Suppress emailing the daily security report if it is empty, unless trunk
authorjhawk <jhawk@NetBSD.org>
Fri, 21 Feb 2003 22:35:46 +0000
branchtrunk
changeset 108910 971c3524ca2a
parent 108909 9e9f7fbaf9bd
child 108911 28999f40d80c
Suppress emailing the daily security report if it is empty, unless send_empty_security=YES. Implements change-request PR security/17249 from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.
etc/daily
etc/defaults/daily.conf
share/man/man5/daily.conf.5
--- a/etc/daily	Fri Feb 21 21:46:45 2003 +0000
+++ b/etc/daily	Fri Feb 21 22:35:46 2003 +0000
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$NetBSD: daily,v 1.48 2003/02/04 05:31:18 atatat Exp $
+#	$NetBSD: daily,v 1.49 2003/02/21 22:35:46 jhawk Exp $
 #	@(#)daily	8.2 (Berkeley) 1/25/94
 #
 
@@ -228,9 +228,17 @@
 	SECOUT="$DAILYDIR/sec"
 	sh /etc/security > "$SECOUT" 2>&1
 	if [ ! -s "$SECOUT" ]; then
-		echo "Nothing to report on $date" > "$SECOUT"
+		if checkyesno send_empty_security; then
+			echo "Nothing to report on $date" > "$SECOUT"
+		else
+			echo ""
+			echo "Supressing empty security report."
+		fi
 	fi
-	mail -s "$host daily insecurity output for $date" $MAILTO < "$SECOUT"
+	if [ -s "$SECOUT" ]; then
+		mail -s "$host daily insecurity output for $date" \
+		    $MAILTO < "$SECOUT"
+	fi
 fi
 
 if checkyesno run_skeyaudit; then
--- a/etc/defaults/daily.conf	Fri Feb 21 21:46:45 2003 +0000
+++ b/etc/defaults/daily.conf	Fri Feb 21 22:35:46 2003 +0000
@@ -1,4 +1,4 @@
-#	$NetBSD: daily.conf,v 1.2 2000/11/08 23:17:50 lukem Exp $
+#	$NetBSD: daily.conf,v 1.3 2003/02/21 22:35:47 jhawk Exp $
 #
 # /etc/defaults/daily.conf --
 #	default configuration of /etc/daily.conf
@@ -22,3 +22,5 @@
 run_rdist=YES
 run_security=YES
 run_skeyaudit=YES
+
+send_empty_security=NO
--- a/share/man/man5/daily.conf.5	Fri Feb 21 21:46:45 2003 +0000
+++ b/share/man/man5/daily.conf.5	Fri Feb 21 22:35:46 2003 +0000
@@ -1,4 +1,4 @@
-.\"	$NetBSD: daily.conf.5,v 1.12 2002/01/28 12:29:38 wiz Exp $
+.\"	$NetBSD: daily.conf.5,v 1.13 2003/02/21 22:35:47 jhawk Exp $
 .\"
 .\" Copyright (c) 1996 Matthew R. Green
 .\" All rights reserved.
@@ -26,7 +26,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd December 30, 1996
+.Dd February 21, 2003
 .Dt DAILY.CONF 5
 .Os
 .Sh NAME
@@ -119,6 +119,14 @@
 program to check the S/Key database and informs users of S/Keys that
 are about to expire.
 .El
+.Pp
+The variables described below can be set to modify the tests:
+.Bl -tag -width check_network
+.It Sy send_empty_security
+If set, the report generated by the
+.Sy run_security
+phase will always be sent, even if it is empty.
+.El
 .Sh FILES
 .Bl -tag -width /etc/daily.local -compact
 .It Pa /etc/daily