Fix incorrect file permissions in file.line #30212
Conversation
|
When atomic_open is called from the file module, the file always exists. However, when atomic_open() is called from returners, the file does not exist yet. Should atomic_open() make the assumption that the file exists? If yes, you should fix the calling code in salt/returners/local_cache.py and perhaps other places. If atomic_open should NOT assume the file exists, I think it's a bit nicer to check if the file exists rather than simply swallowing exceptions. For example: After all, you still want to know if something unexpected happens, and not silently continue. |
|
Agree. Thanks @codeHotter We are not checking tmp file, which is also a good idea I think. What do you think? Otherwise it will fail badly. |
|
The temp file should be guaranteed to exist here. It's not necessary to check for it. |
abednarik
force-pushed
the
fix_file_line_permissions
branch
from
c3d3df8
to
c1917fb
Compare
|
Thanks again @codeHotter. I just updated this PR with your suggestion. |
| @@ -1468,9 +1468,9 @@ def line(path, content, match=None, mode=None, location=None, | |||
| salt '*' file.line /etc/nsswitch.conf "networks:\tfiles dns", after="hosts:.*?", mode='ensure' | |||
| ''' | |||
| path = os.path.realpath(os.path.expanduser(path)) | |||
| if not os.path.exists(path): | |||
| if not os.path.isfle(path): | |||
|
Is the way i send in the PR |
|
In your previous version it was fine, but now it says "isfle". Look in your github repository on the fix_file_line_permissions branch: If it's correct locally, maybe you can try to push the branch again? |
Looks like atomic_open() doesn't take care of preserving file permissions. It will create a new file, edit it and then move this temp file to the original file ignoring file permissions. Also updated the check to be sure file exist and is a file. Otherwise code will try to update directory content and will fail badly and throw a python error. Fixes saltstack#30150.
abednarik
force-pushed
the
fix_file_line_permissions
branch
from
c1917fb
to
dec15d1
Compare
|
You are right. Now should be fixed. Thanks. |
abednarik
force-pushed
the
fix_file_line_permissions
branch
from
f55b4ea
to
dec15d1
Compare
|
@abednarik Would this also fix the following issue? #28320 This issue behaves in the same way as mentioned issue does. |
|
Hi @Grokzen don't' think so, since comment_line is using other function _mkstemp_copy. Anyway, should be fair easy to apply the same I did here. |
Fix incorrect file permissions in file.line
Looks like atomic_open() doesn't take care of preserving file permissions. It will create
a new file, edit it and then move this temp file to the original file ignoring file permissions.
Also updated the check to be sure file exist and is a file. Otherwise code will try to update
directory content and will fail badly and throw a python error.
Fixes #30150.
Hope this one don't break anything :(