MFC r316548:

Quiet 450.status-security when *_inline="YES"

Previously, 450.status-security would always set rc=3 in inline mode,
because it doesn't know whether "periodic security" is going to find
anything interesting. But this annoyingly results in daily reports that
simply say "Security check: \n\n-- End of daily output --".

This change fixes that by testing whether "periodic security" printed
anything, and setting 450.status-security's exit status to 3 if it did. An
alternative would be to change the exit status of periodic(8) to be the
worst of its scripts' exit statuses, but that would be a more intrusive
change.

Reviewed by: brian
Differential Revision: https://reviews.freebsd.org/D10267

Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

If daily_status_security_inline is set, the rc value needs to be
forced to 3 so that the output of this script is always displayed.
In fact, setting this flag is identical to setting
daily_status_security_output to an empty string. To make the logic
less confusing, change the behavior of daily_status_security_inline
such that it just forces daily_status_security_output to an empty
string and then applies the normal logic.

PR: conf/178611
Submitted by: Jason Unovitch <jason.unovitch@gmail.com>
MFC after: 3 days

The security run requests unmaskable output, even if the only output is to
tell that there is a separate email or that the output is logged to a file.

This commit changes the return code for the non-inline case to tell that
this message is not important enough and can be masked if necessary. The
messages from the security checks themself are not affected by this and
show up as before in the periodic security email/file.

The inline case still requests to not mask the output, as with the current
way of handling this there is no easy way to handle this.

PR: 138692
Analysis/patch atch by: Chris Cowart <ccowart@timesinks.net>
X-MFC after: on request

Return 3 unless $daily_status_security_enable != YES.
Returning $? masks security output when ``periodic security'' is successful !

MFC after: 3 days

Long ago, there was just /etc/daily. Then /etc/security was split out
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.

Reviewed by: ru
Approved by: ru

Make sure the security check output includes a To: line in the
same way the daily run output does.

Remove vestiges of MFS.

Allow the output of /etc/security to be logged or mailed to different
users in line with ${daily,weekly,monthly}_output using a new
$daily_status_security_output variable.

PR: 24643

Another overhaul of the periodic stuff.

All periodic sub-scripts <larf> now have their return codes interpreted
by periodic(8). Output may be masked based on variable values in
periodic.conf.

It's also now possible to email periodic output to arbitrary addresses,
or to send it to a log file, examples of which can be found in
newsyslog.conf.

The upshot of it all should be no discernable changes to the default
behaviour of periodic(8).

PR: 21250

Introduce /etc/defaults/periodic.conf, similar in concept to rc.conf.
The only change in the default functionality should be that
the output reports are slightly more verbose WRT files deleted.

Not objected to by: freebsd-arch

$Id$ -> $FreeBSD$

Cosmetic changes.
Submitted by: Philippe Charnier <charnier@xp11.frmug.org>

This commit was generated by cvs2svn to compensate for changes in r28263,
which included commits to RCS files with non-trunk default branches.

Copy /etc/cron.d to /etc/periodic per-request of many.
This wasn't done with a repository copy because there was no
history of any consequence. Flames to me.