svn commit: r341794 - stable/11/etc/periodic/weekly

Andre Albsmeier Andre.Albsmeier at siemens.com
Sat Dec 15 09:26:28 UTC 2018 

On Mon, 10-Dec-2018 at 14:24:42 +0000, Eugene Grosbein wrote:
> Author: eugen
> Date: Mon Dec 10 14:24:41 2018
> New Revision: 341794
> URL: https://svnweb.freebsd.org/changeset/base/341794
> 
> Log:
>   MFC r340322-r340324,r340327: periodic/etc/weekly/340.noid
>   
>   Prevent periodic/etc/weekly/340.noid from descending into root directories
>   of jails. Jails have their own user/group databases and this script
>   can produce multiple false warnings, not to mention significant extra
>   load in case of large jailed subtrees. Leave this check for jailed
>   invocations of the same script.

This gave me:

Check for files with an unknown user or group:
.: cannot open /usr/share/bsdconfig/common.subr: No such file or directory

on systems where bsdconfig is not installed.

	-Andre

> 
> Modified:
>   stable/11/etc/periodic/weekly/340.noid
> Directory Properties:
>   stable/11/   (props changed)
> 
> Modified: stable/11/etc/periodic/weekly/340.noid
> ==============================================================================
> --- stable/11/etc/periodic/weekly/340.noid	Mon Dec 10 14:19:57 2018	(r341793)
> +++ stable/11/etc/periodic/weekly/340.noid	Mon Dec 10 14:24:41 2018	(r341794)
> @@ -16,8 +16,26 @@ case "$weekly_noid_enable" in
>  	echo ""
>  	echo "Check for files with an unknown user or group:"
>  
> +	# Host should not test jailed subtrees as jails have their own
> +	# databases of users and groups. Leave them for jailed invocations
> +	# of this script.
> +
> +	exclude=''
> +	if [ $(sysctl -n security.jail.jailed) = 0 ]; then
> +	    sep=:
> +	    OIFS="$IFS"
> +	    IFS="$sep"
> +	    for param in $(jail -f "`sysrc -n jail_conf`" -e "$sep" 2>/dev/null)
> +	    do
> +		case "$param" in
> +		    path=*) exclude="$exclude -path ${param#path=} -prune -or"
> +		esac
> +	    done
> +	    IFS="$OIFS"
> +	fi
> +
>  	rc=$(find -H ${weekly_noid_dirs:-/} \
> -	    \( ! -fstype local -prune -or -name \* \) -and \
> +	    \( $exclude ! -fstype local -prune -or -name \* \) -and \
>  	    \( -nogroup -o -nouser \) -print | sed 's/^/  /' |
>  	    tee /dev/stderr | wc -l)
>  	[ $rc -gt 1 ] && rc=1
> _______________________________________________
> svn-src-stable-11 at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/svn-src-stable-11
> To unsubscribe, send any mail to "svn-src-stable-11-unsubscribe at freebsd.org"

-- 
"FreeBSD has always been the operating system that GNU/Linux-based
operating systems should have been."
		                               - Frank Pohlmann, IBM

More information about the svn-src-stable-11 mailing list