Date: Sat, 15 Dec 2018 10:09:26 +0100 From: Andre Albsmeier <Andre.Albsmeier@siemens.com> To: Eugene Grosbein <eugen@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: Re: svn commit: r341794 - stable/11/etc/periodic/weekly Message-ID: <20181215090926.GA33682@bali> In-Reply-To: <201812101424.wBAEOgbC053582@repo.freebsd.org> References: <201812101424.wBAEOgbC053582@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 10-Dec-2018 at 14:24:42 +0000, Eugene Grosbein wrote: > Author: eugen > Date: Mon Dec 10 14:24:41 2018 > New Revision: 341794 > URL: https://svnweb.freebsd.org/changeset/base/341794 > > Log: > MFC r340322-r340324,r340327: periodic/etc/weekly/340.noid > > Prevent periodic/etc/weekly/340.noid from descending into root directories > of jails. Jails have their own user/group databases and this script > can produce multiple false warnings, not to mention significant extra > load in case of large jailed subtrees. Leave this check for jailed > invocations of the same script. This gave me: Check for files with an unknown user or group: .: cannot open /usr/share/bsdconfig/common.subr: No such file or directory on systems where bsdconfig is not installed. -Andre > > Modified: > stable/11/etc/periodic/weekly/340.noid > Directory Properties: > stable/11/ (props changed) > > Modified: stable/11/etc/periodic/weekly/340.noid > ============================================================================== > --- stable/11/etc/periodic/weekly/340.noid Mon Dec 10 14:19:57 2018 (r341793) > +++ stable/11/etc/periodic/weekly/340.noid Mon Dec 10 14:24:41 2018 (r341794) > @@ -16,8 +16,26 @@ case "$weekly_noid_enable" in > echo "" > echo "Check for files with an unknown user or group:" > > + # Host should not test jailed subtrees as jails have their own > + # databases of users and groups. Leave them for jailed invocations > + # of this script. > + > + exclude='' > + if [ $(sysctl -n security.jail.jailed) = 0 ]; then > + sep=: > + OIFS="$IFS" > + IFS="$sep" > + for param in $(jail -f "`sysrc -n jail_conf`" -e "$sep" 2>/dev/null) > + do > + case "$param" in > + path=*) exclude="$exclude -path ${param#path=} -prune -or" > + esac > + done > + IFS="$OIFS" > + fi > + > rc=$(find -H ${weekly_noid_dirs:-/} \ > - \( ! -fstype local -prune -or -name \* \) -and \ > + \( $exclude ! -fstype local -prune -or -name \* \) -and \ > \( -nogroup -o -nouser \) -print | sed 's/^/ /' | > tee /dev/stderr | wc -l) > [ $rc -gt 1 ] && rc=1 > _______________________________________________ > svn-src-stable-11@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/svn-src-stable-11 > To unsubscribe, send any mail to "svn-src-stable-11-unsubscribe@freebsd.org" -- "FreeBSD has always been the operating system that GNU/Linux-based operating systems should have been." - Frank Pohlmann, IBM
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181215090926.GA33682>