Author: emaste
Date: Wed May 23 14:05:56 2018
New Revision: 334097
URL: https://svnweb.freebsd.org/changeset/base/334097
Log:
MFC r326074: filter all passwords (not only changed) from periodic passwd
backup
The periodic 200.backup-passwd script outputs any differences it finds
in master.passwd, relative to the previous backup. It intends to elide
the encrypted password field, but previously did so only for changed
lines (i.e., those beginning with - or + in the diff).
Apply the sed expression also to unchanged lines to also elide their
passwords.
PR: 223461
Reported by: Andre Albsmeier
Sponsored by: The FreeBSD Foundation
Modified:
stable/10/etc/periodic/daily/200.backup-passwd
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/etc/periodic/daily/200.backup-passwd
==============================================================================
--- stable/10/etc/periodic/daily/200.backup-passwd Wed May 23 13:59:37
2018 (r334096)
+++ stable/10/etc/periodic/daily/200.backup-passwd Wed May 23 14:05:56
2018 (r334097)
@@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in
[ $rc -lt 1 ] && rc=1
echo "$host passwd diffs:"
diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\
- sed 's/^\([-+][^-+:]*\):[^:]*:/\1:(password):/'
+ sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/'
mv $bak/master.passwd.bak $bak/master.passwd.bak2
cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3
fi
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
