From owner-freebsd-stable@FreeBSD.ORG  Fri May  4 18:06:01 2012
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 46142106566B
	for <freebsd-stable@freebsd.org>; Fri,  4 May 2012 18:06:01 +0000 (UTC)
	(envelope-from fjwcash@gmail.com)
Received: from mail-pb0-f54.google.com (mail-pb0-f54.google.com
	[209.85.160.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 181088FC12
	for <freebsd-stable@freebsd.org>; Fri,  4 May 2012 18:06:01 +0000 (UTC)
Received: by pbbro2 with SMTP id ro2so4558053pbb.13
	for <freebsd-stable@freebsd.org>; Fri, 04 May 2012 11:06:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	bh=FphS3rZsDKg2iQ5Tr8vRqLFJAV20VnvoMPVbNvPOH7M=;
	b=qEQE8AS2UiZ5V6oxFtANFeGW4SBfWFe8iXOoV3fYE5nzrxbDgySbCXf9xtzuJrDRbE
	6hfGL00vW9f44j98g5iSx2pAxb0eG3UkQNIBw6iZpy79UiKSMv0991b94Hs3bW6ijhVj
	QcqeQ5PWAXg7BGKPE6kGIWCy3EiKS7VGeNuFwqx775QBYSP8G5YPhVBsBEieKhJ7oOJO
	GaY10312k60QME/3QkFxAbCGRQE7FLAV0/6fJGke86CDVdZJsB8qWVZOstHhdmjGnxCj
	iAHWyo0uWNBmBDnFn0h6I3MKhvP27yhp9JN/l6oVFKIbKLn6NNm10pXVX3hu1JC88fL9
	S5VA==
MIME-Version: 1.0
Received: by 10.68.217.40 with SMTP id ov8mr2890692pbc.35.1336154760822; Fri,
	04 May 2012 11:06:00 -0700 (PDT)
Received: by 10.68.223.165 with HTTP; Fri, 4 May 2012 11:06:00 -0700 (PDT)
In-Reply-To: <CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw@mail.gmail.com>
References: <CAOjFWZ4VxyMLSzzWsUMj21HccZkzwPUtM5PWAS-oaaocCLN8Dw@mail.gmail.com>
	<4FA3FF18.4000309@shatow.net>
	<CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw@mail.gmail.com>
Date: Fri, 4 May 2012 11:06:00 -0700
Message-ID: <CAOjFWZ7qPkOxuV48izqa5RC_Yg5dP0S3YE1nm7ei2kmpZeTYQw@mail.gmail.com>
From: Freddie Cash <fjwcash@gmail.com>
To: Bryan Drewery <bryan@shatow.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: FreeBSD Stable <freebsd-stable@freebsd.org>
Subject: Re: Make filesystem type configurable for periodic(8)?
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 May 2012 18:06:01 -0000

On Fri, May 4, 2012 at 11:02 AM, Freddie Cash <fjwcash@gmail.com> wrote:
> On Fri, May 4, 2012 at 9:08 AM, Bryan Drewery <bryan@shatow.net> wrote:
>> On 05/04/2012 11:05 AM, Freddie Cash wrote:
>>> A few of the periodic(8) scripts in FreeBSD have constructs similar to
>>> the following to get which filesystems to scan for various things:
>>> =C2=A0 =C2=A0 MP=3D`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { pri=
nt $3 }'`
>>>
>>> For systems with large ZFS pools, and many ZFS filesystems, these
>>> periodic scripts can grind it to its knees, and then some. =C2=A0For
>>> backups servers where we don't really care about the
>>> ownership/permissions of files from the FreeBSD perspective, we really
>>> don't want the ZFS filesytems to be scanned; only the UFS ones for the
>>> FreeBSD OS install. =C2=A0To that end, I have to manually edit these fi=
les
>>> to remove the ",zfs":
>>> =C2=A0 =C2=A0 MP=3D`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $=
3 }'`
>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 ^^^^^^^^
>>> Would it be worthwhile to anyone else to make the filesystem type(s)
>>> to scan via the periodic(8) scripts a variable that's set by default
>>> in /etc/defaults/periodic.conf and that user's can override via
>>> /etc/periodic.conf?
>>>
>>> Or, am I the only one that's suffering here? =C2=A0:)
>>>
>>> If there's interesting in this, I can look into coming up with some
>>> patches. =C2=A0But wanted to check if anyone else would find it useful.
>>>
>>
>> I would find this useful. But further, I have a ZFS root pool as well as
>> a ZFS backup pool. I don't want to exclude all of ZFS, just certain
>> pools, or even certain datasets.
>
> Would you mind testing the attached patch? =C2=A0It adds four new variabl=
es
> for use in periodic.conf (defaults shown):
>
> daily_status_security_chksetuid_fs=3D"ufs,zfs"
> daily_status_security_chksetuid_fs_ignore=3D""
> daily_status_security_neggrpperm_fs=3D"ufs,zfs"
> daily_status_security_neggrpperm_fs_ignore=3D""
>
> The _fs variables take filesystem types, as would be passed to
> mount(8). =C2=A0These limit the entire search based on type, so an all or
> nothing approach.
>
> The _fs_ignore variables are space separated lists of mountpoints to
> skip. =C2=A0So you can leave zfs in the _fs list, and then list specific
> filesystems here that you do not want to be scanned.
>
> I don't claim to be any great shell script writer, but this appears to
> do the job. =C2=A0Any suggestions, pointers, comments, etc welcomed. =C2=
=A0:)

Guess I should mention how to use the patch.  :)

cd /etc
patch -p0 < /path/to/periodic-fs-type.patch

--=20
Freddie Cash
fjwcash@gmail.com