Skip to content

Commit

Permalink
dangerous regexp whitespace error, only match space/tab (#127)
Browse files Browse the repository at this point in the history 
The \s character set also matches newlines.  If nullok is the last
thing on a line, the following line is effectively removed by being
merged into the current line.  If this next line happens to be the
pam_deny.so line, auth always returns success.  The proper thing to
do here is to only match space and tab characters explicitly.
  • Loading branch information
@jamescassell @shepdelacreme
jamescassell authored and shepdelacreme committed Dec 11, 2017
1 parent c193a36 commit 3a503ec
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion tasks/cat1.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@
replace:
dest: /etc/pam.d/system-auth
follow: yes
regexp: '(\s+)nullok\s*'
regexp: '([ \t]+)nullok[ \t]*'
replace: '\1'
tags:
- cat1
Expand Down

0 comments on commit 3a503ec

Please sign in to comment.