d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

backup-passwd: mask out all passwords in the diff

Browse Source 
The previous expression borked if a username had a plus or hyphen in it.
This is needlessly restrictive- at leSt a hyphen in the middle is valid.
Instead of playing this game, let's just assume the username can't contain a
colon and mask out the second field.

Submitted by:	sigsys gmail com
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D23548
This commit is contained in:
Kyle Evans 2020-02-11 06:12:02 +00:00
parent 9f7cca9218
commit e9104c3142
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
usr.sbin/periodic/etc/daily/200.backup-passwd
View File

@ -42,7 +42,7 @@ case "$daily_backup_passwd_enable" in
[ $rc -lt 1 ] && rc=1
echo "$host passwd diffs:"
diff -uI '^#' $bak/master.passwd.bak /etc/master.passwd |\
sed 's/^\([-+ ][^-+:]*\):[^:]*:/\1:(password):/'
sed 's/^\([-+ ][^:]*\):[^:]*:/\1:(password):/'
mv $bak/master.passwd.bak $bak/master.passwd.bak2
cp -p /etc/master.passwd $bak/master.passwd.bak || rc=3
fi