Date: Tue, 5 Dec 2017 01:35:04 +0000 (UTC) From: Ed Maste <emaste@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r326546 - stable/11/etc/periodic/daily Message-ID: <201712050135.vB51Z41K014399@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: emaste Date: Tue Dec 5 01:35:04 2017 New Revision: 326546 URL: https://svnweb.freebsd.org/changeset/base/326546 Log: MFC r326074: filter all passwords (not only changed) from periodic passwd backup The periodic 200.backup-passwd script outputs any differences it finds in master.passwd, relative to the previous backup. It intends to elide the encrypted password field, but previously did so only for changed lines (i.e., those beginning with - or + in the diff). Apply the sed expression also to unchanged lines to also elide their passwords. PR: 223461 Reported by: Andre Albsmeier Sponsored by: The FreeBSD Foundation Modified: stable/11/etc/periodic/daily/200.backup-passwd Directory Properties: stable/11/ (props changed) Modified: stable/11/etc/periodic/daily/200.backup-passwd ============================================================================== --- stable/11/etc/periodic/daily/200.backup-passwd Mon Dec 4 22:40:51 2017 (r326545) +++ stable/11/etc/periodic/daily/200.backup-passwd Tue Dec 5 01:35:04 2017 (r326546) @@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in [ $rc -lt 1 ] && rc=1 echo "$host passwd diffs:" diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\ - sed 's/^\([-+][^-+:]*\):[^:]*:/\1:(password):/' + sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/' mv $bak/master.passwd.bak $bak/master.passwd.bak2 cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3 fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201712050135.vB51Z41K014399>