search

saltstack / salt

Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:
https://repo.saltproject.io/
Apache License 2.0
14.11k stars 5.47k forks source link

[BUG] egrep is obsolescent -- use grep -E instead #65608

Open leifliddy opened 10 months ago

leifliddy commented 10 months ago

Description Use of egrep is causing issues with Fedora 39

Setup Given the following sls file

selinux_policy_media_downloads_present:
  selinux.fcontext_policy_present:
    - name:     /media/downloads(/.*)?
    - sel_type: container_file_t

When run on a Fedora 39 system will result in 

local:
----------
          ID: selinux_policy_media_downloads_present
    Function: selinux.fcontext_policy_present
        Name: /media/downloads(/.*)?
      Result: False
     Comment: An exception occurred in this state: Traceback (most recent call last):
                File "/usr/lib/python3.12/site-packages/salt/state.py", line 2381, in call
                  ret = self.states[cdata["full"]](
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 159, in __call__
                  ret = self.loader.run(run_func, *args, **kwargs)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1245, in run
                  return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1260, in _run_as
                  return _func_or_method(*args, **kwargs)
               selinux_policy_media_downloads_present:
  selinux.fcontext_policy_present:
    - name:     /media/downloads(/.*)?
    - sel_type: container_file_t
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1293, in wrapper
                  return f(*args, **kwargs)
                         ^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/states/selinux.py", line 326, in fcontext_policy_present
                  current_state = __salt__["selinux.fcontext_get_policy"](
                                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 159, in __call__
                  ret = self.loader.run(run_func, *args, **kwargs)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1245, in run
                  return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/loader/lazy.py", line 1260, in _run_as
                  return _func_or_method(*args, **kwargs)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/usr/lib/python3.12/site-packages/salt/modules/selinux.py", line 509, in fcontext_get_policy
                  "filespec": parts.group(1).strip(),
                              ^^^^^^^^^^^
              AttributeError: 'NoneType' object has no attribute 'group'
     Started: 12:36:08.584306
    Duration: 183.601 ms
     Changes:

And that has to do with with code block in /usr/lib/python3.12/site-packages/salt/modules/selinux.py

    cmd = (
        "semanage fcontext -l | egrep "
        + "'^{filespec}{spacer}{filetype}{spacer}{sel_user}:{sel_role}:{sel_type}:{sel_level}{ospacer}$'".format(
            **cmd_kwargs
        )
    )

    current_entry_text = __salt__["cmd.shell"](cmd, ignore_retcode=True)
    if current_entry_text == "":
        return None

What happens in this instance is that current_entry_text returns egrep: warning: egrep is obsolescent; using grep -E And therefore it won't return None

What needs to be done is to replace all instances of egrep with grep -E As egrep has been deprecated since grep 3.8 https://github.com/koalaman/shellcheck/wiki/SC2196 https://www.phoronix.com/news/GNU-Grep-3.8-Stop-egrep-fgrep

Versions Report

salt --versions-report (Provided by running salt --versions-report. Please also mention any differences in master/minion versions.) ```yaml Python Version: Python: 3.12.0 (main, Oct 2 2023, 00:00:00) [GCC 13.2.1 20230918 (Red Hat 13.2.1-3)] Dependency Versions: cffi: 1.15.1 cherrypy: Not Installed dateutil: 2.8.2 docker-py: Not Installed gitdb: Not Installed gitpython: Not Installed Jinja2: 3.1.2 libgit2: 1.7.1 looseversion: 1.3.0 M2Crypto: Not Installed Mako: Not Installed msgpack: 1.0.5 msgpack-pure: Not Installed mysql-python: Not Installed packaging: 23.1 pycparser: 2.20 pycrypto: Not Installed pycryptodome: 3.19.0 pygit2: 1.13.0 python-gnupg: 0.5.0 PyYAML: 6.0.1 PyZMQ: 25.1.0 relenv: Not Installed smmap: Not Installed timelib: Not Installed Tornado: 6.3.3 ZMQ: 4.3.4 System Versions: dist: fedora 39 locale: utf-8 machine: x86_64 release: 6.5.11-300.fc39.x86_64 system: Linux version: Fedora Linux 39 (Provided by running salt --versions-report. Please also mention any differences in master/minion versions.) ```

Additional context I would do a PR for this -- but I had a really bad experience doing so Case in point -- I've got this PR pending https://github.com/saltstack/salt/pull/62852

It was approved, but never merged -- I've pinged the reviewers multiple times -- and have received nothing but radio silence. Seriously -- how do you expect people to put in the work to submit a PR when you can't get a single reviewer to respond in over a month!?

OrangeDog commented 10 months ago

egrep has been deprecated since 2.5.3 (2007). This message was only added in 3.8.