ungleich-public/cdist
ungleich-public/cdist
7
4
Fork 10
Code Issues 58 Pull requests 15 Projects Releases Wiki Activity

__file: mktemp -u checks for perms #332

New issue
Open
opened 2022-04-12 06:22:19 +00:00 by ander · 6 comments
ander commented 2022-04-12 06:22:19 +00:00
Collaborator
Copy link

introduced with 22039284f5 cc @steven

problem is in gencode-local with upload_destination="$(mktemp -u "${destination}.cdist.XXXXXXXXXX")".

even if mktemp -u is dry-run, it checks for perms.

ander@m720q:~$ mktemp -u /etc/no-such-path.XXX; echo $?
/etc/no-such-path.aPm
0
ander@m720q:~$ mktemp -u /etc/ssl/private/key.XXX; echo $?
mktemp: failed to create file via template ‘/etc/ssl/private/key.XXX’: Permission denied
1

so, for example, if you want to set up something in restricted paths, running mktemp -u in local machine might result in error:

$ echo __file /root/.bashrc --source /home/ander/.bashrc | cdist config -i - localhost
INFO: [376436]: localhost: Starting configuration run
--8<--SNIP--8<--
gencode-local:stderr
--------------------
mktemp: failed to create file via template ‘/root/.bashrc.cdist.XXXXXXXXXX’: Permission denied
introduced with 22039284f5 cc @steven problem is in `gencode-local` with `upload_destination="$(mktemp -u "${destination}.cdist.XXXXXXXXXX")"`. even if `mktemp -u` is dry-run, it checks for perms. ``` ander@m720q:~$ mktemp -u /etc/no-such-path.XXX; echo $? /etc/no-such-path.aPm 0 ander@m720q:~$ mktemp -u /etc/ssl/private/key.XXX; echo $? mktemp: failed to create file via template ‘/etc/ssl/private/key.XXX’: Permission denied 1 ``` so, for example, if you want to set up something in restricted paths, running `mktemp -u` in local machine might result in error: ``` $ echo __file /root/.bashrc --source /home/ander/.bashrc | cdist config -i - localhost INFO: [376436]: localhost: Starting configuration run --8<--SNIP--8<-- gencode-local:stderr -------------------- mktemp: failed to create file via template ‘/root/.bashrc.cdist.XXXXXXXXXX’: Permission denied ```
nico commented 2022-04-12 07:23:05 +00:00
Owner
Copy link

Good catch, @ander!

I think we could easily replace

      # upload file to temp location
      upload_destination="$(mktemp -u "${destination}.cdist.XXXXXXXXXX")"

with

      upload_destination="${destination}${__cdist_object_marker)"

But we will need to document the variable in our reference.

The method used for creating the suffix is the same idea as mktemp, just python's way.

I wonder if we will rename the variable beforehand so that it is not internal (__cdist prefix) anymore.

Good catch, @ander! I think we could easily replace ``` # upload file to temp location upload_destination="$(mktemp -u "${destination}.cdist.XXXXXXXXXX")" ``` with ``` upload_destination="${destination}${__cdist_object_marker)" ``` But we will need to document the variable in our reference. The method used for creating the suffix is the same idea as mktemp, just python's way. I wonder if we will rename the variable beforehand so that it is not internal (`__cdist` prefix) anymore.
ander commented 2022-04-12 07:29:52 +00:00
Author
Collaborator
Copy link

I don't understand how suffix change helps.

mktemp -u will still check if ${destination} is accessible (locally).

I don't understand how suffix change helps. `mktemp -u` will still check if `${destination}` is accessible (locally).
nico commented 2022-04-12 08:01:22 +00:00
Owner
Copy link

The mktemp -u should not have been there, updated the comment.

The mktemp -u should not have been there, updated the comment.
ander commented 2022-04-12 08:31:00 +00:00
Author
Collaborator
Copy link

OK, now it makes sense. And maybe it's time to have globally usable randomzied run id, which can be used for variety of things. Starting with temp file suffixes etc. For example $__run_id? Or per object randomized like $__object_run_id? Or both.

For example:

tmp_file="$destination.$__run_id"

Edit: okay, read in hurry, there's already __cdist_object_marker, but not very convenient name to use, but I can live with that. It's currently not available in explorer, which we should add, just in case we might need it there.

OK, now it makes sense. And maybe it's time to have globally usable randomzied run id, which can be used for variety of things. Starting with temp file suffixes etc. For example `$__run_id`? Or per object randomized like `$__object_run_id`? Or both. For example: ```sh tmp_file="$destination.$__run_id" ``` Edit: okay, read in hurry, there's already `__cdist_object_marker`, but not very convenient name to use, but I can live with that. It's currently not available in explorer, which we should add, just in case we might need it there.
ander commented 2022-05-02 18:34:59 +00:00
Author
Collaborator
Copy link

__file: broken on macOS config hosts:
https://github.com/cdist-community/cdist-conf/issues/53

The latest versions of macOS mount / read-only:

$ mktemp -u /foo.XXXXXX
mktemp: mkstemp failed on /foo.lOUTpx: Read-only file system

@steven @nico

__file: broken on macOS config hosts: https://github.com/cdist-community/cdist-conf/issues/53 The latest versions of macOS mount / read-only: ``` $ mktemp -u /foo.XXXXXX mktemp: mkstemp failed on /foo.lOUTpx: Read-only file system ``` @steven @nico
steven commented 2022-05-02 21:32:13 +00:00
Collaborator
Copy link

The regressions should be fixed as of 6c8c692a22

The regressions should be fixed as of https://code.ungleich.ch/ungleich-public/cdist/commit/6c8c692a22c886bf82b18f51a133f88a8ab547b7
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
7.0
6.9
py3.10
ander/__package_apt_update_index
haproxy-dualstack
ander/__sed
beta
ander/os_version_debian_sid
evilham-compatibility-fixes
ander/__rsync
__snakeoil_cert
ander/update_readme
__download_improvements
feature/onchange
cleanup/string-formatting
feature/type-relationship-graph
cleanup/ssh-auth-keys-types
__letsencrypt_cert-fix-hooks
bugfix/preos-debug
bugfix/in-script-import
6.8
bugfix/sphinx-docs-build
6.7
cherry-pick-2f433a14
bugfix/make-code-consistent
6.6
regain-py3.2-support
6.5
bugfix/multiple-log-lines
matterbridge
coturn
alpinefix
matrix
new-type/network-interface
feature/process
6.4
feature/info-command
feature/libexec
6.3
preos-plugins-dir-opt
gitlab-ci
6.2
order-dep-fix
6.1
6.0
build/support-pip-from-git
feature/shell-lib
5.1
feature/support-type-deprecation
5.0
feature/python-types
4.11
4.10
shellcheck
4.9
4.8
freebsd-improvements
new-prometheus
key_value-onchange
feature/output_streams
AnotherKamila-patch-1
__letsencrypt_cert-fixes
letsencrypt-cron-fix
4.7
newtype-__letsencrypt_cert
os_explorer_devuan_fix
prometheus-exporter-fixes
daemontools-for-fbsd
type-prometheus-exporter-from-master
prometheus-more-fixes
4.6
4.5
fix-j
steven-backport
4.4
prometheus-fixes
grafana_dashboard
prometheus
daemontools
consul_improvements
feature/trigger
4.3
4.0-pre-not-stable
4.2
4.1
4.0
feature_install_and_preos
3.1
no-dot-cdist
random_dot_cdist
feature_yum_url
feature_files_export
3.0
2.3
2.2
2.1
ssh_callback
2.0
archive_shell_function_approach
1.7
1.6
1.5
1.4
1.3
1.2
1.1
1.0
7.0.0
6.9.8
6.9.7
6.9.6
6.9.5
6.9.4
6.9.3
6.9.2
6.9.1
6.9.0
6.8.0
6.7.0
6.6.0
6.5.6
6.5.5
6.5.4
6.5.3
6.5.2
6.5.1
6.5.0
6.4.0
6.3.0
6.2.0
6.1.1
6.1.0
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.1.3
5.1.2
5.1.1
5.1.0
5.0.2
5.0.1
5.0.0
4.11.1
4.11.0
4.10.11
4.10.10
4.10.9
4.10.8
4.10.7
4.10.6
4.10.5
4.10.4
4.10.3
4.10.2
4.10.1
4.10.0
4.9.1
4.9.0
4.8.4
4.8.3
4.8.2
4.8.1
4.8.0
4.7.3
4.7.2
4.7.1
4.7.0
4.6.1
4.6.0
4.5.0
4.4.4
4.4.3
4.4.2
4.4.1
4.4.0
4.3.2
4.3.1
4.3.0
4.2.2
4.2.1
4.2.0
4.1.0
4.0.0
3.1.13
tn1
3.1.12
3.1.11
3.1.10
3.1.9
3.1.8
3.1.7
3.1.6
4.0.0pre3
3.1.5
3.1.4
3.1.3
3.1.2
3.1.1
3.1.0
4.0.0pre2
3.0.9
3.0.8
3.0.7
3.0.6
3.0.5
3.0.4
3.0.3
4.0.0pre1
3.0.2
3.0.1
3.0.0
2.3.7
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.2.0
2.1.2
2.1.1
2.1.0
2.1.0pre8
2.1.0pre7
2.1.0pre6
2.0.15
2.1.0pre5
2.1.0pre4
2.1.0pre3
2.1.0pre2
2.1.0pre1
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.7.1
1.7.0
1.6.2
1.6.1
1.6.0
1.5.0
1.4.1
1.4.0
1.3.2
1.3.1
1.3.0
1.2.0
1.1.0
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0
0.9.9
0.9.8
0.9.7
0.9.6
0.9.5
0.9.4
0.9.3
0.9.2
0.9.1
0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
Labels
Clear labels   
bugfix

   
cleanup

   
discussion

   
documentation

   
doing

   
done

   
feature

   
improvement

   
packaging

   
Stale

   
testing

   
TODO
No labels
bugfix
cleanup
discussion
documentation
doing
done
feature
improvement
packaging
Stale
testing
TODO
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: ungleich-public/cdist#332
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?