Package: logwatch
Version: 7.4.3+git20161207-2
Severity: normal
Dear Maintainer,
Perl script /usr/share/logwatch/scripts/services/mdadm provided by
logwatch package uses faulty regex (^ARRAY) to parse
/etc/mdadm/mdadm.conf.
Said regex does not take into the account the possibiliy of excluding
md array from the kernel by using "ARRAY <ignore>" as outlined at
mdadm.conf(5).
The script does not even try to validate parsed device names, and feeds
them to this line:
open(MDADM,"mdadm --misc --detail $dev 2>&1 |");
which in turn invokes /bin/sh -c "mdadm --misc --detail <ignore> 2>&1"
Which, of course, fails with "redirection unexpected".
Suggested fix is attached to this bug report.
Sincerely yours, Reco
-- System Information:
Debian Release: 9.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages logwatch depends on:
ii exim4-daemon-light [mail-transport-agent] 4.89-2+deb9u3
ii perl 5.24.1-3+deb9u4
Versions of packages logwatch recommends:
ii libdate-manip-perl 6.57-1
pn libsys-cpu-perl <none>
pn libsys-meminfo-perl <none>
Versions of packages logwatch suggests:
ii fortune-mod 1:1.99.1-7+b1
-- Configuration Files:
/etc/cron.daily/00logwatch
-- no debconf information
--- a/usr/share/logwatch/scripts/services/mdadm 2017-01-21 19:44:03.000000000 +0300
+++ b/usr/share/logwatch/scripts/services/mdadm 2018-08-26 15:20:37.950642398 +0300
@@ -37,7 +37,7 @@
open(MDADM,"mdadm --detail --scan 2>/dev/null|");
}
while (<MDADM>) {
- if (/^ARRAY/) {
+ if (/^ARRAY\S\//) {
push(@devices,(split())[1]);
}
}
