Site Navigation

Date:      Mon, 2 May 2011 03:04:37 -0400
From:      Jason Hellenthal <jhell@DataIX.net>
To:        Andre Albsmeier <Andre.Albsmeier@siemens.com>
Cc:        "freebsd-rc@freebsd.org" <freebsd-rc@freebsd.org>
Subject:   Re: New knob for ignoring readonly fss in 340.noid and 310.locate?
Message-ID:  <20110502070437.GB6066@DataIX.net>
In-Reply-To: <20110502052739.GB20839@curry.mchp.siemens.de>
References:  <20110430102521.GA11716@curry.mchp.siemens.de> <20110430213157.GC5660@DataIX.net> <20110501081930.GA14448@curry.mchp.siemens.de> <20110502025942.GA31396@DataIX.net> <20110502052739.GB20839@curry.mchp.siemens.de>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--E13BgyNx05feLLmH
Content-Type: multipart/mixed; boundary="MW5yreqqjyrRcusr"
Content-Disposition: inline


--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


Andre,


On Mon, May 02, 2011 at 07:27:39AM +0200, Andre Albsmeier wrote:
>On Mon, 02-May-2011 at 04:59:42 +0200, Jason Hellenthal wrote:
>>=20
>> Andre,
>>=20
>>=20
>> On Sun, May 01, 2011 at 10:19:30AM +0200, Andre Albsmeier wrote:
>> >On Sat, 30-Apr-2011 at 23:31:57 +0200, Jason Hellenthal wrote:
>> >>=20
>> >> By default snapshots directories are hidden and treated as a virtual
>> >
>> >Is it possible to hide snapshots directories in UFS?
>> >
>>=20
>> Snapshot directories on UFS are treated differently than they are in
>> ZFS. UFS snapshot directories live as the base of the filesystem and are
>> not auto-mounted perse when you cd(1) into them so therefore there isn't=
 a
>> need to hide them because they cannot be traversed.
>
>They are mounted and they have to be mounted (at least here). If
>they weren't mounted, people couldn't access them. That's why
>they are also being traversed by 310.locate and 340.noid. To
>summarise:
>
>- I use UFS.
>- My snapshots must be mounted.
>- They are being traversed by 310.locate and 340.noid.
>- I don't want the latter.
>
>To accomplish this, I can play around with (directory name dependent)
>exclusion lists for 310.locate and 340.noid. I could also implement
>a rdonly knob.
>

Well for the case of 310.locate this is already of no concern since it
can be finely tuned via /etc/locate.rc

As for 340.noid I played around with that. It should have been modeled
after 100.setuid but it wasn't. Also doesn't really provide any real
useful information other than a filename on output.

Attached is an adjustment to 340.noid that I think you will like and
here is some sample output.

$ sudo sh 340.noid

Check for files with an unknown user or group:
Directories, /
-rw-r--r--  1 404   404    0 May  2 02:44 /test2
-rw-r--r--  1 root  404    0 May  2 02:52 /test3
-rw-r--r--  1 404   wheel  0 May  2 02:53 /test4

After I finish this up I am going to propose a patch for both of
100.setuid and 340.noid so they can provide similiar output to the
above.

For now I have just attached the modified script as it has to unset the
weekly_noid_dir variable before it brings in your local periodic configs
otherwise it wouldn't have let the script function with your config.

Ill write back with an update once that is finished.

PS: You should be able to just drop the attachment into the following
directories for it to take effect and then adjust the directories via
weekly_noid_dir per your periodic.conf or periodic.conf.local

/usr/src/etc/periodic/weekly
/etc/periodic/weekly

--=20

 Regards, (jhell)
 Jason Hellenthal


--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="340.noid"

#!/bin/sh -
#
# $FreeBSD: stable/8/etc/periodic/weekly/340.noid 220107 2011-03-28 19:22:55Z dougb $
#

# If there is a global system configuration file, suck it in.
#
if [ -r /etc/defaults/periodic.conf ]
then
	. /etc/defaults/periodic.conf
	unset weekly_noid_dirs
	source_periodic_confs
fi

case "$weekly_noid_enable" in
	[Yy][Ee][Ss])
		echo ""
		echo "Check for files with an unknown user or group:"

		MP="${weekly_noid_dirs:-`mount -t ufs,zfs |awk '{print $3}' |xargs`}"
		echo "Directories, $MP"
		find -sxH $MP /dev/null \
			\( ! -fstype local -prune -or -name \* \) -and \
			\( -nogroup -o -nouser \) |sed 's/^/  /' |\
			xargs ls -l
		rc=$?
		;;
	*)  rc=0;;
esac

exit $rc

--MW5yreqqjyrRcusr--

--E13BgyNx05feLLmH
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (FreeBSD)
Comment: http://bit.ly/0x89D8547E

iQEcBAEBAgAGBQJNvleEAAoJEJBXh4mJ2FR+xMQH/jTxgNnvJBAp2b902hwFI7z2
FlI5vQHQH1f1RHFWxPrG2ma+ai8utpUZUR0h1Xo7kwvVOd8SdOf2FLyj53JHXB7g
idTRNicQsRCqhjhzEFfvwRoKgviUL6xbfWeF+IKM01XRJcOLnlusJcSFCcTrfByq
AHc7FV1W7pEnwRbp6Hi4w/vZCpzGHRWhg2rVD/B5pbLtvCv/mEw9S82QdblkB5D2
YgQFaBcCwoeSUeFMX1x6+natw9IzU9CfT5DGxDwx9lycAoE4qunMPaHTEoKpDGPf
pw5UThZiS76UyDUfXjm746hcHu/xXPHdESPLpHzgBvqpUuizYo1VzZNXrFUfyYU=
=e6pG
-----END PGP SIGNATURE-----

--E13BgyNx05feLLmH--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110502070437.GB6066>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact