Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 15 Jan 2025 09:53:50 GMT
From:      Baptiste Daroussin <bapt@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 68f025feeb11 - stable/14 - nuageinit: use io.popen instead of pipes in shell for password
Message-ID:  <202501150953.50F9roQc070721@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/14 has been updated by bapt:

URL: https://cgit.FreeBSD.org/src/commit/?id=68f025feeb11e05382e9a9feb5105b23ffe7c30c

commit 68f025feeb11e05382e9a9feb5105b23ffe7c30c
Author:     Baptiste Daroussin <bapt@FreeBSD.org>
AuthorDate: 2024-11-20 09:39:50 +0000
Commit:     Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2025-01-15 09:53:39 +0000

    nuageinit: use io.popen instead of pipes in shell for password
    
    using echo in a sh(1) command line, requires many escaping to be done
    right, using io.popen we don't need to do this escaping anymore.
    
    (cherry picked from commit 3e502866073f8d922eecb9016920a56b90c35e38)
---
 libexec/nuageinit/nuage.lua | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua
index 4e21405a443b..978de02a63fc 100644
--- a/libexec/nuageinit/nuage.lua
+++ b/libexec/nuageinit/nuage.lua
@@ -119,11 +119,12 @@ local function adduser(pwd)
 	end
 	local precmd = ""
 	local postcmd = ""
+	local input = nil
 	if pwd.passwd then
-		precmd = "echo '" .. pwd.passwd .. "' | "
+		input = pwd.passwd
 		postcmd = " -H 0"
 	elseif pwd.plain_text_passwd then
-		precmd = "echo '" .. pwd.plain_text_passwd .. "' | "
+		input = pwd.plain_text_passwd
 		postcmd = " -h 0"
 	end
 	cmd = precmd .. "pw "
@@ -134,7 +135,11 @@ local function adduser(pwd)
 	cmd = cmd .. extraargs .. " -c '" .. pwd.gecos
 	cmd = cmd .. "' -d '" .. pwd.homedir .. "' -s " .. pwd.shell .. postcmd
 
-	local r = os.execute(cmd)
+	local f = io.popen(cmd, "w")
+	if input then
+		f:write(input)
+	end
+	local r = f:close(cmd)
 	if not r then
 		warnmsg("fail to add user " .. pwd.name)
 		warnmsg(cmd)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202501150953.50F9roQc070721>