The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

Bug #12336

executing system commands may fail if user's PATH contains a tilde

Added by Chris Price almost 3 years ago. Updated about 2 years ago.

Status:ClosedStart date:01/31/2012
Priority:LowDue date:
Assignee:Chris Price% Done:

0%

Category:exec
Target version:3.0.0
Affected Puppet version: Branch:https://github.com/puppetlabs/puppet/pull/473
Keywords:

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com

This issue is currently not available for export. If you are experiencing the issue described below, please file a new ticket in JIRA. Once a new ticket has been created, please add a link to it that points back to this Redmine ticket.


Description

As a result of the changes from #5224, we are now unsetting the HOME environment variable when we execute system commands from within puppet. (This applies mostly to the Exec provider, but may also affect other providers that issue system commands.)

An exception will be thrown if the following conditions are met:

  • User’s PATH contains a literal ‘~’ character
  • The command to be executed is not specified via an absolute path

Should be reproducible by adding, e.g., “~/bin” to PATH and then running the spec/unit/util_spec.rb tests.


Related issues

Related to Puppet - Bug #5224: puppetd does not set environment correctly from Exec Closed 11/08/2010
Related to Puppet - Bug #12490: execution_spec is stomping on process ENV variables Closed 02/07/2012
Related to Puppet - Bug #17603: Puppet execute has unexpected semantics Accepted

History

#1 Updated by Patrick Carlisle almost 3 years ago

  • Status changed from Unreviewed to Accepted

#2 Updated by Chris Price almost 3 years ago

I can see a few different ways to handle this:

  1. If we find a “~” in the user’s PATH, ignore that element from the path and print a warning.
  2. Attempt to capture the user’s HOME environment variable when puppet starts up, and cache it somewhere. Refer back to that when we are attempting to expand the “~” PATH element.

The first solution would be cleaner, but would be unable to execute binaries that were installed in a user’s home directory unless they change their PATH to be absolute (rather than using the “~”). The second solution would be more bullet-proof but might require the introduction of some kind of semi-global variable to cache the value in—which would not be the end of the world, but is a little messier than the first solution.

#3 Updated by Chris Price almost 3 years ago

  • Status changed from Accepted to In Topic Branch Pending Review
  • Branch set to https://github.com/puppetlabs/puppet/pull/473

Added a pull request for this.

Note that the test in question was one of the “which” tests in util_spec.rb. The reporter who initially found this reported that he DID have his “HOME” environment variable set, which theoretically means that this test shouldn’t have failed for him.

I suspect that the failure was being seen due to a combination between this bug and bug #12490, which was causing HOME to be unset as a side effect of a bad spec test.

I did add a test that reproduces this w/o depending on that side effect, and I think that this fix is still worthwhile. It basically amounts to slightly better error handling, which is never a bad thing.

#4 Updated by Anonymous almost 3 years ago

  • Category set to exec
  • Status changed from In Topic Branch Pending Review to Merged - Pending Release
  • Target version set to 3.x

#5 Updated by Anonymous over 2 years ago

  • Target version changed from 3.x to 3.0.0

#6 Updated by Matthaus Owens about 2 years ago

  • Status changed from Merged - Pending Release to Closed

Released in Puppet 3.0.0rc1

Also available in: Atom PDF