>Number:         17887
>Category:       bin
>Synopsis:       Unnecessary daily insecurity output.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 08 16:06:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Mishka
>Release:        NetBSD 1.6D
>Organization:
Terabyte ACS
>Environment:
NetBSD/i386 1.6D
>Description:
	Greetings!

	The one of rules of Unix philosophy is "if some program
	works well, no any output from it needed".  Every day I
	start with reading following message about insecurity state
	of each of my systems:

		"Nothing to report on $DATE"

	It sounds great, but I think it would be much greater if
	that message just will not be sent :)

	Such, if no any insecurity outputs, we not recieve any
	messages. But if some problems occurs, the old good "daily
	insecurity..." message will be sent to operator as well as
	posting additional line inside simple daily output (for
	emphasizing attention).

>How-To-Repeat:
	It will be automatically genrated at every night.

>Fix:
	Please use the following patch to basesrc/etc/daily, v 1.46:

--- etc/daily	Fri Aug  9 01:30:00 2002
+++ etc/daily.new	Fri Aug  9 01:31:10 2002
@@ -227,10 +227,12 @@
 if checkyesno run_security; then
 	SECOUT="$DAILYDIR/sec"
 	sh /etc/security 2>&1 > "$SECOUT"
-	if [ ! -s "$SECOUT" ]; then
-		echo "Nothing to report on $date" > "$SECOUT"
+	if [ -s "$SECOUT" ]; then
+		echo ""
+		echo "Insecurity report mailed separately."
+		mail -s "$host daily insecurity output for $date" \
+			$MAILTO < "$SECOUT"
 	fi
-	mail -s "$host daily insecurity output for $date" $MAILTO < "$SECOUT"
 fi
 
 if checkyesno run_skeyaudit; then


	--
	Best regards,
	Mishka.
>Release-Note:
>Audit-Trail:
>Unformatted: