You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A spring-boot application treats the escaping of arguments differently at startup as root or as user if it is not using the start-stop-daemon.
The issue was introduced with commit 4c65e5e by using printf for arguments if running as root or just passing the arguments if running as user.
How to reproduce:
Create a spring-boot-application with a config file
Add RUN_ARGS with single quote, like RUN_ARGS='--spring.datasource.password=my$password$with$dollars'
Start the application as user will add the RUN_ARGS correct, even for multiline values
Start the application as root will not escape the value.
Solutions to make it predictable
Not using the printf (may be a bad solution? )
Using printf in all cases as it is currently done for root
Using printf in all cases and reflect single quote escaping defined in the .conf file.
Additional information
I was not able to test against the start-stop-daemon. It might by that it is also ignoring the single quote arguments given in the .conf file.
The text was updated successfully, but these errors were encountered:
wilkinsona
changed the title
spring-boot-loader-tool launch.script - Not equal execution if script is startet as root or as user
spring-boot-loader-tool launch.script - Not equal execution if script is started as root or as user
Oct 8, 2019
wilkinsona
changed the title
spring-boot-loader-tool launch.script - Not equal execution if script is started as root or as user
Escaped and quoted arguments are treated differently by the launch script depending on how it is invoked
Jan 15, 2020
A spring-boot application treats the escaping of arguments differently at startup as root or as user if it is not using the start-stop-daemon.
The issue was introduced with commit 4c65e5e by using printf for arguments if running as root or just passing the arguments if running as user.
How to reproduce:
RUN_ARGS='--spring.datasource.password=my$password$with$dollars'
Solutions to make it predictable
Additional information
I was not able to test against the start-stop-daemon. It might by that it is also ignoring the single quote arguments given in the .conf file.
The text was updated successfully, but these errors were encountered: