From 4e8b97ddeb2fee56cd0a39f7ea1b7eac2c1ba519 Mon Sep 17 00:00:00 2001 From: Michael DeHaan Date: Wed, 12 Mar 2014 17:22:59 -0400 Subject: [PATCH] More shell updates --- library/system/cron | 18 ++++++++++-------- library/system/debconf | 6 ++++-- library/system/hostname | 2 +- library/system/lvg | 8 ++++---- 4 files changed, 19 insertions(+), 15 deletions(-) diff --git a/library/system/cron b/library/system/cron index 39727b4c769..15c21fb157d 100644 --- a/library/system/cron +++ b/library/system/cron @@ -145,6 +145,7 @@ import os import re import tempfile import platform +import pipes CRONCMD = "/usr/bin/crontab" @@ -190,7 +191,8 @@ class CronTab(object): except: raise CronTabError("Unexpected error:", sys.exc_info()[0]) else: - (rc, out, err) = self.module.run_command(self._read_user_execute()) + # using safely quoted shell for now, but this really should be two non-shell calls instead. FIXME + (rc, out, err) = self.module.run_command(self._read_user_execute(), use_unsafe_shell=True) if rc != 0 and rc != 1: # 1 can mean that there are no jobs. raise CronTabError("Unable to read crontab") @@ -235,8 +237,8 @@ class CronTab(object): # Add the entire crontab back to the user crontab if not self.cron_file: - # os.system(self._write_execute(path)) - (rc, out, err) = self.module.run_command(self._write_execute(path)) + # quoting shell args for now but really this should be two non-shell calls. FIXME + (rc, out, err) = self.module.run_command(self._write_execute(path), use_unsafe_shell=True) os.unlink(path) if rc != 0: @@ -350,9 +352,9 @@ class CronTab(object): user = '' if self.user: if platform.system() == 'SunOS': - return "su '%s' -c '%s -l'" % (self.user, CRONCMD) + return "su %s -c '%s -l'" % (pipes.quote(self.user), pipes.quote(CRONCMD)) else: - user = '-u %s' % self.user + user = '-u %s' % pipes.quote(self.user) return "%s %s %s" % (CRONCMD , user, '-l') def _write_execute(self, path): @@ -362,10 +364,10 @@ class CronTab(object): user = '' if self.user: if platform.system() == 'SunOS': - return "chown %s %s ; su '%s' -c '%s %s'" % (self.user, path, self.user, CRONCMD, path) + return "chown %s %s ; su '%s' -c '%s %s'" % (pipes.quote(self.user), pipes.quote(path), pipes.quote(self.user), CRONCMD, pipes.quote(path)) else: - user = '-u %s' % self.user - return "%s %s %s" % (CRONCMD , user, path) + user = '-u %s' % pipes.quote(self.user) + return "%s %s %s" % (CRONCMD , user, pipes.quote(path)) diff --git a/library/system/debconf b/library/system/debconf index 5b47d6b2b18..244561973db 100644 --- a/library/system/debconf +++ b/library/system/debconf @@ -84,6 +84,8 @@ debconf: name='oracle-java7-installer' question='shared/accepted-oracle-license- debconf: name='tzdata' ''' +import pipes + def get_selections(module, pkg): cmd = [module.get_bin_path('debconf-show', True), pkg] rc, out, err = module.run_command(' '.join(cmd)) @@ -105,11 +107,11 @@ def set_selection(module, pkg, question, vtype, value, unseen): data = ' '.join([ question, vtype, value ]) setsel = module.get_bin_path('debconf-set-selections', True) - cmd = ["echo '%s %s' |" % (pkg, data), setsel] + cmd = ["echo '%s %s' |" % (pipes.quote(pkg), pipes.quote(data)), setsel] if unseen: cmd.append('-u') - return module.run_command(' '.join(cmd)) + return module.run_command(' '.join(cmd), use_unsafe_shell=True) def main(): diff --git a/library/system/hostname b/library/system/hostname index 781bdcd08aa..cca2364b611 100644 --- a/library/system/hostname +++ b/library/system/hostname @@ -286,7 +286,7 @@ class FedoraStrategy(GenericStrategy): def get_permanent_hostname(self): cmd = 'hostnamectl status | awk \'/^ *Static hostname:/{printf("%s", $3)}\'' - rc, out, err = self.module.run_command(cmd) + rc, out, err = self.module.run_command(cmd, use_unsafe_shell=True) if rc != 0: self.module.fail_json(msg="Command failed rc=%d, out=%s, err=%s" % (rc, out, err)) diff --git a/library/system/lvg b/library/system/lvg index 4e24b25a5c9..bc4709e3b12 100644 --- a/library/system/lvg +++ b/library/system/lvg @@ -162,13 +162,13 @@ def main(): ### create PV pvcreate_cmd = module.get_bin_path('pvcreate', True) for current_dev in dev_list: - rc,_,err = module.run_command("%s %s"%(pvcreate_cmd,current_dev)) + rc,_,err = module.run_command("%s %s" % (pvcreate_cmd,current_dev)) if rc == 0: changed = True else: - module.fail_json(msg="Creating physical volume '%s' failed"%current_dev, rc=rc, err=err) + module.fail_json(msg="Creating physical volume '%s' failed" % current_dev, rc=rc, err=err) vgcreate_cmd = module.get_bin_path('vgcreate') - rc,_,err = module.run_command("%s -s %s %s %s"%(vgcreate_cmd, pesize, vg, dev_string)) + rc,_,err = module.run_command("%s -s %s %s %s" % (vgcreate_cmd, pesize, vg, dev_string)) if rc == 0: changed = True else: @@ -210,7 +210,7 @@ def main(): module.fail_json(msg="Creating physical volume '%s' failed"%current_dev, rc=rc, err=err) ### add PV to our VG vgextend_cmd = module.get_bin_path('vgextend', True) - rc,_,err = module.run_command("%s %s %s"%(vgextend_cmd, vg, devs_to_add_string)) + rc,_,err = module.run_command("%s %s %s" % (vgextend_cmd, vg, devs_to_add_string)) if rc == 0: changed = True else: