Hi,
some time ago, mk@ and matthew@ discovered a regression in security(8):
Our rewrite killed changelist(5) wildcard support.
I think we should put it back, the changelist(5) manual explicitly
documents the feature.
Comments?
OKs?
Yours,
Ingo
Index: security
===================================================================
RCS file: /cvs/src/libexec/security/security,v
retrieving revision 1.14
diff -u -p -r1.14 security
--- security 25 May 2011 21:16:29 -0000 1.14
+++ security 11 Jun 2011 17:49:03 -0000
@@ -819,20 +819,37 @@ sub check_changelist {
-s $filename or return;
nag !(open my $fh, '<', $filename), "open: $filename: $!" and return;
+ my @relative;
while (<$fh>) {
+ next if /^(?:#|\s*$)/;
chomp;
- next if /^(?:#|\/etc\/master.passwd|$)/;
- next if -d $_;
+ my $plus = s/^\+//;
+ unless (/^\//) {
+ push @relative, $_;
+ next;
+ }
+ my $tilda = /~$/;
+
+ foreach (glob) {
+ next if $_ eq '/etc/master.passwd';
+ next if /~$/ && !$tilda;
+ next if -d $_;
- if (s/^\+//) {
- $check_title = "======\n$_ MD5 checksums\n======";
- backup_md5 $_;
- } else {
- $check_title = "======\n$_ diffs (-OLD +NEW)\n======";
- backup_if_changed $_;
+ if ($plus) {
+ $check_title =
+ "======\n$_ MD5 checksums\n======";
+ backup_md5 $_;
+ } else {
+ $check_title =
+ "======\n$_ diffs (-OLD +NEW)\n======";
+ backup_if_changed $_;
+ }
}
}
close $fh;
+
+ $check_title = "Skipped relative paths in changelist(5):";
+ nag 1, $_ foreach @relative;
}
# Make backups of the labels for any mounted disks
