xref: /dragonfly/share/man/man5/periodic.conf.5 (revision e293de53) 
1.\"-
2.\" Copyright (c) 2000 Brian Somers <brian@Awfulhak.org>
3.\" All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\"    notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\"    notice, this list of conditions and the following disclaimer in the
12.\"    documentation and/or other materials provided with the distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24.\" SUCH DAMAGE.
25.\"
26.\" $FreeBSD: src/share/man/man5/periodic.conf.5,v 1.8.2.22 2003/02/08 21:42:01 gshapiro Exp $
27.\" $DragonFly: src/share/man/man5/periodic.conf.5,v 1.9 2008/10/22 20:15:55 swildner Exp $
28.\"
29.Dd October 22, 2008
30.Dt PERIODIC.CONF 5
31.Os
32.Sh NAME
33.Nm periodic.conf
34.Nd periodic job configuration information
35.Sh DESCRIPTION
36The file
37.Nm
38contains a description of how daily, weekly and monthly system maintenance
39jobs should run.
40It resides in the
41.Pa /etc/defaults
42directory and parts may be overridden by a file of the same name in
43.Pa /etc ,
44which itself may be overridden by the
45.Pa /etc/periodic.conf.local
46file.
47.Pp
48.Nm
49is actually sourced as a shell script from each of the periodic scripts
50and is intended to simply provide default configuration variables.
51.Pp
52The following variables are used by
53.Xr periodic 8
54itself:
55.Bl -tag -offset 4n -width 2n
56.It Va local_periodic
57.Pq Vt str
58List of directories to search for periodic scripts.
59This list is always prefixed with
60.Pa /etc/periodic ,
61and is only used when an argument to
62.Xr periodic 8
63is not an absolute directory name.
64.It Va dir Ns No _output
65.Pq Vt path No or Vt list
66What to do with the output of the scripts envoked from
67the directory
68.Ar dir .
69If this variable is set to an absolute path name, output is logged to
70that file, otherwise it is taken as one or more space separated email
71addresses and mailed to those users.
72If this variable is not set or is empty, output is sent to standard output.
73.Pp
74For an unattended machine, suitable values for
75.Va daily_output ,
76.Va weekly_output ,
77and
78.Va monthly_output
79might be
80.Pa /var/log/daily.log ,
81.Pa /var/log/weekly.log ,
82and
83.Pa /var/log/monthly.log
84respectively, as
85.Xr newsyslog 8
86will rotate these files (if they exists) at the appropriate times.
87.It Va dir Ns No _show_success
88.It Va dir Ns No _show_info
89.It Va dir Ns No _show_badconfig
90.Pq Vt bool
91These variables control whether
92.Xr periodic 8
93will mask the output of the envoked scripts based on their return code
94(where
95.Ar dir
96is the base directory name in which each script resides).
97If the return code of a script is
98.Sq 0
99and
100.Va dir Ns No _show_success
101is set to
102.Dq NO ,
103.Xr periodic 8
104will mask the script's output.
105If the return code of a script is
106.Sq 1
107and
108.Va dir Ns No _show_info
109is set to
110.Dq NO ,
111.Xr periodic 8
112will mask the script's output.
113If the return code of a script is
114.Sq 2
115and
116.Va dir Ns No _show_badconfig
117is set to
118.Dq NO ,
119.Xr periodic 8
120will mask the script's output.
121If these variables are set to neither
122.Dq YES
123nor
124.Dq NO ,
125they default to
126.Dq YES ,
127.Dq YES
128and
129.Dq NO
130respectively.
131.Pp
132Refer to the
133.Xr periodic 8
134man page for how script return codes are interpreted.
135.El
136.Pp
137The following variables are used by the standard scripts that reside in
138.Pa /etc/periodic/daily :
139.Bl -tag -offset 4n -width 2n
140.It Va daily_clean_disks_enable
141.Pq Vt bool
142Set to
143.Dq YES
144if you want to remove all files matching
145.Va daily_clean_disks_files
146daily.
147.It Va daily_clean_disks_files
148.Pq Vt str
149Set to a list of file names to match.
150Wild cards are permitted.
151.It Va daily_clean_disks_days
152.Pq Vt num
153When
154.Va daily_clean_disks_enable
155is set to
156.Dq YES ,
157this must also be set to the number of days old that a file's access
158and modification times must be before it's deleted.
159.It Va daily_clean_disks_verbose
160.Pq Vt bool
161Set to
162.Dq YES
163if you want the removed files to be reported in your daily output.
164.It Va daily_clean_tmps_enable
165.Pq Vt bool
166Set to
167.Dq YES
168if you want to clear temporary directories daily.
169.It Va daily_clean_tmps_dirs
170.Pq Vt str
171Set to the list of directories to clear if
172.Va daily_clean_tmps_enable
173is set to
174.Dq YES .
175.It Va daily_clean_tmps_days
176.Pq Vt num
177When
178.Va daily_clean_tmps_enable
179is set, this must also be set to the number of days old that a file's access
180and modification times must be before it's deleted.
181.It Va daily_clean_tmps_ignore
182.Pq Vt str
183Set to the list of files that should not be deleted when
184.Va daily_clean_tmps_enable
185is set to
186.Dq YES .
187Wild card characters are permitted.
188.It Va daily_clean_tmps_verbose
189.Pq Vt bool
190Set to
191.Dq YES
192if you want the removed files to be reported in your daily output.
193.It Va daily_clean_preserve_enable
194.Pq Vt bool
195Set to
196.Dq YES
197if you wish to remove old files from
198.Pa /var/preserve .
199.It Va daily_clean_preserve_days
200.Pq Vt num
201Set to the number of days that files must not have been modified before
202they are deleted.
203.It Va daily_clean_preserve_verbose
204.Pq Vt bool
205Set to
206.Dq YES
207if you want the removed files to be reported in your daily output.
208.It Va daily_clean_msgs_enable
209.Pq Vt bool
210Set to
211.Dq YES
212if you wish old system messages to be purged.
213.It Va daily_clean_msgs_days
214.Pq Vt num
215Set to the number of days that files must not have been modified before
216they are deleted.
217If this variable is left blank, the
218.Xr msgs 1
219default is used.
220.It Va daily_clean_rwho_enable
221.Pq Vt bool
222Set to
223.Dq YES
224if you wish old files in
225.Pa /var/who
226to be purged.
227.It Va daily_clean_rwho_days
228.Pq Vt num
229Set to the number of days that files must not have been modified before
230they are deleted.
231.It Va daily_clean_rwho_verbose
232.Pq Vt bool
233Set to
234.Dq YES
235if you want the removed files to be reported in your daily output.
236.It Va daily_clean_hoststat_enable
237.Pq Vt bool
238Set to
239.Dq YES
240to run
241.Nm sendmail Fl bH
242to automatically purge stale entries from
243.Xr sendmail 8 Ns 's
244host status cache.
245Files will be deleted using the same criteria as
246.Xr sendmail 8
247would normally use when determining whether to believe the cached information,
248as configured in
249.Pa /etc/mail/sendmail.cf .
250.It Va daily_clean_hammer_enable
251.Pq Vt bool
252Set to
253.Dq YES
254if you want
255.Xr HAMMER 5
256file systems to be snapshot, pruned and reblocked.
257.It Va daily_clean_hammer_verbose
258.Pq Vt bool
259Set to
260.Dq YES
261if you wish more verbose output.
262.It Va daily_backup_passwd_enable
263.Pq Vt bool
264Set to
265.Dq YES
266if you want the
267.Pa /etc/master.passwd
268and
269.Pa /etc/group
270files backed up and reported on.
271Reporting consists of checking both files for modifications and running
272.Xr chkgrp 8
273on the
274.Pa group
275file.
276.It Va daily_backup_aliases_enable
277.Pq Vt bool
278Set to
279.Dq YES
280if you want the
281.Pa /etc/mail/aliases
282file backed up and modifications to be displayed in your daily output.
283.It Va daily_backup_distfile_enable
284.Pq Vt bool
285Set to
286.Dq YES
287if you want the
288.Pa /etc/Distfile
289file backed up and modifications to be displayed in your daily output.
290.It Va daily_calendar_enable
291.Pq Vt bool
292Set to
293.Dq YES
294if you want to run
295.Ic calendar -a
296daily.
297.It Va daily_accounting_enable
298.Pq Vt bool
299Set to
300.Dq YES
301if you want to rotate your daily accounting files.
302No rotations are necessary unless
303.Va accounting_enable
304is enabled in
305.Xr rc.conf 5 .
306.It Va daily_accounting_compress
307.Pq Vt bool
308Set to
309.Dq YES
310if you want your daily accounting files to be compressed using
311.Xr gzip 1 .
312.It Va daily_accounting_save
313.Pq Vt num
314When
315.Va daily_accounting_enable
316is set, this may also be set to the number of daily accounting files that are
317to be saved.
318The default is
319.Dq 3 .
320.It Va daily_accounting_flags
321.Pq Vt str
322Set to the arguments to pass to the
323.Xr sa 8
324utility (in addition to
325.Fl s )
326when
327.Va daily_accounting_enable
328is set to
329.Dq YES .
330The default is
331.Fl q .
332.It Va daily_distfile_enable
333.Pq Vt bool
334Set to
335.Dq YES
336if you want to run
337.Xr rdist 1
338daily.
339The
340.Pa /etc/Distfile
341file must also exist.
342.It Va daily_news_expire_enable
343.Pq Vt bool
344Set to
345.Dq YES
346if you want to run
347.Pa /etc/news.expire .
348.It Va daily_status_disks_enable
349.Pq Vt bool
350Set to
351.Dq YES
352if you want to run
353.Xr df 1
354(with the arguments supplied in
355.Va daily_status_disks_df_flags )
356and
357.Ic dump -W .
358.It Va daily_status_disks_df_flags
359.Pq Vt str
360Set to the arguments for the
361.Xr df 1
362utility when
363.Va daily_status_disks_enable
364is set to
365.Dq YES .
366.It Va daily_status_network_enable
367.Pq Vt bool
368Set to
369.Dq YES
370if you want to run
371.Ic netstat -i .
372.It Va daily_status_network_usedns
373.Pq Vt bool
374Set to
375.Dq YES
376if you want to run
377.Xr netstat 1
378without the
379.Fl n
380option (to do DNS lookups).
381.It Va daily_status_rwho_enable
382.Pq Vt bool
383Set to
384.Dq YES
385if you want to run
386.Xr uptime 1
387(or
388.Xr ruptime 1
389if
390.Va rwhod_enable
391is set to
392.Dq YES
393in
394.Pa /etc/rc.conf ) .
395.It Va daily_status_mailq_enable
396.Pq Vt bool
397Set to
398.Dq YES
399if you want to run
400.Xr mailq 1 .
401.It Va daily_status_mailq_shorten
402.Pq Vt bool
403Set to
404.Dq YES
405if you want to shorten the
406.Nm mailq
407output when
408.Va daily_status_mailq_enable
409is set to
410.Dq YES .
411.It Va daily_status_include_submit_mailq
412.Pq Vt bool
413Set to
414.Dq YES
415if you also want to run
416.Xr mailq 1
417on the submit mail queue when
418.Va daily_status_mailq_enable
419is set to
420.Dq YES .
421This may not work with MTAs other than
422.Xr sendmail 8 .
423.It Va daily_status_security_enable
424.Pq Vt bool
425Set to
426.Dq YES
427if you want to run the security check.
428The security check is another set of
429.Xr periodic 8
430scripts.
431The system defaults are in
432.Pa /etc/periodic/security .
433Local scripts should be placed in
434.Pa /usr/local/etc/periodic/security .
435See the
436.Xr periodic 8
437manual page for more information.
438.It Va daily_status_security_inline
439.Pq Vt bool
440Set to
441.Dq YES
442if you want the security check output inline.
443The default is to either mail or log the output according to the value of
444.Va daily_status_security_output .
445.It Va daily_status_security_logdir
446.Pq Vt str
447The directory where the security scripts expect the system's log files.
448.It Va daily_status_security_output
449.Pq Vt str
450Where to send the output of the security check if
451.Va daily_status_security_inline
452is set to
453.Dq NO .
454This variable behaves in the same way as the
455.Va *_output
456variables above, namely it can be set either to one or more email addresses
457or to an absolute file name.
458.It Va daily_status_security_diff_flags
459.Pq Vt str
460Set to the arguments to pass to the
461.Xr diff 1
462utility when generating differences.
463The default is
464.Fl u .
465.It Va daily_status_security_chksetuid_enable
466.Pq Vt bool
467Set to
468.Dq YES
469to compare the modes and modification times of setuid executables with
470the previous day's values.
471.It Va daily_status_security_chkmounts_enable
472.Pq Vt bool
473Set to
474.Dq YES
475to check for changes in mounted filesystems to the previous day's values.
476.It Va daily_status_security_chkmounts_ignore
477Set to the list of filesystem types that should not be checked when
478.Va daily_status_security_chkmounts_enable
479is set to
480.Dq YES .
481.It Va daily_status_security_noamd
482.Pq Vt bool
483Set to
484.Dq YES
485if you want to ignore
486.Xr amd 8
487mounts when comparing against yesterdays filesystem mounts in the
488.Va daily_status_security_chkmounts_enable
489check.
490.It Va daily_status_security_nomfs
491.Pq Vt bool
492Set to
493.Dq YES
494if you want to ignore
495.Xr mfs 8
496mounts when comparing against yesterdays filesystem mounts in the
497.Va daily_status_security_chkmounts_enable
498check.
499.It Va daily_status_security_chkuid0_enable
500.Pq Vt bool
501Set to
502.Dq YES
503to check
504.Pa /etc/master.passwd
505for accounts with uid 0.
506.It Va daily_status_security_passwdless_enable
507.Pq Vt bool
508Set to
509.Dq YES
510to check
511.Pa /etc/master.passwd
512for accounts with empty passwords.
513.It Va daily_status_security_logincheck_enable
514.Pq Vt bool
515Set to
516.Dq Li YES
517to check
518.Pa /etc/login.conf
519ownership, see
520.Xr login.conf 5
521for more information.
522.It Va daily_status_security_ipfwdenied_enable
523.Pq Vt bool
524Set to
525.Dq YES
526to show log entries for packets denied by
527.Xr ipfw 8
528since yesterday's check.
529.It Va daily_status_security_ipfdenied_enable
530.Pq Vt bool
531Set to
532.Dq YES
533to show log entries for packets denied by
534.Xr ipf 8
535since yesterday's check.
536.It Va daily_status_security_pfdenied_enable
537.Pq Vt bool
538Set to
539.Dq YES
540to show log entries for packets denied by
541.Xr pf 4
542since yesterday's check.
543.It Va daily_status_security_ipfwlimit_enable
544.Pq Vt bool
545Set to
546.Dq YES
547to display
548.Xr ipfw 8
549rules that have reached their verbosity limit.
550.It Va daily_status_security_ip6fwdenied_enable
551.Pq Vt bool
552Set to
553.Dq YES
554to show log entries for packets denied by
555.Xr ip6fw 8
556since yesterday's check.
557.It Va daily_status_security_ip6fwlimit_enable
558.Pq Vt bool
559Set to
560.Dq YES
561to display
562.Xr ip6fw 8
563rules that have reached their verbosity limit.
564.It Va daily_status_security_kernelmsg_enable
565.Pq Vt bool
566Set to
567.Dq YES
568to show new
569.Xr dmesg 8
570entries since yesterday's check.
571.It Va daily_status_security_loginfail_enable
572.Pq Vt bool
573Set to
574.Dq YES
575to display failed logins from
576.Pa /var/log/messages
577in the previous day.
578.It Va daily_status_security_tcpwrap_enable
579.Pq Vt bool
580Set to
581.Dq YES
582to display connections denied by tcpwrappers (see
583.Xr hosts_access 5 )
584from
585.Pa /var/log/messages
586during the previous day.
587.It Va daily_status_mail_rejects_enable
588.Pq Vt bool
589Set to
590.Dq YES
591if you want to summarise mail rejections logged to
592.Pa /var/log/maillog
593for the previous day.
594.It Va daily_status_mail_rejects_logs
595.Pq Vt num
596Set to the number of maillog files that should be checked
597for yesterday's mail rejects.
598.It Va daily_status_named_enable
599.Pq Vt bool
600Set to
601.Dq YES
602if you want to summarise denied zone transfers (AXFR and IXFR)
603for the previous day.
604.It Va daily_status_named_usedns
605.Pq Vt bool
606Set to
607.Dq YES
608if you want to enable reverse DNS lookups.
609.It Va daily_queuerun_enable
610.Pq Vt bool
611Set to
612.Dq YES
613if you want to manually run the mail queue at least once a day.
614.It Va daily_submit_queuerun
615.Pq Vt bool
616Set to
617.Dq YES
618if you also want to manually run the submit mail queue at least once a day
619when
620.Va daily_queuerun_enable
621is set to
622.Dq YES .
623.It Va daily_local
624.Pq Vt str
625Set to a list of extra scripts that should be run after all other
626daily scripts.
627All scripts must be absolute path names.
628.El
629.Pp
630The following variables are used by the standard scripts that reside in
631.Pa /etc/periodic/weekly :
632.Bl -tag -offset 4n -width 2n
633.It Va weekly_clean_kvmdb_enable
634.Pq Vt bool
635Set to
636.Dq YES
637if you want to purge old
638.Pa /var/db/kvm_*.db
639files.
640The kvm file for the current kernel will not be purged.
641.It Va weekly_clean_kvmdb_days
642.Pq Vt num
643Set to the number of days that the file must not have been accessed
644before being deleted.
645.It Va weekly_clean_kvmdb_verbose
646.Pq Vt bool
647Set to
648.Dq YES
649if you want the removed files to be reported in your weekly output.
650.It Va weekly_locate_enable
651.Pq Vt bool
652Set to
653.Dq YES
654if you want to run
655.Pa /usr/libexec/locate.updatedb .
656This script is run using
657.Ic nice -5
658as user
659.An nobody ,
660and generates the table used by the
661.Xr locate 1
662command.
663.It Va weekly_whatis_enable
664.Pq Vt bool
665Set to
666.Dq YES
667if you want to run
668.Pa /usr/libexec/makewhatis.local .
669This script regenerates the database used by the
670.Xr apropos 1
671command.
672.It Va weekly_catman_enable
673.Pq Vt bool
674Set to
675.Dq YES
676if you want to run
677.Pa /usr/libexec/catman.local .
678This script processes all out of date man pages, speeding up the
679.Xr man 1
680command at the expense of disk space.
681.It Va weekly_noid_enable
682.Pq Vt bool
683Set to
684.Dq YES
685if you want to locate orphaned files on the system.
686An orphaned file is one with an invalid owner or group.
687.It Va weekly_noid_dirs
688.Pq Vt str
689A list of directories under which orphaned files are searched for.
690This would usually be set to
691.Pa / .
692.It Va weekly_local
693.Pq Vt str
694Set to a list of extra scripts that should be run after all other
695weekly scripts.
696All scripts must be absolute path names.
697.El
698.Pp
699The following variables are used by the standard scripts that reside in
700.Pa /etc/periodic/monthly :
701.Bl -tag -offset 4n -width 2n
702.It Va monthly_accounting_enable
703.Pq Vt bool
704Set to
705.Dq YES
706if you want to do login accounting using the
707.Xr ac 8
708command.
709.It Va monthly_statistics_enable
710.Pq Vt bool
711Set to
712.Dq YES
713if you want to report non-identifying information about the OS to the
714.Pa http://www.bsdstats.org
715community site on the internet.
716.It Va monthly_statistics_report_devices
717.Pq Vt bool
718When
719.Va monthly_statistics_report_devices
720is set, this may also be set to report additional device statistics.
721.It Va monthly_local
722.Pq Vt str
723Set to a list of extra scripts that should be run after all other
724monthly scripts.
725All scripts must be absolute path names.
726.El
727.Sh FILES
728.Bl -tag -width /etc/defaults/periodic.conf
729.It Pa /etc/defaults/periodic.conf
730The default configuration file.
731This file contains all default variables and values.
732.It Pa /etc/periodic.conf
733The usual system specific variable override file.
734.It Pa /etc/periodic.conf.local
735An additional override file, useful when
736.Pa /etc/periodic.conf
737is shared or distributed.
738.El
739.Sh SEE ALSO
740.Xr apropos 1 ,
741.Xr calendar 1 ,
742.Xr df 1 ,
743.Xr diff 1 ,
744.Xr gzip 1 ,
745.Xr locate 1 ,
746.Xr man 1 ,
747.Xr msgs 1 ,
748.Xr netstat 1 ,
749.Xr nice 1 ,
750.Xr rdist 1 ,
751.Xr rc.conf 5 ,
752.Xr ac 8 ,
753.Xr amd 8 ,
754.Xr chkgrp 8 ,
755.Xr dump 8 ,
756.Xr mfs 8 ,
757.Xr newsyslog 8 ,
758.Xr periodic 8 ,
759.Xr sendmail 8
760.Sh HISTORY
761The
762.Nm
763file appeared in
764.Fx 4.1 .
765.Sh AUTHORS
766.An Brian Somers Aq brian@Awfulhak.org .
767