# Ignore some directories from being chown'ed by a cron file



## overmind (Mar 19, 2012)

As you know at 3AM every day a cron script is being run that will search all files on the hard drive and *chown* some of them (security thing). If I have a file server with lots of small files I do not want such find process to run for those files.

Do you know what script runs (by default) and if it is possible to customize the script so it will not look for example in /mnt?

I think the script is from /etc/periodic/daily but I do not know which is it.

The script will run:


```
root       15476   4.6  0.1  18196  12184  ??  D     3:02AM    8:58.38 find -sx / /mnt /drive/files
 /mnt/drive/files/archive /mnt/drive/archive/a /dev/null -type f ( -perm -u+x -or -perm -g+x -or 
-perm -o+x ) ( -perm -u+s -or -perm -g+s ) -exec ls -liTd {} +
```

I want to ignore everything from /mnt.


----------



## phoenix (Mar 19, 2012)

Search the forums for "periodic" and "security" and you'll find several threads on this very topic.  Even just searching for "periodic" and "3 am" will find several threads on this topic.


----------



## fluca1978 (Mar 20, 2012)

The 450.security script of the periodic-daily executes all the scripts in the /etc/periodic/security path, and the 100.chksetuid is the one you are looking for.


----------



## SirDice (Mar 20, 2012)

overmind said:
			
		

> As you know at 3AM every day a cron script is being run that will search all files on the hard drive and *chown* some of them (security thing).


None of the periodic scripts chown(8) anything. The _only_ script that uses chown(8) is weekly/310.locate and that only operates on the /var/db/locate.database file.


----------



## kpa (Mar 20, 2012)

Yeah, 100.chksetuid is nothing but a diff(1) against a last known state of setuid binaries in the system.


----------



## overmind (Mar 20, 2012)

Well, the ps code I've posted in my first post on this thread does that every morning at 3 AM.

I wonder which variable from /etc/defaults/periodic.conf file (if any) should I copy to /etc/periodic.conf and modify accordingly to skip this process for /mnt dir.


----------



## SirDice (Mar 20, 2012)

overmind said:
			
		

> Well, the ps code I've posted in my first post on this thread does that every morning at 3 AM.


That code snipped doesn't change anything. It does an ls(1) on the files it finds, nothing more, nothing less.


----------



## overmind (Mar 20, 2012)

The ps line might be longer, the one I've posted is just what I was able to grep(1)().


----------



## SirDice (Mar 20, 2012)

As mentioned before, it's part of 100.chksetuid. That script does _not_ change permissions or ownership.


----------



## phoenix (Mar 20, 2012)

Edit /etc/periodic/security/100.chksetuid, comment out this line:

```
MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
```
And replace it with a space-separated list of mountpoints that you *do* want checked:

```
MP="/ /var /usr /usr/local /yadda /blah /other/cool/stuff"
```

Just be warned that this file will be overwritten the next time you do an installworld/mergemaster.

Of, is you want to skip all ZFS filesystems, then just remove the *,zfs* part of the *MP* line.  Then the script will only check your UFS filesystems.


----------

