mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-26 13:05:18 +01:00
fb7cd0676b
yet have the accounting stuff in it. Disabled ncheck search in security due to missing ncheck.
149 lines
3.3 KiB
Bash
149 lines
3.3 KiB
Bash
#!/bin/sh -
|
|
#
|
|
# @(#)daily 5.12 (Berkeley) 5/24/91
|
|
#
|
|
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local
|
|
host=`hostname -s`
|
|
echo "Subject: $host daily run output"
|
|
bak=/var/backups
|
|
|
|
echo ""
|
|
echo "Removing scratch and junk files:"
|
|
if [ -d /tmp ]; then
|
|
cd /tmp && {
|
|
find . -type f -atime +3 -exec rm -f -- {} \;
|
|
find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \
|
|
>/dev/null 2>&1; }
|
|
fi
|
|
|
|
if [ -d /var/tmp ]; then
|
|
cd /var/tmp && {
|
|
find . ! -name . -atime +7 -exec rm -f -- {} \;
|
|
find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \
|
|
>/dev/null 2>&1; }
|
|
fi
|
|
|
|
if [ -d /scratch ]; then
|
|
cd /scratch && {
|
|
find . ! -name . -atime +1 -exec rm -f -- {} \;
|
|
find . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \
|
|
>/dev/null 2>&1; }
|
|
fi
|
|
|
|
if [ -d /var/preserve ]; then
|
|
cd /var/preserve && {
|
|
find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
|
|
fi
|
|
|
|
if [ -d /var/rwho ] ; then
|
|
cd /var/rwho && {
|
|
find . ! -name . -mtime +7 -exec rm -f -- {} \; ; }
|
|
fi
|
|
|
|
cd /tmp
|
|
find / ! -fstype local -a -prune -o \
|
|
\( -name '[#,]*' -o -name '.#*' -o -name a.out -o -name core \
|
|
-o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \
|
|
-a -atime +3 -exec rm -f -- {} \;
|
|
msgs -c
|
|
if [ -f /etc/news.expire ]; then
|
|
/etc/news.expire
|
|
fi
|
|
|
|
#echo ""
|
|
#echo "Purging accounting records:"
|
|
#mv /var/account/acct.2 /var/account/acct.3
|
|
#mv /var/account/acct.1 /var/account/acct.2
|
|
#mv /var/account/acct.0 /var/account/acct.1
|
|
#cp /var/account/acct /var/account/acct.0
|
|
#sa -s > /dev/null
|
|
|
|
echo ""
|
|
echo "Backup passwd and group files:"
|
|
if cmp -s $bak/master.passwd.bak /etc/master.passwd; then :; else
|
|
echo "$host passwd diffs:"
|
|
diff $bak/master.passwd.bak /etc/master.passwd
|
|
mv $bak/master.passwd.bak $bak/master.passwd.bak2
|
|
cp -p /etc/master.passwd $bak/master.passwd.bak
|
|
fi
|
|
if cmp -s $bak/group.bak /etc/group; then :; else
|
|
mv $bak/group.bak $bak/group.bak2
|
|
cp -p /etc/group $bak/group.bak
|
|
fi
|
|
if cmp -s $bak/aliases.bak /etc/aliases; then :; else
|
|
mv $bak/aliases.bak $bak/aliases.bak2
|
|
cp -p /etc/aliases $bak/aliases.bak
|
|
fi
|
|
if [ -f /etc/Distfile ]; then
|
|
if cmp -s $bak/Distfile.bak /etc/Distfile; then :; else
|
|
mv $bak/Distfile.bak $bak/Distfile.bak2
|
|
cp /etc/Distfile $bak/Distfile.bak
|
|
fi
|
|
fi
|
|
|
|
echo ""
|
|
echo "Running calendar:"
|
|
calendar -a
|
|
|
|
echo ""
|
|
echo "Rotating mail log:"
|
|
cd /var/log
|
|
rm -f maillog.7
|
|
if [ -f maillog.6 ]; then mv -f maillog.6 maillog.7; fi
|
|
if [ -f maillog.5 ]; then mv -f maillog.5 maillog.6; fi
|
|
if [ -f maillog.4 ]; then mv -f maillog.4 maillog.5; fi
|
|
if [ -f maillog.3 ]; then mv -f maillog.3 maillog.4; fi
|
|
if [ -f maillog.2 ]; then mv -f maillog.2 maillog.3; fi
|
|
if [ -f maillog.1 ]; then mv -f maillog.1 maillog.2; fi
|
|
if [ -f maillog.0 ]; then mv -f maillog.0 maillog.1; fi
|
|
mv -f maillog maillog.0
|
|
cp /dev/null maillog
|
|
chmod 644 maillog
|
|
kill -1 `cat /var/run/syslog.pid`
|
|
cd /
|
|
|
|
if [ -d /var/spool/uucp -a -f /etc/uuclean.daily ]; then
|
|
echo ""
|
|
echo "Cleaning up UUCP:"
|
|
echo /etc/uuclean.daily | su daemon
|
|
fi
|
|
|
|
echo ""
|
|
echo ""
|
|
echo "Checking subsystem status:"
|
|
echo ""
|
|
echo "disks:"
|
|
df -k
|
|
echo ""
|
|
dump W
|
|
echo ""
|
|
|
|
|
|
echo ""
|
|
echo "mail:"
|
|
mailq
|
|
|
|
if [ -d /var/spool/uucp ]; then
|
|
echo ""
|
|
echo "uucp:"
|
|
uusnap
|
|
fi
|
|
|
|
echo ""
|
|
echo "network:"
|
|
netstat -i
|
|
echo ""
|
|
ruptime
|
|
|
|
echo ""
|
|
echo "Checking filesystems:"
|
|
fsck -n | grep -v '^\*\* Phase'
|
|
|
|
echo ""
|
|
if [ -f /etc/Distfile ]; then
|
|
echo "Running rdist:"
|
|
rdist -f /etc/Distfile
|
|
fi
|
|
|
|
sh /etc/security | mail -s "daily insecurity output" root
|