--- defaults/periodic.conf.orig	2012-05-04 10:44:13.000000000 -0700
+++ defaults/periodic.conf	2012-05-04 09:38:18.000000000 -0700
@@ -170,9 +170,13 @@
 
 # 100.chksetuid
 daily_status_security_chksetuid_enable="YES"
+daily_status_security_chksetuid_fs="ufs,zfs"		# Filesystem types to scan
+daily_status_security_chksetuid_fs_ignore=""		# List of filesystems to skip
 
 # 110.neggrpperm
 daily_status_security_neggrpperm_enable="YES"
+daily_status_security_neggrpperm_fs="ufs,zfs"		# Filesystem types to scan
+daily_status_security_neggrpperm_fs=""			# List of filesystems to skip
 
 # 200.chkmounts
 daily_status_security_chkmounts_enable="YES"

--- periodic/security/100.chksetuid.orig	2012-05-04 10:46:05.000000000 -0700
+++ periodic/security/100.chksetuid	2012-05-04 10:46:47.000000000 -0700
@@ -43,7 +43,12 @@
     [Yy][Ee][Ss])
 	echo ""
 	echo 'Checking setuid files and devices:'
-	MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
+	if [ -z "$daily_status_security_chksetuid_fs_ignore" ]; then
+		MP=`mount -t $daily_status_security_chksetuid_fs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
+	else
+		daily_status_security_chksetuid_fs_ignore=` echo $daily_status_security_chksetuid_fs_ignore | sed 's/\ /\|/g'`
+		MP=`mount -t $daily_status_security_chksetuid_fs | awk '$0 !~ /no(suid|exec)/ { print $3 }'| egrep -ve "$daily_status_security_chksetuid_fs_ignore"`
+	fi
 	find -sx $MP /dev/null -type f \
 	    \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \
 	    \( -perm -u+s -or -perm -g+s \) -exec ls -liTd \{\} \+ |

--- periodic/security/110.neggrpperm.orig	2012-05-04 10:54:23.000000000 -0700
+++ periodic/security/110.neggrpperm	2012-05-04 10:48:16.000000000 -0700
@@ -41,6 +41,12 @@
     [Yy][Ee][Ss])
 	echo ""
 	echo 'Checking negative group permissions:'
+	if [ -z "$daily_status_security_neggrpperm_fs_ignore" ]; then
+		MP=`mount -t $daily_status_security_neggrpperm_fs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
+	else
+		daily_status_security_neggrpperm_fs_ignore=` echo $daily_status_security_neggrpperm_fs_ignore | sed 's/\ /\|/g'`
+		MP=`mount -t $daily_status_security_neggrpperm_fs | awk '$0 !~ /no(suid|exec)/ { print $3 }'| egrep -ve "$daily_status_security_neggrpperm_fs_ignore"`
+        fi
 	MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
 	n=$(find -sx $MP /dev/null -type f \
 	    \( \( ! -perm +010 -and -perm +001 \) -or \