From owner-freebsd-bugs@FreeBSD.ORG Tue May 14 04:40:00 2013 Return-Path: Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id AD4C9EC4 for ; Tue, 14 May 2013 04:40:00 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 93F31FF8 for ; Tue, 14 May 2013 04:40:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r4E4e0tw047456 for ; Tue, 14 May 2013 04:40:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r4E4e07C047455; Tue, 14 May 2013 04:40:00 GMT (envelope-from gnats) Resent-Date: Tue, 14 May 2013 04:40:00 GMT Resent-Message-Id: <201305140440.r4E4e07C047455@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Jason Unovitch Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 8638CEA7 for ; Tue, 14 May 2013 04:38:09 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from oldred.FreeBSD.org (oldred.freebsd.org [8.8.178.121]) by mx1.freebsd.org (Postfix) with ESMTP id 5AB98FE3 for ; Tue, 14 May 2013 04:38:09 +0000 (UTC) Received: from oldred.FreeBSD.org ([127.0.1.6]) by oldred.FreeBSD.org (8.14.5/8.14.5) with ESMTP id r4E4c8c9077195 for ; Tue, 14 May 2013 04:38:08 GMT (envelope-from nobody@oldred.FreeBSD.org) Received: (from nobody@localhost) by oldred.FreeBSD.org (8.14.5/8.14.5/Submit) id r4E4c8r8077194; Tue, 14 May 2013 04:38:08 GMT (envelope-from nobody) Message-Id: <201305140438.r4E4c8r8077194@oldred.FreeBSD.org> Date: Tue, 14 May 2013 04:38:08 GMT From: Jason Unovitch To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Subject: conf/178611: [patch] daily_status_security_inline broken in 450.status-security X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 May 2013 04:40:00 -0000 >Number: 178611 >Category: conf >Synopsis: [patch] daily_status_security_inline broken in 450.status-security >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue May 14 04:40:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Jason Unovitch >Release: FreeBSD 9.1-RELEASE >Organization: N/A >Environment: FreeBSD xts-bsd 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0: Mon Apr 29 18:27:25 UTC 2013 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 # $FreeBSD: release/9.1.0/etc/periodic/daily/450.status-security 221432 2011-05-04 12:48:02Z netchild $ >Description: The current /etc/periodic/daily/450.status-security combines two 'case' statements together resulting in the second case statement being passed when daily_status_security_inline="YES". When daily_show_success="NO" this will also result in the security report vanishing rather than showing up as intended by the "") rc=3;; statement in the script. See discussion here for more details and a more detailed breakdown. http://forums.freebsd.org/showthread.php?t=39113 >How-To-Repeat: echo 'daily_show_success="NO"' >> /etc/periodic.conf echo 'daily_status_security_inline="YES"' >> /etc/periodic.conf periodic daily >Fix: Apply attached patch file or update as follows. #!/bin/sh # # $FreeBSD: release/9.1.0/etc/periodic/daily/450.status-security 221432 2011-05-04 12:48:02Z netchild $ # # If there is a global system configuration file, suck it in. # if [ -r /etc/defaults/periodic.conf ] then . /etc/defaults/periodic.conf source_periodic_confs fi case "$daily_status_security_enable" in [Yy][Ee][Ss]) echo "" echo "Security check:" case "$daily_status_security_inline" in [Yy][Ee][Ss]) export security_output="";; *) export security_output="${daily_status_security_output}";; esac case "$security_output" in "") rc=3;; /*) echo " (output logged separately)" rc=0;; *) echo " (output mailed separately)" rc=0;; esac periodic security || rc=3;; *) rc=0;; esac Patch attached with submission follows: --- /root/450.status-security.20130508 2013-05-09 06:09:24.000000000 +0000 +++ /etc/periodic/daily/450.status-security 2013-05-12 05:09:34.000000000 +0000 @@ -20,17 +20,18 @@ [Yy][Ee][Ss]) export security_output="";; *) - export security_output="${daily_status_security_output}" - case "${daily_status_security_output}" in - "") - rc=3;; - /*) - echo " (output logged separately)" - rc=0;; - *) - echo " (output mailed separately)" - rc=0;; - esac;; + export security_output="${daily_status_security_output}";; + esac + + case "$security_output" in + "") + rc=3;; + /*) + echo " (output logged separately)" + rc=0;; + *) + echo " (output mailed separately)" + rc=0;; esac periodic security || rc=3;; >Release-Note: >Audit-Trail: >Unformatted: