From: Super-User Date: Sat, 10 Jan 2009 23:20:38 +0000 (-0700) Subject: Not needed for Nexenta X-Git-Url: http://git.pippins.net/embedvideo/images/%27%20%20%20%20.%20%24GLOBALS%5B%27phpgw%27%5D-%3Elink%28%27inc/jquery/static/git-favicon.png?a=commitdiff_plain;h=5e48761f4c3c735049678f597395e17c8ea4bd0d;p=zfs-nexenta%2F.git Not needed for Nexenta --- diff --git a/100.chksetuid b/100.chksetuid deleted file mode 100755 index f66b9fb..0000000 --- a/100.chksetuid +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh - -# -# Description: FreeBSD comes with the following script that is run -# weekly as part of its periodic weekly security scripts. -# However, their version of the script does NOT ignore -# .zfs/snapshot directories. On a system with limited -# resources, this can lead to a "kmem_map too small" -# kernel panic when this script runs. Somehow, ZFS -# kernel memory usage explodes when performing recursive -# find operations on .zfs snapshot locations. This -# is the modified version of that script, which excludes -# searching in .zfs snapshot directories. -# Usage: Replace the FreeBSD version of the script with this one: -# /etc/periodic/security/100.chksetuid -# -# Copyright (c) 2001 The FreeBSD Project -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $FreeBSD: src/etc/periodic/security/100.chksetuid,v 1.8.14.1 2008/01/29 00:22:33 dougb Exp $ -# - -# If there is a global system configuration file, suck it in. -# -if [ -r /etc/defaults/periodic.conf ] -then - . /etc/defaults/periodic.conf - source_periodic_confs -fi - -. /etc/periodic/security/security.functions - -rc=0 - -case "$daily_status_security_chksetuid_enable" in - [Yy][Ee][Ss]) - echo "" - echo 'Checking setuid files and devices:' - # XXX Note that there is the possibility of overrunning the args to ls - MP=`mount -t ufs,zfs | egrep -v " no(suid|exec)" | awk '{ print $3 }' | sort` - if [ -n "${MP}" ] - then - set ${MP} - while [ $# -ge 1 ]; do - mount=$1 - shift - dotzfs=`echo "$mount" | grep "\.zfs"` - [ -n "$dotzfs" ] && continue; - find $mount -xdev -type f \ - \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ - \( -perm -u+s -or -perm -g+s \) -print0 - done | xargs -0 -n 20 ls -liTd | sed 's/^ *//' | sort -k 11 | - check_diff setuid - "${host} setuid diffs:" - rc=$? - fi;; - *) rc=0;; -esac - -exit $rc