Date: Fri, 4 May 2012 11:06:00 -0700 From: Freddie Cash <fjwcash@gmail.com> To: Bryan Drewery <bryan@shatow.net> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: Make filesystem type configurable for periodic(8)? Message-ID: <CAOjFWZ7qPkOxuV48izqa5RC_Yg5dP0S3YE1nm7ei2kmpZeTYQw@mail.gmail.com> In-Reply-To: <CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw@mail.gmail.com> References: <CAOjFWZ4VxyMLSzzWsUMj21HccZkzwPUtM5PWAS-oaaocCLN8Dw@mail.gmail.com> <4FA3FF18.4000309@shatow.net> <CAOjFWZ5gBNBcciDdXZhnykZY3HhxGaS1kXDvfs3QJbhr35XAHw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 4, 2012 at 11:02 AM, Freddie Cash <fjwcash@gmail.com> wrote:
> On Fri, May 4, 2012 at 9:08 AM, Bryan Drewery <bryan@shatow.net> wrote:
>> On 05/04/2012 11:05 AM, Freddie Cash wrote:
>>> A few of the periodic(8) scripts in FreeBSD have constructs similar to
>>> the following to get which filesystems to scan for various things:
>>> =C2=A0 =C2=A0 MP=3D`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { pri=
nt $3 }'`
>>>
>>> For systems with large ZFS pools, and many ZFS filesystems, these
>>> periodic scripts can grind it to its knees, and then some. =C2=A0For
>>> backups servers where we don't really care about the
>>> ownership/permissions of files from the FreeBSD perspective, we really
>>> don't want the ZFS filesytems to be scanned; only the UFS ones for the
>>> FreeBSD OS install. =C2=A0To that end, I have to manually edit these fi=
les
>>> to remove the ",zfs":
>>> =C2=A0 =C2=A0 MP=3D`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $=
3 }'`
>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 ^^^^^^^^
>>> Would it be worthwhile to anyone else to make the filesystem type(s)
>>> to scan via the periodic(8) scripts a variable that's set by default
>>> in /etc/defaults/periodic.conf and that user's can override via
>>> /etc/periodic.conf?
>>>
>>> Or, am I the only one that's suffering here? =C2=A0:)
>>>
>>> If there's interesting in this, I can look into coming up with some
>>> patches. =C2=A0But wanted to check if anyone else would find it useful.
>>>
>>
>> I would find this useful. But further, I have a ZFS root pool as well as
>> a ZFS backup pool. I don't want to exclude all of ZFS, just certain
>> pools, or even certain datasets.
>
> Would you mind testing the attached patch? =C2=A0It adds four new variabl=
es
> for use in periodic.conf (defaults shown):
>
> daily_status_security_chksetuid_fs=3D"ufs,zfs"
> daily_status_security_chksetuid_fs_ignore=3D""
> daily_status_security_neggrpperm_fs=3D"ufs,zfs"
> daily_status_security_neggrpperm_fs_ignore=3D""
>
> The _fs variables take filesystem types, as would be passed to
> mount(8). =C2=A0These limit the entire search based on type, so an all or
> nothing approach.
>
> The _fs_ignore variables are space separated lists of mountpoints to
> skip. =C2=A0So you can leave zfs in the _fs list, and then list specific
> filesystems here that you do not want to be scanned.
>
> I don't claim to be any great shell script writer, but this appears to
> do the job. =C2=A0Any suggestions, pointers, comments, etc welcomed. =C2=
=A0:)
Guess I should mention how to use the patch. :)
cd /etc
patch -p0 < /path/to/periodic-fs-type.patch
--=20
Freddie Cash
fjwcash@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOjFWZ7qPkOxuV48izqa5RC_Yg5dP0S3YE1nm7ei2kmpZeTYQw>