Escape the remote system query #179

Veduco · 2021-03-17T20:50:02Z

#157
https://github.com/vmstan/gravity-sync/discussions/158

When the script gs-core.sh is executed or sourced, the $RH_EXEC command is actually parsed on the local machine, and then used against the remote machine. This can lead to checking for a non-existent container name on the remote server, instead of properly parsing the remote system's configuration.

Example:
On load,

RH_EXEC="sudo ${ROCKER_BIN} exec $(sudo ${ROCKER_BIN} ps -qf name=${ROCKER_CON}) pihole"

becomes sudo /usr/bin/docker exec 0ce8b1d5571d pihole, which is then used in an SSH command against the remote host, yielding:

[i] Inverting Tachyon Pulses
[e] Updating Remote FTLDNS ConfigurationError: No such container: 0ce8b1d5571d
[✗] Updating Remote FTLDNS Configuration

because, of course, the container ID doesn't exist on the remote host.

The fix is to escape the nested command execution within gs-core.sh, like so:

--- gs-core.sh.orig     2021-02-17 17:43:53.732747200 -0700
+++ gs-core.sh  2021-02-17 17:43:34.690296100 -0700
@@ -102,7 +102,7 @@ function ph_type {
         RH_EXEC="${RIHOLE_BIN}"
     elif [ "$RH_IN_TYPE" == "docker" ]
     then
-        RH_EXEC="sudo ${ROCKER_BIN} exec $(sudo ${ROCKER_BIN} ps -qf name=${ROCKER_CON}) pihole"
+        RH_EXEC="sudo ${ROCKER_BIN} exec \$(sudo ${ROCKER_BIN} ps -qf name=${ROCKER_CON}) pihole"
     elif [ "$RH_IN_TYPE" == "podman" ]
     then

* new first line of script * no requested * Abort! * Test silent folder validation * sameline * echo newline * echo_sameline * what happened? * sameline for ssh * sqlite sameline * Lower case * Reset line * clear line * Flip the line * version update * Backup lowercase * More lowercase * Remove file names from standard messages * Breakout backup message * Output backup folder size * Just H * Invalid replication settings * Compare updated * Colors and updates * Lower case for version output * For Pihole * Cron cleanup * Sudo, or no sudo. * Branch! * Silent error validate * Silent error validate * Clearing up status messages * Records * Primary and secondary * Gravity database * Domain Database * Backup output cleanup * Move file permission validation into new functions * Change restart * UI variables test * Breakout UI variables into new file * Unified validation functions * Replace text strings with variables * Replace text strings with variables * Replace logging with variables * Convert backup to UI variables * Switch restore to UI variables * Fix bug where gravity database did not restore * App validation checks * Rev to 3.4.0 * Convert Push functions to new strings * Completing push UI changes * remove added line * Move purge to UI strings * Move automation to UI strings * Move core strings into UI * Exit strings * First pass at hashing UI * Escape the remote system query (#179) * hashing committed Co-authored-by: Michael Stanclift <vmstan@mstanclift-a03.local> Co-authored-by: Veduco <59983694+Veduco@users.noreply.github.com>

Escape the remote system query

62b5e67

vmstan changed the base branch from master to 3.3.3 March 22, 2021 14:19

vmstan merged commit f5b93ee into vmstan:3.3.3 Mar 22, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Escape the remote system query #179

Escape the remote system query #179

Veduco commented Mar 17, 2021 •

edited

Escape the remote system query #179

Escape the remote system query #179

Conversation

Veduco commented Mar 17, 2021 • edited

Veduco commented Mar 17, 2021 •

edited