Bug #10715
closed
escaping ${SSH_ORIGINAL_COMMAND} in GUI - sshKeyDistribution/3.0
Description
Hi,
How do i escape string ${SSH_ORIGINAL_COMMAND} in GUI, so that it won't be interpreted as a cf-engine variable?
i tried ${const.dollar}{SSH_ORIGINAL_COMMAND}, \${const.dollar}{SSH_ORIGINAL_COMMAND}, $\{SSH_ORIGINAL_COMMAND}, ${const.dollar}\{SSH_ORIGINAL_COMMAND}.
None of them worked.
Thanks,
Ferenc Ulrich
Updated by Ferenc Ulrich almost 7 years ago
Please handle this issue as a real BUG.
Updated by Vincent MEMBRÉ almost 7 years ago
In which field do you want to insert that string ?
Updated by François ARMAND almost 7 years ago
To be clearer, we need to better understand what you are trying to do exactly, what you would expect to get (in the generated file), and what you are actually getting.
That would help better understand the problem. Thanks for the help!
Updated by Janos Mattyasovszky almost 7 years ago
The usecase is to have options prepended to the authorized_keys, which include shell environment variables, like example:
from="host.fqdn",command="sudo $SSH_ORIGINAL_COMMAND" ssh-rsa....
Updated by Ferenc Ulrich almost 7 years ago
example:
from="host.fqdn",command="sudo ${SSH_ORIGINAL_COMMAND}" ssh-rsa....
Updated by François ARMAND almost 7 years ago
- Target version set to 3.1.20
- Severity set to Major - prevents use of part of Rudder | no simple workaround
- User visibility set to Operational - other Techniques | Technique editor | Rudder settings
- Priority changed from 0 to 36
Updated by Nicolas CHARLES almost 7 years ago
First result: somehow, regextract doesn't evaluate ${keyspec}, even if k${keyspec} can be read correctly, when it contains ${SSH_ORIGINAL_COMMAND}
Updated by Nicolas CHARLES almost 7 years ago
Hard codding values in regextract doesn't solve the issue.
However, using $SSH_ORIGINAL_COMMAND (without {}) does work
We need to find a replacement for regextract to make the technique work
Updated by Nicolas CHARLES almost 7 years ago
- Related to Architecture #10747: regextract cannot extract values that contains ${TEXT} if TEXT is not a variable added
Updated by Nicolas CHARLES almost 7 years ago
- Status changed from New to In progress
Updated by Nicolas CHARLES almost 7 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1143
Updated by Nicolas CHARLES almost 7 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-techniques|aca28c73c02a8afdcc35fe0dbd8be2debdc2dd84.
Updated by Vincent MEMBRÉ almost 7 years ago
- Status changed from Pending release to Released