1.\"- 2.\" Copyright (c) 2000 Brian Somers <brian@Awfulhak.org> 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd May 30, 2012 29.Dt PERIODIC.CONF 5 30.Os 31.Sh NAME 32.Nm periodic.conf 33.Nd periodic job configuration information 34.Sh DESCRIPTION 35The file 36.Nm 37contains a description of how daily, weekly and monthly system maintenance 38jobs should run. 39It resides in the 40.Pa /etc/defaults 41directory and parts may be overridden by a file of the same name in 42.Pa /etc , 43which itself may be overridden by the 44.Pa /etc/periodic.conf.local 45file. 46.Pp 47The 48.Nm 49file 50is actually sourced as a shell script from each of the periodic scripts 51and is intended to simply provide default configuration variables. 52.Pp 53The following variables are used by 54.Xr periodic 8 55itself: 56.Bl -tag -offset 4n -width 2n 57.It Va local_periodic 58.Pq Vt str 59List of directories to search for periodic scripts. 60This list is always prefixed with 61.Pa /etc/periodic , 62and is only used when an argument to 63.Xr periodic 8 64is not an absolute directory name. 65.It Ao Ar dir Ac Ns Va _output 66.Pq Vt path No or Vt list 67What to do with the output of the scripts executed from 68the directory 69.Ar dir . 70If this variable is set to an absolute path name, output is logged to 71that file, otherwise it is taken as one or more space separated email 72addresses and mailed to those users. 73If this variable is not set or is empty, output is sent to standard output. 74.Pp 75For an unattended machine, suitable values for 76.Va daily_output , 77.Va weekly_output , 78and 79.Va monthly_output 80might be 81.Dq Li /var/log/daily.log , 82.Dq Li /var/log/weekly.log , 83and 84.Dq Li /var/log/monthly.log 85respectively, as 86.Xr newsyslog 8 87will rotate these files (if they exists) at the appropriate times. 88.It Ao Ar dir Ac Ns Va _show_success 89.It Ao Ar dir Ac Ns Va _show_info 90.It Ao Ar dir Ac Ns Va _show_badconfig 91.Pq Vt bool 92These variables control whether 93.Xr periodic 8 94will mask the output of the executed scripts based on their return code 95(where 96.Ar dir 97is the base directory name in which each script resides). 98If the return code of a script is 99.Sq 0 100and 101.Ao Ar dir Ac Ns Va _show_success 102is set to 103.Dq Li NO , 104.Xr periodic 8 105will mask the script's output. 106If the return code of a script is 107.Sq 1 108and 109.Ao Ar dir Ac Ns Va _show_info 110is set to 111.Dq Li NO , 112.Xr periodic 8 113will mask the script's output. 114If the return code of a script is 115.Sq 2 116and 117.Ao Ar dir Ac Ns Va _show_badconfig 118is set to 119.Dq Li NO , 120.Xr periodic 8 121will mask the script's output. 122If these variables are set to neither 123.Dq Li YES 124nor 125.Dq Li NO , 126they default to 127.Dq Li YES , 128.Dq Li YES 129and 130.Dq Li NO 131respectively. 132.Pp 133Refer to the 134.Xr periodic 8 135manual page for how script return codes are interpreted. 136.El 137.Pp 138The following variables are used by the standard scripts that reside in 139.Pa /etc/periodic/daily : 140.Bl -tag -offset 4n -width 2n 141.It Va daily_clean_disks_enable 142.Pq Vt bool 143Set to 144.Dq Li YES 145if you want to remove all files matching 146.Va daily_clean_disks_files 147daily. 148.It Va daily_clean_disks_files 149.Pq Vt str 150Set to a list of file names to match. 151Wild cards are permitted. 152.It Va daily_clean_disks_days 153.Pq Vt num 154When 155.Va daily_clean_disks_enable 156is set to 157.Dq Li YES , 158this must also be set to the number of days old that a file's access 159and modification times must be before it is deleted. 160.It Va daily_clean_disks_verbose 161.Pq Vt bool 162Set to 163.Dq Li YES 164if you want the removed files to be reported in your daily output. 165.It Va daily_clean_tmps_enable 166.Pq Vt bool 167Set to 168.Dq Li YES 169if you want to clear temporary directories daily. 170.It Va daily_clean_tmps_dirs 171.Pq Vt str 172Set to the list of directories to clear if 173.Va daily_clean_tmps_enable 174is set to 175.Dq Li YES . 176.It Va daily_clean_tmps_days 177.Pq Vt num 178When 179.Va daily_clean_tmps_enable 180is set, this must also be set to the number of days old that a file's access 181and modification times must be before it is deleted. 182.It Va daily_clean_tmps_ignore 183.Pq Vt str 184Set to the list of files that should not be deleted when 185.Va daily_clean_tmps_enable 186is set to 187.Dq Li YES . 188Wild card characters are permitted. 189.It Va daily_clean_tmps_verbose 190.Pq Vt bool 191Set to 192.Dq Li YES 193if you want the removed files to be reported in your daily output. 194.It Va daily_clean_preserve_enable 195.Pq Vt bool 196Set to 197.Dq Li YES 198if you wish to remove old files from 199.Pa /var/preserve . 200.It Va daily_clean_preserve_days 201.Pq Vt num 202Set to the number of days that files must not have been modified before 203they are deleted. 204.It Va daily_clean_preserve_verbose 205.Pq Vt bool 206Set to 207.Dq Li YES 208if you want the removed files to be reported in your daily output. 209.It Va daily_clean_msgs_enable 210.Pq Vt bool 211Set to 212.Dq Li YES 213if you wish old system messages to be purged. 214.It Va daily_clean_msgs_days 215.Pq Vt num 216Set to the number of days that files must not have been modified before 217they are deleted. 218If this variable is left blank, the 219.Xr msgs 1 220default is used. 221.It Va daily_clean_rwho_enable 222.Pq Vt bool 223Set to 224.Dq Li YES 225if you wish old files in 226.Pa /var/who 227to be purged. 228.It Va daily_clean_rwho_days 229.Pq Vt num 230Set to the number of days that files must not have been modified before 231they are deleted. 232.It Va daily_clean_rwho_verbose 233.Pq Vt bool 234Set to 235.Dq Li YES 236if you want the removed files to be reported in your daily output. 237.It Va daily_clean_hoststat_enable 238.Pq Vt bool 239Set to 240.Dq Li YES 241to run 242.Nm sendmail Fl bH 243to automatically purge stale entries from 244.Xr sendmail 8 Ns 's 245host status cache. 246Files will be deleted using the same criteria as 247.Xr sendmail 8 248would normally use when determining whether to believe the cached information, 249as configured in 250.Pa /etc/mail/sendmail.cf . 251.It Va daily_backup_passwd_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255if you want the 256.Pa /etc/master.passwd 257and 258.Pa /etc/group 259files backed up and reported on. 260Reporting consists of checking both files for modifications and running 261.Xr chkgrp 8 262on the 263.Pa group 264file. 265.It Va daily_backup_aliases_enable 266.Pq Vt bool 267Set to 268.Dq Li YES 269if you want the 270.Pa /etc/mail/aliases 271file backed up and modifications to be displayed in your daily output. 272.It Va daily_calendar_enable 273.Pq Vt bool 274Set to 275.Dq Li YES 276if you want to run 277.Nm calendar Fl a 278daily. 279.It Va daily_accounting_enable 280.Pq Vt bool 281Set to 282.Dq Li YES 283if you want to rotate your daily accounting files. 284No rotations are necessary unless 285.Va accounting_enable 286is enabled in 287.Xr rc.conf 5 . 288.It Va daily_accounting_compress 289.Pq Vt bool 290Set to 291.Dq Li YES 292if you want your daily accounting files to be compressed using 293.Xr gzip 1 . 294.It Va daily_accounting_save 295.Pq Vt num 296When 297.Va daily_accounting_enable 298is set, this may also be set to the number of daily accounting files that are 299to be saved. 300The default is 301.Dq Li 3 . 302.It Va daily_accounting_flags 303.Pq Vt str 304Set to the arguments to pass to the 305.Xr sa 8 306utility (in addition to 307.Fl s ) 308when 309.Va daily_accounting_enable 310is set to 311.Dq Li YES . 312The default is 313.Fl q . 314.It Va daily_news_expire_enable 315.Pq Vt bool 316Set to 317.Dq Li YES 318if you want to run 319.Pa /etc/news.expire . 320.It Va daily_status_disks_enable 321.Pq Vt bool 322Set to 323.Dq Li YES 324if you want to run 325.Xr df 1 326(with the arguments supplied in 327.Va daily_status_disks_df_flags ) 328and 329.Nm dump Fl W . 330.It Va daily_status_disks_df_flags 331.Pq Vt str 332Set to the arguments for the 333.Xr df 1 334utility when 335.Va daily_status_disks_enable 336is set to 337.Dq Li YES . 338.It Va daily_status_zfs_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342if you want to run 343.Nm zpool Cm status 344on your 345.Xr zfs 8 346pools. 347.It Va daily_status_zfs_zpool_list_enable 348.Pq Vt bool 349Set to 350.Dq Li YES 351if you want to run 352.Nm zpool Cm list 353on your 354.Xr zfs 8 355pools. 356Requires 357.Va daily_status_zfs_enable 358to be set to 359.Li YES . 360.It Va daily_status_gmirror_enable 361.Pq Vt bool 362Set to 363.Dq Li YES 364if you want to run 365.Nm gmirror Cm status 366on your 367.Xr gmirror 8 368devices. 369.It Va daily_status_graid3_enable 370.Pq Vt bool 371Set to 372.Dq Li YES 373if you want to run 374.Nm graid3 Cm status 375on your 376.Xr graid3 8 377devices. 378.It Va daily_status_gstripe_enable 379.Pq Vt bool 380Set to 381.Dq Li YES 382if you want to run 383.Nm gstripe Cm status 384on your 385.Xr gstripe 8 386devices. 387.It Va daily_status_gconcat_enable 388.Pq Vt bool 389Set to 390.Dq Li YES 391if you want to run 392.Nm gconcat Cm status 393on your 394.Xr gconcat 8 395devices. 396.It Va daily_status_network_enable 397.Pq Vt bool 398Set to 399.Dq Li YES 400if you want to run 401.Nm netstat Fl i . 402.It Va daily_status_network_usedns 403.Pq Vt bool 404Set to 405.Dq Li YES 406if you want to run 407.Xr netstat 1 408without the 409.Fl n 410option (to do DNS lookups). 411.It Va daily_status_rwho_enable 412.Pq Vt bool 413Set to 414.Dq Li YES 415if you want to run 416.Xr uptime 1 417(or 418.Xr ruptime 1 419if 420.Va rwhod_enable 421is set to 422.Dq Li YES 423in 424.Pa /etc/rc.conf ) . 425.It Va daily_status_mailq_enable 426.Pq Vt bool 427Set to 428.Dq Li YES 429if you want to run 430.Xr mailq 1 . 431.It Va daily_status_mailq_shorten 432.Pq Vt bool 433Set to 434.Dq Li YES 435if you want to shorten the 436.Xr mailq 1 437output when 438.Va daily_status_mailq_enable 439is set to 440.Dq Li YES . 441.It Va daily_status_include_submit_mailq 442.Pq Vt bool 443Set to 444.Dq Li YES 445if you also want to run 446.Xr mailq 1 447on the submit mail queue when 448.Va daily_status_mailq_enable 449is set to 450.Dq Li YES . 451This may not work with MTAs other than 452.Xr sendmail 8 . 453.It Va daily_status_security_enable 454.Pq Vt bool 455Set to 456.Dq Li YES 457if you want to run the security check. 458The security check is another set of 459.Xr periodic 8 460scripts. 461The system defaults are in 462.Pa /etc/periodic/security . 463Local scripts should be placed in 464.Pa /usr/local/etc/periodic/security . 465See the 466.Xr periodic 8 467manual page for more information. 468.It Va daily_status_security_inline 469.Pq Vt bool 470Set to 471.Dq Li YES 472if you want the security check output inline. 473The default is to either mail or log the output according to the value of 474.Va daily_status_security_output . 475.It Va daily_status_security_output 476.Pq Vt str 477Where to send the output of the security check if 478.Va daily_status_security_inline 479is set to 480.Dq Li NO . 481This variable behaves in the same way as the 482.Va *_output 483variables above, namely it can be set either to one or more email addresses 484or to an absolute file name. 485.It Va daily_status_security_diff_flags 486.Pq Vt str 487Set to the arguments to pass to the 488.Xr diff 1 489utility when generating differences. 490The default is 491.Fl b u . 492.It Va daily_status_security_chksetuid_enable 493.Pq Vt bool 494Set to 495.Dq Li YES 496to compare the modes and modification times of setuid executables with 497the previous day's values. 498.It Va daily_status_security_chkportsum_enable 499.Pq Vt bool 500Set to 501.Dq Li YES 502to verify checksums of all installed packages against the known checksums in 503.Pa /var/db/pkg . 504.It Va daily_status_security_neggrpperm_enable 505.Pq Vt bool 506Set to 507.Dq Li YES 508to check for files where the group of a file has less permissions than 509the world at large. 510When users are in more than 14 supplemental groups these negative 511permissions may not be enforced via NFS shares. 512.It Va daily_status_security_chkmounts_enable 513.Pq Vt bool 514Set to 515.Dq Li YES 516to check for changes mounted file systems to the previous day's values. 517.It Va daily_status_security_noamd 518.Pq Vt bool 519Set to 520.Dq Li YES 521if you want to ignore 522.Xr amd 8 523mounts when comparing against yesterday's file system mounts in the 524.Va daily_status_security_chkmounts_enable 525check. 526.It Va daily_status_security_chkuid0_enable 527.Pq Vt bool 528Set to 529.Dq Li YES 530to check 531.Pa /etc/master.passwd 532for accounts with UID 0. 533.It Va daily_status_security_passwdless_enable 534.Pq Vt bool 535Set to 536.Dq Li YES 537to check 538.Pa /etc/master.passwd 539for accounts with empty passwords. 540.It Va daily_status_security_logincheck_enable 541.Pq Vt bool 542Set to 543.Dq Li YES 544to check 545.Pa /etc/login.conf 546ownership, see 547.Xr login.conf 5 548for more information. 549.It Va daily_status_security_ipfwdenied_enable 550.Pq Vt bool 551Set to 552.Dq Li YES 553to show log entries for packets denied by 554.Xr ipfw 8 555since yesterday's check. 556.It Va daily_status_security_ipfdenied_enable 557.Pq Vt bool 558Set to 559.Dq Li YES 560to show log entries for packets denied by 561.Xr ipf 8 562since yesterday's check. 563.It Va daily_status_security_pfdenied_enable 564.Pq Vt bool 565Set to 566.Dq Li YES 567to show log entries for packets denied by 568.Xr pf 4 569since yesterday's check. 570.It Va daily_status_security_ipfwlimit_enable 571.Pq Vt bool 572Set to 573.Dq Li YES 574to display 575.Xr ipfw 8 576rules that have reached their verbosity limit. 577.It Va daily_status_security_kernelmsg_enable 578.Pq Vt bool 579Set to 580.Dq Li YES 581to show new 582.Xr dmesg 8 583entries since yesterday's check. 584.It Va daily_status_security_loginfail_enable 585.Pq Vt bool 586Set to 587.Dq Li YES 588to display failed logins from 589.Pa /var/log/messages 590in the previous day. 591.It Va daily_status_security_tcpwrap_enable 592.Pq Vt bool 593Set to 594.Dq Li YES 595to display connections denied by tcpwrappers (see 596.Xr hosts_access 5 ) 597from 598.Pa /var/log/messages 599during the previous day. 600.It Va daily_status_mail_rejects_enable 601.Pq Vt bool 602Set to 603.Dq Li YES 604if you want to summarise mail rejections logged to 605.Pa /var/log/maillog 606for the previous day. 607.It Va daily_status_mail_rejects_logs 608.Pq Vt num 609Set to the number of maillog files that should be checked 610for yesterday's mail rejects. 611.It Va daily_status_named_enable 612.Pq Vt bool 613Set to 614.Dq Li YES 615if you want to summarise denied zone transfers (AXFR and IXFR) 616for the previous day. 617.It Va daily_status_named_usedns 618.Pq Vt bool 619Set to 620.Dq Li YES 621if you want to enable reverse DNS lookups. 622.It Va daily_status_ntpd 623.Pq Vt bool 624Set to 625.Dq Li YES 626if you want to enable NTP status check. 627.It Va daily_queuerun_enable 628.Pq Vt bool 629Set to 630.Dq Li YES 631if you want to manually run the mail queue at least once a day. 632.It Va daily_submit_queuerun 633.Pq Vt bool 634Set to 635.Dq Li YES 636if you also want to manually run the submit mail queue at least once a day 637when 638.Va daily_queuerun_enable 639is set to 640.Dq Li YES . 641.It Va daily_scrub_zfs_enable 642.Pq Vt bool 643Set to 644.Dq Li YES 645if you want to run a zfs scrub periodically. 646.It Va daily_scrub_zfs_pools 647.Pq Vt str 648A space separated list of names of zfs pools to scrub. 649If the list is empty or not set, all zfs pools are scrubbed. 650.It Va daily_scrub_zfs_default_threshold 651.Pq Vt int 652Number of days between a scrub if no pool-specific threshold is set. 653If not set, the default value is 35, corresponding to 5 weeks. 654.It Va daily_scrub_zfs_ Ns Ao Ar poolname Ac Ns Va _threshold 655.Pq Vt int 656The same as 657.Va daily_scrub_zfs_default_threshold 658but specific to the pool 659.Ao Ar poolname Ac Ns . 660.It Va daily_local 661.Pq Vt str 662Set to a list of extra scripts that should be run after all other 663daily scripts. 664All scripts must be absolute path names. 665.El 666.Pp 667The following variables are used by the standard scripts that reside in 668.Pa /etc/periodic/weekly : 669.Bl -tag -offset 4n -width 2n 670.It Va weekly_locate_enable 671.Pq Vt bool 672Set to 673.Dq Li YES 674if you want to run 675.Pa /usr/libexec/locate.updatedb . 676This script is run using 677.Nm nice Fl 5 678as user 679.Dq Li nobody , 680and generates the table used by the 681.Xr locate 1 682command. 683.It Va weekly_whatis_enable 684.Pq Vt bool 685Set to 686.Dq Li YES 687if you want to run 688.Pa /usr/libexec/makewhatis.local . 689This script regenerates the database used by the 690.Xr apropos 1 691command. 692.It Va weekly_catman_enable 693.Pq Vt bool 694Set to 695.Dq Li YES 696if you want to run 697.Pa /usr/libexec/catman.local . 698This script processes all out of date manual pages, speeding up the 699.Xr man 1 700command at the expense of disk space. 701.It Va weekly_noid_enable 702.Pq Vt bool 703Set to 704.Dq Li YES 705if you want to locate orphaned files on the system. 706An orphaned file is one with an invalid owner or group. 707.It Va weekly_noid_dirs 708.Pq Vt str 709A list of directories under which orphaned files are searched for. 710This would usually be set to 711.Pa / . 712.It Va weekly_status_pkg_enable 713.Pq Vt bool 714Set to 715.Dq Li YES 716if you want to use 717.Xr pkg_version 1 718to list installed packages which are out of date. 719.It Va pkg_version 720.Pq Vt str 721When 722.Va weekly_status_pkg_enable 723is set to 724.Dq Li YES , 725this variable specifies the program that is used to determine the out of 726date packages. 727If unset, the 728.Xr pkg_version 1 729program is used. 730As an example, this variable might be set to 731.Dq Li portversion 732if the 733.Pa ports/sysutils/portupgrade 734port has been installed. 735.It Va pkg_version_index 736.Pq Vt str 737This variable specifies the 738.Pa INDEX 739file from 740.Pa /usr/ports 741that should be used by 742.Xr pkg_version 1 . 743Because the dependency tree may be substantially different between versions of 744.Fx , 745there may be more than one 746.Pa INDEX 747file in 748.Pa /usr/ports . 749.Pp 750Note, if the 751.Va pkg_version 752variable is set to 753.Dq Li portversion , 754it will also be necessary to arrange that the correct 755.Pa INDEX 756file is specified 757using environment variables and that 758.Va pkg_version_index 759is cleared in 760.Pa /etc/periodic.conf 761.Pq Dq Li pkg_version_index= . 762.It Va weekly_local 763.Pq Vt str 764Set to a list of extra scripts that should be run after all other 765weekly scripts. 766All scripts must be absolute path names. 767.El 768.Pp 769The following variables are used by the standard scripts that reside in 770.Pa /etc/periodic/monthly : 771.Bl -tag -offset 4n -width 2n 772.It Va monthly_accounting_enable 773.Pq Vt bool 774Set to 775.Dq Li YES 776if you want to do login accounting using the 777.Xr ac 8 778command. 779.It Va monthly_local 780.Pq Vt str 781Set to a list of extra scripts that should be run after all other 782monthly scripts. 783All scripts must be absolute path names. 784.El 785.Sh FILES 786.Bl -tag -width ".Pa /etc/defaults/periodic.conf" 787.It Pa /etc/defaults/periodic.conf 788The default configuration file. 789This file contains all default variables and values. 790.It Pa /etc/periodic.conf 791The usual system specific variable override file. 792.It Pa /etc/periodic.conf.local 793An additional override file, useful when 794.Pa /etc/periodic.conf 795is shared or distributed. 796.El 797.Sh SEE ALSO 798.Xr apropos 1 , 799.Xr calendar 1 , 800.Xr df 1 , 801.Xr diff 1 , 802.Xr gzip 1 , 803.Xr locate 1 , 804.Xr man 1 , 805.Xr msgs 1 , 806.Xr netstat 1 , 807.Xr nice 1 , 808.Xr pkg_version 1 , 809.Xr login.conf 5 , 810.Xr rc.conf 5 , 811.Xr ac 8 , 812.Xr chkgrp 8 , 813.Xr dump 8 , 814.Xr newsyslog 8 , 815.Xr periodic 8 , 816.Xr sendmail 8 817.Sh HISTORY 818The 819.Nm 820file appeared in 821.Fx 4.1 . 822.Sh AUTHORS 823.An Brian Somers Aq brian@Awfulhak.org 824