Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-3989

Error in container scripts if USERTOKEN or ENV has shell-special character

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • 2.6.10, 2.5.64
    • 2.6.5.3
    • container
    • None

    Description

      Normally, I would not want odd characters like parentheses in these variables. We have USERTOKEN being set to a generated release string by Bamboo, which deploys the application. For reasons not entirely clear (but having to do with the deployment task being re-run), Bamboo generated a release string like "release-8_(2)" instead of "release-9", because "release-8" already existed.  This caused the script to fail to start the Java application.

      If USERTOKEN or {{ENV}} has a shell-special character such as “(”, the script {{catalina.sh}} breaks with the error:

      /opt/tomee/bin/catalina.sh: eval: line 427: syntax error near unexpected token `('

      Here is the context of this script where the error occurs:

      426 else
      		 
      427 eval exec "\"$_RUNJAVA\"" "\"$CATALINA_LOGGING_CONFIG\"" $LOGGING_MANAGER "$JAVA_OPTS" "$CATALINA_OPTS" \
      		 
      428 -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \
      		 
      429 -classpath "\"$CLASSPATH\"" \

      This is caused by the script {{setenv.sh}} not having quotes around the parameters of {}{{CATALINA_OPTS{}}}.

      Here is a simulation of the error:

      $ env -i USERTOKEN="foo(2)" bash --norc --noprofile -x -c 'source ./container_files/tomee/bin/setenv.sh; eval echo "$CATALINA_OPTS"' + source ./container_files/tomee/bin/setenv.sh ++ CLASSPATH='/opt/tomee/bin/*' ++ CATALINA_OPTS='-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8 ' ++ LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager + eval echo '-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8 ' bash: eval: line 0: syntax error near unexpected token `(' bash: eval: line 0: `echo -Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8 '

      The fix is to just put single-quotes around environment variables. Since they’re within double-quotes, the variable is still expanded and the single-quotes retained, so when {{CATALINA_OPTS}} is expanded in the {}{{eval{}}}, the quotes are retained.

      diff --git a/container_files/tomee/bin/setenv.sh b/container_files/tomee/bin/setenv.sh
      		 
      index 603fc570a0..403e241bda 100755
      		 
      --- a/container_files/tomee/bin/setenv.sh
      		 
      +++ b/container_files/tomee/bin/setenv.sh
      		 
      @@ -1,4 +1,4 @@
      		 
       CLASSPATH=/opt/tomee/bin/*
      		 
       #JAVA_OPTS="-Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV=$ENV -DUSERTOKEN=$USERTOKEN"
      		 
      -CATALINA_OPTS="-Xmx$GROUPER_MAX_MEMORY -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV=$ENV -DUSERTOKEN=$USERTOKEN -Dfile.encoding=UTF-8 $GROUPER_EXTRA_CATALINA_OPTS"
      		 
      +CATALINA_OPTS="-Xmx$GROUPER_MAX_MEMORY -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV='$ENV' -DUSERTOKEN='$USERTOKEN' -Dfile.encoding=UTF-8 $GROUPER_EXTRA_CATALINA_OPTS"
      		 
       LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager

      Here is the simulation with the change applied:

      $ env -i USERTOKEN="foo(2)" bash --norc --noprofile -x -c 'source ./container_files/tomee/bin/setenv.sh; eval echo "$CATALINA_OPTS"'
      		 
      + source ./container_files/tomee/bin/setenv.sh
      		 
      ++ CLASSPATH='/opt/tomee/bin/*'
      		 
      ++ CATALINA_OPTS='-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV='\'''\'' -DUSERTOKEN='\''foo(2)'\'' -Dfile.encoding=UTF-8 '
      		 
      ++ LOGGING_MANAGER=-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager
      		 
      + eval echo '-Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV='\'''\'' -DUSERTOKEN='\''foo(2)'\'' -Dfile.encoding=UTF-8 '
      		 
      ++ echo -Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= '-DUSERTOKEN=foo(2)' -Dfile.encoding=UTF-8
      		 
      -Xmx -XX:+UseG1GC -XX:+UseStringDeduplication -Dlog4j.configurationFile=/opt/tomee/conf/log4j2.xml -DENV= -DUSERTOKEN=foo(2) -Dfile.encoding=UTF-8

      Attachments

        Activity

          People

            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            wil.cooley@at.internet2.edu Wil Cooley
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: