Dev: ui_resource: Refactor do_trace function #1709
Merged
+28
−20
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
liangxin1300
force-pushed
the
20250312_cleanup_cluster_glue
branch
from
0246fa5 to
6f149cd
Compare
liangxin1300
changed the title
liangxin1300
force-pushed
the
20250312_cleanup_cluster_glue
branch
3 times, most recently
from
511b29e to
5bf8df2
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
liangxin1300
force-pushed
the
20250312_cleanup_cluster_glue
branch
2 times, most recently
from
c80ba6f to
ee920d1
Compare
zzhou1
approved these changes
Mar 14, 2025
nicholasyang2022
requested changes
Mar 14, 2025
crmsh/utils.py
Outdated
| """ | ||
| source a script and get the value of a variable | ||
| """ | ||
| cmd = f"source {script_path} && echo ${var_name}" |
There was a problem hiding this comment.
DANGEROUS:
- Sourcing a script is vulnerable to shell injection.
script_pathandvar_nameis not quoted.
Although it is safe when sourcing trusted code, this should not be defined as a common utility function.
There was a problem hiding this comment.
How about:
Suggested change
| cmd = f"source {script_path} && echo ${var_name}" | |
| cmd = ['/bin/bash', '-c', f'source {script_path} && echo ${var_name}'] | |
| rc, out, _ = ShellUtils().get_stdout_stderr(cmd, shell=False) |
There was a problem hiding this comment.
I agree Nicholas for the security risk, and not to source the script. Instead, it is safe for the use case to directly use python re to parse {HA_VARLIB:=/var/lib/heartbeat}.
If "rpm -ql resource-agents" is not available, then crmsh falls back to the hard code of /usr/lib/ocf/lib/heartbeat/ocf-directories.
liangxin1300
force-pushed
the
20250312_cleanup_cluster_glue
branch
from
ee920d1 to
71d0bdb
Compare
liangxin1300
force-pushed
the
20250312_cleanup_cluster_glue
branch
from
71d0bdb to
b1cd65f
Compare
liangxin1300
changed the title
liangxin1300
force-pushed
the
20250312_cleanup_cluster_glue
branch
from
b1cd65f to
320b795
Compare
Ensure the trace directory is specified either through the argument or by using the value of the heartbeat_dir option. Eliminate any inconsistencies that might arise from heartbeat_dir (from etc/crm/crm.conf) or from HA_VARLIB (from /usr/lib/ocf/heartbeat/ocf-directories).
liangxin1300
force-pushed
the
20250312_cleanup_cluster_glue
branch
from
320b795 to
7b8e201
Compare
nicholasyang2022
approved these changes
Mar 21, 2025
liangxin1300
added a commit
that referenced
this pull request
Mar 21, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ensure the trace directory is specified either through the argument or by using the value of the heartbeat_dir option. Eliminate any inconsistencies that might arise from heartbeat_dir (from etc/crm/crm.conf) or from HA_VARLIB (from /usr/lib/ocf/heartbeat/ocf-directories).