Re: [Tiger-devel] [PATCH] check_accounts: fix check

tiger-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call

From:	Nicolas François
Subject:	Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call
Date:	Sun, 21 Sep 2003 01:56:46 +0200
User-agent:	Mutt/1.5.4i

Hello,

On Sat, Sep 20, 2003 at 10:57:40PM +0200, Javier Fernández-Sanguino Peña wrote:
> On Sat, Sep 20, 2003 at 05:14:34AM +0200, Nicolas François wrote:
> > Hello,
> > 
> > I've tried check_accounts. It failed with these warnings:
> > /usr/lib/tiger/scripts/check_accounts: eval: line 3: syntax error near 
> > unexpected token `adm'
> > /usr/lib/tiger/scripts/check_accounts: eval: line 3: `adm|bin|[...])'
> 
> As a matter of fact I just needed to fix the call to check_disabled() in 
> line 193. Once it is fixed the error does not show up again.

It's not sufficent for me. Here is a log of a check_accounts execution
(I added 2 lines for logging purpose after the 'while read' loops of
check_users and check_disabled:
  echo "check_users user: $user, home: $home, host: $host, shell: $shell, uid: 
$uid, hash: $hash"
  echo "check_disabled user: $user, home: $home, host: $host, shell: $shell"
)

========================================================================
00:40:23# ./check_accounts
Configuring...

Will try to check using config for 'i686' running Linux 2.4.20...
--CONFIG-- [con005c] Using configuration files for Linux 2.4.20. Using
           configuration files for generic Linux 2.

# Performing check of user accounts...
# Checking accounts from /etc/passwd.
check_users user: backup, home: /var/backups, host: nekral, shell: /bin/sh, 
uid: 34, hash: *
check_disabled user: bin, home: /bin, host: nekral, shell: /bin/sh:2:*
check_disabled user: daemon, home: /usr/sbin, host: nekral, shell: /bin/sh:1:*
check_disabled user: dictd, home: /home/dictd, host: nekral, shell: 
/bin/false:108:*
...
========================================================================

check_disabled have been called with the
'backup /var/backups nekral /bin/sh' arguments, but instead of using
them, it read it's stdin (which is also stdin of check_users). And all
users that should have been tested by check_users were tested by
check_disabled, until stdin is empty.
It's probably what cause the final warnings.

The 'while read' loop means that check_disabled can be called for
multiple user at a time (it is not actually the case, but it could be).
It's probably better to keep it.

I propose to change the check_users call to:
echo "$user":"$home":"$host":"$shell" | check_disabled
(whithout changing IFS)

A patch is attached with this change and the debug lines.

Kind Regards,
-- 
Nekral

check_accounts.diff
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

[Tiger-devel] [PATCH] check_accounts: fix check_disabled call, Nicolas François, 2003/09/19
- Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call, Javier Fernández-Sanguino Peña, 2003/09/20
  - Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call, Nicolas François <=

Prev by Date: Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call
Next by Date: [Tiger-devel] New pre-release 3.2.1rc2
Previous by thread: Re: [Tiger-devel] [PATCH] check_accounts: fix check_disabled call
Next by thread: [Tiger-devel] New pre-release 3.2.1rc2
Index(es):
- Date
- Thread