>Synopsis: security(8) throws false error
>Category: security(8)
>Environment:
System : OpenBSD 7.6
Details : OpenBSD 7.6-current (CUSTOM) #4: Sat Dec 14 01:13:27 GMT
2024
lloyd@bsdtst01:/sys/arch/amd64/compile/CUSTOM
Architecture: OpenBSD.amd64
Machine : amd64
>Description:
(This issue is also present on 7.6, not just -current.)
Nightly runs of security(8) throw the following error:
Checking root sh paths, umask values:
/etc/profile /root/.profile
Failed to find ENV in /root/.profile.
Investigation showed this issue was triggered by calling neofetch(1) with no
options from /root/.profile.
security(8) parses the raw output of '/bin/sh -c . /root/.profile'. As neofetch
generates complex output to stdout with ANSI escape sequences, this caused
the regular expression in security(8) to break. The below patch should fix
the issue:
--- security.orig Thu Jan 2 20:41:00 2025
+++ security Thu Jan 2 20:43:09 2025
@@ -256,7 +256,8 @@ sub check_sh {
$umaskset ||= check_umask($filename);
nag !(open my $fh, '-|', qw(/bin/sh -c),
- ". $filename; echo ENV=\$ENV; echo PATH=\$PATH"),
+ "'. $filename' > /dev/null 2>&1; " .
+ "echo ENV=\$ENV; echo PATH=\$PATH"),
"cannot spawn /bin/sh: $!"
and next;
my @output = <$fh>;
