[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29987 [Internal Services/Tor Sysadmin Team]: clear out unowned files on servers



#29987: clear out unowned files on servers
-------------------------------------------------+---------------------
 Reporter:  anarcat                              |          Owner:  tpa
     Type:  project                              |         Status:  new
 Priority:  Low                                  |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Minor                                |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+---------------------

Comment (by anarcat):

 The result of the run is in `alberti.torproject.org:/home/anarcat/unowned-
 files`. I haven't included it here because it's 84MB but also because it
 might contain sensitive information.

 A cleaned up version of the file is in `unowned-files-sorted`, produced
 with the following command:

 {{{
 sed -n '/^___/,$p' < unowned-files | cut -d: -f2 | sort -u  > unowned-
 files-sorted
 }}}

 The idea of the first part is the Cumin produces the output *twice*, once
 as the regular output and then as a machine-readable output. We select
 only the latter. Then the `cut` takes only the actual paths (as opposed to
 `host: path` pairs) and finally, `sort` takes the unique paths across the
 entire set. The result is still over 40MB and lists ~300,000 files.

 Many files are from removed users, but there are also "restore" runs on
 brulloi which make up a significant number. The remaining is fairly small:

 {{{
 $ sed -n '/^___/,$p' < unowned-files | grep -v -e /home/ -e /var/lib/sudo
 -e restore | wc -l
 277
 }}}

 ... and mostly consists of random tidbits, which were basically:

  * `listera:/lib/firmware`: owned by `1000:1000`, cleared out by chown'ing
 to `root:root`
  * `*:/run/xtables.lock`: owned by `root:115` (previously the munin
 group), removed
  * `brulloi:/root/etc.bak/munin/...`: one year old `/etc` backup, ignored

 The vast majority of the remaining (~277,000 files) are the `restore`
 stuff. It is mostly leftovers on `brulloi`, but there were also things in
 `/srv/restored` on `staticiforme`, I ignored both, since brulloi is going
 away and the other seemed harmless as it was readable only by root.

 Finally, the remaining ~20,000 files are stuff in `/home`. This is the
 part I am not sure what to do with. For now, I'm just ignoring those as
 well until we make up our mind about what to do with the files leftovers
 by retired users.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29987#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs