Date: Mon, 10 Dec 2018 14:24:42 +0000 (UTC) From: Eugene Grosbein <eugen@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r341794 - stable/11/etc/periodic/weekly Message-ID: <201812101424.wBAEOgbC053582@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: eugen Date: Mon Dec 10 14:24:41 2018 New Revision: 341794 URL: https://svnweb.freebsd.org/changeset/base/341794 Log: MFC r340322-r340324,r340327: periodic/etc/weekly/340.noid Prevent periodic/etc/weekly/340.noid from descending into root directories of jails. Jails have their own user/group databases and this script can produce multiple false warnings, not to mention significant extra load in case of large jailed subtrees. Leave this check for jailed invocations of the same script. Modified: stable/11/etc/periodic/weekly/340.noid Directory Properties: stable/11/ (props changed) Modified: stable/11/etc/periodic/weekly/340.noid ============================================================================== --- stable/11/etc/periodic/weekly/340.noid Mon Dec 10 14:19:57 2018 (r341793) +++ stable/11/etc/periodic/weekly/340.noid Mon Dec 10 14:24:41 2018 (r341794) @@ -16,8 +16,26 @@ case "$weekly_noid_enable" in echo "" echo "Check for files with an unknown user or group:" + # Host should not test jailed subtrees as jails have their own + # databases of users and groups. Leave them for jailed invocations + # of this script. + + exclude='' + if [ $(sysctl -n security.jail.jailed) = 0 ]; then + sep=: + OIFS="$IFS" + IFS="$sep" + for param in $(jail -f "`sysrc -n jail_conf`" -e "$sep" 2>/dev/null) + do + case "$param" in + path=*) exclude="$exclude -path ${param#path=} -prune -or" + esac + done + IFS="$OIFS" + fi + rc=$(find -H ${weekly_noid_dirs:-/} \ - \( ! -fstype local -prune -or -name \* \) -and \ + \( $exclude ! -fstype local -prune -or -name \* \) -and \ \( -nogroup -o -nouser \) -print | sed 's/^/ /' | tee /dev/stderr | wc -l) [ $rc -gt 1 ] && rc=1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812101424.wBAEOgbC053582>