daily revision 1.29
11.1Scgd#!/bin/sh - 21.1Scgd# 31.29Sabs# $NetBSD: daily,v 1.29 1999/01/06 03:24:06 abs Exp $ 41.21Smikel# @(#)daily 8.2 (Berkeley) 1/25/94 51.1Scgd# 61.18Smrg 71.27Smycroftexport PATH=/bin:/usr/bin:/sbin:/usr/sbin 81.28Slukemumask 077 91.28Slukem 101.28Slukemif [ -s /etc/daily.conf ]; then 111.28Slukem . /etc/daily.conf 121.28Slukemfi 131.28Slukem 141.20Smikelhost=`hostname` 151.28Slukemdate=`date` 161.1Scgd 171.28Slukemecho "To: ${MAILTO:-root}" 181.28Slukemecho "Subject: $host daily output for $date" 191.28Slukemecho "" 201.18Smrg 211.25Slukemif [ -f /etc/rc.subr ]; then 221.25Slukem . /etc/rc.subr 231.25Slukemelse 241.25Slukem echo "Can't read /etc/rc.subr; aborting." 251.25Slukem exit 1; 261.25Slukemfi 271.25Slukem 281.23Sphilif [ -z "$MAILTO" -o "$USER" != "root" ]; then 291.27Smycroft MAILTO=root 301.23Sphilfi 311.23Sphil 321.22Slukemecho "" 331.22Slukemecho "Uptime: " `uptime` 341.18Smrg 351.29Sabs# Uncommenting any of the finds below would open up a race condition attack 361.29Sabs# based on symlinks, potentially allowing removal of any file on the system. 371.29Sabs# 381.17Sjtc#echo "" 391.17Sjtc#echo "Removing scratch and junk files:" 401.17Sjtc#if [ -d /tmp -a ! -h /tmp ]; then 411.17Sjtc# cd /tmp && { 421.17Sjtc# find . -type f -atime +3 -exec rm -f -- {} \; 431.17Sjtc# find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 441.17Sjtc# >/dev/null 2>&1; } 451.17Sjtc#fi 461.1Scgd 471.17Sjtc#if [ -d /var/tmp -a ! -h /var/tmp ]; then 481.17Sjtc# cd /var/tmp && { 491.17Sjtc# find . ! -name . -atime +7 -exec rm -f -- {} \; 501.17Sjtc# find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 511.17Sjtc# >/dev/null 2>&1; } 521.17Sjtc#fi 531.10Scgd 541.15Spk# Additional junk directory cleanup would go like this: 551.15Spk#if [ -d /scratch -a ! -h /scratch ]; then 561.15Spk# cd /scratch && { 571.15Spk# find . ! -name . -atime +1 -exec rm -f -- {} \; 581.15Spk# find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 591.15Spk# >/dev/null 2>&1; } 601.15Spk#fi 611.10Scgd 621.17Sjtc#if [ -d /var/rwho -a ! -h /var/rwho ] ; then 631.17Sjtc# cd /var/rwho && { 641.17Sjtc# find . ! -name . -mtime +7 -exec rm -f -- {} \; ; } 651.17Sjtc#fi 661.10Scgd 671.18SmrgTMPDIR=/tmp/_daily.$$ 681.18Smrg 691.18Smrgif ! mkdir $TMPDIR; then 701.18Smrg echo can not create $TMPDIR. 711.18Smrg exit 1 721.18Smrgfi 731.18Smrg 741.18Smrgif ! cd $TMPDIR; then 751.18Smrg echo can not cd to $TMPDIR. 761.18Smrg exit 1 771.18Smrgfi 781.18Smrg 791.10ScgdTMP=daily.$$ 801.18SmrgTMP2=daily2.$$ 811.18Smrg 821.25Slukemif checkyesno find_core; then 831.18Smrg find / \( ! -fstype local -o -fstype rdonly -o -fstype fdesc \ 841.14Smycroft -o -fstype kernfs -o -fstype procfs \) -a -prune -o \ 851.18Smrg -name 'lost+found' -a -prune -o \ 861.26Snathanw \( -name '*.core' -o -name 'core' \) -a -print > $TMP 871.18Smrg# \( -name '[#,]*' -o -name '.#*' -o -name a.out \ 881.18Smrg# -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \ 891.18Smrg# -a -atime +3 -exec rm -f -- {} \; -a -print > $TMP 901.18Smrg 911.26Snathanw egrep '\.core$|^core$' $TMP > $TMP2 921.18Smrg if [ -s $TMP2 ]; then 931.18Smrg echo "" 941.18Smrg echo "Possible core dumps:" 951.18Smrg cat $TMP2 961.18Smrg fi 971.18Smrg 981.18Smrg# egrep -v '\.core' $TMP > $TMP2 991.18Smrg# if [ -s $TMP2 ]; then 1001.18Smrg# echo "" 1011.18Smrg# echo "Deleted files:" 1021.18Smrg# cat $TMP2 1031.18Smrg# fi 1041.10Scgd 1051.18Smrg rm -f $TMP $TMP2 1061.18Smrgfi 1071.10Scgd 1081.25Slukemif checkyesno run_msgs; then 1091.18Smrg msgs -c 1101.18Smrgfi 1111.1Scgd 1121.25Slukemif checkyesno expire_news && [ -f /etc/news.expire ]; then 1131.1Scgd /etc/news.expire 1141.1Scgdfi 1151.1Scgd 1161.25Slukemif checkyesno purge_accounting && [ -f /var/account/acct ]; then 1171.21Smikel echo "" 1181.21Smikel echo "Purging accounting records:" 1191.21Smikel mv /var/account/acct.2 /var/account/acct.3 1201.21Smikel mv /var/account/acct.1 /var/account/acct.2 1211.21Smikel mv /var/account/acct.0 /var/account/acct.1 1221.21Smikel cp /var/account/acct /var/account/acct.0 1231.21Smikel sa -sq 1241.1Scgdfi 1251.1Scgd 1261.25Slukemif checkyesno run_calendar; then 1271.18Smrg calendar -a > $TMP 1281.18Smrg if [ -s $TMP ]; then 1291.18Smrg echo "" 1301.18Smrg echo "Running calendar:" 1311.18Smrg cat $TMP 1321.18Smrg fi 1331.18Smrg rm -f $TMP 1341.18Smrgfi 1351.1Scgd 1361.25Slukemif checkyesno check_uucp && \ 1371.25Slukem [ -d /var/spool/uucp -a -f /usr/libexec/uucp/clean.daily ]; then 1381.1Scgd echo "" 1391.1Scgd echo "Cleaning up UUCP:" 1401.24Slukem su daemon -c /usr/libexec/uucp/clean.daily 1411.1Scgdfi 1421.1Scgd 1431.25Slukemif checkyesno check_disks; then 1441.18Smrg df -k > $TMP 1451.18Smrg dump W > $TMP2 1461.18Smrg if [ -s $TMP -o -s $TMP2 ]; then 1471.18Smrg echo "" 1481.18Smrg echo "Checking subsystem status:" 1491.18Smrg echo "" 1501.18Smrg echo "disks:" 1511.18Smrg if [ -s $TMP ]; then 1521.18Smrg cat $TMP 1531.18Smrg echo "" 1541.18Smrg fi 1551.18Smrg if [ -s $TMP2 ]; then 1561.18Smrg cat $TMP2 1571.18Smrg echo "" 1581.18Smrg fi 1591.18Smrg echo "" 1601.18Smrg fi 1611.18Smrgfi 1621.18Smrg 1631.18Smrgrm -f $TMP $TMP2 1641.18Smrg 1651.25Slukemif checkyesno check_mailq; then 1661.18Smrg mailq > $TMP 1671.18Smrg if ! grep -q "^Mail queue is empty$" $TMP; then 1681.18Smrg echo "" 1691.18Smrg echo "mail:" 1701.18Smrg cat $TMP 1711.18Smrg fi 1721.18Smrgfi 1731.18Smrg 1741.18Smrgrm -f $TMP 1751.1Scgd 1761.25Slukemif checkyesno check_uucp && [ -d /var/spool/uucp ]; then 1771.18Smrg uustat -a > $TMP 1781.18Smrg if [ -s $TMP ]; then 1791.18Smrg echo "" 1801.18Smrg echo "uucp:" 1811.21Smikel cat $TMP 1821.18Smrg fi 1831.18Smrgfi 1841.1Scgd 1851.18Smrgrm -f $TMP 1861.1Scgd 1871.25Slukemif checkyesno check_network; then 1881.18Smrg echo "" 1891.18Smrg echo "network:" 1901.18Smrg netstat -i 1911.1Scgd echo "" 1921.18Smrg t=/var/rwho/* 1931.18Smrg if [ "$t" != '/var/rwho/*' ]; then 1941.18Smrg ruptime 1951.18Smrg fi 1961.1Scgdfi 1971.1Scgd 1981.25Slukemif checkyesno run_fsck; then 1991.18Smrg echo "" 2001.18Smrg echo "Checking filesystems:" 2011.18Smrg fsck -n | grep -v '^\*\* Phase' 2021.18Smrgfi 2031.1Scgd 2041.1Scgdecho "" 2051.25Slukemif checkyesno run_rdist && [ -f /etc/Distfile ]; then 2061.1Scgd echo "Running rdist:" 2071.20Smikel if [ -d /var/log/rdist ]; then 2081.21Smikel logf=`date +%Y.%b.%e` 2091.20Smikel rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf 2101.20Smikel else 2111.20Smikel rdist -f /etc/Distfile 2121.20Smikel fi 2131.1Scgdfi 2141.1Scgd 2151.25Slukemif checkyesno run_security; then 2161.28Slukem SECOUT=$TMPDIR/sec 2171.28Slukem sh /etc/security 2>&1 > $SECOUT 2181.28Slukem if [ ! -s $SECOUT ]; then 2191.28Slukem echo "Nothing to report on $date" > $SECOUT 2201.28Slukem fi 2211.28Slukem mail -s "$host daily insecurity output for $date" $MAILTO < $SECOUT 2221.18Smrgfi 2231.18Smrg 2241.18Smrgrm -rf $TMPDIR 225