On 13-Nov-01 Crist J. Clark wrote:
>> What if someone comments out a line in the password file of a user?  Then
>> this
>> won't hide that password.  When this originally went in, it took a long
>> while
>> to get a sed line people were happy with.  Replacing the version number is a
>> minor thing, but getting it to work perfectly may be a bit difficult.  If
>> you
>> do this, I'd rather you make sed handle the $FreeBSD$ case as a completely
>> separate case, so something like:
>> sed -e '/\$FreeBSD\$/; //s/blah blah/blah/' or some such (I forget how sed
>> does
>> multiple expressions).
> I thought about this, but then thought, "Who ever just comments out
> password entries without clearing the password too?" I guess the
> answer is, some people do.
> How about,
>   sed -E 's/^([<>]
> [^:]*):[^:]*:(([0-9]+:){2}[^:]*(:[0-9]+){2}(:[^:]*){3}$)/\1:(password)\2/'
> Which only touches entries that match the password format exactly, but
> includes commented out ones?

That's fine I suppose.  I would rather err on the side of caution and just
exclude the $FreeBSD$ line and perform the change on all other lines by
default.  You never know what weird contortion of a password file someone
might be using.


John Baldwin <[EMAIL PROTECTED]> -- http://www.FreeBSD.org/~jhb/
PGP Key: http://www.baldwin.cx/~john/pgpkey.asc
"Power Users Use the Power to Serve!"  -  http://www.FreeBSD.org/

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to