[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tiger-devel] [RFC] Diferences between 'empty and set' and 'unset' v
From: |
Javier Fernández-Sanguino Peña |
Subject: |
Re: [Tiger-devel] [RFC] Diferences between 'empty and set' and 'unset' variables |
Date: |
Fri, 19 Sep 2003 02:08:25 +0200 |
User-agent: |
Mutt/1.5.4i |
On Tue, Sep 16, 2003 at 10:04:37AM +0200, Nicolas François wrote:
> Hello,
>
> Here are some patches and comments all related to tests of empty
> variables. In some cases, I think a difference can be found between a
> variable set to "" and an unset variable.
You might be right but it probably depends on context.
>
> Comments are welcome.
>
> -- 08_initdefs_haveallvars_allow_empty_vars.patch ----------------------
> What should haveallvars do with variables empty but set?
IMHO it should exit just like if it's undefined. I'm adding your patch but
providing a different error message for the other case. Notice that some
tests will not work properly if a variable checked by haveallvars() turns
out to be empty.
> -- 09_check_accounts_allow_empty_admin_accounts.patch ------------------
> Allow an empty Tiger_Admin_Accounts variable.
>
> Note: Not very usefull?
>
> BTW, the default value set in check_accounts (root) doesn't correspond
> to the definition in tigerrc:
> What accounts are considered administrative (beyond root)
> (likely to not be used by humans, and therefore have impossible
> passwords)
> The default value could be the same in both files.
That description is related the usage of Tiger_Admin_Accounts in
check_passwd. Check_accounts checks for unused accounts and 'root' should
not be reported there. So, I'm changing the code to
if [ -z "$Tiger_Admin_Accounts" ]
then
Tiger_Admin_Accounts="root"
else
Tiger_Admin_Accounts="$Tiger_Admin_Accounts|root"
fi
Notice that, in any case, for the 'case' statement to work this variable
should be defined so I'm not applying this patch.
> ------------------------------------------------------------------------
>
> -- 10_check_accounts_allow_empty_dotfiles.patch ------------------------
> Allow an empty USERDOTFILES variable.
> ------------------------------------------------------------------------
Done. It might make sense for administrators that want to run the check but
don't want this part of the check.
>
> -- 14_check_listeningprocs_allow_empty_ValidUsers.patch ----------------
> -- 16_check_listeningprocs_allow_empty_ValidUsers.patch ----------------
> scripts/check_listeningprocs and systems/Linux/2/check_listeningprocs
> versions
>
> Allow empty Tiger_Listening_ValidProcs and Tiger_Listening_ValidUsers
> variables.
>
> Note: I rather have those variables empty. New daemon run as root should
> be reported.
Applied. Thanks for all those patches and comments!
Javi
pgppPsfPMrgWQ.pgp
Description: PGP signature