Convert uses of test (ie: '[') to use only POSIX specified forms,
just on general principle (all but 3 of the changes are in code that
is commented out...)

branches: 1.92.14;
Indent.

'file system' for consistency with documentation (instead of 'filesystem').

branches: 1.90.2;
Add defaults for pkg_info and pkg_admin variables in case pkgpath.conf
is not installed.

Fix for problematic paths in /etc/daily and /etc/security reported in
PR/47645.

Add a separate file which contains the paths for the pkg_admin and
pkg_info utilities. This is called /etc/pkgpath.conf (to distinguish it
from pkg.conf).

Thanks also to Edgar Fuss for the sanity check.

add missing $, from Petar Bogdanovic

branches: 1.87.2;
Use new makemandb -Q flag to be really quiet.

only announce fetching vulnerabilities file if we do.

PR/46757: Check for fetch_pkg_vulnerabilities unset first.

Call `makemandb -q` instead of `makemandb`, as proposed by Edgar Fuss on
tech-userlevel on 20th of July 2012, 12:38.

PR/46757: Edgar Fu�: Change default to pkg_vulnerabilities from NO to unset,
and make unset insted of NO to produce warnings, so that setting it to NO does
produce warnings (if it is inappropriate for the machine to warn about this).

PR/46756: Edgar Fu�: Enable ignoring subdirectories in daily's find_core

Run makemandb with the normal 022 umask, not the restrictive 077.

branches: 1.80.2;
Don't overwrite run_makemandb. The default is already set in daily.conf.

Import the new apropos/whatis.

This code has been developed by Abhinav Upadhyay as part of Google's Summer
of Code 2011. It uses libmandoc to parse man pages and builds a Full
Text Index in a SQLite database. The combination of indexing the full
manual page, filtering out stop words and ranking individual matches
based on the section gives a much improved user experience.

The old makewhatis and friends are kept under MKMAKEMANDB=no for now.

Add option to include daily insecurity output in daily output.
PR bin/17029

branches: 1.77.6;
`` -> $()

Deprecate the pkgdb_dir settings from daily.conf and security.conf in
favor of the PKG_DBDIR variable in /etc/pkg_install.conf. The purpose
of this is to only have to define the location of the packages database
in a single place and have all other system components pick it up.

pkgdb_dir is still honored if defined and the scripts will spit out a
warning in that case, asking the administrator to migrate to the
PKG_DBDIR setting. We can't remove this compatibility workaround until,
at least, after NetBSD 6 is released.

Reset the umask while refreshing the vulnerabilities database so that it
remains world-readable. Otherwise, it ends up with 600 permissions which
make it unusable for building pkgsrc packages as non-root.

Problem found by wiz@.

Default fetch_pkg_vulnerabilities to NO and complain if it is set to that
value when packages are found (so that the user knows he is not getting the
vulnerability checks).

Why? People is complaining. (And somehow, the argument that NetBSD doesn't
do any network operation by default convinces me that it should continue to
do so.)

But still, I will be adding a question to sysinst to enable/disable this.

Add the fetch_pkg_vulnerabilities option to the daily script to keep the
packages vulnerability database up to date. This will only fetch the
file from the server if it has changed since the last run.

Add the check_pkg_vulnerabilities and check_pkg_signatures options to the
security script to check that the installed packages are sane.

All of these options are enabled by default but they will only run if
there is, at least, one installed package.

add ptyfs to the list of file systems that don't get put into the
nightly df listing

branches: 1.71.4;
Add a run_fsck_flags variable to daily.conf(5), allowing extra flags to
be passed to to daily fsck run.
For example, run_fsck_flags="-Tffs:-X" will run the nighly fsck_ffs on a
snapshot :)

branches: 1.70.12; 1.70.16;
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)

Make the daily script immune to changes of the current working directory
in /etc/daily.local. Fixed PR misc/33461.

branches: 1.68.2;
goodbye uucp

PR/34274: Brian A. Seklecki: Check for uustat before blindly executing since
it might not be there if uucp is not installed.

in short netstat output, use 12 characters for [IO]pkts columns, so that
it doesn't overflow too easily

Small ugly hack -- sed "Mounted on" to "Mount" so that the df line
fits in <80 columns.

We should probably do this better -- I'm going to look into importing
der mouse's halign program to make a cleaner job of this.

branches: 1.64.2; 1.64.4; 1.64.6;
Quote MAILTO properly so that more descriptive names can be used.

Print interface packet counters as strings to prevent integer overflow in awk.

PR misc/7716: add configuration options find_core_ignore_fstypes and
check_devices_ignore_fstypes to allow the filesystem types that are
ignored during the daily and security runs to be adjusted.

If not doing full_netstat, use the -v option anyway to avoid truncating
interface names like bridge0 or pppoe0 - the awk post processing reserves
enough space for the column already.

Avoid the output "Running xxx.local" if the "xxx.local" script
does not produce any output. This matches what /etc/security
already does with /etc/security.local output.

Introduce and use the rcvar_manpage variable, which contains the manual page
name where the user should look at for documentation about rcvar. It defaults
to 'rc.subr(5)', as rc.subr is mainly used by rc.d scripts.

This variable is useful to let the daily, weekly, monthly and security scripts
tune the warning message shown when any of the variables they handle is not
properly set.

Closes PR misc/23908.

branches: 1.58.2;
apply kre's patch from PR#18628:

if /var/account/acct.0.gz exists, keep all the old accounting files
in gzipped format.

Also supress speling erors.

add null & fdesc to the list of file system types to skip in check_disks

Add back nfs partition display if show_remote_fs is on.
As requested by Grant.

Change the default behavior of the netstat run during check_network to
print a summary rather than the full (and not usually desired) output
of netstat -inv. The old behavior can be returned by simply setting
full_netstat to YES in daily.conf.

Original idea by me, cleaner and more correct execution via small awk
script from Greg Woods.

suppress disk reports about nfs mounts, kernfs and procfs.

Don't print "Last dump" report if /etc/dumpdates is zero length or absent.
Don't print OTP/skey report if /etc/skeyskeys is zero length or absent.

use -h ("human readable") instead of -k on nightly df

Redirect stderr as well as stdout in run_calendar (calendar -a)

Suppress emailing the daily security report if it is empty, unless
send_empty_security=YES. Implements change-request PR security/17249
from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.

When finding core files, only print the names of things that are
*files*, (ie, not directories, or symlinks, or...). Also remove
the -a instances. They're implicit.

fix /etc/security stderr redirection.

from rad@twig.com in PR bin/19553.

branches: 1.46.2;
If check_disks=YES, check for failed components in RAIDframe devices.

Ignore errors from /var/account/acct.[123] rotation.
Fix from Katsuomi Hamajima in [misc/13804]

Correctly detect empty mailq with new sendmail versions.
Fix from Anne Bennett in [bin/12901]

Add nullfs to the list of file system types to skip during the "big finds".
Fix from Alan Barrett in [misc/14957].

Watching inode usage is important, too.

Fix a mysterious
csh: Permission denied
csh: Trying to start from "/var/log"
message.

This was caused by the
su -m uucp -c "uustat -a"
line being executed in a directory not readable by uucp. The login
shell implied by -m is of course root's shell, /bin/csh, which doesn't
like not being able to read the dir it is in, and thus the errors. By
temporarily cd'ing to /tmp the problem is fixed.

What is really needed, of course, is a way to tell su what shell you
want to use explicitly, especially for use in scripts where the
vagaries of which shell the login executing the script uses should not
be depended on. No such method exists. One should be added.

Indeed, it might also be nice to have a way of telling su to directly
execute a command with -c rather than using a shell to interpret the
command.

I cannot find any standards documents that specify su at the moment,
though. SuSv2 is silent on su(8).

stylistic nit: dump -W, not dump W

Put the 'uustat -a' into double quotes.
It still doesn't work, but you won't get the error about an Unknown option: `-a'
anymore.

The login shell for uucp is /usr/libexec/uucp/uucico, so su -m doesn't work.
This needs to be fixed.

Run uustat with uid=uucp, not with euid=uucp/uid=root, to prevent
some badboys gaining back root privs. Inspided by OpenBSD.
Not that we didn't have this forever... (SA, anyone?)

run fsck with "-n -f" instead of just "-n"; recent changes to fsck
mean that file systems mounted read-write are skipped unless -f is given.
problem noted by andrew brown.

use mktemp(1) to create temporary directories, and ensure that cleanup traps
are setup asap.

don't remove /var/tmp/vi.recover in (commented *out*) find's.
this fixes PR 11120.
XXX note that this is supposed never to be uncommented due to a security
issue (see /etc/daily) but there is no reason to do things doubly wrong.

run skeyaudit, if run_skeyaudit is set to yes

branches: 1.33.2;
use netstat -inv for all address familires. PR 10249.

branches: 1.32.2;
add "-n" to netstat -i to avoid reverse query and better audit.
print IPv6 interface stat by netstat -inv separately.

comments from: hubertf and others

- Make /etc/daily run /etc/daily.local if it exists. Make similar change for
weekly and monthly scripts.
- Update FILES section in manpages.

Use %d instead of %e to generate rdist log filename using date(1) so that
the resulting filename doesn't contain white space.

Add a comment about why you do not want to uncomment the finds.

* daily/weekly/monthly:
- change to always output a valid To: and Subject: line.
- To: recipient obtained from $MAILTO (defaults to root).
- add date to Subject: line. closes [bin/4526] from Giles Lean
<giles@nemeton.com.au>
* daily: explicitly print 'Nothing to report' if /etc/security didn't
report anything.
* crontab: pass output of scripts through sendmail -t instead of

Format police.

Find core files named "core" as well as "*.core".

include rc.subr and use appropriately

for $check_uucp:
- use /usr/libexec/uucp/clean.daily instead of /etc/uuclean.daily
- use 'su daemon -c command' instead of 'echo "command" | su daemon'

Allows root to specify a MAILTO and have the security report mailed to
the same user as the daily output. If $USER is not root or MAILTO is
not set, MAILTO is set to root. Closes PR 2409.

Add output of `uptime` to report.
From Hubert Feyrer <feyrer@smaug.fh-regensburg.de> in [bin/3220]

bug fix and improvements, mostly from Enami Tsugutomo in PR misc/3681.

cleanup Lite-1 merge

fix typo

add configuration file for daily, weekly, montly, as
daily.conf, weekly.conf and montly.conf. the file
allows each action taken by all scripts to be turned
on or off.

Comment out code which traverses the directory hierarchy and removes
files, as the ``find . ... -exec rm'' used to do so can be subverted
and used to remove arbitrary files.

branches: 1.16.4;
add rcsid and remove dated /var/preserve check.

Don't stomp on arbitrary directories.
(Perhaps there should be a `source /etc/daily.local' hook..)

Fix the fstype-based pruning algorithms. Partly suggested by John Kohl.

branches: 1.13.2;
update to new security script

automatically enable accounting and rotate logs

remove temp file

less paranoia, more 4.4-ish, enable msgs -c

comment out find...rm's, and fix other comments...

building "whatis" db daily is *stupid*

redirect /etc/security's stderr to the security mailing, too.

arrange for all log rotations to be handled by /usr/bin/newsyslog

fix find & deletion of old files so that it doesn't look in kernfs
or fdesc fs

Added /etc/rpc for librpc support
fixed crontab so it works (oops)
fixed /etc/daily whatis.db support

automagically build the 'whatis.db' including `machine` pages

updated for current system setup, and made logs compressed

branches: 1.1.1;
Initial revision

Indent.

'file system' for consistency with documentation (instead of 'filesystem').

branches: 1.90.2;
Add defaults for pkg_info and pkg_admin variables in case pkgpath.conf
is not installed.

Fix for problematic paths in /etc/daily and /etc/security reported in
PR/47645.

Add a separate file which contains the paths for the pkg_admin and
pkg_info utilities. This is called /etc/pkgpath.conf (to distinguish it
from pkg.conf).

Thanks also to Edgar Fuss for the sanity check.

add missing $, from Petar Bogdanovic

branches: 1.87.2;
Use new makemandb -Q flag to be really quiet.

only announce fetching vulnerabilities file if we do.

PR/46757: Check for fetch_pkg_vulnerabilities unset first.

Call `makemandb -q` instead of `makemandb`, as proposed by Edgar Fuss on
tech-userlevel on 20th of July 2012, 12:38.

PR/46757: Edgar Fu�: Change default to pkg_vulnerabilities from NO to unset,
and make unset insted of NO to produce warnings, so that setting it to NO does
produce warnings (if it is inappropriate for the machine to warn about this).

PR/46756: Edgar Fu�: Enable ignoring subdirectories in daily's find_core

Run makemandb with the normal 022 umask, not the restrictive 077.

branches: 1.80.2;
Don't overwrite run_makemandb. The default is already set in daily.conf.

Import the new apropos/whatis.

This code has been developed by Abhinav Upadhyay as part of Google's Summer
of Code 2011. It uses libmandoc to parse man pages and builds a Full
Text Index in a SQLite database. The combination of indexing the full
manual page, filtering out stop words and ranking individual matches
based on the section gives a much improved user experience.

The old makewhatis and friends are kept under MKMAKEMANDB=no for now.

Add option to include daily insecurity output in daily output.
PR bin/17029

branches: 1.77.6;
`` -> $()

Deprecate the pkgdb_dir settings from daily.conf and security.conf in
favor of the PKG_DBDIR variable in /etc/pkg_install.conf. The purpose
of this is to only have to define the location of the packages database
in a single place and have all other system components pick it up.

pkgdb_dir is still honored if defined and the scripts will spit out a
warning in that case, asking the administrator to migrate to the
PKG_DBDIR setting. We can't remove this compatibility workaround until,
at least, after NetBSD 6 is released.

Reset the umask while refreshing the vulnerabilities database so that it
remains world-readable. Otherwise, it ends up with 600 permissions which
make it unusable for building pkgsrc packages as non-root.

Problem found by wiz@.

Default fetch_pkg_vulnerabilities to NO and complain if it is set to that
value when packages are found (so that the user knows he is not getting the
vulnerability checks).

Why? People is complaining. (And somehow, the argument that NetBSD doesn't
do any network operation by default convinces me that it should continue to
do so.)

But still, I will be adding a question to sysinst to enable/disable this.

Add the fetch_pkg_vulnerabilities option to the daily script to keep the
packages vulnerability database up to date. This will only fetch the
file from the server if it has changed since the last run.

Add the check_pkg_vulnerabilities and check_pkg_signatures options to the
security script to check that the installed packages are sane.

All of these options are enabled by default but they will only run if
there is, at least, one installed package.

add ptyfs to the list of file systems that don't get put into the
nightly df listing

branches: 1.71.4;
Add a run_fsck_flags variable to daily.conf(5), allowing extra flags to
be passed to to daily fsck run.
For example, run_fsck_flags="-Tffs:-X" will run the nighly fsck_ffs on a
snapshot :)

branches: 1.70.12; 1.70.16;
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)

Make the daily script immune to changes of the current working directory
in /etc/daily.local. Fixed PR misc/33461.

branches: 1.68.2;
goodbye uucp

PR/34274: Brian A. Seklecki: Check for uustat before blindly executing since
it might not be there if uucp is not installed.

in short netstat output, use 12 characters for [IO]pkts columns, so that
it doesn't overflow too easily

Small ugly hack -- sed "Mounted on" to "Mount" so that the df line
fits in <80 columns.

We should probably do this better -- I'm going to look into importing
der mouse's halign program to make a cleaner job of this.

branches: 1.64.2; 1.64.4; 1.64.6;
Quote MAILTO properly so that more descriptive names can be used.

Print interface packet counters as strings to prevent integer overflow in awk.

PR misc/7716: add configuration options find_core_ignore_fstypes and
check_devices_ignore_fstypes to allow the filesystem types that are
ignored during the daily and security runs to be adjusted.

If not doing full_netstat, use the -v option anyway to avoid truncating
interface names like bridge0 or pppoe0 - the awk post processing reserves
enough space for the column already.

Avoid the output "Running xxx.local" if the "xxx.local" script
does not produce any output. This matches what /etc/security
already does with /etc/security.local output.

Introduce and use the rcvar_manpage variable, which contains the manual page
name where the user should look at for documentation about rcvar. It defaults
to 'rc.subr(5)', as rc.subr is mainly used by rc.d scripts.

This variable is useful to let the daily, weekly, monthly and security scripts
tune the warning message shown when any of the variables they handle is not
properly set.

Closes PR misc/23908.

branches: 1.58.2;
apply kre's patch from PR#18628:

if /var/account/acct.0.gz exists, keep all the old accounting files
in gzipped format.

Also supress speling erors.

add null & fdesc to the list of file system types to skip in check_disks

Add back nfs partition display if show_remote_fs is on.
As requested by Grant.

Change the default behavior of the netstat run during check_network to
print a summary rather than the full (and not usually desired) output
of netstat -inv. The old behavior can be returned by simply setting
full_netstat to YES in daily.conf.

Original idea by me, cleaner and more correct execution via small awk
script from Greg Woods.

suppress disk reports about nfs mounts, kernfs and procfs.

Don't print "Last dump" report if /etc/dumpdates is zero length or absent.
Don't print OTP/skey report if /etc/skeyskeys is zero length or absent.

use -h ("human readable") instead of -k on nightly df

Redirect stderr as well as stdout in run_calendar (calendar -a)

Suppress emailing the daily security report if it is empty, unless
send_empty_security=YES. Implements change-request PR security/17249
from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.

When finding core files, only print the names of things that are
*files*, (ie, not directories, or symlinks, or...). Also remove
the -a instances. They're implicit.

fix /etc/security stderr redirection.

from rad@twig.com in PR bin/19553.

branches: 1.46.2;
If check_disks=YES, check for failed components in RAIDframe devices.

Ignore errors from /var/account/acct.[123] rotation.
Fix from Katsuomi Hamajima in [misc/13804]

Correctly detect empty mailq with new sendmail versions.
Fix from Anne Bennett in [bin/12901]

Add nullfs to the list of file system types to skip during the "big finds".
Fix from Alan Barrett in [misc/14957].

Watching inode usage is important, too.

Fix a mysterious
csh: Permission denied
csh: Trying to start from "/var/log"
message.

This was caused by the
su -m uucp -c "uustat -a"
line being executed in a directory not readable by uucp. The login
shell implied by -m is of course root's shell, /bin/csh, which doesn't
like not being able to read the dir it is in, and thus the errors. By
temporarily cd'ing to /tmp the problem is fixed.

What is really needed, of course, is a way to tell su what shell you
want to use explicitly, especially for use in scripts where the
vagaries of which shell the login executing the script uses should not
be depended on. No such method exists. One should be added.

Indeed, it might also be nice to have a way of telling su to directly
execute a command with -c rather than using a shell to interpret the
command.

I cannot find any standards documents that specify su at the moment,
though. SuSv2 is silent on su(8).

stylistic nit: dump -W, not dump W

Put the 'uustat -a' into double quotes.
It still doesn't work, but you won't get the error about an Unknown option: `-a'
anymore.

The login shell for uucp is /usr/libexec/uucp/uucico, so su -m doesn't work.
This needs to be fixed.

Run uustat with uid=uucp, not with euid=uucp/uid=root, to prevent
some badboys gaining back root privs. Inspided by OpenBSD.
Not that we didn't have this forever... (SA, anyone?)

run fsck with "-n -f" instead of just "-n"; recent changes to fsck
mean that file systems mounted read-write are skipped unless -f is given.
problem noted by andrew brown.

use mktemp(1) to create temporary directories, and ensure that cleanup traps
are setup asap.

don't remove /var/tmp/vi.recover in (commented *out*) find's.
this fixes PR 11120.
XXX note that this is supposed never to be uncommented due to a security
issue (see /etc/daily) but there is no reason to do things doubly wrong.

run skeyaudit, if run_skeyaudit is set to yes

branches: 1.33.2;
use netstat -inv for all address familires. PR 10249.

branches: 1.32.2;
add "-n" to netstat -i to avoid reverse query and better audit.
print IPv6 interface stat by netstat -inv separately.

comments from: hubertf and others

- Make /etc/daily run /etc/daily.local if it exists. Make similar change for
weekly and monthly scripts.
- Update FILES section in manpages.

Use %d instead of %e to generate rdist log filename using date(1) so that
the resulting filename doesn't contain white space.

Add a comment about why you do not want to uncomment the finds.

* daily/weekly/monthly:
- change to always output a valid To: and Subject: line.
- To: recipient obtained from $MAILTO (defaults to root).
- add date to Subject: line. closes [bin/4526] from Giles Lean
<giles@nemeton.com.au>
* daily: explicitly print 'Nothing to report' if /etc/security didn't
report anything.
* crontab: pass output of scripts through sendmail -t instead of

Format police.

Find core files named "core" as well as "*.core".

include rc.subr and use appropriately

for $check_uucp:
- use /usr/libexec/uucp/clean.daily instead of /etc/uuclean.daily
- use 'su daemon -c command' instead of 'echo "command" | su daemon'

Allows root to specify a MAILTO and have the security report mailed to
the same user as the daily output. If $USER is not root or MAILTO is
not set, MAILTO is set to root. Closes PR 2409.

Add output of `uptime` to report.
From Hubert Feyrer <feyrer@smaug.fh-regensburg.de> in [bin/3220]

bug fix and improvements, mostly from Enami Tsugutomo in PR misc/3681.

cleanup Lite-1 merge

fix typo

add configuration file for daily, weekly, montly, as
daily.conf, weekly.conf and montly.conf. the file
allows each action taken by all scripts to be turned
on or off.

Comment out code which traverses the directory hierarchy and removes
files, as the ``find . ... -exec rm'' used to do so can be subverted
and used to remove arbitrary files.

branches: 1.16.4;
add rcsid and remove dated /var/preserve check.

Don't stomp on arbitrary directories.
(Perhaps there should be a `source /etc/daily.local' hook..)

Fix the fstype-based pruning algorithms. Partly suggested by John Kohl.

branches: 1.13.2;
update to new security script

automatically enable accounting and rotate logs

remove temp file

less paranoia, more 4.4-ish, enable msgs -c

comment out find...rm's, and fix other comments...

building "whatis" db daily is *stupid*

redirect /etc/security's stderr to the security mailing, too.

arrange for all log rotations to be handled by /usr/bin/newsyslog

fix find & deletion of old files so that it doesn't look in kernfs
or fdesc fs

Added /etc/rpc for librpc support
fixed crontab so it works (oops)
fixed /etc/daily whatis.db support

automagically build the 'whatis.db' including `machine` pages

updated for current system setup, and made logs compressed

branches: 1.1.1;
Initial revision

import 4.4BSD-Lite

initial import of 386bsd-0.1 sources

from trunk.

Pulled up from rev 1.17

Sync w/ netbsd-1-5-base.

Pull up into netbsd-1-5 branch, OK'd by thorpej:

Files & revisions:
> cvs rdiff -r1.33 -r1.34 basesrc/etc/daily
> cvs rdiff -r1.1 -r1.2 basesrc/etc/default/daily.conf
> cvs rdiff -r1.5 -r1.6 sharesrc/share/man/man5/daily.conf.5

Log message:
> run skeyaudit, if run_skeyaudit is set to yes

Pull up revision 1.47 (requested by grant in ticket #1046):
fix /etc/security stderr redirection.
from rad@twig.com in PR bin/19553.

Pull up revision 1.61 (requested by martin in ticket #415):
If not doing full_netstat, use the -v option anyway to avoid truncating
interface names like bridge0 or pppoe0 - the awk post processing reserves
enough space for the column already.

file daily was added on branch netbsd-2-0 on 2004-05-30 07:22:09 +0000

Pull up following revision(s) (requested by martti in ticket #1800):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)

Pull up following revision(s) (requested by martti in ticket #1800):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)

Pull up following revision(s) (requested by martti in ticket #1800):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)

Pull up following revision(s) (requested by martti in ticket #708):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)

branches: 1.68.2.1.2;
Pull up following revision(s) (requested by hubertf in ticket #301):
etc/daily: revision 1.69
Make the daily script immune to changes of the current working directory
in /etc/daily.local. Fixed PR misc/33461.

Sync w/ NetBSD-4-RC_1

Sync with wrstuden-revivesa-base-2.

Sync with HEAD.

Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html

sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")

sync with head

sync with head

Pull up following revision(s) (requested by tron in ticket #676):
usr.sbin/makemandb/apropos.c: revision 1.7
usr.sbin/makemandb/makemandb.8: revision 1.3
usr.sbin/makemandb/makemandb.8: revision 1.4
usr.sbin/makemandb/makemandb.8: revision 1.5
etc/rc.d/makemandb: revision 1.4
etc/weekly: revision 1.29
usr.sbin/makemandb/makemandb.c: revision 1.10
usr.sbin/makemandb/makemandb.c: revision 1.11
usr.sbin/makemandb/makemandb.c: revision 1.12
usr.sbin/makemandb/makemandb.c: revision 1.13
usr.sbin/makemandb/makemandb.c: revision 1.14
usr.sbin/makemandb/apropos.1: revision 1.5
etc/daily: revision 1.87
Add HISTORY section. From Abhinav Upadhyay in private mail.
Sync with reality, From Abhinav Upadhyay in private mail.
Fix typo in a message.
Bug fix for PR 46733:
> makemandb always reports the same number for "Total Number of new or
> updated pages enountered" and "Total number of (hard or symbolic)
> links found".
Patch from Abhinav Upadhyay.
Sort options in SYNOPSIS.
Sync usage with manpage.
Add -Q flag:
Print only fatal error messages (i.e., when the database is left in
an inconsistent state and needs manual intervention).
From Abhinav Upadhyay <er.abhinav.upadhyay@gmail.com>.
Use new makemandb -Q flag to be really quiet.
Fix usage, from Abhinav Upadhyay <er.abhinav.upadhyay@gmail.com>.
Use emalloc in one more place, like the rest of the code does.
From Abhinav Upadhyay <er.abhinav.upadhyay@gmail.com>.

Include rev 1.86 in the pullup of ticket 457 as well: only print "fetching"
message, if we actually try to fetch the package vulnerabilities file.

Pull up following revision(s) (requested by jdf in ticket #458):
etc/weekly: revision 1.28
etc/daily: revision 1.84
Call `makemandb -f -q` instead of `makemandb -f`, as Edgar Fuss proposed for daily.
Call `makemandb -q` instead of `makemandb`, as proposed by Edgar Fuss on
tech-userlevel on 20th of July 2012, 12:38.

Pull up following revision(s) (requested by christos in ticket #457):
etc/daily: revision 1.83
etc/defaults/daily.conf: revision 1.18
PR/46757: Edgar Fu�: Change default to pkg_vulnerabilities from NO to unset,
and make unset insted of NO to produce warnings, so that setting it to NO does
produce warnings (if it is inappropriate for the machine to warn about this).

Pull up following revision(s) (requested by christos in ticket #456):
etc/daily: revision 1.82
etc/defaults/daily.conf: revision 1.17
share/man/man5/daily.5: revision 1.5
PR/46756: Edgar Fu�: Enable ignoring subdirectories in daily's find_core

Pull up following revision(s) (requested by joerg in ticket #2):
etc/weekly: revision 1.26
etc/daily: revision 1.81
UPDATING: revision 1.235
Run makemandb with the normal 022 umask, not the restrictive 077.
Extend entry to makemandb permission issue.

Rebase to HEAD as of a few days ago.

resync from head

Rebase.