daily revision 1.75
1 1.1 cgd #!/bin/sh - 2 1.1 cgd # 3 1.75 jmmv # $NetBSD: daily,v 1.75 2010/01/27 16:22:41 jmmv Exp $ 4 1.21 mikel # @(#)daily 8.2 (Berkeley) 1/25/94 5 1.1 cgd # 6 1.18 mrg 7 1.27 mycroft export PATH=/bin:/usr/bin:/sbin:/usr/sbin 8 1.28 lukem umask 077 9 1.28 lukem 10 1.28 lukem if [ -s /etc/daily.conf ]; then 11 1.28 lukem . /etc/daily.conf 12 1.28 lukem fi 13 1.28 lukem 14 1.20 mikel host=`hostname` 15 1.28 lukem date=`date` 16 1.59 jmmv rcvar_manpage='daily.conf(5)' 17 1.1 cgd 18 1.28 lukem echo "To: ${MAILTO:-root}" 19 1.28 lukem echo "Subject: $host daily output for $date" 20 1.28 lukem echo "" 21 1.18 mrg 22 1.25 lukem if [ -f /etc/rc.subr ]; then 23 1.25 lukem . /etc/rc.subr 24 1.25 lukem else 25 1.25 lukem echo "Can't read /etc/rc.subr; aborting." 26 1.25 lukem exit 1; 27 1.25 lukem fi 28 1.25 lukem 29 1.23 phil if [ -z "$MAILTO" -o "$USER" != "root" ]; then 30 1.27 mycroft MAILTO=root 31 1.23 phil fi 32 1.23 phil 33 1.22 lukem echo "" 34 1.22 lukem echo "Uptime: " `uptime` 35 1.18 mrg 36 1.29 abs # Uncommenting any of the finds below would open up a race condition attack 37 1.29 abs # based on symlinks, potentially allowing removal of any file on the system. 38 1.29 abs # 39 1.17 jtc #echo "" 40 1.17 jtc #echo "Removing scratch and junk files:" 41 1.17 jtc #if [ -d /tmp -a ! -h /tmp ]; then 42 1.17 jtc # cd /tmp && { 43 1.17 jtc # find . -type f -atime +3 -exec rm -f -- {} \; 44 1.17 jtc # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 45 1.17 jtc # >/dev/null 2>&1; } 46 1.17 jtc #fi 47 1.1 cgd 48 1.17 jtc #if [ -d /var/tmp -a ! -h /var/tmp ]; then 49 1.17 jtc # cd /var/tmp && { 50 1.17 jtc # find . ! -name . -atime +7 -exec rm -f -- {} \; 51 1.35 aymeric # find . ! \( -name . -o -name vi.recover \) -type d \ 52 1.35 aymeric # -mtime +1 -exec rmdir -- {} \; \ 53 1.17 jtc # >/dev/null 2>&1; } 54 1.17 jtc #fi 55 1.10 cgd 56 1.15 pk # Additional junk directory cleanup would go like this: 57 1.15 pk #if [ -d /scratch -a ! -h /scratch ]; then 58 1.15 pk # cd /scratch && { 59 1.15 pk # find . ! -name . -atime +1 -exec rm -f -- {} \; 60 1.15 pk # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 61 1.15 pk # >/dev/null 2>&1; } 62 1.15 pk #fi 63 1.10 cgd 64 1.17 jtc #if [ -d /var/rwho -a ! -h /var/rwho ] ; then 65 1.17 jtc # cd /var/rwho && { 66 1.17 jtc # find . ! -name . -mtime +7 -exec rm -f -- {} \; ; } 67 1.17 jtc #fi 68 1.10 cgd 69 1.70 martti DAILYDIR=$(mktemp -d -t _daily) || exit 1 70 1.18 mrg 71 1.36 lukem trap "/bin/rm -rf $DAILYDIR ; exit 0" EXIT INT QUIT 72 1.18 mrg 73 1.36 lukem if ! cd "$DAILYDIR"; then 74 1.36 lukem echo "Can not cd to $DAILYDIR". 75 1.18 mrg exit 1 76 1.18 mrg fi 77 1.18 mrg 78 1.10 cgd TMP=daily.$$ 79 1.18 mrg TMP2=daily2.$$ 80 1.18 mrg 81 1.25 lukem if checkyesno find_core; then 82 1.62 erh # Turn "foo !bar bax" into "-fstype foo -o ! -fstype bar -o -fstype bax" 83 1.62 erh ignfstypes=`echo $find_core_ignore_fstypes | \ 84 1.62 erh sed -e's/\(!*\)\([^[:space:]]\{1,\}\)/-o \1 -fstype \2/g' \ 85 1.62 erh -e's/^-o //'` 86 1.62 erh find / \( $ignfstypes \) -prune -o \ 87 1.48 atatat -name 'lost+found' -prune -o \ 88 1.48 atatat \( -name '*.core' -o -name 'core' \) -type f -print > $TMP 89 1.18 mrg # \( -name '[#,]*' -o -name '.#*' -o -name a.out \ 90 1.18 mrg # -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \ 91 1.18 mrg # -a -atime +3 -exec rm -f -- {} \; -a -print > $TMP 92 1.18 mrg 93 1.26 nathanw egrep '\.core$|^core$' $TMP > $TMP2 94 1.18 mrg if [ -s $TMP2 ]; then 95 1.18 mrg echo "" 96 1.18 mrg echo "Possible core dumps:" 97 1.18 mrg cat $TMP2 98 1.18 mrg fi 99 1.18 mrg 100 1.18 mrg # egrep -v '\.core' $TMP > $TMP2 101 1.18 mrg # if [ -s $TMP2 ]; then 102 1.18 mrg # echo "" 103 1.18 mrg # echo "Deleted files:" 104 1.18 mrg # cat $TMP2 105 1.18 mrg # fi 106 1.10 cgd 107 1.18 mrg rm -f $TMP $TMP2 108 1.18 mrg fi 109 1.10 cgd 110 1.25 lukem if checkyesno run_msgs; then 111 1.18 mrg msgs -c 112 1.18 mrg fi 113 1.1 cgd 114 1.25 lukem if checkyesno expire_news && [ -f /etc/news.expire ]; then 115 1.1 cgd /etc/news.expire 116 1.1 cgd fi 117 1.1 cgd 118 1.25 lukem if checkyesno purge_accounting && [ -f /var/account/acct ]; then 119 1.21 mikel echo "" 120 1.21 mikel echo "Purging accounting records:" 121 1.58 mrg if [ -f /var/account/acct.0.gz ]; then 122 1.58 mrg mv /var/account/acct.2.gz /var/account/acct.3.gz 2>/dev/null 123 1.58 mrg mv /var/account/acct.1.gz /var/account/acct.2.gz 2>/dev/null 124 1.58 mrg mv /var/account/acct.0.gz /var/account/acct.1.gz 2>/dev/null 125 1.58 mrg else 126 1.58 mrg mv /var/account/acct.2 /var/account/acct.3 2>/dev/null 127 1.58 mrg mv /var/account/acct.1 /var/account/acct.2 2>/dev/null 128 1.58 mrg mv /var/account/acct.0 /var/account/acct.1 2>/dev/null 129 1.58 mrg fi 130 1.21 mikel cp /var/account/acct /var/account/acct.0 131 1.21 mikel sa -sq 132 1.58 mrg if [ -f /var/account/acct.1.gz ]; then 133 1.58 mrg gzip /var/account/acct.0 134 1.58 mrg fi 135 1.1 cgd fi 136 1.1 cgd 137 1.25 lukem if checkyesno run_calendar; then 138 1.50 jhawk calendar -a > $TMP 2>&1 139 1.18 mrg if [ -s $TMP ]; then 140 1.18 mrg echo "" 141 1.18 mrg echo "Running calendar:" 142 1.18 mrg cat $TMP 143 1.18 mrg fi 144 1.18 mrg rm -f $TMP 145 1.18 mrg fi 146 1.1 cgd 147 1.25 lukem if checkyesno check_disks; then 148 1.55 perry if checkyesno show_remote_fs; then 149 1.72 perry df -hi -t nokernfs,procfs,ptyfs,null,fdesc > $TMP 150 1.55 perry else 151 1.72 perry df -hil -t nokernfs,procfs,ptyfs,null,fdesc > $TMP 152 1.55 perry fi 153 1.52 perry if [ -s /etc/dumpdates ] ; then 154 1.52 perry dump -W > $TMP2 155 1.52 perry fi 156 1.18 mrg if [ -s $TMP -o -s $TMP2 ]; then 157 1.18 mrg echo "" 158 1.18 mrg echo "Checking subsystem status:" 159 1.18 mrg echo "" 160 1.18 mrg echo "disks:" 161 1.18 mrg if [ -s $TMP ]; then 162 1.65 perry cat $TMP | sed 's/Mounted on/Mount/' 163 1.18 mrg echo "" 164 1.18 mrg fi 165 1.18 mrg if [ -s $TMP2 ]; then 166 1.18 mrg cat $TMP2 167 1.18 mrg echo "" 168 1.18 mrg fi 169 1.18 mrg echo "" 170 1.18 mrg fi 171 1.46 bouyer rm -f $TMP $TMP2 172 1.46 bouyer touch $TMP2 173 1.46 bouyer for dev in `iostat -x | awk '/^raid/ { print $1 }'`; do 174 1.46 bouyer raidctl -s $dev | awk '/^.*: failed$/ {print $0}' > $TMP 175 1.46 bouyer if [ -s $TMP ]; then 176 1.46 bouyer echo "$dev:" >> $TMP2 177 1.46 bouyer cat $TMP >> $TMP2 178 1.46 bouyer fi 179 1.46 bouyer rm -f $TMP 180 1.46 bouyer done 181 1.46 bouyer if [ -s $TMP2 ]; then 182 1.46 bouyer echo "failed RAIDframe component(s):" 183 1.46 bouyer cat $TMP2 184 1.46 bouyer fi 185 1.46 bouyer rm -f $TMP2 186 1.18 mrg fi 187 1.18 mrg 188 1.25 lukem if checkyesno check_mailq; then 189 1.18 mrg mailq > $TMP 190 1.44 lukem if ! grep -q "queue is empty$" $TMP; then 191 1.18 mrg echo "" 192 1.18 mrg echo "mail:" 193 1.18 mrg cat $TMP 194 1.18 mrg fi 195 1.18 mrg fi 196 1.18 mrg 197 1.18 mrg rm -f $TMP 198 1.1 cgd 199 1.25 lukem if checkyesno check_network; then 200 1.18 mrg echo "" 201 1.18 mrg echo "network:" 202 1.54 perry if checkyesno full_netstat; then 203 1.54 perry netstat -inv 204 1.54 perry else 205 1.61 martin netstat -inv | awk 'BEGIN { 206 1.54 perry ifs[""] = 0; 207 1.54 perry } 208 1.54 perry /^[^\*]* / { 209 1.54 perry if (NR == 1) { 210 1.66 jdolecek printf("%-8s %12s %6s %12s %6s %6s\n", 211 1.54 perry $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); 212 1.54 perry next; 213 1.54 perry } 214 1.54 perry if (!($1 in ifs)) { 215 1.66 jdolecek printf("%-8s %12s %6s %12s %6s %6s\n", 216 1.54 perry $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); 217 1.54 perry ifs[$1] = 1; 218 1.54 perry } 219 1.54 perry }' 220 1.54 perry fi 221 1.1 cgd echo "" 222 1.18 mrg t=/var/rwho/* 223 1.18 mrg if [ "$t" != '/var/rwho/*' ]; then 224 1.18 mrg ruptime 225 1.18 mrg fi 226 1.1 cgd fi 227 1.1 cgd 228 1.25 lukem if checkyesno run_fsck; then 229 1.18 mrg echo "" 230 1.18 mrg echo "Checking filesystems:" 231 1.71 bouyer fsck -n -f ${run_fsck_flags} | grep -v '^\*\* Phase' 232 1.18 mrg fi 233 1.1 cgd 234 1.1 cgd echo "" 235 1.25 lukem if checkyesno run_rdist && [ -f /etc/Distfile ]; then 236 1.1 cgd echo "Running rdist:" 237 1.20 mikel if [ -d /var/log/rdist ]; then 238 1.30 enami logf=`date +%Y.%b.%d` 239 1.20 mikel rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf 240 1.20 mikel else 241 1.20 mikel rdist -f /etc/Distfile 242 1.20 mikel fi 243 1.1 cgd fi 244 1.1 cgd 245 1.73 jmmv : ${pkgdb_dir:=/var/db/pkg} 246 1.73 jmmv 247 1.73 jmmv if pkg_info -K ${pkgdb_dir} -q -E '*'; then 248 1.74 jmmv echo "" 249 1.74 jmmv echo "Fetching package vulnerabilities database:" 250 1.73 jmmv if checkyesno fetch_pkg_vulnerabilities; then 251 1.75 jmmv ( umask 022 && pkg_admin -K ${pkgdb_dir} \ 252 1.75 jmmv fetch-pkg-vulnerabilities -u ) 253 1.74 jmmv else 254 1.74 jmmv echo "fetch_pkg_vulnerabilities is set to NO in daily.conf(5)." 255 1.74 jmmv echo "You should set it to YES to enable vulnerability checks." 256 1.73 jmmv fi 257 1.73 jmmv fi 258 1.73 jmmv 259 1.25 lukem if checkyesno run_security; then 260 1.36 lukem SECOUT="$DAILYDIR/sec" 261 1.47 grant sh /etc/security > "$SECOUT" 2>&1 262 1.36 lukem if [ ! -s "$SECOUT" ]; then 263 1.49 jhawk if checkyesno send_empty_security; then 264 1.49 jhawk echo "Nothing to report on $date" > "$SECOUT" 265 1.49 jhawk else 266 1.49 jhawk echo "" 267 1.57 atatat echo "Suppressing empty security report." 268 1.49 jhawk fi 269 1.49 jhawk fi 270 1.49 jhawk if [ -s "$SECOUT" ]; then 271 1.49 jhawk mail -s "$host daily insecurity output for $date" \ 272 1.64 sketch "$MAILTO" < "$SECOUT" 273 1.28 lukem fi 274 1.34 hubertf fi 275 1.34 hubertf 276 1.34 hubertf if checkyesno run_skeyaudit; then 277 1.52 perry if [ -s /etc/skeykeys ]; then 278 1.52 perry echo "" 279 1.52 perry echo "Checking remaining s/key OTPs:" 280 1.52 perry skeyaudit 281 1.52 perry fi 282 1.31 ad fi 283 1.31 ad 284 1.31 ad if [ -f /etc/daily.local ]; then 285 1.69 hubertf ( . /etc/daily.local ) > $TMP 2>&1 286 1.60 kim if [ -s $TMP ] ; then 287 1.60 kim printf "\nRunning /etc/daily.local:\n" 288 1.60 kim cat $TMP 289 1.60 kim fi 290 1.60 kim rm -f $TMP 291 1.18 mrg fi 292
Indexes created Thu Oct 02 10:09:58 GMT 2025