-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2014-12-01 07:59, Werner Flamme wrote:
Hi everyone,
I wonder if it is possible to make seccheck (on SLES 11/12) ignore some directories, like it is with the locate command.
In /etc/sysconfig/locate, there are entries like UPDATEDB_PRUNEPATHS and UPDATEB_PRUNEFS, but I do not see anything like this in /etc/sysconfig/seccheck, neither on SLES 11 SP3 nor on SLES 12.
Reason for my question: seccheck runs here on a host that contains 3 daily backups of 10+ SAP hosts, and the "Local Monthly Security" Mail size is 562 MB. This mail size causes an unfriednly, suspicious grin on the face of my mail admin...
LOL. :-) I don't have SLES, so I'm looking at my oS 13.1. Locate finds these files: /etc/cron.d/seccheck /etc/sysconfig/seccheck So there is a configuration file, but nothing in there that you can use for the purpose. In the "/usr/share/doc/packages/seccheck/README" there is a contact email, but I don't know if that person is still active. The cron job runs /usr/lib/secchk/security-control.sh, which in turn runs: security-daily.sh, security-monthly.sh, security-weekly.sh. A quick grep for "find" in the scripts locates it, in the weekly script, and a variable: ( nice -n 1 find $MNT -mount \( -perm -04000 -o -per... So the important thing to look for is that 'MNT'. It is created this way: # get the ext2 and reiserfs mount points MNT=`/bin/mount | grep -E "^/dev/" | cut -d' ' -f 3 | \ grep -v "/media" | xargs echo "/dev/"` What you wish would be adding a grep -v "/backups" or wherever after the one for /media. Here it produces: /dev/ / /usr /boot /home /home_aux /home1 /opt /data/storage_d /data/storage_b /usr/src /usr/local /data/homedvl /data/vmware ... I wonder about "/dev/" and "/". - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlR8ddIACgkQtTMYHG2NR9UvQgCffEGTy/hXVVRjQdLblNrE5O88 /bYAnj3OosdqitHcn2uEihl+H8yzD7qn =nUOr -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org