1.\"- 2.\" Copyright (c) 2000 Brian Somers <brian@Awfulhak.org> 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd May 30, 2012 29.Dt PERIODIC.CONF 5 30.Os 31.Sh NAME 32.Nm periodic.conf 33.Nd periodic job configuration information 34.Sh DESCRIPTION 35The file 36.Nm 37contains a description of how daily, weekly and monthly system maintenance 38jobs should run. 39It resides in the 40.Pa /etc/defaults 41directory and parts may be overridden by a file of the same name in 42.Pa /etc , 43which itself may be overridden by the 44.Pa /etc/periodic.conf.local 45file. 46.Pp 47The 48.Nm 49file 50is actually sourced as a shell script from each of the periodic scripts 51and is intended to simply provide default configuration variables. 52.Pp 53The following variables are used by 54.Xr periodic 8 55itself: 56.Bl -tag -offset 4n -width 2n 57.It Va local_periodic 58.Pq Vt str 59List of directories to search for periodic scripts. 60This list is always prefixed with 61.Pa /etc/periodic , 62and is only used when an argument to 63.Xr periodic 8 64is not an absolute directory name. 65.It Ao Ar dir Ac Ns Va _output 66.Pq Vt path No or Vt list 67What to do with the output of the scripts executed from 68the directory 69.Ar dir . 70If this variable is set to an absolute path name, output is logged to 71that file, otherwise it is taken as one or more space separated email 72addresses and mailed to those users. 73If this variable is not set or is empty, output is sent to standard output. 74.Pp 75For an unattended machine, suitable values for 76.Va daily_output , 77.Va weekly_output , 78and 79.Va monthly_output 80might be 81.Dq Li /var/log/daily.log , 82.Dq Li /var/log/weekly.log , 83and 84.Dq Li /var/log/monthly.log 85respectively, as 86.Xr newsyslog 8 87will rotate these files (if they exists) at the appropriate times. 88.It Ao Ar dir Ac Ns Va _show_success 89.It Ao Ar dir Ac Ns Va _show_info 90.It Ao Ar dir Ac Ns Va _show_badconfig 91.Pq Vt bool 92These variables control whether 93.Xr periodic 8 94will mask the output of the executed scripts based on their return code 95(where 96.Ar dir 97is the base directory name in which each script resides). 98If the return code of a script is 99.Sq 0 100and 101.Ao Ar dir Ac Ns Va _show_success 102is set to 103.Dq Li NO , 104.Xr periodic 8 105will mask the script's output. 106If the return code of a script is 107.Sq 1 108and 109.Ao Ar dir Ac Ns Va _show_info 110is set to 111.Dq Li NO , 112.Xr periodic 8 113will mask the script's output. 114If the return code of a script is 115.Sq 2 116and 117.Ao Ar dir Ac Ns Va _show_badconfig 118is set to 119.Dq Li NO , 120.Xr periodic 8 121will mask the script's output. 122If these variables are set to neither 123.Dq Li YES 124nor 125.Dq Li NO , 126they default to 127.Dq Li YES , 128.Dq Li YES 129and 130.Dq Li NO 131respectively. 132.Pp 133Refer to the 134.Xr periodic 8 135manual page for how script return codes are interpreted. 136.El 137.Pp 138The following variables are used by the standard scripts that reside in 139.Pa /etc/periodic/daily : 140.Bl -tag -offset 4n -width 2n 141.It Va daily_clean_disks_enable 142.Pq Vt bool 143Set to 144.Dq Li YES 145if you want to remove all files matching 146.Va daily_clean_disks_files 147daily. 148.It Va daily_clean_disks_files 149.Pq Vt str 150Set to a list of file names to match. 151Wild cards are permitted. 152.It Va daily_clean_disks_days 153.Pq Vt num 154When 155.Va daily_clean_disks_enable 156is set to 157.Dq Li YES , 158this must also be set to the number of days old that a file's access 159and modification times must be before it is deleted. 160.It Va daily_clean_disks_verbose 161.Pq Vt bool 162Set to 163.Dq Li YES 164if you want the removed files to be reported in your daily output. 165.It Va daily_clean_tmps_enable 166.Pq Vt bool 167Set to 168.Dq Li YES 169if you want to clear temporary directories daily. 170.It Va daily_clean_tmps_dirs 171.Pq Vt str 172Set to the list of directories to clear if 173.Va daily_clean_tmps_enable 174is set to 175.Dq Li YES . 176.It Va daily_clean_tmps_days 177.Pq Vt num 178When 179.Va daily_clean_tmps_enable 180is set, this must also be set to the number of days old that a file's access 181and modification times must be before it is deleted. 182.It Va daily_clean_tmps_ignore 183.Pq Vt str 184Set to the list of files that should not be deleted when 185.Va daily_clean_tmps_enable 186is set to 187.Dq Li YES . 188Wild card characters are permitted. 189.It Va daily_clean_tmps_verbose 190.Pq Vt bool 191Set to 192.Dq Li YES 193if you want the removed files to be reported in your daily output. 194.It Va daily_clean_preserve_enable 195.Pq Vt bool 196Set to 197.Dq Li YES 198if you wish to remove old files from 199.Pa /var/preserve . 200.It Va daily_clean_preserve_days 201.Pq Vt num 202Set to the number of days that files must not have been modified before 203they are deleted. 204.It Va daily_clean_preserve_verbose 205.Pq Vt bool 206Set to 207.Dq Li YES 208if you want the removed files to be reported in your daily output. 209.It Va daily_clean_msgs_enable 210.Pq Vt bool 211Set to 212.Dq Li YES 213if you wish old system messages to be purged. 214.It Va daily_clean_msgs_days 215.Pq Vt num 216Set to the number of days that files must not have been modified before 217they are deleted. 218If this variable is left blank, the 219.Xr msgs 1 220default is used. 221.It Va daily_clean_rwho_enable 222.Pq Vt bool 223Set to 224.Dq Li YES 225if you wish old files in 226.Pa /var/who 227to be purged. 228.It Va daily_clean_rwho_days 229.Pq Vt num 230Set to the number of days that files must not have been modified before 231they are deleted. 232.It Va daily_clean_rwho_verbose 233.Pq Vt bool 234Set to 235.Dq Li YES 236if you want the removed files to be reported in your daily output. 237.It Va daily_clean_hoststat_enable 238.Pq Vt bool 239Set to 240.Dq Li YES 241to run 242.Nm sendmail Fl bH 243to automatically purge stale entries from 244.Xr sendmail 8 Ns 's 245host status cache. 246Files will be deleted using the same criteria as 247.Xr sendmail 8 248would normally use when determining whether to believe the cached information, 249as configured in 250.Pa /etc/mail/sendmail.cf . 251.It Va daily_backup_passwd_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255if you want the 256.Pa /etc/master.passwd 257and 258.Pa /etc/group 259files backed up and reported on. 260Reporting consists of checking both files for modifications and running 261.Xr chkgrp 8 262on the 263.Pa group 264file. 265.It Va daily_backup_aliases_enable 266.Pq Vt bool 267Set to 268.Dq Li YES 269if you want the 270.Pa /etc/mail/aliases 271file backed up and modifications to be displayed in your daily output. 272.It Va daily_calendar_enable 273.Pq Vt bool 274Set to 275.Dq Li YES 276if you want to run 277.Nm calendar Fl a 278daily. 279.It Va daily_accounting_enable 280.Pq Vt bool 281Set to 282.Dq Li YES 283if you want to rotate your daily accounting files. 284No rotations are necessary unless 285.Va accounting_enable 286is enabled in 287.Xr rc.conf 5 . 288.It Va daily_accounting_compress 289.Pq Vt bool 290Set to 291.Dq Li YES 292if you want your daily accounting files to be compressed using 293.Xr gzip 1 . 294.It Va daily_accounting_save 295.Pq Vt num 296When 297.Va daily_accounting_enable 298is set, this may also be set to the number of daily accounting files that are 299to be saved. 300The default is 301.Dq Li 3 . 302.It Va daily_accounting_flags 303.Pq Vt str 304Set to the arguments to pass to the 305.Xr sa 8 306utility (in addition to 307.Fl s ) 308when 309.Va daily_accounting_enable 310is set to 311.Dq Li YES . 312The default is 313.Fl q . 314.It Va daily_news_expire_enable 315.Pq Vt bool 316Set to 317.Dq Li YES 318if you want to run 319.Pa /etc/news.expire . 320.It Va daily_status_disks_enable 321.Pq Vt bool 322Set to 323.Dq Li YES 324if you want to run 325.Xr df 1 326(with the arguments supplied in 327.Va daily_status_disks_df_flags ) 328and 329.Nm dump Fl W . 330.It Va daily_status_disks_df_flags 331.Pq Vt str 332Set to the arguments for the 333.Xr df 1 334utility when 335.Va daily_status_disks_enable 336is set to 337.Dq Li YES . 338.It Va daily_status_zfs_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342if you want to run 343.Nm zpool Cm status 344on your 345.Xr zfs 8 346pools. 347.It Va daily_status_zfs_zpool_list_enable 348.Pq Vt bool 349Set to 350.Dq Li YES 351if you want to run 352.Nm zpool Cm list 353on your 354.Xr zfs 8 355pools. 356Requires 357.Va daily_status_zfs_enable 358to be set to 359.Li YES . 360.It Va daily_status_ata_raid_enable 361.Pq Vt bool 362Set to 363.Dq Li YES 364if you want to run 365.Nm atacontrol Cm status 366on your 367.Xr ataraid 4 368arrays. 369.It Va daily_status_gmirror_enable 370.Pq Vt bool 371Set to 372.Dq Li YES 373if you want to run 374.Nm gmirror Cm status 375on your 376.Xr gmirror 8 377devices. 378.It Va daily_status_graid3_enable 379.Pq Vt bool 380Set to 381.Dq Li YES 382if you want to run 383.Nm graid3 Cm status 384on your 385.Xr graid3 8 386devices. 387.It Va daily_status_gstripe_enable 388.Pq Vt bool 389Set to 390.Dq Li YES 391if you want to run 392.Nm gstripe Cm status 393on your 394.Xr gstripe 8 395devices. 396.It Va daily_status_gconcat_enable 397.Pq Vt bool 398Set to 399.Dq Li YES 400if you want to run 401.Nm gconcat Cm status 402on your 403.Xr gconcat 8 404devices. 405.It Va daily_status_network_enable 406.Pq Vt bool 407Set to 408.Dq Li YES 409if you want to run 410.Nm netstat Fl i . 411.It Va daily_status_network_usedns 412.Pq Vt bool 413Set to 414.Dq Li YES 415if you want to run 416.Xr netstat 1 417without the 418.Fl n 419option (to do DNS lookups). 420.It Va daily_status_rwho_enable 421.Pq Vt bool 422Set to 423.Dq Li YES 424if you want to run 425.Xr uptime 1 426(or 427.Xr ruptime 1 428if 429.Va rwhod_enable 430is set to 431.Dq Li YES 432in 433.Pa /etc/rc.conf ) . 434.It Va daily_status_mailq_enable 435.Pq Vt bool 436Set to 437.Dq Li YES 438if you want to run 439.Xr mailq 1 . 440.It Va daily_status_mailq_shorten 441.Pq Vt bool 442Set to 443.Dq Li YES 444if you want to shorten the 445.Xr mailq 1 446output when 447.Va daily_status_mailq_enable 448is set to 449.Dq Li YES . 450.It Va daily_status_include_submit_mailq 451.Pq Vt bool 452Set to 453.Dq Li YES 454if you also want to run 455.Xr mailq 1 456on the submit mail queue when 457.Va daily_status_mailq_enable 458is set to 459.Dq Li YES . 460This may not work with MTAs other than 461.Xr sendmail 8 . 462.It Va daily_status_security_enable 463.Pq Vt bool 464Set to 465.Dq Li YES 466if you want to run the security check. 467The security check is another set of 468.Xr periodic 8 469scripts. 470The system defaults are in 471.Pa /etc/periodic/security . 472Local scripts should be placed in 473.Pa /usr/local/etc/periodic/security . 474See the 475.Xr periodic 8 476manual page for more information. 477.It Va daily_status_security_inline 478.Pq Vt bool 479Set to 480.Dq Li YES 481if you want the security check output inline. 482The default is to either mail or log the output according to the value of 483.Va daily_status_security_output . 484.It Va daily_status_security_output 485.Pq Vt str 486Where to send the output of the security check if 487.Va daily_status_security_inline 488is set to 489.Dq Li NO . 490This variable behaves in the same way as the 491.Va *_output 492variables above, namely it can be set either to one or more email addresses 493or to an absolute file name. 494.It Va daily_status_security_diff_flags 495.Pq Vt str 496Set to the arguments to pass to the 497.Xr diff 1 498utility when generating differences. 499The default is 500.Fl b u . 501.It Va daily_status_security_chksetuid_enable 502.Pq Vt bool 503Set to 504.Dq Li YES 505to compare the modes and modification times of setuid executables with 506the previous day's values. 507.It Va daily_status_security_chkportsum_enable 508.Pq Vt bool 509Set to 510.Dq Li YES 511to verify checksums of all installed packages against the known checksums in 512.Pa /var/db/pkg . 513.It Va daily_status_security_neggrpperm_enable 514.Pq Vt bool 515Set to 516.Dq Li YES 517to check for files where the group of a file has less permissions than 518the world at large. 519When users are in more than 14 supplemental groups these negative 520permissions may not be enforced via NFS shares. 521.It Va daily_status_security_chkmounts_enable 522.Pq Vt bool 523Set to 524.Dq Li YES 525to check for changes mounted file systems to the previous day's values. 526.It Va daily_status_security_noamd 527.Pq Vt bool 528Set to 529.Dq Li YES 530if you want to ignore 531.Xr amd 8 532mounts when comparing against yesterday's file system mounts in the 533.Va daily_status_security_chkmounts_enable 534check. 535.It Va daily_status_security_chkuid0_enable 536.Pq Vt bool 537Set to 538.Dq Li YES 539to check 540.Pa /etc/master.passwd 541for accounts with UID 0. 542.It Va daily_status_security_passwdless_enable 543.Pq Vt bool 544Set to 545.Dq Li YES 546to check 547.Pa /etc/master.passwd 548for accounts with empty passwords. 549.It Va daily_status_security_logincheck_enable 550.Pq Vt bool 551Set to 552.Dq Li YES 553to check 554.Pa /etc/login.conf 555ownership, see 556.Xr login.conf 5 557for more information. 558.It Va daily_status_security_ipfwdenied_enable 559.Pq Vt bool 560Set to 561.Dq Li YES 562to show log entries for packets denied by 563.Xr ipfw 8 564since yesterday's check. 565.It Va daily_status_security_ipfdenied_enable 566.Pq Vt bool 567Set to 568.Dq Li YES 569to show log entries for packets denied by 570.Xr ipf 8 571since yesterday's check. 572.It Va daily_status_security_pfdenied_enable 573.Pq Vt bool 574Set to 575.Dq Li YES 576to show log entries for packets denied by 577.Xr pf 4 578since yesterday's check. 579.It Va daily_status_security_ipfwlimit_enable 580.Pq Vt bool 581Set to 582.Dq Li YES 583to display 584.Xr ipfw 8 585rules that have reached their verbosity limit. 586.It Va daily_status_security_kernelmsg_enable 587.Pq Vt bool 588Set to 589.Dq Li YES 590to show new 591.Xr dmesg 8 592entries since yesterday's check. 593.It Va daily_status_security_loginfail_enable 594.Pq Vt bool 595Set to 596.Dq Li YES 597to display failed logins from 598.Pa /var/log/messages 599in the previous day. 600.It Va daily_status_security_tcpwrap_enable 601.Pq Vt bool 602Set to 603.Dq Li YES 604to display connections denied by tcpwrappers (see 605.Xr hosts_access 5 ) 606from 607.Pa /var/log/messages 608during the previous day. 609.It Va daily_status_mail_rejects_enable 610.Pq Vt bool 611Set to 612.Dq Li YES 613if you want to summarise mail rejections logged to 614.Pa /var/log/maillog 615for the previous day. 616.It Va daily_status_mail_rejects_logs 617.Pq Vt num 618Set to the number of maillog files that should be checked 619for yesterday's mail rejects. 620.It Va daily_status_named_enable 621.Pq Vt bool 622Set to 623.Dq Li YES 624if you want to summarise denied zone transfers (AXFR and IXFR) 625for the previous day. 626.It Va daily_status_named_usedns 627.Pq Vt bool 628Set to 629.Dq Li YES 630if you want to enable reverse DNS lookups. 631.It Va daily_status_ntpd 632.Pq Vt bool 633Set to 634.Dq Li YES 635if you want to enable NTP status check. 636.It Va daily_queuerun_enable 637.Pq Vt bool 638Set to 639.Dq Li YES 640if you want to manually run the mail queue at least once a day. 641.It Va daily_submit_queuerun 642.Pq Vt bool 643Set to 644.Dq Li YES 645if you also want to manually run the submit mail queue at least once a day 646when 647.Va daily_queuerun_enable 648is set to 649.Dq Li YES . 650.It Va daily_scrub_zfs_enable 651.Pq Vt bool 652Set to 653.Dq Li YES 654if you want to run a zfs scrub periodically. 655.It Va daily_scrub_zfs_pools 656.Pq Vt str 657A space separated list of names of zfs pools to scrub. 658If the list is empty or not set, all zfs pools are scrubbed. 659.It Va daily_scrub_zfs_default_threshold 660.Pq Vt int 661Number of days between a scrub if no pool-specific threshold is set. 662If not set, the default value is 35, corresponding to 5 weeks. 663.It Va daily_scrub_zfs_ Ns Ao Ar poolname Ac Ns Va _threshold 664.Pq Vt int 665The same as 666.Va daily_scrub_zfs_default_threshold 667but specific to the pool 668.Ao Ar poolname Ac Ns . 669.It Va daily_local 670.Pq Vt str 671Set to a list of extra scripts that should be run after all other 672daily scripts. 673All scripts must be absolute path names. 674.El 675.Pp 676The following variables are used by the standard scripts that reside in 677.Pa /etc/periodic/weekly : 678.Bl -tag -offset 4n -width 2n 679.It Va weekly_locate_enable 680.Pq Vt bool 681Set to 682.Dq Li YES 683if you want to run 684.Pa /usr/libexec/locate.updatedb . 685This script is run using 686.Nm nice Fl 5 687as user 688.Dq Li nobody , 689and generates the table used by the 690.Xr locate 1 691command. 692.It Va weekly_whatis_enable 693.Pq Vt bool 694Set to 695.Dq Li YES 696if you want to run 697.Pa /usr/libexec/makewhatis.local . 698This script regenerates the database used by the 699.Xr apropos 1 700command. 701.It Va weekly_catman_enable 702.Pq Vt bool 703Set to 704.Dq Li YES 705if you want to run 706.Pa /usr/libexec/catman.local . 707This script processes all out of date manual pages, speeding up the 708.Xr man 1 709command at the expense of disk space. 710.It Va weekly_noid_enable 711.Pq Vt bool 712Set to 713.Dq Li YES 714if you want to locate orphaned files on the system. 715An orphaned file is one with an invalid owner or group. 716.It Va weekly_noid_dirs 717.Pq Vt str 718A list of directories under which orphaned files are searched for. 719This would usually be set to 720.Pa / . 721.It Va weekly_status_pkg_enable 722.Pq Vt bool 723Set to 724.Dq Li YES 725if you want to use 726.Xr pkg_version 1 727to list installed packages which are out of date. 728.It Va pkg_version 729.Pq Vt str 730When 731.Va weekly_status_pkg_enable 732is set to 733.Dq Li YES , 734this variable specifies the program that is used to determine the out of 735date packages. 736If unset, the 737.Xr pkg_version 1 738program is used. 739As an example, this variable might be set to 740.Dq Li portversion 741if the 742.Pa ports/sysutils/portupgrade 743port has been installed. 744.It Va pkg_version_index 745.Pq Vt str 746This variable specifies the 747.Pa INDEX 748file from 749.Pa /usr/ports 750that should be used by 751.Xr pkg_version 1 . 752Because the dependency tree may be substantially different between versions of 753.Fx , 754there may be more than one 755.Pa INDEX 756file in 757.Pa /usr/ports . 758.Pp 759Note, if the 760.Va pkg_version 761variable is set to 762.Dq Li portversion , 763it will also be necessary to arrange that the correct 764.Pa INDEX 765file is specified 766using environment variables and that 767.Va pkg_version_index 768is cleared in 769.Pa /etc/periodic.conf 770.Pq Dq Li pkg_version_index= . 771.It Va weekly_local 772.Pq Vt str 773Set to a list of extra scripts that should be run after all other 774weekly scripts. 775All scripts must be absolute path names. 776.El 777.Pp 778The following variables are used by the standard scripts that reside in 779.Pa /etc/periodic/monthly : 780.Bl -tag -offset 4n -width 2n 781.It Va monthly_accounting_enable 782.Pq Vt bool 783Set to 784.Dq Li YES 785if you want to do login accounting using the 786.Xr ac 8 787command. 788.It Va monthly_local 789.Pq Vt str 790Set to a list of extra scripts that should be run after all other 791monthly scripts. 792All scripts must be absolute path names. 793.El 794.Sh FILES 795.Bl -tag -width ".Pa /etc/defaults/periodic.conf" 796.It Pa /etc/defaults/periodic.conf 797The default configuration file. 798This file contains all default variables and values. 799.It Pa /etc/periodic.conf 800The usual system specific variable override file. 801.It Pa /etc/periodic.conf.local 802An additional override file, useful when 803.Pa /etc/periodic.conf 804is shared or distributed. 805.El 806.Sh SEE ALSO 807.Xr apropos 1 , 808.Xr calendar 1 , 809.Xr df 1 , 810.Xr diff 1 , 811.Xr gzip 1 , 812.Xr locate 1 , 813.Xr man 1 , 814.Xr msgs 1 , 815.Xr netstat 1 , 816.Xr nice 1 , 817.Xr pkg_version 1 , 818.Xr login.conf 5 , 819.Xr rc.conf 5 , 820.Xr ac 8 , 821.Xr chkgrp 8 , 822.Xr dump 8 , 823.Xr newsyslog 8 , 824.Xr periodic 8 , 825.Xr sendmail 8 826.Sh HISTORY 827The 828.Nm 829file appeared in 830.Fx 4.1 . 831.Sh AUTHORS 832.An Brian Somers Aq brian@Awfulhak.org 833