#!/bin/sh - # # $NetBSD: daily,v 1.38 2001/09/17 23:41:32 hubertf Exp $ # @(#)daily 8.2 (Berkeley) 1/25/94 # export PATH=/bin:/usr/bin:/sbin:/usr/sbin umask 077 if [ -s /etc/daily.conf ]; then . /etc/daily.conf fi host=`hostname` date=`date` echo "To: ${MAILTO:-root}" echo "Subject: $host daily output for $date" echo "" if [ -f /etc/rc.subr ]; then . /etc/rc.subr else echo "Can't read /etc/rc.subr; aborting." exit 1; fi if [ -z "$MAILTO" -o "$USER" != "root" ]; then MAILTO=root fi echo "" echo "Uptime: " `uptime` # Uncommenting any of the finds below would open up a race condition attack # based on symlinks, potentially allowing removal of any file on the system. # #echo "" #echo "Removing scratch and junk files:" #if [ -d /tmp -a ! -h /tmp ]; then # cd /tmp && { # find . -type f -atime +3 -exec rm -f -- {} \; # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ # >/dev/null 2>&1; } #fi #if [ -d /var/tmp -a ! -h /var/tmp ]; then # cd /var/tmp && { # find . ! -name . -atime +7 -exec rm -f -- {} \; # find . ! \( -name . -o -name vi.recover \) -type d \ # -mtime +1 -exec rmdir -- {} \; \ # >/dev/null 2>&1; } #fi # Additional junk directory cleanup would go like this: #if [ -d /scratch -a ! -h /scratch ]; then # cd /scratch && { # find . ! -name . -atime +1 -exec rm -f -- {} \; # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ # >/dev/null 2>&1; } #fi #if [ -d /var/rwho -a ! -h /var/rwho ] ; then # cd /var/rwho && { # find . ! -name . -mtime +7 -exec rm -f -- {} \; ; } #fi DAILYDIR=`mktemp -d /tmp/_daily.XXXXXX` || exit 1 trap "/bin/rm -rf $DAILYDIR ; exit 0" EXIT INT QUIT if ! cd "$DAILYDIR"; then echo "Can not cd to $DAILYDIR". exit 1 fi TMP=daily.$$ TMP2=daily2.$$ if checkyesno find_core; then find / \( ! -fstype local -o -fstype rdonly -o -fstype fdesc \ -o -fstype kernfs -o -fstype procfs \) -a -prune -o \ -name 'lost+found' -a -prune -o \ \( -name '*.core' -o -name 'core' \) -a -print > $TMP # \( -name '[#,]*' -o -name '.#*' -o -name a.out \ # -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \ # -a -atime +3 -exec rm -f -- {} \; -a -print > $TMP egrep '\.core$|^core$' $TMP > $TMP2 if [ -s $TMP2 ]; then echo "" echo "Possible core dumps:" cat $TMP2 fi # egrep -v '\.core' $TMP > $TMP2 # if [ -s $TMP2 ]; then # echo "" # echo "Deleted files:" # cat $TMP2 # fi rm -f $TMP $TMP2 fi if checkyesno run_msgs; then msgs -c fi if checkyesno expire_news && [ -f /etc/news.expire ]; then /etc/news.expire fi if checkyesno purge_accounting && [ -f /var/account/acct ]; then echo "" echo "Purging accounting records:" mv /var/account/acct.2 /var/account/acct.3 mv /var/account/acct.1 /var/account/acct.2 mv /var/account/acct.0 /var/account/acct.1 cp /var/account/acct /var/account/acct.0 sa -sq fi if checkyesno run_calendar; then calendar -a > $TMP if [ -s $TMP ]; then echo "" echo "Running calendar:" cat $TMP fi rm -f $TMP fi if checkyesno check_uucp && \ [ -d /var/spool/uucp -a -f /usr/libexec/uucp/clean.daily ]; then echo "" echo "Cleaning up UUCP:" su daemon -c /usr/libexec/uucp/clean.daily fi if checkyesno check_disks; then df -k > $TMP dump W > $TMP2 if [ -s $TMP -o -s $TMP2 ]; then echo "" echo "Checking subsystem status:" echo "" echo "disks:" if [ -s $TMP ]; then cat $TMP echo "" fi if [ -s $TMP2 ]; then cat $TMP2 echo "" fi echo "" fi fi rm -f $TMP $TMP2 if checkyesno check_mailq; then mailq > $TMP if ! grep -q "^Mail queue is empty$" $TMP; then echo "" echo "mail:" cat $TMP fi fi rm -f $TMP if checkyesno check_uucp && [ -d /var/spool/uucp ]; then su -m uucp -c uustat -a > $TMP if [ -s $TMP ]; then echo "" echo "uucp:" cat $TMP fi fi rm -f $TMP if checkyesno check_network; then echo "" echo "network:" netstat -inv echo "" t=/var/rwho/* if [ "$t" != '/var/rwho/*' ]; then ruptime fi fi if checkyesno run_fsck; then echo "" echo "Checking filesystems:" fsck -n -f | grep -v '^\*\* Phase' fi echo "" if checkyesno run_rdist && [ -f /etc/Distfile ]; then echo "Running rdist:" if [ -d /var/log/rdist ]; then logf=`date +%Y.%b.%d` rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf else rdist -f /etc/Distfile fi fi if checkyesno run_security; then SECOUT="$DAILYDIR/sec" sh /etc/security 2>&1 > "$SECOUT" if [ ! -s "$SECOUT" ]; then echo "Nothing to report on $date" > "$SECOUT" fi mail -s "$host daily insecurity output for $date" $MAILTO < "$SECOUT" fi if checkyesno run_skeyaudit; then echo "" echo "Checking remaining s/key OTPs:" skeyaudit fi if [ -f /etc/daily.local ]; then echo "" echo "Running /etc/daily.local:" . /etc/daily.local fi