If one has spaces in a mount point, then 100.chksetuid doesn't work (it fails for these mount points). Having a space can occur on FreeBSD and is much more likely to happen on MacOS X where one just has to put a space in a volume's name. Additionally, it doesn't handle hfs volumes. Fix: Apply this patch: How-To-Repeat: Create a UFS mount point with a space in its path (e.g. "/Volumes/Foo Bar") and then run periodic security.
I came to report this, and found this old bug report. I discovered it on a ZFS filesystem with a space in the name, which I'd imagine is more common now that it's so easy to create new ZFS filesystems. With a single space in the filesystem name, awk $3 returns a mountpoint of "on" instead of the correct value. I could parse it out with perl, getting everything between ' on ' and ' ('. That would work for all my filesystems, but I'm not certain it would be universal. Also, is it okay to use perl in the base system like that, or would it be better to use something like sed? I'd be glad to make a patch, but I haven't offered a patch for FreeBSD itself before.
perl is not included in the base system, so it can't be used in periodic. awk or sed will do. If you do write a patch, just attach it to this PR and I'll review it.
Created attachment 183563 [details] Fix handling mountpoints with spaces in 100.chksetuid and 110.neggrpprm Here's an updated patch, and it's only 14 years late! Please review it. I'll commit in two weeks if I hear no comments.
A commit references this bug: Author: asomers Date: Fri Aug 25 00:28:57 UTC 2017 New revision: 322868 URL: https://svnweb.freebsd.org/changeset/base/322868 Log: Fix 100.chksetuid and 110.neggrpperm for mountpoints with spaces Also, fix them for mountpoints with tabs. PR: 48325 Reported by: pguyot@kallisys.net, aaron@baugher.biz MFC after: 3 weeks Changes: head/etc/periodic/security/100.chksetuid head/etc/periodic/security/110.neggrpperm head/etc/periodic/security/security.functions
A commit references this bug: Author: asomers Date: Wed Sep 27 15:05:50 UTC 2017 New revision: 324060 URL: https://svnweb.freebsd.org/changeset/base/324060 Log: MFC r322868: Fix 100.chksetuid and 110.neggrpperm for mountpoints with spaces Also, fix them for mountpoints with tabs. PR: 48325 Reported by: pguyot@kallisys.net, aaron@baugher.biz Changes: _U stable/11/ stable/11/etc/periodic/security/100.chksetuid stable/11/etc/periodic/security/110.neggrpperm stable/11/etc/periodic/security/security.functions
A commit references this bug: Author: asomers Date: Tue Nov 28 17:27:00 UTC 2017 New revision: 326326 URL: https://svnweb.freebsd.org/changeset/base/326326 Log: MFC r322868: Fix 100.chksetuid and 110.neggrpperm for mountpoints with spaces Also, fix them for mountpoints with tabs. PR: 48325 Reported by: pguyot@kallisys.net, aaron@baugher.biz Changes: _U stable/10/ stable/10/etc/periodic/security/100.chksetuid stable/10/etc/periodic/security/110.neggrpperm stable/10/etc/periodic/security/security.functions