Date: Sun, 7 Nov 2010 11:51:57 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r214912 - in stable/8/etc: defaults periodic/security Message-ID: <201011071151.oA7BpvdX042196@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Sun Nov 7 11:51:57 2010 New Revision: 214912 URL: http://svn.freebsd.org/changeset/base/214912 Log: Redo r214897: MFC r211141 (gabor) - Fixes to the chkportsum script to handle better some special cases, like spaces in filename Submitted by: Alex Kozlov <spam@rm-rf.kiev.ua> MFC r210254 (gabor) - Add a periodic script, which can be used to find installed ports' files with mismatched checksum PR: conf/124641 Submitted by: Alex Kozlov <spam@rm-rf.kiev.ua> Added: stable/8/etc/periodic/security/460.chkportsum - copied, changed from r210254, head/etc/periodic/security/460.chkportsum Modified: stable/8/etc/defaults/periodic.conf stable/8/etc/periodic/security/Makefile Directory Properties: stable/8/etc/periodic/security/ (props changed) Modified: stable/8/etc/defaults/periodic.conf ============================================================================== --- stable/8/etc/defaults/periodic.conf Sun Nov 7 11:39:48 2010 (r214911) +++ stable/8/etc/defaults/periodic.conf Sun Nov 7 11:51:57 2010 (r214912) @@ -171,6 +171,9 @@ daily_status_security_passwdless_enable= # 410.logincheck daily_status_security_logincheck_enable="YES" +# 460.chkportsum +daily_status_security_chkportsum_enable="NO" # Check ports w/ wrong checksum + # 500.ipfwdenied daily_status_security_ipfwdenied_enable="YES" Copied and modified: stable/8/etc/periodic/security/460.chkportsum (from r210254, head/etc/periodic/security/460.chkportsum) ============================================================================== --- head/etc/periodic/security/460.chkportsum Mon Jul 19 20:19:14 2010 (r210254, copy source) +++ stable/8/etc/periodic/security/460.chkportsum Sun Nov 7 11:51:57 2010 (r214912) @@ -42,20 +42,20 @@ echo 'Checking for ports with mismatched case "${daily_status_security_chkportsum_enable}" in [Yy][Ee][Ss]) + set -f pkg_info -ga 2>/dev/null | \ - while read one two three; do - case ${one} in + while IFS= read -r line; do + set -- $line + case $1 in Information) - case ${two} in - for) name=${three%%:} ;; - *) name='??' ;; + case $2 in + for) name="${3%%:}" ;; + *) name='??' ;; esac ;; Mismatched|'') ;; - *) - if [ -n ${name} ]; then - echo ${name}: ${one} - fi + *) [ -n "${name}" ] && + echo "${name}: ${line%% fails the original MD5 checksum}" ;; esac done Modified: stable/8/etc/periodic/security/Makefile ============================================================================== --- stable/8/etc/periodic/security/Makefile Sun Nov 7 11:39:48 2010 (r214911) +++ stable/8/etc/periodic/security/Makefile Sun Nov 7 11:51:57 2010 (r214912) @@ -7,6 +7,7 @@ FILES= 100.chksetuid \ 300.chkuid0 \ 400.passwdless \ 410.logincheck \ + 460.chkportsum \ 700.kernelmsg \ 800.loginfail \ 900.tcpwrap \
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201011071151.oA7BpvdX042196>