Hello, When cron runs /etc/daily, that script runs df and netstat and the output is sent by email to root. On my system, emails to root are forwarded to local user meunier using /root/.forward. The forwarding itself temporarily creates a lock file in /var/mail:
-rw------- 1 root wheel 0 Oct 21 23:55 meunier.lock At the same time, /etc/daily runs /usr/libexec/security. The check_mailboxes function in that file loops over all the files in /var/mail and checks whether the owner of the file matches the name of the file. If check_mailboxes happens to be running exactly at the same time as the system is forwarding /etc/daily's first email, then check_mailboxes sees meunier.lock, the check for that file fails, and the result is another email sent to root: Running security(8): Checking mailbox ownership. user meunier.lock mailbox is owned by root So I think the check_mailboxes function in /usr/libexec/security should either skip lock files or check them in a different way... Cheers, Philippe
