Home | History | Annotate | Download | only in etc
History log of /src/etc/daily
RevisionDateAuthorComments
 1.93  23-Sep-2018  kre Convert uses of test (ie: '[') to use only POSIX specified forms,
just on general principle (all but 3 of the changes are in code that
is commented out...)
 1.92  13-Dec-2014  uebayasi branches: 1.92.14; 1.92.16;
Indent.
 1.91  22-Jul-2014  wiz 'file system' for consistency with documentation (instead of 'filesystem').
 1.90  08-Sep-2013  prlw1 branches: 1.90.2;
Add defaults for pkg_info and pkg_admin variables in case pkgpath.conf
is not installed.
 1.89  01-May-2013  agc Fix for problematic paths in /etc/daily and /etc/security reported in
PR/47645.

Add a separate file which contains the paths for the pkg_admin and
pkg_info utilities. This is called /etc/pkgpath.conf (to distinguish it
from pkg.conf).

Thanks also to Edgar Fuss for the sanity check.
 1.88  08-Mar-2013  christos add missing $, from Petar Bogdanovic
 1.87  29-Aug-2012  wiz branches: 1.87.2;
Use new makemandb -Q flag to be really quiet.
 1.86  03-Aug-2012  christos only announce fetching vulnerabilities file if we do.
 1.85  31-Jul-2012  christos PR/46757: Check for fetch_pkg_vulnerabilities unset first.
 1.84  30-Jul-2012  jdf Call `makemandb -q` instead of `makemandb`, as proposed by Edgar Fuss on
tech-userlevel on 20th of July 2012, 12:38.
 1.83  30-Jul-2012  christos PR/46757: Edgar Fu�: Change default to pkg_vulnerabilities from NO to unset,
and make unset insted of NO to produce warnings, so that setting it to NO does
produce warnings (if it is inappropriate for the machine to warn about this).
 1.82  30-Jul-2012  christos PR/46756: Edgar Fu�: Enable ignoring subdirectories in daily's find_core
 1.81  15-Feb-2012  joerg Run makemandb with the normal 022 umask, not the restrictive 077.
 1.80  09-Feb-2012  joerg branches: 1.80.2;
Don't overwrite run_makemandb. The default is already set in daily.conf.
 1.79  07-Feb-2012  joerg Import the new apropos/whatis.

This code has been developed by Abhinav Upadhyay as part of Google's Summer
of Code 2011. It uses libmandoc to parse man pages and builds a Full
Text Index in a SQLite database. The combination of indexing the full
manual page, filtering out stop words and ranking individual matches
based on the section gives a much improved user experience.

The old makewhatis and friends are kept under MKMAKEMANDB=no for now.
 1.78  17-Dec-2011  darcy Add option to include daily insecurity output in daily output.
PR bin/17029
 1.77  27-Dec-2010  christos branches: 1.77.6;
`` -> $()
 1.76  05-Feb-2010  jmmv Deprecate the pkgdb_dir settings from daily.conf and security.conf in
favor of the PKG_DBDIR variable in /etc/pkg_install.conf. The purpose
of this is to only have to define the location of the packages database
in a single place and have all other system components pick it up.

pkgdb_dir is still honored if defined and the scripts will spit out a
warning in that case, asking the administrator to migrate to the
PKG_DBDIR setting. We can't remove this compatibility workaround until,
at least, after NetBSD 6 is released.
 1.75  27-Jan-2010  jmmv Reset the umask while refreshing the vulnerabilities database so that it
remains world-readable. Otherwise, it ends up with 600 permissions which
make it unusable for building pkgsrc packages as non-root.

Problem found by wiz@.
 1.74  20-Jan-2010  jmmv Default fetch_pkg_vulnerabilities to NO and complain if it is set to that
value when packages are found (so that the user knows he is not getting the
vulnerability checks).

Why? People is complaining. (And somehow, the argument that NetBSD doesn't
do any network operation by default convinces me that it should continue to
do so.)

But still, I will be adding a question to sysinst to enable/disable this.
 1.73  19-Jan-2010  jmmv Add the fetch_pkg_vulnerabilities option to the daily script to keep the
packages vulnerability database up to date. This will only fetch the
file from the server if it has changed since the last run.

Add the check_pkg_vulnerabilities and check_pkg_signatures options to the
security script to check that the installed packages are sane.

All of these options are enabled by default but they will only run if
there is, at least, one installed package.
 1.72  29-Mar-2009  perry add ptyfs to the list of file systems that don't get put into the
nightly df listing
 1.71  30-Aug-2008  bouyer branches: 1.71.4;
Add a run_fsck_flags variable to daily.conf(5), allowing extra flags to
be passed to to daily fsck run.
For example, run_fsck_flags="-Tffs:-X" will run the nighly fsck_ffs on a
snapshot :)
 1.70  06-Jun-2007  martti branches: 1.70.12; 1.70.16;
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)
 1.69  17-Dec-2006  hubertf Make the daily script immune to changes of the current working directory
in /etc/daily.local. Fixed PR misc/33461.
 1.68  12-Nov-2006  christos branches: 1.68.2;
goodbye uucp
 1.67  30-Aug-2006  christos PR/34274: Brian A. Seklecki: Check for uustat before blindly executing since
it might not be there if uucp is not installed.
 1.66  27-May-2006  jdolecek in short netstat output, use 12 characters for [IO]pkts columns, so that
it doesn't overflow too easily
 1.65  22-Aug-2005  perry Small ugly hack -- sed "Mounted on" to "Mount" so that the df line
fits in <80 columns.

We should probably do this better -- I'm going to look into importing
der mouse's halign program to make a cleaner job of this.
 1.64  09-Jan-2005  sketch branches: 1.64.2; 1.64.4; 1.64.6;
Quote MAILTO properly so that more descriptive names can be used.
 1.63  22-Nov-2004  soren Print interface packet counters as strings to prevent integer overflow in awk.
 1.62  28-Sep-2004  erh PR misc/7716: add configuration options find_core_ignore_fstypes and
check_devices_ignore_fstypes to allow the filesystem types that are
ignored during the daily and security runs to be adjusted.
 1.61  28-May-2004  martin If not doing full_netstat, use the -v option anyway to avoid truncating
interface names like bridge0 or pppoe0 - the awk post processing reserves
enough space for the column already.
 1.60  09-Apr-2004  kim Avoid the output "Running xxx.local" if the "xxx.local" script
does not produce any output. This matches what /etc/security
already does with /etc/security.local output.
 1.59  02-Apr-2004  jmmv Introduce and use the rcvar_manpage variable, which contains the manual page
name where the user should look at for documentation about rcvar. It defaults
to 'rc.subr(5)', as rc.subr is mainly used by rc.d scripts.

This variable is useful to let the daily, weekly, monthly and security scripts
tune the warning message shown when any of the variables they handle is not
properly set.

Closes PR misc/23908.
 1.58  29-Mar-2004  mrg branches: 1.58.2;
apply kre's patch from PR#18628:

if /var/account/acct.0.gz exists, keep all the old accounting files
in gzipped format.
 1.57  28-Dec-2003  atatat Also supress speling erors.
 1.56  10-Dec-2003  lukem add null & fdesc to the list of file system types to skip in check_disks
 1.55  08-Dec-2003  perry Add back nfs partition display if show_remote_fs is on.
As requested by Grant.
 1.54  07-Dec-2003  perry Change the default behavior of the netstat run during check_network to
print a summary rather than the full (and not usually desired) output
of netstat -inv. The old behavior can be returned by simply setting
full_netstat to YES in daily.conf.

Original idea by me, cleaner and more correct execution via small awk
script from Greg Woods.
 1.53  07-Dec-2003  perry suppress disk reports about nfs mounts, kernfs and procfs.
 1.52  07-Dec-2003  perry Don't print "Last dump" report if /etc/dumpdates is zero length or absent.
Don't print OTP/skey report if /etc/skeyskeys is zero length or absent.
 1.51  07-Dec-2003  perry use -h ("human readable") instead of -k on nightly df
 1.50  01-Oct-2003  jhawk Redirect stderr as well as stdout in run_calendar (calendar -a)
 1.49  21-Feb-2003  jhawk Suppress emailing the daily security report if it is empty, unless
send_empty_security=YES. Implements change-request PR security/17249
from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.
 1.48  04-Feb-2003  atatat When finding core files, only print the names of things that are
*files*, (ie, not directories, or symlinks, or...). Also remove
the -a instances. They're implicit.
 1.47  25-Dec-2002  grant fix /etc/security stderr redirection.

from rad@twig.com in PR bin/19553.
 1.46  27-Jan-2002  bouyer branches: 1.46.2;
If check_disks=YES, check for failed components in RAIDframe devices.
 1.45  18-Dec-2001  lukem Ignore errors from /var/account/acct.[123] rotation.
Fix from Katsuomi Hamajima in [misc/13804]
 1.44  18-Dec-2001  lukem Correctly detect empty mailq with new sendmail versions.
Fix from Anne Bennett in [bin/12901]
 1.43  18-Dec-2001  lukem Add nullfs to the list of file system types to skip during the "big finds".
Fix from Alan Barrett in [misc/14957].
 1.42  23-Nov-2001  atatat Watching inode usage is important, too.
 1.41  23-Oct-2001  perry Fix a mysterious
csh: Permission denied
csh: Trying to start from "/var/log"
message.

This was caused by the
su -m uucp -c "uustat -a"
line being executed in a directory not readable by uucp. The login
shell implied by -m is of course root's shell, /bin/csh, which doesn't
like not being able to read the dir it is in, and thus the errors. By
temporarily cd'ing to /tmp the problem is fixed.

What is really needed, of course, is a way to tell su what shell you
want to use explicitly, especially for use in scripts where the
vagaries of which shell the login executing the script uses should not
be depended on. No such method exists. One should be added.

Indeed, it might also be nice to have a way of telling su to directly
execute a command with -c rather than using a shell to interpret the
command.

I cannot find any standards documents that specify su at the moment,
though. SuSv2 is silent on su(8).
 1.40  23-Oct-2001  perry stylistic nit: dump -W, not dump W
 1.39  09-Oct-2001  veego Put the 'uustat -a' into double quotes.
It still doesn't work, but you won't get the error about an Unknown option: `-a'
anymore.

The login shell for uucp is /usr/libexec/uucp/uucico, so su -m doesn't work.
This needs to be fixed.
 1.38  17-Sep-2001  hubertf Run uustat with uid=uucp, not with euid=uucp/uid=root, to prevent
some badboys gaining back root privs. Inspided by OpenBSD.
Not that we didn't have this forever... (SA, anyone?)
 1.37  09-Aug-2001  lukem run fsck with "-n -f" instead of just "-n"; recent changes to fsck
mean that file systems mounted read-write are skipped unless -f is given.
problem noted by andrew brown.
 1.36  18-Jun-2001  lukem use mktemp(1) to create temporary directories, and ensure that cleanup traps
are setup asap.
 1.35  22-Apr-2001  aymeric don't remove /var/tmp/vi.recover in (commented *out*) find's.
this fixes PR 11120.
XXX note that this is supposed never to be uncommented due to a security
issue (see /etc/daily) but there is no reason to do things doubly wrong.
 1.34  25-Aug-2000  hubertf run skeyaudit, if run_skeyaudit is set to yes
 1.33  04-Jun-2000  itojun branches: 1.33.2;
use netstat -inv for all address familires. PR 10249.
 1.32  20-Jan-2000  itojun branches: 1.32.2;
add "-n" to netstat -i to avoid reverse query and better audit.
print IPv6 interface stat by netstat -inv separately.

comments from: hubertf and others
 1.31  10-Jan-2000  ad - Make /etc/daily run /etc/daily.local if it exists. Make similar change for
weekly and monthly scripts.
- Update FILES section in manpages.
 1.30  07-Jan-2000  enami Use %d instead of %e to generate rdist log filename using date(1) so that
the resulting filename doesn't contain white space.
 1.29  06-Jan-1999  abs Add a comment about why you do not want to uncomment the finds.
 1.28  15-Sep-1998  lukem * daily/weekly/monthly:
- change to always output a valid To: and Subject: line.
- To: recipient obtained from $MAILTO (defaults to root).
- add date to Subject: line. closes [bin/4526] from Giles Lean
<giles@nemeton.com.au>
* daily: explicitly print 'Nothing to report' if /etc/security didn't
report anything.
* crontab: pass output of scripts through sendmail -t instead of
 1.27  16-Jul-1998  mycroft Format police.
 1.26  28-Jun-1998  nathanw Find core files named "core" as well as "*.core".
 1.25  26-Jan-1998  lukem include rc.subr and use appropriately
 1.24  27-Oct-1997  lukem for $check_uucp:
- use /usr/libexec/uucp/clean.daily instead of /etc/uuclean.daily
- use 'su daemon -c command' instead of 'echo "command" | su daemon'
 1.23  11-Jul-1997  phil Allows root to specify a MAILTO and have the security report mailed to
the same user as the daily output. If $USER is not root or MAILTO is
not set, MAILTO is set to root. Closes PR 2409.
 1.22  23-Jun-1997  lukem Add output of `uptime` to report.
From Hubert Feyrer <feyrer@smaug.fh-regensburg.de> in [bin/3220]
 1.21  30-May-1997  mikel bug fix and improvements, mostly from Enami Tsugutomo in PR misc/3681.
 1.20  15-Feb-1997  mikel cleanup Lite-1 merge
 1.19  09-Jan-1997  mikel fix typo
 1.18  05-Jan-1997  mrg add configuration file for daily, weekly, montly, as
daily.conf, weekly.conf and montly.conf. the file
allows each action taken by all scripts to be turned
on or off.
 1.17  02-Jul-1996  jtc Comment out code which traverses the directory hierarchy and removes
files, as the ``find . ... -exec rm'' used to do so can be subverted
and used to remove arbitrary files.
 1.16  26-Mar-1996  mrg branches: 1.16.4;
add rcsid and remove dated /var/preserve check.
 1.15  25-Mar-1996  pk Don't stomp on arbitrary directories.
(Perhaps there should be a `source /etc/daily.local' hook..)
 1.14  18-Oct-1994  mycroft Fix the fstype-based pruning algorithms. Partly suggested by John Kohl.
 1.13  15-Jun-1994  cgd branches: 1.13.2;
update to new security script
 1.12  26-Feb-1994  cgd automatically enable accounting and rotate logs
 1.11  19-Feb-1994  cgd remove temp file
 1.10  19-Feb-1994  cgd less paranoia, more 4.4-ish, enable msgs -c
 1.9  18-Feb-1994  cgd comment out find...rm's, and fix other comments...
 1.8  22-Dec-1993  cgd building "whatis" db daily is *stupid*
 1.7  26-Oct-1993  cgd redirect /etc/security's stderr to the security mailing, too.
 1.6  21-May-1993  cgd arrange for all log rotations to be handled by /usr/bin/newsyslog
 1.5  09-Apr-1993  cgd fix find & deletion of old files so that it doesn't look in kernfs
or fdesc fs
 1.4  03-Apr-1993  glass Added /etc/rpc for librpc support
fixed crontab so it works (oops)
fixed /etc/daily whatis.db support
 1.3  02-Apr-1993  glass automagically build the 'whatis.db' including `machine` pages
 1.2  02-Apr-1993  cgd updated for current system setup, and made logs compressed
 1.1  21-Mar-1993  cgd branches: 1.1.1;
Initial revision
 1.1.1.2  15-Feb-1997  mikel import 4.4BSD-Lite
 1.1.1.1  21-Mar-1993  cgd initial import of 386bsd-0.1 sources
 1.13.2.1  18-Oct-1994  cgd from trunk.
 1.16.4.1  02-Jul-1996  jtc Pulled up from rev 1.17
 1.32.2.1  23-Jun-2000  minoura Sync w/ netbsd-1-5-base.
 1.33.2.1  25-Aug-2000  hubertf Pull up into netbsd-1-5 branch, OK'd by thorpej:

Files & revisions:
> cvs rdiff -r1.33 -r1.34 basesrc/etc/daily
> cvs rdiff -r1.1 -r1.2 basesrc/etc/default/daily.conf
> cvs rdiff -r1.5 -r1.6 sharesrc/share/man/man5/daily.conf.5

Log message:
> run skeyaudit, if run_skeyaudit is set to yes
 1.46.2.1  26-Dec-2002  tron Pull up revision 1.47 (requested by grant in ticket #1046):
fix /etc/security stderr redirection.
from rad@twig.com in PR bin/19553.
 1.58.2.2  30-May-2004  tron Pull up revision 1.61 (requested by martin in ticket #415):
If not doing full_netstat, use the -v option anyway to avoid truncating
interface names like bridge0 or pppoe0 - the awk post processing reserves
enough space for the column already.
 1.58.2.1  29-Mar-2004  tron file daily was added on branch netbsd-2-0 on 2004-05-30 07:22:09 +0000
 1.64.6.1  28-Jun-2007  ghen Pull up following revision(s) (requested by martti in ticket #1800):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)
 1.64.4.1  28-Jun-2007  ghen Pull up following revision(s) (requested by martti in ticket #1800):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)
 1.64.2.1  07-Jun-2007  liamjfoy Pull up following revision(s) (requested by martti in ticket #1800):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)
 1.68.2.2  06-Jun-2007  liamjfoy Pull up following revision(s) (requested by martti in ticket #708):
etc/monthly: revision 1.11
etc/weekly: revision 1.23
etc/security: revision 1.102
etc/daily: revision 1.70
Use "mktemp -d -t xxx" to create the temporary directories. This will use
TMPDIR environment variable if set, otherwise use /tmp. (misc/35544)
 1.68.2.1  30-Dec-2006  riz branches: 1.68.2.1.2;
Pull up following revision(s) (requested by hubertf in ticket #301):
etc/daily: revision 1.69
Make the daily script immune to changes of the current working directory
in /etc/daily.local. Fixed PR misc/33461.
 1.68.2.1.2.1  03-Sep-2007  wrstuden Sync w/ NetBSD-4-RC_1
 1.70.16.1  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.70.12.1  05-Oct-2008  mjf Sync with HEAD.
 1.71.4.1  13-May-2009  jym Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
 1.77.6.3  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.77.6.2  30-Oct-2012  yamt sync with head
 1.77.6.1  17-Apr-2012  yamt sync with head
 1.80.2.6  20-Nov-2012  riz Pull up following revision(s) (requested by tron in ticket #676):
usr.sbin/makemandb/apropos.c: revision 1.7
usr.sbin/makemandb/makemandb.8: revision 1.3
usr.sbin/makemandb/makemandb.8: revision 1.4
usr.sbin/makemandb/makemandb.8: revision 1.5
etc/rc.d/makemandb: revision 1.4
etc/weekly: revision 1.29
usr.sbin/makemandb/makemandb.c: revision 1.10
usr.sbin/makemandb/makemandb.c: revision 1.11
usr.sbin/makemandb/makemandb.c: revision 1.12
usr.sbin/makemandb/makemandb.c: revision 1.13
usr.sbin/makemandb/makemandb.c: revision 1.14
usr.sbin/makemandb/apropos.1: revision 1.5
etc/daily: revision 1.87
Add HISTORY section. From Abhinav Upadhyay in private mail.
Sync with reality, From Abhinav Upadhyay in private mail.
Fix typo in a message.
Bug fix for PR 46733:
> makemandb always reports the same number for "Total Number of new or
> updated pages enountered" and "Total number of (hard or symbolic)
> links found".
Patch from Abhinav Upadhyay.
Sort options in SYNOPSIS.
Sync usage with manpage.
Add -Q flag:
Print only fatal error messages (i.e., when the database is left in
an inconsistent state and needs manual intervention).
From Abhinav Upadhyay <er.abhinav.upadhyay@gmail.com>.
Use new makemandb -Q flag to be really quiet.
Fix usage, from Abhinav Upadhyay <er.abhinav.upadhyay@gmail.com>.
Use emalloc in one more place, like the rest of the code does.
From Abhinav Upadhyay <er.abhinav.upadhyay@gmail.com>.
 1.80.2.5  08-Aug-2012  martin Include rev 1.86 in the pullup of ticket 457 as well: only print "fetching"
message, if we actually try to fetch the package vulnerabilities file.
 1.80.2.4  08-Aug-2012  martin Pull up following revision(s) (requested by jdf in ticket #458):
etc/weekly: revision 1.28
etc/daily: revision 1.84
Call `makemandb -f -q` instead of `makemandb -f`, as Edgar Fuss proposed for daily.
Call `makemandb -q` instead of `makemandb`, as proposed by Edgar Fuss on
tech-userlevel on 20th of July 2012, 12:38.
 1.80.2.3  08-Aug-2012  martin Pull up following revision(s) (requested by christos in ticket #457):
etc/daily: revision 1.83
etc/defaults/daily.conf: revision 1.18
PR/46757: Edgar Fu�: Change default to pkg_vulnerabilities from NO to unset,
and make unset insted of NO to produce warnings, so that setting it to NO does
produce warnings (if it is inappropriate for the machine to warn about this).
 1.80.2.2  08-Aug-2012  martin Pull up following revision(s) (requested by christos in ticket #456):
etc/daily: revision 1.82
etc/defaults/daily.conf: revision 1.17
share/man/man5/daily.5: revision 1.5
PR/46756: Edgar Fu�: Enable ignoring subdirectories in daily's find_core
 1.80.2.1  16-Feb-2012  riz Pull up following revision(s) (requested by joerg in ticket #2):
etc/weekly: revision 1.26
etc/daily: revision 1.81
UPDATING: revision 1.235
Run makemandb with the normal 022 umask, not the restrictive 077.
Extend entry to makemandb permission issue.
 1.87.2.2  19-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.87.2.1  23-Jun-2013  tls resync from head
 1.90.2.1  10-Aug-2014  tls Rebase.
 1.92.16.1  10-Jun-2019  christos Sync with HEAD
 1.92.14.1  30-Sep-2018  pgoyette Ssync with HEAD

RSS XML Feed