Project

General

Profile

Bug #10715

escaping ${SSH_ORIGINAL_COMMAND} in GUI - sshKeyDistribution/3.0

Added by Ferenc Ulrich about 2 years ago. Updated almost 2 years ago.

Status:
Released
Priority:
N/A
Category:
-
Target version:
Severity:
Major - prevents use of part of Rudder | no simple workaround
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Priority:
36

Description

Hi,

How do i escape string ${SSH_ORIGINAL_COMMAND} in GUI, so that it won't be interpreted as a cf-engine variable?
i tried ${const.dollar}{SSH_ORIGINAL_COMMAND}, \${const.dollar}{SSH_ORIGINAL_COMMAND}, $\{SSH_ORIGINAL_COMMAND}, ${const.dollar}\{SSH_ORIGINAL_COMMAND}.
None of them worked.

Thanks,
Ferenc Ulrich


Related issues

Related to Rudder - Architecture #10747: regextract cannot extract values that contains ${TEXT} if TEXT is not a variableNewActions

Associated revisions

Revision aca28c73 (diff)
Added by Nicolas CHARLES about 2 years ago

Fixes #10715: escaping ${SSH_ORIGINAL_COMMAND} in GUI - sshKeyDistribution/3.0

History

#1

Updated by Ferenc Ulrich about 2 years ago

Please handle this issue as a real BUG.

#2

Updated by Vincent MEMBRÉ about 2 years ago

In which field do you want to insert that string ?

#3

Updated by François ARMAND about 2 years ago

To be clearer, we need to better understand what you are trying to do exactly, what you would expect to get (in the generated file), and what you are actually getting.
That would help better understand the problem. Thanks for the help!

#4

Updated by Janos Mattyasovszky about 2 years ago

The usecase is to have options prepended to the authorized_keys, which include shell environment variables, like example:

from="host.fqdn",command="sudo $SSH_ORIGINAL_COMMAND" ssh-rsa.... 

#5

Updated by Ferenc Ulrich about 2 years ago

example:

from="host.fqdn",command="sudo ${SSH_ORIGINAL_COMMAND}" ssh-rsa....

#6

Updated by François ARMAND about 2 years ago

  • Target version set to 3.1.20
  • Severity set to Major - prevents use of part of Rudder | no simple workaround
  • User visibility set to Operational - other Techniques | Technique editor | Rudder settings
  • Priority changed from 0 to 36
#7

Updated by Nicolas CHARLES about 2 years ago

  • Assignee set to Nicolas CHARLES
#8

Updated by Nicolas CHARLES about 2 years ago

First result: somehow, regextract doesn't evaluate ${keyspec}, even if k${keyspec} can be read correctly, when it contains ${SSH_ORIGINAL_COMMAND}

#9

Updated by Nicolas CHARLES about 2 years ago

Hard codding values in regextract doesn't solve the issue.
However, using $SSH_ORIGINAL_COMMAND (without {}) does work

We need to find a replacement for regextract to make the technique work

#10

Updated by Nicolas CHARLES about 2 years ago

  • Related to Architecture #10747: regextract cannot extract values that contains ${TEXT} if TEXT is not a variable added
#11

Updated by Nicolas CHARLES about 2 years ago

  • Status changed from New to In progress
#12

Updated by Nicolas CHARLES about 2 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to Alexis MOUSSET
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1143
#13

Updated by Nicolas CHARLES about 2 years ago

  • Status changed from Pending technical review to Pending release
#14

Updated by Vincent MEMBRÉ almost 2 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 3.1.20, 4.0.5 and 4.1.2 which were released today.

Also available in: Atom PDF