From ust@cert.siemens.de  Sun Sep 30 11:37:10 2001
Return-Path: <ust@cert.siemens.de>
Received: from david.siemens.de (david.siemens.de [192.35.17.14])
	by hub.freebsd.org (Postfix) with ESMTP id A3AE137B40B
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 30 Sep 2001 11:37:09 -0700 (PDT)
Received: from mail2.siemens.de (mail2.siemens.de [139.25.208.11])
	by david.siemens.de (8.11.6/8.11.6) with ESMTP id f8UIb8S02124
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 30 Sep 2001 20:37:08 +0200 (MET DST)
Received: from mars.cert.siemens.de (ust.mchp.siemens.de [139.23.201.17])
	by mail2.siemens.de (8.11.6/8.11.6) with ESMTP id f8UIb8x01190
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 30 Sep 2001 20:37:08 +0200 (MEST)
Received: from reims.mchp.siemens.de (alaska [139.23.202.134])
	by mars.cert.siemens.de (8.12.0/8.12.0/Siemens CERT [ $Revision: 1.17 ]) with ESMTP id f8UIb7LD028562
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 30 Sep 2001 20:37:07 +0200 (CEST)
Received: from reims.mchp.siemens.de (localhost [127.0.0.1])
	by reims.mchp.siemens.de (8.12.0/8.12.0/alaska [ $Revision: 1.8 ]) with ESMTP id f8UIb7rq040484
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 30 Sep 2001 20:37:07 +0200 (CEST)
Received: (from ust@localhost)
	by reims.mchp.siemens.de (8.12.0/8.12.0/alaska [ $Revision: 1.2 ]) id f8UIb79f040483;
	Sun, 30 Sep 2001 20:37:07 +0200 (CEST)
Message-Id: <200109301837.f8UIb79f040483@reims.mchp.siemens.de>
Date: Sun, 30 Sep 2001 20:37:07 +0200 (CEST)
From: Udo Schweigert <ust@cert.siemens.de>
Reply-To: Udo Schweigert <ust@cert.siemens.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Improving behavior of /etc/periodic/daily/110.clean-tmps
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         30938
>Category:       conf
>Synopsis:       [patch] Improving behavior of /etc/periodic/daily/110.clean-tmps
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Sep 30 11:40:00 PDT 2001
>Closed-Date:    
>Last-Modified:  Mon Jan 14 01:17:51 UTC 2008
>Originator:     Udo Schweigert
>Release:        
>Organization:
>Environment:

5.0-CURRENT

>Description:

The following patch fixes some inconveniences I came around.

First thing is to have a diffent setting of the amount of a time an empty 
directory is deleted after. This is in the current version a little bit
annoying because if there are subdirectories in /tmp all the files in it
are deleted by the script, which changes the modification time of this
directory and thus the directory will be deleted only after another period
according to $daily_clean_tmps_days. 

Second thing deals with the ssh-agent sockets created by sshd in /tmp. If
you do not shutdown the ssh-connection properly (which can be caused when
using ssh over a dial-in connection) these sockets fill-up /tmp because
sockets are never deleted from /tmp.

The attached fix is in action here on all my servers for a reasonable amount
of time (at least two months on -current and -stable) so I'm pretty confident
that it won't cause problems.

>How-To-Repeat:
>Fix:

--- etc/periodic/daily/110.clean-tmps.orig	Thu Jul 19 14:08:24 2001
+++ etc/periodic/daily/110.clean-tmps	Tue Sep 11 09:16:46 2001
@@ -22,11 +22,21 @@
 		'$daily_clean_tmps_days is not'
 	    rc=2
 	else
+	    clean_ssh_agent=NO
+	    case "$daily_clean_tmps_ssh_enable" in
+		[Yy][Ee][Ss])
+		    clean_ssh_agent=YES
+		    if [ -z "$daily_clean_tmps_ssh_days" ]
+		    then
+			daily_clean_tmps_ssh_days=$daily_clean_tmps_days
+		    fi
+	    esac
 	    echo ""
 	    echo "Removing old temporary files:"
 
 	    set -f noglob
 	    args="-atime +$daily_clean_tmps_days -mtime +$daily_clean_tmps_days"
+	    ssh_args="-atime +$daily_clean_tmps_ssh_days -mtime +$daily_clean_tmps_ssh_days"
 	    [ -n "$daily_clean_tmps_ignore" ] &&
 		args="$args "`echo " ${daily_clean_tmps_ignore% }" |
 		    sed 's/[ 	][ 	]*/ ! -name /g'`
@@ -36,18 +46,32 @@
 		*)
 		    print=;;
 	    esac
+ 	    [ -z "$daily_clean_tmps_dir_days" ] && daily_clean_tmps_dir_days=$daily_clean_tmps_days
 
 	    rc=$(for dir in $daily_clean_tmps_dirs
 		do
 		    [ ."${dir#/}" != ."$dir" -a -d $dir ] && cd $dir && {
 			find -d . -type f $args -delete $print
 			find -d . ! -name . -type d -empty -mtime \
-			    +$daily_clean_tmps_days -delete $print
-		    } | sed "s,^\\.,  $dir,"
+ 			    +$daily_clean_tmps_dir_days -delete $print
+			if [ "$clean_ssh_agent" = "YES" ]
+			then
+			    set +f noglob
+			    ssh_dirs=$(echo ssh-*)
+			    set -f noglob
+			    if [ -n "$ssh_dirs" -a "$ssh_dirs" != "ssh-*" ]
+			    then
+				find -d $ssh_dirs -depth \
+				    \( -type s $ssh_args -name agent.\[\0-9]\* \
+					-delete $print \) -o \
+				    \( -type d -empty -delete $print \);
+			    fi
+			fi
+		    } | sed "s,^\\.,  $dir,; s,^\\(ssh-[^ \/]*\\),  $dir/\\1,;"
 		done | tee /dev/stderr | wc -l)
 	    [ -z "$print" ] && rc=0
 	    [ $rc -gt 1 ] && rc=1
-	    set -f glob
+	    set +f noglob
 	fi;;
 
     *)  rc=0;;
--- etc/defaults/periodic.conf.orig	Thu Jul 26 04:37:11 2001
+++ etc/defaults/periodic.conf	Tue Sep 11 13:21:49 2001
@@ -42,8 +42,11 @@
 daily_clean_tmps_enable="NO"				# Delete stuff daily
 daily_clean_tmps_dirs="/tmp"				# Delete under here
 daily_clean_tmps_days="3"				# If not accessed for
+daily_clean_tmps_dir_days="3"				# If dir not accessed
 daily_clean_tmps_ignore=".X*-lock quota.user quota.group" # Don't delete these
 daily_clean_tmps_verbose="YES"				# Mention files deleted
+daily_clean_tmps_ssh_enable="NO"			# Delete ssh agent stuff
+daily_clean_tmps_ssh_days="3"				# If not accessed for
 
 # 120.clean-preserve
 daily_clean_preserve_enable="YES"			# Delete files daily
--- share/man/man5/periodic.conf.5.orig	Sat Jul 28 22:10:19 2001
+++ share/man/man5/periodic.conf.5	Sat Jul 28 23:57:56 2001
@@ -177,6 +177,11 @@
 .Va daily_clean_tmps_enable
 is set, this must also be set to the number of days old that a file's access
 and modification times must be before it's deleted.
+.It Va daily_clean_tmps_dir_days
+.Pq Vt num
+If you want a different amount of time after which directories are deleted
+you can set this variable. Its default is the value of
+.Va daily_clean_tmps_days.
 .It Va daily_clean_tmps_ignore
 .Pq Vt str
 Set to the list of files that should not be deleted when
@@ -189,6 +194,17 @@
 Set to
 .Dq YES
 if you want the removed files to be reported in your daily output.
+.It Va daily_clean_tmps_ssh_enable
+.Pq Vt bool
+Set to
+.Dq YES
+if you want to clear sockets of ssh-agent in your temporary directories daily.
+.It Va daily_clean_tmps_ssh_days
+.Pq Vt num
+When
+.Va daily_clean_tmps_ssh_enable
+is set, this must also be set to the number of days old that a ssh-agent socket
+access and modification times must be before it's deleted.
 .It Va daily_clean_preserve_enable
 .Pq Vt bool
 Set to
>Release-Note:
>Audit-Trail:

From: Brian Somers <brian@freebsd-services.com>
To: Udo Schweigert <ust@cert.siemens.de>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG, brian@freebsd-services.com
Subject: Re: conf/30938: Improving behavior of /etc/periodic/daily/110.clean-tmps 
Date: Mon, 01 Oct 2001 16:26:50 +0100

 > >Number:         30938
 > >Category:       conf
 > >Synopsis:       Improving behavior of /etc/periodic/daily/110.clean-tmps
 
 Hi,
 
 While I appreciate the problems here (I have exactly the same 
 problems here), I'm not sure if these solutions are the best that 
 could be come up with.
 
 In the first case (where directories aren't being deleted at the 
 right time), maybe a better solution is to delete all empty 
 directories.
 
 In the second case (ssh leaving stuff around), I think the bug in ssh 
 should really be fixed.  Failing this, maybe the best solution is to 
 include special files in the list of deletion candidates.
 
 -- 
 Brian <brian@freebsd-services.com>                <brian@Awfulhak.org>
       http://www.freebsd-services.com/        <brian@[uk.]FreeBSD.org>
 Don't _EVER_ lose your sense of humour !      <brian@[uk.]OpenBSD.org>
 
 
>Unformatted:
