# portaudit and cron



## polhallen (Apr 30, 2013)

Hi folks!

Studying portaudit, I ask to myself: is it a good idea put to cron with notify by email if there are vulnerable packages? I did not find any how to that use this method. Is it a bad idea?

Thanks!


----------



## DutchDaemon (Apr 30, 2013)

portaudit installs itself in the nightly system job runs. You will see an email after 03.00 every day.


----------



## polhallen (Apr 30, 2013)

Really? Where do I find that script? I looked in /etc/periodic/security and daily but I did not find it. Thanks.


----------



## t1066 (May 1, 2013)

Look into /usr/local/etc/periodic/security/.


----------



## polhallen (May 2, 2013)

Thanks! So portaudit send*s* an email only if there are vulnerabilities? I check the script 410.portaudit but I didn't f*i*nd an option that sends the mail.

*T*hank*s* for your help 

Pol


----------



## DutchDaemon (May 2, 2013)

The email gets sent by virtue of 410.portaudit being run (indirectly) from /etc/crontab. Cron job output gets mailed to root by default.

The 'chain of command' is /etc/crontab -> periodic daily -> /etc/defaults/periodic.conf -> local_periodic="/usr/local/etc/periodic" -> security -> 410.portaudit.


----------



## polhallen (May 2, 2013)

OK! Thanks


----------

