#!/bin/sh - # # $NetBSD: daily,v 1.56 2003/12/10 09:25:36 lukem Exp $ # @(#)daily 8.2 (Berkeley) 1/25/94 # export PATH=/bin:/usr/bin:/sbin:/usr/sbin umask 077 if [ -s /etc/daily.conf ]; then . /etc/daily.conf fi host=`hostname` date=`date` echo "To: ${MAILTO:-root}" echo "Subject: $host daily output for $date" echo "" if [ -f /etc/rc.subr ]; then . /etc/rc.subr else echo "Can't read /etc/rc.subr; aborting." exit 1; fi if [ -z "$MAILTO" -o "$USER" != "root" ]; then MAILTO=root fi echo "" echo "Uptime: " `uptime` # Uncommenting any of the finds below would open up a race condition attack # based on symlinks, potentially allowing removal of any file on the system. # #echo "" #echo "Removing scratch and junk files:" #if [ -d /tmp -a ! -h /tmp ]; then # cd /tmp && { # find . -type f -atime +3 -exec rm -f -- {} \; # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ # >/dev/null 2>&1; } #fi #if [ -d /var/tmp -a ! -h /var/tmp ]; then # cd /var/tmp && { # find . ! -name . -atime +7 -exec rm -f -- {} \; # find . ! \( -name . -o -name vi.recover \) -type d \ # -mtime +1 -exec rmdir -- {} \; \ # >/dev/null 2>&1; } #fi # Additional junk directory cleanup would go like this: #if [ -d /scratch -a ! -h /scratch ]; then # cd /scratch && { # find . ! -name . -atime +1 -exec rm -f -- {} \; # find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ # >/dev/null 2>&1; } #fi #if [ -d /var/rwho -a ! -h /var/rwho ] ; then # cd /var/rwho && { # find . ! -name . -mtime +7 -exec rm -f -- {} \; ; } #fi DAILYDIR=`mktemp -d /tmp/_daily.XXXXXX` || exit 1 trap "/bin/rm -rf $DAILYDIR ; exit 0" EXIT INT QUIT if ! cd "$DAILYDIR"; then echo "Can not cd to $DAILYDIR". exit 1 fi TMP=daily.$$ TMP2=daily2.$$ if checkyesno find_core; then find / \( ! -fstype local -o -fstype rdonly -o -fstype fdesc \ -o -fstype null \ -o -fstype kernfs -o -fstype procfs \) -prune -o \ -name 'lost+found' -prune -o \ \( -name '*.core' -o -name 'core' \) -type f -print > $TMP # \( -name '[#,]*' -o -name '.#*' -o -name a.out \ # -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \ # -a -atime +3 -exec rm -f -- {} \; -a -print > $TMP egrep '\.core$|^core$' $TMP > $TMP2 if [ -s $TMP2 ]; then echo "" echo "Possible core dumps:" cat $TMP2 fi # egrep -v '\.core' $TMP > $TMP2 # if [ -s $TMP2 ]; then # echo "" # echo "Deleted files:" # cat $TMP2 # fi rm -f $TMP $TMP2 fi if checkyesno run_msgs; then msgs -c fi if checkyesno expire_news && [ -f /etc/news.expire ]; then /etc/news.expire fi if checkyesno purge_accounting && [ -f /var/account/acct ]; then echo "" echo "Purging accounting records:" mv /var/account/acct.2 /var/account/acct.3 2>/dev/null mv /var/account/acct.1 /var/account/acct.2 2>/dev/null mv /var/account/acct.0 /var/account/acct.1 2>/dev/null cp /var/account/acct /var/account/acct.0 sa -sq fi if checkyesno run_calendar; then calendar -a > $TMP 2>&1 if [ -s $TMP ]; then echo "" echo "Running calendar:" cat $TMP fi rm -f $TMP fi if checkyesno check_uucp && \ [ -d /var/spool/uucp -a -f /usr/libexec/uucp/clean.daily ]; then echo "" echo "Cleaning up UUCP:" su daemon -c /usr/libexec/uucp/clean.daily fi if checkyesno check_disks; then if checkyesno show_remote_fs; then df -hi -t nokernfs,procfs,null,fdesc > $TMP else df -hil -t nokernfs,procfs,null,fdesc > $TMP fi if [ -s /etc/dumpdates ] ; then dump -W > $TMP2 fi if [ -s $TMP -o -s $TMP2 ]; then echo "" echo "Checking subsystem status:" echo "" echo "disks:" if [ -s $TMP ]; then cat $TMP echo "" fi if [ -s $TMP2 ]; then cat $TMP2 echo "" fi echo "" fi rm -f $TMP $TMP2 touch $TMP2 for dev in `iostat -x | awk '/^raid/ { print $1 }'`; do raidctl -s $dev | awk '/^.*: failed$/ {print $0}' > $TMP if [ -s $TMP ]; then echo "$dev:" >> $TMP2 cat $TMP >> $TMP2 fi rm -f $TMP done if [ -s $TMP2 ]; then echo "failed RAIDframe component(s):" cat $TMP2 fi rm -f $TMP2 fi if checkyesno check_mailq; then mailq > $TMP if ! grep -q "queue is empty$" $TMP; then echo "" echo "mail:" cat $TMP fi fi rm -f $TMP if checkyesno check_uucp && [ -d /var/spool/uucp ]; then (cd /tmp; su -m uucp -c "uustat -a") > $TMP if [ -s $TMP ]; then echo "" echo "uucp:" cat $TMP fi fi rm -f $TMP if checkyesno check_network; then echo "" echo "network:" if checkyesno full_netstat; then netstat -inv else netstat -in | awk 'BEGIN { ifs[""] = 0; } /^[^\*]* / { if (NR == 1) { printf("%-8s %10s %6s %10s %6s %6s\n", $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); next; } if (!($1 in ifs)) { printf("%-8s %10d %6d %10d %6d %6d\n", $1, $(NF-4), $(NF-3), $(NF-2), $(NF-1), $NF); ifs[$1] = 1; } }' fi echo "" t=/var/rwho/* if [ "$t" != '/var/rwho/*' ]; then ruptime fi fi if checkyesno run_fsck; then echo "" echo "Checking filesystems:" fsck -n -f | grep -v '^\*\* Phase' fi echo "" if checkyesno run_rdist && [ -f /etc/Distfile ]; then echo "Running rdist:" if [ -d /var/log/rdist ]; then logf=`date +%Y.%b.%d` rdist -f /etc/Distfile 2>&1 | tee /var/log/rdist/$logf else rdist -f /etc/Distfile fi fi if checkyesno run_security; then SECOUT="$DAILYDIR/sec" sh /etc/security > "$SECOUT" 2>&1 if [ ! -s "$SECOUT" ]; then if checkyesno send_empty_security; then echo "Nothing to report on $date" > "$SECOUT" else echo "" echo "Supressing empty security report." fi fi if [ -s "$SECOUT" ]; then mail -s "$host daily insecurity output for $date" \ $MAILTO < "$SECOUT" fi fi if checkyesno run_skeyaudit; then if [ -s /etc/skeykeys ]; then echo "" echo "Checking remaining s/key OTPs:" skeyaudit fi fi if [ -f /etc/daily.local ]; then echo "" echo "Running /etc/daily.local:" . /etc/daily.local fi