search

sprinkle-tool / sprinkle

Sprinkle is a software provisioning tool you can use to build remote servers with. eg. to install a Rails, or Sinatra stack on a brand new slice directly after its been created
https://github.com/sprinkle-tool/sprinkle
MIT License
1.15k stars 138 forks source link

Escape problem with push_text #107

Closed teonimesic closed 11 years ago

teonimesic commented 11 years ago

I've started using sprinkle today, but run into an error when using push_text. Im trying to create a recipe to upload my id_pub to a remote server. the code looks something like this:

package :add_my_key_to_authorized do
  config_file = "/home/#{$user}/.ssh/authorized_keys"
  config_text = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxkspYMg1e6c/gBa6hfDr/9ZceMv9tsz5gFpah+uY9Wx7WbySCJMuFQAAal4iNUGJv6M2kmAhtpgr+8UwDTuwYTbYaG62GBoU2w7N4kzsHh91jYcP2RL+u+rQSwukOQMs6GnIlt5ozZQ2x+qJc7lJGOnh1xGD8USr7WrmnvRYsoSHAlWb8yXV2Ygea5g9+yyiwQCLA1T9YEQNvPKJx89uvf4WGVhLVpaiPdM5B5D8bL2WeJ3fDBiWF8VGRpbiIitY06wkMC7dBq/siB38HIbDvHahu1+DWo61jQxX/zCzrfPkR45VskbxEM4KasHW2G75RMJlG6XG4XaL8PttYNaskw== stefano@stefano-work"
  push_text config_text, config_file, sudo: false

  verify do
    file_contains config_file, config_text
  end
end

The problem is that push_text is ecaping all '/' into '\/', so the final file actually looks like:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxkspYMg1e6c\/gBa6hfDr\/9ZceMv9tsz5gFpah+uY9Wx7WbySCJMuFQAAal4iNUGJv6M2kmAhtpgr+8UwDTuwYTbYaG62GBoU2w7N4kzsHh91jYcP2RL+u+rQSwukOQMs6GnIlt5ozZQ2x+qJc7lJGOnh1xGD8USr7WrmnvRYsoSHAlWb8yXV2Ygea5g9+yyiwQCLA1T9YEQNvPKJx89uvf4WGVhLVpaiPdM5B5D8bL2WeJ3fDBiWF8VGRpbiIitY06wkMC7dBq\/siB38HIbDvHahu1+DWo61jQxX\/zCzrfPkR45VskbxEM4KasHW2G75RMJlG6XG4XaL8PttYNaskw== stefano@stefano-work
teonimesic commented 11 years ago

I am using sprinkle 0.5.2, and found this error for ruby 2.0.0-p0 and 1.9.3-p392

teonimesic commented 11 years ago

It also happens with ruby 1.8.7 (2012-02-08 patchlevel 358) [universal-darwin12.0]

teonimesic commented 11 years ago

Also its worth to mention that the verification fails, since the file and the text are actually different.

joshgoebel commented 11 years ago

Can you test against sprinkle master from github?

teonimesic commented 11 years ago

The same problem occurs on master from github

joshgoebel commented 11 years ago

escape_shell_arg is messed up but it's used by push_text and replace_text in slightly different ways. Shell escaping isn't my area of expertise.

joshgoebel commented 11 years ago

I bet it's doing the right thing for sed but not for echo?

teonimesic commented 11 years ago

changing line 94 ( in file lib/sprinkle/installers/installer.rb on version 0.5.2 ) from str.gsub("'", "'\\\\''").gsub("/", "\\\\/").gsub("\n", '\n').gsub('&', '\\\&') to str.gsub("'", "'\\\\''").gsub("\n", '\n').gsub('&', '\\\&') (basically removing the second gsub) solves the issue. I guess echo needs to use a different method or something.

joshgoebel commented 11 years ago

Fix should be in master. Confirm?

joshgoebel commented 11 years ago

If you confirm this is good I'll drop sprinkle 0.6.

joshgoebel commented 11 years ago

Fix: https://github.com/sprinkle-tool/sprinkle/commit/d769804d9ce985ff17a652281b27317d7a7fcbb0