Debian Bug report logs - #770105
php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Daniel Reichelt <debian@nachtgeist.net>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Tue, 18 Nov 2014 22:51:21 +0100

Package: php5-common
Version: 5.4.35-0+deb7u1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

on a wheezy system I just updated php5-common (and other stuff) via
security.d.o and since then php5-common's cron script fails. Invoked from the
shell it produces:

-----------8<--------------------
# [ -x /usr/lib/php5/maxlifetime ] && [ -x /usr/lib/php5/sessionclean ] && [ -d /var/lib/php5 ] && /usr/lib/php5/sessionclean /var/lib/php5 $(/usr/lib/php5/maxlifetime)
sed: invalid option -- 'z'
Usage: sed [OPTION]... {script-only-if-no-other-script} [input-file]...

  -n, --quiet, --silent
                 suppress automatic printing of pattern space
  -e script, --expression=script
                 add the script to the commands to be executed
  -f script-file, --file=script-file
                 add the contents of script-file to the commands to be executed
  --follow-symlinks
                 follow symlinks when processing in place
  -i[SUFFIX], --in-place[=SUFFIX]
                 edit files in place (makes backup if extension supplied)
  -l N, --line-length=N
                 specify the desired line-wrap length for the `l' command
  --posix
                 disable all GNU extensions.
  -r, --regexp-extended
                 use extended regular expressions in the script.
  -s, --separate
                 consider files as separate rather than as a single continuous
                 long stream.
  -u, --unbuffered
                 load minimal amounts of data from the input files and flush
                 the output buffers more often
      --help     display this help and exit
      --version  output version information and exit

If no -e, --expression, -f, or --file option is given, then the first
non-option argument is taken as the sed script to interpret.  All
remaining arguments are names of input files; if no input files are
specified, then the standard input is read.

GNU sed home page: <http://www.gnu.org/software/sed/>.
General help using GNU software: <http://www.gnu.org/gethelp/>.


-----------8<--------------------


Thanks
Daniel



-- System Information:
Debian Release: 7.7
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'proposed-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-dhr-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5-common depends on:
ii  dpkg    1.16.15
ii  libc6   2.13-38+deb7u6
ii  lsof    4.86+dfsg-1
ii  psmisc  22.19-1+deb7u1
ii  sed     4.2.1-10
ii  ucf     3.0025+nmu3

php5-common recommends no packages.

php5-common suggests no packages.

-- no debconf information

Message #10 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Chris Frey <cdfrey@foursquare.net>

To: 770105@bugs.debian.org

Subject: sed option bug in php5 update

Date: Tue, 18 Nov 2014 17:22:01 -0500

I ran into this too.

It appears to be from this commit:

http://anonscm.debian.org/cgit/pkg-php/php.git/commit/?h=master-wheezy&id=849b648e88a067a80cd9a32122d5c0d8aaa93454

- Chris

Message #15 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Daniel Reichelt <debian@nachtgeist.net>

To: 770105@bugs.debian.org

Subject: Re: Bug#770105: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Tue, 18 Nov 2014 23:21:32 +0100

Sorry for the misleading justification - must have misused reportbug...

Message #20 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Paul Tomblin <ptomblin@xcski.com>

To: Debian Bug Tracking System <770105@bugs.debian.org>

Subject: Re: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Tue, 18 Nov 2014 18:10:37 -0500

Package: php5-common
Version: 5.4.35-0+deb7u1
Followup-For: Bug #770105

Dear Maintainer,
I installed the php5 updates which came out today, and immediately the php5 cron script fails
because the sessionclean script does a "sed -zne", and "-z" is not a valid option in sed.

This error did not happen yesterday.


-- System Information:
Debian Release: 7.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash

Versions of packages php5-common depends on:
ii  dpkg    1.16.15
ii  libc6   2.13-38+deb7u6
ii  lsof    4.86+dfsg-1
ii  psmisc  22.19-1+deb7u1
ii  sed     4.2.1-10
ii  ucf     3.0025+nmu3

php5-common recommends no packages.

php5-common suggests no packages.

-- no debconf information

Message #25 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Piotr Ożarowski <piotr@debian.org>

To: 770105@bugs.debian.org

Subject: sed in wheezy doesn't have -z option

Date: Wed, 19 Nov 2014 00:21:19 +0100

sed in wheezy (v4.2.1) doesn't have -z (AKA --null-data).

removing this option and -0 from xargs call in
/usr/lib/php5/sessionclean fixed this for me, but I'm not sure if it's
the proper fix (can php5 session file names contain special characters?)

Message #30 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Aaron Schrab <aaron@schrab.com>

To: 770105@bugs.debian.org

Subject: Re: sed in wheezy doesn't have -z option

Date: Tue, 18 Nov 2014 19:18:46 -0500

On Wed, 19 Nov 2014 00:21:19 +0100 Piotr Ożarowski <piotr@debian.org> wrote:
> sed in wheezy (v4.2.1) doesn't have -z (AKA --null-data).
> 
> removing this option and -0 from xargs call in
> /usr/lib/php5/sessionclean fixed this for me, but I'm not sure if it's
> the proper fix (can php5 session file names contain special 
> characters?)

Besides those changes, I you'd also need to change `-F0` argument for 
lsof to just `-F`.  This would have problems if there are filenames 
which contain newlines, but I suspect that wouldn't happen.

Even with the above it just echoes the touch command rather than 
actually running it, so the `echo` needs to be removed as well.  This 
wouldn't be noticed if the lsof command isn't modified, since sed will 
fail to match anything leaving nothing for xargs to do.

A better option may be just backing out the change that introduced this, 
it definitely doesn't look like it was tested enough to have been 
introduced in a security update.

Message #35 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Aaron Schrab <aaron@schrab.com>

To: 770105@bugs.debian.org

Subject: Re: sed in wheezy doesn't have -z option

Date: Tue, 18 Nov 2014 19:35:52 -0500

At 19:18 -0500 18 Nov 2014, I wrote:
>Even with the above it just echoes the touch command rather than 
>actually running it, so the `echo` needs to be removed as well.

And a layer of quotes should be removed from the xargs placeholder as 
well, or just remove the placeholder altogether since xargs will 
automatically put the arguments at the end.  In either case, xargs is 
responsible for quoting the arguments that it adds.

Message #40 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Pablo Rauzy <debbug@uzy.me>

To: Debian Bug Tracking System <770105@bugs.debian.org>

Subject: Re: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Wed, 19 Nov 2014 03:59:11 +0100

Package: php5-cgi
Version: 5.4.35-0+deb7u1
Followup-For: Bug #770105

Dear Maintainer,

   * What led up to the situation?

Did an apt-get dist-upgrade which upgraded php5-{cli,cgi} among other things.
   
   * What exactly did you do (or not do) that was effective (or
     ineffective)?

Tried to find what -z is supposed to mean for sed but did not find out anywhere.
I just removed it from the /usr/lib/php5/sessionclean script.
     
   * What was the outcome of this action?

Hopefully I won't get a cron error mail each time it is ran anymore.


BTW, thanks for all the work on Debian <3.

-- System Information:
Debian Release: 7.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.10.23-xxxx-grs-ipv6-32 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages php5-cgi depends on:
ii  libbz2-1.0        1.0.6-4
ii  libc6             2.13-38+deb7u6
ii  libcomerr2        1.42.5-1.1
ii  libdb5.1          5.1.29-5
ii  libgssapi-krb5-2  1.10.1+dfsg-5+deb7u2
ii  libk5crypto3      1.10.1+dfsg-5+deb7u2
ii  libkrb5-3         1.10.1+dfsg-5+deb7u2
ii  libmagic1         5.11-2+deb7u6
ii  libonig2          5.9.1-1
ii  libpcre3          1:8.30-5
ii  libqdbm14         1.8.78-2
ii  libssl1.0.0       1.0.1e-2+deb7u13
ii  libxml2           2.8.0+dfsg1-7+wheezy2
ii  mime-support      3.52-1
ii  php5-common       5.4.35-0+deb7u1
ii  tzdata            2014h-0wheezy1
ii  ucf               3.0025+nmu3
ii  zlib1g            1:1.2.7.dfsg-13

php5-cgi recommends no packages.

Versions of packages php5-cgi suggests:
pn  php-pear  <none>

-- no debconf information

Message #45 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Bachsau <web@bachsau.name>

To: 770105@bugs.debian.org

Subject: Re: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Wed, 19 Nov 2014 05:20:22 +0100

This again sheds a bad light on the quality of debian and its 
security/testing procedures. In quiet commemoration of the OpenSSL bug...

Message #50 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Kees Meijs <post@keesmeijs.nl>

To: 770105@bugs.debian.org

Subject: Restoring script

Date: Wed, 19 Nov 2014 07:32:14 +0100

If you would like to restore the behaviour as Aaron mentioned, here's 
the diff:
> $ diff /tmp/sessionclean sessionclean
> 4c4
> < [ -x /usr/bin/lsof ] && /usr/bin/lsof -w -l +d "${1}" | awk -- '{ if 
> (NR > 1) { print $9; } }' | xargs -i touch -c {}
> ---
> > [ -x /usr/bin/lsof ] && /usr/bin/lsof -w -l +d "${1}" -F0 | sed -zne 
> "s/^n//p" | xargs -0i echo touch -c -h "'{}'"

The original code was taken from 5.4.4-14+deb7u14.

Regards,
Kees

Message #55 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Yves-Alexis Perez <corsac@debian.org>

To: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

Cc: debian-security@lists.debian.org, 770105@bugs.debian.org

Subject: Re: [SECURITY] [DSA 3074-1] php5 security update

Date: Wed, 19 Nov 2014 07:59:33 +0100

[Message part 1 (text/plain, inline)]

On mar., 2014-11-18 at 22:59 +0100, Christoph Biedl wrote:
> Um, that number is wrong. It isn't #768283 either.

Definitely. This is a PHP bug number…
> 
> 
> Worse, that update broke things:
> 
> | From: root@<host-redacted> (Cron Daemon)
> | To: root@<host-redacted>
> | Subject: Cron <root@<host-redacted>>
> [ -x /usr/lib/php5/maxlifetime ] && [ -x /usr/lib/php5/sessionclean ]
> && [ -d /var/lib/php5 ] && /usr/lib/php5/sessionclean /var/lib/php5
> $(/usr/lib/php5/maxlifetime)
> | 
> | sed: invalid option -- 'z'
> | Usage: sed [OPTION]... {script-only-if-no-other-script}
> [input-file]...
> | 
> |   -n, --quiet, --silent
> |                  suppress automatic printing of pattern space
> 
> The -z option isn't available in the wheezy version of sed. For the
> records, this is the change in sessionclean:

Yes, we're aware of that and working on a quick regression update.

Regards,
-- 
Yves-Alexis

[signature.asc (application/pgp-signature, inline)]

Message #60 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Olaf Zaplinski <olaf@zaplinski.de>

To: 770105@bugs.debian.org

Subject: (kein Betreff)

Date: Wed, 19 Nov 2014 08:15:36 +0100

Message #65 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Ondřej Surý <ondrej@sury.org>

To: Aaron Schrab <aaron@schrab.com>, 770105@bugs.debian.org

Subject: Re: [php-maint] Bug#770105: sed in wheezy doesn't have -z option

Date: Wed, 19 Nov 2014 09:09:16 +0100

Hi Aaron,

On Wed, Nov 19, 2014, at 01:18, Aaron Schrab wrote:
> On Wed, 19 Nov 2014 00:21:19 +0100 Piotr Ożarowski <piotr@debian.org>
> wrote:
> > sed in wheezy (v4.2.1) doesn't have -z (AKA --null-data).
> > 
> > removing this option and -0 from xargs call in
> > /usr/lib/php5/sessionclean fixed this for me, but I'm not sure if it's
> > the proper fix (can php5 session file names contain special 
> > characters?)
> 
> Besides those changes, I you'd also need to change `-F0` argument for 
> lsof to just `-F`.  This would have problems if there are filenames 
> which contain newlines, but I suspect that wouldn't happen.
> 
> Even with the above it just echoes the touch command rather than 
> actually running it, so the `echo` needs to be removed as well.  This 
> wouldn't be noticed if the lsof command isn't modified, since sed will 
> fail to match anything leaving nothing for xargs to do.

There's a long-standing RFH bug open on PHP. Your comments are much
welcome, so would you be willing to subscribe to PHP BTS and help with
fixing the bugs in general? I really do not mean that as sarcasm, just
stating the fact, that such help is much sought.

> A better option may be just backing out the change that introduced this, 

Yup, I am just building deb7u2 version that backs out the change.
Unfortunately that also means that the security vulnerability described
in #766147 will be unfixed in wheezy.

> it definitely doesn't look like it was tested enough to have been 
> introduced in a security update.

For the history of this change see #766147. We did spend a quite lot of
time testing the change with the submitter, but unfortunatelly we missed
the fact that wheezy's sed doesn't have -z.

Cheers,
-- 
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server

Message #70 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Juhani Karlsson <juhani.karlsson@iki.fi>

To: Debian Bug Tracking System <770105@bugs.debian.org>

Subject: Re: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Wed, 19 Nov 2014 10:22:38 +0200

Package: php5-common
Version: 5.4.35-0+deb7u1
Followup-For: Bug #770105

Same error:

Date: Wed, 19 Nov 2014 10:09:01 +0200 (EET)
From: Cron Daemon <root@qwerty123>
To: root@qwerty123
Subject: Cron <root@qwerty123>   [ -x /usr/lib/php5/maxlifetime ] && [ -x
    /usr/lib/php5/sessionclean ] && [ -d /var/lib/php5 ] &&
    /usr/lib/php5/sessionclean /var/lib/php5 $(/usr/lib/php5/maxlifetime)

sed: invalid option -- 'z'
Usage: sed [OPTION]... {script-only-if-no-other-script} [input-file]...

  -n, --quiet, --silent
                 suppress automatic printing of pattern space
  -e script, --expression=script
                 add the script to the commands to be executed
  -f script-file, --file=script-file
                 add the contents of script-file to the commands to be executed
  --follow-symlinks
                 follow symlinks when processing in place
  -i[SUFFIX], --in-place[=SUFFIX]
                 edit files in place (makes backup if extension supplied)
  -l N, --line-length=N
                 specify the desired line-wrap length for the `l' command
  --posix
                 disable all GNU extensions.
  -r, --regexp-extended
                 use extended regular expressions in the script.
  -s, --separate
                 consider files as separate rather than as a single continuous
                 long stream.
  -u, --unbuffered
                 load minimal amounts of data from the input files and flush
                 the output buffers more often
      --help     display this help and exit
      --version  output version information and exit

If no -e, --expression, -f, or --file option is given, then the first
non-option argument is taken as the sed script to interpret.  All
remaining arguments are names of input files; if no input files are
specified, then the standard input is read.

GNU sed home page: <http://www.gnu.org/software/sed/>.
General help using GNU software: <http://www.gnu.org/gethelp/>.



-- System Information:
Debian Release: 7.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.63.3.2.63-2+deb7u1-qwerty123 (SMP w/4 CPU cores)
Locale: LANG=fi_FI.utf8, LC_CTYPE=fi_FI.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5-common depends on:
ii  dpkg    1.16.15
ii  libc6   2.13-38+deb7u6
ii  lsof    4.86+dfsg-1
ii  psmisc  22.19-1+deb7u1
ii  sed     4.2.1-10
ii  ucf     3.0025+nmu3

php5-common recommends no packages.

php5-common suggests no packages.

-- no debconf information

Message #79 received at 770105-done@bugs.debian.org (full text, mbox, reply):

From: Ondřej Surý <ondrej@sury.org>

To: 770105-done@bugs.debian.org

Cc: Daniel Reichelt <debian@nachtgeist.net>, Chris Frey <cdfrey@foursquare.net>, Paul Tomblin <ptomblin@xcski.com>, Piotr Ożarowski <piotr@debian.org>, Aaron Schrab <aaron@schrab.com>, Pablo Rauzy <debbug@uzy.me>, Kees Meijs <post@keesmeijs.nl>, Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

Subject: Re: Bug#770105: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Wed, 19 Nov 2014 09:39:06 +0100

Version: 5.4.35-0deb7u2

Hi folks,

sorry for the breakage. I did quite extensive testing with the submitter
of #766147, but somehow we have missed the fact that sed -z doesn't work
on wheezy.

5.4.35-0deb7u2 with reverted change has been uploaded to security-master
and should be available quickly.

Cheers,
-- 
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server

Message #90 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Kiko Piris <fpiris@portsdebalears.com>

To: Ondřej Surý <ondrej@sury.org>

Cc: 770105@bugs.debian.org

Subject: Re: Bug#770105: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Wed, 19 Nov 2014 10:55:37 +0100

On 19/11/2014 at 09:39 +0100, Ondřej Surý wrote:

> 5.4.35-0deb7u2 with reverted change has been uploaded to security-master
> and should be available quickly.

Could you post the diff patch here so that we do not have to wait until
it hits the mirrors?

Thanks.

-- 
Kiko

Message #95 received at 770105@bugs.debian.org (full text, mbox, reply):

From: AngelD <angeld@froga.net>

To: Debian Bug Tracking System <770105@bugs.debian.org>

Subject: php5-common: sed parameter error in "/usr/lib/php5/sessionclean"

Date: Wed, 19 Nov 2014 10:18:53 +0100

Package: php5-common
Version: 5.4.35-0+deb7u1
Followup-For: Bug #770105

	In the script "/usr/lib/php5/sessionclean", "sed -z" parameter is wrong. "sed" version 4.2.2 support "-z" parameter, Wheezy use "4.2.1-10":
ii  sed            4.2.1-10

	Previous versions of "sessionclean" used awk. 

-- System Information:
Debian Release: 7.7
  APT prefers stable
  APT policy: (800, 'stable'), (500, 'stable-updates')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5-common depends on:
ii  dpkg    1.16.15
ii  libc6   2.13-38+deb7u6
ii  lsof    4.86+dfsg-1
ii  psmisc  22.19-1+deb7u1
ii  sed     4.2.1-10
ii  ucf     3.0025+nmu3

php5-common recommends no packages.

php5-common suggests no packages.

-- no debconf information

Message #100 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Ondřej Surý <ondrej@sury.org>

To: Kiko Piris <fpiris@portsdebalears.com>

Cc: 770105@bugs.debian.org

Subject: Re: Bug#770105: php5-common: sed call in cron script fails with "invalid opdtion -- 'z'"

Date: Wed, 19 Nov 2014 11:05:21 +0100

It's not a single diff, but three git reverts, so this:

http://anonscm.debian.org/cgit/pkg-php/php.git/plain/debian/sessionclean?h=master-wheezy

is probably easier.

Cheers,
Ondrej

On Wed, Nov 19, 2014, at 10:55, Kiko Piris wrote:
> On 19/11/2014 at 09:39 +0100, Ondřej Surý wrote:
> 
> > 5.4.35-0deb7u2 with reverted change has been uploaded to security-master
> > and should be available quickly.
> 
> Could you post the diff patch here so that we do not have to wait until
> it hits the mirrors?
> 
> Thanks.
> 
> -- 
> Kiko


-- 
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server

Message #125 received at 770164-done@bugs.debian.org (full text, mbox, reply):

From: "Thijs Kinkhorst" <thijs@debian.org>

To: 770164-done@bugs.debian.org

Subject: Re: Bug#770164: php5: /usr/lib/php5/sessionclean broken: passes incompatible argument to sed

Date: Wed, 19 Nov 2014 12:03:01 +0100

Version: 5.4.35-0+deb7u2

This was fixed in a DSA regression update.

Message #130 received at 770105@bugs.debian.org (full text, mbox, reply):

From: Erik Auerswald <auerswald@fg-networking.de>

To: 770105@bugs.debian.org

Subject: script using perl -0 or sed -z

Date: Fri, 21 Nov 2014 09:29:03 +0100

Hi,

the new line in the sessionclean script combines a lot of errrors:

[ -x /usr/bin/lsof ] && /usr/bin/lsof -w -l +d "${1}" -F0 | sed -zne "s/^n//p" | xargs -0i echo touch -c -h "'{}'"

* using -F0 instead of -F0n creates too much useless output
* the -n option to sed is not supported by the sed from Wheezy
* the output of lsof -F0 and the regular expression do not fit:
  lsof outputs the sequence \x00\x0a (a NUL byte, then a Newline), but the
  regex looks for a letter 'n' at the beginning of a line, e.g. directly
  following the NUL byte
* xargs does not call touch, but echo
* the quoting of the xargs replace-str results in adding single quotes to
  the file name given to touch

To fix these bugs you can use the following:

1) Using perl for Wheezy:

[ -x /usr/bin/lsof ] && /usr/bin/lsof -w -l +d "${1}" -F0n | perl -0ne 's/^\nn// and print' | xargs -0i touch -c -h {}

2) Using sed for Jessie and later:

[ -x /usr/bin/lsof ] && /usr/bin/lsof -w -l +d "${1}" -F0n | sed -zne 's/^\nn//p' | xargs -0i touch -c -h {}

In all likelihood the number of touch calls can be reduced as well by changing
the xargs call to not use -i (untested!):

xargs -0 touch -c -h

Anyway, please _test_ any of these changes before implementing them!

Thanks,
Erik

Send a report that this bug log contains spam.