After further discussion on -CURRENT, some people (jhb) do not like
the idea of not masking passwords on comments in case the administrator comments out an entry without clearing the password. Instead completely ignore comments (since they have no security impact) when doing the diff of the old and new passwd file. Suggested by: rwatson
This commit is contained in:
parent
4741693c8e
commit
6d852b5bdb
@ -41,8 +41,8 @@ case "$daily_backup_passwd_enable" in
|
||||
then
|
||||
[ $rc -lt 1 ] && rc=1
|
||||
echo "$host passwd diffs:"
|
||||
diff $bak/master.passwd.bak /etc/master.passwd |\
|
||||
sed 's/^\([<>] [^#][^:]*\):[^:]*:/\1:(password):/'
|
||||
diff -I '^#' $bak/master.passwd.bak /etc/master.passwd |\
|
||||
sed 's/^\([<>] [^:]*\):[^:]*:/\1:(password):/'
|
||||
mv $bak/master.passwd.bak $bak/master.passwd.bak2
|
||||
cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user