[[6.12.3] btrfs dev stats -T /mnt/cache shows wrong output]

27 minutes ago, JorgeB said:

... though personally don't see the big deal with any of those.

That's unfortunate. Command arguments in ps.txt can be anything including sensitive information like external auth servers and credentials (hopefully no passwords). User names can be private information according to the GDPR. It's not good practice to leak your internal network structure by giving away information about ip addresses and ranges of internal networks.

 

27 minutes ago, JorgeB said:

For me, and because I sometimes need them to troubleshoot some issues, why do you care that the devices serial numbers are shown? Other users have the same issue but I cannot understand what the problem is with showing them, AFAIK the most anyone can do with that is see if they are still under warranty or not.

Device Serial number also can be used to look up if certain hardware has security issues. E.g. hardware defects are often limited to a certain range of serial numbers. Imagine a phone call: "Hi i'm from Disk Company A and we need to send you a replacement for a hard disk because there is an issue with it." much more credible if they have the actual serial numbers of the hard drives.
 

[[6.12.3] btrfs dev stats -T /mnt/cache shows wrong output]

7 hours ago, ljm42 said:

We have a 6.12.4 rc release available that includes btrfs-progs 6.3.3, would appreciate your help confirming it resolves this issue:

...
 

Unfortunately i had to reset the stats for our monitoring to catch it again if the error count increases so i cannot test if the numbers are ok in 6.12.4 rc.

[[6.12.3] btrfs dev stats -T /mnt/cache shows wrong output]

3 minutes ago, JorgeB said:

About the diags, are the serial numbers and VM names your only concerns or are there other things?

there are other things, i checked the whole archive again:
* config/ident.cfg: NAME, COMMENT, (DOMAIN_USER, DOMAIN_PASSWORD (cannot test that it's empty on our servers), WORKGROUP (maybe if its not "WORKGROUP"), LOCAL_TLD
* config/listen.txt: br0 and tun0 ip ranges / ips
* config/rsyslog.cfg: remote_server

* config/rsyslog.conf: at least the ip of the remote_server (*.* @1.2.3.4:514;RSYSLOG_SyslogProtocol23Format)
* config/super.dat: disk serial numbers
* config/pool/cache.cfg: diskId, diskId.1 (seem to contain disk serials)
* logs/dhcp.log: IPs and routes
* logs/libvirt: hostname

* logs/syslog*.txt: hostname, ips, ssh users (successful and failed logins), docker container names, file names (mover)
* qemu/*.txt: filename is VM name, hostname, HOME, XDG_*_HOME, master-key file name, image names (block dev)
* smart/*.txt: filename contains disk serials, Serial Number, LU WWN Device Id (for Crucial CT2000MX500 contains part of the serial number),
* system/ifconfig.txt: ip addresses and mac addresses (at least strip the last 3 segments so only the manifacturer part is visible)
* system/lsof.txt: ip addresses, user names (all non default unraid users)
* system/meminfo.txt: RAM serial numbers
* system/ps.txt: user names (all non default unraid users), command arguments, program locations
* system/testparm.txt: interfaces, server string, read list ("valid users" and "write list" are already replace with {a}...{z})
* system/top.txt: user names (all non default unraid users), not sure about COMMAND (did contain nothing secret in our example but might in others)
* system/urls.txt: Server Name, Local TLD, Internal IP, DNS 1, HTTP IP url, HTTP URL, HTTPS url 1, and errors (ERROR: When using DNS server 1.2.3.4, unredacted.fully.qualified.domain.name resolves to [redacted]. It should resolve to 1.2.3.5), cert names also show host name (and old host names possibly (Tower_unraid_bundle.pem))
* system/vars.txt: DISK ID shows serial, idSb shows serial, DNS_SERVER1, IPADDR:0, GATEWAY:0, NGINX_LANIP, NGINX_LANNAME, NGINX_LANMDNS, ID_SERIAL (dotted for USB but not for disks), ID_SERIAL_SHORT (dotted for USB but not for disks), ID_WWN (for Crucial), ID_WWN_WITH_EXTENSION (for Crucial), NAME, COMMENT, WORKGROUP (if not "WORKGROUP"), LOCAL_TLD
* xml/*.xml: filename is VM name, name, mac addresses of network interfaces, vnc listen if not 0.0.0.0, filesystem mount file names

[SSH/access changes are disruptive for user and docker service]

On reddit someone posted editing /etc/profile

it seems to be the following 2 lines:

 

export HOME=/root
cd $HOME

for our server i had to copy the ssh keys again for all non root users and disable the export HOME for users allowed to login via ssh:

 

[[ $UID == 1000 || $UID == 1001 || $UID == 1002 ]] || \
export HOME=/root

cd $HOME