[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #29987 [Internal Services/Tor Sysadmin Team]: clear out unowned files on servers
#29987: clear out unowned files on servers
-------------------------------------------------+---------------------
Reporter: anarcat | Owner: tpa
Type: project | Status: new
Priority: Low | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Minor | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+---------------------
Comment (by anarcat):
The result of the run is in `alberti.torproject.org:/home/anarcat/unowned-
files`. I haven't included it here because it's 84MB but also because it
might contain sensitive information.
A cleaned up version of the file is in `unowned-files-sorted`, produced
with the following command:
{{{
sed -n '/^___/,$p' < unowned-files | cut -d: -f2 | sort -u > unowned-
files-sorted
}}}
The idea of the first part is the Cumin produces the output *twice*, once
as the regular output and then as a machine-readable output. We select
only the latter. Then the `cut` takes only the actual paths (as opposed to
`host: path` pairs) and finally, `sort` takes the unique paths across the
entire set. The result is still over 40MB and lists ~300,000 files.
Many files are from removed users, but there are also "restore" runs on
brulloi which make up a significant number. The remaining is fairly small:
{{{
$ sed -n '/^___/,$p' < unowned-files | grep -v -e /home/ -e /var/lib/sudo
-e restore | wc -l
277
}}}
... and mostly consists of random tidbits, which were basically:
* `listera:/lib/firmware`: owned by `1000:1000`, cleared out by chown'ing
to `root:root`
* `*:/run/xtables.lock`: owned by `root:115` (previously the munin
group), removed
* `brulloi:/root/etc.bak/munin/...`: one year old `/etc` backup, ignored
The vast majority of the remaining (~277,000 files) are the `restore`
stuff. It is mostly leftovers on `brulloi`, but there were also things in
`/srv/restored` on `staticiforme`, I ignored both, since brulloi is going
away and the other seemed harmless as it was readable only by root.
Finally, the remaining ~20,000 files are stuff in `/home`. This is the
part I am not sure what to do with. For now, I'm just ignoring those as
well until we make up our mind about what to do with the files leftovers
by retired users.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29987#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs