Repeating 'security updates' emails

dvl@

Aspiring Daemon
Developer

Reaction score: 65
Messages: 551

I keep getting these emails every day.

Code:
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for 9.2-RELEASE from update3.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

The following files will be updated as part of updating to 9.2-RELEASE-p5:
/boot/kernel/linker.hints
Running freebsd-update does not resolve this issue. Such emails lose their urgency after a few weeks. Soon, people will start to ignore them entirely.

What can I do to help fix this annoying bug?

(Typed on phone; sorry for any typos)
 

wblock@

Beastie Himself
Developer

Reaction score: 3,649
Messages: 13,850

Maybe redirect stdout for that command in crontab(5), leaving stderr so it'll send mail only if there's a problem.
 
OP
OP
dvl@

dvl@

Aspiring Daemon
Developer

Reaction score: 65
Messages: 551

That would also block authentic 'security updates' emails.
 

xtaz

Well-Known Member

Reaction score: 120
Messages: 435

I have this in my /etc/periodic.conf file:

Code:
daily_output="/var/log/daily.log"
weekly_output="/var/log/weekly.log"
monthly_output="/var/log/monthly.log"
daily_status_security_inline="YES"
weekly_status_security_inline="YES"
monthly_status_security_inline="YES"
Which just logs the output to those files which are automatically rotated by settings in /etc/newsyslog.conf. This means I can still go and check the content of the files but means I don't have to be bothered by a daily email. The _inline variables make the security one be part of the others rather than its own separate mail, that might be more what you're looking for?
 
OP
OP
dvl@

dvl@

Aspiring Daemon
Developer

Reaction score: 65
Messages: 551

Not quite.

I still want the email from freebsd-update when an update is required. At the moment, freebsd-update is sending a false-postive; no update is required. The server in question is already on the version which freebsd-update claims I need to upgrade to.

Perhaps a better goal is a nagios-like check. Some kind of command we could issue to determine if the system needs an update.
 

kjpetrie

Active Member

Reaction score: 6
Messages: 122

I'm glad I'm not the only one suffering from this. I thought it must be something wrong with my server and I've been waiting for help at http://forums.freebsd.org/viewtopic.php?f=4&t=46269.

I don't know how the update process records what it's done, but I presume it's missing the fact it's updated linker.hints and every time it checks thinks the file still needs replacing. It ought to be fairly simple to fix if someone can point us to the right information (well, unless it requires us to edit a binary file, of course)!
 

kjpetrie

Active Member

Reaction score: 6
Messages: 122

Maybe you're too unassuming in marking it as non-critical and low priority. It strikes me something that delays the application of security updates by hiding the need among cries of "Wolf!" is both critical and high priority.
 
OP
OP
dvl@

dvl@

Aspiring Daemon
Developer

Reaction score: 65
Messages: 551

A good point.

I've replied to the PR suggesting a bump and pointed to my gist.
 
Top