Date: Tue, 16 Nov 2004 12:00:48 GMT From: Giorgos Keramidas <keramida@freebsd.org> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/73992: periodic security not showing faily firewall diffs Message-ID: <200411161200.iAGC0mir091454@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/73992; it has been noted by GNATS. From: Giorgos Keramidas <keramida@freebsd.org> To: No Spam Please <nobody@example.com> Cc: bug-followup@freebsd.org Subject: Re: misc/73992: periodic security not showing faily firewall diffs Date: Tue, 16 Nov 2004 13:56:10 +0200 On 2004-11-16 07:57, No Spam Please <nobody@example.com> wrote: > The default periodic.conf value for "daily_status_security_diff_flags" > includes the "-u" flag, which doesn't produce output with lines > prefixed with '>' which is what the grep pipeline checks for. Right. > >Fix: > Remove the '-u' option to 'daily_status_security_diff_flags' in > /usr/src/etc/defaults/periodic.conf Wouldn't a better fix be to change the default filter in check_diff() to make sure the correct pattern is used? I'm thinking of something like this: : Index: security.functions : =================================================================== : RCS file: /home/ncvs/src/etc/periodic/security/security.functions,v : retrieving revision 1.4 : diff -u -u -r1.4 security.functions : --- security.functions 23 Sep 2004 02:00:51 -0000 1.4 : +++ security.functions 16 Nov 2004 11:55:03 -0000 : @@ -44,6 +44,9 @@ : if [ "$1" = "new_only" ]; then : shift : filter="grep '^>'" : + case $daily_status_security_diff_flags in : + *-u*|*-c*) filter="grep '^+[^+]'" ;; : + esac : else : filter="cat" : fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411161200.iAGC0mir091454>