# pkg audit for multiple servers



## Sparkee (Oct 5, 2022)

Has anyone worked on a solution to gather the _pkg audi_t from multiple servers and create a html/txt/something?


----------



## SirDice (Oct 6, 2022)

It's in the daily security emails done by periodic(8):

```
Checking for security vulnerabilities in base (userland & kernel):
Database fetched: Mon Oct  3 03:30:50 CEST 2022
FreeBSD-13.1_1 is vulnerable:
  FreeBSD -- zlib heap buffer overflow
  CVE: CVE-2022-37434
  WWW: https://vuxml.FreeBSD.org/freebsd/a1323a76-28f1-11ed-a72a-002590c1f29c.html

1 problem(s) in 1 installed package(s) found.

Checking for packages with security vulnerabilities:
Database fetched: Mon Oct  3 03:30:50 CEST 2022
gitlab-ce-15.2.3_4

Checking for packages with mismatched checksums:

-- End of security output --
```

So, if you collect those in a central 'admin' mailbox you already have it.


----------



## Sparkee (Oct 6, 2022)

SirDice said:


> It's in the daily security emails done by periodic(8):
> 
> ```
> Checking for security vulnerabilities in base (userland & kernel):
> ...


And create a html of it so it can be easily viewed


----------



## SirDice (Oct 6, 2022)

To get those emails you just need to make sure sendmail(8) is still enabled. And just edit /etc/aliases to forward root's mail to a central mailbox:

```
# Pretty much everything else in this file points to "root", so
# you would do well in either reading root's mailbox or forwarding
# root's email from here.

# root: me@my.domain
```
Don't forget to run newaliases(8) if you changed that file.

You could also create your own /etc/periodic/security/ script and do whatever needs to be done there.


----------

