git: 0ba9b7b7f815 - main - nuageinit: fix update_sshd_config crash when file does not exist

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Baptiste Daroussin <bapt_at_FreeBSD.org>
Date: Thu, 04 Jun 2026 21:15:47 UTC
The branch main has been updated by bapt:

URL: https://cgit.FreeBSD.org/src/commit/?id=0ba9b7b7f815b57f1c121b0f78eaee02d2cdd414

commit 0ba9b7b7f815b57f1c121b0f78eaee02d2cdd414
Author:     Baptiste Daroussin <bapt@FreeBSD.org>
AuthorDate: 2026-06-04 19:10:37 +0000
Commit:     Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2026-06-04 19:10:37 +0000

    nuageinit: fix update_sshd_config crash when file does not exist
    
    Previously update_sshd_config() would assert-fail if sshd_config did
    not exist. Now it creates a new file with the given key/value.
    
    Also replace the fragile simultaneous r+ + temp file approach with
    a cleaner read-then-write pattern: read all lines into memory, modify
    as needed, then write to a temp file and rename. All assert() calls
    replaced with proper error handling via warnmsg().
    
    Add test case for missing file creation.
---
 libexec/nuageinit/nuage.lua                    | 43 +++++++++++++++++++-------
 libexec/nuageinit/tests/update_sshd_config.lua |  7 +++++
 2 files changed, 38 insertions(+), 12 deletions(-)

diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua
index 56d1ccf9d52e..bdd4bf60007e 100644
--- a/libexec/nuageinit/nuage.lua
+++ b/libexec/nuageinit/nuage.lua
@@ -493,30 +493,49 @@ local function update_sshd_config(key, value)
 	if root then
 		sshd_config = root .. sshd_config
 	end
-	local f = assert(io.open(sshd_config, "r+"))
-	local tgt = assert(io.open(sshd_config .. ".nuageinit", "w"))
+	local f = io.open(sshd_config, "r")
+	if not f then
+		-- File does not exist, create it with the given key/value
+		f = io.open(sshd_config, "w")
+		if not f then
+			warnmsg("Unable to open " .. sshd_config .. " for writing")
+			return
+		end
+		f:write(key .. " " .. value .. "\n")
+		f:close()
+		return
+	end
+	-- Read existing content
+	local lines = {}
 	local found = false
 	local pattern = "^%s*"..key:lower().."%s+(%w+)%s*#?.*$"
-	while true do
-		local line = f:read()
-		if line == nil then break end
+	for line in f:lines() do
 		local _, _, val = line:lower():find(pattern)
 		if val then
 			found = true
-			if val == value then
-				assert(tgt:write(line .. "\n"))
+			if val ~= value then
+				table.insert(lines, key .. " " .. value)
 			else
-				assert(tgt:write(key .. " " .. value .. "\n"))
+				table.insert(lines, line)
 			end
 		else
-			assert(tgt:write(line .. "\n"))
+			table.insert(lines, line)
 		end
 	end
+	f:close()
 	if not found then
-		assert(tgt:write(key .. " " .. value .. "\n"))
+		table.insert(lines, key .. " " .. value)
 	end
-	assert(f:close())
-	assert(tgt:close())
+	-- Write back
+	f = io.open(sshd_config .. ".nuageinit", "w")
+	if not f then
+		warnmsg("Unable to open " .. sshd_config .. ".nuageinit for writing")
+		return
+	end
+	for _, l in ipairs(lines) do
+		f:write(l .. "\n")
+	end
+	f:close()
 	os.rename(sshd_config .. ".nuageinit", sshd_config)
 end
 
diff --git a/libexec/nuageinit/tests/update_sshd_config.lua b/libexec/nuageinit/tests/update_sshd_config.lua
index ac56c29986ac..95aea59bd993 100644
--- a/libexec/nuageinit/tests/update_sshd_config.lua
+++ b/libexec/nuageinit/tests/update_sshd_config.lua
@@ -70,4 +70,11 @@ if read_config() ~= "PasswordAuthentication yes\n" then
 	n.err("Extra spaces handling failed: '" .. read_config() .. "'")
 end
 
+-- File does not exist: should be created with key/value
+os.remove(sshd_config)
+n.update_sshd_config("PasswordAuthentication", "yes")
+if read_config() ~= "PasswordAuthentication yes\n" then
+	n.err("Missing file: should create: '" .. read_config() .. "'")
+end
+
 os.exit(0)