Red Hat Bugzilla – Bug 1020279
HA LVM resource script does shell expansion
Last modified: 2014-09-15 20:29:00 EDT
Description of problem:
In /usr/share/cluster/lvm.sh line 81 when checking for if initrd has been updated the following line is used:
(if [ "$(find /boot -name *.img -newer /etc/lvm/lvm.conf)" == "" ];)
If the current directory contains any files ending with img, the asterisk will be expanded according to path names, which will cause the find to fail due to syntax error.
Protecting the asterisk with quotes or backslash will solve the problem.
Version-Release number of selected component (if applicable):
The problem is basically that customer happened to create a couple of file with the .img extension in / and that caused the asterisk in lvm.sh to expand rather then being passed verbatim to 'find' I believe the patch solves the issue but it could be worth scanning the resource agents for more similar flaws.
diff -up rgmanager-2.0.52/src/resources/lvm.sh.no-shell-expansion rgmanager-2.0.52/src/resources/lvm.sh
--- rgmanager-2.0.52/src/resources/lvm.sh.no-shell-expansion 2013-10-09 10:02:13.000000000 +0200
+++ rgmanager-2.0.52/src/resources/lvm.sh 2013-10-09 10:03:53.000000000 +0200
@@ -105,7 +105,7 @@ function ha_lvm_proper_setup_check
# the control of rgmanager
# Fixme: we might be able to perform a better check...
- if [ "$(find /boot -name *.img -newer /etc/lvm/lvm.conf)" == "" ]; then
+ if [ "$(find /boot -name '*.img' -newer /etc/lvm/lvm.conf)" == "" ]; then
ocf_log err "HA LVM: Improper setup detected"
ocf_log err "- initrd image needs to be newer than lvm.conf"
Author: Ryan McCabe <firstname.lastname@example.org>
Date: Thu Mar 13 13:42:50 2014 -0400
rgmanager: lvm.sh: Prevent shell expansion when calling the find command
Prevent shell expansion of * when calling the find command.
Signed-off-by: Ryan McCabe <email@example.com>
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.