[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1766: Bug in script checksecurity in package cron

Hi,
	I'm sorry, I should have investigated further before firing
 off that bug report about checksecurity.  There is no problem with
 multiple dir arguments to find (which is perfectly legal, as Ian
 Jackson pointed out).

	The problem was that there were no
 /var/log/setuid.{today,yesterday} files on my system, and
 checksecurity failed to create them, resulting in a mail message
 every time the cron job was run. If such a file is created, maybe
 there is no problem, so a generic setuid.today file should be
 installed? (From the trace below, you can see that the diff fails if
 there is no setuid.today file).  Should I file a fresh bug report?

	manoj

 Here is what I did to check that:

<root@melkor:[~]> rm -f /var/log/setuid.today
<root@melkor:[~]> bash -x checksecurity.dist
+ set -e
+ PATH=/sbin:/bin:/usr/sbin:/usr/bin
+ LOG=/var/log
+ TMP=/tmp/_secure.21828
+ umask 077
+ cd /
++ mount
++ grep -vE  type (proc|iso9660) |^/dev/fd| on /mnt
++ cut -d   -f 3
+ find / /dos /usr /usr/local -xdev ( -type f -perm +06000 -o -type b
  -o -type c ) -ls
+ sort
+ cmp -s /var/log/setuid.today /tmp/_secure.21828
++ hostname
+ echo melkor changes to setuid programs and devices:
melkor changes to setuid programs and devices:
+ diff /var/log/setuid.today /tmp/_secure.21828
diff: /var/log/setuid.today: No such file or directory
+ [ 2 = 1 ]
<root@melkor:[~]> cp /var/log/setuid.yesterday /var/log/setuid.today
<root@melkor:[~]> bash -x checksecurity.dist
+ set -e
+ PATH=/sbin:/bin:/usr/sbin:/usr/bin
+ LOG=/var/log
+ TMP=/tmp/_secure.21873
+ umask 077
+ cd /
++ mount
++ grep -vE  type (proc|iso9660) |^/dev/fd| on /mnt
++ cut -d   -f 3
+ find / /dos /usr /usr/local -xdev ( -type f -perm +06000 -o -type b
  -o -type c ) -ls
+ sort
+ cmp -s /var/log/setuid.today /tmp/_secure.21873
++ hostname
+ echo melkor changes to setuid programs and devices:
melkor changes to setuid programs and devices:
+ diff /var/log/setuid.today /tmp/_secure.21873
5c5,6
<   2111   68 -rwsr-x---   1 root     dip         69632 Oct 22 21:27
/usr/sbin/dip
---
>   2098   68 -rwsr-x---   1 root     dip         69632 Oct 24 19:19
>   /usr/sbin/dip

	[much deleted here]
+ [ 1 = 1 ]
+ mv /var/log/setuid.today /var/log/setuid.yesterday
+ mv /tmp/_secure.21873 /var/log/setuid.today
+ rm -f /tmp/_secure.21873



-- To be sure of hitting the target, shoot first, and call whatever you
 hit the target. Ashleigh Brilliant

Manoj Srivastava         Project Pilgrim, Department of Computer Science
Phone: (413) 545-3918             A143B Lederle Graduate Research Center
Fax: (413) 545-1249       University of Massachusetts, Amherst, MA 01003
email:srivasta@pilgrim.umass.edu http://www.pilgrim.umass.edu/~srivasta/
Reply to: