|Summary:||[PATCH] Make glsa-check not sending mail when unaffected|
|Product:||Portage Development||Reporter:||Christian Gut <cycloon>|
|Component:||Tools||Assignee:||Portage team <dev-portage>|
|Package list:||Runtime testing required:||---|
|Bug Depends on:|
|Bug Blocks:||237964, 268001|
Patch for glsa-check so that it only sends mail if any glsa affects the system
Indicate empty list in mail subject
[PATCH] Add quiet option
Description Christian Gut 2007-06-23 15:38:55 UTC
I modified glsa-check a little bit, so that it does not send a mail when the system is not affected to any glsa. This is when using "glsa-check -m affected". If have to add, that i have no clue of python, i just tried the obvious. With this patch its possible to use something like emerge --sync && glsa-check -c -m affected on a nightly run to check the systems automatically for affected glsas. Would be nice to have this included in a future version.
Comment 1 Christian Gut 2007-06-23 15:40:16 UTC
Created attachment 122900 [details, diff] Patch for glsa-check so that it only sends mail if any glsa affects the system
Comment 2 Marius Mauch (RETIRED) 2007-10-05 14:14:37 UTC
Sorry for the delay, got sidetracked with several other things at that time and forgot about this one. I'm not sure if this a good idea or not, as the empty mail is still useful as a problem indicator (no mail => problem).
Comment 3 Christian Gut 2007-10-05 14:33:36 UTC
Yeah of course. I use the same strategy with backup-jobs. But I don't think that glsa-checks are that critical to fail, since you still have to monitor the overall security of your systems. Whats really annoying is if you have a lot of systems everyone sending you an empty, meaningless mail each morning. As an other example: I use cron-apt on debian with the same result.
Comment 4 Eddie Parker 2008-01-13 21:53:17 UTC
I just submitted a patch accidentally to a related, but somewhat dissimilar bug: http://bugs.gentoo.org/show_bug.cgi?id=170784 In short: it adds a -e option, which mimics -m, however doesn't send out the e-mail if there is nothing to do. I did it this way rather than modify -m in case people are relying/liking the way -m currently functions.
Comment 5 John Koleszar 2008-11-10 14:52:04 UTC
Created attachment 171302 [details, diff] Indicate empty list in mail subject Slightly different implementation of the same idea. I prefer to get a mail from my cron job even in the case where there are no vulnerabilities found, just as a heartbeat. This patch changes the subject of the message, so I can delete it quickly without opening it.
Comment 6 Christian Gut 2008-11-10 19:14:01 UTC
Another nice idea. But still, I don't think, this scales. How many boxen do you have doing this? If you count 10 or more, do you really notice, when one does not send its information? I don't really. Would be better to check that one via your monitoring system. (As in: "Is cron executing jobs?", "Did the nightly emerge --sync run?")
Comment 7 Robert Buchholz (RETIRED) 2009-05-07 01:45:18 UTC
Created attachment 190593 [details, diff] [PATCH] Add quiet option From: Robert Buchholz <email@example.com> Date: Thu, 7 May 2009 03:09:46 +0200 Subject: [PATCH] Add quiet option Incorporate option to quiet down glsa-check, based on a patch by Thilo Bangert <firstname.lastname@example.org> in bug #170784. This option will also suppress sending of empty mail, based on a patch by Christian Gut <email@example.com> in bug #182990.
Comment 8 Paul Varner (RETIRED) 2009-05-18 22:12:35 UTC
gentoolkit-0.2.4.4 and gentoolkit-0.3.0_rc6 released.