#!/bin/sh # # $Id: daily,v 1.32 2000/11/20 04:33:18 chouanar Exp $ # # # Author: Jean Chouanard # # ******************************************************************************************* # # Copyright (c) 2000 Xerox Corporation. All rights reserved. # # Redistribution and use in source and binary forms, with or without modification, # are permitted provided that the following conditions are met: # # Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # # Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # # Neither name of the Xerox, PARC, nor the names of its contributors may be # used to endorse or promote products derived from this software without # specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE XEROX CORPORATION OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # # ******************************************************************************************* # # # Path to the binaries we use # GZIP=/opt/local/bin/gzip CI=/opt/local/bin/ci CO=/opt/local/bin/co RCSDIFF=/opt/local/bin/rcsdiff # # Prefix added by GZIP # GZIPPRE="gz" # # Directories # BAK=/var/backups OLDLOG=/var/oldlogs TEMPO=/var/SECclean_tmp # # Files permissions for old logs and newly created one # OLDLOGMOD=600 ROTATEMOD=600 # # Verbose options: # # Do we want to check the package database (no by default) # CHKPKG="NO" # # When files had changed, do we want to see the changes? # SHOWDIFF="YES" # # Source yassp's config file if there # if [ -f /etc/yassp.conf ] ; then . /etc/yassp.conf fi umask 077 logswap="no" quiet="" if [ "X${1}" = "Xquiet" -o "X${1}" = "X-quiet" -o "X${1}" = "X-q" ] ; then quiet="-q" fi # # BACKUPF is the list of pathname which will be backup and stored # under RCS to track the changes # # LOGS is the list of pathname which will be rotated and stored compressed # # Initialize them only if they are not already defined # if [ "X${BACKUPF}" = "X" ] ; then BACKUPF="/etc/passwd /etc/shadow /etc/group /etc/yassp.conf /var/sadm/install/contents" fi if [ "X${LOGS}" = "X" ] ; then LOGS="/var/log/authlog /var/log/sshlog /var/adm/messages /var/adm/named /var/log/kernlog /var/log/userlog /var/log/maillog /var/log/daemonlog /var/log/lprlog /var/log/newslog /var/log/cronlog /var/log/local0log /var/log/local2log /var/log/local5log /var/log/alertlog" fi # # version=1 host=`uname -n | cut -d. -f1 | tr '[A-Z]' '[a-z]'` timestamp="`date +%Y.%m.%d-%H.%M.%S`" # # logs manipulation functions # rotate() { if [ -s $1 ] ; then if [ "X$quiet" != "X-q" ] ; then echo "Rotating $1" fi logswap="yes" file="$1" mv "$file" "${file}.${timestamp}" cp /dev/null "$file" chmod $ROTATEMOD "$file" fi } flush(){ file="$1.$timestamp" if [ -s $1.$timestamp ] ; then if [ "X$quiet" != "X-q" ] ; then echo "Storing $1" fi $GZIP $file chmod $OLDLOGMOD $file.${GZIPPRE} mv $file.${GZIPPRE} $OLDLOG fi } # # # backup() { file="$1" if [ -s $file ] ; then cd $BAK dfile=`basename $file` rm -f "$BAK/$dfile" cp -p $file "$BAK/$dfile" rm -f ${TEMPO}/rcsdiff ${RCSDIFF} -q -ko $dfile > ${TEMPO}/rcsdiff 2> /dev/null RESULT=$? OPTI=""; case ${RESULT} in 0 ) return 0 ;; 1 ) if [ "X$quiet" != "X-q" ] ; then echo "===\n${host}: $file has changed\c" if [ "X${SHOWDIFF}" = "XYES" ] ; then SHOWIT="YES" for j in /etc/shadow $NEVERSHOW do if [ "$file" = "$j" ] ; then SHOWIT="NO" break fi done echo ": diffs (OLD < > NEW)" if [ "${SHOWIT}" = "YES" ] ; then /usr/bin/sed -e 's/^/ /' ${TEMPO}/rcsdiff else echo " *** Diffs not shown ***" fi fi rm -f ${TEMPO}/rcsdiff echo "" fi rm -f "$BAK/$dfile" ${CO} -q -l $dfile 1>/dev/null cp -p $file "$BAK/$dfile" ;; 2 ) if [ "X$quiet" != "X-q" ] ; then echo "===\n${host}: $file is *NEW*" fi if [ ! -f "$BAK/RCS/${dfile},v" ] ; then OPTI=" -i -t-INIT" fi ;; * ) echo "${host}: Error on RCSDIFF for ${dfile}" return 1 ;; esac ${CI} -q -u -mCYA ${OPTI} "${dfile}" 1>/dev/null fi } # # Here is were something actualy starts to happen, backup designated files then rotate the logs # if [ "X$quiet" != "X-q" ] ; then echo ""; echo "Backing up and Checking files: $BACKUPF" fi for i in $BACKUPF do if [ -f $i ] ; then backup $i fi done if [ "X$quiet" != "X-q" ] ; then echo "" echo "" fi for i in ${LOGS} do rotate $i done # # correcting some specific setings # if [ -f /var/log/authlog ] ; then chmod 0600 /var/log/authlog chgrp sys /var/log/authlog fi # # kill -KILL `ps -eaf |grep /usr/sbin/syslogd|grep -v grep|awk '{print $2}'` # A more friendly kill provided by Sweth Chandramouli # # # Make sure that syslog was running # PID=`/usr/bin/ps -eopid -ocomm | /usr/bin/nawk '$2 ~ /syslogd$/ {print $1}'` if [ "X${PID}" = "X" ] ; then echo "ERROR: syslogd was dead" # # Kill the syslogd *only* if we have rotaded some logs files # elif [ "$logswap" = "yes" ] ; then for SIGNAL in TERM INT QUIT ABRT KILL ; do kill -${SIGNAL} ${PID} sleep 2 /usr/bin/ps -p ${PID} > /dev/null if [ $? != 0 ] ; then break fi done fi # # and restart syslogd *only* if it was not running or if we killed it # if [ "X${PID}" = "X" -o "$logswap" = "yes" ] ; then /etc/init.d/syslog start # # Make sure syslog restarted, otherwise you won't know that syslogd didn't start for 24 hours # # note: need to make a pid function PID=`/usr/bin/ps -eopid -ocomm | /usr/bin/nawk '$2 ~ /syslogd$/ {print $1}'` if [ "X${PID}" = "X" ] ; then # one more try sleep 5 /etc/init.d/syslog start PID=`/usr/bin/ps -eopid -ocomm | /usr/bin/nawk '$2 ~ /syslogd$/ {print $1}'` if [ "X${PID}" = "X" ] ; then echo "ERROR: syslogd FAILED to start!" fi fi fi # # Now that the logs have been rotated lets clean up # # note: need to add error checking so we don't clean if there was a rotation problem # for i in ${LOGS} do flush $i done # # Output some basic info... Always usefull # if [ "X${quiet}" != "X-q" ] ; then df -lk if [ "X${CHKPKG}" = "XYES" ] ; then pkgchk -n fi fi # ******************************************************* # $Log: daily,v $ # Revision 1.32 2000/11/20 04:33:18 chouanar # *** empty log message *** # # Revision 1.31 2000/11/20 00:11:54 chouanar # *** empty log message *** # # Revision 1.30 2000/11/18 21:51:33 chouanar # sometime on SOlaris 8 doing a kill of the syslog and a restart right away won't work. # -> Added a sleep 5 # # Revision 1.29 2000/11/13 07:10:58 chouanar # *** empty log message *** # # Revision 1.28 2000/11/13 07:09:51 chouanar # *** empty log message *** # # Revision 1.27 2000/11/13 07:08:13 chouanar # *** empty log message *** # # Revision 1.26 2000/11/13 06:26:48 chouanar # restart syslod by calling the startup scrip so any flags (like the '-t' on SOlaris 8) will be applied # # Revision 1.25 2000/11/12 00:30:44 chouanar # Copyright: we use BSD like license now. # # Revision 1.24 2000/11/07 23:19:20 chouanar # comments # # Revision 1.23 2000/11/07 23:02:10 chouanar # modifications/suggestions sent by Josh Hoblitt on being more quiet, add more control over the file modes. # rewrite the backup function to use rcsdiff so the keyword substitution won't confuse it # kill syslod *only* if some logs files has been rotated or if it was dead # # Revision 1.22 2000/07/18 23:29:08 chouanar # license # # Revision 1.21 2000/07/06 22:43:57 chouanar # removed any ref to /var/log/syslog # removed GREP which was not used # # Revision 1.20 2000/07/04 19:23:08 chouanar # license # # Revision 1.19 2000/06/18 21:03:33 chouanar # *** empty log message *** # # Revision 1.18 2000/06/17 20:13:34 chouanar # corrected the 'host' setup # # Revision 1.17 2000/06/16 05:58:21 chouanar # replaced hostname by nodename # # Revision 1.16 2000/06/03 05:51:44 chouanar # *** empty log message *** # # Revision 1.15 2000/06/03 05:23:54 chouanar # *** empty log message *** # # Revision 1.14 2000/06/03 01:51:19 chouanar # add the -quiet option # # Revision 1.13 2000/06/01 19:32:59 chouanar # missing ; # # Revision 1.12 2000/06/01 19:26:46 chouanar # missing " # # Revision 1.11 2000/05/26 00:27:53 chouanar # read /etc/yassp.conf # # Revision 1.10 2000/05/21 23:13:05 chouanar # change the correct group and mod on /var/log/authlog # # Revision 1.9 2000/05/21 23:10:48 chouanar # no more yassp.conf # # Revision 1.8 2000/05/19 23:39:44 chouanar # add new logsfiles to backup # # Revision 1.7 2000/05/08 20:12:49 chouanar # Added /etc/rc.conf /etc/yassp.conf to the monitored listfiles list. # # Revision 1.6 2000/03/22 19:33:15 chouanar # typo => RCS was not working # # Revision 1.5 2000/03/08 21:08:55 chouanar # *** empty log message *** # # Revision 1.4 2000/02/21 04:37:58 chouanar # *** empty log message *** # # Revision 1.3 2000/02/20 02:13:36 chouanar # *** empty log message *** # # Revision 1.2 2000/02/19 23:07:16 chouanar # *** empty log message *** # *******************************************************