Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2007-08-25 15:21:46 +0200
committerArthur de Jong <arthur@arthurdejong.org>2007-08-25 15:21:46 +0200
commit668b18cf9bdbfead2f5db657feb17e2472d32e92 (patch)
tree4bffe374c6d78457b711dbaa0059f1bb288d5276
parent60174925720ea76165d990cc52f3cf550600fc95 (diff)
fix handling of configfile values with spaces and symbols that could cause problems with sed
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@363 ef36b2f9-881f-0410-afb5-c4e39611909c
-rw-r--r--debian/libnss-ldapd.postinst25
1 files changed, 16 insertions, 9 deletions
diff --git a/debian/libnss-ldapd.postinst b/debian/libnss-ldapd.postinst
index 25b1d3e..7eb9f1a 100644
--- a/debian/libnss-ldapd.postinst
+++ b/debian/libnss-ldapd.postinst
@@ -7,14 +7,16 @@ CONFFILE="/etc/nss-ldapd.conf"
# set an option in the configuration file to the specified value
cfg_set()
{
- parameter=$1
- value=$2
+ parameter="$1"
+ value="$2"
+ # make matching of spaces better in parameter
+ param_re=`echo "$parameter" | sed -s 's#[[:space:]][[:space:]]*#[[:space:]][[:space:]]*#g'`
# check if the parameter is defined
- replace=`sed -n 's/^\('"$parameter"'\)[[:space:]]*[^[:space:]]*[[:space:]]*$/\1/ip' "$CONFFILE" | head -n 1`
+ replace=`sed -n 's/^\('"$param_re"'\)[[:space:]]*\([^[:space:]]*\|".*"\)[[:space:]]*$/\1/ip' "$CONFFILE" | head -n 1`
if [ -z "$replace" ]
then
# check if the parameter is commented out
- replace=`sed -n 's/^\(#[[:space:]]*'"$parameter"'\)[[:space:]]*[^[:space:]]*[[:space:]]*$/\1/ip' "$CONFFILE" | head -n 1`
+ replace=`sed -n 's/^\(#[[:space:]]*'"$param_re"'\)[[:space:]]*\([^[:space:]]*\|".*"\)[[:space:]]*$/\1/ip' "$CONFFILE" | head -n 1`
fi
# decide what to do
if [ -z "$replace" ]
@@ -22,8 +24,11 @@ cfg_set()
# just append a new line
echo "$parameter $value" >> $CONFFILE
else
+ # ($replace will not have have any funky characters, neither will $parameter)
+ # escape value
+ value=`echo "$value" | sed -s 's#\\\#\\\\\\\#g;s#|#\\\|#g;s#&#\\\&#g'`
# replace the first occurrence of the parameter
- sed -i '1,\|^'"$replace"' .*$| s|^'"$replace"' .*$|'"$parameter $value"'|i' "$CONFFILE"
+ sed -i '1,\|^'"$replace"' .*$| s|^\('"$replace"'\) .*$|\1 '"$value"'|i' "$CONFFILE"
fi
# we're done
return 0
@@ -32,9 +37,11 @@ cfg_set()
# disable an option in the configuration file by commenting it out
cfg_disable()
{
- parameter=$1
+ parameter="$1"
+ # make matching of spaces better in parameter
+ param_re=`echo "$parameter" | sed -s 's#[[:space:]][[:space:]]*#[[:space:]][[:space:]]*#g'`
# comment out the option
- sed -i 's/^\('"$parameter"'[[:space:]]*[^[:space:]]*\)[[:space:]]*$/#\1/i' "$CONFFILE"
+ sed -i 's/^\('"$param_re"'[[:space:]]*[^[:space:]]*\)[[:space:]]*$/#\1/i' "$CONFFILE"
# we're done
return 0
}
@@ -46,7 +53,7 @@ cfg_disable()
# LDAP and enable if not
nss_enable()
{
- name=$1
+ name="$1"
if ! grep -q '^'$name':.*ldap.*' /etc/nsswitch.conf
then
echo "/etc/nsswitch.conf: enable LDAP lookups for $name" >&2
@@ -66,7 +73,7 @@ nss_enable()
# remove NSS lookups though LDAP for the specified service
nss_disable()
{
- name=$1
+ name="$1"
# these functions also remove the lookup result handling part
# of the ldap entry (see nsswitch.conf(5))
if grep -q '^'$name':.*ldap.*' /etc/nsswitch.conf