#
1.97 |
|
03-Mar-2023 |
bluhm |
Process accounting and lastcomm(1) can detect execve(2) violations of pinsyscall(2) policy. Report such findings in daily mail like other security violations. User has to turn on accounting=YES in rc.conf.local to utilize this feature. OK deraadt@
|
#
1.96 |
|
19-Oct-2022 |
sthen |
Exclude /tmp/*.shm files from /tmp cleaning in daily(8); removing them interferes with programs using shm_open(3) which uses them as backing files.
Problem pointed out by jeremy@ in relation to PostgreSQL. Suggestion/ok tb@.
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.95 |
|
20-Oct-2020 |
danj |
Remove calls for df(1), netstat(1), and the verbose dump(1)
With this change, daily(8) only sends email when something looks dubious. Consequently VERBOSESTATUS is now a no-op and may be unset.
The code is trivial and riddled with choices that look like personal preferences. The old behavior can be achieved through /etc/daily.local.
With schwarze@, tweak kn@, sthen@ OK schwarze@, kn@, jung@
|
#
1.94 |
|
08-Oct-2020 |
millert |
Use find -delete instead of execing rm and rmdir. OK sthen@ denis@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.93 |
|
09-Sep-2019 |
bluhm |
Inform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@
|
#
1.92 |
|
25-Jul-2019 |
bluhm |
Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.91 |
|
06-Feb-2018 |
tb |
Print an explicit error if the backup volume is not present in hw.disknames. This can only happen due to a failure or user error. In either case, silent failure makes it hard to discover and debug. Now it will be easy to spot in the daily mail.
ok rob, schwarze
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.96 |
|
19-Oct-2022 |
sthen |
Exclude /tmp/*.shm files from /tmp cleaning in daily(8); removing them interferes with programs using shm_open(3) which uses them as backing files.
Problem pointed out by jeremy@ in relation to PostgreSQL. Suggestion/ok tb@.
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.95 |
|
20-Oct-2020 |
danj |
Remove calls for df(1), netstat(1), and the verbose dump(1)
With this change, daily(8) only sends email when something looks dubious. Consequently VERBOSESTATUS is now a no-op and may be unset.
The code is trivial and riddled with choices that look like personal preferences. The old behavior can be achieved through /etc/daily.local.
With schwarze@, tweak kn@, sthen@ OK schwarze@, kn@, jung@
|
#
1.94 |
|
08-Oct-2020 |
millert |
Use find -delete instead of execing rm and rmdir. OK sthen@ denis@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.93 |
|
09-Sep-2019 |
bluhm |
Inform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@
|
#
1.92 |
|
25-Jul-2019 |
bluhm |
Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.91 |
|
06-Feb-2018 |
tb |
Print an explicit error if the backup volume is not present in hw.disknames. This can only happen due to a failure or user error. In either case, silent failure makes it hard to discover and debug. Now it will be easy to spot in the daily mail.
ok rob, schwarze
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.95 |
|
20-Oct-2020 |
danj |
Remove calls for df(1), netstat(1), and the verbose dump(1)
With this change, daily(8) only sends email when something looks dubious. Consequently VERBOSESTATUS is now a no-op and may be unset.
The code is trivial and riddled with choices that look like personal preferences. The old behavior can be achieved through /etc/daily.local.
With schwarze@, tweak kn@, sthen@ OK schwarze@, kn@, jung@
|
#
1.94 |
|
08-Oct-2020 |
millert |
Use find -delete instead of execing rm and rmdir. OK sthen@ denis@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.93 |
|
09-Sep-2019 |
bluhm |
Inform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@
|
#
1.92 |
|
25-Jul-2019 |
bluhm |
Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.91 |
|
06-Feb-2018 |
tb |
Print an explicit error if the backup volume is not present in hw.disknames. This can only happen due to a failure or user error. In either case, silent failure makes it hard to discover and debug. Now it will be easy to spot in the daily mail.
ok rob, schwarze
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.94 |
|
08-Oct-2020 |
millert |
Use find -delete instead of execing rm and rmdir. OK sthen@ denis@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.93 |
|
09-Sep-2019 |
bluhm |
Inform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@
|
#
1.92 |
|
25-Jul-2019 |
bluhm |
Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.91 |
|
06-Feb-2018 |
tb |
Print an explicit error if the backup volume is not present in hw.disknames. This can only happen due to a failure or user error. In either case, silent failure makes it hard to discover and debug. Now it will be easy to spot in the daily mail.
ok rob, schwarze
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.93 |
|
09-Sep-2019 |
bluhm |
Inform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@
|
#
1.92 |
|
25-Jul-2019 |
bluhm |
Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.91 |
|
06-Feb-2018 |
tb |
Print an explicit error if the backup volume is not present in hw.disknames. This can only happen due to a failure or user error. In either case, silent failure makes it hard to discover and debug. Now it will be easy to spot in the daily mail.
ok rob, schwarze
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.92 |
|
25-Jul-2019 |
bluhm |
Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.91 |
|
06-Feb-2018 |
tb |
Print an explicit error if the backup volume is not present in hw.disknames. This can only happen due to a failure or user error. In either case, silent failure makes it hard to discover and debug. Now it will be easy to spot in the daily mail.
ok rob, schwarze
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.91 |
|
06-Feb-2018 |
tb |
Print an explicit error if the backup volume is not present in hw.disknames. This can only happen due to a failure or user error. In either case, silent failure makes it hard to discover and debug. Now it will be easy to spot in the daily mail.
ok rob, schwarze
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
10-Jul-2017 |
bluhm |
Test if an acct file exists before trying to rename it. This silences false warnings in the frist three daily mails after process accounting has been turned on. from Raf Czlonka
|
#
1.89 |
|
10-Jun-2017 |
bluhm |
Report processes that were killed due to pledge or memory access violations in the daily mail. OK millert@ jmc@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.88 |
|
29-Apr-2016 |
schwarze |
Delete invocation of mailq(1) that was present for historical reasons. On a real mailserver, it's too noisy and may be a privacy concern. On a machine that's not a mailserver, it's pointless.
Besides, Theo points out that running subsystems that potentially parse untrusted user data daily, at a predictable time, as root is not a very good idea in the first place.
Suggested by millert@; gilles@ matthieu@ deraadt@ sthen@ agree
|
#
1.87 |
|
01-Apr-2016 |
ajacoutot |
Tweak rcctl wording.
from ian@
|
#
1.86 |
|
01-Apr-2016 |
ajacoutot |
Rename the 'faulty' list action to 'failed'; it clearer.
prodded by matthieu@ ok millert@ jung@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.85 |
|
28-Jan-2016 |
schwarze |
Run "rcctl ls faulty", which is silent when all services work as expected. Based on an original idea and a different patch from landry@. OK jung@ zhuk@ landry@ krw@ agreed to the general idea
|
#
1.84 |
|
30-Dec-2015 |
rpe |
Remove portslocks from /etc/daily. The ports LOCKDIR was moved from /tmp to /usr/ports/pobj years ago.
OK millert@, ajacoutot@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.83 |
|
29-Apr-2015 |
halex |
VERBOSESTATUS or no VERBOSESTATUS, failed or missing dumps are still worth noting
"go ahead" schwarze@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.82 |
|
17-Nov-2014 |
deraadt |
Make /var/tmp a symbolic link to /tmp. The creation of /var/tmp in the often space-constrained /var filesystem was a historical mistake. There are big implications for the daemons which assume they won't run out of space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had. vi.recover works just as well as before, except on memory filesystems; indicating that vi should be repaired to write files into homedirs or something.
done with rpe ok many
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
02-Jul-2014 |
sthen |
don't clear tmux session sockets in daily(8)'s tmp cleanup, from Rafael Zalamena ok schwarze@
|
#
1.80 |
|
24-Apr-2014 |
tedu |
jmc spotted more ruptime tentacles
|
#
1.79 |
|
24-Apr-2014 |
tedu |
rm rwhod tentacles
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.78 |
|
12-Dec-2013 |
brad |
Have df(1) in the daily output show the inodes used/free.
a few developers thought this was a reasonable/good idea.
|
#
1.77 |
|
03-Nov-2013 |
deraadt |
ugly spaces
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.76 |
|
06-Jan-2013 |
deraadt |
backout atactl check; I had warned that this would try a lot of code paths which are rarely tried. Problem reported by a few on the list.
|
#
1.75 |
|
11-Dec-2012 |
ajacoutot |
Add a SMART check using atactl(8) against disks that support and have SMART enabled.
Committing now so that it gets broader testing. Man page bits will be added once we are confident there is no side effect and this can stay.
inputs from sthen@ halex@ weerd@ ok deraadt@
|
Revision tags: OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.74 |
|
11-Feb-2012 |
krw |
Fix previous fix for /altroot processing. Should now work for both duid and device entries in fstab. As a bonus make commented out lines in fstab in-eligable for altroot detection.
ok halex@ deraadt@
|
#
1.73 |
|
08-Feb-2012 |
krw |
Let /altroot work with a duid-based fstab.
Reported by & fix tested by Dave Anderson. Thanks!
ok deraadt@
|
#
1.72 |
|
06-Dec-2011 |
halex |
closing fd 0-2 is indeed bad style and potentially dangerous, as pointed out by Arne Becker, who also supplied the diff, thanks!
ok schwarze@ agreed by many
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.71 |
|
23-Apr-2011 |
schwarze |
Even though SUIDSKIP used to be a mere shell variable, it was propagated to the old /etc/security script because daily sourced it. Now we fork and exec, so SUIDSKIP must be promoted to the environment. Problem reported, fix tested and ok weerd@.
|
#
1.70 |
|
17-Apr-2011 |
schwarze |
Switch from the old shell script /etc/security to the new Perl script /usr/libexec/security. The new script was tested by sthen@ and ajacoutot@. Committing now due to repeated prodding from deraadt@. In case problems show up, they will be fixed in tree.
|
#
1.69 |
|
15-Apr-2011 |
halex |
Silence errors in the temp dir cleanup process
ok phessler@ sthen@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.68 |
|
22-Sep-2010 |
deraadt |
Kill msgs. Noone uses it, and it has a longjmp in it. Lots of agreement.
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.67 |
|
25-Jul-2010 |
espie |
handle portslock. reminded by antoine@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.66 |
|
26-May-2009 |
schwarze |
Three rdist log file name improvements on one single line: 1) replace +%e by +%d, unescaped blanks don't work at all in file names 2) replace +%b by +%m to make log files sort better by month 3) replace the home-grown +%Y.%m.%d by the standard +%F (= +%Y-%m-%d) from Tim van der Molen <tbvdm at xs4all dot nl>, thanks! ok okan@
|
#
1.65 |
|
25-May-2009 |
schwarze |
polish comments, no functional change: 1) advertise *.local and next_part near the top of the three scripts 2) daily: mention smtpd(8) mailq behaviour (like for sendmail, postfix, exim) 3) weekly: drop a comment trivially rehashing the next two lines of code documenting next_part in the scripts was suggested by jmc@ ok sthen@ okan@ halex@; "i won't object" ajacoutot@
|
#
1.64 |
|
24-May-2009 |
schwarze |
Before dd'ing raw partitions around, do stricter sanity checking: Do not attempt to copy a larger partition onto a smaller one. Backup of non-ffs root partitions was never supported, so don't even try. (Both of the above suggested by guenther@). Also add error messages in case ROOTBACKUP is switched on but severely misconfigured - those were silently ignored in the past: /altroot not defined or wrong type or on the same device as root. otto@ agrees that checking the sizes makes sense
|
#
1.63 |
|
21-May-2009 |
schwarze |
skip the ROOTBACKUP when the destination disk device is not configured; suggested, tweaked and ok by guenther@
|
#
1.62 |
|
18-May-2009 |
schwarze |
handle PATH in the same way as in monthly(8) and weekly(8), i.e. rely on the PATH set up in the root crontab(5) in case /usr/local/bin is needed, daily.local is a logical place to append it suggested by ajacoutot@; "i like this" okan@; feedback jmc@ deraadt@; "i don't strongly object" sthen@
|
#
1.61 |
|
17-May-2009 |
schwarze |
move kern.version and uptime back to the top of the output by moving it down to the bottom of the code; "I definitely like this" ajacoutot@
|
#
1.60 |
|
11-May-2009 |
schwarze |
New variable VERBOSESTATUS (=1 by default). When set to 0, daily(8) won't send mail unless there is something to report. Using feedback from kettenis@ henning@ jmc@ OK sthen@ jmc@
|
#
1.59 |
|
10-May-2009 |
schwarze |
avoid unnecessary changes of the output in order not to annoy parser scripts and their owners (like henning@)
|
#
1.58 |
|
09-May-2009 |
schwarze |
make weekly and monthly silent by default add the same infrastructure to daily; silencing daily needs another step discussed with ajacoutot@ okan@ todd@ sthen@ deraadt@ jmc@ "immediately commit" deraadt@ (without seeing the final diff)
|
#
1.57 |
|
03-May-2009 |
schwarze |
remove dead code and the associated documentation while here, remove the misleading shbang and an unused variable and add the missing cross reference to ac(8) ok sthen@ jmc@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.56 |
|
26-Oct-2006 |
ajacoutot |
Force umask to 022 so we don't heritate 077 from root's crontab command (output logs are still umask 077)
"i think this is right" deraadt@
|
#
1.55 |
|
04-Oct-2006 |
deraadt |
make code look better
|
#
1.54 |
|
04-Oct-2006 |
hugh |
Exit when asked to. OK by deraadt, spotted by lumpy.
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.53 |
|
06-Dec-2005 |
pedro |
Remove fdescfs
|
#
1.52 |
|
24-Nov-2005 |
pedro |
Remove kernfs, okay deraadt@.
|
#
1.51 |
|
29-Sep-2005 |
deraadt |
ok, add uptime after kernel version
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.50 |
|
17-Mar-2005 |
millert |
Don't rmdir .ICE-unix from /tmp or /var/tmp either. OK deraadt@
|
#
1.49 |
|
16-Mar-2005 |
millert |
Don't rmdir vi.recover or .X11-unix from /tmp or /var/tmp. OK deraadt@
|
#
1.48 |
|
07-Dec-2004 |
millert |
Use df to verify that we are not booted from the altboot before doing the / -> /altroot copy. OK deraadt@
|
#
1.47 |
|
15-Nov-2004 |
nick |
add kern.version to daily report. ok deraadt@
|
Revision tags: OPENBSD_3_4_BASE OPENBSD_3_5_BASE OPENBSD_3_6_BASE
|
#
1.46 |
|
28-Jul-2003 |
jmc |
remove check for /etc/news.expire; ok millert@
|
#
1.45 |
|
30-Jun-2003 |
avsm |
some more extra mktemp randomness; millert@ ok
|
#
1.44 |
|
03-Jun-2003 |
mickey |
by means of utilising -f avoid some warnings when rotating accounting files; millert@ ok
|
#
1.43 |
|
28-Mar-2003 |
jmc |
- no more /var/ssyslog (unused) - no more /var/spool/lpd (lpd uses /var/spool/output) - no more /var/preserve (old vi directory) - update docs to reflect this
help with systrace provos@ help and ok millert@
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.42 |
|
08-Feb-2003 |
pvalchev |
When creating > 1 files with mktemp(1), make sure that if the creation of the n'th (n>1) file fails, the previous ones get removed before exit(1) Idea by jason; ok millert deraadt
|
#
1.41 |
|
07-Dec-2002 |
millert |
Use `hostname` not `hostname -s` in subject for consistency with daily, weekly, and monthly. Closes PR 3017.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.40 |
|
12-Sep-2002 |
danh |
have df only display statistics about local filesystems (-l flag)
ok millert@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.39 |
|
19-Nov-2001 |
deraadt |
zap trailing spaces and tabs
|
#
1.38 |
|
29-Oct-2001 |
millert |
Change when calendar(1) is such so that it is after mailq runs. That way we avoid a flurry of transient calendar mail in the mailq.
|
#
1.37 |
|
24-Oct-2001 |
espie |
Be anal about ssh and X11 hooks.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.36 |
|
09-Sep-2001 |
deraadt |
the first part of uucp going away. It will become a package
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.35 |
|
06-Mar-2001 |
niklas |
branches: 1.35.2; Add -n to the netstat invocation. Faster running, less chance of being spoofed, no unneeded dial-on-demands
|
#
1.34 |
|
04-Jan-2001 |
angelos |
Correctly check empty mailq, closes PR 1602 (cjclark@alum.mit.edu)
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.33 |
|
26-May-2000 |
marc |
branches: 1.33.2;
pipe output from /etc/security to a temp file and then check that output was created before sending off a mail message to root. This suppresses an empty mail message and a warning appended to the end of the daily status report. OK millert@
|
#
1.32 |
|
26-May-2000 |
aaron |
Conform to the test(1) man page: use -L instead of -h when testing for symbolic links (the -h flag is for compatibility only); millert@ ok
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.31 |
|
29-Apr-2000 |
millert |
Prune /tmp traversal at .X11-unix Since /tmp might be a link to /var/tmp, prune at ssh-* or .X11-unix like the find on /tmp does.
|
#
1.30 |
|
28-Apr-2000 |
itojun |
use netstat -iv, not -i, to avoid truncation of ipv6 address. ok by deraadt
|
#
1.29 |
|
24-Apr-2000 |
todd |
fix per pr1192; also == "xx" -> ~ /xx/, same thought
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.28 |
|
16-Mar-1999 |
deraadt |
run pruning find with -x, to avoid /tmp based mountpoint pruning
|
#
1.27 |
|
29-Nov-1998 |
deraadt |
no need for Subject: line, crontab does it
|
#
1.26 |
|
11-Nov-1998 |
downsj |
Only run msgs -c if /var/msgs exists and is not a symlink.
|
Revision tags: OPENBSD_2_4_BASE
|
#
1.25 |
|
13-Aug-1998 |
millert |
Don't prune dirs in /var/tmp on first pass; problem noted by m4@umn.edu
|
#
1.24 |
|
30-Jun-1998 |
deraadt |
do not delete files like that, geez
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
07-Mar-1998 |
millert |
Don't remove files in /tmp/ssh-*
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
21-Oct-1997 |
mickey |
fix root backup
|
#
1.21 |
|
15-Sep-1997 |
deraadt |
indent
|
#
1.20 |
|
15-Sep-1997 |
pierre |
run calendar in the background
|
#
1.19 |
|
30-May-1997 |
deraadt |
1 fix from enami@ba2.so-net.or.jp
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.18 |
|
19-Feb-1997 |
millert |
Add option to turn off calendar via env variables settable via cron. Ie: ``CALENDAR=0'' will turn it off which is useful for machines with no local users that do not run YP.
|
#
1.17 |
|
17-Jan-1997 |
millert |
lite2 daily + our changes. We can remove old tmp files now that fts(3) is safe and we have -execdir.
|
#
1.16 |
|
03-Jan-1997 |
millert |
No point in ls'ing the template, it will never exist.
|
#
1.15 |
|
15-Dec-1996 |
millert |
Less output when not needed.
|
#
1.14 |
|
07-Dec-1996 |
millert |
use mktemp(1) and don't talk about core files unless it finds some.
|
#
1.13 |
|
07-Dec-1996 |
bitblt |
Improved handling of temporary files.
|
#
1.12 |
|
06-Dec-1996 |
deraadt |
indicate hostname in security report
|
#
1.11 |
|
04-Dec-1996 |
deraadt |
indent
|
#
1.10 |
|
06-Nov-1996 |
deraadt |
only run calendar on yp server; from matthieu@laas.fr
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.9 |
|
27-Jul-1996 |
downsj |
slight clarification.
|
#
1.8 |
|
18-Jul-1996 |
downsj |
daily: disable the fscks by default. rc: add /usr/local/lib to ldconfig.
|
#
1.7 |
|
12-Jul-1996 |
deraadt |
still print about ugly files; from Todd.Miller@cs.colorado.edu
|
#
1.6 |
|
17-Jun-1996 |
deraadt |
whoops
|
#
1.5 |
|
16-Jun-1996 |
deraadt |
disable find | rm entities until we have a safe way of doing them
|
#
1.4 |
|
26-May-1996 |
deraadt |
sync & label
|
#
1.3 |
|
23-Apr-1996 |
deraadt |
sync with netbsd 960418
|
#
1.2 |
|
19-Dec-1995 |
david |
check for /etc/{daily,weekly,monthly}.local and run if they exist
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|