Date: Tue, 21 Nov 2017 20:31:54 +0000 (UTC) From: Ed Maste <emaste@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r326074 - head/etc/periodic/daily Message-ID: <201711212031.vALKVsph063536@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: emaste Date: Tue Nov 21 20:31:54 2017 New Revision: 326074 URL: https://svnweb.freebsd.org/changeset/base/326074 Log: filter all passwords (not only changed) from periodic passwd backup The periodic 200.backup-passwd script outputs any differences it finds in master.passwd, relative to the previous backup. It intends to elide the encrypted password field, but previously did so only for changed lines (i.e., those beginning with - or + in the diff). Apply the sed expression also to unchanged lines to also elide their passwords. PR: 223461 Reported by: Andre Albsmeier MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Modified: head/etc/periodic/daily/200.backup-passwd Modified: head/etc/periodic/daily/200.backup-passwd ============================================================================== --- head/etc/periodic/daily/200.backup-passwd Tue Nov 21 19:55:32 2017 (r326073) +++ head/etc/periodic/daily/200.backup-passwd Tue Nov 21 20:31:54 2017 (r326074) @@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in [ $rc -lt 1 ] && rc=1 echo "$host passwd diffs:" diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\ - sed 's/^\([-+][^-+:]*\):[^:]*:/\1:(password):/' + sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/' mv $bak/master.passwd.bak $bak/master.passwd.bak2 cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3 fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201711212031.vALKVsph063536>