Annotation of src/etc/daily, Revision 1.46
1.1 deraadt 1: #!/bin/sh -
2: #
1.46 ! jmc 3: # $OpenBSD: daily,v 1.45 2003/06/30 23:47:14 avsm Exp $
1.17 millert 4: # From: @(#)daily 8.2 (Berkeley) 1/25/94
1.1 deraadt 5: #
1.17 millert 6: PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
7: bak=/var/backups
1.1 deraadt 8:
1.21 deraadt 9: if [ -f /etc/daily.local ]; then
1.2 david 10: echo ""
11: echo "Running daily.local:"
12: . /etc/daily.local
13: fi
14:
1.45 avsm 15: TMP=`mktemp /tmp/_daily.XXXXXXXXXX` || exit 1
16: OUT=`mktemp /tmp/_security.XXXXXXXXXX` || {
1.42 pvalchev 17: rm -f ${TMP}
18: exit 1
19: }
1.16 millert 20:
1.33 marc 21: trap 'rm -f $TMP $OUT' 0 1 15
1.14 millert 22:
1.1 deraadt 23: echo ""
1.17 millert 24: echo "Removing scratch and junk files:"
1.32 aaron 25: if [ -d /tmp -a ! -L /tmp ]; then
1.17 millert 26: cd /tmp && {
1.37 espie 27: find -x . \( -path './ssh-*' -o -path './.X11-unix' \) -prune -o \
1.31 millert 28: -type f -atime +3 -execdir rm -f -- {} \;
1.28 deraadt 29: find -x . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
1.17 millert 30: >/dev/null 2>&1; }
31: fi
1.1 deraadt 32:
1.32 aaron 33: if [ -d /var/tmp -a ! -L /var/tmp ]; then
1.17 millert 34: cd /var/tmp && {
1.37 espie 35: find -x . \( -path './ssh-*' -o -path './.X11-unix' \) -prune -o \
1.31 millert 36: ! -type d -atime +7 -execdir rm -f -- {} \;
1.28 deraadt 37: find -x . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
1.17 millert 38: >/dev/null 2>&1; }
39: fi
1.1 deraadt 40:
1.3 deraadt 41: # Additional junk directory cleanup would go like this:
1.32 aaron 42: #if [ -d /scratch -a ! -L /scratch ]; then
1.3 deraadt 43: # cd /scratch && {
1.17 millert 44: # find . ! -name . -atime +1 -execdir rm -f -- {} \;
45: # find . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
1.3 deraadt 46: # >/dev/null 2>&1; }
47: #fi
1.17 millert 48:
1.32 aaron 49: if [ -d /var/rwho -a ! -L /var/rwho ] ; then
1.17 millert 50: cd /var/rwho && {
51: find . ! -name . -mtime +7 -execdir rm -f -- {} \; ; }
52: fi
1.1 deraadt 53:
1.24 deraadt 54: #find / \( ! -fstype local -o -fstype rdonly -o -fstype fdesc \
55: # -o -fstype kernfs -o -fstype procfs \) -a -prune -o \
56: # -name 'lost+found' -a -prune -o \
57: # -name '*.core' -a -print -o \
58: # \( -name '[#,]*' -o -name '.#*' -o -name a.out \
59: # -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \
60: # -a -atime +3 -a -execdir rm -f -- {} \; -a -print > $TMP
1.1 deraadt 61:
1.14 millert 62: if egrep -q '\.core$' $TMP; then
1.17 millert 63: echo ""
64: echo "Possible core dumps:"
65: egrep '\.core$' $TMP
66: fi
67:
68: if egrep -qv '\.core$' $TMP; then
69: echo ""
70: echo "Deleted files:"
71: egrep -v '\.core$' $TMP
1.14 millert 72: fi
1.1 deraadt 73:
1.26 downsj 74: if [ -d /var/msgs -a ! -L /var/msgs ]; then
75: msgs -c
1.1 deraadt 76: fi
77:
78: if [ -f /var/account/acct ]; then
1.17 millert 79: echo ""
80: echo "Purging accounting records:"
1.44 mickey 81: mv -f /var/account/acct.2 /var/account/acct.3
82: mv -f /var/account/acct.1 /var/account/acct.2
83: mv -f /var/account/acct.0 /var/account/acct.1
84: cp -f /var/account/acct /var/account/acct.0
1.17 millert 85: sa -sq
86: fi
87:
88: # If ROOTBACKUP is set to 1 in the environment, and
89: # if filesystem named /altroot is type ffs, on /dev/* and mounted "xx",
90: # use it as a backup root filesystem to be updated daily.
91: [ "X$ROOTBACKUP" = X1 ] && {
92: rootdev=`awk '$2 == "/" && $1 ~ /^\/dev\// && $3 == "ffs" && \
1.29 todd 93: $4 ~ /rw/ \
1.17 millert 94: { print substr($1, 6) }' < /etc/fstab`
95: rootbak=`awk '$2 == "/altroot" && $1 ~ /^\/dev\// && $3 == "ffs" && \
1.29 todd 96: $4 ~ /xx/ \
1.17 millert 97: { print substr($1, 6) }' < /etc/fstab`
98: [ X$rootdev != X -a X$rootbak != X ] && {
99: sync
100: echo ""
101: echo "Backing up root filesystem:"
102: echo "copying /dev/r$rootdev to /dev/r$rootbak"
103: dd if=/dev/r$rootdev of=/dev/r$rootbak bs=16b seek=1 skip=1 \
1.22 mickey 104: conv=noerror
1.17 millert 105: fsck -y /dev/r$rootbak
106: }
107: }
1.1 deraadt 108:
109: # Rotation of mail log now handled automatically by cron and 'newsyslog'
110:
111: echo ""
112: echo "Checking subsystem status:"
113: echo ""
114: echo "disks:"
1.40 danh 115: df -kl
1.1 deraadt 116: echo ""
117: dump W
118: echo ""
119:
1.15 millert 120: mailq > $TMP
1.34 angelos 121: if ! grep -q "^/var/spool/mqueue is empty$" $TMP; then
1.15 millert 122: echo ""
123: echo "mail:"
124: cat $TMP
1.1 deraadt 125: fi
126:
127: echo ""
128: echo "network:"
1.35 niklas 129: netstat -ivn
1.1 deraadt 130: echo ""
1.14 millert 131:
1.15 millert 132: t=/var/rwho/*
133: if [ "$t" != '/var/rwho/*' ]; then
1.17 millert 134: echo ""
1.14 millert 135: ruptime
1.38 millert 136: fi
137:
138: echo ""
139: if [ -d /var/yp/binding -a ! -d /var/yp/`domainname` -o "X$CALENDAR" = X0 ]
140: then
141: if [ "X$CALENDAR" = X0 ]; then
142: echo "Not running calendar, (disabled)."
143: else
144: echo "Not running calendar, (yp client)."
145: fi
146: else
147: echo "Running calendar in the background."
148: calendar -a &
1.14 millert 149: fi
1.1 deraadt 150:
1.17 millert 151: # If CHECKFILESYSTEMS is set to 1 in the environment, run fsck
152: # with the no-write flag.
153: [ "X$CHECKFILESYSTEMS" = X1 ] && {
154: echo ""
155: echo "Checking filesystems:"
156: fsck -n | grep -v '^\*\* Phase'
157: }
1.1 deraadt 158:
159: if [ -f /etc/Distfile ]; then
1.17 millert 160: echo ""
1.1 deraadt 161: echo "Running rdist:"
1.17 millert 162: if [ -d /var/log/rdist ]; then
1.19 deraadt 163: logf=`date +%Y.%b.%e`
1.17 millert 164: rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf
165: else
1.39 deraadt 166: rdist -f /etc/Distfile
1.17 millert 167: fi
1.1 deraadt 168: fi
169:
1.33 marc 170: sh /etc/security 2>&1 > $OUT
171: if [ -s $OUT ]; then
1.41 millert 172: mail -s "`hostname` daily insecurity output" root < $OUT
1.33 marc 173: fi
![[BACK]](/icons/back.gif){kind=icon}
Return to daily CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / etc