Steve Greenland wrote: > On 28-Dec-02, 14:54 (CST), Bob Proulx <bob@proulx.com> wrote: > > I was completely surpised to see that installing cron also installed > > several scripts that served completely different agendas. > > What, besides checksecurity, are you thinking of here? First let me say that I think we are in agreement. Life is good. Be happy. I am just responding to supply the requested information. It surprised me since I found it by having a stale NFS mount. It eventually sent me email as output from the root cron script. I tracked it down and discovered /etc/cron.daily/standard and checksecurity. I think the 'df -P --type=ext2' printed it. Probably that should have a -l on it as well to ensure it is only looking at the local disk and not any nfs mounted directories. > I suppose the backups of /etc/{passwd,shadow,group,gshadow} and the > dpkg status file could be put in basefiles and dpkg, but that would Actually those backups are so trivial that they are of no matter. I would not give them any more thought. > The check for files in lost+found is pretty trivial. Agreed. And perhaps a good reminder. Again, don't worry too much about this. > So, while I might not choose to add these functions to a cron > package I started from scratch, I don't see them as particular > problems. There are no particular problems in the above. Just from a modularity point of view they did not fit. However, I was concerned about the full filesystem find of every mounted filesystem. My systems frequently have large amounts of data mounted on them. I would not want gratuitous finds running across them if it is not needed. On normal desktops or other small systems that is not a concern. But when there are terabytes of data with zillions of small files this can take a long time to walk. I see that /mnt is skipped. And I also saw that I can adjust CHECKSECURITY_FILTER and now that I know about this it is not a concern. I have adjusted it to disable this feature from the disks I care about. Which leaves the above checks of lost+found and passwd et al which have a possibility of being both trivial and useful. The concern was that I was not expecting these just by having cron and especially not the full filesystem walk of my huge filesystems. Also, if one blocks everything from CHECKSECURITY_FILTER then find would seem to search everything instead of nothing in the find command. So one must be sure to leave at least something trivial in the list, such as /boot. I think that is arguably a bug and I will file a BTS on it. Bob
Attachment:
pgpuEaTSuMNN5.pgp
Description: PGP signature