1 1.1 cgd #!/bin/sh - 2 1.1 cgd # 3 1.93 kre # $NetBSD: daily,v 1.93 2018/09/23 23:16:34 kre Exp $ 4 1.21 mikel # @(#)daily 8.2 (Berkeley) 1/25/94 5 1.1 cgd # 6 1.18 mrg 7 1.27 mycroft export PATH=/bin:/usr/bin:/sbin:/usr/sbin 8 1.28 lukem umask 077 9 1.28 lukem 10 1.28 lukem if [ -s /etc/daily.conf ]; then 11 1.28 lukem . /etc/daily.conf 12 1.28 lukem fi 13 1.89 agc if [ -s /etc/pkgpath.conf ]; then 14 1.89 agc . /etc/pkgpath.conf 15 1.89 agc fi 16 1.28 lukem 17 1.77 christos host="$(hostname)" 18 1.77 christos date="$(date)" 19 1.59 jmmv rcvar_manpage='daily.conf(5)' 20 1.1 cgd 21 1.90 prlw1 pkg_admin=${pkg_admin:-/usr/sbin/pkg_admin} 22 1.90 prlw1 pkg_info=${pkg_info:-/usr/sbin/pkg_info} 23 1.90 prlw1 24 1.28 lukem echo "To: ${MAILTO:-root}" 25 1.28 lukem echo "Subject: $host daily output for $date" 26 1.28 lukem echo "" 27 1.18 mrg 28 1.25 lukem if [ -f /etc/rc.subr ]; then 29 1.25 lukem . /etc/rc.subr 30 1.25 lukem else 31 1.25 lukem echo "Can't read /etc/rc.subr; aborting." 32 1.25 lukem exit 1; 33 1.25 lukem fi 34 1.25 lukem 35 1.93 kre if [ -z "$MAILTO" ] || [ "$USER" != "root" ]; then 36 1.27 mycroft MAILTO=root 37 1.23 phil fi 38 1.23 phil 39 1.76 jmmv if [ -n "${pkgdb_dir}" ]; then 40 1.92 uebayasi echo "WARNING: Setting pkgdb_dir in daily.conf(5) is deprecated" 41 1.92 uebayasi echo "WARNING: Please define PKG_DBDIR in pkg_install.conf(5) instead" 42 1.92 uebayasi _compat_K_flag="-K ${pkgdb_dir}" 43 1.76 jmmv fi 44 1.76 jmmv 45 1.22 lukem echo "" 46 1.77 christos echo "Uptime: $(uptime)" 47 1.18 mrg 48 1.29 abs # Uncommenting any of the finds below would open up a race condition attack 49 1.29 abs # based on symlinks, potentially allowing removal of any file on the system. 50 1.29 abs # 51 1.17 jtc #echo "" 52 1.17 jtc #echo "Removing scratch and junk files:" 53 1.93 kre #if [ -d /tmp ] && ! [ -h /tmp ]; then 54 1.17 jtc # cd /tmp && { 55 1.17 jtc # find . -type f -atime +3 -exec rm -f -- {} \; 56 1.17 jtc # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 57 1.17 jtc # >/dev/null 2>&1; } 58 1.17 jtc #fi 59 1.1 cgd 60 1.93 kre #if [ -d /var/tmp ] && ! [ -h /var/tmp ]; then 61 1.17 jtc # cd /var/tmp && { 62 1.17 jtc # find . ! -name . -atime +7 -exec rm -f -- {} \; 63 1.35 aymeric # find . ! \( -name . -o -name vi.recover \) -type d \ 64 1.35 aymeric # -mtime +1 -exec rmdir -- {} \; \ 65 1.17 jtc # >/dev/null 2>&1; } 66 1.17 jtc #fi 67 1.10 cgd 68 1.15 pk # Additional junk directory cleanup would go like this: 69 1.93 kre #if [ -d /scratch ] && ! [ -h /scratch ]; then 70 1.15 pk # cd /scratch && { 71 1.15 pk # find . ! -name . -atime +1 -exec rm -f -- {} \; 72 1.15 pk # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 73 1.15 pk # >/dev/null 2>&1; } 74 1.15 pk #fi 75 1.10 cgd 76 1.93 kre #if [ -d /var/rwho ] && ! [ -h /var/rwho ] ; then 77 1.17 jtc # cd /var/rwho && { 78 1.17 jtc # find . ! -name . -mtime +7 -exec rm -f -- {} \; ; } 79 1.17 jtc #fi 80 1.10 cgd 81 1.70 martti DAILYDIR=$(mktemp -d -t _daily) || exit 1 82 1.18 mrg 83 1.36 lukem trap "/bin/rm -rf $DAILYDIR ; exit 0" EXIT INT QUIT 84 1.18 mrg 85 1.36 lukem if ! cd "$DAILYDIR"; then 86 1.36 lukem echo "Can not cd to $DAILYDIR". 87 1.18 mrg exit 1 88 1.18 mrg fi 89 1.18 mrg 90 1.10 cgd TMP=daily.$$ 91 1.18 mrg TMP2=daily2.$$ 92 1.18 mrg 93 1.25 lukem if checkyesno find_core; then 94 1.62 erh # Turn "foo !bar bax" into "-fstype foo -o ! -fstype bar -o -fstype bax" 95 1.77 christos ignfstypes="$(echo $find_core_ignore_fstypes | \ 96 1.62 erh sed -e's/\(!*\)\([^[:space:]]\{1,\}\)/-o \1 -fstype \2/g' \ 97 1.77 christos -e's/^-o //')" 98 1.82 christos # Turn "foo bar" into "( -path foo -o -path bar ) -prune -o" 99 1.82 christos # Set ignpaths empty if no find_core_ignore_paths given 100 1.82 christos if [ -n "$find_core_ignore_paths" ]; then 101 1.82 christos ignpaths="$(printf " -o -path %s" $find_core_ignore_paths)" 102 1.82 christos ignpaths="( ${ignpaths# -o } ) -prune -o" 103 1.82 christos else 104 1.82 christos ignpaths="" 105 1.82 christos fi 106 1.62 erh find / \( $ignfstypes \) -prune -o \ 107 1.82 christos ${ignpaths} \ 108 1.48 atatat -name 'lost+found' -prune -o \ 109 1.48 atatat \( -name '*.core' -o -name 'core' \) -type f -print > $TMP 110 1.18 mrg # \( -name '[#,]*' -o -name '.#*' -o -name a.out \ 111 1.18 mrg # -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \ 112 1.18 mrg # -a -atime +3 -exec rm -f -- {} \; -a -print > $TMP 113 1.18 mrg 114 1.26 nathanw egrep '\.core$|^core$' $TMP > $TMP2 115 1.18 mrg if [ -s $TMP2 ]; then 116 1.18 mrg echo "" 117 1.18 mrg echo "Possible core dumps:" 118 1.18 mrg cat $TMP2 119 1.18 mrg fi 120 1.18 mrg 121 1.18 mrg # egrep -v '\.core' $TMP > $TMP2 122 1.18 mrg # if [ -s $TMP2 ]; then 123 1.18 mrg # echo "" 124 1.18 mrg # echo "Deleted files:" 125 1.18 mrg # cat $TMP2 126 1.18 mrg # fi 127 1.10 cgd 128 1.18 mrg rm -f $TMP $TMP2 129 1.18 mrg fi 130 1.10 cgd 131 1.25 lukem if checkyesno run_msgs; then 132 1.18 mrg msgs -c 133 1.18 mrg fi 134 1.1 cgd 135 1.25 lukem if checkyesno expire_news && [ -f /etc/news.expire ]; then 136 1.1 cgd /etc/news.expire 137 1.1 cgd fi 138 1.1 cgd 139 1.25 lukem if checkyesno purge_accounting && [ -f /var/account/acct ]; then 140 1.21 mikel echo "" 141 1.21 mikel echo "Purging accounting records:" 142 1.58 mrg if [ -f /var/account/acct.0.gz ]; then 143 1.58 mrg mv /var/account/acct.2.gz /var/account/acct.3.gz 2>/dev/null 144 1.58 mrg mv /var/account/acct.1.gz /var/account/acct.2.gz 2>/dev/null 145 1.58 mrg mv /var/account/acct.0.gz /var/account/acct.1.gz 2>/dev/null 146 1.58 mrg else 147 1.58 mrg mv /var/account/acct.2 /var/account/acct.3 2>/dev/null 148 1.58 mrg mv /var/account/acct.1 /var/account/acct.2 2>/dev/null 149 1.58 mrg mv /var/account/acct.0 /var/account/acct.1 2>/dev/null 150 1.58 mrg fi 151 1.21 mikel cp /var/account/acct /var/account/acct.0 152 1.21 mikel sa -sq 153 1.58 mrg if [ -f /var/account/acct.1.gz ]; then 154 1.58 mrg gzip /var/account/acct.0 155 1.58 mrg fi 156 1.1 cgd fi 157 1.1 cgd 158 1.25 lukem if checkyesno run_calendar; then 159 1.50 jhawk calendar -a > $TMP 2>&1 160 1.18 mrg if [ -s $TMP ]; then 161 1.18 mrg echo "" 162 1.18 mrg echo "Running calendar:" 163 1.18 mrg cat $TMP 164 1.18 mrg fi 165 1.18 mrg rm -f $TMP 166 1.18 mrg fi 167 1.1 cgd 168 1.25 lukem if checkyesno check_disks; then 169 1.55 perry if checkyesno show_remote_fs; then 170 1.72 perry df -hi -t nokernfs,procfs,ptyfs,null,fdesc > $TMP 171 1.55 perry else 172 1.72 perry df -hil -t nokernfs,procfs,ptyfs,null,fdesc > $TMP 173 1.55 perry fi 174 1.52 perry if [ -s /etc/dumpdates ] ; then 175 1.52 perry dump -W > $TMP2 176 1.52 perry fi 177 1.93 kre if [ -s $TMP ] || [ -s $TMP2 ]; then 178 1.18 mrg echo "" 179 1.18 mrg echo "Checking subsystem status:" 180 1.18 mrg echo "" 181 1.18 mrg echo "disks:" 182 1.18 mrg if [ -s $TMP ]; then 183 1.65 perry cat $TMP | sed 's/Mounted on/Mount/' 184 1.18 mrg echo "" 185 1.18 mrg fi 186 1.18 mrg if [ -s $TMP2 ]; then 187 1.18 mrg cat $TMP2 188 1.18 mrg echo "" 189 1.18 mrg fi 190 1.18 mrg echo "" 191 1.18 mrg fi 192 1.46 bouyer rm -f $TMP $TMP2 193 1.46 bouyer touch $TMP2 194 1.77 christos for dev in $(iostat -x | awk '/^raid/ { print $1 }'); do 195 1.46 bouyer raidctl -s $dev | awk '/^.*: failed$/ {print $0}' > $TMP 196 1.46 bouyer if [ -s $TMP ]; then 197 1.46 bouyer echo "$dev:" >> $TMP2 198 1.46 bouyer cat $TMP >> $TMP2 199 1.46 bouyer fi 200 1.46 bouyer rm -f $TMP 201 1.46 bouyer done 202 1.46 bouyer if [ -s $TMP2 ]; then 203 1.46 bouyer echo "failed RAIDframe component(s):" 204 1.46 bouyer cat $TMP2 205 1.46 bouyer fi 206 1.46 bouyer rm -f $TMP2 207 1.18 mrg fi 208 1.18 mrg 209 1.25 lukem if checkyesno check_mailq; then 210 1.18 mrg mailq > $TMP 211 1.44 lukem if ! grep -q "queue is empty$" $TMP; then 212 1.18 mrg echo "" 213 1.18 mrg echo "mail:" 214 1.18 mrg cat $TMP 215 1.18 mrg fi 216 1.18 mrg fi 217 1.18 mrg 218 1.18 mrg rm -f $TMP 219 1.1 cgd 220 1.25 lukem if checkyesno check_network; then 221 1.18 mrg echo "" 222 1.18 mrg echo "network:" 223 1.54 perry if checkyesno full_netstat; then 224 1.54 perry netstat -inv 225 1.54 perry else 226 1.61 martin netstat -inv | awk 'BEGIN { 227 1.54 perry ifs[""] = 0; 228 1.54 perry } 229 1.54 perry /^[^\*]* / { 230 1.54 perry if (NR == 1) { 231 1.66 jdolecek printf("%-8s %12s %6s %12s %6s %6s\n", 232 1.54 perry $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); 233 1.54 perry next; 234 1.54 perry } 235 1.54 perry if (!($1 in ifs)) { 236 1.66 jdolecek printf("%-8s %12s %6s %12s %6s %6s\n", 237 1.54 perry $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); 238 1.54 perry ifs[$1] = 1; 239 1.54 perry } 240 1.54 perry }' 241 1.54 perry fi 242 1.1 cgd echo "" 243 1.18 mrg t=/var/rwho/* 244 1.18 mrg if [ "$t" != '/var/rwho/*' ]; then 245 1.18 mrg ruptime 246 1.18 mrg fi 247 1.1 cgd fi 248 1.1 cgd 249 1.25 lukem if checkyesno run_fsck; then 250 1.18 mrg echo "" 251 1.91 wiz echo "Checking file systems:" 252 1.71 bouyer fsck -n -f ${run_fsck_flags} | grep -v '^\*\* Phase' 253 1.18 mrg fi 254 1.1 cgd 255 1.25 lukem if checkyesno run_rdist && [ -f /etc/Distfile ]; then 256 1.85 christos echo "" 257 1.1 cgd echo "Running rdist:" 258 1.20 mikel if [ -d /var/log/rdist ]; then 259 1.77 christos logf="$(date +%Y.%b.%d)" 260 1.20 mikel rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf 261 1.20 mikel else 262 1.20 mikel rdist -f /etc/Distfile 263 1.20 mikel fi 264 1.1 cgd fi 265 1.1 cgd 266 1.89 agc if ${pkg_info} ${_compat_K_flag} -q -E '*'; then 267 1.88 christos if [ -z "$fetch_pkg_vulnerabilities" ]; then 268 1.83 christos echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)." 269 1.83 christos echo "You should set it to YES to enable vulnerability checks" 270 1.83 christos echo "or set it to NO to get rid of this warning." 271 1.85 christos elif checkyesno fetch_pkg_vulnerabilities; then 272 1.86 christos echo "" 273 1.86 christos echo "Fetching package vulnerabilities database:" 274 1.89 agc ( umask 022 && ${pkg_admin} ${_compat_K_flag} \ 275 1.85 christos fetch-pkg-vulnerabilities -u ) 276 1.73 jmmv fi 277 1.73 jmmv fi 278 1.73 jmmv 279 1.25 lukem if checkyesno run_security; then 280 1.36 lukem SECOUT="$DAILYDIR/sec" 281 1.47 grant sh /etc/security > "$SECOUT" 2>&1 282 1.36 lukem if [ ! -s "$SECOUT" ]; then 283 1.49 jhawk if checkyesno send_empty_security; then 284 1.49 jhawk echo "Nothing to report on $date" > "$SECOUT" 285 1.49 jhawk else 286 1.49 jhawk echo "" 287 1.57 atatat echo "Suppressing empty security report." 288 1.49 jhawk fi 289 1.49 jhawk fi 290 1.49 jhawk if [ -s "$SECOUT" ]; then 291 1.78 darcy if checkyesno separate_security_email; then 292 1.78 darcy mail -s "$host daily insecurity output for $date" $MAILTO < $SECOUT 293 1.78 darcy else 294 1.78 darcy echo "" 295 1.78 darcy echo "$host daily insecurity output for $date:" 296 1.78 darcy cat $SECOUT 297 1.78 darcy fi 298 1.28 lukem fi 299 1.34 hubertf fi 300 1.34 hubertf 301 1.34 hubertf if checkyesno run_skeyaudit; then 302 1.52 perry if [ -s /etc/skeykeys ]; then 303 1.52 perry echo "" 304 1.52 perry echo "Checking remaining s/key OTPs:" 305 1.52 perry skeyaudit 306 1.52 perry fi 307 1.31 ad fi 308 1.31 ad 309 1.79 joerg if checkyesno run_makemandb; then 310 1.93 kre if [ -f /etc/man.conf ] && [ -x /usr/sbin/makemandb ]; then 311 1.79 joerg echo "" 312 1.79 joerg echo "Updating man page index:" 313 1.87 wiz (umask 022; nice -n 5 /usr/sbin/makemandb -Q) 314 1.79 joerg fi 315 1.79 joerg fi 316 1.79 joerg 317 1.31 ad if [ -f /etc/daily.local ]; then 318 1.69 hubertf ( . /etc/daily.local ) > $TMP 2>&1 319 1.60 kim if [ -s $TMP ] ; then 320 1.60 kim printf "\nRunning /etc/daily.local:\n" 321 1.60 kim cat $TMP 322 1.60 kim fi 323 1.60 kim rm -f $TMP 324 1.18 mrg fi 325
Indexes created Mon Sep 29 13:09:55 GMT 2025