Bug 2230212

Summary: Multi-line value used for --env is cut at newline
Product: Red Hat Enterprise Linux 9 Reporter: Takashi Kajinami <tkajinam>
Component: podmanAssignee: Jindrich Novy <jnovy>
Status: CLOSED ERRATA QA Contact: Yuhui Jiang <yujiang>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: CentOS StreamCC: ajia, apevec, bbaude, bstinson, dwalsh, jnovy, jpretori, jwboyer, lmiccini, lsm5, mboddu, mheon, pthomas, redhat-bugzilla, tsweeney
Target Milestone: rcKeywords: Regression, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: podman-4.6.1-2.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-11-07 08:34:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Takashi Kajinami 2023-08-09 01:48:30 UTC 
Description of problem:

We noticed that podman-4.6.0-3.el9.x86_64 does not handle multi-line values passed to the --env option
and it only accepts the first line.

+ podman inspect container-puppet-memcached
[
     {
          "Id": "36166f7f5e31e581e3b17db5b02b80bfb11204a24d6923cce3c938aaa612ae07",
          ...
          "Config": {
               ...
               "Env": [
                    "NET_HOST=true",
                    "DEBUG=false",
                    "HOSTNAME=standalone",
                    "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                    "container=oci",
                    "PUPPET_TAGS=file,file_line,concat,augeas,cron,file",
                    "STEP=6",
                    "LANG=en_US.UTF-8",
                    "NAME=memcached",
                    "STEP_CONFIG=include ::tripleo::packages", <=====(*)
                    "HOME=/root"
               ],
               ...
     }
}

This problem was not seen when podman-4.6.0-1.el9.x86_64 is used.

+ podman inspect container-puppet-memcached
[
     {
          "Id": "36166f7f5e31e581e3b17db5b02b80bfb11204a24d6923cce3c938aaa612ae07",
          ...
          "Config": {
               ...
               "Env": [
                    "NET_HOST=true",
                    "NO_ARCHIVE=",
                    "TERM=xterm",
                    "container=oci",
                    "STEP=6",
                    "DEBUG=false",
                    "HOSTNAME=standalone",
                    "PUPPET_TAGS=file,file_line,concat,augeas,cron,file",
                    "NAME=memcached",
                    "STEP_CONFIG=include ::tripleo::packages\ninclude tripleo::profile::base::memcached\n", <=====(*)
                    "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                    "LANG=en_US.UTF-8",
                    "HOME=/root"
               ],
               ...
     }
]

Version-Release number of selected component (if applicable):
podman-4.6.0-3.el9.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Create a container with an environment which has multi-line value
$ podman run -it --env foo="bar
baz" <image> /bin/bash

2. Echo the environment inside the container
# echo $foo

3. Check Config.Env of the container by inspect
$ podman inspect <container name>


Actual results:
The environment in container contains only the first line

```
[root@131d1dc33adc /]# echo $foo
bar
[root@131d1dc33adc /]#
```

```
$ podman inspect naughty_kowalevski | head -3
[
     {
          "Id": "131d1dc33adc781ad8f171b6d569321a8b35ed2e4831e5feb6109bcc8886e596",
          ...
               "Env": [
                    "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                    "container=podman",
                    "TERM=xterm",
                    "foo=bar",
                    "HOME=/root",
                    "HOSTNAME=131d1dc33adc"
               ],

```

Expected results:
The environment in container contains all the lines

```
[root@cecaed241326 /]# echo $foo
bar baz
[root@cecaed241326 /]#
```

```
$ podman inspect agitated_hamilton
[
     {
          "Id": "cecaed2413262f4e19e1e0dce64b1bfaa0db23032aece7a924293974aafe08b5",
          ...
               "Env": [
                    "container=podman",
                    "foo=bar\nbaz",
                    "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                    "TERM=xterm",
                    "HOME=/root",
                    "HOSTNAME=cecaed241326"
               ],
```

Additional info:
This issue was initially found in the TripleO project in OpenStack.
Comment 1 Takashi Kajinami 2023-08-09 03:45:32 UTC 
We currently suspect the new version contains https://github.com/containers/podman/pull/19096 and that causes the problem.
(though it does not make very good sense that such as change can be pulled in a revision change)
Comment 2 Takashi Kajinami 2023-08-09 03:54:57 UTC 
I checked c9s distgit and confirmed that the -3 containers change for https://github.com/containers/podman/pull/19096 while -1 does not contain it.
I've reported the issue in that PR but we have to get it fixed in podman and pull the fix into the c9s package.
Comment 3 Black-Hole 2023-08-09 06:12:20 UTC 
Fix PR: https://github.com/containers/podman/pull/19560
Comment 13 errata-xmlrpc 2023-11-07 08:34:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: podman security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:6474