From nobody Wed Nov 20 09:42:21 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XtbxV0G0vz5dWgV; Wed, 20 Nov 2024 09:42:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XtbxT5Hw9z4cbl; Wed, 20 Nov 2024 09:42:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732095741; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AXY7aKZ1uq7QFg+tImNMKD3sr/qO9r0ZK3H8HjdgsC8=; b=o6jXxdcv1e/uSYjPUJhERE6EDl3b1IRclMEE4unn9cdNDIvUvmqiTUtKTaAyikWBgO/n7h H9ApH7LxNuLV4gSiXoOIg9YIIysY816nt9mhNdhS4xOj6B6uCwTm+LLPxWenn1Zf3VYK8O ycfVpGXiuRelJddMEtN/6/+5Pq4DhgEoWo35vmLH2FF1fWYGrgzaRb3g8gQgQj/GDyfk/O zHY4dOYVTnZXOE66i1mPoqRAGV8LA/KCKSFYqBtzV7J7LT82E3vj61INQ4ZC15zL7Vj2CB ljDeKAjaR8d1SHyr5PR4lu6+/Q9qsFQR1LBDr+HnJuSPblYGftrf0awncko5Vg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732095741; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AXY7aKZ1uq7QFg+tImNMKD3sr/qO9r0ZK3H8HjdgsC8=; b=gFPoyV0M00YcMlPw1Bpe66FYkFE0+kvUyyAPhILcRWXFi+uX9RrBciC5QgUQ+bOBN1t24N w+soERWVy3xuaMybhzeDFkNfR8Fbsetw4c4hRfkn/AoUF6RtbVT1yBeXX0yvW8/yooub+1 w1CI8hBpQX9Fs0N7t+lw6nLgOELeBEgON1nhkwOp36eEA0jiJXnCpMv3iQZKE5q9r8/mQz eLwIZC6U31FDy9XGqBUXxt3szzTq2bYFkkPMOdNq2IRUIJPJrkqRstCI6ZzHEkEzAYl0Mx cNGjUSVjNpHyDfMrfnt+FuYcTwHKs/K8rXIOdb5flLxu2ppTG2dCce/8oVK+jA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1732095741; a=rsa-sha256; cv=none; b=CySpFTuBmGARQDrYnAqnrAunimGtYHArTNQffpTsxkazMe9enn2Vl/t1/kKIbXtH6B5soL dbWwD3u8YKumU0Gq3OJ9ZLMyd1ow1pXLFTra+sEopwSmXuGr4WIwkgjULvrRg40NyPYWaN VjliX5BuwXQBg2x8tu3w+KRuFHu4oU80HGZAhzM02X/wArBPU4ul/CH3l7Dr55ML+hc1/c 7KzYvat01GfT34cwIXfSv+xur97AdTX51zWT5lwGdY6AKKFq4OQ7RvbDolZ3LLUytKQdiN FGhMm/Ca6FQl96vOvlZ2xrYk8r9VPbLjCPymugjhT36FjJ4wsMaCd+bwh4LUWw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XtbxT4vjszqBk; Wed, 20 Nov 2024 09:42:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AK9gLeB084050; Wed, 20 Nov 2024 09:42:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AK9gLLP084047; Wed, 20 Nov 2024 09:42:21 GMT (envelope-from git) Date: Wed, 20 Nov 2024 09:42:21 GMT Message-Id: <202411200942.4AK9gLLP084047@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Baptiste Daroussin Subject: git: 3e502866073f - main - nuageinit: use io.popen instead of pipes in shell for password List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 3e502866073f8d922eecb9016920a56b90c35e38 Auto-Submitted: auto-generated The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=3e502866073f8d922eecb9016920a56b90c35e38 commit 3e502866073f8d922eecb9016920a56b90c35e38 Author: Baptiste Daroussin AuthorDate: 2024-11-20 09:39:50 +0000 Commit: Baptiste Daroussin CommitDate: 2024-11-20 09:41:46 +0000 nuageinit: use io.popen instead of pipes in shell for password using echo in a sh(1) command line, requires many escaping to be done right, using io.popen we don't need to do this escaping anymore. --- libexec/nuageinit/nuage.lua | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua index 4e21405a443b..978de02a63fc 100644 --- a/libexec/nuageinit/nuage.lua +++ b/libexec/nuageinit/nuage.lua @@ -119,11 +119,12 @@ local function adduser(pwd) end local precmd = "" local postcmd = "" + local input = nil if pwd.passwd then - precmd = "echo '" .. pwd.passwd .. "' | " + input = pwd.passwd postcmd = " -H 0" elseif pwd.plain_text_passwd then - precmd = "echo '" .. pwd.plain_text_passwd .. "' | " + input = pwd.plain_text_passwd postcmd = " -h 0" end cmd = precmd .. "pw " @@ -134,7 +135,11 @@ local function adduser(pwd) cmd = cmd .. extraargs .. " -c '" .. pwd.gecos cmd = cmd .. "' -d '" .. pwd.homedir .. "' -s " .. pwd.shell .. postcmd - local r = os.execute(cmd) + local f = io.popen(cmd, "w") + if input then + f:write(input) + end + local r = f:close(cmd) if not r then warnmsg("fail to add user " .. pwd.name) warnmsg(cmd)