KeyDB icon indicating copy to clipboard operation
KeyDB copied to clipboard
verified publisher icon Snapchat

[BUG] Config file incorrectly indicates globbing/wildcards support

Open nf-brentsaner opened this issue 1 year ago • 0 comments

Describe the bug

The shipped example keydb.conf config includes:

# Included paths may contain wildcards. All files matching the wildcards will
# be included in alphabetical order.
# Note that if an include path contains a wildcards but no files match it when
# the server is started, the include statement will be ignored and no error will
# be emitted.  It is safe, therefore, to include wildcard files from empty
# directories.
#
# include /path/to/local.conf
# include /path/to/other.conf
# include /path/to/fragments/*.conf

If one actually does try to specify a globbed include, however:

keydb@[REDACTED]:/tmp $ whoami
keydb

keydb@[REDACTED]:/tmp $ grep -E '^\s*include\s+' /etc/keydb/keydb.conf
include /etc/keydb/conf.d/*.conf

keydb@[REDACTED]:/tmp $ /usr/bin/keydb-server /etc/keydb/keydb.conf --daemonize no --dir /var/lib/keydb --unixsocket /var/run/keydb/keydb.sock --enable-motd no --pidfile /var/run/keydb/keydb.pid --loglevel verbose
525610:525610:C 11 Oct 2024 03:32:13.551 # Fatal error, can't open config file '/etc/keydb/conf.d/*.conf': No such file or directory

keydb@[REDACTED]:/tmp $ ls -la /etc/keydb/conf.d/*.conf
-rw-r-----. 1 keydb keydb  4639 Sep 26 17:56 /etc/keydb/conf.d/00_network.conf
-rw-r-----. 1 keydb keydb  5868 Sep 26 17:56 /etc/keydb/conf.d/01_tls_ssl.conf
-rw-r-----. 1 keydb keydb 14165 Sep 26 17:56 /etc/keydb/conf.d/04_replication.conf
-rw-r-----. 1 keydb keydb 11501 Sep 26 17:56 /etc/keydb/conf.d/06_security.conf

This is due to the path itself being sent completely unevaluated/completely literal and un-iterated directly to openat(2):

keydb@[REDACTED]:/tmp $ strace /usr/bin/keydb-server /etc/keydb/keydb.conf --daemonize no --dir /var/lib/keydb --unixsocket /var/run/keydb/keydb.sock --enable-motd no --pidfile /var/run/keydb/keydb.pid --loglevel verbose

# ...
read(5, "s set 1.\n#\n# Note: KeyDB does no"..., 4096) = 2790
read(5, "", 4096)                       = 0
close(5)                                = 0
chdir("./")                             = 0
openat(AT_FDCWD, "/etc/keydb/conf.d/*.conf", O_RDONLY) = -1 ENOENT (No such file or directory)
getpid()                                = 525181
getpid()                                = 525181
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...}) = 0
write(1, "525181:525181:C 11 Oct 2024 03:2"..., 133) = 133
exit_group(1)                           = ?
+++ exited with 1 +++
# ...

To reproduce

Try to include with a glob/wildcard.

Expected behavior

Globbing/wildcarding works as promised/demonstrated per documentation.

Additional information

N/A.

nf-brentsaner avatar Oct 11 '24 03:10 nf-brentsaner