After further discussion on -CURRENT, some people (jhb) do not like

the idea of not masking passwords on comments in case the
administrator comments out an entry without clearing the
password. Instead completely ignore comments (since they have no
security impact) when doing the diff of the old and new passwd file.

Suggested by:	rwatson
This commit is contained in:
Crist J. Clark 2001-11-14 09:30:01 +00:00
parent 4741693c8e
commit 6d852b5bdb

View File

@ -41,8 +41,8 @@ case "$daily_backup_passwd_enable" in
then
[ $rc -lt 1 ] && rc=1
echo "$host passwd diffs:"
diff $bak/master.passwd.bak /etc/master.passwd |\
sed 's/^\([<>] [^#][^:]*\):[^:]*:/\1:(password):/'
diff -I '^#' $bak/master.passwd.bak /etc/master.passwd |\
sed 's/^\([<>] [^:]*\):[^:]*:/\1:(password):/'
mv $bak/master.passwd.bak $bak/master.passwd.bak2
cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3
fi