From owner-freebsd-bugs  Wed Sep 22 17:30:45 1999
Delivered-To: freebsd-bugs@freebsd.org
Received: from dt014nb6.san.rr.com (dt014nb6.san.rr.com [24.30.129.182])
	by hub.freebsd.org (Postfix) with ESMTP id 1C8D414DEE
	for <FreeBSD-bugs@FreeBSD.ORG>; Wed, 22 Sep 1999 17:30:42 -0700 (PDT)
	(envelope-from Doug@gorean.org)
Received: from localhost (doug@localhost)
	by dt014nb6.san.rr.com (8.9.3/8.8.8) with ESMTP id RAA32065;
	Wed, 22 Sep 1999 17:30:38 -0700 (PDT)
	(envelope-from Doug@gorean.org)
Date: Wed, 22 Sep 1999 17:30:38 -0700 (PDT)
From: Doug <Doug@gorean.org>
X-Sender: doug@dt014nb6.san.rr.com
To: peter.jeremy@alcatel.com.au
Cc: FreeBSD-bugs@FreeBSD.ORG
Subject: Re: bin/13909: /etc/security problems: IPFIREWALL and passwd comments
In-Reply-To: <99Sep23.080649est.40380@border.alcanet.com.au>
Message-ID: <Pine.BSF.4.10.9909221722370.31986-100000@dt014nb6.san.rr.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 23 Sep 1999, Peter Jeremy wrote:

> 	/etc/security (normally run nightly) incorrectly reports '#' as
> 	a passwordless account, and if the kernel does not include
> 	IPFIREWALL, it reports '[: 0: unexpected operator'

> 	1) Ignore comment lines in /etc/master.passwd when checking
> 	   for passwordless accounts.
> 	2) Put reference to ${IPFW_LOG_LIMIT} inside quotes so the
> 	   test becomes [ 1 -eq 0 -a "" -ne 0 ], rather than
> 	   [ 1 -eq 0 -a -ne 0 ] if net.inet.ip.fw.verbose_limit
> 	   does not exist (ie if IPFIREWALL not in kernel).

	Thank you for sending this PR. I spotted this a while ago and
fixed the IPFW problem locally, but I haven't had a chance to check out
the awk stuff (life's been very hectic lately). Your patch is definitely
correct for the IPFW bit, and unless I'm mistaken the awk bit is right as
well. The current awk bit ignores blank lines so I don't see that as a
problem. 

Thanks again,

Doug
-- 
"My mama told me, my mama said, 'don't cry.' She said, 'you're too young a man
to have as many women you got.' I looked at my mother dear and didn't even
crack a smile. I said, 'If women kill me, I don't mind dyin!'" 

    - John Belushi as "Joliet" Jake Blues, "I Don't Know"




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message