On May 29, 2013 18:28 , Chris Hecker <chec...@d6.com> wrote: > Oh, and the one in scripts/cron has a bug, it uses +1 instead of +0 for > -mtime.
This is not a bug, "-mtime +0" assumes that you are using GNU find. "-mtime +1", while more lax, will work correctly with all versions of find. In practice, it is not a problem if some cookies/tickets hang around for an extra day. > Okay, is there any reason this is a bad idea? > > [root] /var/cosign# cat /etc/cron.hourly/cosign > #!/bin/bash > dirs=( /var/cosign/filter /var/cosign/daemon /var/cosign/tickets ) > for d in ${dirs[@]}; do > [ -d $d ] && /usr/bin/find $d -type f -mtime +0 | > /usr/bin/xargs /bin/rm -f > done > exit 0 > > I have other related stuff in /var/cosign and your script (and the one > in scripts) toasts everything old in subdirectories. That's fine. Most people don't keep other stuff under /var/cosign, hence the simpler example script in the cosign distribution. > I want to delete all three of those old files, right, tickets, daemon, > and filter (on machines running both the daemon and a service)? Correct. And on each of your cosign-protected web servers (the machines running the filter which are not central weblogin servers) you want to delete old cookie files (/var/cosign/filter) and, if the cosign-protected web server gets proxied Kerberos tickets from the central weblogin servers then you want to delete expired ticket files on these client webservers too. -- Mark Montague m...@catseye.org ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss