svn commit: r184265 - head/etc/periodic/security

Oliver Fromme olli at fromme.com
Sat Oct 25 17:07:55 PDT 2008 

Maxim Konovalov wrote:
 > On Sat, 25 Oct 2008, 20:16+0100, Ceri Davies wrote:
 > > On Sat, Oct 25, 2008 at 06:45:40PM +0000, Ed Schouten wrote:
 > > > Author: ed
 > > > Date: Sat Oct 25 18:45:40 2008
 > > > New Revision: 184265
 > > > URL: http://svn.freebsd.org/changeset/base/184265
 > > > 
 > > > Log:
 > > >   Sort `mount -p' output by name before checking for any differences.
 > > > 
 > > >   I noticed on a system at home that restarting named(8) causes the
 > > >   /var/named/dev mount to be moved to the bottom of the mount list,
 > > >   because it gets remounted. When I received the daily security email this
 > > >   morning, I was quite amazed to see that the security report listed the
 > > >   differences, while it was nothing out of the ordinary.
 > > > 
 > > >   If we just throw the `mount -p' output through sort(1), we'll only
 > > >   receive notifications about changes to mounts if something has really
 > > >   changed.
 > > 
 > > Hmm.  I've always found it useful to know that the mount list has
 > > changed, so that I can work out if I did anything to cause it to
 > > happen or not - if not, I have something to worry about.  I want to
 > > see this every time.

But you didn't see it every time.  See below.

 > Seconded.  From the sysadmin point of view it's better to be on the
 > safe side.

You should be aware that you were *not* on the safe side
before that change.  You only saw modifications if they
happened to change the order in the mount output.  If
someone changed the last mount (or mounts) in the list,
there would be no difference in the output.  So this was
completely unreliable anyway.  Therefore I think Ed's
change is good, because it makes the behaviour of the
script more deterministic.

If you *really* want to see all changes, then the script
must record the device IDs of all mounts and compare them,
i.e. something like this:

$ mount -p | awk '{print $2}' | xargs stat -f '%N %d' | sort

Then you will reliably notice if any of the file systems
was umounted/remounted, even if the order in the "mount"
output didn't change.

Best regards
   Oliver

-- 
Oliver Fromme, Bunsenstr. 13, 81735 Muenchen, Germany

``We are all but compressed light'' (Albert Einstein)

More information about the svn-src-head mailing list