[pve-devel] [PATCH] Check only first part of script parameter for executability
Thomas Lamprecht
t.lamprecht at proxmox.com
Thu Oct 21 11:05:30 CEST 2021
Hi,
thanks for your effort in contributing to Proxmox VE!
A few things inline
On 21.10.21 10:46, Phillipp Röll wrote:
> When giving a script parameter including arguments to the dump process,
> the full script parameter including the arguments is checked for
> executablility. The following will always abort with a "not executable"
> error:
>
> vzdump 100 --script "/usr/local/bin/myscript.pl myarg"
>
> If we split the script argument and check only the first part, the
> check works as expected.
your sign-off is missing here and it doesn't seems like we have a signed
CLA from you or your company here, and to be able to take in a patch you'd
need to send one to <office at proxmox.com>. For details please check:
https://pve.proxmox.com/wiki/Developer_Documentation#Software_License_and_Copyright
> ---
> PVE/VZDump.pm | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/PVE/VZDump.pm b/PVE/VZDump.pm
> index 88ac11b3..fe1a7f23 100644
> --- a/PVE/VZDump.pm
> +++ b/PVE/VZDump.pm
> @@ -630,7 +630,9 @@ sub run_hook_script {
> my $script = $opts->{script};
> return if !$script;
>
> - if (!-x $script) {
> + my @script_args = split /\s+/, $script;
That would break existing configuration that use a script with whitespace in its
path name.
Can you please provide your usecase where the arguments Proxmox VE sets for the
script aren't enough? So that we've a better picture about possible options.
cheers,
Thomas
More information about the pve-devel
mailing list