From owner-freebsd-rc@FreeBSD.ORG Mon May 2 08:30:46 2011 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 572BF1065673 for ; Mon, 2 May 2011 08:30:46 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id 0B1588FC08 for ; Mon, 2 May 2011 08:30:45 +0000 (UTC) Received: by iyj12 with SMTP id 12so6341152iyj.13 for ; Mon, 02 May 2011 01:30:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:date:from:to:cc:subject:message-id :references:mime-version:content-type:content-disposition :in-reply-to:x-openpgp-key-id:x-openpgp-key-fingerprint :x-openpgp-key-url; bh=CrriIrkmyKe1erGuNxm2XLcNbILH/Xil5eP7gLvxXjA=; b=tiNGwBHKrmPbO1uXyv4dMEH3a1jo8g9FFuIJSvR+vKiLlCJlxELSxhRAL6y9oaB3Tb MvNuWRbR0W7pJ3wXbk0nU9cNqCoOUDfpE6oEqUREtKEIZDpdh5DW/qOV6atda0LVHKnq 8O6XeblLP3np2suznKU/Ec3CdVruERWKz52EQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:x-openpgp-key-id :x-openpgp-key-fingerprint:x-openpgp-key-url; b=gCnlY32PaSvl7bP1QL59+2buldSuAoj5APlAJtm3q4IN1GZY2DyIiNB1396H8MawNe WJizdqcKzyPUfQKqBSLaPKXpEMt369SHWNvkt8AdTp24CfKTe8CbQdvQ3fUzMXEsN/MY p43MDKKAK7FiadglIUYe7r9yJWSrNyu+1DMdc= Received: by 10.42.130.198 with SMTP id w6mr7703549ics.149.1304325045039; Mon, 02 May 2011 01:30:45 -0700 (PDT) Received: from DataIX.net (adsl-99-190-84-116.dsl.klmzmi.sbcglobal.net [99.190.84.116]) by mx.google.com with ESMTPS id g16sm2268212ibb.54.2011.05.02.01.30.43 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 02 May 2011 01:30:44 -0700 (PDT) Sender: "J. Hellenthal" Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.4/8.14.4) with ESMTP id p428Uee9046250 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 2 May 2011 04:30:41 -0400 (EDT) (envelope-from jhell@DataIX.net) Received: (from jhell@localhost) by DataIX.net (8.14.4/8.14.4/Submit) id p428Ueup046249; Mon, 2 May 2011 04:30:40 -0400 (EDT) (envelope-from jhell@DataIX.net) Date: Mon, 2 May 2011 04:30:39 -0400 From: Jason Hellenthal To: Andre Albsmeier Message-ID: <20110502083039.GC6066@DataIX.net> References: <20110430102521.GA11716@curry.mchp.siemens.de> <20110430213157.GC5660@DataIX.net> <20110501081930.GA14448@curry.mchp.siemens.de> <20110502025942.GA31396@DataIX.net> <20110502052739.GB20839@curry.mchp.siemens.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="k4f25fnPtRuIRUb3" Content-Disposition: inline In-Reply-To: <20110502052739.GB20839@curry.mchp.siemens.de> X-OpenPGP-Key-Id: 0x89D8547E X-OpenPGP-Key-Fingerprint: 85EF E26B 07BB 3777 76BE B12A 9057 8789 89D8 547E X-OpenPGP-Key-URL: http://bit.ly/0x89D8547E Cc: "freebsd-rc@freebsd.org" Subject: Re: New knob for ignoring readonly fss in 340.noid and 310.locate? X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 May 2011 08:30:46 -0000 --k4f25fnPtRuIRUb3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Andre, Give this a shot. http://patches.jhell.googlecode.com/hg/340.noid.patch Apply with ( patch -p1 -E < /path/to/340.noid.patch ) Then either copy the resulting script to where it needs to go and remove the old 340.noid or run one of mergemaster or etcupdate. This effectively pushes it to periodic/security/310.chknoid which makes a lot more sense than beeing in weekly as a non-security measure. Introduces: daily_status_security_chknoid_enable=3D"YES" daily_status_security_chknoid_dirs=3D"" By default it populates its directory list with zfs,ufs mountpoints and will not cross mountpoints as per '-x' options to find(1). On Mon, May 02, 2011 at 07:27:39AM +0200, Andre Albsmeier wrote: >On Mon, 02-May-2011 at 04:59:42 +0200, Jason Hellenthal wrote: >>=20 >> Andre, >>=20 >>=20 >> On Sun, May 01, 2011 at 10:19:30AM +0200, Andre Albsmeier wrote: >> >On Sat, 30-Apr-2011 at 23:31:57 +0200, Jason Hellenthal wrote: >> >>=20 >> >> By default snapshots directories are hidden and treated as a virtual >> > >> >Is it possible to hide snapshots directories in UFS? >> > >>=20 >> Snapshot directories on UFS are treated differently than they are in >> ZFS. UFS snapshot directories live as the base of the filesystem and are >> not auto-mounted perse when you cd(1) into them so therefore there isn't= a >> need to hide them because they cannot be traversed. > >They are mounted and they have to be mounted (at least here). If >they weren't mounted, people couldn't access them. That's why >they are also being traversed by 310.locate and 340.noid. To >summarise: > >- I use UFS. >- My snapshots must be mounted. >- They are being traversed by 310.locate and 340.noid. >- I don't want the latter. > >To accomplish this, I can play around with (directory name dependent) >exclusion lists for 310.locate and 340.noid. I could also implement >a rdonly knob. > > -Andre --=20 Regards, (jhell) Jason Hellenthal --k4f25fnPtRuIRUb3 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) Comment: http://bit.ly/0x89D8547E iQEcBAEBAgAGBQJNvmuvAAoJEJBXh4mJ2FR+7BIH/0EEL3p7PizcEQkizixpSugv Bf7NnVoDN/DDoCb0LxqoaLd2FdymXGslpCDO4D40Y8Arvgu8wVN2eIeA58Am+3mx LOHYgE48Ub49bx5jiaMBmHPUoLBL5ELGSRnXYTKL4eGNVHyFfBcWT4pgZhAO2ouN r5PZULrBzXHfegy/OHayP95o8J6+0WkYidQSSkRSTSAyldVGsQeQctVWZXs6ECYq kBe8llKT8ZpcT196PSrvS9OWI2pDzt7+p4qzba5khUQRCKQA8YFY4PBDc9KFNsdT KRLUvb0PHwD8yuRY/A7+46ouJoM0Ks+9mGApwYOAW41p0RoCUCH4zUVW/STcOPU= =wsEP -----END PGP SIGNATURE----- --k4f25fnPtRuIRUb3--