Date: Fri, 4 May 2012 11:02:01 -0700 From: Freddie Cash <fjwcash@gmail.com> To: Bryan Drewery <bryan@shatow.net> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: Make filesystem type configurable for periodic(8)? Message-ID: <CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw@mail.gmail.com> In-Reply-To: <4FA3FF18.4000309@shatow.net> References: <CAOjFWZ4VxyMLSzzWsUMj21HccZkzwPUtM5PWAS-oaaocCLN8Dw@mail.gmail.com> <4FA3FF18.4000309@shatow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--047d7b2ed48f99e0f904bf39b7e9
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On Fri, May 4, 2012 at 9:08 AM, Bryan Drewery <bryan@shatow.net> wrote:
> On 05/04/2012 11:05 AM, Freddie Cash wrote:
>> A few of the periodic(8) scripts in FreeBSD have constructs similar to
>> the following to get which filesystems to scan for various things:
>> =C2=A0 =C2=A0 MP=3D`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { prin=
t $3 }'`
>>
>> For systems with large ZFS pools, and many ZFS filesystems, these
>> periodic scripts can grind it to its knees, and then some. =C2=A0For
>> backups servers where we don't really care about the
>> ownership/permissions of files from the FreeBSD perspective, we really
>> don't want the ZFS filesytems to be scanned; only the UFS ones for the
>> FreeBSD OS install. =C2=A0To that end, I have to manually edit these fil=
es
>> to remove the ",zfs":
>> =C2=A0 =C2=A0 MP=3D`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $3=
}'`
>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 ^^^^^^^^
>> Would it be worthwhile to anyone else to make the filesystem type(s)
>> to scan via the periodic(8) scripts a variable that's set by default
>> in /etc/defaults/periodic.conf and that user's can override via
>> /etc/periodic.conf?
>>
>> Or, am I the only one that's suffering here? =C2=A0:)
>>
>> If there's interesting in this, I can look into coming up with some
>> patches. =C2=A0But wanted to check if anyone else would find it useful.
>>
>
> I would find this useful. But further, I have a ZFS root pool as well as
> a ZFS backup pool. I don't want to exclude all of ZFS, just certain
> pools, or even certain datasets.
Would you mind testing the attached patch? It adds four new variables
for use in periodic.conf (defaults shown):
daily_status_security_chksetuid_fs=3D"ufs,zfs"
daily_status_security_chksetuid_fs_ignore=3D""
daily_status_security_neggrpperm_fs=3D"ufs,zfs"
daily_status_security_neggrpperm_fs_ignore=3D""
The _fs variables take filesystem types, as would be passed to
mount(8). These limit the entire search based on type, so an all or
nothing approach.
The _fs_ignore variables are space separated lists of mountpoints to
skip. So you can leave zfs in the _fs list, and then list specific
filesystems here that you do not want to be scanned.
I don't claim to be any great shell script writer, but this appears to
do the job. Any suggestions, pointers, comments, etc welcomed. :)
--=20
Freddie Cash
fjwcash@gmail.com
--047d7b2ed48f99e0f904bf39b7e9
Content-Type: application/octet-stream; name="periodic-fs-type.patch"
Content-Disposition: attachment; filename="periodic-fs-type.patch"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_h1tjroap0
LS0tIGRlZmF1bHRzL3BlcmlvZGljLmNvbmYub3JpZwkyMDEyLTA1LTA0IDEwOjQ0OjEzLjAwMDAw
MDAwMCAtMDcwMAorKysgZGVmYXVsdHMvcGVyaW9kaWMuY29uZgkyMDEyLTA1LTA0IDA5OjM4OjE4
LjAwMDAwMDAwMCAtMDcwMApAQCAtMTcwLDkgKzE3MCwxMyBAQAogCiAjIDEwMC5jaGtzZXR1aWQK
IGRhaWx5X3N0YXR1c19zZWN1cml0eV9jaGtzZXR1aWRfZW5hYmxlPSJZRVMiCitkYWlseV9zdGF0
dXNfc2VjdXJpdHlfY2hrc2V0dWlkX2ZzPSJ1ZnMsemZzIgkJIyBGaWxlc3lzdGVtIHR5cGVzIHRv
IHNjYW4KK2RhaWx5X3N0YXR1c19zZWN1cml0eV9jaGtzZXR1aWRfZnNfaWdub3JlPSIiCQkjIExp
c3Qgb2YgZmlsZXN5c3RlbXMgdG8gc2tpcAogCiAjIDExMC5uZWdncnBwZXJtCiBkYWlseV9zdGF0
dXNfc2VjdXJpdHlfbmVnZ3JwcGVybV9lbmFibGU9IllFUyIKK2RhaWx5X3N0YXR1c19zZWN1cml0
eV9uZWdncnBwZXJtX2ZzPSJ1ZnMsemZzIgkJIyBGaWxlc3lzdGVtIHR5cGVzIHRvIHNjYW4KK2Rh
aWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzPSIiCQkJIyBMaXN0IG9mIGZpbGVzeXN0
ZW1zIHRvIHNraXAKIAogIyAyMDAuY2hrbW91bnRzCiBkYWlseV9zdGF0dXNfc2VjdXJpdHlfY2hr
bW91bnRzX2VuYWJsZT0iWUVTIgoKLS0tIHBlcmlvZGljL3NlY3VyaXR5LzEwMC5jaGtzZXR1aWQu
b3JpZwkyMDEyLTA1LTA0IDEwOjQ2OjA1LjAwMDAwMDAwMCAtMDcwMAorKysgcGVyaW9kaWMvc2Vj
dXJpdHkvMTAwLmNoa3NldHVpZAkyMDEyLTA1LTA0IDEwOjQ2OjQ3LjAwMDAwMDAwMCAtMDcwMApA
QCAtNDMsNyArNDMsMTIgQEAKICAgICBbWXldW0VlXVtTc10pCiAJZWNobyAiIgogCWVjaG8gJ0No
ZWNraW5nIHNldHVpZCBmaWxlcyBhbmQgZGV2aWNlczonCi0JTVA9YG1vdW50IC10IHVmcyx6ZnMg
fCBhd2sgJyQwICF+IC9ubyhzdWlkfGV4ZWMpLyB7IHByaW50ICQzIH0nYAorCWlmIFsgLXogIiRk
YWlseV9zdGF0dXNfc2VjdXJpdHlfY2hrc2V0dWlkX2ZzX2lnbm9yZSIgXTsgdGhlbgorCQlNUD1g
bW91bnQgLXQgJGRhaWx5X3N0YXR1c19zZWN1cml0eV9jaGtzZXR1aWRfZnMgfCBhd2sgJyQwICF+
IC9ubyhzdWlkfGV4ZWMpLyB7IHByaW50ICQzIH0nYAorCWVsc2UKKwkJZGFpbHlfc3RhdHVzX3Nl
Y3VyaXR5X2Noa3NldHVpZF9mc19pZ25vcmU9YCBlY2hvICRkYWlseV9zdGF0dXNfc2VjdXJpdHlf
Y2hrc2V0dWlkX2ZzX2lnbm9yZSB8IHNlZCAncy9cIC9cfC9nJ2AKKwkJTVA9YG1vdW50IC10ICRk
YWlseV9zdGF0dXNfc2VjdXJpdHlfY2hrc2V0dWlkX2ZzIHwgYXdrICckMCAhfiAvbm8oc3VpZHxl
eGVjKS8geyBwcmludCAkMyB9J3wgZWdyZXAgLXZlICIkZGFpbHlfc3RhdHVzX3NlY3VyaXR5X2No
a3NldHVpZF9mc19pZ25vcmUiYAorCWZpCiAJZmluZCAtc3ggJE1QIC9kZXYvbnVsbCAtdHlwZSBm
IFwKIAkgICAgXCggLXBlcm0gLXUreCAtb3IgLXBlcm0gLWcreCAtb3IgLXBlcm0gLW8reCBcKSBc
CiAJICAgIFwoIC1wZXJtIC11K3MgLW9yIC1wZXJtIC1nK3MgXCkgLWV4ZWMgbHMgLWxpVGQgXHtc
fSBcKyB8CgotLS0gcGVyaW9kaWMvc2VjdXJpdHkvMTEwLm5lZ2dycHBlcm0ub3JpZwkyMDEyLTA1
LTA0IDEwOjU0OjIzLjAwMDAwMDAwMCAtMDcwMAorKysgcGVyaW9kaWMvc2VjdXJpdHkvMTEwLm5l
Z2dycHBlcm0JMjAxMi0wNS0wNCAxMDo0ODoxNi4wMDAwMDAwMDAgLTA3MDAKQEAgLTQxLDYgKzQx
LDEyIEBACiAgICAgW1l5XVtFZV1bU3NdKQogCWVjaG8gIiIKIAllY2hvICdDaGVja2luZyBuZWdh
dGl2ZSBncm91cCBwZXJtaXNzaW9uczonCisJaWYgWyAteiAiJGRhaWx5X3N0YXR1c19zZWN1cml0
eV9uZWdncnBwZXJtX2ZzX2lnbm9yZSIgXTsgdGhlbgorCQlNUD1gbW91bnQgLXQgJGRhaWx5X3N0
YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzIHwgYXdrICckMCAhfiAvbm8oc3VpZHxleGVjKS8g
eyBwcmludCAkMyB9J2AKKwllbHNlCisJCWRhaWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJt
X2ZzX2lnbm9yZT1gIGVjaG8gJGRhaWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzX2ln
bm9yZSB8IHNlZCAncy9cIC9cfC9nJ2AKKwkJTVA9YG1vdW50IC10ICRkYWlseV9zdGF0dXNfc2Vj
dXJpdHlfbmVnZ3JwcGVybV9mcyB8IGF3ayAnJDAgIX4gL25vKHN1aWR8ZXhlYykvIHsgcHJpbnQg
JDMgfSd8IGVncmVwIC12ZSAiJGRhaWx5X3N0YXR1c19zZWN1cml0eV9uZWdncnBwZXJtX2ZzX2ln
bm9yZSJgCisgICAgICAgIGZpCiAJTVA9YG1vdW50IC10IHVmcyx6ZnMgfCBhd2sgJyQwICF+IC9u
byhzdWlkfGV4ZWMpLyB7IHByaW50ICQzIH0nYAogCW49JChmaW5kIC1zeCAkTVAgL2Rldi9udWxs
IC10eXBlIGYgXAogCSAgICBcKCBcKCAhIC1wZXJtICswMTAgLWFuZCAtcGVybSArMDAxIFwpIC1v
ciBcCg==
--047d7b2ed48f99e0f904bf39b7e9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw>