On 13-Nov-01 Crist J. Clark wrote:
>> What if someone comments out a line in the password file of a user? Then
>> this
>> won't hide that password. When this originally went in, it took a long
>> while
>> to get a sed line people were happy with. Replacing the version number is a
>> minor thing, but getting it to work perfectly may be a bit difficult. If
>> you
>> do this, I'd rather you make sed handle the $FreeBSD$ case as a completely
>> separate case, so something like:
>>
>> sed -e '/\$FreeBSD\$/; //s/blah blah/blah/' or some such (I forget how sed
>> does
>> multiple expressions).
>
> I thought about this, but then thought, "Who ever just comments out
> password entries without clearing the password too?" I guess the
> answer is, some people do.
>
> How about,
>
> sed -E 's/^([<>]
> [^:]*):[^:]*:(([0-9]+:){2}[^:]*(:[0-9]+){2}(:[^:]*){3}$)/\1:(password)\2/'
>
> Which only touches entries that match the password format exactly, but
> includes commented out ones?
That's fine I suppose. I would rather err on the side of caution and just
exclude the $FreeBSD$ line and perform the change on all other lines by
default. You never know what weird contortion of a password file someone
might be using.
--
John Baldwin <[EMAIL PROTECTED]> -- http://www.FreeBSD.org/~jhb/
PGP Key: http://www.baldwin.cx/~john/pgpkey.asc
"Power Users Use the Power to Serve!" - http://www.FreeBSD.org/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
