daily revision 1.89
1 1.1 cgd #!/bin/sh - 2 1.1 cgd # 3 1.89 agc # $NetBSD: daily,v 1.89 2013/05/01 05:36:25 agc Exp $ 4 1.21 mikel # @(#)daily 8.2 (Berkeley) 1/25/94 5 1.1 cgd # 6 1.18 mrg 7 1.27 mycroft export PATH=/bin:/usr/bin:/sbin:/usr/sbin 8 1.28 lukem umask 077 9 1.28 lukem 10 1.28 lukem if [ -s /etc/daily.conf ]; then 11 1.28 lukem . /etc/daily.conf 12 1.28 lukem fi 13 1.89 agc if [ -s /etc/pkgpath.conf ]; then 14 1.89 agc . /etc/pkgpath.conf 15 1.89 agc fi 16 1.28 lukem 17 1.77 christos host="$(hostname)" 18 1.77 christos date="$(date)" 19 1.59 jmmv rcvar_manpage='daily.conf(5)' 20 1.1 cgd 21 1.28 lukem echo "To: ${MAILTO:-root}" 22 1.28 lukem echo "Subject: $host daily output for $date" 23 1.28 lukem echo "" 24 1.18 mrg 25 1.25 lukem if [ -f /etc/rc.subr ]; then 26 1.25 lukem . /etc/rc.subr 27 1.25 lukem else 28 1.25 lukem echo "Can't read /etc/rc.subr; aborting." 29 1.25 lukem exit 1; 30 1.25 lukem fi 31 1.25 lukem 32 1.23 phil if [ -z "$MAILTO" -o "$USER" != "root" ]; then 33 1.27 mycroft MAILTO=root 34 1.23 phil fi 35 1.23 phil 36 1.76 jmmv if [ -n "${pkgdb_dir}" ]; then 37 1.76 jmmv echo "WARNING: Setting pkgdb_dir in daily.conf(5) is deprecated" 38 1.76 jmmv echo "WARNING: Please define PKG_DBDIR in pkg_install.conf(5) instead" 39 1.76 jmmv _compat_K_flag="-K ${pkgdb_dir}" 40 1.76 jmmv fi 41 1.76 jmmv 42 1.22 lukem echo "" 43 1.77 christos echo "Uptime: $(uptime)" 44 1.18 mrg 45 1.29 abs # Uncommenting any of the finds below would open up a race condition attack 46 1.29 abs # based on symlinks, potentially allowing removal of any file on the system. 47 1.29 abs # 48 1.17 jtc #echo "" 49 1.17 jtc #echo "Removing scratch and junk files:" 50 1.17 jtc #if [ -d /tmp -a ! -h /tmp ]; then 51 1.17 jtc # cd /tmp && { 52 1.17 jtc # find . -type f -atime +3 -exec rm -f -- {} \; 53 1.17 jtc # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 54 1.17 jtc # >/dev/null 2>&1; } 55 1.17 jtc #fi 56 1.1 cgd 57 1.17 jtc #if [ -d /var/tmp -a ! -h /var/tmp ]; then 58 1.17 jtc # cd /var/tmp && { 59 1.17 jtc # find . ! -name . -atime +7 -exec rm -f -- {} \; 60 1.35 aymeric # find . ! \( -name . -o -name vi.recover \) -type d \ 61 1.35 aymeric # -mtime +1 -exec rmdir -- {} \; \ 62 1.17 jtc # >/dev/null 2>&1; } 63 1.17 jtc #fi 64 1.10 cgd 65 1.15 pk # Additional junk directory cleanup would go like this: 66 1.15 pk #if [ -d /scratch -a ! -h /scratch ]; then 67 1.15 pk # cd /scratch && { 68 1.15 pk # find . ! -name . -atime +1 -exec rm -f -- {} \; 69 1.15 pk # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ 70 1.15 pk # >/dev/null 2>&1; } 71 1.15 pk #fi 72 1.10 cgd 73 1.17 jtc #if [ -d /var/rwho -a ! -h /var/rwho ] ; then 74 1.17 jtc # cd /var/rwho && { 75 1.17 jtc # find . ! -name . -mtime +7 -exec rm -f -- {} \; ; } 76 1.17 jtc #fi 77 1.10 cgd 78 1.70 martti DAILYDIR=$(mktemp -d -t _daily) || exit 1 79 1.18 mrg 80 1.36 lukem trap "/bin/rm -rf $DAILYDIR ; exit 0" EXIT INT QUIT 81 1.18 mrg 82 1.36 lukem if ! cd "$DAILYDIR"; then 83 1.36 lukem echo "Can not cd to $DAILYDIR". 84 1.18 mrg exit 1 85 1.18 mrg fi 86 1.18 mrg 87 1.10 cgd TMP=daily.$$ 88 1.18 mrg TMP2=daily2.$$ 89 1.18 mrg 90 1.25 lukem if checkyesno find_core; then 91 1.62 erh # Turn "foo !bar bax" into "-fstype foo -o ! -fstype bar -o -fstype bax" 92 1.77 christos ignfstypes="$(echo $find_core_ignore_fstypes | \ 93 1.62 erh sed -e's/\(!*\)\([^[:space:]]\{1,\}\)/-o \1 -fstype \2/g' \ 94 1.77 christos -e's/^-o //')" 95 1.82 christos # Turn "foo bar" into "( -path foo -o -path bar ) -prune -o" 96 1.82 christos # Set ignpaths empty if no find_core_ignore_paths given 97 1.82 christos if [ -n "$find_core_ignore_paths" ]; then 98 1.82 christos ignpaths="$(printf " -o -path %s" $find_core_ignore_paths)" 99 1.82 christos ignpaths="( ${ignpaths# -o } ) -prune -o" 100 1.82 christos else 101 1.82 christos ignpaths="" 102 1.82 christos fi 103 1.62 erh find / \( $ignfstypes \) -prune -o \ 104 1.82 christos ${ignpaths} \ 105 1.48 atatat -name 'lost+found' -prune -o \ 106 1.48 atatat \( -name '*.core' -o -name 'core' \) -type f -print > $TMP 107 1.18 mrg # \( -name '[#,]*' -o -name '.#*' -o -name a.out \ 108 1.18 mrg # -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \ 109 1.18 mrg # -a -atime +3 -exec rm -f -- {} \; -a -print > $TMP 110 1.18 mrg 111 1.26 nathanw egrep '\.core$|^core$' $TMP > $TMP2 112 1.18 mrg if [ -s $TMP2 ]; then 113 1.18 mrg echo "" 114 1.18 mrg echo "Possible core dumps:" 115 1.18 mrg cat $TMP2 116 1.18 mrg fi 117 1.18 mrg 118 1.18 mrg # egrep -v '\.core' $TMP > $TMP2 119 1.18 mrg # if [ -s $TMP2 ]; then 120 1.18 mrg # echo "" 121 1.18 mrg # echo "Deleted files:" 122 1.18 mrg # cat $TMP2 123 1.18 mrg # fi 124 1.10 cgd 125 1.18 mrg rm -f $TMP $TMP2 126 1.18 mrg fi 127 1.10 cgd 128 1.25 lukem if checkyesno run_msgs; then 129 1.18 mrg msgs -c 130 1.18 mrg fi 131 1.1 cgd 132 1.25 lukem if checkyesno expire_news && [ -f /etc/news.expire ]; then 133 1.1 cgd /etc/news.expire 134 1.1 cgd fi 135 1.1 cgd 136 1.25 lukem if checkyesno purge_accounting && [ -f /var/account/acct ]; then 137 1.21 mikel echo "" 138 1.21 mikel echo "Purging accounting records:" 139 1.58 mrg if [ -f /var/account/acct.0.gz ]; then 140 1.58 mrg mv /var/account/acct.2.gz /var/account/acct.3.gz 2>/dev/null 141 1.58 mrg mv /var/account/acct.1.gz /var/account/acct.2.gz 2>/dev/null 142 1.58 mrg mv /var/account/acct.0.gz /var/account/acct.1.gz 2>/dev/null 143 1.58 mrg else 144 1.58 mrg mv /var/account/acct.2 /var/account/acct.3 2>/dev/null 145 1.58 mrg mv /var/account/acct.1 /var/account/acct.2 2>/dev/null 146 1.58 mrg mv /var/account/acct.0 /var/account/acct.1 2>/dev/null 147 1.58 mrg fi 148 1.21 mikel cp /var/account/acct /var/account/acct.0 149 1.21 mikel sa -sq 150 1.58 mrg if [ -f /var/account/acct.1.gz ]; then 151 1.58 mrg gzip /var/account/acct.0 152 1.58 mrg fi 153 1.1 cgd fi 154 1.1 cgd 155 1.25 lukem if checkyesno run_calendar; then 156 1.50 jhawk calendar -a > $TMP 2>&1 157 1.18 mrg if [ -s $TMP ]; then 158 1.18 mrg echo "" 159 1.18 mrg echo "Running calendar:" 160 1.18 mrg cat $TMP 161 1.18 mrg fi 162 1.18 mrg rm -f $TMP 163 1.18 mrg fi 164 1.1 cgd 165 1.25 lukem if checkyesno check_disks; then 166 1.55 perry if checkyesno show_remote_fs; then 167 1.72 perry df -hi -t nokernfs,procfs,ptyfs,null,fdesc > $TMP 168 1.55 perry else 169 1.72 perry df -hil -t nokernfs,procfs,ptyfs,null,fdesc > $TMP 170 1.55 perry fi 171 1.52 perry if [ -s /etc/dumpdates ] ; then 172 1.52 perry dump -W > $TMP2 173 1.52 perry fi 174 1.18 mrg if [ -s $TMP -o -s $TMP2 ]; then 175 1.18 mrg echo "" 176 1.18 mrg echo "Checking subsystem status:" 177 1.18 mrg echo "" 178 1.18 mrg echo "disks:" 179 1.18 mrg if [ -s $TMP ]; then 180 1.65 perry cat $TMP | sed 's/Mounted on/Mount/' 181 1.18 mrg echo "" 182 1.18 mrg fi 183 1.18 mrg if [ -s $TMP2 ]; then 184 1.18 mrg cat $TMP2 185 1.18 mrg echo "" 186 1.18 mrg fi 187 1.18 mrg echo "" 188 1.18 mrg fi 189 1.46 bouyer rm -f $TMP $TMP2 190 1.46 bouyer touch $TMP2 191 1.77 christos for dev in $(iostat -x | awk '/^raid/ { print $1 }'); do 192 1.46 bouyer raidctl -s $dev | awk '/^.*: failed$/ {print $0}' > $TMP 193 1.46 bouyer if [ -s $TMP ]; then 194 1.46 bouyer echo "$dev:" >> $TMP2 195 1.46 bouyer cat $TMP >> $TMP2 196 1.46 bouyer fi 197 1.46 bouyer rm -f $TMP 198 1.46 bouyer done 199 1.46 bouyer if [ -s $TMP2 ]; then 200 1.46 bouyer echo "failed RAIDframe component(s):" 201 1.46 bouyer cat $TMP2 202 1.46 bouyer fi 203 1.46 bouyer rm -f $TMP2 204 1.18 mrg fi 205 1.18 mrg 206 1.25 lukem if checkyesno check_mailq; then 207 1.18 mrg mailq > $TMP 208 1.44 lukem if ! grep -q "queue is empty$" $TMP; then 209 1.18 mrg echo "" 210 1.18 mrg echo "mail:" 211 1.18 mrg cat $TMP 212 1.18 mrg fi 213 1.18 mrg fi 214 1.18 mrg 215 1.18 mrg rm -f $TMP 216 1.1 cgd 217 1.25 lukem if checkyesno check_network; then 218 1.18 mrg echo "" 219 1.18 mrg echo "network:" 220 1.54 perry if checkyesno full_netstat; then 221 1.54 perry netstat -inv 222 1.54 perry else 223 1.61 martin netstat -inv | awk 'BEGIN { 224 1.54 perry ifs[""] = 0; 225 1.54 perry } 226 1.54 perry /^[^\*]* / { 227 1.54 perry if (NR == 1) { 228 1.66 jdolecek printf("%-8s %12s %6s %12s %6s %6s\n", 229 1.54 perry $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); 230 1.54 perry next; 231 1.54 perry } 232 1.54 perry if (!($1 in ifs)) { 233 1.66 jdolecek printf("%-8s %12s %6s %12s %6s %6s\n", 234 1.54 perry $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); 235 1.54 perry ifs[$1] = 1; 236 1.54 perry } 237 1.54 perry }' 238 1.54 perry fi 239 1.1 cgd echo "" 240 1.18 mrg t=/var/rwho/* 241 1.18 mrg if [ "$t" != '/var/rwho/*' ]; then 242 1.18 mrg ruptime 243 1.18 mrg fi 244 1.1 cgd fi 245 1.1 cgd 246 1.25 lukem if checkyesno run_fsck; then 247 1.18 mrg echo "" 248 1.18 mrg echo "Checking filesystems:" 249 1.71 bouyer fsck -n -f ${run_fsck_flags} | grep -v '^\*\* Phase' 250 1.18 mrg fi 251 1.1 cgd 252 1.25 lukem if checkyesno run_rdist && [ -f /etc/Distfile ]; then 253 1.85 christos echo "" 254 1.1 cgd echo "Running rdist:" 255 1.20 mikel if [ -d /var/log/rdist ]; then 256 1.77 christos logf="$(date +%Y.%b.%d)" 257 1.20 mikel rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf 258 1.20 mikel else 259 1.20 mikel rdist -f /etc/Distfile 260 1.20 mikel fi 261 1.1 cgd fi 262 1.1 cgd 263 1.89 agc if ${pkg_info} ${_compat_K_flag} -q -E '*'; then 264 1.88 christos if [ -z "$fetch_pkg_vulnerabilities" ]; then 265 1.83 christos echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)." 266 1.83 christos echo "You should set it to YES to enable vulnerability checks" 267 1.83 christos echo "or set it to NO to get rid of this warning." 268 1.85 christos elif checkyesno fetch_pkg_vulnerabilities; then 269 1.86 christos echo "" 270 1.86 christos echo "Fetching package vulnerabilities database:" 271 1.89 agc ( umask 022 && ${pkg_admin} ${_compat_K_flag} \ 272 1.85 christos fetch-pkg-vulnerabilities -u ) 273 1.73 jmmv fi 274 1.73 jmmv fi 275 1.73 jmmv 276 1.25 lukem if checkyesno run_security; then 277 1.36 lukem SECOUT="$DAILYDIR/sec" 278 1.47 grant sh /etc/security > "$SECOUT" 2>&1 279 1.36 lukem if [ ! -s "$SECOUT" ]; then 280 1.49 jhawk if checkyesno send_empty_security; then 281 1.49 jhawk echo "Nothing to report on $date" > "$SECOUT" 282 1.49 jhawk else 283 1.49 jhawk echo "" 284 1.57 atatat echo "Suppressing empty security report." 285 1.49 jhawk fi 286 1.49 jhawk fi 287 1.49 jhawk if [ -s "$SECOUT" ]; then 288 1.78 darcy if checkyesno separate_security_email; then 289 1.78 darcy mail -s "$host daily insecurity output for $date" $MAILTO < $SECOUT 290 1.78 darcy else 291 1.78 darcy echo "" 292 1.78 darcy echo "$host daily insecurity output for $date:" 293 1.78 darcy cat $SECOUT 294 1.78 darcy fi 295 1.28 lukem fi 296 1.34 hubertf fi 297 1.34 hubertf 298 1.34 hubertf if checkyesno run_skeyaudit; then 299 1.52 perry if [ -s /etc/skeykeys ]; then 300 1.52 perry echo "" 301 1.52 perry echo "Checking remaining s/key OTPs:" 302 1.52 perry skeyaudit 303 1.52 perry fi 304 1.31 ad fi 305 1.31 ad 306 1.79 joerg if checkyesno run_makemandb; then 307 1.79 joerg if [ -f /etc/man.conf -a -x /usr/sbin/makemandb ]; then 308 1.79 joerg echo "" 309 1.79 joerg echo "Updating man page index:" 310 1.87 wiz (umask 022; nice -n 5 /usr/sbin/makemandb -Q) 311 1.79 joerg fi 312 1.79 joerg fi 313 1.79 joerg 314 1.31 ad if [ -f /etc/daily.local ]; then 315 1.69 hubertf ( . /etc/daily.local ) > $TMP 2>&1 316 1.60 kim if [ -s $TMP ] ; then 317 1.60 kim printf "\nRunning /etc/daily.local:\n" 318 1.60 kim cat $TMP 319 1.60 kim fi 320 1.60 kim rm -f $TMP 321 1.18 mrg fi 322
Indexes created Sun Oct 12 09:09:55 GMT 2025