Chinaunix

标题: 一个小标点引发一串匪夷所思的问题........ [打印本页]
作者: wwr    时间: 2013-01-03 22:39
标题: 一个小标点引发一串匪夷所思的问题........
本帖最后由 wwr 于 2013-01-05 20:48 编辑

今天在写有关通过shadow文件确定账号是否符合安全标准的脚本:检查账户有效期、检查账户是否设置密码等等。
首先看看这个检查账户有效期的脚本,主要是截取shadow文件第八段,判断账户的过期时间,并echo警告信息。
  1.         while IFS=: read -r f1 f2 f3 f4 f5 f6 f7 f8
  2.           do
  3.           if [ ! -z $f8 ]
  4.           then
  5.         expd="`date -d "1970-01-01+$f8 day" '+%Y-%m-%d'`"
  6.         echo -e "$ATT The account: $f1 will expried at $expd. Please contact your administrator!"
  7.         else echo -e "Checking account $f1 expire date.                $OK"
  8.         fi
  9.         done</etc/shadow
复制代码
我们来执行一下
  1. [root@butter ~]# ./secure.sh
  2. ........
  3. Checking account gopher expire date.            [  OK  ]
  4. ***Attention***    The account: john will expried at 2013-03-04. Please contact your administrator!
  5. Checking account nobody expire date.            [  OK  ]
  6. .....
  7. [root@butter ~]# cat /etc/shadow|grep john
  8. john:$6$hX2SaZv8$TZbICUPboyu2XmVVgYOfDFqvR7sKJeD0N5D2pvmxo3H8bmVl8eCroOLcJYEw6.uvkfQwgg/8b2wV1dvszi79a.:15708:0:99999:7::15768:
复制代码
一切顺利,只要对这个账户设定的密码过期时间,他都能准确的根据第八段时间计算出过期时间。

接着我们来检查账户是否设置密码。其实和上面的脚本几乎一样,唯一改变的是替换成第二字段,只要第二字段不为空我们就认为他是有密码的。脚本内容如下
  1.         while IFS=: read -r f1 f2 f3 f4 f5 f6 f7 f8
  2.           do
  3.           if [ -z $f2 ]
  4.           then
  5.         echo -e "$WAR The account: $f1 has empty password! Please contact your administrator!"
  6.         fi
  7.         else -e "Checking whether the  account $1 has set a password         $OK"
  8.         done</etc/shadow
复制代码
结果执行之后离奇的出现错误
  1. ./secure.sh: line 4: [: too many arguments
复制代码
脚本内容完全是参照检查账户有效期的那个来修改的,而且没有任何错别字。但就是无法解释。
我试图让脚本不进行判断,只输出$f2的内容:
  1. [root@butter ~]# cat secure.sh
  2. while IFS=: read -r f1 f2 f3 f4 f5 f6 f7 f8
  3. do
  4. echo $f2
  5. done</etc/shadow
  6. [root@butter ~]# ./secure.sh
  7. $2y$10$ULX4kt.sVMbsjg0bBwj8FuCF9Exy2GzxnpgbCOZLf.Jtj5FQ7.DjC
  8. ALL_LINE Desktop Documents FLAG UNIQ_LINE autoinst.xml bin inst-sys passwd passwd2 secure.sh st
  9. ALL_LINE Desktop Documents FLAG UNIQ_LINE autoinst.xml bin inst-sys passwd passwd2 secure.sh st
  10. ALL_LINE Desktop Documents FLAG UNIQ_LINE autoinst.xml bin inst-sys passwd passwd2 secure.sh st
  11. ALL_LINE Desktop Documents FLAG UNIQ_LINE autoinst.xml bin inst-sys passwd passwd2 secure.sh st
  12. .............
复制代码
除了第一行显示正常的密码字段以外其余的全是奇怪的内容……

后来我又检查了一下/etc/shadow文件:
  1. [root@butter ~]# cat /etc/shadow
  2. root:$2y$10$ULX4kt.sVMbsjg0bBwj8FuCF9Exy2GzxnpgbCOZLf.Jtj5FQ7.DjC:15705::::::
  3. bin:*:15385::::::
  4. daemon:*:15385::::::
  5. lp:*:15385::::::
  6. mail:*:15385::::::
  7. news:*:15385::::::
  8. uucp:*:15385::::::
  9. games:*:15385::::::
  10. man:*:15385::::::
复制代码
仿佛发现了些什么…………



原来,系统默认账户下的第二字段是星号,表示账户无法登录。
而在脚本中,星号又是一个通配符,刚才通过echo看到的一串奇怪的内容其实是我当前目录下的文件,你现在也可以试试"echo *"输出结果等于"ls"。
恍然大悟了吧!立马重新修改脚本,把刚才判断语句中的$f2给加个双引号。再跑一下。
Bravo!成功了!

  2. [root@butter ~]# cat secure.sh
  3.         while IFS=: read -r f1 f2 f3 f4 f5 f6 f7 f8
  4.         do
  5.         if [ -z "$f2" ]
  6.         then
  7.         echo -e "$WAR The account: $f1 has empty password! Please contact your administrator!"
  8.         else echo -e "Checking the  account $1 has set a password      $OK"
  9.         fi
  10.         done</etc/shadow
  11. [root@butter ~]# ./secure.sh
  12. Checking the  account  root has set a password       [  OK  ]
  13. ..........
  14. ***Warning***    The account: tom has empty password! Please contact your administrator!
  15. ........
  16. [root@butter ~]# cat /etc/shadow|grep tom
  17. tom::15708:0:99999:7:::
复制代码
作者: blackold    时间: 2013-01-03 23:07
本帖最后由 blackold 于 2013-01-03 23:08 编辑

真的很神奇,还有隐藏内容。
作者: yinyuemi    时间: 2013-01-03 23:27
本帖最后由 yinyuemi 于 2013-01-03 23:28 编辑

最匪夷所思的是





























还要回复可见
作者: waker    时间: 2013-01-04 08:49
最匪夷所思的是shell也能产生匪夷所思的问题
作者: aqbssh    时间: 2013-01-04 09:04
回复 1# wwr


  是不是发现了什么bug ?
作者: murdercool    时间: 2013-01-04 09:26
回复可见什么情况
作者: reyleon    时间: 2013-01-04 10:07
第一次在shell板块看到有隐藏内容的 果然很神奇
作者: huangyu_945    时间: 2013-01-04 10:27
我想看看下面是怎么回复的
作者: 刺客阿地    时间: 2013-01-04 10:53
奇怪的事情发生了。。。俺来看大牛解答!
作者: Shell_HAT    时间: 2013-01-04 11:00
http://catb.org/~esr/faqs/smart-questions.html
Don't rush to claim that you have found a bug

When you are having problems with a piece of software, don't claim you have found a bug unless you are very, very sure of your ground. Hint: unless you can provide a source-code patch that fixes the problem, or a regression test against a previous version that demonstrates incorrect behavior, you are probably not sure enough. This applies to webpages and documentation, too; if you have found a documentation “bug”, you should supply replacement text and which pages it should go on.

Remember, there are many other users that are not experiencing your problem. Otherwise you would have learned about it while reading the documentation and searching the Web (you did do that before complaining, didn't you?). This means that very probably it is you who are doing something wrong, not the software.

The people who wrote the software work very hard to make it work as well as possible. If you claim you have found a bug, you'll be impugning their competence, which may offend some of them even if you are correct. It's especially undiplomatic to yell “bug” in the Subject line.

When asking your question, it is best to write as though you assume you are doing something wrong, even if you are privately pretty sure you have found an actual bug. If there really is a bug, you will hear about it in the answer. Play it so the maintainers will want to apologize to you if the bug is real, rather than so that you will owe them an apology if you have messed up.

@aqbssh
作者: zzbutcher    时间: 2013-01-04 11:06
回帖 看影藏内容
作者: wwr    时间: 2013-01-04 17:18
回复 5# aqbssh

不是bug,只是比较神奇的情况吧
   
作者: zooyo    时间: 2013-01-04 21:47
提示: 作者被禁止或删除 内容自动屏蔽
作者: y331044508    时间: 2013-01-04 21:56
隐藏内容在那里。。。看的是稀里糊涂。。。
作者: davidbeckham921    时间: 2013-01-05 17:16
呵呵遇到过这种问题,不过没来及回帖就已经不隐藏了。



欢迎光临 Chinaunix (http://bbs.chinaunix.net/) Powered by Discuz! X3.2