1.\"- 2.\" Copyright (c) 2000 Brian Somers <brian@Awfulhak.org> 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd May 12, 2007 29.Dt PERIODIC.CONF 5 30.Os 31.Sh NAME 32.Nm periodic.conf 33.Nd periodic job configuration information 34.Sh DESCRIPTION 35The file 36.Nm 37contains a description of how daily, weekly and monthly system maintenance 38jobs should run. 39It resides in the 40.Pa /etc/defaults 41directory and parts may be overridden by a file of the same name in 42.Pa /etc , 43which itself may be overridden by the 44.Pa /etc/periodic.conf.local 45file. 46.Pp 47The 48.Nm 49file 50is actually sourced as a shell script from each of the periodic scripts 51and is intended to simply provide default configuration variables. 52.Pp 53The following variables are used by 54.Xr periodic 8 55itself: 56.Bl -tag -offset 4n -width 2n 57.It Va local_periodic 58.Pq Vt str 59List of directories to search for periodic scripts. 60This list is always prefixed with 61.Pa /etc/periodic , 62and is only used when an argument to 63.Xr periodic 8 64is not an absolute directory name. 65.It Ao Ar dir Ac Ns Va _output 66.Pq Vt path No or Vt list 67What to do with the output of the scripts executed from 68the directory 69.Ar dir . 70If this variable is set to an absolute path name, output is logged to 71that file, otherwise it is taken as one or more space separated email 72addresses and mailed to those users. 73If this variable is not set or is empty, output is sent to standard output. 74.Pp 75For an unattended machine, suitable values for 76.Va daily_output , 77.Va weekly_output , 78and 79.Va monthly_output 80might be 81.Dq Li /var/log/daily.log , 82.Dq Li /var/log/weekly.log , 83and 84.Dq Li /var/log/monthly.log 85respectively, as 86.Xr newsyslog 8 87will rotate these files (if they exists) at the appropriate times. 88.It Ao Ar dir Ac Ns Va _show_success 89.It Ao Ar dir Ac Ns Va _show_info 90.It Ao Ar dir Ac Ns Va _show_badconfig 91.Pq Vt bool 92These variables control whether 93.Xr periodic 8 94will mask the output of the executed scripts based on their return code 95(where 96.Ar dir 97is the base directory name in which each script resides). 98If the return code of a script is 99.Sq 0 100and 101.Ao Ar dir Ac Ns Va _show_success 102is set to 103.Dq Li NO , 104.Xr periodic 8 105will mask the script's output. 106If the return code of a script is 107.Sq 1 108and 109.Ao Ar dir Ac Ns Va _show_info 110is set to 111.Dq Li NO , 112.Xr periodic 8 113will mask the script's output. 114If the return code of a script is 115.Sq 2 116and 117.Ao Ar dir Ac Ns Va _show_badconfig 118is set to 119.Dq Li NO , 120.Xr periodic 8 121will mask the script's output. 122If these variables are set to neither 123.Dq Li YES 124nor 125.Dq Li NO , 126they default to 127.Dq Li YES , 128.Dq Li YES 129and 130.Dq Li NO 131respectively. 132.Pp 133Refer to the 134.Xr periodic 8 135manual page for how script return codes are interpreted. 136.El 137.Pp 138The following variables are used by the standard scripts that reside in 139.Pa /etc/periodic/daily : 140.Bl -tag -offset 4n -width 2n 141.It Va daily_clean_disks_enable 142.Pq Vt bool 143Set to 144.Dq Li YES 145if you want to remove all files matching 146.Va daily_clean_disks_files 147daily. 148.It Va daily_clean_disks_files 149.Pq Vt str 150Set to a list of file names to match. 151Wild cards are permitted. 152.It Va daily_clean_disks_days 153.Pq Vt num 154When 155.Va daily_clean_disks_enable 156is set to 157.Dq Li YES , 158this must also be set to the number of days old that a file's access 159and modification times must be before it is deleted. 160.It Va daily_clean_disks_verbose 161.Pq Vt bool 162Set to 163.Dq Li YES 164if you want the removed files to be reported in your daily output. 165.It Va daily_clean_tmps_enable 166.Pq Vt bool 167Set to 168.Dq Li YES 169if you want to clear temporary directories daily. 170.It Va daily_clean_tmps_dirs 171.Pq Vt str 172Set to the list of directories to clear if 173.Va daily_clean_tmps_enable 174is set to 175.Dq Li YES . 176.It Va daily_clean_tmps_days 177.Pq Vt num 178When 179.Va daily_clean_tmps_enable 180is set, this must also be set to the number of days old that a file's access 181and modification times must be before it is deleted. 182.It Va daily_clean_tmps_ignore 183.Pq Vt str 184Set to the list of files that should not be deleted when 185.Va daily_clean_tmps_enable 186is set to 187.Dq Li YES . 188Wild card characters are permitted. 189.It Va daily_clean_tmps_verbose 190.Pq Vt bool 191Set to 192.Dq Li YES 193if you want the removed files to be reported in your daily output. 194.It Va daily_clean_preserve_enable 195.Pq Vt bool 196Set to 197.Dq Li YES 198if you wish to remove old files from 199.Pa /var/preserve . 200.It Va daily_clean_preserve_days 201.Pq Vt num 202Set to the number of days that files must not have been modified before 203they are deleted. 204.It Va daily_clean_preserve_verbose 205.Pq Vt bool 206Set to 207.Dq Li YES 208if you want the removed files to be reported in your daily output. 209.It Va daily_clean_msgs_enable 210.Pq Vt bool 211Set to 212.Dq Li YES 213if you wish old system messages to be purged. 214.It Va daily_clean_msgs_days 215.Pq Vt num 216Set to the number of days that files must not have been modified before 217they are deleted. 218If this variable is left blank, the 219.Xr msgs 1 220default is used. 221.It Va daily_clean_rwho_enable 222.Pq Vt bool 223Set to 224.Dq Li YES 225if you wish old files in 226.Pa /var/who 227to be purged. 228.It Va daily_clean_rwho_days 229.Pq Vt num 230Set to the number of days that files must not have been modified before 231they are deleted. 232.It Va daily_clean_rwho_verbose 233.Pq Vt bool 234Set to 235.Dq Li YES 236if you want the removed files to be reported in your daily output. 237.It Va daily_clean_hoststat_enable 238.Pq Vt bool 239Set to 240.Dq Li YES 241to run 242.Nm sendmail Fl bH 243to automatically purge stale entries from 244.Xr sendmail 8 Ns 's 245host status cache. 246Files will be deleted using the same criteria as 247.Xr sendmail 8 248would normally use when determining whether to believe the cached information, 249as configured in 250.Pa /etc/mail/sendmail.cf . 251.It Va daily_backup_passwd_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255if you want the 256.Pa /etc/master.passwd 257and 258.Pa /etc/group 259files backed up and reported on. 260Reporting consists of checking both files for modifications and running 261.Xr chkgrp 8 262on the 263.Pa group 264file. 265.It Va daily_backup_aliases_enable 266.Pq Vt bool 267Set to 268.Dq Li YES 269if you want the 270.Pa /etc/mail/aliases 271file backed up and modifications to be displayed in your daily output. 272.It Va daily_calendar_enable 273.Pq Vt bool 274Set to 275.Dq Li YES 276if you want to run 277.Nm calendar Fl a 278daily. 279.It Va daily_accounting_enable 280.Pq Vt bool 281Set to 282.Dq Li YES 283if you want to rotate your daily accounting files. 284No rotations are necessary unless 285.Va accounting_enable 286is enabled in 287.Xr rc.conf 5 . 288.It Va daily_accounting_compress 289.Pq Vt bool 290Set to 291.Dq Li YES 292if you want your daily accounting files to be compressed using 293.Xr gzip 1 . 294.It Va daily_accounting_save 295.Pq Vt num 296When 297.Va daily_accounting_enable 298is set, this may also be set to the number of daily accounting files that are 299to be saved. 300The default is 301.Dq Li 3 . 302.It Va daily_accounting_flags 303.Pq Vt str 304Set to the arguments to pass to the 305.Xr sa 8 306utility (in addition to 307.Fl s ) 308when 309.Va daily_accounting_enable 310is set to 311.Dq Li YES . 312The default is 313.Fl q . 314.It Va daily_news_expire_enable 315.Pq Vt bool 316Set to 317.Dq Li YES 318if you want to run 319.Pa /etc/news.expire . 320.It Va daily_status_disks_enable 321.Pq Vt bool 322Set to 323.Dq Li YES 324if you want to run 325.Xr df 1 326(with the arguments supplied in 327.Va daily_status_disks_df_flags ) 328and 329.Nm dump Fl W . 330.It Va daily_status_disks_df_flags 331.Pq Vt str 332Set to the arguments for the 333.Xr df 1 334utility when 335.Va daily_status_disks_enable 336is set to 337.Dq Li YES . 338.It Va daily_status_ata_raid_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342if you want to run 343.Nm atacontrol Cm status 344on your 345.Xr ataraid 4 346arrays. 347.It Va daily_status_gmirror_enable 348.Pq Vt bool 349Set to 350.Dq Li YES 351if you want to run 352.Nm gmirror Cm status 353on your 354.Xr gmirror 8 355devices. 356.It Va daily_status_graid3_enable 357.Pq Vt bool 358Set to 359.Dq Li YES 360if you want to run 361.Nm graid3 Cm status 362on your 363.Xr graid3 8 364devices. 365.It Va daily_status_gstripe_enable 366.Pq Vt bool 367Set to 368.Dq Li YES 369if you want to run 370.Nm gstripe Cm status 371on your 372.Xr gstripe 8 373devices. 374.It Va daily_status_gconcat_enable 375.Pq Vt bool 376Set to 377.Dq Li YES 378if you want to run 379.Nm gconcat Cm status 380on your 381.Xr gconcat 8 382devices. 383.It Va daily_status_network_enable 384.Pq Vt bool 385Set to 386.Dq Li YES 387if you want to run 388.Nm netstat Fl i . 389.It Va daily_status_network_usedns 390.Pq Vt bool 391Set to 392.Dq Li YES 393if you want to run 394.Xr netstat 1 395without the 396.Fl n 397option (to do DNS lookups). 398.It Va daily_status_rwho_enable 399.Pq Vt bool 400Set to 401.Dq Li YES 402if you want to run 403.Xr uptime 1 404(or 405.Xr ruptime 1 406if 407.Va rwhod_enable 408is set to 409.Dq Li YES 410in 411.Pa /etc/rc.conf ) . 412.It Va daily_status_mailq_enable 413.Pq Vt bool 414Set to 415.Dq Li YES 416if you want to run 417.Xr mailq 1 . 418.It Va daily_status_mailq_shorten 419.Pq Vt bool 420Set to 421.Dq Li YES 422if you want to shorten the 423.Xr mailq 1 424output when 425.Va daily_status_mailq_enable 426is set to 427.Dq Li YES . 428.It Va daily_status_include_submit_mailq 429.Pq Vt bool 430Set to 431.Dq Li YES 432if you also want to run 433.Xr mailq 1 434on the submit mail queue when 435.Va daily_status_mailq_enable 436is set to 437.Dq Li YES . 438This may not work with MTAs other than 439.Xr sendmail 8 . 440.It Va daily_status_security_enable 441.Pq Vt bool 442Set to 443.Dq Li YES 444if you want to run the security check. 445The security check is another set of 446.Xr periodic 8 447scripts. 448The system defaults are in 449.Pa /etc/periodic/security . 450Local scripts should be placed in 451.Pa /usr/local/etc/periodic/security . 452See the 453.Xr periodic 8 454manual page for more information. 455.It Va daily_status_security_inline 456.Pq Vt bool 457Set to 458.Dq Li YES 459if you want the security check output inline. 460The default is to either mail or log the output according to the value of 461.Va daily_status_security_output . 462.It Va daily_status_security_output 463.Pq Vt str 464Where to send the output of the security check if 465.Va daily_status_security_inline 466is set to 467.Dq Li NO . 468This variable behaves in the same way as the 469.Va *_output 470variables above, namely it can be set either to one or more email addresses 471or to an absolute file name. 472.It Va daily_status_security_diff_flags 473.Pq Vt str 474Set to the arguments to pass to the 475.Xr diff 1 476utility when generating differences. 477The default is 478.Fl b u . 479.It Va daily_status_security_chksetuid_enable 480.Pq Vt bool 481Set to 482.Dq Li YES 483to compare the modes and modification times of setuid executables with 484the previous day's values. 485.It Va daily_status_security_chkmounts_enable 486.Pq Vt bool 487Set to 488.Dq Li YES 489to check for changes mounted file systems to the previous day's values. 490.It Va daily_status_security_noamd 491.Pq Vt bool 492Set to 493.Dq Li YES 494if you want to ignore 495.Xr amd 8 496mounts when comparing against yesterday's file system mounts in the 497.Va daily_status_security_chkmounts_enable 498check. 499.It Va daily_status_security_chkuid0_enable 500.Pq Vt bool 501Set to 502.Dq Li YES 503to check 504.Pa /etc/master.passwd 505for accounts with UID 0. 506.It Va daily_status_security_passwdless_enable 507.Pq Vt bool 508Set to 509.Dq Li YES 510to check 511.Pa /etc/master.passwd 512for accounts with empty passwords. 513.It Va daily_status_security_logincheck_enable 514.Pq Vt bool 515Set to 516.Dq Li YES 517to check 518.Pa /etc/login.conf 519ownership, see 520.Xr login.conf 5 521for more information. 522.It Va daily_status_security_ipfwdenied_enable 523.Pq Vt bool 524Set to 525.Dq Li YES 526to show log entries for packets denied by 527.Xr ipfw 8 528since yesterday's check. 529.It Va daily_status_security_ipfdenied_enable 530.Pq Vt bool 531Set to 532.Dq Li YES 533to show log entries for packets denied by 534.Xr ipf 8 535since yesterday's check. 536.It Va daily_status_security_pfdenied_enable 537.Pq Vt bool 538Set to 539.Dq Li YES 540to show log entries for packets denied by 541.Xr pf 4 542since yesterday's check. 543.It Va daily_status_security_ipfwlimit_enable 544.Pq Vt bool 545Set to 546.Dq Li YES 547to display 548.Xr ipfw 8 549rules that have reached their verbosity limit. 550.It Va daily_status_security_kernelmsg_enable 551.Pq Vt bool 552Set to 553.Dq Li YES 554to show new 555.Xr dmesg 8 556entries since yesterday's check. 557.It Va daily_status_security_loginfail_enable 558.Pq Vt bool 559Set to 560.Dq Li YES 561to display failed logins from 562.Pa /var/log/messages 563in the previous day. 564.It Va daily_status_security_tcpwrap_enable 565.Pq Vt bool 566Set to 567.Dq Li YES 568to display connections denied by tcpwrappers (see 569.Xr hosts_access 5 ) 570from 571.Pa /var/log/messages 572during the previous day. 573.It Va daily_status_mail_rejects_enable 574.Pq Vt bool 575Set to 576.Dq Li YES 577if you want to summarise mail rejections logged to 578.Pa /var/log/maillog 579for the previous day. 580.It Va daily_status_mail_rejects_logs 581.Pq Vt num 582Set to the number of maillog files that should be checked 583for yesterday's mail rejects. 584.It Va daily_status_named_enable 585.Pq Vt bool 586Set to 587.Dq Li YES 588if you want to summarise denied zone transfers (AXFR and IXFR) 589for the previous day. 590.It Va daily_status_named_usedns 591.Pq Vt bool 592Set to 593.Dq Li YES 594if you want to enable reverse DNS lookups. 595.It Va daily_status_ntpd 596.Pq Vt bool 597Set to 598.Dq Li YES 599if you want to enable NTP status check. 600.It Va daily_queuerun_enable 601.Pq Vt bool 602Set to 603.Dq Li YES 604if you want to manually run the mail queue at least once a day. 605.It Va daily_submit_queuerun 606.Pq Vt bool 607Set to 608.Dq Li YES 609if you also want to manually run the submit mail queue at least once a day 610when 611.Va daily_queuerun_enable 612is set to 613.Dq Li YES . 614.It Va daily_local 615.Pq Vt str 616Set to a list of extra scripts that should be run after all other 617daily scripts. 618All scripts must be absolute path names. 619.El 620.Pp 621The following variables are used by the standard scripts that reside in 622.Pa /etc/periodic/weekly : 623.Bl -tag -offset 4n -width 2n 624.It Va weekly_locate_enable 625.Pq Vt bool 626Set to 627.Dq Li YES 628if you want to run 629.Pa /usr/libexec/locate.updatedb . 630This script is run using 631.Nm nice Fl 5 632as user 633.Dq Li nobody , 634and generates the table used by the 635.Xr locate 1 636command. 637.It Va weekly_whatis_enable 638.Pq Vt bool 639Set to 640.Dq Li YES 641if you want to run 642.Pa /usr/libexec/makewhatis.local . 643This script regenerates the database used by the 644.Xr apropos 1 645command. 646.It Va weekly_catman_enable 647.Pq Vt bool 648Set to 649.Dq Li YES 650if you want to run 651.Pa /usr/libexec/catman.local . 652This script processes all out of date manual pages, speeding up the 653.Xr man 1 654command at the expense of disk space. 655.It Va weekly_noid_enable 656.Pq Vt bool 657Set to 658.Dq Li YES 659if you want to locate orphaned files on the system. 660An orphaned file is one with an invalid owner or group. 661.It Va weekly_noid_dirs 662.Pq Vt str 663A list of directories under which orphaned files are searched for. 664This would usually be set to 665.Pa / . 666.It Va weekly_status_pkg_enable 667.Pq Vt bool 668Set to 669.Dq Li YES 670if you want to use 671.Xr pkg_version 1 672to list installed packages which are out of date. 673.It Va pkg_version 674.Pq Vt str 675When 676.Va weekly_status_pkg_enable 677is set to 678.Dq Li YES , 679this variable specifies the program that is used to determine the out of 680date packages. 681If unset, the 682.Xr pkg_version 1 683program is used. 684As an example, this variable might be set to 685.Dq Li portversion 686if the 687.Pa ports/sysutils/portupgrade 688port has been installed. 689.It Va pkg_version_index 690.Pq Vt str 691This variable specifies the 692.Pa INDEX 693file from 694.Pa /usr/ports 695that should be used by 696.Xr pkg_version 1 . 697Because the dependency tree may be substantially different between versions of 698.Fx , 699there may be more than one 700.Pa INDEX 701file in 702.Pa /usr/ports . 703.Pp 704Note, if the 705.Va pkg_version 706variable is set to 707.Dq Li portversion , 708it will also be necessary to arrange that the correct 709.Pa INDEX 710file is specified 711using environment variables and that 712.Va pkg_version_index 713is cleared in 714.Pa /etc/periodic.conf 715.Pq Dq Li pkg_version_index= . 716.It Va weekly_local 717.Pq Vt str 718Set to a list of extra scripts that should be run after all other 719weekly scripts. 720All scripts must be absolute path names. 721.El 722.Pp 723The following variables are used by the standard scripts that reside in 724.Pa /etc/periodic/monthly : 725.Bl -tag -offset 4n -width 2n 726.It Va monthly_accounting_enable 727.Pq Vt bool 728Set to 729.Dq Li YES 730if you want to do login accounting using the 731.Xr ac 8 732command. 733.It Va monthly_local 734.Pq Vt str 735Set to a list of extra scripts that should be run after all other 736monthly scripts. 737All scripts must be absolute path names. 738.El 739.Sh FILES 740.Bl -tag -width ".Pa /etc/defaults/periodic.conf" 741.It Pa /etc/defaults/periodic.conf 742The default configuration file. 743This file contains all default variables and values. 744.It Pa /etc/periodic.conf 745The usual system specific variable override file. 746.It Pa /etc/periodic.conf.local 747An additional override file, useful when 748.Pa /etc/periodic.conf 749is shared or distributed. 750.El 751.Sh SEE ALSO 752.Xr apropos 1 , 753.Xr calendar 1 , 754.Xr df 1 , 755.Xr diff 1 , 756.Xr gzip 1 , 757.Xr locate 1 , 758.Xr man 1 , 759.Xr msgs 1 , 760.Xr netstat 1 , 761.Xr nice 1 , 762.Xr pkg_version 1 , 763.Xr login.conf 5 , 764.Xr rc.conf 5 , 765.Xr ac 8 , 766.Xr chkgrp 8 , 767.Xr dump 8 , 768.Xr newsyslog 8 , 769.Xr periodic 8 , 770.Xr sendmail 8 771.Sh HISTORY 772The 773.Nm 774file appeared in 775.Fx 4.1 . 776.Sh AUTHORS 777.An Brian Somers Aq brian@Awfulhak.org 778