Subject: Re: conf/165331: periodic security run output gives false positives after 1 year The following reply was made to PR conf/165331; it has been noted by GNATS. From: Garance A Drosehn <gad@xxxxxxxxxxx> To: bug-followup@xxxxxxxxxxx Cc: Subject: Re: conf/165331: periodic security run output gives false positives after 1 year Date: Tue, 21 Feb 2012 12:32:40 -0500 Note that catmsgs() function in periodic/security/800.loginfail starts off with: find ${LOG} -name 'auth.log.*' -mtime -2 | [...etc...] Note the '-mtime -2' on that 'find' command. It is *not* reading all archived logs on the disk. It is reading all files which have a last-modified time within 2 days of the time the command is executed. It would still be a good idea to do something to fix the problem as described, but that problem would be fixed by having the log files rotated just once-per-year. (Or it could be fixed by including the year in timestamps written to the log files). -- Garance Alistair Drosehn = gad@xxxxxxxxxxxxxxxxxxxx Senior Systems Programmer or gad@xxxxxxxxxxx Rensselaer Polytechnic Institute or drosih@xxxxxxx _______________________________________________ freebsd-bugs@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@xxxxxxxxxxx" |