Hello Micha,
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Michael Meyer Sent: Wednesday, February 29, 2012 4:19 PM To: [email protected] Subject: Re: [Openvas-plugins] Problems running full LSC audit *** Chandrashekhar B wrote: >> >*** Thomas Reinke wrote: >> >> Michael Meyer wrote: >> >> > >> >> > In my tests i saw, that the first find takes some time while all >> >> > following finds are very fast. But on a VERY large file system, >> >> > the first find may still running during the next find is started >> >> > and so >> on... >> >> > >> >> >> >> We used a slightly older version of version_func.inc, but I think >> >> from what we saw, the culprit was descending through nfs mounted >> >> file systems that were of substantial size. It was thrashing nfsd severely. >> >> > There is an option to add '-xdev' to find which should prevent find >> > to >> descend into other filesystems. Default of "Descend directories on >> other filesystem >(don't add -xdev to find)" is at the moment "yes". >> >> >It it possible that you test again (against the host with that VERY >> >large >> filesystem) with the updated version_func.inc and/or with "Descend >> directories on >other filesystem (don't add -xdev to find)" set to "no"? >> >> >I'm thinking about changing the default of "Descend directories on..." >> >to "no". >> >> +1 for changing to "no" > I'm not sure anymore. This could cause some problems if e.g. /usr is mounted on an other filesystem. We would miss all under /usr then. These are options. One could always override by saying "yes". > My last idea was to change the find call to the following: >find / -maxdepth 7 -mindepth 1 \( -fstype nfs -o -fstype nfs4 -o -fstype NFS -o -fstype proc -o -fstype afs -o -fstype smbfs -o -fstype autofs -o -fstype iso9660 -o -fstype ncpfs -o -fstype coda -o -fstype devpts -o -fstype ftpfs -o -fstype devfs -o -fstype mfs -o -fstype sysfs -o -fstype shfs -o -fstype cifs -o -fstype 9P -o -fstype unknown \) -o \( -path "*/proc" -o -path "/dev" -o -path "/sys" -o -path "/media" -o -path "/tmp" -o -path "/var" \) -prune -o -name <search> -a \( -type f -o -type l \) -print 2>/dev/null I am not sure. Need to test this query on all and see how it behaves. > What do you think. You (SecPod) are using this function most i guess. > ;) You do not want us to use? Chandra. _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
