Skip to content
This repository has been archived by the owner on Jun 10, 2019. It is now read-only.

Fix unfailing CheckExternalCommands #382

Merged
merged 2 commits into from
Jul 2, 2017
Merged

Fix unfailing CheckExternalCommands #382

merged 2 commits into from
Jul 2, 2017

Conversation

skylt
Copy link
Contributor

@skylt skylt commented May 31, 2017

On Unix, with shell=True, the shell default to /bin/sh.
Using Popen(['type', command], shell=True) is equivalent to calling
Popen(['/bin/sh', '-c', 'type', command]).
In this case 'command' becomes a positional parameter to the shell,
and not an argument to the command 'type'.

One solution would be to pass a single string as parameter.
The problem is that with shell=True, we wouldn't be safe from a shell injection,
so it is wiser to use a python only solution.

The package distutils is part of the standard distribution, so it doesn't add
extra dependencies.
The method find_executable has the same behaviour as 'which' on bash, it
will return the path to the executable or None if it was not found.

Logging needs to be added as it was previously handled by log_check_call().

This fixes #380 which was broken here.

@skylt
Fix unfailing CheckExternalCommands
df3a200 
On Unix, with shell=True, the shell default to /bin/sh.
Using Popen(['type', command], shell=True) is equivalent to calling
Popen(['/bin/sh', '-c', 'type', command]).
In this case 'command' becomes a positional parameter to the shell,
and not an argument to the command 'type'.

The solution is to pass a single string as parameter.

The problem is that with shell=True, we are never safe from a shell injection,
so it is wiser to use a python only solution.

The package distutils is part of the standard distribution, so it doesn't add
extra dependencies.
The method find_executable has the same behaviour as 'which' on bash.
@andsens
Copy link
Owner

andsens commented Jun 7, 2017

I checked out the implementation of find_executable, and it honestly leaves a little to be desired:


def find_executable(executable, path=None):
    """Tries to find 'executable' in the directories listed in 'path'.

    A string listing directories separated by 'os.pathsep'; defaults to
    os.environ['PATH'].  Returns the complete filename or None if not found.
    """
    if path is None:
        path = os.environ['PATH']
    paths = path.split(os.pathsep)
    base, ext = os.path.splitext(executable)

    if (sys.platform == 'win32' or os.name == 'os2') and (ext != '.exe'):
        executable = executable + '.exe'

    if not os.path.isfile(executable):
        for p in paths:
            f = os.path.join(p, executable)
            if os.path.isfile(f):
                # the file exists, we have a shot at spawn working
                return f
        return None
    else:
        return executable

Note that there is no check for executability. Also, we will not be able to check the availability of shell functions or shell builtins with this.

I think your suggestion of making the whole checking command a string might be a better solution to this problem, we needn't worry about shell injection too much, since all of the input is trusted.

@skylt
Add executable check to find_executable
acb17a9 
Find_executable returns a file in the path, so it must be checked for
executability.
@skylt
Copy link
Contributor Author

skylt commented Jul 2, 2017

I have updated with an executability check.
Shell builtins are not used in the project, and I see no valid use for them.
The same goes for shell functions, wouldn't it better to implement them in python directly ?

@andsens
Copy link
Owner

andsens commented Jul 2, 2017

eh, true. Alright, I'm fine with merging this. Nice touch with adding debug logging, since there is no log_check_call any longer :-)

@andsens andsens merged commit 58c6828 into andsens:master Jul 2, 2017
@skylt skylt deleted the existing_commands branch July 6, 2017 23:44
brett-smith added a commit to brett-smith/bootstrap-vz that referenced this pull request Jan 10, 2018
@brett-smith
Remove the bits that disabled IPv6 for GCE.
d0bc7ee 
Merge pull request andsens#407 from zmarano/master

Remove the bits that disabled IPv6 for GCE.
pep8: Fix E722 do not use bare except'
ec2: Move cloud-init mount tuning to cloud-init plugin

Fixes andsens#406
Fix bug in Stretch builds. sshd_config no longer contains
PermitRootLogin. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852781
Merge pull request andsens#372 from zmarano/master

Fix an ordering issue with the expand-root plugin.
Merge pull request andsens#374 from liori/documentation-fixes

fix some typos in documentation
Merge pull request andsens#375 from zmarano/master

Enable SCSI block multiqueue for GCE Stretch images.
Merge pull request andsens#378 from Exy13/loops

Fix loopdevice partitions not being unmapped correctly
Merge pull request andsens#381 from Exy13/lvm

Add LVM as a disk backend
Merge pull request andsens#383 from Exy13/qcow

Add qcow2 as a disk backend for KVM
Merge pull request andsens#384 from zmarano/master

Promote stretch to stable, add buster as testing, jessie to oldstable.
Merge pull request andsens#385 from liori/lone-dpkg

Fix lone minimize_size/dpkg without apt
Merge pull request andsens#386 from liori/minimize-size-bindmount-permissions

minimize_size: make sure the permissions of bindmounts are preserved
Merge pull request andsens#382 from Exy13/existing_commands

Fix unfailing CheckExternalCommands
Make trusted-keys paths in manifest relative to manifest
ansible: Make playbook path relative to manifest
ansible: Check for ansible availability before running
vbox: Make guest additions path relative to manifest
ansible: Change tags/skip-tags to be lists and shorten task
ansible hosts -> groups
ansible: Fix extra_vars so that it actually works

Also remove tmp_cmd var and fix manifest schema
ansible: Remove erroneous whitespace
commands plugin: Run copy files before running commands

This is quite useful in situations where you want to do something
with the assets that you have copied into the image.
One could argue for the opposite case as well, but with the
commands plugin you always have the manual "cp" escape hatch.
Merge pull request andsens#390 from indigoid/readme-escaping-note

brief note about escaping braces in manifests
Merge pull request andsens#391 from NeatNerdPrime/puppet_module_upgrade

Puppet tasks fix commit
Partitions: Fix check for additional partitions on single part.
Merge pull request andsens#392 from gplessis/empty-ami-names

Don’t crash on empty AMI name
Merge pull request andsens#395 from zmarano/master

Add GCE buster builds.
Update Google Compute Engine package and repository structure.
GCE packages are now Debian policy compliant.
Merge pull request andsens#396 from NeatNerdPrime/puppet_update_stretch

Stretch update commit
Update doc
Merge pull request andsens#398 from jmporcelg/issue-397

andsens#397 fix: Installing networking kernel driver using DKMS fails in stretch
Merge pull request andsens#400 from Exy13/doc

Update misleading documentation
Fix tabs vs. spaces in changelog
Merge pull request andsens#414 from CMeza99/netbase

allow networking task when netbase pkg is present
Added security field to packages.
Updated Readme and example manifest for jessie-lvm kmv
Merge pull request andsens#415 from ashegedus/config-security

Added security field to packages.
Merge pull request andsens#417 from ashegedus/password-crypt

Add password-crypt to root password plugin
Merge pull request andsens#422 from CMeza99/fix-intel-url

update intel ixgbevf url
Merge pull request andsens#428 from octivi/systemd_expand_root

Change location of expand-root systemd unit from /lib/... to /etc/...
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

"No such file or directory" after mapping volume permissions
2 participants
@skylt @andsens