Re: git: 4deb9760a9d8 - main - rc: Disable pathname expansion when calling run_rc_command()
Date: Sat, 28 Jun 2025 05:08:38 UTC
----Security_Multipart(Sat_Jun_28_14_08_38_2025_065)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Mark Johnston <markj@freebsd.org> wrote in <aF784OsScoJD_CEs@nuc>: ma> On Fri, Jun 27, 2025 at 12:37:52PM -0700, Gleb Smirnoff wrote: ma> > On Fri, Jun 27, 2025 at 08:56:23PM +0200, Baptiste Daroussin wrote: ma> > B> On Wed 18 Jun 10:13, Mark Johnston wrote: ma> > B> > On Thu, Jun 12, 2025 at 06:20:26PM +0000, Hiroki Sato wrote: ma> > B> > > The branch main has been updated by hrs: ma> > B> > > ma> > B> > > URL: https://cgit.FreeBSD.org/src/commit/?id=4deb9760a9d84d5861ee45162ffebe83f13503b8 ma> > B> > > ma> > B> > > commit 4deb9760a9d84d5861ee45162ffebe83f13503b8 ma> > B> > > Author: Hiroki Sato <hrs@FreeBSD.org> ma> > B> > > AuthorDate: 2025-06-12 18:19:32 +0000 ma> > B> > > Commit: Hiroki Sato <hrs@FreeBSD.org> ma> > B> > > CommitDate: 2025-06-12 18:19:32 +0000 ma> > B> > > ma> > B> > > rc: Disable pathname expansion when calling run_rc_command() ma> > B> > > ma> > B> > > Variables for command-line options like $foo_flags can contain characters ma> > B> > > that perform pathname expansions, such as '[', ']', and '*'. They were ma> > B> > > passed without escaping, and the matched entries in the working directory ma> > B> > > affected the command-line options. This change turns off the expansion ma> > B> > > when run_rc_command() is called. ma> > B> > > ma> > B> > > While this changes the current behavior, an invocation of a service ma> > B> > > program should not depend on entries in the working directory. ma> > B> > ma> > B> > This also turns off globbing for /etc/rc.local, which broke one of my ma> > B> > scripts. Was that intentional? If so, we should really document it in ma> > B> > RELNOTES at the very least. ma> > B> ma> > B> This broke nuageinit which rely on globbing to in nuageinit_start, that this ma> > B> change also broke. ma> > B> ma> > B> So many downstream CI are now broken, due to this change. ma> > ma> > Given that Hiroki is not reacting on this email thread neither in ma> > https://reviews.freebsd.org/D51043, I would like to revert this change. I'd ma> > like also remind that the problem was discovered during the stabweek testing. ma> > Although we thawed the freeze, but we are still working on a good known stable ma> > revision for June. ma> > ma> > Any objections? ma> > ma> > Adding srcmgr@ ma> ma> I've reverted the change (and a follow-up fix) for now. I am sorry for not responding in a timely manner. I overlooked the impact and needed to revert it promptly. The original problem with globbing still remains, so I will submit another patch for review shortly. -- Hiroki ----Security_Multipart(Sat_Jun_28_14_08_38_2025_065)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iMgEABMKAC4WIQRsDSNTJ8+Ax5Ae/dLbsH3Gbx9zfwUCaF941hAcaHJzQGZyZWVi c2Qub3JnAAoJENuwfcZvH3N/eHsCCIx24qwcu54+4PS4geIqRBz3/7KrQbzlN6no UZS2d5/TE5jtyCZL3b15LC2IbRe2rCrgKjFwgWoIgB+4Qzsb2wA2AgixvAvvVa+i r6yrnfq787/CCAQqElk0fRFTXSKHexo1LzR/aPjHGWFM8NxGw/S5wcOyX751GFod gBMXED06SqXaNw== =T1Bg -----END PGP SIGNATURE----- ----Security_Multipart(Sat_Jun_28_14_08_38_2025_065)----