On Sat, 22 Jul 2023 at 15:48, james.bottom...@hansenpartnership.com <james.bottom...@hansenpartnership.com> wrote: > The systemd chkrootkit.timer has this line: > > OnBootSec=30min > > Which means it runs 30 minutes after a reboot. I tend to upgrade my servers > in the early morning, which means it's still running when people start using > the services (and it is very disk heavy so they notice the slowdown). > > Ideally this should run from cron.daily so it can be sequenced with all the > other daily services. However, if you insist on running it from systemd, can > it at least have an OnCalendar timer set from a config file, so I can > sequence it to begin at night?
Hi - you should be able to do this without any changes to the package: systemctl edit chkrootkit.timer and add/change the settings in a drop-in file directly to have it run when you like - there's no point duplicating such things in the chkrootkit config file. Using systemd's built-in methods is more flexible and avoids having to edit dpkg conffiles and get prompts on future upgrades. You can also disable the .timer entirely and make a local script to run from cron.daily: systemctl disable chkrootkit.timer ln -s /usr/sbin/chkrootkit-daily/ /etc/cron.daily/local-chkrootkit # untested, but you get the idea For better or worse, debian has chosen to make systemd the default. This does require doing things in different ways, but it is actually a lot more flexible.
