-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Quote systemd DefaultEnvironment Proxy values #23674
Quote systemd DefaultEnvironment Proxy values #23674
Conversation
c4d5272
to
7e3e532
Compare
I'll add some tests |
b70662a
to
f31a67c
Compare
Tests added, the PR is ready for review |
LGTM |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you will need to rebase on latest main to fix the CI
@@ -24,7 +24,7 @@ rm -f $SYSTEMD_CONF $ENVD_CONF $PROFILE_CONF | |||
|
|||
echo "[Manager]" >> $SYSTEMD_CONF | |||
for proxy in %s; do | |||
printf "DefaultEnvironment=%%q\n" "$proxy" >> $SYSTEMD_CONF | |||
printf "DefaultEnvironment=\"%%s\"\n" "$proxy" >> $SYSTEMD_CONF |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will break if the vars contains a quote, I guess I am fine to trade quote is broken vs command is broken because the later is actually used in these vars while the quote most likely is never used.
However please fix the test and add a comma there
podman/pkg/machine/e2e/proxy_test.go
Line 79 in 77f5b4d
proxy1 := "http:// some special @;\" here" |
pkg/machine/proxyenv/env_test.go
Outdated
if err != nil { | ||
t.Errorf("readFrom: %v", err) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we already use assert github.com/stretchr/testify/assert
so please use that instead, i.e.
assert.NoError(t, err)
pkg/machine/proxyenv/env_test.go
Outdated
if str != tt.want { | ||
t.Errorf("getProxyScript()\n\n%v\n\nwant\n\n%v", str, tt.want) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
here you can use
assert.Equal(t, tt.want, str)
e35b2aa
to
dd016e7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please squash your commits into one
changes LGTM otherwise
…md.conf man page: Example: DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6" Sets three variables "VAR1", "VAR2", "VAR3". Double quote is not escaped, as there is no chance it appears in a proxy value. User can still espace it if really necessary Signed-off-by: Philippe Martin <phmartin@redhat.com>
dd016e7
to
3e58e04
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: feloy, Luap99 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Is this fix already included in the latest 5.2.3 release? I could not find it in the changelog. |
It was not backported so it will be in 5.3 |
Is there something like a timeline / roadmap when 5.3 will be released? |
End of October/early November most likely |
Quote systemd DefaultEnvironment Proxy values, as documented in systemd.conf man page:
Double quote is not escaped, as there is no chance it appears in a proxy value. User can still espace it if really necessary
Fixes #23277
Fixes podman-desktop/podman-desktop#7894
How to test
containers.conf
file, with comma special character inno_proxy
, for example (please replace proxy IP/port with your own):Create and start a new podman machine, and ssh to it
Check that no_proxy and NO_PROXY values are not escaped:
Restart podman machine so podman process takes these values into consideration
Check that proxy env vars are passed to podman process:
Does this PR introduce a user-facing change?
Values for proxy env variables won't be escaped anymore.