1.\"- 2.\" Copyright (c) 2000 Brian Somers <brian@Awfulhak.org> 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd June 15, 2010 29.Dt PERIODIC.CONF 5 30.Os 31.Sh NAME 32.Nm periodic.conf 33.Nd periodic job configuration information 34.Sh DESCRIPTION 35The file 36.Nm 37contains a description of how daily, weekly and monthly system maintenance 38jobs should run. 39It resides in the 40.Pa /etc/defaults 41directory and parts may be overridden by a file of the same name in 42.Pa /etc , 43which itself may be overridden by the 44.Pa /etc/periodic.conf.local 45file. 46.Pp 47The 48.Nm 49file 50is actually sourced as a shell script from each of the periodic scripts 51and is intended to simply provide default configuration variables. 52.Pp 53The following variables are used by 54.Xr periodic 8 55itself: 56.Bl -tag -offset 4n -width 2n 57.It Va local_periodic 58.Pq Vt str 59List of directories to search for periodic scripts. 60This list is always prefixed with 61.Pa /etc/periodic , 62and is only used when an argument to 63.Xr periodic 8 64is not an absolute directory name. 65.It Ao Ar dir Ac Ns Va _output 66.Pq Vt path No or Vt list 67What to do with the output of the scripts executed from 68the directory 69.Ar dir . 70If this variable is set to an absolute path name, output is logged to 71that file, otherwise it is taken as one or more space separated email 72addresses and mailed to those users. 73If this variable is not set or is empty, output is sent to standard output. 74.Pp 75For an unattended machine, suitable values for 76.Va daily_output , 77.Va weekly_output , 78and 79.Va monthly_output 80might be 81.Dq Li /var/log/daily.log , 82.Dq Li /var/log/weekly.log , 83and 84.Dq Li /var/log/monthly.log 85respectively, as 86.Xr newsyslog 8 87will rotate these files (if they exists) at the appropriate times. 88.It Ao Ar dir Ac Ns Va _show_success 89.It Ao Ar dir Ac Ns Va _show_info 90.It Ao Ar dir Ac Ns Va _show_badconfig 91.Pq Vt bool 92These variables control whether 93.Xr periodic 8 94will mask the output of the executed scripts based on their return code 95(where 96.Ar dir 97is the base directory name in which each script resides). 98If the return code of a script is 99.Sq 0 100and 101.Ao Ar dir Ac Ns Va _show_success 102is set to 103.Dq Li NO , 104.Xr periodic 8 105will mask the script's output. 106If the return code of a script is 107.Sq 1 108and 109.Ao Ar dir Ac Ns Va _show_info 110is set to 111.Dq Li NO , 112.Xr periodic 8 113will mask the script's output. 114If the return code of a script is 115.Sq 2 116and 117.Ao Ar dir Ac Ns Va _show_badconfig 118is set to 119.Dq Li NO , 120.Xr periodic 8 121will mask the script's output. 122If these variables are set to neither 123.Dq Li YES 124nor 125.Dq Li NO , 126they default to 127.Dq Li YES , 128.Dq Li YES 129and 130.Dq Li NO 131respectively. 132.Pp 133Refer to the 134.Xr periodic 8 135manual page for how script return codes are interpreted. 136.El 137.Pp 138The following variables are used by the standard scripts that reside in 139.Pa /etc/periodic/daily : 140.Bl -tag -offset 4n -width 2n 141.It Va daily_clean_disks_enable 142.Pq Vt bool 143Set to 144.Dq Li YES 145if you want to remove all files matching 146.Va daily_clean_disks_files 147daily. 148.It Va daily_clean_disks_files 149.Pq Vt str 150Set to a list of file names to match. 151Wild cards are permitted. 152.It Va daily_clean_disks_days 153.Pq Vt num 154When 155.Va daily_clean_disks_enable 156is set to 157.Dq Li YES , 158this must also be set to the number of days old that a file's access 159and modification times must be before it is deleted. 160.It Va daily_clean_disks_verbose 161.Pq Vt bool 162Set to 163.Dq Li YES 164if you want the removed files to be reported in your daily output. 165.It Va daily_clean_tmps_enable 166.Pq Vt bool 167Set to 168.Dq Li YES 169if you want to clear temporary directories daily. 170.It Va daily_clean_tmps_dirs 171.Pq Vt str 172Set to the list of directories to clear if 173.Va daily_clean_tmps_enable 174is set to 175.Dq Li YES . 176.It Va daily_clean_tmps_days 177.Pq Vt num 178When 179.Va daily_clean_tmps_enable 180is set, this must also be set to the number of days old that a file's access 181and modification times must be before it is deleted. 182.It Va daily_clean_tmps_ignore 183.Pq Vt str 184Set to the list of files that should not be deleted when 185.Va daily_clean_tmps_enable 186is set to 187.Dq Li YES . 188Wild card characters are permitted. 189.It Va daily_clean_tmps_verbose 190.Pq Vt bool 191Set to 192.Dq Li YES 193if you want the removed files to be reported in your daily output. 194.It Va daily_clean_preserve_enable 195.Pq Vt bool 196Set to 197.Dq Li YES 198if you wish to remove old files from 199.Pa /var/preserve . 200.It Va daily_clean_preserve_days 201.Pq Vt num 202Set to the number of days that files must not have been modified before 203they are deleted. 204.It Va daily_clean_preserve_verbose 205.Pq Vt bool 206Set to 207.Dq Li YES 208if you want the removed files to be reported in your daily output. 209.It Va daily_clean_msgs_enable 210.Pq Vt bool 211Set to 212.Dq Li YES 213if you wish old system messages to be purged. 214.It Va daily_clean_msgs_days 215.Pq Vt num 216Set to the number of days that files must not have been modified before 217they are deleted. 218If this variable is left blank, the 219.Xr msgs 1 220default is used. 221.It Va daily_clean_rwho_enable 222.Pq Vt bool 223Set to 224.Dq Li YES 225if you wish old files in 226.Pa /var/who 227to be purged. 228.It Va daily_clean_rwho_days 229.Pq Vt num 230Set to the number of days that files must not have been modified before 231they are deleted. 232.It Va daily_clean_rwho_verbose 233.Pq Vt bool 234Set to 235.Dq Li YES 236if you want the removed files to be reported in your daily output. 237.It Va daily_clean_hoststat_enable 238.Pq Vt bool 239Set to 240.Dq Li YES 241to run 242.Nm sendmail Fl bH 243to automatically purge stale entries from 244.Xr sendmail 8 Ns 's 245host status cache. 246Files will be deleted using the same criteria as 247.Xr sendmail 8 248would normally use when determining whether to believe the cached information, 249as configured in 250.Pa /etc/mail/sendmail.cf . 251.It Va daily_backup_passwd_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255if you want the 256.Pa /etc/master.passwd 257and 258.Pa /etc/group 259files backed up and reported on. 260Reporting consists of checking both files for modifications and running 261.Xr chkgrp 8 262on the 263.Pa group 264file. 265.It Va daily_backup_aliases_enable 266.Pq Vt bool 267Set to 268.Dq Li YES 269if you want the 270.Pa /etc/mail/aliases 271file backed up and modifications to be displayed in your daily output. 272.It Va daily_calendar_enable 273.Pq Vt bool 274Set to 275.Dq Li YES 276if you want to run 277.Nm calendar Fl a 278daily. 279.It Va daily_accounting_enable 280.Pq Vt bool 281Set to 282.Dq Li YES 283if you want to rotate your daily accounting files. 284No rotations are necessary unless 285.Va accounting_enable 286is enabled in 287.Xr rc.conf 5 . 288.It Va daily_accounting_compress 289.Pq Vt bool 290Set to 291.Dq Li YES 292if you want your daily accounting files to be compressed using 293.Xr gzip 1 . 294.It Va daily_accounting_save 295.Pq Vt num 296When 297.Va daily_accounting_enable 298is set, this may also be set to the number of daily accounting files that are 299to be saved. 300The default is 301.Dq Li 3 . 302.It Va daily_accounting_flags 303.Pq Vt str 304Set to the arguments to pass to the 305.Xr sa 8 306utility (in addition to 307.Fl s ) 308when 309.Va daily_accounting_enable 310is set to 311.Dq Li YES . 312The default is 313.Fl q . 314.It Va daily_news_expire_enable 315.Pq Vt bool 316Set to 317.Dq Li YES 318if you want to run 319.Pa /etc/news.expire . 320.It Va daily_status_disks_enable 321.Pq Vt bool 322Set to 323.Dq Li YES 324if you want to run 325.Xr df 1 326(with the arguments supplied in 327.Va daily_status_disks_df_flags ) 328and 329.Nm dump Fl W . 330.It Va daily_status_disks_df_flags 331.Pq Vt str 332Set to the arguments for the 333.Xr df 1 334utility when 335.Va daily_status_disks_enable 336is set to 337.Dq Li YES . 338.It Va daily_status_ata_raid_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342if you want to run 343.Nm atacontrol Cm status 344on your 345.Xr ataraid 4 346arrays. 347.It Va daily_status_gmirror_enable 348.Pq Vt bool 349Set to 350.Dq Li YES 351if you want to run 352.Nm gmirror Cm status 353on your 354.Xr gmirror 8 355devices. 356.It Va daily_status_graid3_enable 357.Pq Vt bool 358Set to 359.Dq Li YES 360if you want to run 361.Nm graid3 Cm status 362on your 363.Xr graid3 8 364devices. 365.It Va daily_status_gstripe_enable 366.Pq Vt bool 367Set to 368.Dq Li YES 369if you want to run 370.Nm gstripe Cm status 371on your 372.Xr gstripe 8 373devices. 374.It Va daily_status_gconcat_enable 375.Pq Vt bool 376Set to 377.Dq Li YES 378if you want to run 379.Nm gconcat Cm status 380on your 381.Xr gconcat 8 382devices. 383.It Va daily_status_network_enable 384.Pq Vt bool 385Set to 386.Dq Li YES 387if you want to run 388.Nm netstat Fl i . 389.It Va daily_status_network_usedns 390.Pq Vt bool 391Set to 392.Dq Li YES 393if you want to run 394.Xr netstat 1 395without the 396.Fl n 397option (to do DNS lookups). 398.It Va daily_status_rwho_enable 399.Pq Vt bool 400Set to 401.Dq Li YES 402if you want to run 403.Xr uptime 1 404(or 405.Xr ruptime 1 406if 407.Va rwhod_enable 408is set to 409.Dq Li YES 410in 411.Pa /etc/rc.conf ) . 412.It Va daily_status_mailq_enable 413.Pq Vt bool 414Set to 415.Dq Li YES 416if you want to run 417.Xr mailq 1 . 418.It Va daily_status_mailq_shorten 419.Pq Vt bool 420Set to 421.Dq Li YES 422if you want to shorten the 423.Xr mailq 1 424output when 425.Va daily_status_mailq_enable 426is set to 427.Dq Li YES . 428.It Va daily_status_include_submit_mailq 429.Pq Vt bool 430Set to 431.Dq Li YES 432if you also want to run 433.Xr mailq 1 434on the submit mail queue when 435.Va daily_status_mailq_enable 436is set to 437.Dq Li YES . 438This may not work with MTAs other than 439.Xr sendmail 8 . 440.It Va daily_status_security_enable 441.Pq Vt bool 442Set to 443.Dq Li YES 444if you want to run the security check. 445The security check is another set of 446.Xr periodic 8 447scripts. 448The system defaults are in 449.Pa /etc/periodic/security . 450Local scripts should be placed in 451.Pa /usr/local/etc/periodic/security . 452See the 453.Xr periodic 8 454manual page for more information. 455.It Va daily_status_security_inline 456.Pq Vt bool 457Set to 458.Dq Li YES 459if you want the security check output inline. 460The default is to either mail or log the output according to the value of 461.Va daily_status_security_output . 462.It Va daily_status_security_output 463.Pq Vt str 464Where to send the output of the security check if 465.Va daily_status_security_inline 466is set to 467.Dq Li NO . 468This variable behaves in the same way as the 469.Va *_output 470variables above, namely it can be set either to one or more email addresses 471or to an absolute file name. 472.It Va daily_status_security_diff_flags 473.Pq Vt str 474Set to the arguments to pass to the 475.Xr diff 1 476utility when generating differences. 477The default is 478.Fl b u . 479.It Va daily_status_security_chksetuid_enable 480.Pq Vt bool 481Set to 482.Dq Li YES 483to compare the modes and modification times of setuid executables with 484the previous day's values. 485.It Va daily_status_security_neggrpperm_enable 486.Pq Vt bool 487Set to 488.Dq Li YES 489to check for files where the group of a file has less permissions than 490the world at large. 491When users are in more than 14 supplemental groups these negative 492permissions may not be enforced via NFS shares. 493.It Va daily_status_security_chkmounts_enable 494.Pq Vt bool 495Set to 496.Dq Li YES 497to check for changes mounted file systems to the previous day's values. 498.It Va daily_status_security_noamd 499.Pq Vt bool 500Set to 501.Dq Li YES 502if you want to ignore 503.Xr amd 8 504mounts when comparing against yesterday's file system mounts in the 505.Va daily_status_security_chkmounts_enable 506check. 507.It Va daily_status_security_chkuid0_enable 508.Pq Vt bool 509Set to 510.Dq Li YES 511to check 512.Pa /etc/master.passwd 513for accounts with UID 0. 514.It Va daily_status_security_passwdless_enable 515.Pq Vt bool 516Set to 517.Dq Li YES 518to check 519.Pa /etc/master.passwd 520for accounts with empty passwords. 521.It Va daily_status_security_logincheck_enable 522.Pq Vt bool 523Set to 524.Dq Li YES 525to check 526.Pa /etc/login.conf 527ownership, see 528.Xr login.conf 5 529for more information. 530.It Va daily_status_security_ipfwdenied_enable 531.Pq Vt bool 532Set to 533.Dq Li YES 534to show log entries for packets denied by 535.Xr ipfw 8 536since yesterday's check. 537.It Va daily_status_security_ipfdenied_enable 538.Pq Vt bool 539Set to 540.Dq Li YES 541to show log entries for packets denied by 542.Xr ipf 8 543since yesterday's check. 544.It Va daily_status_security_pfdenied_enable 545.Pq Vt bool 546Set to 547.Dq Li YES 548to show log entries for packets denied by 549.Xr pf 4 550since yesterday's check. 551.It Va daily_status_security_ipfwlimit_enable 552.Pq Vt bool 553Set to 554.Dq Li YES 555to display 556.Xr ipfw 8 557rules that have reached their verbosity limit. 558.It Va daily_status_security_kernelmsg_enable 559.Pq Vt bool 560Set to 561.Dq Li YES 562to show new 563.Xr dmesg 8 564entries since yesterday's check. 565.It Va daily_status_security_loginfail_enable 566.Pq Vt bool 567Set to 568.Dq Li YES 569to display failed logins from 570.Pa /var/log/messages 571in the previous day. 572.It Va daily_status_security_tcpwrap_enable 573.Pq Vt bool 574Set to 575.Dq Li YES 576to display connections denied by tcpwrappers (see 577.Xr hosts_access 5 ) 578from 579.Pa /var/log/messages 580during the previous day. 581.It Va daily_status_mail_rejects_enable 582.Pq Vt bool 583Set to 584.Dq Li YES 585if you want to summarise mail rejections logged to 586.Pa /var/log/maillog 587for the previous day. 588.It Va daily_status_mail_rejects_logs 589.Pq Vt num 590Set to the number of maillog files that should be checked 591for yesterday's mail rejects. 592.It Va daily_status_named_enable 593.Pq Vt bool 594Set to 595.Dq Li YES 596if you want to summarise denied zone transfers (AXFR and IXFR) 597for the previous day. 598.It Va daily_status_named_usedns 599.Pq Vt bool 600Set to 601.Dq Li YES 602if you want to enable reverse DNS lookups. 603.It Va daily_status_ntpd 604.Pq Vt bool 605Set to 606.Dq Li YES 607if you want to enable NTP status check. 608.It Va daily_queuerun_enable 609.Pq Vt bool 610Set to 611.Dq Li YES 612if you want to manually run the mail queue at least once a day. 613.It Va daily_submit_queuerun 614.Pq Vt bool 615Set to 616.Dq Li YES 617if you also want to manually run the submit mail queue at least once a day 618when 619.Va daily_queuerun_enable 620is set to 621.Dq Li YES . 622.It Va daily_scrub_zfs_enable 623.Pq Vt bool 624Set to 625.Dq Li YES 626if you want to run a zfs scrub periodically. 627.It Va daily_scrub_zfs_pools 628.Pq Vt str 629A space separated list of names of zfs pools to scrub. 630If the list is empty or not set, all zfs pools are scrubbed. 631.It Va daily_scrub_zfs_default_threshold 632.Pq Vt int 633Number of days between a scrub if no pool-specific threshold is set. 634The default value if no value is set is 30. 635.It Va daily_scrub_zfs_ Ns Ao Ar poolname Ac Ns Va _threshold 636.Pq Vt int 637The same as 638.Va daily_scrub_zfs_default_threshold 639but specific to the pool 640.Ao Ar poolname Ac Ns . 641.It Va daily_local 642.Pq Vt str 643Set to a list of extra scripts that should be run after all other 644daily scripts. 645All scripts must be absolute path names. 646.El 647.Pp 648The following variables are used by the standard scripts that reside in 649.Pa /etc/periodic/weekly : 650.Bl -tag -offset 4n -width 2n 651.It Va weekly_locate_enable 652.Pq Vt bool 653Set to 654.Dq Li YES 655if you want to run 656.Pa /usr/libexec/locate.updatedb . 657This script is run using 658.Nm nice Fl 5 659as user 660.Dq Li nobody , 661and generates the table used by the 662.Xr locate 1 663command. 664.It Va weekly_whatis_enable 665.Pq Vt bool 666Set to 667.Dq Li YES 668if you want to run 669.Pa /usr/libexec/makewhatis.local . 670This script regenerates the database used by the 671.Xr apropos 1 672command. 673.It Va weekly_catman_enable 674.Pq Vt bool 675Set to 676.Dq Li YES 677if you want to run 678.Pa /usr/libexec/catman.local . 679This script processes all out of date manual pages, speeding up the 680.Xr man 1 681command at the expense of disk space. 682.It Va weekly_noid_enable 683.Pq Vt bool 684Set to 685.Dq Li YES 686if you want to locate orphaned files on the system. 687An orphaned file is one with an invalid owner or group. 688.It Va weekly_noid_dirs 689.Pq Vt str 690A list of directories under which orphaned files are searched for. 691This would usually be set to 692.Pa / . 693.It Va weekly_status_pkg_enable 694.Pq Vt bool 695Set to 696.Dq Li YES 697if you want to use 698.Xr pkg_version 1 699to list installed packages which are out of date. 700.It Va pkg_version 701.Pq Vt str 702When 703.Va weekly_status_pkg_enable 704is set to 705.Dq Li YES , 706this variable specifies the program that is used to determine the out of 707date packages. 708If unset, the 709.Xr pkg_version 1 710program is used. 711As an example, this variable might be set to 712.Dq Li portversion 713if the 714.Pa ports/sysutils/portupgrade 715port has been installed. 716.It Va pkg_version_index 717.Pq Vt str 718This variable specifies the 719.Pa INDEX 720file from 721.Pa /usr/ports 722that should be used by 723.Xr pkg_version 1 . 724Because the dependency tree may be substantially different between versions of 725.Fx , 726there may be more than one 727.Pa INDEX 728file in 729.Pa /usr/ports . 730.Pp 731Note, if the 732.Va pkg_version 733variable is set to 734.Dq Li portversion , 735it will also be necessary to arrange that the correct 736.Pa INDEX 737file is specified 738using environment variables and that 739.Va pkg_version_index 740is cleared in 741.Pa /etc/periodic.conf 742.Pq Dq Li pkg_version_index= . 743.It Va weekly_local 744.Pq Vt str 745Set to a list of extra scripts that should be run after all other 746weekly scripts. 747All scripts must be absolute path names. 748.El 749.Pp 750The following variables are used by the standard scripts that reside in 751.Pa /etc/periodic/monthly : 752.Bl -tag -offset 4n -width 2n 753.It Va monthly_accounting_enable 754.Pq Vt bool 755Set to 756.Dq Li YES 757if you want to do login accounting using the 758.Xr ac 8 759command. 760.It Va monthly_local 761.Pq Vt str 762Set to a list of extra scripts that should be run after all other 763monthly scripts. 764All scripts must be absolute path names. 765.El 766.Sh FILES 767.Bl -tag -width ".Pa /etc/defaults/periodic.conf" 768.It Pa /etc/defaults/periodic.conf 769The default configuration file. 770This file contains all default variables and values. 771.It Pa /etc/periodic.conf 772The usual system specific variable override file. 773.It Pa /etc/periodic.conf.local 774An additional override file, useful when 775.Pa /etc/periodic.conf 776is shared or distributed. 777.El 778.Sh SEE ALSO 779.Xr apropos 1 , 780.Xr calendar 1 , 781.Xr df 1 , 782.Xr diff 1 , 783.Xr gzip 1 , 784.Xr locate 1 , 785.Xr man 1 , 786.Xr msgs 1 , 787.Xr netstat 1 , 788.Xr nice 1 , 789.Xr pkg_version 1 , 790.Xr login.conf 5 , 791.Xr rc.conf 5 , 792.Xr ac 8 , 793.Xr chkgrp 8 , 794.Xr dump 8 , 795.Xr newsyslog 8 , 796.Xr periodic 8 , 797.Xr sendmail 8 798.Sh HISTORY 799The 800.Nm 801file appeared in 802.Fx 4.1 . 803.Sh AUTHORS 804.An Brian Somers Aq brian@Awfulhak.org 805