|
|
Automated security checks on Sidewinder7 firewall
|
|
DAILY(5) BSD File Formats Manual DAILY(5) NAME
daily, daily.conf -- daily maintenance DESCRIPTION
The /etc/daily script is run, by default, every night on a NetBSD system. The /etc/daily.conf file specifies which of the standard daily services are performed. The variables described below can be set to ``YES'' or ``NO'' in the /etc/daily.conf file. Most default to ``YES'', but not all. Check the /etc/defaults/daily.conf file if you are in doubt. (Note that you should never edit /etc/defaults/daily.conf directly, as it is often replaced during system upgrades.) find_core This runs find(1) over the entire local filesystem, looking for core files. run_msgs This runs msgs(1) with the -c argument. expire_news This runs the /etc/expire.news script. purge_accounting This ages accounting files in /var/account. run_calendar This runs calendar(1) with the -a argument. check_disks This uses the df(1) and dump(8) to give disk status, and also reports failed raid(4) components. show_remote_fs In check_disks, show remote file systems, which are not reported on by default. check_mailq This runs mailq(1). check_network This runs netstat(1) with the -i argument, and also checks the rwhod(8) database, and runs ruptime(1) if there are hosts in /var/rwho. full_netstat By default, check_network outputs a summarized version of the netstat(1) report. If a full version of the output run with the -inv options is desired, set this variable. run_fsck This runs fsck(8) with the -n option. run_rdist This runs rdist(1) with /etc/Distfile. run_security This runs the /etc/security script looking for possible security problems with the system. run_skeyaudit Runs the skeyaudit(1) program to check the S/Key database and informs users of S/Keys that are about to expire. run_makemandb If the /etc/man.conf file exists, runs the makemandb(8) utility to update the man.db database for use by apropos(1). fetch_pkg_vulnerabilities Refreshes the local database of package vulnerabilities. See the settings in security.conf(5) for details on the actual package checks. The variables described below can be set to modify the tests: find_core_ignore_fstypes Lists filesystem types to ignore during the find_core phase. Prefixing the type with a '!' inverts the match. For example, 'procfs !local' will ignore 'procfs' type filesystems and filesystems that are not 'local'. find_core_ignore_paths Lists paths to ignore during the find_core phase. For example, '/export' will not descend into any directories under the '/export' hierarchy. This, on a file server, allows to skip user data while still scanning system files. run_fsck_flags Extra options to be passed to fsck(8) if run_fsck is enabled. send_empty_security If set, the report generated by the run_security phase will always be sent, even if it is empty. pkgdb_dir DEPRECATED. Please set PKGDB_DIR in pkg_install.conf(5) instead. If defined, points to the location of the packages database. Defaults to /var/db/pkg. FILES
/etc/daily daily maintenance script /etc/daily.conf daily maintenance configuration /etc/defaults/daily.conf default settings, overridden by /etc/daily.conf /etc/daily.local local site additions to /etc/daily SEE ALSO
monthly(5), security.conf(5), weekly(5) HISTORY
The /etc/daily.conf file appeared in NetBSD 1.3. BSD
July 30, 2012 BSD
