Project

General

Profile

Bug #14390

Missing report on generic method "command exec" with $()

Added by François ARMAND 7 months ago. Updated 5 months ago.

Status:
Released
Priority:
N/A
Category:
Web - Compliance & node report
Target version:
Severity:
Major - prevents use of part of Rudder | no simple workaround
User visibility:
Getting started - demo | first install | Technique editor and level 1 Techniques
Effort required:
Small
Priority:
84

Description

I created a technique with an "exec command" generic method with content:

touch /tmp/rudder-$(date --iso-8601=second)

Report are missing - but I mean, on an agent run, the directive is totally missing (see screenshot).

Technique content on the node:

root@agent1:/home/vagrant# cat /var/rudder/cfengine-community/inputs/create_date_file/1.0/create_date_file.cf
# @name create date file
# @description
# @version 1.0

bundle agent create_date_file
{
  methods:
    "Command execution_context_0" usebundle => _method_reporting_context("Command execution", "touch /tmp/rudder-$(date --iso-8601=second)");
    "Command execution" usebundle => command_execution("touch /tmp/rudder-$(date --iso-8601=second)"),
      ifvarclass => concat("any");
}

Files


Related issues

Related to ncf - Bug #14549: Error in technique editor when there is "$()" in a parameter of a methodReleasedActions

Associated revisions

Revision 8e2ccea6 (diff)
Added by Nicolas CHARLES 7 months ago

Fixes #14390: Missing report on generic method \"command exec\" with $()

History

#1

Updated by François ARMAND 7 months ago

  • Target version set to 4.1.21
  • Severity set to Major - prevents use of part of Rudder | no simple workaround
  • User visibility set to Getting started - demo | first install | Technique editor and level 1 Techniques
  • Effort required set to Very Small
  • Priority changed from 0 to 98

This is "expected" because $() is a special thing in CFEngine. So, as we can't know what the user want to do (cfengine or shell), we can't automatically escape it.
Two solutions:

- easy: always warn the user "be careful, using $() means the cfengine command, if you want to mean the shell one, use ${const.dollar}(...)". This is not portable and bound to cfengine.
- a little bit more involving: alway interpret $() as shell (ie escape it in technique editor) ; force user to always ${sys.etc}" (or provide an escape solution like ${CFEVAR....}

It's a getting starting, because user are likely to try that kind of shell things early.

#2

Updated by François ARMAND 7 months ago

  • Assignee set to Nicolas CHARLES
  • Effort required changed from Very Small to Small
  • Priority changed from 98 to 85

So after discussion, the correct path is to always escape that case for the target agent.

NOTE: we will need to make a be warning on update for people who might have use it in existing technique.

#3

Updated by François ARMAND 7 months ago

  • Target version changed from 4.1.21 to 4.3.11

Targetting 4.3 because of the complexity of change in 4.1 + behavior change.

#4

Updated by Nicolas CHARLES 7 months ago

after some tries, there is no way to make $() work simply

#5

Updated by Nicolas CHARLES 7 months ago

one of the issue lies in the canonification that seems to skip the variable itself

with command being /usr/bin/touch /tmp/rudder-${const.dollar}{const.dollar}{const.dollar}{const.dollar}{const.dollar}{const.dollar}{const.dollar}{const.dollar}(date --iso-8601=second) , the string to canonify is command_execution_/usr/bin/touch /tmp/rudder-${const.dollar}{const.dollar}{const.dollar}{const.dollar}{const.dollar}{const.dollar}{const.dollar}(date --iso-8601=second) , but old_class_prefix is ${old_class_prefix}

#6

Updated by Nicolas CHARLES 7 months ago

workaround: use the full path of the command: if there is a / in the $(), then it will work

#7

Updated by Nicolas CHARLES 7 months ago

So only solution would be to check when we save the technique if a field contains $(), and if so, it should either vars.prefix, or a / somewhere, and if not warn the user (but still allow to save)

#8

Updated by Nicolas CHARLES 7 months ago

  • Status changed from New to In progress
#9

Updated by Nicolas CHARLES 7 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/ncf/pull/934
#10

Updated by Nicolas CHARLES 7 months ago

  • Status changed from Pending technical review to Pending release
#11

Updated by Nicolas CHARLES 6 months ago

  • Related to Bug #14549: Error in technique editor when there is "$()" in a parameter of a method added
#12

Updated by Vincent MEMBRÉ 5 months ago

  • Status changed from Pending release to Released
  • Priority changed from 85 to 84

This bug has been fixed in Rudder 4.3.11 and 5.0.9 which were released today.

Also available in: Atom PDF