit_enable daily_status_security_portaudit_expiry daily_status_security_portaudit_user I can't find those variables defined anywhere in any periodic.conf file. I understand I can just manually add daily_status_security_portaudit_enable=YES to my periodic.conf and be good to go. But I am wondering about the discrepancy with the Freebsd handbook. Is the FreeBSD handbook out of date or incorrect in this regard or is there another reason why portaudit didn't update the periodic config files? Thanks, Kareem Dana ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: portaudit in periodic [SOLVED]
Cristian KLEIN ha scritto: But have you tried running these commands from the shell? It is very important to check the scripts with the above SHELL PATH environment. If the above works from the shell, I'm pretty much out of ideas too. Yes, and it did work. In the end I realized the problem was that I have to use a proxy: from the shell portaudit picked up HTTP_PROXY and FTP_PROXY from the environment, while it didn't when launched from cron. Obiously setting up portaudit.conf was the solution. bye Thanks av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portaudit in periodic
Cristian KLEIN ha scritto: I used to have problem with cron scripts, because cron uses another PATH then what the script gets if it's run from the shell. Could you try the following (assuming sh): export SHELL=/bin/sh export PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin export HOME=/var/log periodic daily Sorry if I reply this late: I tried something similar in crontab and let it test for a while, but nothing changed. I'm really out of ideas here. :-( bye Thanks av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portaudit in periodic
Andrea Venturoli wrote: Cristian KLEIN ha scritto: I used to have problem with cron scripts, because cron uses another PATH then what the script gets if it's run from the shell. Could you try the following (assuming sh): export SHELL=/bin/sh export PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin export HOME=/var/log periodic daily Sorry if I reply this late: I tried something similar in crontab and let it test for a while, but nothing changed. I'm really out of ideas here. :-( But have you tried running these commands from the shell? It is very important to check the scripts with the above SHELL PATH environment. If the above works from the shell, I'm pretty much out of ideas too. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portaudit in periodic
Andrea Venturoli wrote: Hello. I'm running a dozen boxes (most being 6.2) with portaudit installed and I usually get a port vulnerability report in the daily security run. On one box, however, portaudit's db won't update automatically. The security reports will mention no vulnerability, even when I know they are there. Running periodic daily from a shell does it all for good, so that for a few days I'll see the correct warnings. I used to have problem with cron scripts, because cron uses another PATH then what the script gets if it's run from the shell. Could you try the following (assuming sh): export SHELL=/bin/sh export PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin export HOME=/var/log periodic daily ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portaudit in periodic
On Mon, 26 Nov 2007 12:45:56 +0200 Cristian KLEIN [EMAIL PROTECTED] wrote: Andrea Venturoli wrote: On one box, however, portaudit's db won't update automatically. The security reports will mention no vulnerability, even when I know they are there. Running periodic daily from a shell does it all for good, so that for a few days I'll see the correct warnings. I used to have problem with cron scripts, because cron uses another PATH then what the script gets if it's run from the shell. That shouldn't be relevant, the update should be done as a side-effect of the daily security run, and the path to portaudit is hard-coded into the periodic script. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portaudit in periodic
RW ha scritto: Have you checked its clock? Yep. # date Fri Nov 23 18:13:17 CET 2007 Seems fine to me. Also, it's running ntp, although I'd excpect something better from it. bye Thanks av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portaudit in periodic
On Fri, 23 Nov 2007 10:28:31 +0100 Andrea Venturoli [EMAIL PROTECTED] wrote: Hello. I'm running a dozen boxes (most being 6.2) with portaudit installed and I usually get a port vulnerability report in the daily security run. On one box, however, portaudit's db won't update automatically. The security reports will mention no vulnerability, even when I know they are there. Running periodic daily from a shell does it all for good, so that for a few days I'll see the correct warnings. Have you checked its clock? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]