Module Name: src
Committed By: apb
Date: Fri Dec 14 18:42:25 UTC 2012
Modified Files:
src/etc/rc.d: random_seed
Log Message:
Avoid using programs from /usr/bin. This should fix PR 47326.
- no need for "dirname", because "df -G" can take a file name directly.
- replace use of "awk" with a shell while read loop.
- replace use of "stat -s" with "ls -ldn".
- no need for "tail" now that the use of "stat" has changed.
While here, also add some shell quotes and improve the grammar in a comment.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/etc/rc.d/random_seed
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/random_seed
diff -u src/etc/rc.d/random_seed:1.3 src/etc/rc.d/random_seed:1.4
--- src/etc/rc.d/random_seed:1.3 Sat Nov 10 15:10:22 2012
+++ src/etc/rc.d/random_seed Fri Dec 14 18:42:25 2012
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: random_seed,v 1.3 2012/11/10 15:10:22 apb Exp $
+# $NetBSD: random_seed,v 1.4 2012/12/14 18:42:25 apb Exp $
#
# PROVIDE: random_seed
@@ -13,7 +13,7 @@
# this script won't work if run after the securelevel is changed.
#
# The "BEFORE: bootconf" is intended to cause this to
-# be the first script to runs after mountcritlocal.
+# be the first script that runs after mountcritlocal.
$_rc_subr_loaded . /etc/rc.subr
@@ -30,7 +30,11 @@ fs_safe()
# Enforce that the file's on a local filesystem.
# Include only the types we can actually write.
#
- fstype=$(df -G $1 | awk '$2 == "fstype" {print $1}')
+ fstype=$(df -G "$1" |
+ while read line ; do
+ set -- $line
+ if [ "$2" = "fstype" ]; then echo "$1" ; break ; fi
+ done )
case $fstype in
ffs)
return 0
@@ -55,22 +59,24 @@ random_load()
{
if [ -f $random_file ]; then
- if ! fs_safe $(dirname ${random_file}); then
+ if ! fs_safe "${random_file}"; then
return 1
fi
- eval $(stat -s ${random_file})
+ set -- $(ls -ldn "${random_file}")
+ st_mode="$1" # should be "-rw-------"
+ st_uid="$3" # should be "0" for root
# The file must be owned by root,
if [ "$st_uid" != "0" ]; then
return 1
fi
# and root read/write only.
- if [ "$(echo $st_mode | tail -c4)" != "600" ]; then
+ if [ "$st_mode" != "-rw-------" ]; then
return 1
fi
- if rndctl -L ${random_file}; then
+ if rndctl -L "${random_file}"; then
echo "Loaded entropy from disk."
fi
@@ -82,13 +88,13 @@ random_save()
oum=$(umask)
umask 077
- rm -Pf ${random_file}
+ rm -Pf "${random_file}"
- if ! fs_safe $(dirname ${random_file}); then
+ if ! fs_safe "${random_file}"; then
return 1
fi
- if rndctl -S ${random_file}; then
+ if rndctl -S "${random_file}"; then
echo "Saved entropy to disk."
fi
}
