Date: Wed, 23 May 2018 14:05:56 +0000 (UTC) From: Ed Maste <emaste@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r334097 - stable/10/etc/periodic/daily Message-ID: <201805231405.w4NE5ubL061139@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: emaste Date: Wed May 23 14:05:56 2018 New Revision: 334097 URL: https://svnweb.freebsd.org/changeset/base/334097 Log: MFC r326074: filter all passwords (not only changed) from periodic passwd backup The periodic 200.backup-passwd script outputs any differences it finds in master.passwd, relative to the previous backup. It intends to elide the encrypted password field, but previously did so only for changed lines (i.e., those beginning with - or + in the diff). Apply the sed expression also to unchanged lines to also elide their passwords. PR: 223461 Reported by: Andre Albsmeier Sponsored by: The FreeBSD Foundation Modified: stable/10/etc/periodic/daily/200.backup-passwd Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/periodic/daily/200.backup-passwd ============================================================================== --- stable/10/etc/periodic/daily/200.backup-passwd Wed May 23 13:59:37 2018 (r334096) +++ stable/10/etc/periodic/daily/200.backup-passwd Wed May 23 14:05:56 2018 (r334097) @@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in [ $rc -lt 1 ] && rc=1 echo "$host passwd diffs:" diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\ - sed 's/^\([-+][^-+:]*\):[^:]*:/\1:(password):/' + sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/' mv $bak/master.passwd.bak $bak/master.passwd.bak2 cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3 fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201805231405.w4NE5ubL061139>