Prevent warning about insecure hostnames where no /etc/hostname.*

exists. From wcmaier@.

Check target of symbolic links to avoid noise at boot and in
seucrity output where you have several interfaces symlinked to one
config file.

"If you think this is the right thing to do" deraadt@

2 files changed, 9 insertions, 6 deletions

diff --git a/etc/netstart b/etc/netstart
index 466de6949de..4ac1ec04b1b 100644
--- a/etc/netstart
+++ b/etc/netstart
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$OpenBSD: netstart,v 1.121 2008/06/09 22:56:42 todd Exp $
+#	$OpenBSD: netstart,v 1.122 2008/07/23 16:05:47 sthen Exp $
 
 # Strip comments (and leading/trailing whitespace if IFS is set)
 # from a file and spew to stdout
@@ -40,10 +40,10 @@ ifstart() {
 		echo "netstart: $file: No such file or directory"
 		return
 	fi
-	if [ "$(stat -f "%SLp %u %g" $file)" != "--- 0 0" ]; then
+	if [ "$(stat -Lf "%SLp %u %g" $file)" != "--- 0 0" ]; then
 		echo "WARNING: $file is insecure, fixing permissions"
-		chmod o-rwx $file
-		chown root.wheel $file
+		chmod -LR o-rwx $file
+		chown -LR root.wheel $file
 	fi
 	ifconfig $if > /dev/null 2>&1
 	if [ "$?" != "0" ]; then
diff --git a/etc/security b/etc/security
index fd758c1b6cc..1277106ff87 100644
--- a/etc/security
+++ b/etc/security
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$OpenBSD: security,v 1.80 2008/04/17 19:49:16 sthen Exp $
+#	$OpenBSD: security,v 1.81 2008/07/23 16:05:47 sthen Exp $
 #	from: @(#)security	8.1 (Berkeley) 6/9/93
 #
 
@@ -303,7 +303,10 @@ fi
 # world-readable.
 
 for f in /etc/hostname.* ; do
-	if [ "$(stat -f "%SLp" $f)" != "---" ]; then
+	if [ ! -e $f ]; then
+		continue
+	fi
+	if [ "$(stat -Lf "%SLp" $f)" != "---" ]; then
 		echo "\n$f is world readable."
 	fi
 done