Bug 2059658
| Summary: | join template in podman inspect errors when new line is selected as a separator | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Matus Marhefka <mmarhefk> | |
| Component: | podman | Assignee: | Jindrich Novy <jnovy> | |
| Status: | CLOSED ERRATA | QA Contact: | Yuhui Jiang <yujiang> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 8.6 | CC: | bbaude, dapospis, dwalsh, jhonce, jligon, jnovy, lsm5, mheon, pholzing, pthomas, tsweeney, umohnani, ypu | |
| Target Milestone: | rc | Keywords: | Triaged | |
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
|
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | podman-4.3.1-1.el8 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 2078411 (view as bug list) | Environment: | ||
| Last Closed: | 2023-05-16 08:18:40 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2026666, 2078411 | |||
Jhon PTAL This is still happening in podman-4.1.0:
jnovy@localhost ~/bin$ podman inspect registry.access.redhat.com/ubi8/ubi:latest --format '{{join .Config.Env "\n"}}'
ERRO[0000] Printing inspect output: template: all inspect:1: unterminated quoted string
jnovy@localhost ~/bin$ podman inspect registry.access.redhat.com/ubi8/ubi:latest --format '{{join .Config.Env "\t"}}'
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin container=oci
IMO it is not a good idea to replace characters inside the template block `{{` ... `}}`.
I looked at what docker is doing and they have the same problem except for the inspect commands where no replace is done.
I would argue that we should not touch the user input at all but I guess this was done for docker compat.
A simple reproducer that should work with all --format flags is: --format '{{printf "\n"}}'
I see three solutions:
1. do not replace at all (this will break docker compat)
2. do not replace inside {{ }} blocks (could also break backwards compat)
3. replace and parse the template, if it fails parse again with the raw input without replace.
I would prefer 3 since this will not cause any regressions for user relying on the current implementation.
@jhonce WDYT?
(In reply to Paul Holzinger from comment #4) > IMO it is not a good idea to replace characters inside the template block > `{{` ... `}}`. > I looked at what docker is doing and they have the same problem except for > the inspect commands where no replace is done. > I would argue that we should not touch the user input at all but I guess > this was done for docker compat. > > A simple reproducer that should work with all --format flags is: --format > '{{printf "\n"}}' > I see three solutions: > 1. do not replace at all (this will break docker compat) > 2. do not replace inside {{ }} blocks (could also break backwards compat) > 3. replace and parse the template, if it fails parse again with the raw > input without replace. > > I would prefer 3 since this will not cause any regressions for user relying > on the current implementation. > @jhonce WDYT? @pholzing #3 sounds like the best solution, we need the compat where possible. Upstream PR (not yet merged) with a fix: https://github.com/containers/podman/pull/15673 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:2758 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:2758 |
Description of problem: join template in `podman inspect --format` does not accept new line as a separator: # podman inspect ubi8 --format '{{join .Config.Env "\n"}}' ERRO[0000] Printing inspect output: template: all inspect:1: unterminated quoted string But space/tab works: # podman inspect ubi8 --format '{{join .Config.Env "\t"}}' PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin container=oci # podman inspect ubi8 --format '{{join .Config.Env " "}}' PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin container=oci Version-Release number of selected component (if applicable): podman-4.0.0-3.module+el8.6.0+14305+6b14f34e.x86_64 How reproducible: always Steps to Reproduce: 1. podman inspect ubi8 --format '{{join .Config.Env "\n"}}' 2. 3. Actual results: ERRO[0000] Printing inspect output: template: all inspect:1: unterminated quoted string Expected results: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin container=oci Additional info: