Annotation of src/etc/daily, Revision 1.77.6.3
1.1 cgd 1: #!/bin/sh -
2: #
1.77.6.3! yamt 3: # $NetBSD: daily,v 1.77.6.2 2012/10/30 18:48:58 yamt Exp $
1.21 mikel 4: # @(#)daily 8.2 (Berkeley) 1/25/94
1.1 cgd 5: #
1.18 mrg 6:
1.27 mycroft 7: export PATH=/bin:/usr/bin:/sbin:/usr/sbin
1.28 lukem 8: umask 077
9:
10: if [ -s /etc/daily.conf ]; then
11: . /etc/daily.conf
12: fi
1.77.6.3! yamt 13: if [ -s /etc/pkgpath.conf ]; then
! 14: . /etc/pkgpath.conf
! 15: fi
1.28 lukem 16:
1.77 christos 17: host="$(hostname)"
18: date="$(date)"
1.59 jmmv 19: rcvar_manpage='daily.conf(5)'
1.1 cgd 20:
1.77.6.3! yamt 21: pkg_admin=${pkg_admin:-/usr/sbin/pkg_admin}
! 22: pkg_info=${pkg_info:-/usr/sbin/pkg_info}
! 23:
1.28 lukem 24: echo "To: ${MAILTO:-root}"
25: echo "Subject: $host daily output for $date"
26: echo ""
1.18 mrg 27:
1.25 lukem 28: if [ -f /etc/rc.subr ]; then
29: . /etc/rc.subr
30: else
31: echo "Can't read /etc/rc.subr; aborting."
32: exit 1;
33: fi
34:
1.23 phil 35: if [ -z "$MAILTO" -o "$USER" != "root" ]; then
1.27 mycroft 36: MAILTO=root
1.23 phil 37: fi
38:
1.76 jmmv 39: if [ -n "${pkgdb_dir}" ]; then
40: echo "WARNING: Setting pkgdb_dir in daily.conf(5) is deprecated"
41: echo "WARNING: Please define PKG_DBDIR in pkg_install.conf(5) instead"
42: _compat_K_flag="-K ${pkgdb_dir}"
43: fi
44:
1.22 lukem 45: echo ""
1.77 christos 46: echo "Uptime: $(uptime)"
1.18 mrg 47:
1.29 abs 48: # Uncommenting any of the finds below would open up a race condition attack
49: # based on symlinks, potentially allowing removal of any file on the system.
50: #
1.17 jtc 51: #echo ""
52: #echo "Removing scratch and junk files:"
53: #if [ -d /tmp -a ! -h /tmp ]; then
54: # cd /tmp && {
55: # find . -type f -atime +3 -exec rm -f -- {} \;
56: # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \
57: # >/dev/null 2>&1; }
58: #fi
1.1 cgd 59:
1.17 jtc 60: #if [ -d /var/tmp -a ! -h /var/tmp ]; then
61: # cd /var/tmp && {
62: # find . ! -name . -atime +7 -exec rm -f -- {} \;
1.35 aymeric 63: # find . ! \( -name . -o -name vi.recover \) -type d \
64: # -mtime +1 -exec rmdir -- {} \; \
1.17 jtc 65: # >/dev/null 2>&1; }
66: #fi
1.10 cgd 67:
1.15 pk 68: # Additional junk directory cleanup would go like this:
69: #if [ -d /scratch -a ! -h /scratch ]; then
70: # cd /scratch && {
71: # find . ! -name . -atime +1 -exec rm -f -- {} \;
72: # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \
73: # >/dev/null 2>&1; }
74: #fi
1.10 cgd 75:
1.17 jtc 76: #if [ -d /var/rwho -a ! -h /var/rwho ] ; then
77: # cd /var/rwho && {
78: # find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
79: #fi
1.10 cgd 80:
1.70 martti 81: DAILYDIR=$(mktemp -d -t _daily) || exit 1
1.18 mrg 82:
1.36 lukem 83: trap "/bin/rm -rf $DAILYDIR ; exit 0" EXIT INT QUIT
1.18 mrg 84:
1.36 lukem 85: if ! cd "$DAILYDIR"; then
86: echo "Can not cd to $DAILYDIR".
1.18 mrg 87: exit 1
88: fi
89:
1.10 cgd 90: TMP=daily.$$
1.18 mrg 91: TMP2=daily2.$$
92:
1.25 lukem 93: if checkyesno find_core; then
1.62 erh 94: # Turn "foo !bar bax" into "-fstype foo -o ! -fstype bar -o -fstype bax"
1.77 christos 95: ignfstypes="$(echo $find_core_ignore_fstypes | \
1.62 erh 96: sed -e's/\(!*\)\([^[:space:]]\{1,\}\)/-o \1 -fstype \2/g' \
1.77 christos 97: -e's/^-o //')"
1.77.6.2 yamt 98: # Turn "foo bar" into "( -path foo -o -path bar ) -prune -o"
99: # Set ignpaths empty if no find_core_ignore_paths given
100: if [ -n "$find_core_ignore_paths" ]; then
101: ignpaths="$(printf " -o -path %s" $find_core_ignore_paths)"
102: ignpaths="( ${ignpaths# -o } ) -prune -o"
103: else
104: ignpaths=""
105: fi
1.62 erh 106: find / \( $ignfstypes \) -prune -o \
1.77.6.2 yamt 107: ${ignpaths} \
1.48 atatat 108: -name 'lost+found' -prune -o \
109: \( -name '*.core' -o -name 'core' \) -type f -print > $TMP
1.18 mrg 110: # \( -name '[#,]*' -o -name '.#*' -o -name a.out \
111: # -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \
112: # -a -atime +3 -exec rm -f -- {} \; -a -print > $TMP
113:
1.26 nathanw 114: egrep '\.core$|^core$' $TMP > $TMP2
1.18 mrg 115: if [ -s $TMP2 ]; then
116: echo ""
117: echo "Possible core dumps:"
118: cat $TMP2
119: fi
120:
121: # egrep -v '\.core' $TMP > $TMP2
122: # if [ -s $TMP2 ]; then
123: # echo ""
124: # echo "Deleted files:"
125: # cat $TMP2
126: # fi
1.10 cgd 127:
1.18 mrg 128: rm -f $TMP $TMP2
129: fi
1.10 cgd 130:
1.25 lukem 131: if checkyesno run_msgs; then
1.18 mrg 132: msgs -c
133: fi
1.1 cgd 134:
1.25 lukem 135: if checkyesno expire_news && [ -f /etc/news.expire ]; then
1.1 cgd 136: /etc/news.expire
137: fi
138:
1.25 lukem 139: if checkyesno purge_accounting && [ -f /var/account/acct ]; then
1.21 mikel 140: echo ""
141: echo "Purging accounting records:"
1.58 mrg 142: if [ -f /var/account/acct.0.gz ]; then
143: mv /var/account/acct.2.gz /var/account/acct.3.gz 2>/dev/null
144: mv /var/account/acct.1.gz /var/account/acct.2.gz 2>/dev/null
145: mv /var/account/acct.0.gz /var/account/acct.1.gz 2>/dev/null
146: else
147: mv /var/account/acct.2 /var/account/acct.3 2>/dev/null
148: mv /var/account/acct.1 /var/account/acct.2 2>/dev/null
149: mv /var/account/acct.0 /var/account/acct.1 2>/dev/null
150: fi
1.21 mikel 151: cp /var/account/acct /var/account/acct.0
152: sa -sq
1.58 mrg 153: if [ -f /var/account/acct.1.gz ]; then
154: gzip /var/account/acct.0
155: fi
1.1 cgd 156: fi
157:
1.25 lukem 158: if checkyesno run_calendar; then
1.50 jhawk 159: calendar -a > $TMP 2>&1
1.18 mrg 160: if [ -s $TMP ]; then
161: echo ""
162: echo "Running calendar:"
163: cat $TMP
164: fi
165: rm -f $TMP
166: fi
1.1 cgd 167:
1.25 lukem 168: if checkyesno check_disks; then
1.55 perry 169: if checkyesno show_remote_fs; then
1.72 perry 170: df -hi -t nokernfs,procfs,ptyfs,null,fdesc > $TMP
1.55 perry 171: else
1.72 perry 172: df -hil -t nokernfs,procfs,ptyfs,null,fdesc > $TMP
1.55 perry 173: fi
1.52 perry 174: if [ -s /etc/dumpdates ] ; then
175: dump -W > $TMP2
176: fi
1.18 mrg 177: if [ -s $TMP -o -s $TMP2 ]; then
178: echo ""
179: echo "Checking subsystem status:"
180: echo ""
181: echo "disks:"
182: if [ -s $TMP ]; then
1.65 perry 183: cat $TMP | sed 's/Mounted on/Mount/'
1.18 mrg 184: echo ""
185: fi
186: if [ -s $TMP2 ]; then
187: cat $TMP2
188: echo ""
189: fi
190: echo ""
191: fi
1.46 bouyer 192: rm -f $TMP $TMP2
193: touch $TMP2
1.77 christos 194: for dev in $(iostat -x | awk '/^raid/ { print $1 }'); do
1.46 bouyer 195: raidctl -s $dev | awk '/^.*: failed$/ {print $0}' > $TMP
196: if [ -s $TMP ]; then
197: echo "$dev:" >> $TMP2
198: cat $TMP >> $TMP2
199: fi
200: rm -f $TMP
201: done
202: if [ -s $TMP2 ]; then
203: echo "failed RAIDframe component(s):"
204: cat $TMP2
205: fi
206: rm -f $TMP2
1.18 mrg 207: fi
208:
1.25 lukem 209: if checkyesno check_mailq; then
1.18 mrg 210: mailq > $TMP
1.44 lukem 211: if ! grep -q "queue is empty$" $TMP; then
1.18 mrg 212: echo ""
213: echo "mail:"
214: cat $TMP
215: fi
216: fi
217:
218: rm -f $TMP
1.1 cgd 219:
1.25 lukem 220: if checkyesno check_network; then
1.18 mrg 221: echo ""
222: echo "network:"
1.54 perry 223: if checkyesno full_netstat; then
224: netstat -inv
225: else
1.61 martin 226: netstat -inv | awk 'BEGIN {
1.54 perry 227: ifs[""] = 0;
228: }
229: /^[^\*]* / {
230: if (NR == 1) {
1.66 jdolecek 231: printf("%-8s %12s %6s %12s %6s %6s\n",
1.54 perry 232: $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF);
233: next;
234: }
235: if (!($1 in ifs)) {
1.66 jdolecek 236: printf("%-8s %12s %6s %12s %6s %6s\n",
1.54 perry 237: $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF);
238: ifs[$1] = 1;
239: }
240: }'
241: fi
1.1 cgd 242: echo ""
1.18 mrg 243: t=/var/rwho/*
244: if [ "$t" != '/var/rwho/*' ]; then
245: ruptime
246: fi
1.1 cgd 247: fi
248:
1.25 lukem 249: if checkyesno run_fsck; then
1.18 mrg 250: echo ""
251: echo "Checking filesystems:"
1.71 bouyer 252: fsck -n -f ${run_fsck_flags} | grep -v '^\*\* Phase'
1.18 mrg 253: fi
1.1 cgd 254:
1.25 lukem 255: if checkyesno run_rdist && [ -f /etc/Distfile ]; then
1.77.6.2 yamt 256: echo ""
1.1 cgd 257: echo "Running rdist:"
1.20 mikel 258: if [ -d /var/log/rdist ]; then
1.77 christos 259: logf="$(date +%Y.%b.%d)"
1.20 mikel 260: rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf
261: else
262: rdist -f /etc/Distfile
263: fi
1.1 cgd 264: fi
265:
1.77.6.3! yamt 266: if ${pkg_info} ${_compat_K_flag} -q -E '*'; then
! 267: if [ -z "$fetch_pkg_vulnerabilities" ]; then
1.77.6.2 yamt 268: echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)."
269: echo "You should set it to YES to enable vulnerability checks"
270: echo "or set it to NO to get rid of this warning."
271: elif checkyesno fetch_pkg_vulnerabilities; then
272: echo ""
273: echo "Fetching package vulnerabilities database:"
1.77.6.3! yamt 274: ( umask 022 && ${pkg_admin} ${_compat_K_flag} \
1.75 jmmv 275: fetch-pkg-vulnerabilities -u )
1.73 jmmv 276: fi
277: fi
278:
1.25 lukem 279: if checkyesno run_security; then
1.36 lukem 280: SECOUT="$DAILYDIR/sec"
1.47 grant 281: sh /etc/security > "$SECOUT" 2>&1
1.36 lukem 282: if [ ! -s "$SECOUT" ]; then
1.49 jhawk 283: if checkyesno send_empty_security; then
284: echo "Nothing to report on $date" > "$SECOUT"
285: else
286: echo ""
1.57 atatat 287: echo "Suppressing empty security report."
1.49 jhawk 288: fi
289: fi
290: if [ -s "$SECOUT" ]; then
1.77.6.1 yamt 291: if checkyesno separate_security_email; then
292: mail -s "$host daily insecurity output for $date" $MAILTO < $SECOUT
293: else
294: echo ""
295: echo "$host daily insecurity output for $date:"
296: cat $SECOUT
297: fi
1.28 lukem 298: fi
1.34 hubertf 299: fi
300:
301: if checkyesno run_skeyaudit; then
1.52 perry 302: if [ -s /etc/skeykeys ]; then
303: echo ""
304: echo "Checking remaining s/key OTPs:"
305: skeyaudit
306: fi
1.31 ad 307: fi
308:
1.77.6.1 yamt 309: if checkyesno run_makemandb; then
310: if [ -f /etc/man.conf -a -x /usr/sbin/makemandb ]; then
311: echo ""
312: echo "Updating man page index:"
1.77.6.2 yamt 313: (umask 022; nice -n 5 /usr/sbin/makemandb -Q)
1.77.6.1 yamt 314: fi
315: fi
316:
1.31 ad 317: if [ -f /etc/daily.local ]; then
1.69 hubertf 318: ( . /etc/daily.local ) > $TMP 2>&1
1.60 kim 319: if [ -s $TMP ] ; then
320: printf "\nRunning /etc/daily.local:\n"
321: cat $TMP
322: fi
323: rm -f $TMP
1.18 mrg 324: fi
CVSweb <webmaster@jp.NetBSD.org>