Bug 1020279 - HA LVM resource script does shell expansion
HA LVM resource script does shell expansion
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: rgmanager (Show other bugs)
Unspecified Unspecified
medium Severity medium
: rc
: ---
Assigned To: Ryan McCabe
Cluster QE
Depends On:
Blocks: 984996 1049888
  Show dependency treegraph
Reported: 2013-10-17 07:22 EDT by Josef Zimek
Modified: 2014-09-15 20:29 EDT (History)
7 users (show)

See Also:
Fixed In Version: rgmanager-2.0.52-51.el5
Doc Type: Bug Fix
Doc Text:
Due to a syntax error in the underlying source code, the "find" command failed to find files whose names ended with the ".img" suffix. This update applies a patch to fix this bug and the command now works as expected.
Story Points: ---
Clone Of:
Last Closed: 2014-09-15 20:29:00 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Josef Zimek 2013-10-17 07:22:23 EDT
Description of problem:

In /usr/share/cluster/lvm.sh line 81 when checking for if initrd has been updated the following line is used:

(if [ "$(find /boot -name *.img -newer /etc/lvm/lvm.conf)" == "" ];)

If the current directory contains any files ending with img, the asterisk will be expanded according to path names, which will cause the find to fail due to syntax error.

Protecting the asterisk with quotes or backslash will solve the problem.

Version-Release number of selected component (if applicable):

Additional info:

The problem is basically that customer happened to create a couple of file with the .img extension in / and that caused the asterisk in lvm.sh to expand rather then being passed verbatim to 'find' I believe the patch solves the issue but it could be worth scanning the resource agents for more similar flaws.

diff -up rgmanager-2.0.52/src/resources/lvm.sh.no-shell-expansion rgmanager-2.0.52/src/resources/lvm.sh
--- rgmanager-2.0.52/src/resources/lvm.sh.no-shell-expansion	2013-10-09 10:02:13.000000000 +0200
+++ rgmanager-2.0.52/src/resources/lvm.sh	2013-10-09 10:03:53.000000000 +0200
@@ -105,7 +105,7 @@ function ha_lvm_proper_setup_check
 	# the control of rgmanager
 	# Fixme: we might be able to perform a better check...
-	if [ "$(find /boot -name *.img -newer /etc/lvm/lvm.conf)" == "" ]; then
+	if [ "$(find /boot -name '*.img' -newer /etc/lvm/lvm.conf)" == "" ]; then
 		ocf_log err "HA LVM:  Improper setup detected"
 		ocf_log err "- initrd image needs to be newer than lvm.conf"
Comment 4 Ryan McCabe 2014-03-13 13:44:33 EDT
commit a2140f35bd8cd7b01cbf8c94f9fd7e12b6b59302
Author: Ryan McCabe <rmccabe@redhat.com>
Date:   Thu Mar 13 13:42:50 2014 -0400

    rgmanager: lvm.sh: Prevent shell expansion when calling the find command
    Prevent shell expansion of * when calling the find command.
    Resolves: rhbz#1020279
    Signed-off-by: Ryan McCabe <rmccabe@redhat.com>
Comment 9 errata-xmlrpc 2014-09-15 20:29:00 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.