Repocop reports by test

	Status	rpm id	message
	fail	CanFestival-3-source-2015.08.03-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/src/CanFestival-3/configure: $ grep -A5 -B5 /tmp/ /usr/src/CanFestival-3/configure ########################################################################### if [ "$SUB_WX" = "" ]; then if which wx-config >/dev/null 2>&1; then echo -n "Testing wxWidgets compiles ... " cat > /tmp/wx_test.cpp </dev/null 2>&1 ; then SUB_WX=1 echo "Yes" else SUB_WX=0 echo "No" fi rm -f /tmp/wx_test* else SUB_WX=0 echo "No wxWidgets available" fi fi
	fail	GMT-common-5.2.1-alt1_3.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/gmt/tools/gmt_prepmex.sh: $ grep -A5 -B5 /tmp/ /usr/share/gmt/tools/gmt_prepmex.sh scp -r etc usr $MEXBINDIR # Now copy the lib files printf "gmt_prepmex.sh: Copy and rename libraries\n" >&2 cd $BUNDLEDIR/Contents/Resources/lib # Find a list of all libs shipped with the OSX bundle, except our own: ls *.dylib | egrep -v 'libgmt.dylib|libpostscriptlight.dylib' > /tmp/l.lis # For each, duplicate into /opt/gmt but add a leading X to each name while read lib; do new=`echo $lib | awk '{printf "libX%s\n", substr($1,4)}'` cp $lib $MEXLIBDIR/$new done < /tmp/l.lis # Copy the supplement shared plugin cp gmt/plugins/supplements.so $MEXLIBDIR/gmt/plugins cd $MEXLIBDIR ls *.dylib > /tmp/l.lis printf "gmt_prepmex.sh: Rebaptize libraries\n" >&2 # For all libs in $MEXLIBDIR, change internal references to contain the leading "X" while read lib; do otool -L $lib | grep executable_path | awk '{print $1}' > /tmp/t.lis let k=1 while read old; do new=`echo $old | awk -F/ '{printf "libX%s\n", substr($NF,4)}'` if [ $k -eq 1 ]; then # Do the id change was=`echo $lib | awk -F/ '{print substr($1,4)}'` install_name_tool -id $MEXLIBDIR/$new $lib else install_name_tool -change $old $MEXLIBDIR/$new $lib fi let k=k+1 done < /tmp/t.lis done < /tmp/l.lis # Set links to the new libs ln -s libXgmt.dylib libgmt.dylib ln -s libXgmt.5.dylib libXgmt.dylib ln -s libXpostscriptlight.5.dylib libXpostscriptlight.dylib # This is not necessary it seems, at least for fink and homebrew -- # FROM=/usr/local/lib #fi # Do plugin supplement separately since not called lib* cd gmt/plugins otool -L supplements.so | grep executable_path | awk '{print $1}' > /tmp/t.lis let k=1 while read old; do new=`echo $old | awk -F/ '{printf "libX%s\n", substr($NF,4)}'` install_name_tool -change $old $MEXLIBDIR/$new supplements.so let k=k+1 done < /tmp/t.lis # Do bin dir cd $MEXBINDIR otool -L gmt | grep executable_path | awk '{print $1}' > /tmp/t.lis let k=1 while read old; do new=`echo $old | awk -F/ '{printf "libX%s\n", substr($NF,4)}'` install_name_tool -change $old $MEXLIBDIR/$new gmt let k=k+1 done < /tmp/t.lis # Fix gmt-config so it returns correct paths cat << EOF > /tmp/skip GMT_EXEDIR= CONFIG_CFLAGS= CONFIG_INCLUDEDIR= CONFIG_LIBS= CONFIG_PREFIX= EOF sed '/GMT_EXEDIR/q' gmt-config > /tmp/new cat << EOF >> /tmp/new CONFIG_CFLAGS="-I/opt/gmt/include/gmt" CONFIG_DATA=\$(\$GMT_EXEDIR/gmt --show-datadir) CONFIG_INCLUDEDIR="/opt/gmt/include/gmt" CONFIG_LIBS="-L/opt/gmt/lib -lgmt" CONFIG_PREFIX="/opt/gmt" EOF sed -n '/GMT_EXEDIR/,$p' gmt-config | grep -v -f/tmp/skip >> /tmp/new mv -f /tmp/new gmt-config chmod +x gmt-config version=`gmt-config --version` # Report cat << EOF >&2 gmt_prepmex.sh: Made updated GMT $version installation in /opt/gmt
	fail	GMT-doc-5.2.1-alt1_3.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/gmt/supplements/misc/dim.template.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/gmt/supplements/misc/dim.template.sh orsout= # ors output folder mkdir -p $orsout gmt grdcut $bathy $box -G/tmp/$$.t.nc # the area of interest minW= # minimum filter width candidate for ORS (e.g., 60) maxW= # maximum filter width candidate for ORS (e.g., 600) intW= # filter width step (e.g., 20) level= # base contour to compute the volume and area of the residual (e.g., 300m) STEP=`gmt gmtmath -T$minW/$maxW/$intW -N1/0 =` for width in $STEP do echo "W = $width km" gmt dimfilter $bathy $box -G/tmp/$$.dim.nc -Fm${width} -D2 -Nl8 # DiM filter gmt grdfilter /tmp/$$.dim.nc -G$orsout/dim.${width}.nc -Fm50 -D2 # smoothing gmt grdmath /tmp/$$.t.nc $orsout/dim.${width}.nc SUB = /tmp/$$.sd.nc # residual from DiM gmt grdvolume /tmp/$$.sd.nc -Sk -C$level -Vl | awk '{print r,$2,$3,$4}' r=${width} >> $ors # ORS from DiM done fi # compute DiM-based regional -- for i in $width do if [ ! -f $orsout/dim.${i}.nc ]; then echo "filtering W = ${i} km" gmt dimfilter $bathy $box -G/tmp/$$.dim.nc -Fm${i} -D2 -Nl8 # DiM filter gmt grdfilter /tmp/$$.dim.nc -G$orsout/dim.${i}.nc -Fm50 -D2 # smoothing fi if [ ! -f $alldepth ]; then gmt grd2xyz -Z $orsout/dim.${i}.nc > /tmp/$$.${i}.depth fi done if [ ! -f $alldepth ]; then paste /tmp/$$.*.depth > /tmp/$$.t.depth # the number of columns can be different for each case awk '{print $1," ",$2," ",$3," ",$4," ",$5," ",$6," ",$7," ",$8," ",$9}' /tmp/$$.t.depth > $alldepth gmt grd2xyz $bathy $box -V > $bathy.xyz fi gmt dimfilter $alldepth -Q9 > /tmp/$$.out wc -l /tmp/$$.out $bathy.xyz paste $bathy.xyz /tmp/$$.out | awk '{print $1,$2,$4}' > /tmp/$$.dim.xyz paste $bathy.xyz /tmp/$$.out | awk '{print $1,$2,$5}' > /tmp/$$.err.xyz gmt xyz2grd /tmp/$$.dim.xyz -G$dim -I1m $box -V -F gmt xyz2grd /tmp/$$.err.xyz -G$err -I1m $box -V -F fi
	fail	alterator-mass-management-0.1.7-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/alterator/backend3/mass-management: $ grep -A5 -B5 /tmp/ /usr/lib/alterator/backend3/mass-management mkdir -p "$TASKS_DIR/task-$number" cat >"$TASKS_DIR/task-$number.yml" <> /tmp/mode.log echo "$(set|grep -a "in_")" >> /tmp/mode.log case "$in_action" in type) write_type_item hostlist hostname-list #write_type_item add_host hostname ;;
	fail	alterator-net-domain-0.7.0-alt4.M80P.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/alterator/backend3/net-domain: $ grep -A5 -B5 /tmp/ /usr/lib/alterator/backend3/net-domain ## https://www.altlinux.org/ActiveDirectory/DC ad_provision_domain() { local domain_name="$1" shift local log="/tmp/samba-dc-provision-$(date +%d.%m.%Y-%H:%M:%S)-$domain_name.log" # Begin log date > "$log" echo "Domain: $domain_name" >> "$log" echo >> "$log" -- if [ "$in_domain_type" = 'ad' ]; then if ipa_install_running; then ipa_install_stop fi env > /tmp/net-domain.txt ad_current_domain="$($samba_tool domain info '127.0.0.1' | sed 's/ *: /:/' | sed -n 's/^Domain://p')" # Check creation of existing domain if [ "$ad_current_domain" != "$in_domain" ]; then write_domain "$in_domain" "1"
	fail	alterator-netinst-1.9.1-alt0.M80P.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/alterator/backend3/netinst: $ grep -A5 -B5 /tmp/ /usr/lib/alterator/backend3/netinst elif [ -n "$in_add" ]; then [ "$in_get_from" = "url" ] && run_localized alterator-netinst -A "$in_add_url" || run_localized alterator-netinst -A "cdrom:" else set >> /tmp/log if [ -n "$in_vnc" ]; then if [ "$in_vnc" = '#t' ] ; then vnc= headless= [ "$in_headless" = '#t' ] && headless='headless'
	fail	alterator-pkg-2.6.21-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/alterator/backend3/pkg-size: $ grep -A5 -B5 /tmp/ /usr/lib/alterator/backend3/pkg-size echo "pkg-size:start" local tmpfile="$(make_manifest $in_lists)" if [ -s "$tmpfile" ]; then stderr_handler & echo "n"|apt-get --simple-output install --manifest "$tmpfile" 2>> /tmp/install2.log || rc=$? else echo "apt-get:status:disk-size:0k" fi rm -f "$tmpfile" echo "pkg-size:finish:$rc" Found error in /usr/lib/alterator/backend3/pkg-install: $ grep -A5 -B5 /tmp/ /usr/lib/alterator/backend3/pkg-install ;; write) case "$in__objects" in /) if test_bool "$in_auto"; then make_apt < /dev/null &> /tmp/pkg-install.log else start_pipe &> /tmp/pkg-install.log fi ;; notify) write_pipe "$in_message" ;;
	fail	antmon-actionrrd-3.2-alt6.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/antmon/action-logrrd: $ grep -A5 -B5 /tmp/ /usr/lib/antmon/action-logrrd # use Fcntl; use RRDs; open STDERR, ">/tmp/rrderr"; die "Usage: log_packer.pl logdir [interval [tmout [type [datatype [num_to_store [num_to_sum]]]]]]\n" if @ARGV<1; my $dir=shift @ARGV; die "No such dir: $dir\n" unless -d $dir;
	fail	bacula-director-common-5.2.13-alt9.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/bacula-director-common-5.2.13/updatedb/update_mysql_tables_11_to_12: $ grep -A5 -B5 /tmp/ /usr/share/doc/bacula-director-common-5.2.13/updatedb/update_mysql_tables_11_to_12 echo " " bindir=/usr/bin PATH="$bindir:$PATH" db_name=${db_name:-bacula} mysql -D ${db_name} $* -e "select VersionId from Version\G" >/tmp/$$ DBVERSION=`sed -n -e 's/^VersionId: \(.*\)$/\1/p' /tmp/$$` if [ $DBVERSION != 11 ] ; then echo " " echo "The existing database is version $DBVERSION !!" echo "This script can only update an existing version 11 database to version 12." echo "Error. Cannot upgrade this database."
	fail	bacula-director-mysql-5.2.13-alt9.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/bacula/scripts/update_mysql_tables: $ grep -A5 -B5 /tmp/ /usr/share/bacula/scripts/update_mysql_tables echo " " bindir=/usr/bin PATH="$bindir:$PATH" db_name=${db_name:-bacula} mysql -D ${db_name} $* -e "select VersionId from Version\G" >/tmp/$$ DBVERSION=`sed -n -e 's/^VersionId: \(.*\)$/\1/p' /tmp/$$` if [ $DBVERSION != 12 ] ; then echo " " echo "The existing database is version $DBVERSION !!" echo "This script can only update an existing version 12 database to version 14." echo "Error. Cannot upgrade this database."
	fail	bacula7-director-common-7.4.7-alt3.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/bacula7-director-common-7.4.7/updatedb/update_mysql_tables_11_to_12: $ grep -A5 -B5 /tmp/ /usr/share/doc/bacula7-director-common-7.4.7/updatedb/update_mysql_tables_11_to_12 echo " " bindir=/usr/bin PATH="$bindir:$PATH" db_name=${db_name:-bacula} mysql $* -D ${db_name} -e "select VersionId from Version\G" >/tmp/$$ DBVERSION=`sed -n -e 's/^VersionId: \(.*\)$/\1/p' /tmp/$$` if [ $DBVERSION != 11 ] ; then echo " " echo "The existing database is version $DBVERSION !!" echo "This script can only update an existing version 11 database to version 12." echo "Error. Cannot upgrade this database."
	fail	bacula7-director-mysql-7.4.7-alt3.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/bacula/scripts/update_mysql_tables: $ grep -A5 -B5 /tmp/ /usr/share/bacula/scripts/update_mysql_tables ARGS=$* getVersion() { mysql $ARGS -D ${db_name} -e "select VersionId from Version LIMIT 1\G" >/tmp/$$ DBVERSION=`sed -n -e 's/^VersionId: \(.*\)$/\1/p' /tmp/$$` } getVersion if [ "x$DBVERSION" = x ]; then
	fail	bacula9-director-common-9.0.6-alt1.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/bacula9-director-common-9.0.6/updatedb/update_mysql_tables_11_to_12: $ grep -A5 -B5 /tmp/ /usr/share/doc/bacula9-director-common-9.0.6/updatedb/update_mysql_tables_11_to_12 echo " " bindir=/usr/bin PATH="$bindir:$PATH" db_name=${db_name:-bacula} mysql $* -D ${db_name} -e "select VersionId from Version\G" >/tmp/$$ DBVERSION=`sed -n -e 's/^VersionId: \(.*\)$/\1/p' /tmp/$$` if [ $DBVERSION != 11 ] ; then echo " " echo "The existing database is version $DBVERSION !!" echo "This script can only update an existing version 11 database to version 12." echo "Error. Cannot upgrade this database."
	fail	bacula9-director-mysql-9.0.6-alt1.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/bacula/scripts/update_mysql_tables: $ grep -A5 -B5 /tmp/ /usr/share/bacula/scripts/update_mysql_tables ARGS=$* getVersion() { mysql $ARGS -D ${db_name} -e "select VersionId from Version LIMIT 1\G" >/tmp/$$ DBVERSION=`sed -n -e 's/^VersionId: \(.*\)$/\1/p' /tmp/$$` } getVersion if [ "x$DBVERSION" = x ]; then
	fail	cleo-agent-5.13a-alt2.1.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/sbin/cleo-mon: $ grep -A5 -B5 /tmp/ /usr/sbin/cleo-mon $log_file, O_LARGEFILE | O_WRONLY | O_APPEND | O_CREAT ) ) { do_syslog("Cannot open '$log_file' ($!). Try /tmp"); unless ( $STATUS->open( "/tmp/cleo-mon.log", O_LARGEFILE | O_WRONLY | O_APPEND | O_CREAT ) ) { do_syslog("Cannot open /tmp/cleo-mon.log ($!). Try /dev/null"); $STATUS->open( "/dev/null", O_WRONLY ); } } $STATUS->autoflush(1); -- } exit 0 unless defined $p; exit 0 if ( $p != 0 ); if (1) { # || POSIX::setsid()!=-1) { unlink "/tmp/q-launch.$id"; # delete possible symlink open X, ">/tmp/q-launch.$id" or exit(1); # create 'lock-file' close X; for ( ; $time > 0; --$time ) { sleep 1; exit(0) unless -f "/tmp/q-launch.$id"; # exit, if launch is not nessesary } unlink "/tmp/q-launch.$id"; # delete 'lock-file' qlog "LAUNCHING($p) '$prog'\n"; # eval { close $LST; }; # eval { close $To_server; }; # eval { close $From_server; }; # eval { close $SH; }; -- register_mon_rcv( 'internal_info', \&int_info_handler ); register_mon_rcv( 'signal', \&signal_handler ); unless ( open( PID, ">/var/run/qmon.pid" ) ) { # or die "Cannot write pid to /var/run/qmon.pid!\n"; open( PID, ">/tmp/qmon.pid" ); } print PID $$; close PID; ##################################################################### -- # eval { close $From_server; }; # eval { close $To_server; }; $SRV->disconnect; # close $STATUS; # $STATUS=new IO::File(">/tmp/qqq"); qlog "Opening stdin ($args->{stdin})\n"; if ( ( $args->{stdin} =~ /\S/ ) && ( $args->{stdin} ne '-' ) ) { qlog "Opening stdin ($args->{stdin})!!!!\n"; $args->{stdin} =~ tr/\|\`\&\#\$\@\<\>//;
	fail	crossfire-1.11.0-alt1.qa6.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/games/crossloop.web: $ grep -A5 -B5 /tmp/ /usr/games/crossloop.web /bin/gzip -9 $HTMLDIR/core.$$.$logcount & /bin/gzip -9 $HTMLDIR/server.$$.$logcount.log & /bin/chmod 644 $HTMLDIR/core*.gz echo "Crossfired crashed at `date`. Crash instance is $logcount." > /tmp/crossloop.web.$$ echo "The core files and server log can be found at" >> /tmp/crossloop.web.$$ echo "$URL/backtrace.$$.$logcount.html" >> /tmp/crossloop.web.$$ echo "$URL/core.$$.$logcount.gz" >> /tmp/crossloop.web.$$ echo "$URL/server.$$.$logcount.log.gz" >> /tmp/crossloop.web.$$ cat /tmp/crossloop.web.$$ $HTMLDIR/backtrace.$$.$logcount.html | $MAIL -s "Crossfire crashed." $MAILTO @RM@ /tmp/crossloop.web.$$ else # may or may not want to keep the old one around. #@RM@ $HTMLDIR/backtrace.$$.$logcount.html # Need some statement here for the else/fi to work. /bin/false
	fail	crossfire-maps-bigworld-1.11.0-alt1.qa1.1.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/games/crossfire/maps-bigworld/Info/combine.pl: $ grep -A5 -B5 /tmp/ /usr/share/games/crossfire/maps-bigworld/Info/combine.pl # If we already have a combined image, then we only need to paste # the new bits onto it, saving a bunch of time if (! -f "images/combine.ppm") { system("ppmmake \\#000 $DEST_WIDTH $DEST_HEIGHT > /tmp/tmp.ppm"); $first_run=1; print "Creating images for the first time.\n"; } else { system("cp images/combine.ppm /tmp/tmp.ppm"); $first_run=0; } print "Processing."; for ($x=0; $x<$NUM_X; $x++) { -- if ($time1 > $time2) { $cmd = $CFEDITOR; $cmd =~ s#%I#$cwd/world/world_$dx\_$dy#; $cmd =~ s#%O#$cwd/images/world_$dx\_$dy.png#; system($cmd); system("pngtopnm images/world_$dx\_$dy.png | pnmscale -xysize $TILE_WIDTH $TILE_HEIGHT > /tmp/ppm.tmp"); $sx = $x etc usr var $TILE_WIDTH; $sy = $y etc usr var $TILE_HEIGHT; system("pnmpaste /tmp/ppm.tmp $sx $sy /tmp/tmp.ppm > /tmp/tmp.ppm1"); unlink("/tmp/tmp.ppm"); rename("/tmp/tmp.ppm1", "/tmp/tmp.ppm"); } } } system("mv /tmp/tmp.ppm images/combine.ppm"); print "\n";
	fail	digitemp-utils-3.6.0-alt1.2.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/digitemp/rrdb/log-temperature.pl: $ grep -A5 -B5 /tmp/ /usr/share/digitemp/rrdb/log-temperature.pl } else { die "Could not find rrdtool binary\n"; } # The RRD database to put the data into $wx_rrd = "/tmp/digitemp.rrd"; # Read the output from digitemp # Output in form 0\troom\tattic\tdrink open( DIGITEMP, "digitemp -a -q -o2 |" ); -- chomp; if( $_ =~ /^nanosleep/i ) { $now = localtime; open( ERRLOG, ">>/tmp/dt-error") or die "Error opening dt-error"; print ERRLOG "nanosleep error at $now\n"; close( ERRLOG ); die "nanosleep error"; } else { -- # This section was used to create up to date email signature files # Create the email header in Fahrenheit #open( HEADER, ">/tmp/.header") or die "Error opening .header"; #$now = localtime; #print HEADER "[$now]--[Inside "; #printf HEADER "%0.2f",ctof( $room ); #print HEADER "F]--[Outside "; Found error in /usr/share/digitemp/perl/maxplot: $ grep -A5 -B5 /tmp/ /usr/share/digitemp/perl/maxplot $im->string(gdSmallFont,$hmargin,&ytransform(-30),"Harddrive #1",$red); $im->string(gdSmallFont,$hmargin,&ytransform(-35),"Room Temperature",$green); $im->string(gdSmallFont,$hmargin,&ytransform(-40),"Outside Temperature",$orange); # Output it to a .gif image file open( PLOT, ">/tmp/tempplot.gif"); print PLOT $im->gif; close(PLOT); # copy the image to its final destination and make sure it is owned # by the right person. system "cp /tmp/tempplot.gif /home/nexus/.public_html/tempplot.gif"; system "chown nexus.users /home/nexus/.public_html/tempplot.gif"; system "chmod 0644 /home/nexus/.public_html/tempplot.gif";
	fail	eGroupWare-phpsysinfo-1.8-alt6.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/egroupware/phpsysinfo/tools/GenerateCL.sh: $ grep -A5 -B5 /tmp/ /usr/share/egroupware/phpsysinfo/tools/GenerateCL.sh #!/bin/sh # run this in phpsysinfo home dir # rm -f ChangeLog.bak ChangeLog /tmp/xx.txt /tmp/ChangeLog find . -type f | sed -e 's/\.\///g' | grep -v -w CVS | grep -v -x 'config.php'| grep -v '^tools/' | grep -v -x 'genlog.sh' > /tmp/xx.txt cat /tmp/xx.txt | xargs ./tools/cvs2cl.pl -t -f /tmp/ChangeLog sed -e 's/webbie$/webbie (webbie at ipfw dot org)/g' \ -e 's/precision$/precision Uriah Welcome (precision at users.sf.net)/g' \ -e 's/jengo$/jengo Joseph Engo (jengo at users.sf.net)/g' \ -e 's/neostrider$/neostrider Joseph King (neostrider at users.sf.net)/g' \ -e 's/bigmichi1$/bigmichi1 Michael Cramer (bigmichi1 at users.sf.net)/g' \ /tmp/ChangeLog > ChangeLog rm -f /tmp/xx.txt /tmp/ChangeLog
	fail	eciadsl-usermode-0.12-alt2.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/eciadsl-testconnection: $ grep -A5 -B5 /tmp/ /usr/bin/eciadsl-testconnection if [ $status -eq 1 ] ; then exit 0 fi # already reconnecting? ps aux > /tmp/eci-test grep startmodem /tmp/eci-test status=$? if [ $status -eq 1 ] ; then grep "eciadsl-start" /tmp/eci-test status=$? if [ $status -eq 0 ] ; then rm -f /tmp/eci-test exit 0 else rm -f /tmp/eci-test fi else rm -f /tmp/eci-test exit 0 fi rm -f /tmp/eci-test # synching? num=`ps aux|grep eciadsl-synch| wc -l` if [ $num -eq 3 ] ; then exit 0 # we are synching! Found error in /usr/bin/eciadsl-doctor: $ grep -A5 -B5 /tmp/ /usr/bin/eciadsl-doctor # note the size in lines of /var/log/messages line=`wc -l /var/log/messages | awk '{print $1}'` function fatal () { tail -n +$line /var/log/messages > /tmp/msg.log # check for "usb-uhci.c: ENXIO 80000380, flags 0, urb c7f401c0, burb c6469140" grep 'usb-uhci.c: ENXIO' /tmp/msg.log # check for "usb-uhci.c: interrupt, status 29, frame# 956" grep 'usb-uhci.c: interrupt' /tmp/msg.log # check for "usb_control/bulk_msg: timeout" grep 'usb_control/bulk_msg' /tmp/msg.log # check for "usb-uhci.c: Host controller halted, trying to restart" grep 'usb-uhci.c: Host controller halted' /tmp/msg.log # check for "usb-uhci.c: process_transfer: fixed toggle" grep 'usb-uhci.c: process_transfer' /tmp/msg.log # check for "usb-uhci.c: iso_find_start: gap in seamless isochronous scheduling" grep 'usb-uhci.c: iso_find_start' /tmp/msg.log rm /tmp/msg.log exit -1; } # use only DEVICES throughout the rest of this script if [ ! -f "${DEVICES}" ] && [ -f "${DEVICES_SUSE}" ]; then -- echo "options from $PPPD_DIR/peers/adsl. We suggest to remove this file or make a"; echo "backup copy." ; grep "^nodetach" $PPPD_DIR/options > /dev/null if [ $? -eq 0 ]; then echo "Removing 'nodetach' option from $PPPD_DIR/options..." ; grep -v "^nodetach" $PPPD_DIR/options > /tmp/options mv /tmp/options $PPPD_DIR/options fi fi # check for an existing PPP connection (select the first one if several) PPP=`ifconfig | grep "^ppp" | head -n 1 | awk '{print $1}'` if [ "$PPP" = "" ]; then echo "No existing PPP connection... trying to make one (please wait)" ; nice --20 pppd call adsl updetach | tee /tmp/ppp.log # check if we succeed in making a new PPP connection PPP=`ifconfig | grep "^ppp" | head -n 1 | awk '{print $1}'` if [ "$PPP" = "" ]; then # check for usermode driver crash grep "Modem hangup" /tmp/ppp.log > /dev/null if [ $? -eq 0 ]; then echo "PPP: very bad ... usermode driver just crashed" ; rm /tmp/ppp.log fatal; fi # check for no response from PPP grep 'LCP: timeout sending Config-Requests' /tmp/ppp.log > /dev/null if [ $? -eq 0 ]; then echo "PPP connection failed: check your vci & vpi parameters in $PPPD_DIR/peers/adsl and check for USB errors in /var/log/messages" ; rm /tmp/ppp.log fatal; fi # check for invalid password grep 'CHAP authentication failed' /tmp/ppp.log > /dev/null if [ $? -eq 0 ]; then echo "CHAP authentication failed: check your user in $PPPD_DIR/peers/adsl and the matching password in $PPPD_DIR/chap-secrets" ; rm /tmp/ppp.log fatal; fi # check for "sent [LCP ConfRej id=0xa5 ]" grep 'sent \[LCP ConfRej' /tmp/ppp.log | grep '' > /dev/null if [ $? -eq 0 ]; then echo "Password for user $user is missing in $PPPD_DIR/chap-secrets"; rm /tmp/ppp.log fatal; fi echo "Cannot make a PPP connection: Fatal" ; rm /tmp/ppp.log fatal; else rm /tmp/ppp.log echo "PPP connection is OK" ; fi else echo "PPP connection is OK" ; fi
	fail	environment-modules-3.2.10-alt1_16.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/Modules/bin/add.modules: $ grep -A5 -B5 /tmp/ /usr/share/Modules/bin/add.modules $3 > $2 } # find if certain of the dot files have load lines already findload() { grep "^[ ]*module[ ]*load" $1 > /tmp/load.$$ } # put common stuff derivatives here $1=.dot_file $2=action $3=shell(csh,sh) $4=skel alternative shdot() { if [ -f $1 ] then /bin/cat <> $1 else /bin/cat >> $1 < $1 <> $1 else /bin/cat >> $1 <> $1 <> $1 && /bin/rm /tmp/$1.$$ elif [ x$2 = xalias ] then /bin/cat <> $1 && /bin/rm /tmp/$1.$$ fi else /bin/echo "Had problems with your $1" fi else /bin/cat < /dev/null } # process files in $HOME cd $HOME if [ -r .bash_profile ]; then
	fail	foo2zjs-20140519-alt1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/foo2hbpl2-wrapper: $ grep -A5 -B5 /tmp/ /usr/bin/foo2hbpl2-wrapper #%%BeginFeature: *CustomPageSize True #792.000000 612.000000 1 0.000000 0.000000 #pop pop pop pop pop if [ $DEBUG = 0 ]; then TMPFILE=/tmp/cus$$ else TMPFILE=/tmp/custom.ps fi cat >$TMPFILE exec <$TMPFILE tmp=`head -n 10000 $TMPFILE \ -- case $NUP in [234689]|1[024568]) PREFILTER="nup";; *) PREFILTER=cat;; esac if [ "$DEBUG" -ge 9 ]; then PREFILTER="tee /tmp/$BASENAME.ps" fi # # Overload -G. If the file name ends with ".icm" or ".ICM" # then convert the ICC color profile to a Postscript CRD, -- GAMMAFILE= fi } if [ $DEBUG -gt 0 ]; then ICCTMP=/tmp/icc else ICCTMP=/tmp/icc$$ fi if [ "" = "$COLOR" ]; then COLORMODE= GAMMAFILE= -- # CRD GAMMAFILE="" GAMMAFILE="$GAMMAFILE $CRDBASE/${model}cms" GAMMAFILE="$GAMMAFILE $CRDBASE/$SCREEN" # Black text... TMPFILE2=/tmp/black$$ cat $CRDBASE/black-text.ps - >$TMPFILE2 exec <$TMPFILE2 ;; *.crd) GAMMAFILE="$CRDBASE/prolog.ps"
	fail	gccxml-0.9-alt1.cvs20081111.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/gccxml-0.9/MIPSpro/find_flags: $ grep -A5 -B5 /tmp/ /usr/share/gccxml-0.9/MIPSpro/find_flags D__RTTI __RTTI #endif #ifdef __STDC__ D__STDC__ __STDC__ #endif " > /tmp/$TESTFILE.cxx # Find the macro definition options. MACROS=` ${CXX} ${CXXFLAGS} -E -v /tmp/$TESTFILE.cxx 2>&1 | sed -n '/_COMPILER_VERSION/{s/ \/tmp\/'$TESTFILE'.cxx.*$// s/ -/\\ -/g;p;}' | sed -n '/^-D.*$/{s/-D\([^=]*\)=\([^ ]\{1,\} .*\)/-D\1='\''\2'\''/;p;}' | sed -n 'H;${g;s/\n/ /g;p;}'` # Find the internally defined macros. LANGSTD=` ${CXX} ${CXXFLAGS} -E -v /tmp/$TESTFILE.cxx 2>&1 | sed -n '/^D/ {s/^D/-D/;s/ /=/;p;}' | sed -n 'H;${g;s/\n/ /g;p;}'` # Find the include path options. INCLUDES=` ${CXX} ${CXXFLAGS} -E -v /tmp/$TESTFILE.cxx 2>&1 | sed -n '/_COMPILER_VERSION/{s/ \/tmp\/'$TESTFILE'.cxx.*$// s/ -/\\ -/g;p;}' | sed -n '/^-I.*$/{p;}' | sed -n 'H;${g;s/\n/ /g;p;}'` -- SELFPATH=`echo $0 | sed -n '/\//{s/\/find_flags//;p;}'` if test "x$SELFPATH" = "x" ; then SELFPATH="." ; fi SELFPATH=`cd "$SELFPATH" ; pwd` INCLUDES="-iwrapper\"$SELFPATH/7.3\" $INCLUDES" rm -f /tmp/$TESTFILE.cxx # Format and print out the options. OPTIONS="$MACROS $LANGSTD $INCLUDES" echo $OPTIONS
	fail	gnormalize-0.63-alt1.qa1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/gnormalize: $ grep -A5 -B5 /tmp/ /usr/bin/gnormalize if ($show_cdplayer_skin and defined $window_cd_player){ # with skin_xTunes $widget->set_size_request (225, 90); # set a minimum size: (width,height) ; skin_xTunes #(pixmap, mask) = Gtk2::Gdk::Pixmap->create_from_xpm ($drawable, $transparent_color, $filename) #($pixmap, $pixmap_mask) = Gtk2::Gdk::Pixmap->create_from_xpm ($widget->window, undef, '/tmp/skin_xTunes.xpm'); ($pixmap, $pixmap_mask) = Gtk2::Gdk::Pixmap->create_from_xpm_d($widget->window, undef, @skin_xTunes); #my $pixmap_widget = Gtk2::Image->new_from_pixmap ($gdkpixmap, $mask); $window_cd_player->shape_combine_mask( $pixmap_mask, 0, 0 ) if not $window_cd_player->get_decorated; -- ###----------- add files to treeview --------------### sub sort_full_path_names{ my @array = @_; # For example: # $array[0] = '/tmp/teste/teste4/mus.mp3' # $array[1] = '/tmp/teste/teste2/teste4/mus.mp3' # $array[2] = '/tmp/mus.mp3' # First, sort this array in ascending order by number of '/' character. # Then, sort in case-insensitively mode. # sort case-insensitively : @articles = sort {uc($a) cmp uc($b)} @files; (see man perlfunc) # multiple comparisons in the routine and separate them with ||. # See Perl Cookbook, 2nd Edition. Chap. 4.16; 10.18 for help; #my $teste = '/tmp/teste/teste2/teste4/mus.mp3'; $teste =~ s/[^\/]//g; print "teste = $teste\n"; # output: teste = ///// # first compare the number of directory character '/'. sub compare_dir { (my $temp1 = $a) =~ s/[^\/]//g; # remove all character but '/' (my $temp2 = $b) =~ s/[^\/]//g; -- #This file 100% done All files 99% done # WaveGain Processing completed normally # No Title Gain adjustment or DC Offset correction required for file: # Error renaming '/tmp/wavegain.tmp' to '04.wav' (uh-oh) # Error processing GAIN for file - 04.wav #print "--> $_\n"; if ( $_ =~ /^\s+Applying Gain of ([-+]\d+[.,]\d+) dB to file:/ ){ $adjust = $1; } -- # leave room for WAV header (44 bytes) #seek WAV, 44, 0; #print "cdrom_rip = $cdrom_rip; value = $$addr[0]; addr = $addr; startframe = $startframe\n"; open WAV, ">/tmp/track${track}.wav" or die $!; binmode WAV; #print WAV $cdrom_rip; for (my $i=0;$i<2352;$i++){ print WAV $buf[$i]; } #syswrite(WAV, $buffer, 2352 );
	fail	hunspell-utils-1.3.1-alt1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/wordforms: $ grep -A5 -B5 /tmp/ /usr/bin/wordforms fx=0 case $1 in -s) fx=1; shift;; -p) fx=2; shift;; esac test -h /tmp/wordforms.aff && rm /tmp/wordforms.aff ln -s $PWD/$1 /tmp/wordforms.aff # prepared dic only with the query word echo 1 >/tmp/wordforms.dic grep "^$3/" $2 >>/tmp/wordforms.dic echo $3 | awk -v "fx=$fx" ' fx!=2 && FILENAME!="-" && /^SFX/ && NF > 4{split($4,a,"/");clen=($3=="0") ? 0 : length($3);sfx[a[1],clen]=a[1];sfxc[a[1],clen]=clen;next} fx!=1 && FILENAME!="-" && /^PFX/ && NF > 4{split($4,a,"/");clen=($3=="0") ? 0 : length($3);pfx[a[1],clen]=a[1];pfxc[a[1],clen]=clen;next} FILENAME=="-"{ wlen=length($1) -- for (j in pfx) {if (wlen<=pfxc[j]) continue; for(i in sfx){clen=sfxc[i];if (wlen<=clen || wlen <= (clen + pfxc[j]))continue; print (pfx[j]=="0" ? "" : pfx[j]) substr($1, pfxc[j]+1, wlen-clen-pfxc[j]) (sfx[i]=="0" ? "": sfx[i]) }} } } ' /tmp/wordforms.aff - | hunspell -d /tmp/wordforms -G -l
	fail	impose+-0.2-alt2.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/impose: $ grep -A5 -B5 /tmp/ /usr/bin/impose $ybot=30 unless $ybot; $pages=6 unless defined $pages; $rotdir="L" unless $rotdir; $filename = shift or do { $filename = "/tmp/$ENV{USER}-tmp.ps"; open(TMP, ">$filename"); while(<>) { print TMP; } close(TMP); $do_stdout++; $do_erase_tmp++; -- $_=; @oddbbox=split; $_=; @evenbbox=split; @oddbbox = @evenbbox unless @evenbbox; close(BB); } elsif ($lastbbox && -e "/tmp/bboxx-$ENV{USER}") { open(BB,"/tmp/bboxx-$ENV{USER}"); $_=; @oddbbox=split; $_=; @evenbbox=split; close(BB); # print "oddbbox = @oddbbox\n"; # print "evenbbox = @evenbbox\n"; -- } @evenbbox = @oddbbox if $noevenodd; # record the bboxx information open(BB, ">/tmp/bboxx-$ENV{USER}"); print BB "@oddbbox\n@evenbbox\n"; close(BB); # Do page calculations $oddwidth = $oddbbox[2]-$oddbbox[0];
	fail	installer-distro-altlinux-server-stage2-7.0.2-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/install2/initinstall.d/05-vm-profile: $ grep -A5 -B5 /tmp/ /usr/share/install2/initinstall.d/05-vm-profile #!/bin/sh # see also http://www.altlinux.org/Autoinstall message() { echo "vm-profile: $*" >>/tmp/vm-profile.log; } mem="$(sed -n '/^MemTotal/s/[^0-9]//gp' /proc/meminfo)" # in kB max_disk="$(sort -rn /sys/block/[hs]d*/size | head -1)" # in 512-byte sectors # feel free to suggest better defaults
	fail	installer-scripts-remount-stage2-0.5.14-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/sbin/install2-remount-functions: $ grep -A5 -B5 /tmp/ /usr/sbin/install2-remount-functions start_mdraid && start_lvm && start_luks && mount_chroot && set_active \ ) >& /tmp/remount.log || return $? } # avoid automatic rpm shell.req dependency MULTIPATHD=/sbin/multipathd MDADM=/sbin/mdadm LVM=/sbin/lvm CRYPTSETUP=/sbin/cryptsetup CRYPTSETUP_KEY=/tmp/empty PUTFILE=/usr/share/make-initrd/tools/put-file BLKID="blkid -c /dev/null" # alterator-vm should leave LUKS containers # with initial empty password, see #28200 -- # for installer-feature-desktop-other-fs, see also #29005 save_blkid_state() { find /dev/mapper -type l \ | xargs -r $BLKID \ > /tmp/blkid.dm } populate_fstab() { [ ! -f /tmp/fstab ] || cat /tmp/fstab >> "$destdir/etc/fstab" } copy_chroot_binaries() { useputfile= if [ -x "$destdir$PUTFILE" ]; then useputfile='yes' binddir="$(mktemp -d "$destdir/tmp/copy_chroot_binaries.XXXXXXXXX")" workdir="${binddir#$destdir}" mount --bind / "$binddir" else echo "remount: file does not exist or is not available for execution: $destdir$PUTFILE" >&2 fi -- stop_mdraid() { # saving state is only important *after* evms if [ -f /proc/mdstat -a -x "$MDADM" ]; then "$MDADM" --examine --scan \ | grep '^ARRAY /dev/md[0-9/]' > /tmp/mdadm.conf "$MDADM" --stop --scan fi } start_mdraid() { if [ -s /tmp/mdadm.conf -a -x "$MDADM" ]; then # an arbitrary value of the year: packages installed already sysctl -w dev.raid.speed_limit_max=1000000 # chroot's mdadm.conf populated by 45-mdadm.sh "$MDADM" --assemble --run --scan --config=/tmp/mdadm.conf ||: fi } start_multipath() { if [ -x "$MULTIPATHD" ]; then -- done fi } mount_chroot() { # depends on /tmp/fstab just like 10-fstab.sh rootfs="$(awk '{ if ($2=="/") print $1 }' < /tmp/fstab)" case "$rootfs" in UUID=*) rootfs="`$BLKID -U ${rootfs#UUID=}`" ;; LABEL=*)
	fail	kismet-common-2010.07.R1-alt1.1.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/kismet-common-2010.07.R1/old/multi-gpsmap.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/kismet-common-2010.07.R1/old/multi-gpsmap.sh if [[ $lat != 0 ]]; then echo $lat cat > /dev/null break fi done > /tmp/mg$$ latitude=`cat /tmp/mg$$` bc -l << EOF > /tmp/mg$$ scale=3 c(($latitude etc usr 8 etc usr a(1))/360) EOF cos_lat=`cat /tmp/mg$$` rm /tmp/mg$$ awk '/gps-point/ { if ( $3 ~ "source.*" ) { print $6" "$7 } else { print $5" "$6 }}' < $1 | while read line; do eval $line echo $lat $lon done | awk -v cos_lat=$cos_lat -v scale=$scale 'BEGIN {olat=0}
	fail	libpacemaker-devel-1.1.17-alt0.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/pacemaker/tests/cli/regression.sh: $ grep -A5 -B5 /tmp/ /usr/share/pacemaker/tests/cli/regression.sh desc="Allow CIB erasure with --force" cmd="cibadmin -E --force" test_assert 0 desc="Query CIB" cmd="cibadmin -Q > /tmp/$$.existing.xml" test_assert 0 desc="Set cluster option" cmd="crm_attribute -n cluster-delay -v 60s" test_assert 0 -- desc="Query new cluster option" cmd="cibadmin -Q -o crm_config | grep cib-bootstrap-options-cluster-delay" test_assert 0 desc="Query cluster options" cmd="cibadmin -Q -o crm_config > /tmp/$$.opt.xml" test_assert 0 desc="Set no-quorum policy" cmd="crm_attribute -n no-quorum-policy -v ignore" test_assert 0 -- desc="Delete nvpair" cmd="cibadmin -D -o crm_config --xml-text ''" test_assert 0 desc="Create operaton should fail" cmd="cibadmin -C -o crm_config --xml-file /tmp/$$.opt.xml" test_assert 76 desc="Modify cluster options section" cmd="cibadmin -M -o crm_config --xml-file /tmp/$$.opt.xml" test_assert 0 desc="Query updated cluster option" cmd="cibadmin -Q -o crm_config | grep cib-bootstrap-options-cluster-delay" test_assert 0 -- cmd="cibadmin -Q | cibadmin -5 -p 2>&1 > /dev/null" test_assert 0 # This update will fail because it has version numbers desc="Replace operation should fail" cmd="cibadmin -R --xml-file /tmp/$$.existing.xml" test_assert 205 desc="Default standby value" cmd="crm_standby -N node1 -G" test_assert 0 -- desc="Create a resource meta attribute in the parent" cmd="crm_resource -r test-clone --meta -p is-managed -v true --force" test_assert 0 desc="Copy resources" cmd="cibadmin -Q -o resources > /tmp/$$.resources.xml" test_assert 0 0 desc="Delete resource paremt meta attribute (force)" cmd="crm_resource -r test-clone --meta -d is-managed --force" test_assert 0 desc="Restore duplicates" cmd="cibadmin -R -o resources --xml-file /tmp/$$.resources.xml" test_assert 0 desc="Delete resource child meta attribute" cmd="crm_resource -r test-primitive --meta -d is-managed" test_assert 0 rm -f /tmp/$$.existing.xml /tmp/$$.resources.xml } function test_dates() { desc="2014-01-01 00:30:00 - 1 Hour" cmd="iso8601 -d '2014-01-01 00:30:00Z' -D P-1H -E '2013-12-31 23:30:00Z'" -- export CIB_user=betteridea desc="$CIB_user: Query configuration - explicit deny" cmd="cibadmin -Q" test_assert 0 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --delete --xml-text '' CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql export CIB_user=niceguy desc="$CIB_user: Replace - remove acls" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml" test_assert 13 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -C -o resources --xml-text '' CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - create resource" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml" test_assert 13 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" crm_attribute -n enable-acl -v false CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - modify attribute (deny)" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml" test_assert 13 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --replace --xml-text '' CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - delete attribute (deny)" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml" test_assert 13 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --modify --xml-text '' CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - create attribute (deny)" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml" test_assert 13 0 rm -rf /tmp/$$.haxor.xml CIB_user=bob CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --modify --xml-text '' CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - create attribute (allow)" cmd="cibadmin --replace -o resources --xml-file /tmp/$$.haxor.xml" test_assert 0 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --modify --xml-text '' CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - modify attribute (allow)" cmd="cibadmin --replace -o resources --xml-file /tmp/$$.haxor.xml" test_assert 0 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --replace -o resources --xml-text '' CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - delete attribute (allow)" cmd="cibadmin --replace -o resources --xml-file /tmp/$$.haxor.xml" test_assert 0 0 } function test_acls() { export CIB_shadow_dir=$test_home $VALGRIND_CMD crm_shadow --batch --force --create-empty $shadow --validate-with pacemaker-1.3 2>&1 export CIB_shadow=$shadow cat </tmp/$$.acls.xml -- EOF desc="Configure some ACLs" cmd="cibadmin -M -o acls --xml-file /tmp/$$.acls.xml" test_assert 0 desc="Enable ACLs" cmd="crm_attribute -n enable-acl -v true" test_assert 0 -- export PCMK_stderr=1 cibadmin -C -o resources --xml-text '' cibadmin -C -o resources --xml-text '' cibadmin -C -o constraints --xml-text '' cibadmin -Q > /tmp/$$.good-1.2.xml desc="Try to make resulting CIB invalid (enum violation)" cmd="cibadmin -M -o constraints --xml-text ''" test_assert 203 sed 's|"start"|"break"|' /tmp/$$.good-1.2.xml > /tmp/$$.bad-1.2.xml desc="Run crm_simulate with invalid CIB (enum violation)" cmd="crm_simulate -x /tmp/$$.bad-1.2.xml -S" test_assert 126 0 desc="Try to make resulting CIB invalid (unrecognized validate-with)" cmd="cibadmin -M --xml-text ''" test_assert 203 sed 's|"pacemaker-1.2"|"pacemaker-9999.0"|' /tmp/$$.good-1.2.xml > /tmp/$$.bad-1.2.xml desc="Run crm_simulate with invalid CIB (unrecognized validate-with)" cmd="crm_simulate -x /tmp/$$.bad-1.2.xml -S" test_assert 126 0 desc="Try to make resulting CIB invalid, but possibly recoverable (valid with X.Y+1)" cmd="cibadmin -C -o configuration --xml-text ''" test_assert 203 sed 's||\0|' /tmp/$$.good-1.2.xml > /tmp/$$.bad-1.2.xml desc="Run crm_simulate with invalid, but possibly recoverable CIB (valid with X.Y+1)" cmd="crm_simulate -x /tmp/$$.bad-1.2.xml -S" test_assert 0 0 sed 's|\s\s*validate-with="[^"]*"||' /tmp/$$.good-1.2.xml > /tmp/$$.bad-1.2.xml desc="Make resulting CIB valid, although without validate-with attribute" cmd="cibadmin -R --xml-file /tmp/$$.bad-1.2.xml" test_assert 0 desc="Run crm_simulate with valid CIB, but without validate-with attribute" cmd="crm_simulate -x /tmp/$$.bad-1.2.xml -S" test_assert 0 0 # this will just disable validation and accept the config, outputting # validation errors sed -e 's|\s\s*validate-with="[^"]*"||' \ -e 's|\(\s\s*epoch="[^"]*\)"|\10"|' -e 's|"start"|"break"|' \ /tmp/$$.good-1.2.xml > /tmp/$$.bad-1.2.xml desc="Make resulting CIB invalid, and without validate-with attribute" cmd="cibadmin -R --xml-file /tmp/$$.bad-1.2.xml" test_assert 0 desc="Run crm_simulate with invalid CIB, also without validate-with attribute" cmd="crm_simulate -x /tmp/$$.bad-1.2.xml -S" test_assert 0 0 rm -f /tmp/$$.good-1.2.xml /tmp/$$.bad-1.2.xml } for t in $tests; do echo "Testing $t" test_$t > $test_home/regression.$t.out -- -e 's/Created new pacemaker-.* configuration/Created new pacemaker configuration/'\ -e 's/.*__xml_acl_check/__xml_acl_check/g'\ -e 's/.*__xml_acl_post_process/__xml_acl_post_process/g'\ -e 's/.*error: unpack_resources:/error: unpack_resources:/g'\ -e 's/ last-rc-change=\"[0-9]*\"//'\ -e 's|^/tmp/[0-9][0-9]*\.||'\ -e 's/^Entity: line [0-9][0-9]*: //'\ -e 's/schemas\.c:\([0-9][0-9]*\)/schemas.c:NNN/' \ -e 's/\(validation ([0-9][0-9]* of \)[0-9][0-9]*\().*\)/\1X\2/' $test_home/regression.$t.out if [ $do_save = 1 ]; then
	fail	lua-module-luasocket-3.0rc1-alt1_lr1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/luarocks/rocks/luasocket/3.0rc1-1/test/cgi/cat: $ grep -A5 -B5 /tmp/ /usr/lib/luarocks/rocks/luasocket/3.0rc1-1/test/cgi/cat #!/bin/sh echo Content-type: text/plain echo cat > /tmp/luasocket.cat.tmp cat /tmp/luasocket.cat.tmp
	fail	lxc-2.0.4-alt1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/lxc/templates/lxc-plamo: $ grep -A5 -B5 /tmp/ /usr/share/lxc/templates/lxc-plamo /^# Initialize sysctl/;/^echo "Starting services/-1d /^sync/;/^# All done/-1d w EOF # /etc/rc.d/rc.inet1.tradnet head -n-93 $rootfs/sbin/netconfig.tradnet > /tmp/netconfig.rconly cat <<- EOF >> /tmp/netconfig.rconly PCMCIA=n RC=$rootfs/etc/rc.d/rc.inet1.tradnet IFCONFIG=sbin/ifconfig ROUTE=sbin/route INET1SCHEME=var/run/inet1-scheme -- DHCPCD=usr/sbin/dhclient LOOPBACK=y make_config_file EOF rm -f $rootfs/etc/rc.d/rc.inet1.tradnet sh /tmp/netconfig.rconly rm -f /tmp/netconfig.rconly sed -i '/cmdline/s/if/& false \&\&/' $rootfs/etc/rc.d/rc.inet1.tradnet # /etc/rc.d/rc.inet2 sed -i '/rpc.mountd/s/^/#/' $rootfs/etc/rc.d/rc.inet2 sed -i '/modprobe/s/^/#/' $rootfs/etc/rc.d/rc.inet2 # configure to start only the minimum of service
	fail	lz11-V2-1.2-alt1.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/lz11.stopjobs: $ grep -A5 -B5 /tmp/ /usr/bin/lz11.stopjobs if [ -z "${pids}" ] ; then exit 0 fi echo "${pids}" > /tmp/lz11.terminate waitcounts=30 echo echo echo "removing all active printer jobs for --$(whoami)-- " echo " etc usr with PIDS ${pids}" -- if [ ${nonefound} == 1 ] ; then i=${waitcounts} echo -n " STOPPED!" fi done rm -f /tmp/lz11.terminate echo if [ ${nonefound} = 0 ] ; then echo "The program could not stop the prints safely." echo "Just killing the print processes now!" echo Found error in /usr/bin/lz11.foomatic: $ grep -A5 -B5 /tmp/ /usr/bin/lz11.foomatic $debug = 1; local *ERR; if ($debug) { open(ERR,">>/tmp/lz11err"); print ERR "-----------\n"; print ERR "@ARGV\n"; } else { open(ERR, ">&STDERR"); } -- # ---------------------------------------------------------- # cZ11 command line # ---------------------------------------------------------- $cz11 = "cZ11-V2 $devicez11 $sizez11 $adjustz11"; if ( $cancel == 1 ) { $cz11 = "$cz11"." --terminate=/tmp/lz11.terminate"; } elsif ( $cancel ) { $cz11 = "$cz11"." --terminate-eject=/tmp/lz11.terminate"; } $cz11 = "$cz11"." 2>>/tmp/lz11err"; # ---------------------------------------------------------- # Do it! # ---------------------------------------------------------- $invokation = "$gs -q -dBATCH -dSAFER -dNOPAUSE $devicegs $ditherppi $resgs $sizegs -sOutputFile=- - | $cz11"; if ($debug) { print ERR "$invokation \n"; } system("$invokation"); system("chmod a+rw /tmp/lz11*"); close(ERR);
	fail	m2300w-0.51-alt1.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/m2300w-wrapper: $ grep -A5 -B5 /tmp/ /usr/bin/m2300w-wrapper # is heavy based on the Script from Rick's 'foo2zjs-wrapper' for the # Minolta Magiccolor 2300DL. # So i will leave his copyright on it. #********************************************************************* cat >> /tmp/m2300w.log <> /tmp/m2300w.log <>/tmp/m2300w.log) 3>&1 | tee /tmp/m2300w_gsout.pbm | $DRIVER $DRIVER_DEBUG $M2300WUCR $SAVETONER $PAPERCODE $MEDIACODE \ -i - -o - $COLOR $RESCODESTR | tee /tmp/m2300w.prn EOF $PREFILTER | ($GS $gsPaperCode $RES $GSDEV $GSOPT \ -sOutputFile="|cat 1>&3" $RENDERFILES - >>/tmp/m2300w.log) 3>&1 | tee_pbm | $DRIVER $DRIVER_DEBUG $M2300WUCR $SAVETONER $PAPERCODE $MEDIACODE \ -i - -o - $COLOR $RESCODESTR | tee_prn
	fail	mingw32-hunspell-1.2.12-alt1_4.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/i586-pc-mingw32/sys-root/mingw/bin/i586-pc-mingw32-wordforms: $ grep -A5 -B5 /tmp/ /usr/i586-pc-mingw32/sys-root/mingw/bin/i586-pc-mingw32-wordforms fx=0 case $1 in -s) fx=1; shift;; -p) fx=2; shift;; esac test -h /tmp/wordforms.aff && rm /tmp/wordforms.aff ln -s $PWD/$1 /tmp/wordforms.aff # prepared dic only with the query word echo 1 >/tmp/wordforms.dic grep "^$3/" $2 >>/tmp/wordforms.dic echo $3 | awk -v "fx=$fx" ' fx!=2 && FILENAME!="-" && /^SFX/ && NF > 4{split($4,a,"/");clen=($3=="0") ? 0 : length($3);sfx[a[1],clen]=a[1];sfxc[a[1],clen]=clen;next} fx!=1 && FILENAME!="-" && /^PFX/ && NF > 4{split($4,a,"/");clen=($3=="0") ? 0 : length($3);pfx[a[1],clen]=a[1];pfxc[a[1],clen]=clen;next} FILENAME=="-"{ wlen=length($1) -- for (j in pfx) {if (wlen<=pfxc[j]) continue; for(i in sfx){clen=sfxc[i];if (wlen<=clen || wlen <= (clen + pfxc[j]))continue; print (pfx[j]=="0" ? "" : pfx[j]) substr($1, pfxc[j]+1, wlen-clen-pfxc[j]) (sfx[i]=="0" ? "": sfx[i]) }} } } ' /tmp/wordforms.aff - | hunspell -d /tmp/wordforms -G -l
	fail	mstflint-1.4-alt2.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/hca_self_test.ofed: $ grep -A5 -B5 /tmp/ /usr/bin/hca_self_test.ofed fi # Check host driver initialization HOST_DRIVER_INIT=0 if [ $NUM_HCAS -ne 0 ] && [ $RPM_CHECK_FAIL -eq 0 ]; then MODPROBE_OUT_FILE="/tmp/hca_self_test_modprobe.output" # Save the output of modprobe ib_ipoib in a tmp file modprobe ib_ipoib &> $MODPROBE_OUT_FILE let RET_CODE=$? if [ $RET_CODE -eq 0 ]; then echo -e "Host Driver Initialization ............. ${green}PASS" -- # Kernel syslog check # Save the output of dmesg in a tmp file if [ $HOST_DRIVER_INIT -eq 1 ]; then dmesg > /tmp/hca_self_test_dmesg.output VAPI_ERROR_COUNT=`egrep oom-\|"Out of Memory"\|tsIb\|VAPI\|THH_\|THHUL\|KERNEL_IB\|IB_NET\|MOD_LNX_SDP /tmp/hca_self_test_dmesg.output 2> /dev/null | grep -v 'SOCK: GETSOCKOPT unimplemented option <2>' | wc -l` OOPS_COUNT=`grep Oops /tmp/hca_self_test_dmesg.output 2> /dev/null | wc -l` KERNEL_PANIC_COUNT=`grep "Kernel panic" /tmp/hca_self_test_dmesg.output 2> /dev/null | wc -l` if [ $VAPI_ERROR_COUNT -eq 0 ] && [ $OOPS_COUNT -eq 0 ] && [ $KERNEL_PANIC_COUNT -eq 0 ]; then echo -e "Kernel Syslog Check .................... ${green}PASS" tput sgr0 else echo -e "Kernel Syslog Check .................... ${red}FAIL" tput sgr0 EXIT_CODE=1 if [ $OOPS_COUNT -ne 0 ]; then echo " REASON: Kernel syslog reported: Oops " grep Oops /tmp/hca_self_test_dmesg.output | uniq | awk -F'\n' '{print " " $1 }' fi if [ $KERNEL_PANIC_COUNT -ne 0 ]; then echo " REASON: Kernel syslog reported: Kernel panic " grep "Kernel panic" /tmp/hca_self_test_dmesg.output | uniq | awk -F'\n' '{print " " $1 }' fi if [ $VAPI_ERROR_COUNT -ne 0 ]; then echo " REASON: Kernel syslog reported: Driver messages " egrep oom-\|"Out of Memory"\|tsIb\|VAPI\|THH_\|THHUL\|KERNEL_IB\|IB_NET\|MOD_LNX_SDP /tmp/hca_self_test_dmesg.output | grep -v 'SOCK: GETSOCKOPT unimplemented option <2>' | uniq | awk -F'\n' '{print " " $1 }' fi fi else echo "Kernel Syslog Check .................... NA" fi -- done fi echo "------------------ DONE ---------------------" echo #rm -f /tmp/hca_self_test_modprobe.output rm -f /tmp/hca_self_test_dmesg.output exit $EXIT_CODE
	fail	ndiswrapper-1.59-alt1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/sbin/ndiswrapper-buginfo: $ grep -A5 -B5 /tmp/ /usr/sbin/ndiswrapper-buginfo # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA LOGFILE=`mktemp /tmp/ndiswrapper.XXXXXX` KVERS=`uname -r` log() { echo -e "$*" 2>&1 >> $LOGFILE -- log "kernel config missing" fi fi fi gzip -c $LOGFILE > /tmp/ndiswrapper-buginfo.gz echo "please attach /tmp/ndiswrapper-buginfo.gz to your bugreport!" \rm -f $LOGFILE
	fail	ocsinventory-agent-1.1.2-alt2.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/ocsinventory-agent: $ grep -A5 -B5 /tmp/ /usr/bin/ocsinventory-agent =item B<--stdout> Print the inventory on stdout. % ocsinventory-agent --stdout > /tmp/report.xml # prepare an inventory and write it in the /tmp/report.xml file. # A file will be created. =item B<--scan-homedirs> Authorized OCS to scan home directories to increase the Virtual Machine inventory.
	fail	otl-0.54-alt1.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/otlsub: $ grep -A5 -B5 /tmp/ /usr/bin/otlsub ################################### # need to rewrite and reread file so that \n's are now processed correctly # and each line ends up as a separate array element # -- write it to temp file unlink("/tmp/tmp.otl"); open(FOUT, ">/tmp/tmp.otl"); flock(FOUT,2); print FOUT @linesout; close (FOUT); # now read it @linesout=(); open(INFO,"/tmp/tmp.otl"); @linesout=; close(INFO); # # $llength is length of linesout Found error in /usr/bin/otl: $ grep -A5 -B5 /tmp/ /usr/bin/otl #### # # need to rewrite and reread file so that \n's are now processed correctly # and each line ends up as a separate array element # -- write it to temp file open(FOUT, ">/tmp/tmp.otl"); flock(FOUT,2); print FOUT @linesout; close (FOUT); # now read it @linesout=(); open(INFO,"/tmp/tmp.otl"); @linesout=; close(INFO); $lineslength=@linesout; if ($debug)
	fail	perl-Tapper-Cmd-5.0.6-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/perl5/auto/Tapper/Cmd/Init/hello-world/run-hello-world.sh: $ grep -A5 -B5 /tmp/ /usr/share/perl5/auto/Tapper/Cmd/Init/hello-world/run-hello-world.sh start-tapper-daemon () { DAEMON=$1 if ps auxwww | grep -v grep | grep $DAEMON ; then kill $(ps auxwww | grep -v grep | grep $DAEMON | awk '{print $2}') fi $DAEMON > /tmp/$DAEMON-helloworld.log 2>&1 & } start-tapper-daemon tapper_reports_web_server.pl start-tapper-daemon tapper-reports-receiver start-tapper-daemon tapper-reports-api
	fail	plan9-1.0-alt1.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/plan9/bin/ps: $ grep -A5 -B5 /tmp/ /usr/lib/plan9/bin/ps then all=yes fi export all cat >/tmp/awk.xxx$$ <<'!' BEGIN{ state["D"] = "Spinwait"; state["I"] = "Idle"; state["J"] = "Jail"; state["R"] = "Ready"; -- ! case "${SYSNAME:-`uname`}" in SunOS) /bin/ps -aA -o 'user,pid,stime,time,rss,s,s,args' | sed 1d | nawk -f /tmp/awk.xxx$$ | sort -n +1 ;; *) /bin/ps -axww -o 'user,pid,start,time,rss,stat,wchan,command' | sed 1d | awk -f /tmp/awk.xxx$$ | sort -n +1 ;; esac rm -f /tmp/awk.xxx$$
	fail	plan9-man-1.0-alt1.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/plan9/bin/man: $ grep -A5 -B5 /tmp/ /usr/lib/plan9/bin/man MAN=manhtml b=`{echo $1 | sed 's/\.[0-9].*//'} if(test -f $b.html) web $b.html if not{ roff t $1 | troff2html >/tmp/man.$pid.$seq.html web /tmp/man.$pid.$seq.html seq=`{echo 1+$seq | hoc} } } #
	fail	pptpd-1.4.0-alt2.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/pptpd-1.4.0/tools/vpnuser: $ grep -A5 -B5 /tmp/ /usr/share/doc/pptpd-1.4.0/tools/vpnuser exit 1 fi ;; del) if [ "$(echo $2)" != "" ]; then grep -vw "$2" $config > /tmp/vpnblaat mv /tmp/vpnblaat $config chmod 600 $config else echo -e $ERROR exit 1 fi -- cat $config fi ;; domain) if [ "$(echo $2)" != "" ] & [ "$(echo $3)" != "" ]; then grep -vw "$2" $config > /tmp/vpnblaat DATA=`grep -w "$2" $config` mv /tmp/vpnblaat $config DOM=`echo $3 | tr a-z A-Z` dom=`echo $3 | tr A-Z a-z` echo "$DOM\\\\$DATA" >> $config echo "$dom\\\\$DATA" >> $config chmod 600 $config
	fail	pulseaudio-equalizer-2.7-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/pulseaudio-equalizer: $ grep -A5 -B5 /tmp/ /usr/bin/pulseaudio-equalizer if [ "$1" = "disable" -o "$1" = "enable" ]; then echo "-------------------------------------" echo "Current operation: disabling equalizer" echo "-------------------------------------" echo -n >/tmp/eqcommands.sh # Unload & reload stream-restore module echo "Unloading & reloading stream-restore module..." echo >>/tmp/eqcommands.sh "unload-module $(pacmd list | grep -B1 -m1 'name: ' | grep ' index: ' | sed 's/ index: //g')" echo >>/tmp/eqcommands.sh "load-module module-stream-restore" # Unload LADSPA sink module (if it is already loaded) echo "Unloading module-ladspa-sink..." echo >>/tmp/eqcommands.sh "unload-module $(pacmd list | grep -B1 -m1 'name: ' | grep ' index: ' | sed 's/ index: //g')" # Move active client sinks to ALSA sink echo "Moving active PulseAudio clients to ALSA sink ($PA_MASTER_SINK)..." echo >>/tmp/eqcommands.sh "$(pacmd "list-sink-inputs" | grep 'index: ' | sed 's/ index: /move-sink-input /g' | sed "s/$/ $PA_MASTER_SINK/g")" # Transfer current mute/sink volume to ALSA sink echo "Transferring current mute ($PA_CURRENT_MUTE) & volume ($PA_CURRENT_VOLUME%) to ALSA sink ($PA_MASTER_SINK)..." echo >>/tmp/eqcommands.sh "set-default-sink $PA_MASTER_SINK" echo >>/tmp/eqcommands.sh "set-sink-volume $PA_MASTER_SINK $PA_REAL_VOLUME" echo >>/tmp/eqcommands.sh "set-sink-mute $PA_MASTER_SINK $PA_CURRENT_MUTE" # Execute all queued commands (for potential speed benefit)... pacmd /dev/null fi if [ "$1" = "enable" ]; then echo "-------------------------------------" echo "Current operation: enabling equalizer" echo "-------------------------------------" echo -n >/tmp/eqcommands.sh # Unload & reload stream-restore module with restore_device option disabled (to ensure that previously cached per-client sinks are not used) echo "Unloading & reloading stream-restore module..." echo >>/tmp/eqcommands.sh "unload-module $(pacmd list | grep -B1 -m1 'name: ' | grep ' index: ' | sed 's/ index: //g')" echo >>/tmp/eqcommands.sh "load-module module-stream-restore restore_device=false" # Load LADSPA sink module echo "Loading module-ladspa-sink..." echo >>/tmp/eqcommands.sh "load-module module-ladspa-sink sink_name=$PA_LADSPA_SINK master=$PA_MASTER_SINK plugin=$PA_LADSPA_PLUGIN label=$PA_LADSPA_LABEL control=$PA_LADSPA_CONTROLS" # Transfer current sink mute/volume to LADSPA sink echo "Transferring current mute ($PA_CURRENT_MUTE) & volume ($PA_CURRENT_VOLUME%) to LADSPA sink ($PA_LADSPA_SINK)..." echo >>/tmp/eqcommands.sh "set-sink-volume $PA_LADSPA_SINK $PA_REAL_VOLUME" echo >>/tmp/eqcommands.sh "set-sink-mute $PA_LADSPA_SINK $PA_CURRENT_MUTE" # Unmute & set preamp level on ALSA sink (as LADSPA sink will act as primary volume control) echo "Setting ALSA sink ($PA_MASTER_SINK) preamp ("$PA_PREAMP"x)..." #echo >>/tmp/eqcommands.sh "set-sink-volume $PA_MASTER_SINK $PA_REAL_PREAMP" echo >>/tmp/eqcommands.sh "set-sink-mute $PA_MASTER_SINK 0" # Set the LADSPA sink as the default echo "Setting LADSPA sink ($PA_LADSPA_SINK) as default sink..." echo >>/tmp/eqcommands.sh "set-default-sink $PA_LADSPA_SINK" # Move currently active client sinks to LADSPA sink echo "Moving active PulseAudio clients to LADSPA sink ($PA_LADSPA_SINK)..." echo >>/tmp/eqcommands.sh "$(pacmd "list-sink-inputs" | grep 'index: ' | sed 's/ index: /move-sink-input /g' | sed "s/$/ $PA_LADSPA_SINK/g")" # Execute all queued commands (for potential speed benefit)... pacmd /dev/null fi if [ "$1" = "" -o "$1" = "-h" -o "$1" = "--help" ]; then echo -e "Usage: $SCRIPT_NAME [option]" echo -e "WARNING: This is for internal use by the pulseaudio-equalizer-gtk interface."
	fail	pyrpm-0.69-alt2.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/pyrpmkickstart: $ grep -A5 -B5 /tmp/ /usr/bin/pyrpmkickstart return 1 source_dir = stage2_dir+"/mnt/source" target_dir = stage2_dir+"/mnt/sysimage" repos_dir = stage2_dir+"/mnt/repos" # nfs repo base directory cache_dir = stage2_dir+"/tmp/cache" # create mount points create_dir("", source_dir) create_dir("", target_dir) create_dir("", repos_dir) -- # create cache dir pyrpm.rpmconfig.cachedir = cache_dir # global logging create_dir(tempdir, "/tmp") log_filename = tempdir+"/tmp/pyrpmkickstart.log" log_file = pyrpm.logger.FileLog(log_filename) log.info1("Logging to '%s'.", log_filename) log.addInfoLogging("*", log_file, fmt="%(date)s %(label)s%(message)s") log.addDebugLogging("*", log_file, fmt="%(date)s %(label)s%(message)s") # set extra file logging -- del t # create temporary devices which are usable by grub (hda, hda1, ..) devmap = { } # device mapping for disk in hds: dev = "/tmp/%s" % disk copy_device(diskmap[disk]["device"], target_chroot, source_dir=stage2_dir, target=dev) devmap[diskmap[disk]["device"]] = dev for onpart in partitionmap: if partitionmap[onpart].has_key("raid"): pass elif partitionmap[onpart].has_key("volgroup"): # already done pass else: dev = "/tmp/%s%d" % (partitionmap[onpart]["disk"], partitionmap[onpart]["id"]) copy_device(partitionmap[onpart]["device"], target_chroot, source_dir=stage2_dir, target=dev) devmap[partitionmap[onpart]["device"]] = dev -- if not create_file(target_chroot, "/boot/grub/devices.map", content): return 1 # grub setup content = [ '/sbin/grub --batch >/tmp/grub-setup.log <
	fail	rabbitmq-server-3.6.16-alt1.M80P.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/ocf/resource.d/rabbitmq/rabbitmq-server-ha: $ grep -A5 -B5 /tmp/ /usr/lib/ocf/resource.d/rabbitmq/rabbitmq-server-ha The debug flag for agent (${OCF_RESKEY_binary}) instance. In the /tmp/ directory will be created rmq-* files for log some operations and ENV values inside OCF-script. AMQP server (${OCF_RESKEY_binary}) debug flag -- local rc=$OCF_ERR_GENERIC local LH="${LL} monitor:" ocf_log debug "${LH} action start." if [ "${OCF_RESKEY_debug}" = 'true' ] ; then d=`date '+%Y%m%d %H:%M:%S'` echo $d >> /tmp/rmq-monitor.log env >> /tmp/rmq-monitor.log echo "$d [monitor] start='${OCF_RESKEY_CRM_meta_notify_start_uname}' stop='${OCF_RESKEY_CRM_meta_notify_stop_uname}' active='${OCF_RESKEY_CRM_meta_notify_active_uname}' inactive='${OCF_RESKEY_CRM_meta_notify_inactive_uname}'" >> /tmp/rmq-ocf.log fi get_monitor rc=$? ocf_log debug "${LH} role: ${OCF_RESKEY_CRM_meta_role}" ocf_log debug "${LH} result: $rc" -- local LH="${LL} start:" local nowtime if [ "${OCF_RESKEY_debug}" = 'true' ] ; then d=`date '+%Y%m%d %H:%M:%S'` echo $d >> /tmp/rmq-start.log env >> /tmp/rmq-start.log echo "$d [start] start='${OCF_RESKEY_CRM_meta_notify_start_uname}' stop='${OCF_RESKEY_CRM_meta_notify_stop_uname}' active='${OCF_RESKEY_CRM_meta_notify_active_uname}' inactive='${OCF_RESKEY_CRM_meta_notify_inactive_uname}'" >> /tmp/rmq-ocf.log fi ocf_log info "${LH} action begin." get_status -- local rc=$OCF_ERR_GENERIC local LH="${LL} stop:" if [ "${OCF_RESKEY_debug}" = 'true' ] ; then d=$(date '+%Y%m%d %H:%M:%S') echo $d >> /tmp/rmq-stop.log env >> /tmp/rmq-stop.log echo "$d [stop] start='${OCF_RESKEY_CRM_meta_notify_start_uname}' stop='${OCF_RESKEY_CRM_meta_notify_stop_uname}' active='${OCF_RESKEY_CRM_meta_notify_active_uname}' inactive='${OCF_RESKEY_CRM_meta_notify_inactive_uname}'" >> /tmp/rmq-ocf.log fi ocf_log info "${LH} action begin." ocf_log info "${LH} Deleting master attribute" -- local LH="${LL} notify:" local nodelist if [ "${OCF_RESKEY_debug}" = 'true' ] ; then d=`date '+%Y%m%d %H:%M:%S'` echo $d >> /tmp/rmq-notify.log env >> /tmp/rmq-notify.log echo "$d [notify] ${OCF_RESKEY_CRM_meta_notify_type}-${OCF_RESKEY_CRM_meta_notify_operation} promote='${OCF_RESKEY_CRM_meta_notify_promote_uname}' demote='${OCF_RESKEY_CRM_meta_notify_demote_uname}' master='${OCF_RESKEY_CRM_meta_notify_master_uname}' slave='${OCF_RESKEY_CRM_meta_notify_slave_uname}' start='${OCF_RESKEY_CRM_meta_notify_start_uname}' stop='${OCF_RESKEY_CRM_meta_notify_stop_uname}' active='${OCF_RESKEY_CRM_meta_notify_active_uname}' inactive='${OCF_RESKEY_CRM_meta_notify_inactive_uname}'" >> /tmp/rmq-ocf.log fi if [ "${OCF_RESKEY_CRM_meta_notify_type}" = 'post' ] ; then # POST- anything notify section case "$OCF_RESKEY_CRM_meta_notify_operation" in -- local rc=$OCF_ERR_GENERIC local LH="${LL} promote:" if [ "${OCF_RESKEY_debug}" = 'true' ] ; then d=$(date '+%Y%m%d %H:%M:%S') echo $d >> /tmp/rmq-promote.log env >> /tmp/rmq-promote.log echo "$d [promote] start='${OCF_RESKEY_CRM_meta_notify_start_uname}' stop='${OCF_RESKEY_CRM_meta_notify_stop_uname}' active='${OCF_RESKEY_CRM_meta_notify_active_uname}' inactive='${OCF_RESKEY_CRM_meta_notify_inactive_uname}'" >> /tmp/rmq-ocf.log fi ocf_log info "${LH} action begin." get_monitor
	fail	rancid-2.3.8-alt2.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/rancid-2.3.8/getipacctg: $ grep -A5 -B5 /tmp/ /usr/share/doc/rancid-2.3.8/getipacctg # will display the top 25 for src or dst ip's within prefix # 192.168.0.0/24 # # Contributed to rancid by Steve Neighorn of SCN Reasearch. TMP="/tmp/ipacct.$$.prefixes" TMP2="/tmp/ipacct.$$.sorted" TMP3="/tmp/ipacct.$$.pl" if [ $# -eq 0 ] ; then echo "usage: getipacctg router_name [] [ [...]]" >&2 exit 1; fi trap 'rm -fr /tmp/ipacct.$$ $TMP $TMP2 $TMP3;' 1 2 15 clogin -c 'show ip accounting' $1 > /tmp/ipacct.$$ if [ $? -ne 0 ] ; then echo "clogin failed." >&2 exit 1 fi -- fi shift done 6>&- egrep '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ +[0-9]+\.[0-9]+\.' /tmp/ipacct.$$ | \ sed -e 's/^ *//' -e 's/ etc/ usr/ var/ /g' -e 's/.$//' | \ awk '{print $4":"$0;}' | sort -nr | \ sed -e 's/^[^:]*://' > $TMP2 if [ -s $TMP ] ; then -- perl $TMP3 $TMP $TMP2 | $HEAD else $HEAD $TMP2 fi rm -fr /tmp/ipacct.$$ $TMP $TMP2 $TMP3 trap ';' 1 2 15 exit 0
	fail	scanbuttond-0.2.3-alt4.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /etc/scanbuttond/buttonpressed.sh: $ grep -A5 -B5 /tmp/ /etc/scanbuttond/buttonpressed.sh # $1 ... the button number # $2 ... the scanner's SANE device name, which comes in handy if there are two or # more scanners. In this case we can pass the device name to SANE programs # like scanimage. TMPFILE="/tmp/scan.tiff" LOCKFILE="/tmp/copy.lock" case $1 in 1) echo "button 1 has been pressed on $2" -- # echo "Error: Another scanning operation is currently in progress" # exit # fi # touch $LOCKFILE # rm -f $TMPFILE scanimage --device-name $2 -x 215 -y 297 1> /tmp/image.pnm A= gimp /tmp/image.pnm # tiff2ps -z -w 8.27 -h 11.69 $TMPFILE | lpr # rm -f $LOCKFILE # ;; 2) echo "button 2 has been pressed on $2" scanimage --device-name $2 -x 215 -y 297 1> /tmp/image.pnm lpr /tmp/image.pnm ;; 3) echo "button 3 has been pressed on $2" scanimage --device-name $2 -x 215 -y 297 1> /tmp/image.pnm A= evolution mailto:?attach=/tmp/image.pnm ;; 4) echo "button 4 has been pressed on $2" ;; esac
	fail	select-kernel-0.99.2-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/sbin/select-kernel: $ grep -A5 -B5 /tmp/ /usr/sbin/select-kernel message() { printf %s\\n "$PROG: $*" >&2 } debug() { echo "$@" >> /tmp/$PROG.dbg } show_help() { cat << EOF -- yes= numeric= RELEASE=. FLAVOUR=. CACHE=/tmp/$PROG.$$ trap "rm -f $CACHE" EXIT SIGHUP SIGINT SIGQUIT SIGTERM while [ -n "$1" ]; do if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then show_help
	fail	sensorfw-contextfw-tests-0.7.2-alt2.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/sensorfw-contextfw-tests/testorientation-manual.sh: $ grep -A5 -B5 /tmp/ /usr/share/sensorfw-contextfw-tests/testorientation-manual.sh ## Contact: Tapio Rantala ## INPUT_DEV_NUM=`ls /sys/class/input/event?/device/name | xargs grep -i accelerometer | cut -c23` INPUT_DEV=/dev/input/event${INPUT_DEV_NUM} FIFO=/tmp/accelerometer echo "Faking input device $INPUT_DEV" if [ ! -e $FIFO ] ; then echo "Created $FIFO for testing" -- /sbin/service sensord stop > /dev/null 2>&1 sleep 2 killall sensord > /dev/null 2>&1 # Start sensord manually to load libsensorfakeopen.so env LD_PRELOAD=libsensorfakeopen.so /usr/sbin/sensord > /tmp/sensord.test.log 2>&1 & # If we don't input something to the FIFO sensord blocks indefinitely echo "" > $FIFO sleep 1 echo "" > $FIFO
	fail	tau-2.23-alt2.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/tauupc: $ grep -A5 -B5 /tmp/ /usr/bin/tauupc fi TAUCOMPILER_OPTIONS="$TAUCOMPILER_OPTIONS $command_options" if [ $invoke_without_tau = yes ] ; then cat < /tmp/makefile.tau.$USER.$$ include $MAKEFILE all: @\$(TAU_RUN_CC) \$(TAU_MPI_INCLUDE) \$(TAU_UPC_COMPILER_OPTIONS) $NON_TAUARGS || exit 0 show: @echo \$(TAU_RUN_CC) \$(TAU_UPC_COMPILER_OPTIONS) \$(TAU_MPI_FLIBS) \$(TAU_LIBS) \$(TAU_LDFLAGS) \$(TAU_CXXLIBS) EOF make -s -f /tmp/makefile.tau.$USER.$$ $SHOW /bin/rm -f /tmp/makefile.tau.$USER.$$ fi if [ $invoke_with_tau = yes ] ; then cat < /tmp/makefile.tau.$USER.$$ include $MAKEFILE all: @\$(TAU_COMPILER) $TAUCOMPILER_OPTIONS \$(TAU_RUN_CC) \$(TAU_UPC_COMPILER_OPTIONS) $TAUARGS || exit 0 EOF make -s -f /tmp/makefile.tau.$USER.$$ x=$? /bin/rm -f /tmp/makefile.tau.$USER.$$ fi exit $x Found error in /usr/bin/tau_upc.sh: $ grep -A5 -B5 /tmp/ /usr/bin/tau_upc.sh TAUCOMPILER_OPTIONS="$TAUCOMPILER_OPTIONS -optDefaultParser=edg44-upcparse -optTau=-upc -optTrackDMAPP" retval=0 if [ $invoke_without_tau = yes ] ; then cat < /tmp/makefile.tau.$USER.$$ include $MAKEFILE all: @\$(TAU_RUN_CC) \$(TAU_MPI_INCLUDE) \$(TAU_UPC_COMPILER_OPTIONS) $NON_TAUARGS show: @echo \$(TAU_RUN_CC) \$(TAU_UPC_COMPILER_OPTIONS) \$(TAU_INCLUDE) \$(TAU_MPI_INCLUDE) \$(TAU_DEFS) \$(TAU_MPI_FLIBS) \$(TAU_LIBS) \$(TAU_LDFLAGS) \$(TAU_CXXLIBS) -- showincludes: @echo \$(TAU_INCLUDE) \$(TAU_MPI_INCLUDE) \$(TAU_UPC_COMPILER_OPTIONS) showlibs: @echo \$(TAU_MPI_FLIBS) \$(TAU_LIBS) \$(TAU_CXXLIBS) \$(TAU_UPC_COMPILER_OPTIONS) EOF make -s -f /tmp/makefile.tau.$USER.$$ $SHOW retval=$? /bin/rm -f /tmp/makefile.tau.$USER.$$ fi if [ $invoke_with_tau = yes ] ; then cat < /tmp/makefile.tau.$USER.$$ include $MAKEFILE all: @\$(TAU_COMPILER) $TAUCOMPILER_OPTIONS -optTauGASPU=\$(TAU_GASPU_UPC) \$(TAU_RUN_CC) \$(TAU_UPC_COMPILER_OPTIONS) $TAUARGS EOF make -s -f /tmp/makefile.tau.$USER.$$ retval=$? /bin/rm -f /tmp/makefile.tau.$USER.$$ fi if [ $retval != 0 ] ; then exit 1 fi
	fail	texlive-metapost-2008.0-alt0.15.6.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/texmf-texlive/doc/metapost/featpost/xcmd/xmpost: $ grep -A5 -B5 /tmp/ /usr/share/texmf-texlive/doc/metapost/featpost/xcmd/xmpost } $arr[$#arr] =~ s/\$opt_//; print OFILE "\"$arr[$#arr]=s\") || die \"Aborted\";\n"; print OFILE "\$file = \"$tmp_mp_file\";\n"; print OFILE "\nopen TMP, \">/tmp/\$file.mp\" || die \"can't open /tmp/\$file.mp \$!\\n\";\n"; foreach $j (0..$#lines){ $_ = $lines[$j]; chop; s/\%/\\\%/g; -- print OFILE "print TMP \"$_\\n\";\n"; } print OFILE "close TMP;\n"; print OFILE "\$tmp = `inimpost featpost.mp`;\n"; print OFILE "\$tmp = `mpost -mem featpost /tmp/\$file.mp`;\n"; print OFILE "\$tmp = `laproof /tmp/\$file 1`;\n"; my $tmp = `chmod +x $ARGV[0]`; $tmp = `cp $ARGV[0].mp /tmp/$tmp_mp_file.mp`; $tmp= `inimpost featpost.mp`; $tmp = `mpost -mem featpost /tmp/$tmp_mp_file.mp`; $tmp = `laproof /tmp/$tmp_mp_file 1`; system("gv -watch $tmp_mp_file.1.eps &"); system("xcmd $ARGV[0] &");
	fail	tsung-1.7.0-alt2.M80P.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/tsung-recorder: $ grep -A5 -B5 /tmp/ /usr/bin/tsung-recorder rm $PIDFILE fi } status() { PIDFILE="/tmp/tsung_recorder.pid" if [ -f $PIDFILE ]; then echo "Tsung recorder started [OK]" else echo "Tsung recorder not started " fi -- -tsung_recorder plugin ts_proxy_$RECORDER_PLUGIN \ -tsung_recorder proxy_log_file \"$MAIN_DIR/tsung_recorder.xml\" \ -tsung_recorder pgsql_server \"${PGSQL_SERVER_IP}\" \ -tsung_recorder pgsql_port ${PGSQL_SERVER_PORT} \ -tsung_recorder proxy_listen_port $LISTEN_PORT & echo $! > /tmp/tsung_recorder.pid } version() { echo "Tsung Recorder version $VERSION" exit 0 -- done shift $(($OPTIND - 1)) case $1 in start) PIDFILE="/tmp/tsung_recorder.pid" maindir logdir checkrunning start ;; record_tag) record_tag $* ;; stop) PIDFILE="/tmp/tsung_recorder.pid" stop ;; status) status ;;
	fail	vlc-mini-2.2.6.20170917-alt1.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/vlc/utils/video-vlc-default.sh: $ grep -A5 -B5 /tmp/ /usr/share/vlc/utils/video-vlc-default.sh MIME_FILE=~/.local/share/applications/defaults.list if [ ! -f $MIME_FILE ] then echo "[Default Applications]" > $MIME_FILE else grep -v 'video/' $MIME_FILE > /tmp/vlc.defaults.list.tmp mv /tmp/vlc.defaults.list.tmp $MIME_FILE fi ls /usr/share/mime/video/3gpp.xml /usr/share/mime/video/3gpp2.xml /usr/share/mime/video/annodex.xml /usr/share/mime/video/dv.xml /usr/share/mime/video/isivideo.xml /usr/share/mime/video/mj2.xml /usr/share/mime/video/mp2t.xml /usr/share/mime/video/mp4.xml /usr/share/mime/video/mpeg.xml /usr/share/mime/video/ogg.xml /usr/share/mime/video/quicktime.xml /usr/share/mime/video/vnd.mpegurl.xml /usr/share/mime/video/vnd.rn-realvideo.xml /usr/share/mime/video/vnd.vivo.xml /usr/share/mime/video/wavelet.xml /usr/share/mime/video/webm.xml /usr/share/mime/video/x-anim.xml /usr/share/mime/video/x-flic.xml /usr/share/mime/video/x-flv.xml /usr/share/mime/video/x-javafx.xml /usr/share/mime/video/x-matroska-3d.xml /usr/share/mime/video/x-matroska.xml /usr/share/mime/video/x-mng.xml /usr/share/mime/video/x-ms-wmv.xml /usr/share/mime/video/x-msvideo.xml /usr/share/mime/video/x-nsv.xml /usr/share/mime/video/x-ogm+ogg.xml /usr/share/mime/video/x-sgi-movie.xml /usr/share/mime/video/x-theora+ogg.xml | sed -e 's@/usr/share/mime/@@' -e 's/\.xml/=vlc.desktop/' >> $MIME_FILE Found error in /usr/share/vlc/utils/audio-vlc-default.sh: $ grep -A5 -B5 /tmp/ /usr/share/vlc/utils/audio-vlc-default.sh MIME_FILE=~/.local/share/applications/defaults.list if [ ! -f $MIME_FILE ] then echo "[Default Applications]" > $MIME_FILE else grep -v 'audio/' $MIME_FILE > /tmp/vlc.defaults.list.tmp mv /tmp/vlc.defaults.list.tmp $MIME_FILE fi ls /usr/share/mime/audio/aac.xml /usr/share/mime/audio/ac3.xml /usr/share/mime/audio/amr-wb.xml /usr/share/mime/audio/amr.xml /usr/share/mime/audio/annodex.xml /usr/share/mime/audio/basic.xml /usr/share/mime/audio/flac.xml /usr/share/mime/audio/midi.xml /usr/share/mime/audio/mp2.xml /usr/share/mime/audio/mp4.xml /usr/share/mime/audio/mpeg.xml /usr/share/mime/audio/ogg.xml /usr/share/mime/audio/prs.sid.xml /usr/share/mime/audio/vnd.dts.hd.xml /usr/share/mime/audio/vnd.dts.xml /usr/share/mime/audio/vnd.rn-realaudio.xml /usr/share/mime/audio/webm.xml /usr/share/mime/audio/x-adpcm.xml /usr/share/mime/audio/x-aifc.xml /usr/share/mime/audio/x-aiff.xml /usr/share/mime/audio/x-amzxml.xml /usr/share/mime/audio/x-ape.xml /usr/share/mime/audio/x-flac+ogg.xml /usr/share/mime/audio/x-gsm.xml /usr/share/mime/audio/x-iriver-pla.xml /usr/share/mime/audio/x-it.xml /usr/share/mime/audio/x-m4b.xml /usr/share/mime/audio/x-matroska.xml /usr/share/mime/audio/x-minipsf.xml /usr/share/mime/audio/x-mo3.xml /usr/share/mime/audio/x-mod.xml /usr/share/mime/audio/x-mpegurl.xml /usr/share/mime/audio/x-ms-asx.xml /usr/share/mime/audio/x-ms-wma.xml /usr/share/mime/audio/x-musepack.xml /usr/share/mime/audio/x-opus+ogg.xml /usr/share/mime/audio/x-pn-audibleaudio.xml /usr/share/mime/audio/x-psf.xml /usr/share/mime/audio/x-psflib.xml /usr/share/mime/audio/x-riff.xml /usr/share/mime/audio/x-s3m.xml /usr/share/mime/audio/x-scpls.xml /usr/share/mime/audio/x-speex+ogg.xml /usr/share/mime/audio/x-speex.xml /usr/share/mime/audio/x-stm.xml /usr/share/mime/audio/x-tta.xml /usr/share/mime/audio/x-voc.xml /usr/share/mime/audio/x-vorbis+ogg.xml /usr/share/mime/audio/x-wav.xml /usr/share/mime/audio/x-wavpack-correction.xml /usr/share/mime/audio/x-wavpack.xml /usr/share/mime/audio/x-xi.xml /usr/share/mime/audio/x-xm.xml /usr/share/mime/audio/x-xmf.xml | sed -e 's@/usr/share/mime/@@' -e 's/\.xml/=vlc.desktop/' >> $MIME_FILE
	fail	xCAT-2.5.1-alt0.4.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /var/lib/xcat/postscripts/xcatinstallpost: $ grep -A5 -B5 /tmp/ /var/lib/xcat/postscripts/xcatinstallpost PATH=/xcatpost:$PATH export PATH chmod +x /xcatpost/*; if [ -x /usr/bin/openssl ]; then SIP=`grep "^MASTER=" /tmp/mypostscript.post |cut -d= -f2` XCATSERVER="$SIP:3001" export XCATSERVER USEOPENSSLFORXCAT=1 #Though this is the only method going forward, flag to allow backward compatibility with 2.2 generated netboot images export USEOPENSSLFORXCAT fi DHCP_TMP=`sed 's/\(DHCPINTERFACES=\)\(.*\)$/\1"\2"/' /tmp/mypostscript.post` echo "$DHCP_TMP" > /tmp/mypostscript.post echo "updateflag.awk \$MASTER 3002 \"installstatus booted\"" >> /tmp/mypostscript.post chmod +x /tmp/mypostscript.post if [ -x /tmp/mypostscript.post ];then /tmp/mypostscript.post fi Found error in /var/lib/xcat/postscripts/xcatdsklspost.aix: $ grep -A5 -B5 /tmp/ /var/lib/xcat/postscripts/xcatdsklspost.aix } # check & run the postscript my $scriptname = "/xcatpost/".$shorthost; if ($osname eq "Linux") { $scriptname = "/tmp/mypostscript"; } if (-f $scriptname) { my $rc = system("$scriptname"); if ($rc >> 8) -- print $stunconf "verify=0\n"; print $stunconf "[xcatd]\n"; print $stunconf "accept=400\n"; print $stunconf "connect=$ip:3001\n"; close($stunconf); my $getcmd = "stunnel; sleep 1; mkdir -p /xcatpost; cd /xcatpost; wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$ip/install/postscripts; mv $ip/install/postscripts/* .; chmod +x /xcatpost/*; /xcatpost/getpostscript.awk | sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript; chmod +x /tmp/mypostscript"; if (&runcmd($getcmd) != 0) { print $::LOG_FILE "$::sdate xcatdsklspost: Could not get xcatpost.tar.gz.\n"; return 1; Found error in /var/lib/xcat/postscripts/xcatdsklspost: $ grep -A5 -B5 /tmp/ /var/lib/xcat/postscripts/xcatdsklspost max_retries=5 retry=0 rc=1 while [ 0 -eq 0 ]; do wget -l inf -nH -N -r --waitretry=10 --random-wait -T 60 ftp://$server/postscripts -P /xcatpost --cut-dirs=1 2> /tmp/wget.log rc=$? if [ $rc -eq 0 ]; then return 0; fi -- if [ ! -d /xcatpost ]; then mkdir -p /xcatpost; fi if [ ! -d /tmp/postage ]; then mkdir -p /tmp/postage fi rm -R -f /xcatpost/* rm -R -f /tmp/postage/* #here we get all the postscripts. Please do not change this behaviour because some scripts depend on others cd /tmp/postage if [ "$MODE" == "4" ]; then # for statelite mode # We have written the xCATSERVER info into the kernel command line!! for i in `cat /proc/cmdline`; do -- export XCATSERVER USEOPENSSLFORXCAT=1 #Though this is the only method going forward, flag to allow backward compatibility with 2.2 generated netboot images export USEOPENSSLFORXCAT fi /xcatpost/getpostscript.awk | sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript; MYCONT=`grep MASTER /tmp/mypostscript` #echo "MYCONT=$MYCONT" #if getpostscript.awk fails, the postscript will fall into infinit loop #so one retry_number is added to avoid sunc a condition MAX_RETRIES=10 RETRY=0 -- let SLI=$RANDOM%10 let SLI=10+$SLI sleep $SLI /xcatpost/getpostscript.awk | sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript; MYCONT=`grep MASTER /tmp/mypostscript` if [ ! -z "$MYCONT" ]; then break; fi done #save the MASTER into the xcatinfo file for node deployment case, #for updatenode case, only save it when -M is specified if [ $NODE_DEPLOYMENT -eq 1 ] || [ "$MODE" == "4" ]; then new_ms=`grep '^MASTER' /tmp/mypostscript |cut -d= -f2` fi if [ -n "$new_ms" ]; then if [ ! -f /opt/xcat/xcatinfo ]; then mkdir -p /opt/xcat touch /opt/xcat/xcatinfo -- # when called by the updatenode command #modify the UPDATENODE flag to 1 if [ "$MODE" == "1" ] || [ "$MODE" == "2" ]; then TMP=`sed -e 's/UPDATENODE=0/UPDATENODE=1/g' /tmp/mypostscript`; echo "$TMP" > /tmp/mypostscript; fi if [ "$MODE" == "5" ]; then TMP=`sed -e 's/UPDATENODE=0/UPDATENODE=1\nUPDATESECURITY=1\nexport UPDATESECURITY/g' /tmp/mypostscript`; echo "$TMP" > /tmp/mypostscript; fi # postscript name is specified with the updatenode if [ "XX$POSTSCRIPTS" != "XX" ]; then #remove all the postbootscripts TMP=`sed "/postbootscripts-start-here/,/postbootscripts-end-here/ d" /tmp/mypostscript` echo "$TMP" > /tmp/mypostscript #remove all the postscripts TMP=`sed "/postscripts-start-here/,/postscripts-end-here/ d" /tmp/mypostscript` echo "$TMP" > /tmp/mypostscript echo "# postscripts-start-here\n" >> /tmp/mypostscript #add requested postscripts in echo "$POSTSCRIPTS" | tr "," "\n" >> /tmp/mypostscript echo "# postscripts-end-here\n" >> /tmp/mypostscript fi #ADDSITEYUM is set by post.rh and post.rh.iscsi for full installtion #if [[ "$ADDSITEYUM" = "1" ]]; then # TMP=`sed "/postscripts-start-here/ a addsiteyum" /tmp/mypostscript` # echo "$TMP" > /tmp/mypostscript #fi #MYCONT=`cat /tmp/mypostscript` #echo "$MYCONT" # use the run_ps subroutine to run the postscripts TMP=`sed "/postscripts-start-here/,/postscripts-end-here/ s/\(.*\)/run_ps \1/;s/run_ps\s*#/#/;s/run_ps\s*$//" /tmp/mypostscript` echo " # subroutine used to run postscripts run_ps () { local os= local script="\$1" -- echo \"Postscript \$script does NOT exist.\" | tee -a \$logfile fi } # subroutine end " > /tmp/mypostscript echo "$TMP" >> /tmp/mypostscript TMP=`sed "/postbootscripts-start-here/,/postbootscripts-end-here/ s/\(.*\)/run_ps \1/;s/run_ps\s*#/#/;s/run_ps\s*$//" /tmp/mypostscript` echo "$TMP" > /tmp/mypostscript if [ $NODE_DEPLOYMENT -eq 1 ] || [ "$MODE" == "4" ]; then #notify the server that we are done with netbooting CNS=`grep NODESTATUS= /tmp/mypostscript |awk -F = '{print $2}'` if [ -z "$CNS" ] || [ "$CNS" != "'0'" -a "$CNS" != "'N'" -a "$CNS" != "'n'" ]; then echo "updateflag.awk \$MASTER 3002 \"installstatus booted\"" >> /tmp/mypostscript fi fi DHCP_TMP=`sed 's/\(DHCPINTERFACES=\)\(.*\)$/\1"\2"/' /tmp/mypostscript` echo "$DHCP_TMP" > /tmp/mypostscript chmod +x /tmp/mypostscript if [ -x /tmp/mypostscript ];then /tmp/mypostscript fi #rm -f /tmp/mypostscript #tell user it is done when this is called by updatenode command if [ "$MODE" == "1" ] || [ "$MODE" == "2" ] || [ "$MODE" == "5" ]; then echo "returned from postscript" fi Found error in /var/lib/xcat/postscripts/setupesx: $ grep -A5 -B5 /tmp/ /var/lib/xcat/postscripts/setupesx fi # create a script that will launch the first time ESX does and configure # the network cat >/tmp/esxcfg.sh <>/etc/rc.d/rc.local <|' | sed -e 's/<//' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /tmp/ssh_dsa_hostkey #check the message is an error or not grep -E '' /tmp/ssh_dsa_hostkey if [ $? -ne 0 ]; then #the message received is the data cat /tmp/ssh_dsa_hostkey | grep -E -v '||' >$SSHDIR/ssh_host_dsa_key logger -t xCAT ssh_dsa_hostkey MYCONT=`cat $SSHDIR/ssh_host_dsa_key` while [ -z "$MYCONT" ]; do let SLI=$RANDOM%10 let SLI=SLI+10 -- if ! grep "PRIVATE KEY" $SSHDIR/ssh_host_dsa_key > /dev/null 2>&1 ; then rm $SSHDIR/ssh_host_dsa_key fi else #the message received is an error, so parse it ERR_MSG=`sed -n 's%.*\(.*\).*%\1%p' /tmp/ssh_dsa_hostkey` logger -t xCAT Error: $ERR_MSG fi rm /tmp/ssh_dsa_hostkey getcredentials.awk ssh_rsa_hostkey | grep -E -v '|' | sed -e 's/<//' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /tmp/ssh_rsa_hostkey #check whether the message is an error or not grep -E '' /tmp/ssh_rsa_hostkey if [ $? -ne 0 ]; then #the message received is the data we request cat /tmp/ssh_rsa_hostkey | grep -E -v '||' >$SSHDIR/ssh_host_rsa_key logger -t xCAT ssh_rsa_hostkey MYCONT=`cat $SSHDIR/ssh_host_rsa_key` while [ -z "$MYCONT" ]; do let SLI=$RANDOM%10 let SLI=SLI+10 -- if ! grep "PRIVATE KEY" $SSHDIR/ssh_host_rsa_key > /dev/null 2>&1 ; then rm $SSHDIR/ssh_host_rsa_key fi else #This is an error message ERR_MSG=`sed -n 's%.*\(.*\).*%\1%p' /tmp/ssh_rsa_hostkey` logger -t xCAT Error: $ERR_MSG fi rm /tmp/ssh_rsa_hostkey if [ -r /etc/xCATSN ] ; then mkdir -p /etc/xcat/hostkeys cp $SSHDIR/ssh* /etc/xcat/hostkeys/. fi -- mkdir -p /root/.ssh/ sleep 1 if [ $ENABLESSHBETWEENNODES = "YES" ]; then getcredentials.awk ssh_root_key | grep -E -v '|'|sed -e 's/<//' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /tmp/ssh_root_key #check whether the message is an error or not grep -E '' /tmp/ssh_root_key if [ $? -ne 0 ]; then #The message contains the data we request cat /tmp/ssh_root_key | grep -E -v '||' > /root/.ssh/id_rsa logger -t xCAT ssh_root_key MYCONT=`cat /root/.ssh/id_rsa` while [ -z "$MYCONT" ]; do let SLI=$RANDOM%10 let SLI=SLI+10 -- getcredentials.awk ssh_root_key | grep -v '<'|sed -e 's/<//' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /root/.ssh/id_rsa MYCONT=`cat /root/.ssh/id_rsa` done else #This is an error message ERR_MSG=`sed -n 's%.*\(.*\).*%\1%p' /tmp/ssh_root_key` logger -t xCAT ssh_root_key Error: $ERR_MSG fi rm /tmp/ssh_root_key if ! grep "PRIVATE KEY" /root/.ssh/id_rsa > /dev/null 2>&1 ; then rm /root/.ssh/id_rsa fi if [ -r /root/.ssh/id_rsa ]; then Found error in /var/lib/xcat/postscripts/otherpkgs: $ grep -A5 -B5 /tmp/ /var/lib/xcat/postscripts/otherpkgs if [ "$plain_pkgs" != "" ]; then if [ $mounted -eq 0 ]; then dir_no_ftproot=${OTHERPKGDIR#$INSTALLDIR/} mkdir -p /xcatpost/$dir_no_ftproot rm -f -R /xcatpost/$dir_no_ftproot/* mkdir -p /tmp/postage/ rm -f -R /tmp/postage/* cd /tmp/postage for x in `echo "$plain_pkgs" | tr " " "\n"` do wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$OTHERPKGDIR/$x 2> /tmp/wget.log done mv $dir_no_ftproot/* /xcatpost/$dir_no_ftproot; rm -rf $NFSSERVER cd /xcatpost/$dir_no_ftproot
	fail	xCAT-client-2.5.1-alt0.4.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/xcat/rvid/rvid.xen: $ grep -A5 -B5 /tmp/ /usr/share/xcat/rvid/rvid.xen ( flock 200 vncviewer :$myport -via $rvid_server AutoSelect=0 FullColor=1 >& /dev/null & sleep 0.2 flock -u 200 ) 200> /tmp/xcat/virtvnclock Found error in /usr/share/xcat/rvid/rvid.kvm: $ grep -A5 -B5 /tmp/ /usr/share/xcat/rvid/rvid.kvm ( flock 200 vncviewer :$myport -via $rvid_server AutoSelect=0 FullColor=1 >& /dev/null & sleep 0.2 flock -u 200 ) 200> /tmp/xcat/virtvnclock Found error in /usr/share/xcat/rvid/rvid.imm: $ grep -A5 -B5 /tmp/ /usr/share/xcat/rvid/rvid.imm #!/bin/bash # IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html mkdir -p /tmp/xcat JAVADETECTED=`which javaws 2> /dev/null` if [ -z "$JAVADETECTED" ]; then echo "Error: javaws not in path, unable to execute remote video" exit 1 fi echo $rvid_jnlp > /tmp/xcat/wvid_imm_$$.jnlp javaws /tmp/xcat/wvid_imm_$$.jnlp >& /dev/null if [ ! -z "$rvid_mediajnlp" ]; then echo $rvid_mediajnlp > /tmp/xcat/wvid_imm_media_$$.jnlp javaws /tmp/xcat/wvid_imm_media_$$.jnlp >& /dev/null rm /tmp/xcat/wvid_imm_media_$$.jnlp >& /dev/null fi rm /tmp/xcat/wvid_imm_$$.jnlp >& /dev/null Found error in /usr/sbin/tabedit: $ grep -A5 -B5 /tmp/ /usr/sbin/tabedit # IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html # Opens the specified table in the users editor;writes changes back to the db function cexit { if [ -d /tmp/tabedit.$$ ]; then rm -rf /tmp/tabedit.$$; fi exit } trap cexit 2 15 -- echo " tabedit [-? | -h | --help]"; exit 1 fi # Dump the table to a temporary file mkdir -p /tmp/tabedit.$$/ $XCATROOT/bin/xcatclientnnr tabdump $TABLE > /tmp/tabedit.$$/$TABLE.csv # Save the checksum to see if it actually changes.. if [ `uname` = "AIX" ]; then SUMPROGRAM=sum else SUMPROGRAM=md5sum fi SUM=`$SUMPROGRAM /tmp/tabedit.$$/$TABLE.csv` # Edit the file, then check it EXIT=0 while [ $EXIT -eq 0 ]; do cd /tmp/tabedit.$$ $TABEDITOR $TABLE.csv cd - >/dev/null NEWSUM=`$SUMPROGRAM /tmp/tabedit.$$/$TABLE.csv` if [ "$NEWSUM" == "$SUM" ]; then echo "No file modifications detected, not restoring." break; fi if `dirname $0`/tabrestore /tmp/tabedit.$$/$TABLE.csv; then break; else echo "Above errors occured, hit enter to edit, or ctrl-c to abort" read JNK fi
	fail	xCAT-nbroot-core-ppc64-2.5.1-alt0.4.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/xcat/netboot/ppc64/nbroot/usr/share/udhcpc/default.script: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/ppc64/nbroot/usr/share/udhcpc/default.script deconfig) /sbin/ifconfig $interface up /sbin/ifconfig $interface 0.0.0.0 ;; bound|renew) echo $siaddr >> /tmp/dhcpserver /sbin/ifconfig $interface $ip netmask $subnet if [ -n "$router" ] ; then while route del default gw 0.0.0.0 dev $interface > /dev/null 2>&1; do : done Found error in /usr/share/xcat/netboot/ppc64/nbroot/bin/restart: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/ppc64/nbroot/bin/restart #!/bin/sh # IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html #Redhcp, do the xcat part again FORCENICS=`cat /restart|awk '{print $2}'` rm /restart echo -n > /tmp/dhcpserver if [ ! -z "$FORCENICS" ]; then echo "Forcing down nics aside from $FORCENICS due to discoverynics setting" kill `ps axf|grep udhcpc|egrep -v "$FORCENICS"|grep -v grep|awk '{print $1}'` for nic in `ifconfig|grep HWaddr|awk '{print $1}'|egrep -v "$FORCENICS"`; do ifconfig $nic down Found error in /usr/share/xcat/netboot/ppc64/nbroot/bin/dodestiny: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/ppc64/nbroot/bin/dodestiny export XCATMASTER=`echo $XCATDEST | awk -F: '{print $1}'` export XCATPORT=`echo $XCATDEST | awk -F: '{print $2}'` fi while :; do DESTINY=`grep destiny /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` DEST=`echo $DESTINY|awk -F= '{print $1}'` #No bash, no tricks TARG=`echo $DESTINY|awk -F= '{print $2}'` #No bash, no tricks DESTINY=`echo $DESTINY|awk '{print $1}'` #No bash, no tricks if [ "$DESTINY" == "standby" ]; then echo "Server notified us of standby condition, please check chain table". -- echo "$MTM" fi if [ "$SERIAL" != "unknown" ]; then echo "$SERIAL" fi echo "" ) > /tmp/discout if [ ! -z "$XCATMASTER" ]; then ping -c 1 $XCATMASTER [ -f "/tmp/discout" ] && netcat -e 'cat /tmp/discout' -u -p 301 $XCATMASTER $XCATPORT fi if [ -z "$XCATMASTER" ] || sleep 8 > /dev/null 2>&1 #Give the preferred method 8 seconds to complete before resorting then for nic in `ifconfig -a 2>/dev/null|grep HWaddr|grep -v sit|awk '{print $1}'`; do #also, bring down interfaces to make sure that we send from the 'right' nic MYB=`ifconfig $nic 2>/dev/null|grep "Bcast"|awk '{print $3}'|awk -F: '{print $2}'` -- if [ ! -z "$MYB" -a "$OTB" == "$MYB" ]; then # if broadcasts match, down the other nic ifconfig $dnic down fi done if [ ! -z "$XCATMASTER" ]; then [ -f "/tmp/discout" ] && (ping -c 1 $XCATMASTER; netcat -e 'cat /tmp/discout' -u -p 301 $XCATMASTER $XCATPORT) fi for dhcps in `cat /tmp/dhcpserver`; do [ -f "/tmp/discout" ] && ( ping -c 1 $dhcps; netcat -e 'cat /tmp/discout' -u -p 301 $dhcps $XCATPORT ) done for dnic in `ifconfig -a 2>/dev/null|grep HWaddr|grep -v sit|awk '{print $1}'|grep -v $nic`; do ifconfig $dnic up done if ! sleep 5 > /dev/null 2>&1; then break; fi # give management server a chance to get to minixcatd.awk -- done $TARG fi if [ "$DESTINY" == "install" -o "$DESTINY" == "netboot" ]; then /bin/rebootnode #If script is here, kexec failed, reboot in case it wasn't a linux kernel and let the boot loader handle it instead IMGSERVER=`grep imgserver /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` INITRD=`grep initrd /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` KERNEL=`grep kernel /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` KCMD=`grep kcmdline /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` ERROR=`wget http://$IMGSERVER/tftpboot/$KERNEL -O /tmp/kernel 2>&1` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c http://$IMGSERVER/tftpboot/$KERNEL -O /tmp/kernel 2>&1` done ERROR=`wget -c http://$IMGSERVER/tftpboot/$INITRD -O /tmp/initrd 2>&1` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c http://$IMGSERVER/tftpboot/$INITRD -O /tmp/initrd 2>&1` done #START getting ready for kexec for mod in `lsmod|awk '{print $1}'|grep -v Module`; do rmmod $mod done #kexec -f --append="$KCMD" --initrd=/tmp/initrd /tmp/kernel /bin/rebootnode #If script is here, kexec failed, reboot in case it wasn't a linux kernel and let the boot loader handle it instead fi if [ "$DEST" == "runimage" ]; then mkdir /tmp/`basename $TARG` cd /tmp/`basename $TARG` ERROR=`wget $TARG` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c $TARG 2>&1` done while ! nextdestiny ; do echo "Retrying next destiny..." done tar zxvf `basename $TARG` cd /tmp/`basename $TARG` ./runme.sh cd - fi sleep 5 # something may be transiently wrong, check back in 5 seconds getdestiny if grep error /tmp/destiny; then echo ERROR: see above fi done
	fail	xCAT-nbroot-core-x86-2.5.1-alt0.4.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/xcat/netboot/x86/nbroot/usr/share/udhcpc/default.script: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/x86/nbroot/usr/share/udhcpc/default.script deconfig) /sbin/ifconfig $interface up /sbin/ifconfig $interface 0.0.0.0 ;; bound|renew) echo $siaddr >> /tmp/dhcpserver /sbin/ifconfig $interface $ip netmask $subnet if [ -n "$router" ] ; then while route del default gw 0.0.0.0 dev $interface > /dev/null 2>&1; do : done Found error in /usr/share/xcat/netboot/x86/nbroot/bin/restart: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/x86/nbroot/bin/restart #!/bin/sh # IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html #Redhcp, do the xcat part again FORCENICS=`cat /restart|awk '{print $2}'` rm /restart echo -n > /tmp/dhcpserver if [ ! -z "$FORCENICS" ]; then echo "Forcing down nics aside from $FORCENICS due to discoverynics setting" kill `ps axf|grep udhcpc|egrep -v "$FORCENICS"|grep -v grep|awk '{print $1}'` for nic in `ifconfig|grep HWaddr|awk '{print $1}'|egrep -v "$FORCENICS"`; do ifconfig $nic down Found error in /usr/share/xcat/netboot/x86/nbroot/bin/dodestiny: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/x86/nbroot/bin/dodestiny export XCATMASTER=`echo $XCATDEST | awk -F: '{print $1}'` export XCATPORT=`echo $XCATDEST | awk -F: '{print $2}'` fi while :; do DESTINY=`grep destiny /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` DEST=`echo $DESTINY|awk -F= '{print $1}'` #No bash, no tricks TARG=`echo $DESTINY|awk -F= '{print $2}'` #No bash, no tricks DESTINY=`echo $DESTINY|awk '{print $1}'` #No bash, no tricks if [ "$DESTINY" == "standby" ]; then echo "Server notified us of standby condition, please check chain table". -- echo "$MTM" fi if [ "$SERIAL" != "unknown" ]; then echo "$SERIAL" fi echo "" ) > /tmp/discout if [ ! -z "$XCATMASTER" ]; then ping -c 1 $XCATMASTER [ -f "/tmp/discout" ] && netcat -e 'cat /tmp/discout' -u -p 301 $XCATMASTER $XCATPORT fi if [ -z "$XCATMASTER" ] || sleep 8 > /dev/null 2>&1 #Give the preferred method 8 seconds to complete before resorting then for nic in `ifconfig -a 2>/dev/null|grep HWaddr|grep -v sit|awk '{print $1}'`; do #also, bring down interfaces to make sure that we send from the 'right' nic MYB=`ifconfig $nic 2>/dev/null|grep "Bcast"|awk '{print $3}'|awk -F: '{print $2}'` -- if [ ! -z "$MYB" -a "$OTB" == "$MYB" ]; then # if broadcasts match, down the other nic ifconfig $dnic down fi done if [ ! -z "$XCATMASTER" ]; then [ -f "/tmp/discout" ] && (ping -c 1 $XCATMASTER; netcat -e 'cat /tmp/discout' -u -p 301 $XCATMASTER $XCATPORT) fi for dhcps in `cat /tmp/dhcpserver`; do [ -f "/tmp/discout" ] && ( ping -c 1 $dhcps; netcat -e 'cat /tmp/discout' -u -p 301 $dhcps $XCATPORT ) done for dnic in `ifconfig -a 2>/dev/null|grep HWaddr|grep -v sit|awk '{print $1}'|grep -v $nic`; do ifconfig $dnic up done if ! sleep 5 > /dev/null 2>&1; then break; fi # give management server a chance to get to minixcatd.awk -- done $TARG fi if [ "$DESTINY" == "install" -o "$DESTINY" == "netboot" ]; then /bin/rebootnode #If script is here, kexec failed, reboot in case it wasn't a linux kernel and let the boot loader handle it instead IMGSERVER=`grep imgserver /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` INITRD=`grep initrd /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` KERNEL=`grep kernel /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` KCMD=`grep kcmdline /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` ERROR=`wget http://$IMGSERVER/tftpboot/$KERNEL -O /tmp/kernel 2>&1` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c http://$IMGSERVER/tftpboot/$KERNEL -O /tmp/kernel 2>&1` done ERROR=`wget -c http://$IMGSERVER/tftpboot/$INITRD -O /tmp/initrd 2>&1` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c http://$IMGSERVER/tftpboot/$INITRD -O /tmp/initrd 2>&1` done #START getting ready for kexec for mod in `lsmod|awk '{print $1}'|grep -v Module`; do rmmod $mod done #kexec -f --append="$KCMD" --initrd=/tmp/initrd /tmp/kernel /bin/rebootnode #If script is here, kexec failed, reboot in case it wasn't a linux kernel and let the boot loader handle it instead fi if [ "$DEST" == "runimage" ]; then mkdir /tmp/`basename $TARG` cd /tmp/`basename $TARG` ERROR=`wget $TARG` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c $TARG 2>&1` done while ! nextdestiny ; do echo "Retrying next destiny..." done tar zxvf `basename $TARG` cd /tmp/`basename $TARG` ./runme.sh cd - fi sleep 5 # something may be transiently wrong, check back in 5 seconds getdestiny if grep error /tmp/destiny; then echo ERROR: see above fi done
	fail	xCAT-nbroot-core-x86_64-2.5.1-alt0.4.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/xcat/netboot/x86_64/nbroot/usr/share/udhcpc/default.script: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/x86_64/nbroot/usr/share/udhcpc/default.script deconfig) /sbin/ifconfig $interface up /sbin/ifconfig $interface 0.0.0.0 ;; bound|renew) echo $siaddr >> /tmp/dhcpserver /sbin/ifconfig $interface $ip netmask $subnet if [ -n "$router" ] ; then while route del default gw 0.0.0.0 dev $interface > /dev/null 2>&1; do : done Found error in /usr/share/xcat/netboot/x86_64/nbroot/bin/restart: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/x86_64/nbroot/bin/restart #!/bin/sh # IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html #Redhcp, do the xcat part again FORCENICS=`cat /restart|awk '{print $2}'` rm /restart echo -n > /tmp/dhcpserver if [ ! -z "$FORCENICS" ]; then echo "Forcing down nics aside from $FORCENICS due to discoverynics setting" kill `ps axf|grep udhcpc|egrep -v "$FORCENICS"|grep -v grep|awk '{print $1}'` for nic in `ifconfig|grep HWaddr|awk '{print $1}'|egrep -v "$FORCENICS"`; do ifconfig $nic down Found error in /usr/share/xcat/netboot/x86_64/nbroot/bin/dodestiny: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/x86_64/nbroot/bin/dodestiny export XCATMASTER=`echo $XCATDEST | awk -F: '{print $1}'` export XCATPORT=`echo $XCATDEST | awk -F: '{print $2}'` fi while :; do DESTINY=`grep destiny /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` DEST=`echo $DESTINY|awk -F= '{print $1}'` #No bash, no tricks TARG=`echo $DESTINY|awk -F= '{print $2}'` #No bash, no tricks DESTINY=`echo $DESTINY|awk '{print $1}'` #No bash, no tricks if [ "$DESTINY" == "standby" ]; then echo "Server notified us of standby condition, please check chain table". -- echo "$MTM" fi if [ "$SERIAL" != "unknown" ]; then echo "$SERIAL" fi echo "" ) > /tmp/discout if [ ! -z "$XCATMASTER" ]; then ping -c 1 $XCATMASTER [ -f "/tmp/discout" ] && netcat -e 'cat /tmp/discout' -u -p 301 $XCATMASTER $XCATPORT fi if [ -z "$XCATMASTER" ] || sleep 8 > /dev/null 2>&1 #Give the preferred method 8 seconds to complete before resorting then for nic in `ifconfig -a 2>/dev/null|grep HWaddr|grep -v sit|awk '{print $1}'`; do #also, bring down interfaces to make sure that we send from the 'right' nic MYB=`ifconfig $nic 2>/dev/null|grep "Bcast"|awk '{print $3}'|awk -F: '{print $2}'` -- if [ ! -z "$MYB" -a "$OTB" == "$MYB" ]; then # if broadcasts match, down the other nic ifconfig $dnic down fi done if [ ! -z "$XCATMASTER" ]; then [ -f "/tmp/discout" ] && (ping -c 1 $XCATMASTER; netcat -e 'cat /tmp/discout' -u -p 301 $XCATMASTER $XCATPORT) fi for dhcps in `cat /tmp/dhcpserver`; do [ -f "/tmp/discout" ] && ( ping -c 1 $dhcps; netcat -e 'cat /tmp/discout' -u -p 301 $dhcps $XCATPORT ) done for dnic in `ifconfig -a 2>/dev/null|grep HWaddr|grep -v sit|awk '{print $1}'|grep -v $nic`; do ifconfig $dnic up done if ! sleep 5 > /dev/null 2>&1; then break; fi # give management server a chance to get to minixcatd.awk -- done $TARG fi if [ "$DESTINY" == "install" -o "$DESTINY" == "netboot" ]; then /bin/rebootnode #If script is here, kexec failed, reboot in case it wasn't a linux kernel and let the boot loader handle it instead IMGSERVER=`grep imgserver /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` INITRD=`grep initrd /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` KERNEL=`grep kernel /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` KCMD=`grep kcmdline /tmp/destiny | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` ERROR=`wget http://$IMGSERVER/tftpboot/$KERNEL -O /tmp/kernel 2>&1` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c http://$IMGSERVER/tftpboot/$KERNEL -O /tmp/kernel 2>&1` done ERROR=`wget -c http://$IMGSERVER/tftpboot/$INITRD -O /tmp/initrd 2>&1` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c http://$IMGSERVER/tftpboot/$INITRD -O /tmp/initrd 2>&1` done #START getting ready for kexec for mod in `lsmod|awk '{print $1}'|grep -v Module`; do rmmod $mod done #kexec -f --append="$KCMD" --initrd=/tmp/initrd /tmp/kernel /bin/rebootnode #If script is here, kexec failed, reboot in case it wasn't a linux kernel and let the boot loader handle it instead fi if [ "$DEST" == "runimage" ]; then mkdir /tmp/`basename $TARG` cd /tmp/`basename $TARG` ERROR=`wget $TARG` while [ $? == 1 ] && echo $ERROR|grep -v 416; do sleep 10 ERROR=`wget -c $TARG 2>&1` done while ! nextdestiny ; do echo "Retrying next destiny..." done tar zxvf `basename $TARG` cd /tmp/`basename $TARG` ./runme.sh cd - fi sleep 5 # something may be transiently wrong, check back in 5 seconds getdestiny if grep error /tmp/destiny; then echo ERROR: see above fi done
	fail	xCAT-server-2.5.1-alt0.4.2.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/xcat/netboot/add-on/autogpfs/autogpfsd.pl: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/add-on/autogpfs/autogpfsd.pl openlog('autogpfsd','','local0'); syslog($type,$msg); closelog(); #no syslog hack system("(date;echo : $type $msg) >>/tmp/autogpfsd.log"); } END { unlink PIDFILE if $$ == $pid; }
	info	bash-examples-3.2.57-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/bash-3.2.57/examples/scripts/bcsh.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/bash-3.2.57/examples/scripts/bcsh.sh ;; esac trap ':' 2 trap exit 3 trap "tail -n $savehist $histfile>/tmp/hist$$;uniq /tmp/hist$$ > $histfile;\ rm -f /tmp/*$$;exit 0" 15 getcmd=yes mailcheck= exclaim= echoit= -- while test "$line" != "end"; do echo $n "$PS2$c" read line cmd="${cmd};$line" done echo "$cmd" > /tmp/bcsh$$ ed - /tmp/bcsh$$ << ++++ s/end/done/ s/foreach[ ]\(.*\)(/for \1 in / s/)// s/;/;do / w -- line=done ;; esac cmd="${cmd};$line" done echo "$cmd" > /tmp/bcsh$$ ;; if[\ \ ]*) while test "$line" != "fi" && test "$line" != "endif" do echo $n "$PS2$c" -- line=fi ;; esac cmd="${cmd};$line" done echo "$cmd" > /tmp/bcsh$$ case "`grep then /tmp/bcsh$$`" in "") # fix 'if foo bar' cases ed - /tmp/bcsh$$ << ++++ s/)/);then/ s/.*/;fi/ w ++++ ;; -- echo $n "$PS2$c" read line cmd="${cmd}@$line" done cmd="`echo \"$cmd\" | tr '@' ' '`" echo "$cmd" > /tmp/bcsh$$ ;; switch[\ \ ]*) while test "$line" != "endsw" do echo $n "$PS2$c" read line cmd="${cmd}@$line" done echo "$cmd" > /tmp/bcsh$$ ed - /tmp/bcsh$$ << '++++' 1,$s/@/\ /g g/switch.*(/s//case "/ s/)/" in/ 1,$s/case[ ]\(.*\):$/;;\ -- g/breaksw/s/// 1,$s/default.*/;;\ *)/ w ++++ cmd="`cat /tmp/bcsh$$`" ;; *!*) hist=yes ;; esac -- echoit=yes getcmd=no continue ;; *~e) echo "$cmd" | sed -e "s@~e@@" > /tmp/bcsh$$ $EDITOR /tmp/bcsh$$ cmd="`cat /tmp/bcsh$$`" getcmd=no continue ;; *~v) echo "$cmd" | sed -e "s@~v@@" > /tmp/bcsh$$ echo "$lastcmd" > /tmp/bcsh$$ $VISUAL /tmp/bcsh$$ cmd="`cat /tmp/bcsh$$`" getcmd=no continue ;; exec[\ \ ]*) tail -n $savehist $histfile>/tmp/hist$$ uniq /tmp/hist$$ > $histfile rm -f /tmp/*$$ echo $cmd > /tmp/cmd$$ . /tmp/cmd$$ ;; login[\ \ ]*|newgrp[\ \ ]*) tail -n $savehist $histfile>/tmp/hist$$ uniq /tmp/hist$$ > $histfile rm -f /tmp/*$$ echo $cmd > /tmp/cmd$$ . /tmp/cmd$$ ;; logout|exit|bye) if test -s "$logoutfile" then # sh $logoutfile $SHELL $logoutfile fi tail -n $savehist $histfile > /tmp/hist$$ uniq /tmp/hist$$ > $histfile rm -f /tmp/*$$ exit 0 ;; h|history) grep -n . $histfile | tail -n $history | sed -e 's@:@ @' | $PAGER continue -- continue ;; source[\ \ ]*) set - $cmd shift echo . $* > /tmp/cmd$$ . /tmp/cmd$$ run=no ;; wait) wait run=no ;; .[\ \ ]*) echo $cmd > /tmp/cmd$$ . /tmp/cmd$$ run=no ;; cd|cd[\ \ ]*) # check if it will work first, or else this shell will terminate # if the cd dies. If you have a built-in test, you might want # to replace the try-it-and-see below with a couple of tests, # but it is probably just as fast like this. echo $cmd > /tmp/cmd$$ if ($SHELL /tmp/cmd$$) ; then . /tmp/cmd$$ fi run=no ;; awk[\ \ ]*|dd[\ \ ]*|cc[\ \ ]*|make[\ \ ]*) # these are the only commands I can think of whose syntax # includes an equals sign. Add others as you find them. echo "$cmd" > /tmp/bcsh$$ ;; setenv*|*=*) # handle setting shell variables, turning cshell syntax to Bourne # syntax -- note all variables must be exported or they will not # be usable in other commands echo "$cmd" > /tmp/cmd$$ ed - /tmp/cmd$$ << ++++ g/^setenv[ ]/s/[ ]/@/ g/^setenv@/s/[ ]/=/ g/^setenv@/s/// g/^set/s/// .t. \$s/=.*// s/^/export / w ++++ . /tmp/cmd$$ rm -f /tmp/cmd$$ run=no ;; unset[\ \ ]*|umask[\ \ ]*|export[\ \ ]*|set[\ \ ]*) # handle commands which twiddle current environment -- continue ;; esac ;; *) echo "$cmd" > /tmp/bcsh$$ ;; esac ;; no) echo "$cmd" > /tmp/bcsh$$ ;; esac ;; esac -- ;; *) case "$exclaim" in yes) cmd="`echo \"$cmd\" | sed -e 's@REALEXCLAMATIONMARK@!@g'`" echo "$cmd" > /tmp/bcsh$$ ;; esac case "$echoit" in yes) echo $cmd -- yes) case "${noclobber+yes}" in yes) case "$cmd" in *\>![\ \ ]*) ed - /tmp/bcsh$$ << ++++ g/>!/s//>/ w ++++ ;; *\>\>*) -- read answer case "$answer" in y*) ;; *) echo ':' > /tmp/bcsh$$ ;; esac ;; *) echo "${outfile}: file exists" echo ':' > /tmp/bcsh$$ ;; esac fi ;; esac -- esac ;; *) case "$cmd" in *\>![\ \ ]*) ed - /tmp/bcsh$$ << ++++ g/>!/s//>/g w ++++ ;; esac ;; esac (trap 'exit 1' 2 3; $BASH /tmp/bcsh$$) ;; esac case "$cmd" in $lastcmd) ;; Found error in /usr/share/doc/bash-3.2.57/examples/misc/cshtobash: $ grep -A5 -B5 /tmp/ /usr/share/doc/bash-3.2.57/examples/misc/cshtobash # zsh-3.0. # # Chet Ramey # chet@po.cwru.edu # trap 'rm -f /tmp/cb$$.? cshout cshin' 0 1 2 3 6 15 T=$'\t' SOURCE="${1:+source $1}" cat << EOF >cshin $SOURCE alias >! /tmp/cb$$.a setenv >! /tmp/cb$$.e set >! /tmp/cb$$.v EOF # give csh a minimal environment, similar to what login would provide /usr/bin/env - USER=$USER HOME=$HOME PATH=/usr/bin:/bin:/usr/ucb:. TERM=$TERM SHELL=$SHELL /bin/csh -i < ./cshin > cshout 2>&1 # First convert aliases cat << \EOF >/tmp/cb$$.1 mkalias () { case $2 in '') echo alias ${1}="''" ;; *[#\!]*) -- *) echo alias ${1}=\'$(echo "${2}" | sed "s:':'\\\\'':")\' ;; esac } EOF sed "s/^\([a-zA-Z0-9_]*\)$T\(.*\)$/mkalias \1 '\2'/" < /tmp/cb$$.a >>/tmp/cb$$.1 echo '# csh aliases' echo $BASH /tmp/cb$$.1 | sed -e 's/\$cwd/\$PWD/g' \ -e 's/\$term/\$TERM/g' \ -e 's/\$home/\$HOME/g' \ -e 's/\$user/\$USER/g' \ -e 's/\$prompt/\$PS1/g' -- # Would be nice to deal with embedded newlines, e.g. in TERMCAP, but ... sed -e '/^SHLVL/d' \ -e '/^PWD/d' \ -e "s/'/'"\\\\"''"/g \ -e "s/^\([A-Za-z0-9_]*=\)/export \1'/" \ -e "s/$/'/" < /tmp/cb$$.e # Finally, convert local variables echo echo '# csh variables' echo -- sed -e 's/'"$T"'/=/' \ -e "s/'/'"\\\\"''"/g \ -e '/^[A-Za-z0-9_]*=[^(]/{ s/=/='"'/"' s/$/'"'/"' }' < /tmp/cb$$.v | sed -e '/^argv=/d' -e '/^cwd=/d' -e '/^filec=/d' -e '/^status=/d' \ -e '/^verbose=/d' \ -e '/^term=/d' \ -e '/^home=/d' \ -e '/^path=/d' \ -- # now some special csh variables converted to bash equivalents echo echo '# special csh variables converted to bash equivalents' echo sed -e 's/'"$T"'/=/' < /tmp/cb$$.v | grep "^cdpath=" | sed 's/(// s/ /:/g s/)// s/cdpath=/CDPATH=/' sed -e 's/'"$T"'/=/' < /tmp/cb$$.v | grep "^mail=" | sed 's/(// s/ /:/g s/)// s/mail=/MAILPATH=/' | Found error in /usr/share/doc/bash-3.2.57/examples/misc/aliasconv.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/bash-3.2.57/examples/misc/aliasconv.sh # usage: aliasconv.sh # # Chet Ramey # chet@po.cwru.edu # trap 'rm -f /tmp/cb$$.?' 0 1 2 3 6 15 T=' ' cat << \EOF >/tmp/cb$$.1 mkalias () { case $2 in '') echo alias ${1}="''" ;; *[#\!]*) -- # the first thing we want to do is to protect single quotes in the alias, # since they whole thing is going to be surrounded by single quotes when # passed to mkalias sed -e "s:':\\'\\\'\\':" -e "s/^\([a-zA-Z0-9_-]*\)$T\(.*\)$/mkalias \1 '\2'/" >>/tmp/cb$$.1 sh /tmp/cb$$.1 | sed -e 's/\$cwd/\$PWD/g' \ -e 's/\$term/\$TERM/g' \ -e 's/\$home/\$HOME/g' \ -e 's/\$user/\$USER/g' \ -e 's/\$prompt/\$PS1/g' Found error in /usr/share/doc/bash-3.2.57/examples/misc/aliasconv.bash: $ grep -A5 -B5 /tmp/ /usr/share/doc/bash-3.2.57/examples/misc/aliasconv.bash # usage: aliasconv.bash # # Chet Ramey # chet@po.cwru.edu # trap 'rm -f /tmp/cb$$.?' 0 1 2 3 6 15 T=$'\t' cat << \EOF >/tmp/cb$$.1 mkalias () { case $2 in '') echo alias ${1}="''" ;; *[#\!]*) -- # the first thing we want to do is to protect single quotes in the alias, # since they whole thing is going to be surrounded by single quotes when # passed to mkalias sed -e "s:':\\'\\\'\\':" -e "s/^\([a-zA-Z0-9_-]*\)$T\(.*\)$/mkalias \1 '\2'/" >>/tmp/cb$$.1 $BASH /tmp/cb$$.1 | sed -e 's/\$cwd/\$PWD/g' \ -e 's/\$term/\$TERM/g' \ -e 's/\$home/\$HOME/g' \ -e 's/\$user/\$USER/g' \ -e 's/\$prompt/\$PS1/g'
	info	bash4-examples-4.2.50-alt1.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/bash4-4.2.50/examples/scripts/bcsh.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/bash4-4.2.50/examples/scripts/bcsh.sh ;; esac trap ':' 2 trap exit 3 trap "tail -n $savehist $histfile>/tmp/hist$$;uniq /tmp/hist$$ > $histfile;\ rm -f /tmp/*$$;exit 0" 15 getcmd=yes mailcheck= exclaim= echoit= -- while test "$line" != "end"; do echo $n "$PS2$c" read line cmd="${cmd};$line" done echo "$cmd" > /tmp/bcsh$$ ed - /tmp/bcsh$$ << ++++ s/end/done/ s/foreach[ ]\(.*\)(/for \1 in / s/)// s/;/;do / w -- line=done ;; esac cmd="${cmd};$line" done echo "$cmd" > /tmp/bcsh$$ ;; if[\ \ ]*) while test "$line" != "fi" && test "$line" != "endif" do echo $n "$PS2$c" -- line=fi ;; esac cmd="${cmd};$line" done echo "$cmd" > /tmp/bcsh$$ case "`grep then /tmp/bcsh$$`" in "") # fix 'if foo bar' cases ed - /tmp/bcsh$$ << ++++ s/)/);then/ s/.*/;fi/ w ++++ ;; -- echo $n "$PS2$c" read line cmd="${cmd}@$line" done cmd="`echo \"$cmd\" | tr '@' ' '`" echo "$cmd" > /tmp/bcsh$$ ;; switch[\ \ ]*) while test "$line" != "endsw" do echo $n "$PS2$c" read line cmd="${cmd}@$line" done echo "$cmd" > /tmp/bcsh$$ ed - /tmp/bcsh$$ << '++++' 1,$s/@/\ /g g/switch.*(/s//case "/ s/)/" in/ 1,$s/case[ ]\(.*\):$/;;\ -- g/breaksw/s/// 1,$s/default.*/;;\ *)/ w ++++ cmd="`cat /tmp/bcsh$$`" ;; *!*) hist=yes ;; esac -- echoit=yes getcmd=no continue ;; *~e) echo "$cmd" | sed -e "s@~e@@" > /tmp/bcsh$$ $EDITOR /tmp/bcsh$$ cmd="`cat /tmp/bcsh$$`" getcmd=no continue ;; *~v) echo "$cmd" | sed -e "s@~v@@" > /tmp/bcsh$$ echo "$lastcmd" > /tmp/bcsh$$ $VISUAL /tmp/bcsh$$ cmd="`cat /tmp/bcsh$$`" getcmd=no continue ;; exec[\ \ ]*) tail -n $savehist $histfile>/tmp/hist$$ uniq /tmp/hist$$ > $histfile rm -f /tmp/*$$ echo $cmd > /tmp/cmd$$ . /tmp/cmd$$ ;; login[\ \ ]*|newgrp[\ \ ]*) tail -n $savehist $histfile>/tmp/hist$$ uniq /tmp/hist$$ > $histfile rm -f /tmp/*$$ echo $cmd > /tmp/cmd$$ . /tmp/cmd$$ ;; logout|exit|bye) if test -s "$logoutfile" then # sh $logoutfile $SHELL $logoutfile fi tail -n $savehist $histfile > /tmp/hist$$ uniq /tmp/hist$$ > $histfile rm -f /tmp/*$$ exit 0 ;; h|history) grep -n . $histfile | tail -n $history | sed -e 's@:@ @' | $PAGER continue -- continue ;; source[\ \ ]*) set - $cmd shift echo . $* > /tmp/cmd$$ . /tmp/cmd$$ run=no ;; wait) wait run=no ;; .[\ \ ]*) echo $cmd > /tmp/cmd$$ . /tmp/cmd$$ run=no ;; cd|cd[\ \ ]*) # check if it will work first, or else this shell will terminate # if the cd dies. If you have a built-in test, you might want # to replace the try-it-and-see below with a couple of tests, # but it is probably just as fast like this. echo $cmd > /tmp/cmd$$ if ($SHELL /tmp/cmd$$) ; then . /tmp/cmd$$ fi run=no ;; awk[\ \ ]*|dd[\ \ ]*|cc[\ \ ]*|make[\ \ ]*) # these are the only commands I can think of whose syntax # includes an equals sign. Add others as you find them. echo "$cmd" > /tmp/bcsh$$ ;; setenv*|*=*) # handle setting shell variables, turning cshell syntax to Bourne # syntax -- note all variables must be exported or they will not # be usable in other commands echo "$cmd" > /tmp/cmd$$ ed - /tmp/cmd$$ << ++++ g/^setenv[ ]/s/[ ]/@/ g/^setenv@/s/[ ]/=/ g/^setenv@/s/// g/^set/s/// .t. \$s/=.*// s/^/export / w ++++ . /tmp/cmd$$ rm -f /tmp/cmd$$ run=no ;; unset[\ \ ]*|umask[\ \ ]*|export[\ \ ]*|set[\ \ ]*) # handle commands which twiddle current environment -- continue ;; esac ;; *) echo "$cmd" > /tmp/bcsh$$ ;; esac ;; no) echo "$cmd" > /tmp/bcsh$$ ;; esac ;; esac -- ;; *) case "$exclaim" in yes) cmd="`echo \"$cmd\" | sed -e 's@REALEXCLAMATIONMARK@!@g'`" echo "$cmd" > /tmp/bcsh$$ ;; esac case "$echoit" in yes) echo $cmd -- yes) case "${noclobber+yes}" in yes) case "$cmd" in *\>![\ \ ]*) ed - /tmp/bcsh$$ << ++++ g/>!/s//>/ w ++++ ;; *\>\>*) -- read answer case "$answer" in y*) ;; *) echo ':' > /tmp/bcsh$$ ;; esac ;; *) echo "${outfile}: file exists" echo ':' > /tmp/bcsh$$ ;; esac fi ;; esac -- esac ;; *) case "$cmd" in *\>![\ \ ]*) ed - /tmp/bcsh$$ << ++++ g/>!/s//>/g w ++++ ;; esac ;; esac (trap 'exit 1' 2 3; $BASH /tmp/bcsh$$) ;; esac case "$cmd" in $lastcmd) ;;
	info	clsync-0.4.2-alt2.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/clsync/examples/production/etc/clsync/synchandler/lxc/brother.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/clsync/examples/production/etc/clsync/synchandler/lxc/brother.sh # if mount | grep "$BROTHERMNT" > /dev/null; then if ping -w 1 -qc 5 -i 0.1 $BROTHERNAME > /dev/null; then #if [ ! -d "$TO" ]; then # mkdir -p "$TO" #fi exec rsync --password-file="/etc/rsyncd.pass" -aH --timeout=3600 --inplace --delete-before $STATICEXCLUDE "$excludefrom" --include-from="${LISTFILE}" --exclude='*' "$FROM"/ "$TO"/ 2>/tmp/clsync-rsync-"$LABEL"-brother.err else sleep $[ 3600 + $RANDOM % 1800 ] exit 128 fi # else Found error in /usr/share/doc/clsync/examples/production/etc/clsync/synchandler/lxc/backup.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/clsync/examples/production/etc/clsync/synchandler/lxc/backup.sh # if mount | grep "$BACKUPMNT" > /dev/null; then if ping -w 1 -qc 5 -i 0.1 $BACKUPHOST > /dev/null; then #if [ ! -d "$BACKUPDECR" ]; then # mkdir -p "$BACKUPDECR" #fi exec rsync --password-file="/etc/backup.pass" -aH --timeout=3600 --inplace --delete-before $STATICEXCLUDE "$excludefrom" --include-from="${LISTFILE}" --exclude='*' --backup --backup-dir="$BACKUPDECR"/ "$FROM"/ "$BACKUPMIRROR"/ 2>/tmp/clsync-rsync-"$LABEL"-backup.err else sleep $[ 3600 + $RANDOM % 1800 ] return 128 fi # else
	info	lbuscd-0.6-alt10.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /lib/udev/remove_fstab_entry: $ grep -A5 -B5 /tmp/ /lib/udev/remove_fstab_entry # remove_fstab_entry # place in /lib/udev devicename=$1 grep '^/dev/'${devicename}'[[:blank:]]' /tmp/fstab | while read DEV MOUNTDIR TYPE OPTIONS DUMP PASS; do MOUNTPOINT=`basename "${MOUNTDIR}"` echo "RemoveDevice|${MOUNTPOINT}" > /tmp/lbus.fifo umount -l ${DEV} 2>&1 >/dev/null rmdir ${MOUNTDIR} done grep -v '^/dev/'$devicename'[[:blank:]]' /tmp/fstab >/tmp/fstab.tmp cp -f /tmp/fstab.tmp /tmp/fstab rm /tmp/fstab.tmp Found error in /lib/udev/add_fstab_entry: $ grep -A5 -B5 /tmp/ /lib/udev/add_fstab_entry LABEL=$(echo ${ID_BUS}${ID_TYPE}-$devicename |tr " " "_") fi fi # make sure the root we mount to exists ROOT=/tmp/drives [ -d $ROOT ] || mkdir ${ROOT} # invent $MOUNTPOINT MOUNTPOINT=$ROOT/$LABEL [ -d $MOUNTPOINT ] || mkdir ${MOUNTPOINT} -- if [ "${IOCHARSET}" = "utf8" ]; then MOUNTOPTS="${MOUNTOPTS},utf8" else MOUNTOPTS="${MOUNTOPTS},iocharset=${IOCHARSET}" fi echo "/dev/$devicename ${MOUNTPOINT} udf,iso9660,cdfs ${MOUNTOPTS} 0 0" >> /tmp/fstab echo "AddCdromDrive|${LABEL}|/dev/${devicename}|${DESCRIPTION}" > /tmp/lbus.fifo else REMOVABLE=0 MOUNTOPTS="rw,noatime" if [ ${BASEDEV} = "fd" ]; then DESCRIPTION="Floppy" -- fuse.ntfs|ntfs-3g) MOUNTOPTS="${MOUNTOPTS},silent,umask=000,locale=en_US.UTF-8" ;; esac fi echo "/dev/$devicename ${MOUNTPOINT} ${fstype} ${MOUNTOPTS} 0 0" >> /tmp/fstab echo "AddBlockDevice|${LABEL}|/dev/${devicename}|${REMOVABLE}|${SIZE}|${DESCRIPTION}" > /tmp/lbus.fifo fi
	info	menu-2.1.41-alt22.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/menu-2.1.41/examples/cat: $ grep -A5 -B5 /tmp/ /usr/share/doc/menu-2.1.41/examples/cat #!/bin/sh cat > /tmp/menu-stdin exit 0 #In the good old days of menu-0 compatibility, one had to use: -- # #This file can be very usefull when you want to run one particular # #menu-method file several times, without running any of the others. # #In order to do so, do: # # - cp ./cat /etc/menu-methods/ # # - run update-menus so that the "cat" menu-method gets executed. # # Now you've got /tmp/menu-stdin. # # - With this file, you don't need update-menus at all any more, and you # # can symply run your hand-written "menu-test" menu-method by typing: # # ./menu-test < /tmp/menu-stdin # # # # The advantage of doing this is # # - none of the other menu-method files get excecuted (speedup) # # - update-menus doesn't need to open some hundred menu-entry files # # every time you test a change in your menu-method file. # # (speedup) # compat="menu-1" # command="cat > /tmp/menu-stdin"
	info	python-module-dialog-3.3.0-alt1.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/python-module-dialog-3.3.0/examples/with-autowidgetsize/demo.py: $ grep -A5 -B5 /tmp/ /usr/share/doc/python-module-dialog-3.3.0/examples/with-autowidgetsize/demo.py easily append data. With the {widget} widget, you can see the data stream \ flow in real time. To create a FIFO, you can use the commmand mkfifo(1), like this: % mkfifo /tmp/my_shiny_new_fifo Then, you can cat(1) data to the FIFO like this: % cat >>/tmp/my_shiny_new_fifo First line of text Second line of text ... You can end the input to cat(1) by typing Ctrl-D at the beginning of a \ Found error in /usr/share/doc/python-module-dialog-3.3.0/examples/demo.py: $ grep -A5 -B5 /tmp/ /usr/share/doc/python-module-dialog-3.3.0/examples/demo.py easily append data. With the {widget} widget, you can see the data stream \ flow in real time. To create a FIFO, you can use the commmand mkfifo(1), like this: % mkfifo /tmp/my_shiny_new_fifo Then, you can cat(1) data to the FIFO like this: % cat >>/tmp/my_shiny_new_fifo First line of text Second line of text ... You can end the input to cat(1) by typing Ctrl-D at the beginning of a \
	info	python-module-pyinotify-examples-0.9.6-alt1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/pyinotify/transient_file.sh: $ grep -A5 -B5 /tmp/ /usr/share/pyinotify/transient_file.sh #!/bin/bash for a in 1 2 3 4 5 6 7 8 9 10 do touch /tmp/test1234; echo -ne "42" > /tmp/test1234; rm -f /tmp/test1234; done
	info	python3-module-dialog-3.3.0-alt1.1.noarch	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/python3-module-dialog-3.3.0/examples/with-autowidgetsize/demo.py: $ grep -A5 -B5 /tmp/ /usr/share/doc/python3-module-dialog-3.3.0/examples/with-autowidgetsize/demo.py easily append data. With the {widget} widget, you can see the data stream \ flow in real time. To create a FIFO, you can use the commmand mkfifo(1), like this: % mkfifo /tmp/my_shiny_new_fifo Then, you can cat(1) data to the FIFO like this: % cat >>/tmp/my_shiny_new_fifo First line of text Second line of text ... You can end the input to cat(1) by typing Ctrl-D at the beginning of a \ Found error in /usr/share/doc/python3-module-dialog-3.3.0/examples/demo.py: $ grep -A5 -B5 /tmp/ /usr/share/doc/python3-module-dialog-3.3.0/examples/demo.py easily append data. With the {widget} widget, you can see the data stream \ flow in real time. To create a FIFO, you can use the commmand mkfifo(1), like this: % mkfifo /tmp/my_shiny_new_fifo Then, you can cat(1) data to the FIFO like this: % cat >>/tmp/my_shiny_new_fifo First line of text Second line of text ... You can end the input to cat(1) by typing Ctrl-D at the beginning of a \
	info	tcl-httpd-manual-3.5.1-alt1.qa1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/tcl-httpd-3.5.1/htdocs/cgi-bin/wiki.cgi: $ grep -A5 -B5 /tmp/ /usr/share/doc/tcl-httpd-3.5.1/htdocs/cgi-bin/wiki.cgi cd ~welch/kit WIKIT_BASE=http://medlicott.panasas.com:8015/wiki export WIKIT_BASE echo $SCRIPT_NAME > /tmp/wiki.log echo HTTP/1.0 200 ok if [ ! -f /usr10/home/welch/kit/tclkit-linux-i686 ]; then echo "wiki.cgi not configured"
	info	wireguard-tools-0.0.20180413-alt2.M80P.1.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/wireguard-tools-0.0.20180413/examples/ncat-client-server/client.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/wireguard-tools-0.0.20180413/examples/ncat-client-server/client.sh # Copyright (C) 2015-2018 Jason A. Donenfeld . All Rights Reserved. set -e [[ $UID == 0 ]] || { echo "You must be root to run this."; exit 1; } umask 077 trap 'rm -f /tmp/wg_private_key' EXIT INT TERM exec 3<>/dev/tcp/demo.wireguard.com/42912 wg genkey | tee /tmp/wg_private_key | wg pubkey >&3 IFS=: read -r status server_pubkey server_port internal_ip <&3 [[ $status == OK ]] ip link del dev wg0 2>/dev/null || true ip link add dev wg0 type wireguard wg set wg0 private-key /tmp/wg_private_key peer "$server_pubkey" allowed-ips 0.0.0.0/0 endpoint "demo.wireguard.com:$server_port" persistent-keepalive 25 ip address add "$internal_ip"/24 dev wg0 ip link set up dev wg0 if [ "$1" == "default-route" ]; then host="$(wg show wg0 endpoints | sed -n 's/.*\t\(.*\):.*/\1/p')" ip route add $(ip route get $host | sed '/ via [0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/{s/^\(.* via [0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\).*/\1/}' | head -n 1) 2>/dev/null || true
	info	zfs-utils-0.7.12-alt3.x86_64	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_upgrade_001_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_upgrade_001_pos.ksh # We also check that the usage message contains a description of legacy # versions and a note about feature flags. log_must eval "zpool upgrade -v | head -1 | grep 'feature flags'" zpool upgrade -v > /tmp/zpool-versions.$$ # # Current output for 'zpool upgrade -v' has different indent space # for single and double digit version number. For example, # 9 refquota and refreservation properties # 10 Cache devices # for version in {1..28}; do log_note "Checking for a description of pool version $version" log_must eval "awk '/^ $version / { print $1 }' /tmp/zpool-versions.$$ | grep $version" done rm /tmp/zpool-versions.$$ log_pass "Executing 'zpool upgrade -v' command succeeds" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_status_001_neg.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_status_001_neg.ksh # 2. Verify we get output # function check_pool_status { RESULT=$(grep "pool:" /tmp/pool-status.$$) if [ -z "$RESULT" ] then log_fail "No pool: string found in zpool status output!" fi rm /tmp/pool-status.$$ } verify_runnable "global" log_assert "zpool status works when run as a user" log_must eval "zpool status > /tmp/pool-status.$$" check_pool_status log_must eval "zpool status -v > /tmp/pool-status.$$" check_pool_status log_must eval "zpool status $TESTPOOL> /tmp/pool-status.$$" check_pool_status log_must eval "zpool status -v $TESTPOOL > /tmp/pool-status.$$" check_pool_status log_pass "zpool status works when run as a user" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_get_003_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_get_003_pos.ksh typeset -i i=0; while [ $i -lt "${#properties[@]}" ] do log_note "Checking for ${properties[$i]} property" log_must eval "zpool get ${properties[$i]} $TESTPOOL > /tmp/value.$$" grep "${properties[$i]}" /tmp/value.$$ > /dev/null 2>&1 if [ $? -ne 0 ] then log_fail "${properties[$i]} not seen in output" fi grep "^NAME " /tmp/value.$$ > /dev/null 2>&1 # only need to check this once. if [ $i -eq 0 ] && [ $? -ne 0 ] then log_fail "Header not seen in zpool get output" fi i=$(( $i + 1 )) done rm /tmp/value.$$ log_pass "Zpool get returns values for all known properties" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_get_002_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_get_002_pos.ksh if ! is_global_zone ; then TESTPOOL=${TESTPOOL%%/*} fi log_must zpool get all $TESTPOOL zpool get all $TESTPOOL > /tmp/values.$$ log_note "Checking zpool get all output for a header." grep ^"NAME " /tmp/values.$$ > /dev/null 2>&1 if [ $? -ne 0 ] then log_fail "The header was not printed from zpool get all" fi while [ $i -lt "${#properties[@]}" ] do log_note "Checking for ${properties[$i]} property" grep "$TESTPOOL *${properties[$i]}" /tmp/values.$$ > /dev/null 2>&1 if [ $? -ne 0 ] then log_fail "zpool property ${properties[$i]} was not found\ in pool output." fi -- done # increment the counter to include the header line i=$(( $i + 1 )) COUNT=$(wc /tmp/values.$$ | awk '{print $1}') if [ $i -ne $COUNT ] then log_fail "Found zpool features not in the zpool_get test config $i/$COUNT." fi rm /tmp/values.$$ log_pass "Zpool get all works as expected" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_create_020_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_create_020_pos.ksh then log_fail "Mounted filesystem at /${TESTPOOL}.root isn't ZFS!" fi log_must zpool get all $TESTPOOL zpool get all $TESTPOOL > /tmp/values.$$ # check for the cachefile property, verifying that it's set to 'none' grep "$TESTPOOL[ ]*cachefile[ ]*none" /tmp/values.$$ > /dev/null 2>&1 if [ $? -ne 0 ] then log_fail "zpool property \'cachefile\' was not set to \'none\'." fi # check that the root = /mountpoint property is set correctly grep "$TESTPOOL[ ]*altroot[ ]*/${TESTPOOL}.root" /tmp/values.$$ > /dev/null 2>&1 if [ $? -ne 0 ] then log_fail "zpool property root was not found in pool output." fi rm /tmp/values.$$ # finally, check that the pool has no reference in /etc/zfs/zpool.cache if [[ -f /etc/zfs/zpool.cache ]] ; then REF=$(strings /etc/zfs/zpool.cache | grep ${TESTPOOL}) if [ ! -z "$REF" ] Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_add_001_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_add_001_pos.ksh eval set -A poolarray $pooldevs eval set -A mirrorarray $mirrordevs eval set -A raidzarray $raidzdevs while (( $i < ${#keywords[*]} )); do echo "I=$i keyword=${keywords[i]}" >>/tmp/LOG case ${keywords[i]} in ""|spare) for vdev in "${poolarray[@]}"; do create_pool "$TESTPOOL" "${disk}${SLICE_PREFIX}${SLICE6}" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_002_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_002_pos.ksh export ZFS_ABORT=yes for subcmd in "${cmds[@]}" "${badparams[@]}"; do corefile=${corepath}/core.zpool zpool $subcmd >/dev/null 2>&1 ls -l $corepath >>/tmp/CORE if [[ ! -e $corefile ]]; then log_fail "zpool $subcmd cannot generate core file with ZFS_ABORT set." fi rm -f $corefile done Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool_001_neg.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool_001_neg.ksh # # function cleanup { if [ -e /tmp/zpool_001_neg.$$.txt ] then rm /tmp/zpool_001_neg.$$.txt fi } log_onexit cleanup log_assert "zpool shows a usage message when run as a user" eval "zpool > /tmp/zpool_001_neg.$$.txt 2>&1" log_must grep "usage: zpool command args" /tmp/zpool_001_neg.$$.txt log_pass "zpool shows a usage message when run as a user" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raidz3.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raidz3.sh # loop0 loop1 loop2 loop3 # md0 (faulty) md1 (faulty) md2 (faulty) md3 (faulty) # <--------------------- raidz3 zpool --------------------> # FILES="/tmp/zpool-vdev0 \ /tmp/zpool-vdev1 \ /tmp/zpool-vdev2 \ /tmp/zpool-vdev3" LODEVICES="" MDDEVICES="" zpool_create() { check_loop_utils -- msg ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} raidz3 ${MDDEVICES} ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} raidz3 ${MDDEVICES} || \ (destroy_md_devices "${MDDEVICES}" && \ destroy_loop_devices "${LODEVICES}" && exit 1) echo "$LODEVICES" >/tmp/zpool-lo.txt echo "$MDDEVICES" >/tmp/zpool-md.txt } zpool_destroy() { msg ${ZPOOL} destroy ${ZPOOL_NAME} ${ZPOOL} destroy ${ZPOOL_NAME} destroy_md_devices "`cat /tmp/zpool-md.txt`" destroy_loop_devices "`cat /tmp/zpool-lo.txt`" rm -f /tmp/zpool-md.txt /tmp/zpool-lo.txt } Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raidz2.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raidz2.sh msg ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} raidz2 ${MDDEVICES} ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} raidz2 ${MDDEVICES} || \ (destroy_md_devices "${MDDEVICES}" && \ destroy_loop_devices "${LODEVICES}" && exit 1) echo "$LODEVICES" >/tmp/zpool-lo.txt echo "$MDDEVICES" >/tmp/zpool-md.txt } zpool_destroy() { msg ${ZPOOL} destroy ${ZPOOL_NAME} ${ZPOOL} destroy ${ZPOOL_NAME} destroy_md_devices "`cat /tmp/zpool-md.txt`" destroy_loop_devices "`cat /tmp/zpool-lo.txt`" rm -f /tmp/zpool-md.txt /tmp/zpool-lo.txt } Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raidz.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raidz.sh msg ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} raidz ${MDDEVICES} ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} raidz ${MDDEVICES} || \ (destroy_md_devices "${MDDEVICES}" && \ destroy_loop_devices "${LODEVICES}" && exit 1) echo "$LODEVICES" >/tmp/zpool-lo.txt echo "$MDDEVICES" >/tmp/zpool-md.txt } zpool_destroy() { msg ${ZPOOL} destroy ${ZPOOL_NAME} ${ZPOOL} destroy ${ZPOOL_NAME} destroy_md_devices "`cat /tmp/zpool-md.txt`" destroy_loop_devices "`cat /tmp/zpool-lo.txt`" rm -f /tmp/zpool-md.txt /tmp/zpool-lo.txt } Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raid10.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raid10.sh ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} \ mirror ${MDDEVICES_M1} mirror ${MDDEVICES_M2} || \ (destroy_md_devices "${MDDEVICES}" && \ destroy_loop_devices "${LODEVICES}" && exit 1) echo "$LODEVICES" >/tmp/zpool-lo.txt echo "$MDDEVICES" >/tmp/zpool-md.txt } zpool_destroy() { msg ${ZPOOL} destroy ${ZPOOL_NAME} ${ZPOOL} destroy ${ZPOOL_NAME} destroy_md_devices "`cat /tmp/zpool-md.txt`" destroy_loop_devices "`cat /tmp/zpool-lo.txt`" rm -f /tmp/zpool-md.txt /tmp/zpool-lo.txt } Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raid0.sh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zpool-config/lo-faulty-raid0.sh msg ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} ${MDDEVICES} ${ZPOOL} create ${ZPOOL_FLAGS} ${ZPOOL_NAME} ${MDDEVICES} || \ (destroy_md_devices "${MDDEVICES}" && \ destroy_loop_devices "${LODEVICES}" && exit 1) echo "$LODEVICES" >/tmp/zpool-lo.txt echo "$MDDEVICES" >/tmp/zpool-md.txt } zpool_destroy() { msg ${ZPOOL} destroy ${ZPOOL_NAME} ${ZPOOL} destroy ${ZPOOL_NAME} destroy_md_devices "`cat /tmp/zpool-md.txt`" destroy_loop_devices "`cat /tmp/zpool-lo.txt`" rm -f /tmp/zpool-md.txt /tmp/zpool-lo.txt } Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zfs_send_001_neg.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zfs_send_001_neg.ksh # # function cleanup { if [ -e /tmp/zfstest_datastream.$$ ] then log_must rm /tmp/zfstest_datastream.$$ fi } log_assert "zfs send returns an error when run as a user" log_onexit cleanup log_mustnot eval "zfs send $TESTPOOL/$TESTFS@snap > /tmp/zfstest_datastream.$$" # Now check that the above command actually did nothing # We should have a non-zero-length file in /tmp if [ -s /tmp/zfstest_datastream.$$ ] then log_fail "A zfs send file was created in /tmp/zfstest_datastream.$$ !" fi log_pass "zfs send returns an error when run as a user" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zfs_receive_010_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zfs_receive_010_pos.ksh } function cleanup { zfs destroy -Rf $TESTPOOL/$TESTFS/base rm /tmp/zr010p* } log_assert "zfs receive of full send as clone should work" log_onexit cleanup log_must zfs create -o checksum=sha256 -o compression=gzip -o recordsize=512 \ -- done log_must zfs snapshot $fs@s1 log_must zfs snapshot $fs2@s1 log_must zfs send $fs@s1 > /tmp/zr010p log_must zfs send $fs2@s1 > /tmp/zr010p2 # # Test that, when we receive a full send as a clone of itself, # nop-write saves us all the space used by data blocks. # cat /tmp/zr010p | log_must zfs receive -o origin=$fs@s1 $rfs size=$(get_prop used $rfs) size2=$(get_prop used $fs) if [[ $size -ge $(($size2 / 10)) ]] then log_fail "nop-write failure; expected usage less than "\ "$(($size2 / 10)), but is using $size" fi log_must zfs destroy -fr $rfs # Correctness testing: receive each full send as a clone of the other fiesystem. cat /tmp/zr010p | log_must zfs receive -o origin=$fs2@s1 $rfs mntpnt_old=$(get_prop mountpoint $fs) mntpnt_new=$(get_prop mountpoint $rfs) log_must diff -r $mntpnt_old $mntpnt_new log_must zfs destroy -r $rfs cat /tmp/zr010p2 | log_must zfs receive -o origin=$fs@s1 $rfs mntpnt_old=$(get_prop mountpoint $fs2) mntpnt_new=$(get_prop mountpoint $rfs) log_must diff -r $mntpnt_old $mntpnt_new log_pass "zfs receive of full send as clone works" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zfs_001_neg.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zfs_001_neg.ksh # 2. Verify it produces a usage message # function cleanup { if [ -e /tmp/zfs_001_neg.$$.txt ] then rm /tmp/zfs_001_neg.$$.txt fi } log_onexit cleanup log_assert "zfs shows a usage message when run as a user" eval "zfs > /tmp/zfs_001_neg.$$.txt 2>&1" log_must grep "usage: zfs command args" /tmp/zfs_001_neg.$$.txt log_pass "zfs shows a usage message when run as a user" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/zdb_001_neg.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/zdb_001_neg.ksh # 2. Run zdb as a user on different datasets, it should fail # function check_zdb { $@ > /tmp/zdb.$$ grep "Dataset mos" /tmp/zdb.$$ if [ $? -eq 0 ] then log_fail "$@ exited 0 when run as a non root user!" fi rm /tmp/zdb.$$ } function cleanup { if [ -e /tmp/zdb_001_neg.$$.txt ] then rm /tmp/zdb_001_neg.$$.txt fi } verify_runnable "global" log_assert "zdb can't run as a user on datasets, but can run without arguments" log_onexit cleanup log_must eval "zdb > /tmp/zdb_001_neg.$$.txt" # verify the output looks okay log_must grep pool_guid /tmp/zdb_001_neg.$$.txt log_must rm /tmp/zdb_001_neg.$$.txt # we shouldn't able to run it on any dataset check_zdb zdb $TESTPOOL check_zdb zdb $TESTPOOL/$TESTFS check_zdb zdb $TESTPOOL/$TESTFS@snap Found error in /usr/share/doc/zfs-utils-0.7.12/examples/xattr_011_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/xattr_011_pos.ksh log_note "Checking cpio - unsupported" else log_note "Checking cpio" log_must touch $TESTDIR/cpio.$$ create_xattr $TESTDIR/cpio.$$ passwd /etc/passwd echo $TESTDIR/cpio.$$ | cpio -o@ > /tmp/xattr.$$.cpio echo $TESTDIR/cpio.$$ | cpio -o > /tmp/noxattr.$$.cpio # we should have no xattr here log_must cpio -iu < /tmp/xattr.$$.cpio log_mustnot eval "runat $TESTDIR/cpio.$$ cat passwd > /dev/null 2>&1" # we should have an xattr here log_must cpio -iu@ < /tmp/xattr.$$.cpio log_must eval "runat $TESTDIR/cpio.$$ cat passwd > /dev/null 2>&1" # we should have no xattr here log_must cpio -iu < /tmp/noxattr.$$.cpio log_mustnot eval "runat $TESTDIR/cpio.$$ cat passwd > /dev/null 2>&1" # we should have no xattr here log_must cpio -iu@ < /tmp/noxattr.$$.cpio log_mustnot eval "runat $TESTDIR/cpio.$$ cat passwd > /dev/null 2>&1" log_must rm $TESTDIR/cpio.$$ /tmp/xattr.$$.cpio /tmp/noxattr.$$.cpio fi log_note "Checking cp" # check that with the right flag, the xattr is preserved if is_linux; then Found error in /usr/share/doc/zfs-utils-0.7.12/examples/xattr_008_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/xattr_008_pos.ksh # function cleanup { typeset file for file in /tmp/output.$$ /tmp/expected-output.$$ \ $TESTDIR/myfile.$$ ; do log_must rm -f $file done } -- # create a file, and an xattr on it log_must touch $TESTDIR/myfile.$$ create_xattr $TESTDIR/myfile.$$ passwd /etc/passwd # listing the directory . log_must eval "runat $TESTDIR/myfile.$$ ls . > /tmp/output.$$" create_expected_output /tmp/expected-output.$$ \ SUNWattr_ro SUNWattr_rw passwd log_must diff /tmp/output.$$ /tmp/expected-output.$$ # list the directory . long form log_must eval "runat $TESTDIR/myfile.$$ ls -a . > /tmp/output.$$" create_expected_output /tmp/expected-output.$$ . .. \ SUNWattr_ro SUNWattr_rw passwd log_must diff /tmp/output.$$ /tmp/expected-output.$$ # list the directory .. expecting one file OUTPUT=$(runat $TESTDIR/myfile.$$ ls ..) if [ "$OUTPUT" != ".." ] then Found error in /usr/share/doc/zfs-utils-0.7.12/examples/xattr_007_neg.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/xattr_007_neg.ksh function cleanup { log_must zfs destroy $TESTPOOL/$TESTFS@snap log_must rm $TESTDIR/myfile2.$$ log_must rm $TESTDIR/myfile.$$ log_must rm /tmp/output.$$ [[ -e /tmp/expected_output.$$ ]] && log_must rm \ /tmp/expected_output.$$ } log_assert "create/write xattr on a snapshot fails" log_onexit cleanup -- log_must zfs snapshot $TESTPOOL/$TESTFS@snap # we shouldn't be able to alter the first file's xattr if is_linux; then log_mustnot eval "attr -s cp $TESTDIR/.zfs/snapshot/snap/myfile.$$ \ /tmp/output.$$ 2>&1" log_must grep -i Read-only /tmp/output.$$ log_must eval "attr -q -l $TESTDIR/.zfs/snapshot/snap/myfile2.$$ \ >/tmp/output.$$ 2>&1" log_must eval "attr -q -l $TESTDIR/myfile2.$$ >/tmp/expected_output.$$" else log_mustnot eval " runat $TESTDIR/.zfs/snapshot/snap/myfile.$$ \ cp /etc/passwd . >/tmp/output.$$ 2>&1" log_must grep -i Read-only /tmp/output.$$ log_must eval "runat $TESTDIR/.zfs/snapshot/snap/myfile2.$$ \ ls >/tmp/output.$$ 2>&1" create_expected_output /tmp/expected_output.$$ SUNWattr_ro SUNWattr_rw fi log_must diff /tmp/output.$$ /tmp/expected_output.$$ log_pass "create/write xattr on a snapshot fails" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/xattr_004_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/xattr_004_pos.ksh # we need to be able to create zvols to hold our test ufs|ext filesystem. verify_runnable "global" # Make sure we clean up properly function cleanup { if ismounted /tmp/$NEWFS_DEFAULT_FS.$$ $NEWFS_DEFAULT_FS; then log_must umount /tmp/$NEWFS_DEFAULT_FS.$$ log_must rm -rf /tmp/$NEWFS_DEFAULT_FS.$$ fi } log_assert "Files from $NEWFS_DEFAULT_FS,tmpfs with xattrs copied to zfs retain xattr info." log_onexit cleanup -- # Create a ufs|ext file system that we can work in log_must zfs create -V128m $TESTPOOL/$TESTFS/zvol block_device_wait log_must eval "echo y | newfs $ZVOL_DEVDIR/$TESTPOOL/$TESTFS/zvol > /dev/null 2>&1" log_must mkdir /tmp/$NEWFS_DEFAULT_FS.$$ if is_linux; then log_must mount -o user_xattr \ $ZVOL_DEVDIR/$TESTPOOL/$TESTFS/zvol /tmp/$NEWFS_DEFAULT_FS.$$ # Create files in ext and tmpfs, and set some xattrs on them. # Use small values for xattrs for ext compatibility. log_must touch /tmp/$NEWFS_DEFAULT_FS.$$/$NEWFS_DEFAULT_FS-file.$$ log_must touch /tmp/tmpfs-file.$$ echo "TEST XATTR" >/tmp/xattr1 echo "1234567890" >/tmp/xattr2 log_must attr -q -s xattr1 \ /tmp/$NEWFS_DEFAULT_FS.$$/$NEWFS_DEFAULT_FS-file.$$ /tmp/xattr1.$$" log_must diff /tmp/xattr1.$$ /tmp/xattr1 log_must eval "attr -q -g xattr2 $TESTDIR/tmpfs-file.$$ >/tmp/xattr2.$$" log_must diff /tmp/xattr2.$$ /tmp/xattr2 log_must rm /tmp/xattr1 /tmp/xattr1.$$ /tmp/xattr2 /tmp/xattr2.$$ log_must umount /tmp/$NEWFS_DEFAULT_FS.$$ else log_must mount $ZVOL_DEVDIR/$TESTPOOL/$TESTFS/zvol \ /tmp/$NEWFS_DEFAULT_FS.$$ # Create files in ufs and tmpfs, and set some xattrs on them. log_must touch /tmp/$NEWFS_DEFAULT_FS.$$/$NEWFS_DEFAULT_FS-file.$$ log_must touch /tmp/tmpfs-file.$$ log_must runat /tmp/$NEWFS_DEFAULT_FS.$$/$NEWFS_DEFAULT_FS-file.$$ \ cp /etc/passwd . log_must runat /tmp/tmpfs-file.$$ cp /etc/group . # copy those files to ZFS log_must cp -@ /tmp/$NEWFS_DEFAULT_FS.$$/$NEWFS_DEFAULT_FS-file.$$ \ $TESTDIR log_must cp -@ /tmp/tmpfs-file.$$ $TESTDIR # ensure the xattr information has been copied correctly log_must runat $TESTDIR/$NEWFS_DEFAULT_FS-file.$$ \ diff passwd /etc/passwd log_must runat $TESTDIR/tmpfs-file.$$ diff group /etc/group log_must umount /tmp/$NEWFS_DEFAULT_FS.$$ fi log_pass "Files from $NEWFS_DEFAULT_FS,tmpfs with xattrs copied to zfs retain xattr info." Found error in /usr/share/doc/zfs-utils-0.7.12/examples/xattr_003_neg.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/xattr_003_neg.ksh create_xattr $TESTDIR/myfile.$$ passwd /etc/passwd log_must chmod 000 $TESTDIR/myfile.$$ if is_linux; then user_run $ZFS_USER eval \ "attr -q -g passwd $TESTDIR/myfile.$$ >/tmp/passwd.$$" log_mustnot diff /etc/passwd /tmp/passwd.$$ log_must rm /tmp/passwd.$$ user_run $ZFS_USER eval \ "attr -q -s passwd $TESTDIR/myfile.$$ /tmp/passwd.$$ log_must diff /etc/passwd /tmp/passwd.$$ log_must rm /tmp/passwd.$$ else log_mustnot su $ZFS_USER -c "runat $TESTDIR/myfile.$$ cat passwd" log_mustnot su $ZFS_USER -c "runat $TESTDIR/myfile.$$ cp /etc/passwd ." fi Found error in /usr/share/doc/zfs-utils-0.7.12/examples/nopwrite_recsize.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/nopwrite_recsize.ksh log_must zfs clone $origin@a $origin/clone for rs in 512 1024 2048 4096 8192 16384 32768 65536 131072 ; do log_must zfs set recsize=$rs $origin/clone dd if=/$TESTDIR/file of=/$TESTDIR/clone/file bs=1024k count=$MEGS \ conv=notrunc >/tmp/null 2>&1 || log_fail "dd failed." log_must verify_nopwrite $origin $origin@a $origin/clone done log_pass "nopwrite updates file metadata correctly" Found error in /usr/share/doc/zfs-utils-0.7.12/examples/largest_pool_001_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/largest_pool_001_pos.ksh 'eb') CHKUNIT="E" ;; *) CHKUNIT="M" ;; esac log_note "Detect zpool $TESTPOOL in this test machine." log_must eval "zpool list $TESTPOOL > /tmp/j.$$" log_must eval "grep $TESTPOOL /tmp/j.$$ | \ awk '{print $2}' | grep $CHKUNIT" log_note "Detect the file system in this test machine." log_must eval "df -F zfs -h > /tmp/j.$$" log_must eval "grep $TESTPOOL /tmp/j.$$ | \ awk '{print $2}' | grep $CHKUNIT" return 0 } -- datasetexists $TESTPOOL2/$TESTVOL && \ log_must zfs destroy $TESTPOOL2/$TESTVOL destroy_pool $TESTPOOL2 rm -f /tmp/j.* > /dev/null } log_assert "The largest pool can be created and a dataset in that" \ "pool can be created and mounted." Found error in /usr/share/doc/zfs-utils-0.7.12/examples/enospc_002_pos.ksh: $ grep -A5 -B5 /tmp/ /usr/share/doc/zfs-utils-0.7.12/examples/enospc_002_pos.ksh log_mustnot_expect space zfs clone $TESTPOOL/$TESTFS@snap $TESTPOOL/clone log_mustnot_expect space zfs snapshot $TESTPOOL/$TESTFS@snap2 log_mustnot_expect space zfs bookmark \ $TESTPOOL/$TESTFS@snap $TESTPOOL/$TESTFS#bookmark log_must zfs send $TESTPOOL/$TESTFS@snap >/tmp/stream.$$ log_mustnot_expect space zfs receive $TESTPOOL/$TESTFS/recvd