mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-15 06:42:51 +01:00
5b1ae1f88e
safe way to do this, and envites very unpleasant results. Removed fsck'ing of all the disks on the system as it provides output that is almost always meaningless and only envites bug reports. Reviewed by: Jordan Hubbard
134 lines
3.0 KiB
Bash
134 lines
3.0 KiB
Bash
#!/bin/sh -
|
|
#
|
|
# @(#)daily 5.12 (Berkeley) 5/24/91
|
|
#
|
|
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local
|
|
host=`hostname -s`
|
|
echo "Subject: $host daily run output"
|
|
bak=/var/backups
|
|
|
|
echo ""
|
|
echo "Removing scratch and junk files:"
|
|
if [ -d /var/preserve ]; then
|
|
cd /var/preserve && {
|
|
find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
|
|
fi
|
|
|
|
if [ -d /var/rwho ] ; then
|
|
cd /var/rwho && {
|
|
find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
|
|
fi
|
|
|
|
cd /tmp
|
|
# This is not safe, you need to decide what is appropriate for your
|
|
# system. Leave a warning note for now.
|
|
echo "You did not enable the cleaning of / in /etc/daily!"
|
|
#
|
|
#find / ! -fstype local -a -prune -o \
|
|
# \( -name '[#,]*' -o -name '.#*' -o -name a.out -o -name *.core \
|
|
# -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \
|
|
# -a -atime +3 -exec rm -f -- {} \;
|
|
#
|
|
msgs -c
|
|
if [ -f /etc/news.expire ]; then
|
|
/etc/news.expire
|
|
fi
|
|
|
|
if [ -d /var/account ] ; then
|
|
echo ""
|
|
echo "Purging accounting records:"
|
|
cd /var/account
|
|
if [ -f acct.2 ] ; then mv -f acct.2 acct.3 ; fi
|
|
if [ -f acct.1 ] ; then mv -f acct.1 acct.2 ; fi
|
|
if [ -f acct.0 ] ; then mv -f acct.0 acct.1 ; fi
|
|
if [ -f acct ] ; then
|
|
cp -pf acct acct.0
|
|
sa -s > /dev/null
|
|
fi
|
|
fi
|
|
|
|
echo ""
|
|
echo "Backup passwd and group files:"
|
|
if cmp -s $bak/master.passwd.bak /etc/master.passwd; then :; else
|
|
echo "$host passwd diffs:"
|
|
diff $bak/master.passwd.bak /etc/master.passwd
|
|
mv $bak/master.passwd.bak $bak/master.passwd.bak2
|
|
cp -p /etc/master.passwd $bak/master.passwd.bak
|
|
fi
|
|
if cmp -s $bak/group.bak /etc/group; then :; else
|
|
mv $bak/group.bak $bak/group.bak2
|
|
cp -p /etc/group $bak/group.bak
|
|
fi
|
|
if cmp -s $bak/aliases.bak /etc/aliases; then :; else
|
|
mv $bak/aliases.bak $bak/aliases.bak2
|
|
cp -p /etc/aliases $bak/aliases.bak
|
|
fi
|
|
if [ -f /etc/Distfile ]; then
|
|
if cmp -s $bak/Distfile.bak /etc/Distfile; then :; else
|
|
mv $bak/Distfile.bak $bak/Distfile.bak2
|
|
cp /etc/Distfile $bak/Distfile.bak
|
|
fi
|
|
fi
|
|
|
|
echo ""
|
|
echo "Running calendar:"
|
|
calendar -a
|
|
|
|
echo ""
|
|
echo "Rotating mail log:"
|
|
cd /var/log
|
|
rm -f maillog.7
|
|
if [ -f maillog.6 ]; then mv -f maillog.6 maillog.7; fi
|
|
if [ -f maillog.5 ]; then mv -f maillog.5 maillog.6; fi
|
|
if [ -f maillog.4 ]; then mv -f maillog.4 maillog.5; fi
|
|
if [ -f maillog.3 ]; then mv -f maillog.3 maillog.4; fi
|
|
if [ -f maillog.2 ]; then mv -f maillog.2 maillog.3; fi
|
|
if [ -f maillog.1 ]; then mv -f maillog.1 maillog.2; fi
|
|
if [ -f maillog.0 ]; then mv -f maillog.0 maillog.1; fi
|
|
mv -f maillog maillog.0
|
|
cp /dev/null maillog
|
|
chmod 644 maillog
|
|
kill -1 `cat /var/run/syslog.pid`
|
|
cd /
|
|
|
|
if [ -d /var/spool/uucp -a -f /etc/uuclean.daily ]; then
|
|
echo ""
|
|
echo "Cleaning up UUCP:"
|
|
echo /etc/uuclean.daily | su daemon
|
|
fi
|
|
|
|
echo ""
|
|
echo ""
|
|
echo "Checking subsystem status:"
|
|
echo ""
|
|
echo "disks:"
|
|
df -k -t local
|
|
echo ""
|
|
dump W
|
|
echo ""
|
|
|
|
|
|
echo ""
|
|
echo "mail:"
|
|
mailq
|
|
|
|
if [ -d /var/spool/uucp ]; then
|
|
echo ""
|
|
echo "uucp:"
|
|
uustat -a
|
|
fi
|
|
|
|
echo ""
|
|
echo "network:"
|
|
netstat -i
|
|
echo ""
|
|
ruptime
|
|
|
|
echo ""
|
|
if [ -f /etc/Distfile ]; then
|
|
echo "Running rdist:"
|
|
rdist -f /etc/Distfile
|
|
fi
|
|
|
|
sh /etc/security 2>&1 | mail -s "daily insecurity output" root
|