[elbe-devel] [PATCH] elbepack: finetuning: switch to non-shell syntax
Eduard Krein
eduard.krein at linutronix.de
Tue Jun 4 16:57:35 CEST 2024
Am 07.05.2024 um 16:19 schrieb Thomas Weißschuh:
> The commands executed by the finetuning are validated by the user.
> Use non-shell syntax to avoid spurious quoting, etc.
>
> If users relied on the shell splitting this may lead to issues.
> But such behaviour was not documented in the schema anyways.
>
> Signed-off-by: Thomas Weißschuh <thomas.weissschuh at linutronix.de>
Reviewed-by: Eduard Krein<eduard.krein at linutronix.de>
> ---
> elbepack/finetuning.py | 48 +++++++++++++++++++-----------------------------
> 1 file changed, 19 insertions(+), 29 deletions(-)
>
> diff --git a/elbepack/finetuning.py b/elbepack/finetuning.py
> index a10c89e55ea3..45f01652b85c 100644
> --- a/elbepack/finetuning.py
> +++ b/elbepack/finetuning.py
> @@ -84,30 +84,28 @@ class RmAction(FinetuningAction):
> if os.path.basename(f) in exclude:
> continue
>
> - do(f"rm -rvf '{f}'")
> + do(['rm', '-rvf', f])
>
>
> @FinetuningAction.register('mkdir')
> class MkdirAction(FinetuningAction):
>
> def execute(self, _buildenv, target):
> - do(f'mkdir -p {target.fname(self.node.et.text)}')
> + do(['mkdir', '-p', target.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('mknod')
> class MknodAction(FinetuningAction):
>
> def execute(self, _buildenv, target):
> - do(
> - f'mknod {target.fname(self.node.et.text)} '
> - f"{self.node.et.attrib['opts']}")
> + do(['mknod', target.fname(self.node.et.text), self.node.et.attrib['opts']])
>
>
> @FinetuningAction.register('buildenv_mkdir')
> class BuildenvMkdirAction(FinetuningAction):
>
> def execute(self, buildenv, _target):
> - do(f'mkdir -p {buildenv.rfs.fname(self.node.et.text)}')
> + do(['mkdir', '-p', buildenv.rfs.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('cp')
> @@ -115,9 +113,8 @@ class CpAction(FinetuningAction):
>
> def execute(self, _buildenv, target):
> src = target.glob(self.node.et.attrib['path'])
> - cmd = f'cp -av %s {target.fname(self.node.et.text)}'
> for f in src:
> - do(cmd % f)
> + do(['cp', '-av', f, target.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('buildenv_cp')
> @@ -125,9 +122,8 @@ class BuildenvCpAction(FinetuningAction):
>
> def execute(self, buildenv, _target):
> src = buildenv.glob(self.node.et.attrib['path'])
> - cmd = f'cp -av %s {buildenv.rfs.fname(self.node.et.text)}'
> for f in src:
> - do(cmd % f)
> + do(['cp', '-av', f, buildenv.rfs.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('b2t_cp')
> @@ -135,9 +131,8 @@ class B2TCpAction(FinetuningAction):
>
> def execute(self, buildenv, target):
> src = buildenv.rfs.glob(self.node.et.attrib['path'])
> - cmd = f'cp -av %s {target.fname(self.node.et.text)}'
> for f in src:
> - do(cmd % f)
> + do(['cp', '-av', f, target.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('t2b_cp')
> @@ -145,9 +140,8 @@ class T2BCpAction(FinetuningAction):
>
> def execute(self, buildenv, target):
> src = target.glob(self.node.et.attrib['path'])
> - cmd = f'cp -av %s {buildenv.rfs.fname(self.node.et.text)}'
> for f in src:
> - do(cmd % f)
> + do(['cp', '-av', f, buildenv.rfs.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('t2p_mv')
> @@ -161,9 +155,8 @@ class T2PMvAction(FinetuningAction):
> dest = os.path.join('..', dest)
>
> src = target.glob(self.node.et.attrib['path'])
> - cmd = f'mv -v %s {dest}'
> for f in src:
> - do(cmd % f)
> + do(['mv', '-v', f, dest])
>
>
> @FinetuningAction.register('mv')
> @@ -171,9 +164,8 @@ class MvAction(FinetuningAction):
>
> def execute(self, _buildenv, target):
> src = target.glob(self.node.et.attrib['path'])
> - cmd = f'mv -v %s {target.fname(self.node.et.text)}'
> for f in src:
> - do(cmd % f)
> + do(['mv', '-v', f, target.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('ln')
> @@ -190,9 +182,8 @@ class BuildenvMvAction(FinetuningAction):
>
> def execute(self, buildenv, _target):
> src = buildenv.rfs.glob(self.node.et.attrib['path'])
> - cmd = f'mv -v %s {buildenv.rfs.fname(self.node.et.text)}'
> for f in src:
> - do(cmd % f)
> + do(['mv', '-v', f, buildenv.rfs.fname(self.node.et.text)])
>
>
> @FinetuningAction.register('adduser')
> @@ -324,12 +315,12 @@ class CmdAction(ImageFinetuningAction):
> dev = f"{loop_dev}p{self.node.et.attrib['part']}"
>
> if self.node.bool_attr('nomount'):
> - do('/bin/sh', input=script.encode('ascii'),
> + do(['/bin/sh'], input=script.encode('ascii'),
> env_add={'ELBE_DEV': dev},
> log_cmd=script)
> else:
> with ImgMountFilesystem(mnt, dev) as fs:
> - do('/bin/sh', input=script.encode('ascii'),
> + do(['/bin/sh'], input=script.encode('ascii'),
> env_add={'ELBE_MNT': fs.path},
> log_cmd=script)
>
> @@ -382,8 +373,7 @@ class UpdatedAction(FinetuningAction):
>
> target.mkdir_p('/var/cache/elbe/gnupg', mode=0o700)
> with target:
> - do(
> - f'gpg --import {target.path}/pub.key',
> + do(['gpg', '--import', target.path + '/pub.key'],
> env_add={'GNUPGHOME': f'{target.path}/var/cache/elbe/gnupg'})
>
> logging.info('generate base repo')
> @@ -500,7 +490,7 @@ class ImgConvertAction(FinetuningAction):
> src_fname = os.path.join(builddir, src)
> dst_fname = os.path.join(builddir, dst)
>
> - do(f'qemu-img convert -O "{fmt}" "{src_fname}" "{dst_fname}"')
> + do(['qemu-img', 'convert', '-O', fmt, src_fname, dst_fname])
>
> target.images.append(dst)
> target.image_packers[dst] = default_packer
> @@ -535,7 +525,7 @@ class ExtractPartitionAction(ImageFinetuningAction):
> part_nr = self.node.et.attrib['part']
> imgname = os.path.join(builddir, self.node.et.text)
>
> - do(f'dd if={loop_dev}p{part_nr} of="{imgname}"')
> + do(['dd', f'if={loop_dev}p{part_nr}', f'of={imgname}'])
>
> target.images.append(self.node.et.text)
> target.image_packers[self.node.et.text] = default_packer
> @@ -568,7 +558,7 @@ class CopyFromPartition(ImageFinetuningAction):
> self.node.et.text, len(fname))
> raise FinetuningException('Patter matches too many files')
>
> - do(f'cp -av "{fname[0]}" "{os.path.join(builddir, aname)}"')
> + do(['cp', '-av', fname[0], os.path.join(builddir, aname)])
>
> target.images.append(aname)
>
> @@ -589,7 +579,7 @@ class CopyToPartition(ImageFinetuningAction):
>
> with ImgMountFilesystem(img_mnt, device) as mnt_fs:
> fname = mnt_fs.fname(self.node.et.text)
> - do(f'cp -av "{os.path.join(builddir, aname)}" "{fname}"')
> + do(['cp', '-av', os.path.join(builddir, aname), fname])
>
>
> @FinetuningAction.register('set_partition_type')
> @@ -603,7 +593,7 @@ class SetPartitionTypeAction(ImageFinetuningAction):
> part_nr = self.node.et.attrib['part']
> part_type = self.node.et.attrib['type']
>
> - do(f'sfdisk --lock --part-type {loop_dev} {part_nr} {part_type}')
> + do(['sfdisk', '--lock', '--part-type', loop_dev, part_nr, part_type])
>
>
> @FinetuningAction.register('rm_apt_source')
>
> ---
> base-commit: c4d2d11ef1f913688c9a97fbfe48d09a584adb21
> change-id: 20240507-finetuning-noshell-203d0ac221d1
>
> Best regards,
--
Eduard Krein
Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
Phone: +49 7556 25 999 19; Fax.: +49 7556 25 999 99
Hinweise zum Datenschutz finden Sie hier (Informations on data privacy
can be found here): https://linutronix.de/legal/data-protection.php
Linutronix GmbH | Firmensitz (Registered Office): Uhldingen-Mühlhofen |
Registergericht (Registration Court): Amtsgericht Freiburg i.Br.,
HRB700 806 | Geschäftsführer (Managing Directors): Heinz Egger, Thomas
Gleixner, Tiffany Silva, Sean Fennelly, Jeffrey Schneiderman
More information about the elbe-devel
mailing list