Description
Normally, I would not want odd characters like parentheses in these variables. We have USERTOKEN being set to a generated release string by Bamboo, which deploys the application. For reasons not entirely clear (but having to do with the deployment task being re-run), Bamboo generated a release string like "release-8_(2)" instead of "release-9", because "release-8" already existed. This caused the script to fail to start the Java application.
If USERTOKEN or {{ENV}} has a shell-special character such as “(”, the script {{catalina.sh}} breaks with the error:
/opt/tomee/bin/catalina.sh: eval: line 427: syntax error near unexpected token `(' |
Here is the context of this script where the error occurs:
426 else |
427 eval exec "\"$_RUNJAVA\"" "\"$CATALINA_LOGGING_CONFIG\"" $LOGGING_MANAGER "$JAVA_OPTS" "$CATALINA_OPTS" \ |
428 -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \ |
429 -classpath "\"$CLASSPATH\"" \ |
|
This is caused by the script {{setenv.sh}} not having quotes around the parameters of {}{{CATALINA_OPTS{}}}.
Here is a simulation of the error:
$ env -i USERTOKEN="foo(2)" bash --norc --noprofile -x -c 'source ./container_files/tomee/bin/setenv.sh; eval echo "$CATALINA_OPTS"' + source ./container_files/tomee/bin/setenv.sh ++ CLASSPATH='/opt/tomee/bin/*' ++ CATALINA_OPTS='-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8 ' ++ LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager + eval echo '-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8 ' bash: eval: line 0: syntax error near unexpected token `(' bash: eval: line 0: `echo -Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8 ' |
The fix is to just put single-quotes around environment variables. Since they’re within double-quotes, the variable is still expanded and the single-quotes retained, so when {{CATALINA_OPTS}} is expanded in the {}{{eval{}}}, the quotes are retained.
diff --git a/container_files/tomee/bin/setenv.sh b/container_files/tomee/bin/setenv.sh
|
index 603fc570a0..403e241bda 100755 |
--- a/container_files/tomee/bin/setenv.sh
|
+++ b/container_files/tomee/bin/setenv.sh
|
@@ -1,4 +1,4 @@ |
CLASSPATH=/opt/tomee/bin/*
|
#JAVA_OPTS="-Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV=$ENV -DUSERTOKEN=$USERTOKEN" |
-CATALINA_OPTS="-Xmx$GROUPER_MAX_MEMORY -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV=$ENV -DUSERTOKEN=$USERTOKEN -Dfile.encoding=UTF-8 $GROUPER_EXTRA_CATALINA_OPTS" |
+CATALINA_OPTS="-Xmx$GROUPER_MAX_MEMORY -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV='$ENV' -DUSERTOKEN='$USERTOKEN' -Dfile.encoding=UTF-8 $GROUPER_EXTRA_CATALINA_OPTS" |
LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager
|
Here is the simulation with the change applied:
$ env -i USERTOKEN="foo(2)" bash --norc --noprofile -x -c 'source ./container_files/tomee/bin/setenv.sh; eval echo "$CATALINA_OPTS"' |
+ source ./container_files/tomee/bin/setenv.sh
|
++ CLASSPATH='/opt/tomee/bin/*' |
++ CATALINA_OPTS='-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV='\'''\'' -DUSERTOKEN='\''foo(2)'\'' -Dfile.encoding=UTF-8 ' |
++ LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager
|
+ eval echo '-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV='\'''\'' -DUSERTOKEN='\''foo(2)'\'' -Dfile.encoding=UTF-8 ' |
++ echo -Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= '-DUSERTOKEN=foo(2)' -Dfile.encoding=UTF-8 |
-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8 |