From owner-freebsd-stable@FreeBSD.ORG Mon Jan 15 20:37:36 2007 Return-Path: X-Original-To: stable@freebsd.org Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6423D16A4EE for ; Mon, 15 Jan 2007 20:37:36 +0000 (UTC) (envelope-from spork@bway.net) Received: from xena.bway.net (xena.bway.net [216.220.96.26]) by mx1.freebsd.org (Postfix) with ESMTP id D77B613C45E for ; Mon, 15 Jan 2007 20:37:34 +0000 (UTC) (envelope-from spork@bway.net) Received: (qmail 11865 invoked by uid 0); 15 Jan 2007 20:37:33 -0000 Received: from unknown (HELO white.nat.fasttrackmonkey.com) (216.220.116.154) by smtp.bway.net with (DHE-RSA-AES256-SHA encrypted) SMTP; 15 Jan 2007 20:37:33 -0000 Date: Mon, 15 Jan 2007 15:37:17 -0500 (EST) From: Charles Sprickman X-X-Sender: spork@white.nat.fasttrackmonkey.com To: stable@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: Subject: 100.chksetuid and nfs X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jan 2007 20:37:36 -0000 Hello all, I've never noticed this on any 4.x boxes, but on 6.2 I'm seeing the following in the daily security run: Checking setuid files and devices: find: /usr/src: Operation timed out find: /usr/ports: Operation timed out find: /usr/obj: Operation timed out Those three directories are mounted via nfs. It seems like when the daily run kicks off on a bunch of boxes it's traversing nfs mounts and temporarily swamping the nfs server. I don't see any real differences in the chksetuid script from 4.11 to 6.2... Any ideas what has changed or how to prevent the script from traversing nfs mount points? Thanks, Charles