|
#!/bin/sh -
|
|
#
|
|
# $OpenBSD: daily,v 1.46 2003/07/28 20:58:48 jmc Exp $
|
|
# From: @(#)daily 8.2 (Berkeley) 1/25/94
|
|
#
|
|
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
|
|
bak=/var/backups
|
|
|
|
if [ -f /etc/daily.local ]; then
|
|
echo ""
|
|
echo "Running daily.local:"
|
|
. /etc/daily.local
|
|
fi
|
|
|
|
TMP=`mktemp /tmp/_daily.XXXXXXXXXX` || exit 1
|
|
OUT=`mktemp /tmp/_security.XXXXXXXXXX` || {
|
|
rm -f ${TMP}
|
|
exit 1
|
|
}
|
|
|
|
trap 'rm -f $TMP $OUT' 0 1 15
|
|
|
|
echo ""
|
|
echo "Removing scratch and junk files:"
|
|
if [ -d /tmp -a ! -L /tmp ]; then
|
|
cd /tmp && {
|
|
find -x . \( -path './ssh-*' -o -path './.X11-unix' \) -prune -o \
|
|
-type f -atime +3 -execdir rm -f -- {} \;
|
|
find -x . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
|
|
>/dev/null 2>&1; }
|
|
fi
|
|
|
|
if [ -d /var/tmp -a ! -L /var/tmp ]; then
|
|
cd /var/tmp && {
|
|
find -x . \( -path './ssh-*' -o -path './.X11-unix' \) -prune -o \
|
|
! -type d -atime +7 -execdir rm -f -- {} \;
|
|
find -x . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
|
|
>/dev/null 2>&1; }
|
|
fi
|
|
|
|
# Additional junk directory cleanup would go like this:
|
|
#if [ -d /scratch -a ! -L /scratch ]; then
|
|
# cd /scratch && {
|
|
# find . ! -name . -atime +1 -execdir rm -f -- {} \;
|
|
# find . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
|
|
# >/dev/null 2>&1; }
|
|
#fi
|
|
|
|
if [ -d /var/rwho -a ! -L /var/rwho ] ; then
|
|
cd /var/rwho && {
|
|
find . ! -name . -mtime +7 -execdir rm -f -- {} \; ; }
|
|
fi
|
|
|
|
#find / \( ! -fstype local -o -fstype rdonly -o -fstype fdesc \
|
|
# -o -fstype kernfs -o -fstype procfs \) -a -prune -o \
|
|
# -name 'lost+found' -a -prune -o \
|
|
# -name '*.core' -a -print -o \
|
|
# \( -name '[#,]*' -o -name '.#*' -o -name a.out \
|
|
# -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \
|
|
# -a -atime +3 -a -execdir rm -f -- {} \; -a -print > $TMP
|
|
|
|
if egrep -q '\.core$' $TMP; then
|
|
echo ""
|
|
echo "Possible core dumps:"
|
|
egrep '\.core$' $TMP
|
|
fi
|
|
|
|
if egrep -qv '\.core$' $TMP; then
|
|
echo ""
|
|
echo "Deleted files:"
|
|
egrep -v '\.core$' $TMP
|
|
fi
|
|
|
|
if [ -d /var/msgs -a ! -L /var/msgs ]; then
|
|
msgs -c
|
|
fi
|
|
|
|
if [ -f /var/account/acct ]; then
|
|
echo ""
|
|
echo "Purging accounting records:"
|
|
mv -f /var/account/acct.2 /var/account/acct.3
|
|
mv -f /var/account/acct.1 /var/account/acct.2
|
|
mv -f /var/account/acct.0 /var/account/acct.1
|
|
cp -f /var/account/acct /var/account/acct.0
|
|
sa -sq
|
|
fi
|
|
|
|
# If ROOTBACKUP is set to 1 in the environment, and
|
|
# if filesystem named /altroot is type ffs, on /dev/* and mounted "xx",
|
|
# use it as a backup root filesystem to be updated daily.
|
|
[ "X$ROOTBACKUP" = X1 ] && {
|
|
rootdev=`awk '$2 == "/" && $1 ~ /^\/dev\// && $3 == "ffs" && \
|
|
$4 ~ /rw/ \
|
|
{ print substr($1, 6) }' < /etc/fstab`
|
|
rootbak=`awk '$2 == "/altroot" && $1 ~ /^\/dev\// && $3 == "ffs" && \
|
|
$4 ~ /xx/ \
|
|
{ print substr($1, 6) }' < /etc/fstab`
|
|
[ X$rootdev != X -a X$rootbak != X ] && {
|
|
sync
|
|
echo ""
|
|
echo "Backing up root filesystem:"
|
|
echo "copying /dev/r$rootdev to /dev/r$rootbak"
|
|
dd if=/dev/r$rootdev of=/dev/r$rootbak bs=16b seek=1 skip=1 \
|
|
conv=noerror
|
|
fsck -y /dev/r$rootbak
|
|
}
|
|
}
|
|
|
|
# Rotation of mail log now handled automatically by cron and 'newsyslog'
|
|
|
|
echo ""
|
|
echo "Checking subsystem status:"
|
|
echo ""
|
|
echo "disks:"
|
|
df -kl
|
|
echo ""
|
|
dump W
|
|
echo ""
|
|
|
|
mailq > $TMP
|
|
if ! grep -q "^/var/spool/mqueue is empty$" $TMP; then
|
|
echo ""
|
|
echo "mail:"
|
|
cat $TMP
|
|
fi
|
|
|
|
echo ""
|
|
echo "network:"
|
|
netstat -ivn
|
|
echo ""
|
|
|
|
t=/var/rwho/*
|
|
if [ "$t" != '/var/rwho/*' ]; then
|
|
echo ""
|
|
ruptime
|
|
fi
|
|
|
|
echo ""
|
|
if [ -d /var/yp/binding -a ! -d /var/yp/`domainname` -o "X$CALENDAR" = X0 ]
|
|
then
|
|
if [ "X$CALENDAR" = X0 ]; then
|
|
echo "Not running calendar, (disabled)."
|
|
else
|
|
echo "Not running calendar, (yp client)."
|
|
fi
|
|
else
|
|
echo "Running calendar in the background."
|
|
calendar -a &
|
|
fi
|
|
|
|
# If CHECKFILESYSTEMS is set to 1 in the environment, run fsck
|
|
# with the no-write flag.
|
|
[ "X$CHECKFILESYSTEMS" = X1 ] && {
|
|
echo ""
|
|
echo "Checking filesystems:"
|
|
fsck -n | grep -v '^\*\* Phase'
|
|
}
|
|
|
|
if [ -f /etc/Distfile ]; then
|
|
echo ""
|
|
echo "Running rdist:"
|
|
if [ -d /var/log/rdist ]; then
|
|
logf=`date +%Y.%b.%e`
|
|
rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf
|
|
else
|
|
rdist -f /etc/Distfile
|
|
fi
|
|
fi
|
|
|
|
sh /etc/security 2>&1 > $OUT
|
|
if [ -s $OUT ]; then
|
|
mail -s "`hostname` daily insecurity output" root < $OUT
|
|
fi
|