Fix command encoding by using shlex/eval#69
Conversation
|
As an alternative, it's also possible to get rid of encoding altogether by passing the command to diff --git a/container/files/init-container.sh b/container/files/init-container.sh
index 7272a68..6c8b231 100755
--- a/container/files/init-container.sh
+++ b/container/files/init-container.sh
@@ -115,8 +115,8 @@ if [ -n "$BUILD_LOCAL" ]; then
fi
fi
)
-elif [ -n "$COMMAND" ]; then
- $COMMAND
+elif [ $# -gt 0 ]; then
+ exec "$@"
else
/bin/bash --login || true
fi
diff --git a/src/xcp_ng_dev/cli.py b/src/xcp_ng_dev/cli.py
index 08edaee..9d9a461 100755
--- a/src/xcp_ng_dev/cli.py
+++ b/src/xcp_ng_dev/cli.py
@@ -165,6 +165,7 @@ def buildparser():
def container(args):
docker_args = [RUNNER, "run"]
+ command = []
if is_podman(RUNNER):
# With podman we use the `--userns` option to map the builder user to the user on the system.
@@ -273,7 +274,7 @@ def container(args):
print(f"Building directory {build_dir}", file=sys.stderr)
case 'run':
- docker_args += ["-e", "COMMAND=%s" % ' '.join(args.command)]
+ command = args.command
case 'shell':
wants_interactive = True
@@ -283,7 +284,9 @@ def container(args):
# exec "docker run"
docker_args += [f"{CONTAINER_PREFIX}:{args.container_version}",
- "/usr/local/bin/init-container.sh"]
+ "/usr/local/bin/init-container.sh",
+ *command,
+ ]
print("Launching docker with args %s" % docker_args, file=sys.stderr)
return subprocess.call(docker_args) |
Both solutions are OK with me. Note that both change the interface between the script and the container, and The alternative using |
| ) | ||
| elif [ -n "$COMMAND" ]; then | ||
| $COMMAND | ||
| eval "exec $COMMAND" |
There was a problem hiding this comment.
Why exec here? It wasn't there before
There was a problem hiding this comment.
It's considered good practice.
In particular, exec causes the command to replace the init-container.sh process so that it inherits from PID 1:
± xcp-ng-dev container run 8.3 ps
[...]
PID TTY TIME CMD
1 pts/0 00:00:00 ps
I don't mind removing it tho.
There was a problem hiding this comment.
Oh, I thought it might be related to the eval usage.
It might be worth adding a note in the commit message :)
There was a problem hiding this comment.
It might be worth adding a note in the commit message
Added: 0d93542
There was a problem hiding this comment.
Actually, adding exec will be break --no-exit behaviour, as the script trap handler will be not be here any more to run a shell on failure.
There was a problem hiding this comment.
Removed: e644824
Yes I completely missed the trap "/bin/bash --login" EXIT at the beginning of the file, oopsie 😬
Wouldn't it work with the primary version? For the simple cases, I think |
vxgmichel
force-pushed
the
vml/fix-command-encoding
branch
from
7e95f16 to
0d93542
Compare
@glehmann is right, the approach used in this PR remains compatible both ways:
So both part of the fix are required, but getting only one of them should not break previous usage. |
| ) | ||
| elif [ -n "$COMMAND" ]; then | ||
| $COMMAND | ||
| eval "exec $COMMAND" |
There was a problem hiding this comment.
Actually, adding exec will be break --no-exit behaviour, as the script trap handler will be not be here any more to run a shell on failure.
Great catch I completely missed the trap handler, I should have been more careful. |
Signed-off-by: Vincent Michel <vincent.michel@vates.tech>
vxgmichel
force-pushed
the
vml/fix-command-encoding
branch
from
0d93542 to
e644824
Compare
3 participants
At the moment the command provided to the container is not properly encoded, which causes commands that use quotes to fail unexpectedly:
± xcp-ng-dev container run 8.3 -- ls "my file.txt" [...] ls: cannot access my: No such file or directory ls: cannot access file.txt: No such file or directoryThis PR fixes this:
± xcp-ng-dev container run 8.3 -- ls "my file.txt" [...] ls: cannot access my file.txt: No such file or directoryCrucially, this allows for running shell commands:
± xcp-ng-dev container run 8.3 -- bash -c "echo 1 && echo 2" [...] 1 2