pkg icon indicating copy to clipboard operation
pkg copied to clipboard

Published 20 hours ago verified publisher icon freebsd

Provide mechanisms to ignore jails via prefix matching during audits

Open dlangille opened this issue 2 years ago • 0 comments
trafficstars

This is primarily aimed at poudriere jails but could be used for any jails.

Sample test: with these entries in /etc/periodic.conf, both 405.pkg-base-audit and 410.pkg-audit will ignore jails whose names start with pkg01.131am64 or pkg01.131i386 (pkg01 being the name of the jail in which I run poudriere).

security_status_baseaudit_jails_ignore_wild="pkg01.131am64 pkg01.131i386" security_status_pkgaudit_jails_ignore_wild="pkg01.131am64 pkg01.131i386"

Background:

https://twitter.com/DLangille/status/1662774504207138816 https://gist.github.com/dlangille/c5dabf94a268f253a979c890a37aea38

Thank you

dlangille avatar May 28 '23 12:05 dlangille