File: [local] / src / etc / daily (download)
Revision 1.47, Mon Nov 15 18:10:48 2004 UTC (19 years, 6 months ago) by nick
Branch: MAIN
Changes since 1.46: +3 -1 lines
add kern.version to daily report. ok deraadt@
|
#!/bin/sh -
#
# $OpenBSD: daily,v 1.47 2004/11/15 18:10:48 nick Exp $
# From: @(#)daily 8.2 (Berkeley) 1/25/94
#
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
bak=/var/backups
sysctl -n kern.version
if [ -f /etc/daily.local ]; then
echo ""
echo "Running daily.local:"
. /etc/daily.local
fi
TMP=`mktemp /tmp/_daily.XXXXXXXXXX` || exit 1
OUT=`mktemp /tmp/_security.XXXXXXXXXX` || {
rm -f ${TMP}
exit 1
}
trap 'rm -f $TMP $OUT' 0 1 15
echo ""
echo "Removing scratch and junk files:"
if [ -d /tmp -a ! -L /tmp ]; then
cd /tmp && {
find -x . \( -path './ssh-*' -o -path './.X11-unix' \) -prune -o \
-type f -atime +3 -execdir rm -f -- {} \;
find -x . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
>/dev/null 2>&1; }
fi
if [ -d /var/tmp -a ! -L /var/tmp ]; then
cd /var/tmp && {
find -x . \( -path './ssh-*' -o -path './.X11-unix' \) -prune -o \
! -type d -atime +7 -execdir rm -f -- {} \;
find -x . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
>/dev/null 2>&1; }
fi
# Additional junk directory cleanup would go like this:
#if [ -d /scratch -a ! -L /scratch ]; then
# cd /scratch && {
# find . ! -name . -atime +1 -execdir rm -f -- {} \;
# find . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
# >/dev/null 2>&1; }
#fi
if [ -d /var/rwho -a ! -L /var/rwho ] ; then
cd /var/rwho && {
find . ! -name . -mtime +7 -execdir rm -f -- {} \; ; }
fi
#find / \( ! -fstype local -o -fstype rdonly -o -fstype fdesc \
# -o -fstype kernfs -o -fstype procfs \) -a -prune -o \
# -name 'lost+found' -a -prune -o \
# -name '*.core' -a -print -o \
# \( -name '[#,]*' -o -name '.#*' -o -name a.out \
# -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \
# -a -atime +3 -a -execdir rm -f -- {} \; -a -print > $TMP
if egrep -q '\.core$' $TMP; then
echo ""
echo "Possible core dumps:"
egrep '\.core$' $TMP
fi
if egrep -qv '\.core$' $TMP; then
echo ""
echo "Deleted files:"
egrep -v '\.core$' $TMP
fi
if [ -d /var/msgs -a ! -L /var/msgs ]; then
msgs -c
fi
if [ -f /var/account/acct ]; then
echo ""
echo "Purging accounting records:"
mv -f /var/account/acct.2 /var/account/acct.3
mv -f /var/account/acct.1 /var/account/acct.2
mv -f /var/account/acct.0 /var/account/acct.1
cp -f /var/account/acct /var/account/acct.0
sa -sq
fi
# If ROOTBACKUP is set to 1 in the environment, and
# if filesystem named /altroot is type ffs, on /dev/* and mounted "xx",
# use it as a backup root filesystem to be updated daily.
[ "X$ROOTBACKUP" = X1 ] && {
rootdev=`awk '$2 == "/" && $1 ~ /^\/dev\// && $3 == "ffs" && \
$4 ~ /rw/ \
{ print substr($1, 6) }' < /etc/fstab`
rootbak=`awk '$2 == "/altroot" && $1 ~ /^\/dev\// && $3 == "ffs" && \
$4 ~ /xx/ \
{ print substr($1, 6) }' < /etc/fstab`
[ X$rootdev != X -a X$rootbak != X ] && {
sync
echo ""
echo "Backing up root filesystem:"
echo "copying /dev/r$rootdev to /dev/r$rootbak"
dd if=/dev/r$rootdev of=/dev/r$rootbak bs=16b seek=1 skip=1 \
conv=noerror
fsck -y /dev/r$rootbak
}
}
# Rotation of mail log now handled automatically by cron and 'newsyslog'
echo ""
echo "Checking subsystem status:"
echo ""
echo "disks:"
df -kl
echo ""
dump W
echo ""
mailq > $TMP
if ! grep -q "^/var/spool/mqueue is empty$" $TMP; then
echo ""
echo "mail:"
cat $TMP
fi
echo ""
echo "network:"
netstat -ivn
echo ""
t=/var/rwho/*
if [ "$t" != '/var/rwho/*' ]; then
echo ""
ruptime
fi
echo ""
if [ -d /var/yp/binding -a ! -d /var/yp/`domainname` -o "X$CALENDAR" = X0 ]
then
if [ "X$CALENDAR" = X0 ]; then
echo "Not running calendar, (disabled)."
else
echo "Not running calendar, (yp client)."
fi
else
echo "Running calendar in the background."
calendar -a &
fi
# If CHECKFILESYSTEMS is set to 1 in the environment, run fsck
# with the no-write flag.
[ "X$CHECKFILESYSTEMS" = X1 ] && {
echo ""
echo "Checking filesystems:"
fsck -n | grep -v '^\*\* Phase'
}
if [ -f /etc/Distfile ]; then
echo ""
echo "Running rdist:"
if [ -d /var/log/rdist ]; then
logf=`date +%Y.%b.%e`
rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf
else
rdist -f /etc/Distfile
fi
fi
sh /etc/security 2>&1 > $OUT
if [ -s $OUT ]; then
mail -s "`hostname` daily insecurity output" root < $OUT
fi