A large compound root preexec command successfully used for some years caused an 'instant' lockup on a new Mandrake 9.2RC2 server build. The problem was traced to no free space in the 5Gb /var partition, with the SAMBA client's error log and a couple of other logs each at 1.6Gb. Deleting the three logs resulted in a df report of a few hundred k of genuine log, but zero free space, total 5Gb(!) (File system problem, Samba log writing, or both?) As a non-guru I could only release the system by causing an 'unexpected' power down followed by a file system repair at boot-up. This restored the free space. Putting the complex command into its own shell script and using root preexec to call it solved the problem. The offending preexex (and its coplementary postexec, also now in a script of its own) follow: root preexec = \ (grep ", %U, %G, o" /home/supervisors/samba.csv | tail -1 | grep ", on-," \ && (echo %U is already logged on $'\15'> /home/%U/log.bat \ & echo %T, %I, %m, %d, %U, %G, no-, %a $'\15' \ >> /home/supervisors/samba.csv))\ || (echo $'\15' > /home/%U/log.bat \ & echo %T, %I, %m, %d, %U, %G, on-, %a $'\15' >> /home/supervisors/samba.csv) root postexec = \ (grep ", %d, %U, %G, o" /home/supervisors/samba.csv \ | tail -1 | grep ", on-," \ && echo %T, %I, %m, %d, %U, %G, off, %a $'\15' \ >> /home/supervisors/samba.csv) \ || echo %T, %I, %m, %d, %U, %G, ffo, %a $'\15' \ >> /home/supervisors/samba.csv
Comments from mbp: At first glance, you have DOS'd yourself, since the two commands you quote have the potential to go into an infinite loop appending to and reading from the file. I'm not sure if that is what happened; I'd need to see an excerpt from your logs. The administrator being able to crash their own machine is not normally a security bug. (Or possibly not a bug at all.)
Log excerpt from my test runs: cmd= (grep ", jerry, users, o" /tmp/samba.csv | tail -1 | grep ", on-," && (echo jerry is already logged on $'\15'> /home/queso/jerry/log.bat & echo 2003/11/13 08:37:17, 192.168.1.74, queso, 3368, jerry, users, no-, Samba $'\15' >> /tmp/samba.csv)) || (echo $'\15' > /home/queso/jerry/log.bat & echo 2003/11/13 08:37:17, 192.168.1.74, queso, 3368, jerry, users, on-, Samba $'\15' >> /tmp/samba.csv)
database cleanup