Bug 1311877

Summary: Asterisks in provisioning templates subject to shell-expansion
Product: Red Hat Satellite Reporter: David Juran <djuran>
Component: Provisioning TemplatesAssignee: Tomas Strachota <tstrachota>
Status: CLOSED ERRATA QA Contact: Peter Ondrejka <pondrejk>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.1.7CC: arydekul, bkearney, jcallaha, tstrachota
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-02-21 16:51:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David Juran 2016-02-25 09:20:10 UTC
Description of problem:
There are several occurrences in the provisioning templates and snippets on the satellite where asterisks are used. One example is in the subscription_manager_registration snippet where the following line is executed

subscription-manager repos --enable rhel-*-satellite-tools-*-rpms

This is subject to shell-expansion, i.e. if a file matching the pattern above would exist for one reasons or another, the asterisks would be expanded and the provisioning would fail with a very hard-to-debug reason.

To make the line safe, the asterisks could e.g. be protected by backslash characters

Version-Release number of selected component (if applicable):
Satellite-6.1.7

Comment 1 Alexander Rydekull 2016-02-25 10:25:49 UTC
I fully agree with David, and it is a simple fix:
subscription-manager repos --enable='rhel-*-satellite-tools-*-rpms'

Good catch David :-)

Comment 2 Bryan Kearney 2016-07-26 19:03:30 UTC
Moving 6.2 bugs out to sat-backlog.

Comment 7 Peter Ondrejka 2017-08-31 08:34:03 UTC
Verified in Sat 6.3 snap 13

Comment 8 Satellite Program 2018-02-21 16:51:07 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA.
> 
> For information on the advisory, and where to find the updated files, follow the link below.
> 
> If the solution does not work for you, open a new bug report.
> 
> https://access.redhat.com/errata/RHSA-2018:0336