misc/73992: periodic security not showing faily firewall diffs
Giorgos Keramidas
keramida at freebsd.org
Tue Nov 16 04:00:48 PST 2004
The following reply was made to PR misc/73992; it has been noted by GNATS.
From: Giorgos Keramidas <keramida at freebsd.org>
To: No Spam Please <nobody at example.com>
Cc: bug-followup at freebsd.org
Subject: Re: misc/73992: periodic security not showing faily firewall diffs
Date: Tue, 16 Nov 2004 13:56:10 +0200
On 2004-11-16 07:57, No Spam Please <nobody at example.com> wrote:
> The default periodic.conf value for "daily_status_security_diff_flags"
> includes the "-u" flag, which doesn't produce output with lines
> prefixed with '>' which is what the grep pipeline checks for.
Right.
> >Fix:
> Remove the '-u' option to 'daily_status_security_diff_flags' in
> /usr/src/etc/defaults/periodic.conf
Wouldn't a better fix be to change the default filter in check_diff()
to make sure the correct pattern is used? I'm thinking of something
like this:
: Index: security.functions
: ===================================================================
: RCS file: /home/ncvs/src/etc/periodic/security/security.functions,v
: retrieving revision 1.4
: diff -u -u -r1.4 security.functions
: --- security.functions 23 Sep 2004 02:00:51 -0000 1.4
: +++ security.functions 16 Nov 2004 11:55:03 -0000
: @@ -44,6 +44,9 @@
: if [ "$1" = "new_only" ]; then
: shift
: filter="grep '^>'"
: + case $daily_status_security_diff_flags in
: + *-u*|*-c*) filter="grep '^+[^+]'" ;;
: + esac
: else
: filter="cat"
: fi
More information about the freebsd-bugs
mailing list