Bug #10715
closed
escaping ${SSH_ORIGINAL_COMMAND} in GUI - sshKeyDistribution/3.0
Added by Ferenc Ulrich over 7 years ago.
Updated over 7 years ago.
Severity:
Major - prevents use of part of Rudder | no simple workaround
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Description
Hi,
How do i escape string ${SSH_ORIGINAL_COMMAND} in GUI, so that it won't be interpreted as a cf-engine variable?
i tried ${const.dollar}{SSH_ORIGINAL_COMMAND}, \${const.dollar}{SSH_ORIGINAL_COMMAND}, $\{SSH_ORIGINAL_COMMAND}, ${const.dollar}\{SSH_ORIGINAL_COMMAND}.
None of them worked.
Thanks,
Ferenc Ulrich
Related issues
1 (1 open — 0 closed)
Please handle this issue as a real BUG.
In which field do you want to insert that string ?
To be clearer, we need to better understand what you are trying to do exactly, what you would expect to get (in the generated file), and what you are actually getting.
That would help better understand the problem. Thanks for the help!
The usecase is to have options prepended to the authorized_keys, which include shell environment variables, like example:
from="host.fqdn",command="sudo $SSH_ORIGINAL_COMMAND" ssh-rsa....
example:
from="host.fqdn",command="sudo ${SSH_ORIGINAL_COMMAND}" ssh-rsa....
- Target version set to 3.1.20
- Severity set to Major - prevents use of part of Rudder | no simple workaround
- User visibility set to Operational - other Techniques | Technique editor | Rudder settings
- Priority changed from 0 to 36
- Assignee set to Nicolas CHARLES
First result: somehow, regextract doesn't evaluate ${keyspec}, even if k${keyspec} can be read correctly, when it contains ${SSH_ORIGINAL_COMMAND}
Hard codding values in regextract doesn't solve the issue.
However, using $SSH_ORIGINAL_COMMAND (without {}) does work
We need to find a replacement for regextract to make the technique work
- Related to Architecture #10747: regextract cannot extract values that contains ${TEXT} if TEXT is not a variable added
- Status changed from New to In progress
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1143
- Status changed from Pending technical review to Pending release
- Status changed from Pending release to Released
This bug has been fixed in Rudder 3.1.20, 4.0.5 and 4.1.2 which were released today.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by