https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233011
Bug ID: 233011
Summary: daily/200.backup-passwd periodic script does not hide
password of usernames containing a dash character
Product: Base System
Version: 11.2-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: conf
Assignee: [email protected]
Reporter: [email protected]
Usernames with a dash in them do not match the sed regex used to hide the
passwords. AFAIK it should not be necessary to treat "-" and "+" specially at
all there. If there are NIS lines, they either shouldn't have a second field,
or the second field may also be a password.
diff --git a/usr.sbin/periodic/etc/daily/200.backup-passwd
b/usr.sbin/periodic/etc/daily/200.backup-passwd
index 638e227e3ac..1e9bb896404 100755
--- a/usr.sbin/periodic/etc/daily/200.backup-passwd
+++ b/usr.sbin/periodic/etc/daily/200.backup-passwd
@@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in
[ $rc -lt 1 ] && rc=1
echo "$host passwd diffs:"
diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\
- sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/'
+ sed 's/^\([-+ ][^:]*\):[^:]*:/\1:(password):/'
mv $bak/master.passwd.bak $bak/master.passwd.bak2
cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3
fi
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
