From owner-svn-src-all@freebsd.org Tue Nov 21 20:31:56 2017 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 22732D93AE4; Tue, 21 Nov 2017 20:31:56 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E13F07ECB3; Tue, 21 Nov 2017 20:31:55 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vALKVsN0063537; Tue, 21 Nov 2017 20:31:54 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id vALKVsph063536; Tue, 21 Nov 2017 20:31:54 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201711212031.vALKVsph063536@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Tue, 21 Nov 2017 20:31:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r326074 - head/etc/periodic/daily X-SVN-Group: head X-SVN-Commit-Author: emaste X-SVN-Commit-Paths: head/etc/periodic/daily X-SVN-Commit-Revision: 326074 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Nov 2017 20:31:56 -0000 Author: emaste Date: Tue Nov 21 20:31:54 2017 New Revision: 326074 URL: https://svnweb.freebsd.org/changeset/base/326074 Log: filter all passwords (not only changed) from periodic passwd backup The periodic 200.backup-passwd script outputs any differences it finds in master.passwd, relative to the previous backup. It intends to elide the encrypted password field, but previously did so only for changed lines (i.e., those beginning with - or + in the diff). Apply the sed expression also to unchanged lines to also elide their passwords. PR: 223461 Reported by: Andre Albsmeier MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Modified: head/etc/periodic/daily/200.backup-passwd Modified: head/etc/periodic/daily/200.backup-passwd ============================================================================== --- head/etc/periodic/daily/200.backup-passwd Tue Nov 21 19:55:32 2017 (r326073) +++ head/etc/periodic/daily/200.backup-passwd Tue Nov 21 20:31:54 2017 (r326074) @@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in [ $rc -lt 1 ] && rc=1 echo "$host passwd diffs:" diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\ - sed 's/^\([-+][^-+:]*\):[^:]*:/\1:(password):/' + sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/' mv $bak/master.passwd.bak $bak/master.passwd.bak2 cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3 fi