diff options
author | schwarze <schwarze@openbsd.org> | 2011-06-20 21:53:53 +0000 |
---|---|---|
committer | schwarze <schwarze@openbsd.org> | 2011-06-20 21:53:53 +0000 |
commit | f863992666d7be6032ee1b8d0ddbfd462f7704b6 (patch) | |
tree | 865032d26fdbb708fdcfe5f38ebc41ab4c34d38d /libexec/security/security | |
parent | Refactoring for simplicity, no functional change: (diff) | |
download | wireguard-openbsd-f863992666d7be6032ee1b8d0ddbfd462f7704b6.tar.xz wireguard-openbsd-f863992666d7be6032ee1b8d0ddbfd462f7704b6.zip |
Restore changelist(5) wildcard support that we inadvertently killed
by the recent security(8) rewrite.
While here:
1) Skip relative paths in changelist(5), and complain about them.
2) Skip file names ending in a tilde ('~') unless the tilde is
explicitly specified in the changelist(5). That is, trailing
wildcards will not match trailing tildes, as suggested by matthew@.
Bug reported by both mk@ and matthew@.
OK Andrew Fresh, also tested by and "move forward" mk@
Diffstat (limited to 'libexec/security/security')
-rw-r--r-- | libexec/security/security | 37 |
1 files changed, 27 insertions, 10 deletions
diff --git a/libexec/security/security b/libexec/security/security index 935bbc984a5..4e0842082dd 100644 --- a/libexec/security/security +++ b/libexec/security/security @@ -1,6 +1,6 @@ #!/usr/bin/perl -T -# $OpenBSD: security,v 1.14 2011/05/25 21:16:29 schwarze Exp $ +# $OpenBSD: security,v 1.15 2011/06/20 21:53:53 schwarze Exp $ # # Copyright (c) 2011 Ingo Schwarze <schwarze@openbsd.org> # Copyright (c) 2011 Andrew Fresh <andrew@afresh1.com> @@ -819,20 +819,37 @@ sub check_changelist { -s $filename or return; nag !(open my $fh, '<', $filename), "open: $filename: $!" and return; + my @relative; while (<$fh>) { + next if /^(?:#|\s*$)/; chomp; - next if /^(?:#|\/etc\/master.passwd|$)/; - next if -d $_; - - if (s/^\+//) { - $check_title = "======\n$_ MD5 checksums\n======"; - backup_md5 $_; - } else { - $check_title = "======\n$_ diffs (-OLD +NEW)\n======"; - backup_if_changed $_; + my $plus = s/^\+//; + unless (/^\//) { + push @relative, $_; + next; + } + my $tilda = /~$/; + + foreach (glob) { + next if $_ eq '/etc/master.passwd'; + next if /~$/ && !$tilda; + next if -d $_; + + if ($plus) { + $check_title = + "======\n$_ MD5 checksums\n======"; + backup_md5 $_; + } else { + $check_title = + "======\n$_ diffs (-OLD +NEW)\n======"; + backup_if_changed $_; + } } } close $fh; + + $check_title = "Skipped relative paths in changelist(5):"; + nag 1, $_ foreach @relative; } # Make backups of the labels for any mounted disks |