#3285 Issue closed: Checking where ReaR does source third party files and try to mitigate those cases¶
Labels: enhancement, cleanup, fixed / solved / done
jsmeix opened issue at 2024-07-19 11:58:¶
See
https://github.com/rear/rear/issues/3260#issuecomment-2236317735
that reads
What I will do here for ReaR 3.0 is
that I will check the specific cases in
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
where ReaR seems to source "third party" files
i.e. files that seem to not belong to ReaR itself
whether or not those individual cases are problematic.
When I found a case that is problematic I will think about
how I could mitigate the particular case.
As last resort for problematic cases that are too obscure for me
I may even error out with BugError to enforce user feedback
about such functionality e.g. when I have no clue what
a "third party" (config) file may contain.
See also
https://github.com/rear/rear/issues/3260#issuecomment-2228434196
that reads (excerpt)
According to
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
I found 43 places where we call 'source' in our scripts.
But I did not check at how many code places something
is sourced via the alternative bash builtin '.'
I have no good idea how to distinguish code places with '.'
where '.' means 'source' from other code places where
'.' means something else (I hate compressed code), cf.
https://github.com/rear/rear/pull/3165#discussion_r1503932927
jsmeix commented at 2024-07-19 12:03:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/restore/NBKDC/default/400_restore_backup.sh:
source $VAR_DIR/recovery/nbkdc_settings
and
usr/share/rear/skel/NBKDC/etc/scripts/system-setup.d/90-start-nbkdc.sh:
source $VAR_DIR/recovery/nbkdc_settings
ReaR does not source a third party file because
$VAR_DIR/recovery/nbkdc_settings
is created by ReaR
# find usr/sbin/rear usr/share/rear/ -type f | xargs grep 'nbkdc_settings'
usr/share/rear/restore/NBKDC/default/400_restore_backup.sh:
source $VAR_DIR/recovery/nbkdc_settings
usr/share/rear/skel/NBKDC/etc/scripts/system-setup.d/90-start-nbkdc.sh:
source $VAR_DIR/recovery/nbkdc_settings
usr/share/rear/prep/NBKDC/default/400_prep_nbkdc.sh:
# Now generate nbkdc_settings for use during the rescue stage
...
cat >$VAR_DIR/recovery/nbkdc_settings <<-EOF
and usr/share/rear/prep/NBKDC/default/400_prep_nbkdc.sh
contains
# Now generate nbkdc_settings for use during the rescue stage
cat >$VAR_DIR/recovery/nbkdc_settings <<-EOF
NBKDC_DIR=$NBKDC_DIR
NBKDC_HIB_DIR=$NBKDC_HIB_DIR
NBKDC_HIB_LST=$NBKDC_HIBLST_DIR
NBKDC_HIB_TMP=$NBKDC_HIBTMP_DIR
NBKDC_HIB_TPD=$NBKDC_HIBTPD_DIR
NBKDC_HIB_TAP=$NBKDC_HIBTAP_DIR
NBKDC_HIB_MSG=$NBKDC_HIBMSG_DIR
NBKDC_HIB_LOG=$NBKDC_HIBLOG_DIR
NBKDC_HIB_SSL_ENABLED=$NBKDC_HIBSSL_ENABLED
EOF
jsmeix commented at 2024-07-19 12:07:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/layout/recreate/default/200_run_layout_code.sh:
( source $LAYOUT_CODE )
usr/share/rear/layout/prepare/default/200_recreate_hpraid.sh:
( source $LAYOUT_CODE )
usr/share/rear/layout/prepare/Linux-s390/400_run_dasd_format_code.sh:
( source $DASD_FORMAT_CODE )
ReaR does not source a third party file because
$LAYOUT_CODE and $DASD_FORMAT_CODE are files
that are generated by ReaR
jsmeix commented at 2024-07-19 12:13:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/layout/save/GNU/Linux/190_opaldisk_layout.sh:
source "$(opal_device_attributes "$device" attributes)"
and
usr/share/rear/lib/opaladmin-workflow.sh:
source "$(opal_device_attributes "$device" attributes)"
and
usr/share/rear/lib/opal-functions.sh:
source "$(opal_device_attributes "$device" attributes)"
source "$(opal_device_attributes "$device" attributes)"
ReaR does not source a third party file because
opal_device_attributes is a ReaR function in
usr/share/rear/lib/opal-functions.sh
which parses the
sedutil-cli --query "$device"
command output.
jsmeix commented at 2024-07-19 12:21:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/skel/default/bin/dhclient-script:
source /etc/scripts/dhcp-setup-functions.sh
and
usr/share/rear/skel/default/etc/scripts/system-setup.d/58-start-dhclient.sh:
source /etc/scripts/dhcp-setup-functions.sh
ReaR does source a third party file because
/etc/scripts/dhcp-setup-functions.sh
inside the ReaR recovery system is
usr/share/rear/skel/default/etc/scripts/dhcp-setup-functions.sh
which is a third party file
according to its initial comment which reads
# Set of functions that will be used by our own implementation of dhclient-script.
# Most of the functions are coming from an old fedora-14 dhclient-script.
# See also usr/share/rear/lib/network-functions.sh and
# cf. https://github.com/rear/rear/issues/1517
but I think - unless proven otherwise - we can probably trust
that "old fedora-14 dhclient-script" where it originates from.
Further adaptions came from us at ReaR upstream, e.g. see
https://github.com/rear/rear/issues/1517#issuecomment-334505498
jsmeix commented at 2024-07-19 12:36:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/skel/default/etc/profile:
source "$script"
that code in usr/share/rear/skel/default/etc/profile is
for script in /etc/profile.d/*.sh; do
if [ -r "$script" ]; then
source "$script"
fi
done
where inside the ReaR recovery system the files
in /etc/profile.d/*.sh are made by "rear mkrescue".
Currently there is only one place where such a file is made:
# find usr/sbin/rear usr/share/rear/ -type f | xargs grep 'profile\.d'
usr/share/rear/skel/default/etc/profile:
for script in /etc/profile.d/*.sh; do
usr/share/rear/rescue/GALAXY11/default/600_include_galaxy_path.sh:
cat >>$ROOTFS_DIR/etc/profile.d/galaxy11.sh <<EOF
where the whole script
usr/share/rear/rescue/GALAXY11/default/600_include_galaxy_path.sh
is
# Add path to CommVault Base Dir to rescue system
cat >>$ROOTFS_DIR/etc/profile.d/galaxy11.sh <<EOF
PATH=\$PATH:$GALAXY11_HOME_DIRECTORY
EOF
and it seems GALAXY11_HOME_DIRECTORY is set in
usr/share/rear/prep/GALAXY11/default/400_prep_galaxy.sh
via
function set_variable_from_commvault_status {
(( $# == 2 )) || BugError "set_variable_from_commvault_status not called with 2 args: $*"
local var_name="$1" ; shift
local -n var=$var_name # $var is not a pointer to the variable to set
local match="$1" ; shift
var=$(sed -n -E -e "/$match/s/.*= //p" <<<"$commvault_status")
var=${var## *} # strip trailing blanks
contains_visible_char "$var" || Error "Could not set $var_name variable matching $match from 'commvault status':$LF$commvault_status"
}
...
local commvault_status
commvault_status=$(commvault status) || Error "Cannot determine CommVault status, check 'commvault status'"
Log "CommVault Status:\n$commvault_status"
if ! test "$GALAXY11_CORE_DIRECTORY" \
-a "$GALAXY11_HOME_DIRECTORY" \
-a "$GALAXY11_LOG_DIRECTORY" \
-a "$GALAXY11_TEMP_DIRECTORY" \
-a "$GALAXY11_JOBS_RESULTS_DIRECTORY" ; then
set_variable_from_commvault_status GALAXY11_CORE_DIRECTORY "Core Directory"
set_variable_from_commvault_status GALAXY11_HOME_DIRECTORY "Home Directory"
set_variable_from_commvault_status GALAXY11_LOG_DIRECTORY "Log Directory"
set_variable_from_commvault_status GALAXY11_TEMP_DIRECTORY "Temp Directory"
set_variable_from_commvault_status GALAXY11_JOBS_RESULTS_DIRECTORY "Job Results Directory"
fi
so bascally set_variable_from_commvault_status
parses the output of the command
commvault status
so currently ReaR does not source a third party file
via
usr/share/rear/skel/default/etc/profile:
source "$script"
because the only case that I found
only parses the output of commvault status
jsmeix commented at 2024-07-19 12:50:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/skel/default/etc/syslog-ng-v3.conf:
source src {
and
usr/share/rear/skel/default/etc/syslog-ng.conf:
source src {
The whole
usr/share/rear/skel/default/etc/syslog-ng-v3.conf
is
@version: VERSION
# Send everything to /dev/tty12
options { create_dirs (yes); };
source src {
internal();
unix-dgram("/dev/log");
file("/proc/kmsg");
};
destination console { file("/dev/tty12"); };
destination messages { file("/var/log/messages"); };
log { source(src); destination(console); };
log { source(src); destination(messages); };
and
the whole
usr/share/rear/skel/default/etc/syslog-ng.conf
is
# Send everything to /dev/tty12
options { long_hostnames(off); sync(0); };
source src {
internal();
unix-dgram("/dev/log");
};
destination console { file("/dev/tty12"); };
destination messages { file("/var/log/messages"); };
log { source(src); destination(console); };
log { source(src); destination(messages); };
At least currently I cannot make sense of that code.
It is Friday afternoon (where even CrowdStrike strikes ;-)
and I am looking forward to a relaxed and recovering weekend :-)
so I leave this case for others as an exercise to prove
that this code does not execute a third party file ;-P
pcahyna commented at 2024-07-19 12:53:¶
But I did not check at how many code places something
is sourced via the alternative bash builtin '.'
jsmeix commented at 2024-07-19 12:56:¶
@pcahyna
thank you!
How did you find it?
By chance or via a sophisticated regular expression?
pcahyna commented at 2024-07-19 12:58:¶
@pcahyna thank you!
How did you find it? By chance or via a sophisticated regular expression?
^[[:blank]]*[^#].*\.
Not sophisticated enough - it finds plenty of false positives.
pcahyna commented at 2024-07-19 12:59:¶
oops, I see a mistake there :-)
pcahyna commented at 2024-07-19 13:01:¶
after correcting the obvious mistake it does not work. Sigh.
jsmeix commented at 2024-07-19 13:06:¶
Via
https://github.com/rear/rear/commit/9422b2cfcf3307bfae357248036f4f918b0544a5
I dared to just clean up such shitty code
directly in our master branch.
I am rather fed up with such kind of code
so I do not want to waste any second longer
of my precious lifetime than actually needed
with endlessly cleaning up such crap, cf.
https://www.youtube.com/watch?v=j6dXmsR4_VQ
pcahyna commented at 2024-07-19 14:56:¶
Well, at least the shitty code quotes the variable expansion properly, unlike the many other examples that you have checked.
Of course, an exploit of the possibility of expansions of shell metacharacters and blanks in directory names like those we use would work only in very special situations and be exceedingly unrealistic, but from the reliability point of view sourcing an unquoted variable expansion is not a good idea.
jsmeix commented at 2024-07-23 06:56:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/skel/default/etc/scripts/system-setup:
source /usr/share/rear/conf/default.conf || echo -e "\n'source /usr/share/rear/conf/default.conf' failed with exit code $?"
source /etc/rear/$conf.conf || echo -e "\n'source /etc/rear/$conf.conf' failed with exit code $?"
source $system_setup_script || echo -e "\n'source $system_setup_script' results exit code $?\n"
if ! source $system_setup_script ; then
the matching code pieces in
usr/share/rear/skel/default/etc/scripts/system-setup
where possibly third party files might be sourced
are
for conf in site local rescue ; do
if test -s /etc/rear/$conf.conf ; then
source /etc/rear/$conf.conf || echo -e "\n'source /etc/rear/$conf.conf' failed with exit code $?"
fi
done
so no third party file is sourced here
and
for system_setup_script in /etc/scripts/system-setup.d/*.sh ; do
if rear_debug ; then
...
source $system_setup_script || echo -e "\n'source $system_setup_script' results exit code $?\n"
...
else
...
if ! source $system_setup_script ; then
so no third party file is sourced here.
jsmeix commented at 2024-07-23 07:11:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/skel/default/etc/scripts/unlock-opal-disks:
source /usr/share/rear/lib/opal-functions.sh
[[ -f /.OPAL_PBA_SETTINGS.sh ]] && source /.OPAL_PBA_SETTINGS.sh
[[ ${#OPAL_PBA_TKNPATH[@]} -gt 0 ]] && source /usr/share/rear/lib/authtoken-functions.sh
source "/etc/scripts/system-setup.d/$system_setup_script"
OPAL_PBA_SETTINGS gets created in
usr/share/rear/build/OPALPBA/Linux-i386/820_store_settings.sh
by
cat > "$ROOTFS_DIR/.OPAL_PBA_SETTINGS.sh" << -EOF-
OPAL_PBA_UNLOCK_MODE='$OPAL_PBA_UNLOCK_MODE'
OPAL_PBA_DEBUG_PASSWORD='$OPAL_PBA_DEBUG_PASSWORD'
OPAL_PBA_DEBUG_DEVICE_COUNT='$OPAL_PBA_DEBUG_DEVICE_COUNT'
OPAL_PBA_SBWARN='$OPAL_PBA_SBWARN'
OPAL_PBA_NOSUCCESSMSG='$OPAL_PBA_NOSUCCESSMSG'
OPAL_PBA_GPT_PARTITION_NAME='$RAWDISK_GPT_PARTITION_NAME'
OPAL_PBA_TKNPATH=( ${OPAL_PBA_TKNPATH[@]} )
OPAL_PBA_TKNOFFSET=$OPAL_PBA_TKNOFFSET
OPAL_PBA_TKNKEY='$OPAL_PBA_TKNKEY'
OPAL_PBA_TKNBIND='$OPAL_PBA_TKNBIND'
OPAL_PBA_TKN2FAMAXTRIES=$OPAL_PBA_TKN2FAMAXTRIES
OPAL_PBA_TKN2FAFAILWIPE='$OPAL_PBA_TKN2FAFAILWIPE'
OPAL_PBA_TKNDBG='$OPAL_PBA_TKNDBG'
-EOF-
so no third party file is sourced here.
All the variables
OPAL_PBA_UNLOCK_MODE
OPAL_PBA_DEBUG_PASSWORD
OPAL_PBA_DEBUG_DEVICE_COUNT
OPAL_PBA_SBWARN
OPAL_PBA_NOSUCCESSMSG
OPAL_PBA_TKNPATH
OPAL_PBA_TKNOFFSET
OPAL_PBA_TKNKEY
OPAL_PBA_TKNBIND
OPAL_PBA_TKN2FAMAXTRIES
OPAL_PBA_TKN2FAFAILWIPE
OPAL_PBA_TKNDBG
are user config variables in default.conf
except
OPAL_PBA_GPT_PARTITION_NAME
which is set in
usr/share/rear/build/OPALPBA/Linux-i386/820_store_settings.sh
OPAL_PBA_GPT_PARTITION_NAME='$RAWDISK_GPT_PARTITION_NAME'
and RAWDISK_GPT_PARTITION_NAME is a user config variable
in default.conf
So no third party file is sourced here.
jsmeix commented at 2024-07-23 07:43:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/skel/SESAM/etc/scripts/system-setup.d/59-start-sesam-client.sh:
source $SHARE_DIR/lib/sesam-functions.sh
source $SESAM_VAR_DIR/var/ini/sesam2000.profile
and
usr/share/rear/prep/SESAM/default/400_prep_sesam.sh:
source $SHARE_DIR/lib/sesam-functions.sh
and
usr/share/rear/lib/sesam-functions.sh:
source $sesam2000ini_file
$SHARE_DIR/lib/sesam-functions.sh is
usr/share/rear/lib/sesam-functions.sh
so no third party file is sourced here.
SESAM_VAR_DIR is set in
usr/share/rear/lib/sesam-functions.sh
which does (whole sesam-functions.sh):
# read sesam configuration values, referenced by
#
# prep/SESAM/default/400_prep_sesam.sh
# skel/SESAM/etc/scripts/system-setup.d/59-start-sesam-client.sh
sesam2000ini_file="/etc/sesam2000.ini"
if ! test -r $sesam2000ini_file ; then
return 0
fi
# for later use in build/default/990_verify_rootfs.sh to avoid issues
# with missing library dependencies during rootfs check
source $sesam2000ini_file
SESAM_LD_LIBRARY_PATH=$SM_BIN_SESAM:$SM_BIN_SESAM/python3/:$SM_BIN_SMS
SM_INI="$( grep SM_INI $sesam2000ini_file 2>/dev/null | cut -d '=' -f 2 )"
test -z "$SM_INI" && return 0
# Avoid ShellCheck false error indication
# SC1097: Unexpected ==. For assignment, use =
# for code like
# while IFS== read key value
# by quoting the assigned character:
while IFS='=' read key value ; do
case "$key" in
(gv_ro) SESAM_BIN_DIR="$value" ;;
(gv_rw) SESAM_VAR_DIR="$value" ;;
esac
done <"$SM_INI"
SESAM_WORK_DIR="${SESAM_VAR_DIR%%/}/var/work/*"
SESAM_TMP_DIR="${SESAM_VAR_DIR%%/}/var/tmp/*"
SESAM_LIS_DIR="${SESAM_VAR_DIR%%/}/var/lis"
SESAM_LGC_DIR="${SESAM_VAR_DIR%%/}/var/log/lgc/*"
SESAM_SMS_DIR="${SESAM_VAR_DIR%%/}/var/log/sms/*"
SESAM_PROT_DIR="${SESAM_VAR_DIR%%/}/var/prot/*"
The crucial part is
sesam2000ini_file="/etc/sesam2000.ini"
...
source $sesam2000ini_file
so it does source a third party file as
source /etc/sesam2000.ini
By quick googling I found 'sesam2000.ini' mentioned in
https://wiki.sepsoftware.com/wiki/index.php/Archive:Admin_Manual_4.2
On Unix you can find the installation directories in the file /etc/sesam2000.ini .
but it does not tell about the syntax of 'sesam2000.ini'.
The example shell scripts in
https://wiki.sepsoftware.com/wiki/index.php/Archive:Admin_Manual_4.2
indicate that 'sesam2000.ini' consists of
VARIABLE=VALUE
pairs but I won't try to mitigate
source /etc/sesam2000.ini
here based on guesses about a software
that I neither have nor know about
i.e. SEP Sesam with BACKUP=SESAM).
Fortunately SEP is a German company see
https://www.sep.de/contact/contact/
so I hope one from SEP could clarify this.
jsmeix commented at 2024-07-23 07:56:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/lib/framework-functions.sh:
source "$source_file"
is this code
function Source () {
...
source "$source_file"
ReaR's Source function is called at those code places
(I already removed the false positives here):
usr/sbin/rear:
Source "$CONFIG_DIR/os.conf" || Error "Failed to Source $CONFIG_DIR/os.conf"
Source "$CONFIG_DIR/$WORKFLOW.conf" || Error "Failed to Source $CONFIG_DIR/$WORKFLOW.conf"
Source "$SHARE_DIR/conf/$config.conf" || BugError "Failed to Source $SHARE_DIR/conf/$config.conf"
Source "$CONFIG_DIR/$config.conf" || Error "Failed to Source $CONFIG_DIR/$config.conf"
Source "$config_append_file_path" || Error "Failed to Source $config_append_file_path"
Source "$config_append_file_path.conf" || Error "Failed to Source $config_append_file_path.conf"
usr/share/rear/layout/recreate/default/200_run_layout_code.sh: Source $SHARE_DIR/layout/recreate/default/150_wipe_disks.sh
usr/share/rear/lib/savelayout-workflow.sh:
Source $SHARE_DIR/prep/default/320_include_uefi_env.sh
usr/share/rear/lib/framework-functions.sh:
Source $SHARE_DIR/$stage/"$script"
So no third party file is sourced here.
jsmeix commented at 2024-07-23 08:12:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/prep/DUPLICITY/default/200_find_duply_profile.sh:
source $CONF # is a normal shell configuration file
source $DUPLY_PROFILE_FILE
and
usr/share/rear/lib/global-functions.sh:
source $CONF # is a normal shell configuration file
The
source $CONF # is a normal shell configuration file
appears twice because
the function find_duply_profile is defined twice
in
usr/share/rear/lib/global-functions.sh
# Purpose is to find a working DUPLY profile configuration
# Duply is a wrapper script around duplicity - this function is
# used in the prep phase (for mkbackup) and in the verify phase
# (to check the TEMP_DIR directory - it must be defined and cannot
# be /tmp as this is usually a tmpfs file system which is too small)
function find_duply_profile ()
{
# there could be more then one profile present - select where SOURCE='/'
for CONF in $(echo "$1")
do
[[ ! -f $CONF ]] && continue
source $CONF # is a normal shell configuration file
LogIfError "Could not source $CONF [duply profile]"
[[ -z "$SOURCE" ]] && continue
[[ -z "$TARGET" ]] && continue
# still here?
if [[ "$SOURCE" = "/" ]]; then
DUPLY_PROFILE_FILE=$CONF
DUPLY_PROFILE=$( dirname $CONF ) # /root/.duply/mycloud/conf -> /root/.duply/mycloud
DUPLY_PROFILE=${DUPLY_PROFILE##*/} # /root/.duply/mycloud -> mycloud
break # the loop
else
DUPLY_PROFILE=""
continue
fi
done
}
and same in
usr/share/rear/prep/DUPLICITY/default/200_find_duply_profile.sh
function find_duply_profile ()
{
# there could be more then one profile present - select where SOURCE='/'
for CONF in $(echo "$1")
do
[[ ! -f $CONF ]] && continue
source $CONF # is a normal shell configuration file
LogIfError "Could not source $CONF [duply profile]"
[[ -z "$SOURCE" ]] && continue
[[ -z "$TARGET" ]] && continue
# still here?
if [[ "$SOURCE" = "/" ]]; then
DUPLY_PROFILE_FILE=$CONF
DUPLY_PROFILE="$( dirname "$CONF" )" # /root/.duply/mycloud/conf -> /root/.duply/mycloud
DUPLY_PROFILE=${DUPLY_PROFILE##*/} # /root/.duply/mycloud -> mycloud
break # the loop
else
DUPLY_PROFILE=""
continue
fi
done
}
So it does source a third party files as
for CONF in $(echo "$1")
do
source $CONF
At least at first glance that looks rather messy.
I won't try to mitigate that now
based on guesses about a software
that I neither have nor know about
i.e. DUPLICITY with BACKUP=DUPLICITY.
jsmeix commented at 2024-07-23 08:17:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/rescue/GNU/Linux/220_load_modules_from_initrd.sh:
source /etc/sysconfig/kernel
source /etc/dracut.conf
source $s
the code of the source $s case is
for s in /etc/dracut.conf.d/*.conf ; do
source $s
done
So /etc/sysconfig/kernel
and /etc/dracut.conf and /etc/dracut.conf.d/*.conf
get sourced.
I think - unless proven otherwise - we can probably trust
/etc/sysconfig/kernel
and /etc/dracut.conf and /etc/dracut.conf.d/*.conf
to be sourced.
jsmeix commented at 2024-07-23 08:18:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/lib/rear-shell.bashrc:
for script in $SHARE_DIR/lib/*functions.sh ; do source $script ; done
source $SHARE_DIR/lib/progresssubsystem.nosh
no third party file is sourced here.
jsmeix commented at 2024-07-23 08:26:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/lib/drlm-functions.sh:
source $DRLM_CFG
source $DRLM_CFG
the code is
if [ "$CONFIG_APPEND_FILES" ]; then
for config_append_file in $CONFIG_APPEND_FILES ; do
LogPrint "DRLM_MANAGED: Loading configuration '$config_append_file' from DRLM ..."
local DRLM_CFG="$TMP_DIR/$config_append_file"
local http_response_code=$(curl $verbose -f -s -S -w '%{http_code}' $DRLM_REST_OPTS -o $DRLM_CFG https://$DRLM_SERVER/clients/$DRLM_ID/config/$config_append_file)
test "200" = "$http_response_code" || Error "DRLM_MANAGED: curl failed with HTTP response code '$http_response_code' trying to load '$config_append_file' from DRLM."
source $DRLM_CFG
rm $DRLM_CFG
done
else
LogPrint "DRLM_MANAGED: Loading configuration from DRLM ..."
local DRLM_CFG="$TMP_DIR/drlm_config"
local http_response_code=$(curl $verbose -f -s -S -w '%{http_code}' $DRLM_REST_OPTS -o $DRLM_CFG https://$DRLM_SERVER/clients/$DRLM_ID/config)
test "200" = "$http_response_code" || Error "DRLM_MANAGED: curl failed with HTTP response code '$http_response_code' trying to load configuration from DRLM."
source $DRLM_CFG
rm $DRLM_CFG
fi
so it does source third party files
even third party files downloaded from a remote host.
I won't try to mitigate that now on my own
based on guesses about a software that I neither have
nor know about its usage and implementation details
i.e. DRLM see https://drlm.org/
Fortunately we cooperate well with the DRLM authors
so I will let them check their specific case
via a separated ReaR issue.
jsmeix commented at 2024-07-23 08:32:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/build/OPALPBA/Linux-i386/810_deduplicate_files.sh:
source "$deduplication_script"
That deduplication_script is generated in
usr/share/rear/build/OPALPBA/Linux-i386/810_deduplicate_files.sh
which works on files only in ROOTFS_DIR via
find "$ROOTFS_DIR" ... | awk ... > "$deduplication_script"
so no third party file is sourced here.
jsmeix commented at 2024-07-23 08:38:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/share/rear/build/USB/default/800_enforce_usb_output.sh:
local_conf_output=$( source $ROOTFS_DIR/etc/rear/local.conf ; echo $OUTPUT )
no third party file is sourced here.
jsmeix commented at 2024-07-23 08:40:¶
In
https://github.com/rear/rear/pull/3203#issuecomment-2063439858
usr/sbin/rear:
if ! source $SHARE_DIR/conf/default.conf ; then
if ! source $SHARE_DIR/lib/_input-output-functions.sh ; then
source $script || BugError "Failed to source $script"
source $SHARE_DIR/lib/progresssubsystem.nosh || BugError "Failed to source $SHARE_DIR/lib/progresssubsystem.nosh"
the part
source $script || BugError "Failed to source $script"
is this code
for script in $SHARE_DIR/lib/[a-z]*.sh ; do
source $script || BugError "Failed to source $script"
done
no third party file is sourced here.
jsmeix commented at 2024-07-23 08:41:¶
I will now make separated ReaR issues
for the cases where a third party file could be sourced.
jsmeix commented at 2024-07-23 10:08:¶
I made separated ReaR issues for each case I found
where third party code could be execututed by 'source'
so this issue is done.
Cases where third party code could be execututed by '.'
need to be handled via separated issues.
First we need to find the code places where
something is execututed by '.'
jsmeix commented at 2024-07-23 10:48:¶
Regarding skel/default/bin/dhcpcd.sh
see above
https://github.com/rear/rear/issues/3285#issuecomment-2239071913
I fail to understand how the dhcpcd related code in ReaR
is meant to work so I filed
https://github.com/rear/rear/issues/3295
jsmeix commented at 2024-07-25 07:39:¶
I removed the "critical/security/legal" label
because in this issue here there is no longer
a case which is "critical/security/legal".
Cases found in this issue here which could be
"critical/security/legal" were separated into
new separated issues
https://github.com/rear/rear/issues/3291
skel/default/etc/syslog-ng*.conf may source third party code
https://github.com/rear/rear/issues/3292
lib/sesam-functions.sh may source third party code
https://github.com/rear/rear/issues/3293
BACKUP=DUPLICITY may source third party code
https://github.com/rear/rear/issues/3294
DRLM_MANAGED=yes may source third party code from a remote host
and
https://github.com/rear/rear/issues/3295
How is skel/default/bin/dhcpcd.sh meant to work?
cf.
https://github.com/rear/rear/issues/3260#issuecomment-2247708345
[Export of Github issue for rear/rear.]