ports/168160: jailaudit doesn't return a non-0 exit code when it finds problems
Frédéric Perrin
frederic.perrin at resel.fr
Sun May 20 09:30:02 UTC 2012
>Number: 168160
>Category: ports
>Synopsis: jailaudit doesn't return a non-0 exit code when it finds problems
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun May 20 09:30:01 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Frédéric Perrin
>Release: FreeBSD 8.2-RELEASE
>Organization:
>Environment:
FreeBSD ours.fperrin.net 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Mon Aug 29 18:23:33 CEST 2011 root at antre.fperrin.net:/usr/obj/basejail/usr/src/sys/GENERIC amd64
>Description:
When running jailaudit with the periodic(8) configuration:
security_show_success="NO"
in order to avoid receiving mails when everything is OK, the report
from jailaudit is never sent, because jailaudi always returns 0 even
when vulnerable packages are found.
>How-To-Repeat:
>Fix:
Suggested solution : in the `mail' action, return a non-zero exit
code when the number of vulnerable ports is non-zero :
--- /usr/local/bin/jailaudit 2012/05/20 08:45:01 1.1
+++ /usr/local/bin/jailaudit 2012/05/20 08:47:58
@@ -127,4 +127,10 @@
rm -f $tmpfile
fi
+
+ if [ $pcount -gt 0 ]; then
+ exit 1
+ else
+ exit 0
+ fi
fi
And in 410.jailaudit, propagate the return code :
--- 410.jailaudit 2012/05/20 09:05:00 1.1
+++ 410.jailaudit 2012/05/20 09:12:38
@@ -42,4 +42,5 @@
/usr/local/bin/jailaudit generate
/usr/local/bin/jailaudit mail - ALL
+ rc=$?
;;
esac
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list