From owner-freebsd-bugs@FreeBSD.ORG  Tue Nov 16 12:00:48 2004
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CA24D16A4D6
	for <freebsd-bugs@hub.freebsd.org>;
	Tue, 16 Nov 2004 12:00:48 +0000 (GMT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B83C443D3F
	for <freebsd-bugs@hub.freebsd.org>;
	Tue, 16 Nov 2004 12:00:48 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.11/8.12.11) with ESMTP id iAGC0mRh091455
	for <freebsd-bugs@freefall.freebsd.org>; Tue, 16 Nov 2004 12:00:48 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.11/8.12.11/Submit) id iAGC0mir091454;
	Tue, 16 Nov 2004 12:00:48 GMT
	(envelope-from gnats)
Date: Tue, 16 Nov 2004 12:00:48 GMT
Message-Id: <200411161200.iAGC0mir091454@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Giorgos Keramidas <keramida@freebsd.org>
Subject: Re: misc/73992: periodic security not showing faily firewall diffs
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Giorgos Keramidas <keramida@freebsd.org>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Nov 2004 12:00:48 -0000

The following reply was made to PR misc/73992; it has been noted by GNATS.

From: Giorgos Keramidas <keramida@freebsd.org>
To: No Spam Please <nobody@example.com>
Cc: bug-followup@freebsd.org
Subject: Re: misc/73992: periodic security not showing faily firewall diffs
Date: Tue, 16 Nov 2004 13:56:10 +0200

 On 2004-11-16 07:57, No Spam Please <nobody@example.com> wrote:
 > The default periodic.conf value for "daily_status_security_diff_flags"
 > includes the "-u" flag, which doesn't produce output with lines
 > prefixed with '>' which is what the grep pipeline checks for.
 
 Right.
 
 > >Fix:
 > Remove the '-u' option to 'daily_status_security_diff_flags' in
 > /usr/src/etc/defaults/periodic.conf
 
 Wouldn't a better fix be to change the default filter in check_diff()
 to make sure the correct pattern is used?  I'm thinking of something
 like this:
 
 : Index: security.functions
 : ===================================================================
 : RCS file: /home/ncvs/src/etc/periodic/security/security.functions,v
 : retrieving revision 1.4
 : diff -u -u -r1.4 security.functions
 : --- security.functions   23 Sep 2004 02:00:51 -0000      1.4
 : +++ security.functions   16 Nov 2004 11:55:03 -0000
 : @@ -44,6 +44,9 @@
 :    if [ "$1" = "new_only" ]; then
 :      shift
 :      filter="grep '^>'"
 : +    case $daily_status_security_diff_flags in
 : +      *-u*|*-c*) filter="grep '^+[^+]'" ;;
 : +    esac
 :    else
 :      filter="cat"
 :    fi