[volunteers] svlug.com, lists.svlug.org redirect (was: Nameserver)

Rick Moen rick at linuxmafia.com
Thu May 19 04:31:01 PDT 2016


And another thing:

I've been looking around on gruyere to see if I can figure out who's
been shooting us in the foot with the org. registry, Public Interest
Registry.

# whois svlug.org
WHOIS LIMIT EXCEEDED - SEE WWW.PIR.ORG/WHOIS FOR DETAILS
^CInterrupted by signal 2...
#

Public Interest Registry limits the rate of WHOIS lookups, and punishes
IP addresses that attempt to programmatically overload their servers.
So, I've been trying to figure out what jackass is now or has in the
past done this.

I looked through the system cron directories and files:

/etc/crontab
/etc/cron.d/*
/etc/cron.hourly/*
/etc/cron.daily/*
/etc/cron.weekly/*
/etc/cron.monthly/*

Note that that is the _complete_ list of system cron files, a point I'll
return to in a moment.

So, nearly stumped, I thought 'Well, maybe it's a user crontab.'  So:

  root at gruyere:~ # cd /var/spool/cron/crontabs/
  root at gruyere:/var/spool/cron/crontabs # ls -al
  total 12
  drwx-wx--T 2 root crontab 4096 May  4 12:25 .
  drwxr-xr-x 3 root root    4096 Jan 26  2005 ..
  -rw------- 1 root crontab 1420 May  4 12:25 root
  root at gruyere:/var/spool/cron/crontabs

Eh?  Why does the _root user_ suddenly have a personal crontab file?


  root at gruyere:/var/spool/cron/crontabs # tail root
  # 
  # For example, you can run a backup of all your user accounts
  # at 5 a.m every week with:
  # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
  # 
  # For more information see the manual pages of crontab(5) and cron(8)
  # 
  # m h  dom mon dow   command
  55 20 2 * * /usr/bin/dpkg --get-selections > /tmp/selections && /usr/bin/rsync --delete -aze "ssh -l www-backup" /var/spool/cron/crontabs /etc /usr/local/src/site-docs /root/sensitive /tmp/selections /var/www /var/svn maasdammer.svlug.org:$(/bin/date +\%m)/ ; /bin/rm -f /tmp/selections
  45 21 2 * * /usr/local/bin/datafile-cleanup
  root at gruyere:/var/spool/cron/crontabs # 

No, Daniel!  For fuck's sake, root's personal crontab is not a system
file!  You do not, i.e., you must not, put system-critical functions
like backup into a personal crontab.  Goddamn it.  (Why?  Because
sysadmins would not think to look there when searching for system
files.)  This should be either in /etc/crontab or in a new file or files
in /etc/cron.d/ .

This is, once again, where your being way, way too vague in
site-docs/ChangeLog is an additional problem.  Quoting:

Mo 2016-05-02   Daniel Gimpelevich <daniel at gimpelevich.san-francisco.ca.us>
           Did a "chmod 600 /root/sensitive/*" to keep it private in backups.
           Prepared a user and directories on lists.svlug.org to receive 
           backups.  Added datafile-cleanup script and crontab to make 
           monthly backups kept for a year.

'Added crontab'.  Added _what_ crontab?  You didn't actually say what
you changed in even enough detail for me to see that you erroneously put 
a system conffile in a non-system location.

Fix the cron entries, and then fix your documentation.





More information about the volunteers mailing list