From owner-svn-src-stable-11@freebsd.org  Tue Dec  5 01:35:05 2017
Return-Path: <owner-svn-src-stable-11@freebsd.org>
Delivered-To: svn-src-stable-11@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 51029E72B5B;
 Tue,  5 Dec 2017 01:35:05 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1D5B93185;
 Tue,  5 Dec 2017 01:35:05 +0000 (UTC)
 (envelope-from emaste@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vB51Z4ZC014400;
 Tue, 5 Dec 2017 01:35:04 GMT (envelope-from emaste@FreeBSD.org)
Received: (from emaste@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id vB51Z41K014399;
 Tue, 5 Dec 2017 01:35:04 GMT (envelope-from emaste@FreeBSD.org)
Message-Id: <201712050135.vB51Z41K014399@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: emaste set sender to
 emaste@FreeBSD.org using -f
From: Ed Maste <emaste@FreeBSD.org>
Date: Tue, 5 Dec 2017 01:35:04 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject: svn commit: r326546 - stable/11/etc/periodic/daily
X-SVN-Group: stable-11
X-SVN-Commit-Author: emaste
X-SVN-Commit-Paths: stable/11/etc/periodic/daily
X-SVN-Commit-Revision: 326546
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-stable-11@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for only the 11-stable src tree
 <svn-src-stable-11.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-stable-11>, 
 <mailto:svn-src-stable-11-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable-11/>
List-Post: <mailto:svn-src-stable-11@freebsd.org>
List-Help: <mailto:svn-src-stable-11-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-stable-11>, 
 <mailto:svn-src-stable-11-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Dec 2017 01:35:05 -0000

Author: emaste
Date: Tue Dec  5 01:35:04 2017
New Revision: 326546
URL: https://svnweb.freebsd.org/changeset/base/326546

Log:
  MFC r326074: filter all passwords (not only changed) from periodic passwd backup
  
  The periodic 200.backup-passwd script outputs any differences it finds
  in master.passwd, relative to the previous backup.  It intends to elide
  the encrypted password field, but previously did so only for changed
  lines (i.e., those beginning with - or + in the diff).
  
  Apply the sed expression also to unchanged lines to also elide their
  passwords.
  
  PR:		223461
  Reported by:	Andre Albsmeier
  Sponsored by:	The FreeBSD Foundation

Modified:
  stable/11/etc/periodic/daily/200.backup-passwd
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/etc/periodic/daily/200.backup-passwd
==============================================================================
--- stable/11/etc/periodic/daily/200.backup-passwd	Mon Dec  4 22:40:51 2017	(r326545)
+++ stable/11/etc/periodic/daily/200.backup-passwd	Tue Dec  5 01:35:04 2017	(r326546)
@@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in
 		[ $rc -lt 1 ] && rc=1
 		echo "$host passwd diffs:"
 		diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\
-			sed 's/^\([-+][^-+:]*\):[^:]*:/\1:(password):/'
+			sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/'
 		mv $bak/master.passwd.bak $bak/master.passwd.bak2
 		cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3
 	    fi