Repeating 'security updates' emails

dvl@

Developer
I keep getting these emails every day.

Code:
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for 9.2-RELEASE from update3.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

The following files will be updated as part of updating to 9.2-RELEASE-p5:
/boot/kernel/linker.hints

Running freebsd-update does not resolve this issue. Such emails lose their urgency after a few weeks. Soon, people will start to ignore them entirely.

What can I do to help fix this annoying bug?

(Typed on phone; sorry for any typos)
 
I have this in my /etc/periodic.conf file:

Code:
daily_output="/var/log/daily.log"
weekly_output="/var/log/weekly.log"
monthly_output="/var/log/monthly.log"
daily_status_security_inline="YES"
weekly_status_security_inline="YES"
monthly_status_security_inline="YES"

Which just logs the output to those files which are automatically rotated by settings in /etc/newsyslog.conf. This means I can still go and check the content of the files but means I don't have to be bothered by a daily email. The _inline variables make the security one be part of the others rather than its own separate mail, that might be more what you're looking for?
 
Not quite.

I still want the email from freebsd-update when an update is required. At the moment, freebsd-update is sending a false-postive; no update is required. The server in question is already on the version which freebsd-update claims I need to upgrade to.

Perhaps a better goal is a nagios-like check. Some kind of command we could issue to determine if the system needs an update.
 
I'm glad I'm not the only one suffering from this. I thought it must be something wrong with my server and I've been waiting for help at http://forums.freebsd.org/viewtopic.php?f=4&t=46269.

I don't know how the update process records what it's done, but I presume it's missing the fact it's updated linker.hints and every time it checks thinks the file still needs replacing. It ought to be fairly simple to fix if someone can point us to the right information (well, unless it requires us to edit a binary file, of course)!
 
Maybe you're too unassuming in marking it as non-critical and low priority. It strikes me something that delays the application of security updates by hiding the need among cries of "Wolf!" is both critical and high priority.
 
A good point.

I've replied to the PR suggesting a bump and pointed to my gist.
 
Back
Top