stacki For "stack add/set" attribute commands, reject attributes or values that would cause kickstart to fail

For "stack add/set" attribute commands, reject attributes or values that would cause kickstart to fail

Open gregorybruno opened this issue 9 years ago • 4 comments

Jun 27 '15 18:06 gregorybruno

Okay, so I can't make it fail with special characters.

I can make it fail with an attribute that has the entire id_rsa key in it, but a backend install only sort of fails.

It pops you to a screen like this:

backend-0-0

Click okay and then the node installs and the ssh key is where it's supposed to be.

If you put an xml entity in as an attribute, like this:

stack set attr attr=testattr value='ipaddr = &hostaddr;'

You'll get:

ipaddr = &hostaddr;

not

ipaddr = 192.168.55.55

because the parser only parses the xml the first time around.

So this is more like under the heading of: "Don't do that." The question is whether or not it's worth trying to catch a "don't do that."

Sep 29 '15 17:09 jlkaiser

I take it back. I made it fail about three months after I said I couldn't make it fail. Put a python dict in as an attribute, it let's you. Then use the attribute, it will barf.

Thanks,

Joe

Aug 02 '16 18:08 jlkaiser

Try calling saxutils.escape(string) and see if that fixes it.

Feb 28 '17 23:02 gregorybruno

I actually think this works in HEAD now. A few attributes are python types that are string-ified. Marking for testing.

Sep 28 '17 23:09 bsanders

stacki stacki copied to clipboard

For "stack add/set" attribute commands, reject attributes or values that would cause kickstart to fail

stacki
stacki copied to clipboard