netbsd-bugs: misc/4401: Empty mail message from /etc/security when nothing to report

Subject: misc/4401: Empty mail message from /etc/security when nothing to report
To: None <gnats-bugs@gnats.netbsd.org>
From: Erik Bertelsen <erik@erik-be.uni-c.dk>
List: netbsd-bugs
Date: 10/30/1997 23:50:21

>Number:         4401
>Category:       misc
>Synopsis:       Empty mail message from /etc/security when nothing to report
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people (Misc Bug People)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Fri Oct 31 10:20:22 1997
>Last-Modified:
>Originator:     Erik Bertelsen
>Organization:
	
>Release:        NetBSD-current 30 oct 1997
>Environment:
	
System: NetBSD erik-be.uni-c.dk 1.3_ALPHA NetBSD 1.3_ALPHA (ERIKBE) #63: Thu Oct 30 09:52:48 MET 1997 erik@erik-be.uni-c.dk:/sw/NetBSD/src/sys/arch/i386/compile/ERIKBE i386


>Description:
With recent updates to the /etc/security script and updates to
/etc/mtree/special, we have now come to a situation where the
security script may run without generating any output -- at least
those days where various files in /etc haven't been updated.

When this happens, the following output is made from /etc/daily:

---------------extract begin--------------------------
network:
Name  Mtu   Network       Address              Ipkts Ierrs    Opkts Oerrs
Coll
ep0   1500  <Link>        00:20:af:76:4b:10    39188     0    14241     0
0
ep0   1500  130.228.12/25 erik-be              39188     0    14241     0
0
lo0   32976 <Link>                                25     0       25     0
0
lo0   32976 127           localhost               25     0       25     0
0


Null message body; hope that's ok
------------------end of extract---------------------

and an empty message is being sent with the subject of daily security
output.

I really don't like getting these empty messages every day, and after
thinking a bit about it, my proposal is:

   - /etc/daily collects the output from /etc/security in a temporary
     file
   - if that file is empty, a message is printed on /etc/daily's output,
     and no mail message is being sent
   - if that file is non-empty, the contents is mailed under the subject
     of '<machine> daily security output' as it is today.

This will reduce the amount of messages being sent, while still making
a note (in daily's output) of the fact that there were not security
related messages.

If this is not fixed one way or the other, I'd expect these empty
mail messages to become the cause of a Frequently Asked Question :-)

If you insist on having /etc/security sending a message every day, it
should at least have a non-empty message body to indicate that the report
is empty and to avoid the "Null message body..." entry from /etc/daily.

 regards

 Erik Bertelsen
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted: