Date: Fri, 4 May 2012 11:02:01 -0700 From: Freddie Cash <fjwcash@gmail.com> To: Bryan Drewery <bryan@shatow.net> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: Make filesystem type configurable for periodic(8)? Message-ID: <CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw@mail.gmail.com> In-Reply-To: <4FA3FF18.4000309@shatow.net> References: <CAOjFWZ4VxyMLSzzWsUMj21HccZkzwPUtM5PWAS-oaaocCLN8Dw@mail.gmail.com> <4FA3FF18.4000309@shatow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--047d7b2ed48f99e0f904bf39b7e9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Fri, May 4, 2012 at 9:08 AM, Bryan Drewery <bryan@shatow.net> wrote: > On 05/04/2012 11:05 AM, Freddie Cash wrote: >> A few of the periodic(8) scripts in FreeBSD have constructs similar to >> the following to get which filesystems to scan for various things: >> =C2=A0 =C2=A0 MP=3D`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { prin= t $3 }'` >> >> For systems with large ZFS pools, and many ZFS filesystems, these >> periodic scripts can grind it to its knees, and then some. =C2=A0For >> backups servers where we don't really care about the >> ownership/permissions of files from the FreeBSD perspective, we really >> don't want the ZFS filesytems to be scanned; only the UFS ones for the >> FreeBSD OS install. =C2=A0To that end, I have to manually edit these fil= es >> to remove the ",zfs": >> =C2=A0 =C2=A0 MP=3D`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $3= }'` >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 ^^^^^^^^ >> Would it be worthwhile to anyone else to make the filesystem type(s) >> to scan via the periodic(8) scripts a variable that's set by default >> in /etc/defaults/periodic.conf and that user's can override via >> /etc/periodic.conf? >> >> Or, am I the only one that's suffering here? =C2=A0:) >> >> If there's interesting in this, I can look into coming up with some >> patches. =C2=A0But wanted to check if anyone else would find it useful. >> > > I would find this useful. But further, I have a ZFS root pool as well as > a ZFS backup pool. I don't want to exclude all of ZFS, just certain > pools, or even certain datasets. Would you mind testing the attached patch? It adds four new variables for use in periodic.conf (defaults shown): daily_status_security_chksetuid_fs=3D"ufs,zfs" daily_status_security_chksetuid_fs_ignore=3D"" daily_status_security_neggrpperm_fs=3D"ufs,zfs" daily_status_security_neggrpperm_fs_ignore=3D"" The _fs variables take filesystem types, as would be passed to mount(8). These limit the entire search based on type, so an all or nothing approach. The _fs_ignore variables are space separated lists of mountpoints to skip. So you can leave zfs in the _fs list, and then list specific filesystems here that you do not want to be scanned. I don't claim to be any great shell script writer, but this appears to do the job. Any suggestions, pointers, comments, etc welcomed. :) --=20 Freddie Cash fjwcash@gmail.com --047d7b2ed48f99e0f904bf39b7e9 Content-Type: application/octet-stream; name="periodic-fs-type.patch" Content-Disposition: attachment; filename="periodic-fs-type.patch" Content-Transfer-Encoding: base64 X-Attachment-Id: f_h1tjroap0 LS0tIGRlZmF1bHRzL3BlcmlvZGljLmNvbmYub3JpZwkyMDEyLTA1LTA0IDEwOjQ0OjEzLjAwMDAw MDAwMCAtMDcwMAorKysgZGVmYXVsdHMvcGVyaW9kaWMuY29uZgkyMDEyLTA1LTA0IDA5OjM4OjE4 LjAwMDAwMDAwMCAtMDcwMApAQCAtMTcwLDkgKzE3MCwxMyBAQAogCiAjIDEwMC5jaGtzZXR1aWQK IGRhaWx5X3N0YXR1c19zZWN1cml0eV9jaGtzZXR1aWRfZW5hYmxlPSJZRVMiCitkYWlseV9zdGF0 dXNfc2VjdXJpdHlfY2hrc2V0dWlkX2ZzPSJ1ZnMsemZzIgkJIyBGaWxlc3lzdGVtIHR5cGVzIHRv IHNjYW4KK2RhaWx5X3N0YXR1c19zZWN1cml0eV9jaGtzZXR1aWRfZnNfaWdub3JlPSIiCQkjIExp c3Qgb2YgZmlsZXN5c3RlbXMgdG8gc2tpcAogCiAjIDExMC5uZWdncnBwZXJtCiBkYWlseV9zdGF0 dXNfc2VjdXJpdHlfbmVnZ3JwcGVybV9lbmFibGU9IllFUyIKK2RhaWx5X3N0YXR1c19zZWN1cml0 eV9uZWdncnBwZXJtX2ZzPSJ1ZnMsemZzIgkJIyBGaWxlc3lzdGVtIHR5cGVzIHRvIHNjYW4KK2Rh aWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzPSIiCQkJIyBMaXN0IG9mIGZpbGVzeXN0 ZW1zIHRvIHNraXAKIAogIyAyMDAuY2hrbW91bnRzCiBkYWlseV9zdGF0dXNfc2VjdXJpdHlfY2hr bW91bnRzX2VuYWJsZT0iWUVTIgoKLS0tIHBlcmlvZGljL3NlY3VyaXR5LzEwMC5jaGtzZXR1aWQu b3JpZwkyMDEyLTA1LTA0IDEwOjQ2OjA1LjAwMDAwMDAwMCAtMDcwMAorKysgcGVyaW9kaWMvc2Vj dXJpdHkvMTAwLmNoa3NldHVpZAkyMDEyLTA1LTA0IDEwOjQ2OjQ3LjAwMDAwMDAwMCAtMDcwMApA QCAtNDMsNyArNDMsMTIgQEAKICAgICBbWXldW0VlXVtTc10pCiAJZWNobyAiIgogCWVjaG8gJ0No ZWNraW5nIHNldHVpZCBmaWxlcyBhbmQgZGV2aWNlczonCi0JTVA9YG1vdW50IC10IHVmcyx6ZnMg fCBhd2sgJyQwICF+IC9ubyhzdWlkfGV4ZWMpLyB7IHByaW50ICQzIH0nYAorCWlmIFsgLXogIiRk YWlseV9zdGF0dXNfc2VjdXJpdHlfY2hrc2V0dWlkX2ZzX2lnbm9yZSIgXTsgdGhlbgorCQlNUD1g bW91bnQgLXQgJGRhaWx5X3N0YXR1c19zZWN1cml0eV9jaGtzZXR1aWRfZnMgfCBhd2sgJyQwICF+ IC9ubyhzdWlkfGV4ZWMpLyB7IHByaW50ICQzIH0nYAorCWVsc2UKKwkJZGFpbHlfc3RhdHVzX3Nl Y3VyaXR5X2Noa3NldHVpZF9mc19pZ25vcmU9YCBlY2hvICRkYWlseV9zdGF0dXNfc2VjdXJpdHlf Y2hrc2V0dWlkX2ZzX2lnbm9yZSB8IHNlZCAncy9cIC9cfC9nJ2AKKwkJTVA9YG1vdW50IC10ICRk YWlseV9zdGF0dXNfc2VjdXJpdHlfY2hrc2V0dWlkX2ZzIHwgYXdrICckMCAhfiAvbm8oc3VpZHxl eGVjKS8geyBwcmludCAkMyB9J3wgZWdyZXAgLXZlICIkZGFpbHlfc3RhdHVzX3NlY3VyaXR5X2No a3NldHVpZF9mc19pZ25vcmUiYAorCWZpCiAJZmluZCAtc3ggJE1QIC9kZXYvbnVsbCAtdHlwZSBm IFwKIAkgICAgXCggLXBlcm0gLXUreCAtb3IgLXBlcm0gLWcreCAtb3IgLXBlcm0gLW8reCBcKSBc CiAJICAgIFwoIC1wZXJtIC11K3MgLW9yIC1wZXJtIC1nK3MgXCkgLWV4ZWMgbHMgLWxpVGQgXHtc fSBcKyB8CgotLS0gcGVyaW9kaWMvc2VjdXJpdHkvMTEwLm5lZ2dycHBlcm0ub3JpZwkyMDEyLTA1 LTA0IDEwOjU0OjIzLjAwMDAwMDAwMCAtMDcwMAorKysgcGVyaW9kaWMvc2VjdXJpdHkvMTEwLm5l Z2dycHBlcm0JMjAxMi0wNS0wNCAxMDo0ODoxNi4wMDAwMDAwMDAgLTA3MDAKQEAgLTQxLDYgKzQx LDEyIEBACiAgICAgW1l5XVtFZV1bU3NdKQogCWVjaG8gIiIKIAllY2hvICdDaGVja2luZyBuZWdh dGl2ZSBncm91cCBwZXJtaXNzaW9uczonCisJaWYgWyAteiAiJGRhaWx5X3N0YXR1c19zZWN1cml0 eV9uZWdncnBwZXJtX2ZzX2lnbm9yZSIgXTsgdGhlbgorCQlNUD1gbW91bnQgLXQgJGRhaWx5X3N0 YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzIHwgYXdrICckMCAhfiAvbm8oc3VpZHxleGVjKS8g eyBwcmludCAkMyB9J2AKKwllbHNlCisJCWRhaWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJt X2ZzX2lnbm9yZT1gIGVjaG8gJGRhaWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzX2ln bm9yZSB8IHNlZCAncy9cIC9cfC9nJ2AKKwkJTVA9YG1vdW50IC10ICRkYWlseV9zdGF0dXNfc2Vj dXJpdHlfbmVnZ3JwcGVybV9mcyB8IGF3ayAnJDAgIX4gL25vKHN1aWR8ZXhlYykvIHsgcHJpbnQg JDMgfSd8IGVncmVwIC12ZSAiJGRhaWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzX2ln bm9yZSJgCisgICAgICAgIGZpCiAJTVA9YG1vdW50IC10IHVmcyx6ZnMgfCBhd2sgJyQwICF+IC9u byhzdWlkfGV4ZWMpLyB7IHByaW50ICQzIH0nYAogCW49JChmaW5kIC1zeCAkTVAgL2Rldi9udWxs IC10eXBlIGYgXAogCSAgICBcKCBcKCAhIC1wZXJtICswMTAgLWFuZCAtcGVybSArMDAxIFwpIC1v ciBcCg== --047d7b2ed48f99e0f904bf39b7e9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw>