Subject: misc/3106: /etc/security leaves logfiles in /etc/mtree
To: None <>
From: Andrew Wheadon <>
List: netbsd-bugs
Date: 01/14/1997 13:27:13
>Number:         3106
>Category:       misc
>Synopsis:       /etc/security leaves logfiles in /etc/mtree
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people (Misc Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 14 04:35:02 1997
>Originator:     Andrew Wheadon
The cost of living hasn't affected its popularity. (Mark Twain)
current	release=doc \ "NetBSD-current mirror"
hostbase=/mit/ftp/pub/NetBSD base=/usr prefix=/usr backup delete use-rel-suffix
>Release:        13.01.97
System: NetBSD 1.2B NetBSD 1.2B (WIPOOL) #0: Sat Jan 11 03:34:48 MET 1997 i386

/etc/security changes directory to /etc/mtree when checking 
/etc/mtree/special and /etc/mtree/*.secure. At this point all
output including OUTPUT=secure6.$$ lands in /etc/mtree, and
since the only removal of logs is rm $SECUREDIR these files
don't get removed.
run /etc/security with check_mtree enabled in /etc/security.conf
and then look at the empty files created in /etc/mtree called
I'm not sure whether this fix is correct since I don't know what
this line (*) does but I presume the complete path-name in $file will
have no effect.
(*) 		tree=`sed -n -e '3s/.* //p' -e 3q $file`
The patch just removes the cd /etc/mtree and access the files
with the complete path instead, thus leaving all output to go

--- security.mrg	Tue Jan 14 12:53:13 1997
+++ security	Tue Jan 14 13:03:51 1997
@@ -529,7 +529,7 @@
 # the hacker can modify the tree specification to match the replaced binary.
 # For details on really protecting yourself against modified binaries, see
 # the mtree(8) manual page.
-if [ X"$check_mtree" = XYES ] && cd /etc/mtree; then
+if [ X"$check_mtree" = XYES ]; then
 	mtree -e -p / -f /etc/mtree/special > $OUTPUT
 	if [ -s $OUTPUT ]; then
@@ -538,8 +538,8 @@
-	for file in *.secure; do
-		[ $file = '*.secure' ] && continue
+	for file in /etc/mtree/*.secure; do
+		[ $file = '/etc/mtree/*.secure' ] && continue
 		tree=`sed -n -e '3s/.* //p' -e 3q $file`
 		mtree -f $file -p $tree > $TMP1
 		if [ -s $TMP1 ]; then