[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call
From: |
Nicolas François |
Subject: |
Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call |
Date: |
Sun, 21 Sep 2003 01:56:46 +0200 |
User-agent: |
Mutt/1.5.4i |
Hello,
On Sat, Sep 20, 2003 at 10:57:40PM +0200, Javier Fernández-Sanguino Peña wrote:
> On Sat, Sep 20, 2003 at 05:14:34AM +0200, Nicolas François wrote:
> > Hello,
> >
> > I've tried check_accounts. It failed with these warnings:
> > /usr/lib/tiger/scripts/check_accounts: eval: line 3: syntax error near
> > unexpected token `adm'
> > /usr/lib/tiger/scripts/check_accounts: eval: line 3: `adm|bin|[...])'
>
> As a matter of fact I just needed to fix the call to check_disabled() in
> line 193. Once it is fixed the error does not show up again.
It's not sufficent for me. Here is a log of a check_accounts execution
(I added 2 lines for logging purpose after the 'while read' loops of
check_users and check_disabled:
echo "check_users user: $user, home: $home, host: $host, shell: $shell, uid:
$uid, hash: $hash"
echo "check_disabled user: $user, home: $home, host: $host, shell: $shell"
)
========================================================================
00:40:23# ./check_accounts
Configuring...
Will try to check using config for 'i686' running Linux 2.4.20...
--CONFIG-- [con005c] Using configuration files for Linux 2.4.20. Using
configuration files for generic Linux 2.
# Performing check of user accounts...
# Checking accounts from /etc/passwd.
check_users user: backup, home: /var/backups, host: nekral, shell: /bin/sh,
uid: 34, hash: *
check_disabled user: bin, home: /bin, host: nekral, shell: /bin/sh:2:*
check_disabled user: daemon, home: /usr/sbin, host: nekral, shell: /bin/sh:1:*
check_disabled user: dictd, home: /home/dictd, host: nekral, shell:
/bin/false:108:*
...
========================================================================
check_disabled have been called with the
'backup /var/backups nekral /bin/sh' arguments, but instead of using
them, it read it's stdin (which is also stdin of check_users). And all
users that should have been tested by check_users were tested by
check_disabled, until stdin is empty.
It's probably what cause the final warnings.
The 'while read' loop means that check_disabled can be called for
multiple user at a time (it is not actually the case, but it could be).
It's probably better to keep it.
I propose to change the check_users call to:
echo "$user":"$home":"$host":"$shell" | check_disabled
(whithout changing IFS)
A patch is attached with this change and the debug lines.
Kind Regards,
--
Nekral
check_accounts.diff
Description: Text document