* [pve-devel] [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve
@ 2024-01-29 15:43 Folke Gleumes
2024-01-29 15:43 ` [pve-devel] [PATCH container v2 2/2] pct: add keep-env option Folke Gleumes
2024-02-02 16:32 ` [pve-devel] applied: [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve Thomas Lamprecht
0 siblings, 2 replies; 6+ messages in thread
From: Folke Gleumes @ 2024-01-29 15:43 UTC (permalink / raw)
To: pve-devel
proxmox-perl-rs set's SSL_CERT_{DIR,FILE}, which can break ssl in
containers if their certificate store can't be found in the same spot.
This patch explicitly unsets those variables before starting the
container.
Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com>
---
Changes since v1:
* Add reevaluation notice for pve9
src/PVE/CLI/pct.pm | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm
index a0b9bce..091ac8e 100755
--- a/src/PVE/CLI/pct.pm
+++ b/src/PVE/CLI/pct.pm
@@ -143,6 +143,16 @@ __PACKAGE__->register_method ({
exec(@$cmd);
}});
+# TODO: Evaluate if still needed with PVE9
+sub clean_environment {
+ # These env variables are currently needed by PVE to work correctly with rust libraries,
+ # but can break ssl inside of containers.
+ # An explanation why they are needed and the code that sets them can be found here:
+ # https://git.proxmox.com/?p=proxmox-perl-rs.git;a=blob;f=common/pkg/Proxmox/Lib/SslProbe.pm
+ delete $ENV{SSL_CERT_FILE};
+ delete $ENV{SSL_CERT_DIR};
+};
+
__PACKAGE__->register_method ({
name => 'enter',
path => 'enter',
@@ -164,6 +174,7 @@ __PACKAGE__->register_method ({
PVE::LXC::Config->load_config($vmid); # test if container exists on this node
die "container '$vmid' not running!\n" if !PVE::LXC::check_running($vmid);
+ clean_environment();
exec('lxc-attach', '-n', $vmid);
}});
@@ -189,6 +200,7 @@ __PACKAGE__->register_method ({
die "missing command" if !@{$param->{'extra-args'}};
+ clean_environment();
exec('lxc-attach', '-n', $vmid, '--', @{$param->{'extra-args'}});
}});
--
2.39.2
^ permalink raw reply [flat|nested] 6+ messages in thread* [pve-devel] [PATCH container v2 2/2] pct: add keep-env option 2024-01-29 15:43 [pve-devel] [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve Folke Gleumes @ 2024-01-29 15:43 ` Folke Gleumes 2024-02-02 16:53 ` Thomas Lamprecht 2024-02-02 16:32 ` [pve-devel] applied: [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve Thomas Lamprecht 1 sibling, 1 reply; 6+ messages in thread From: Folke Gleumes @ 2024-01-29 15:43 UTC (permalink / raw) To: pve-devel The keep-env option allows the user to define if the current environment should be kept when running 'pct enter/exec'. pct will now always set '--keep-env' or '--discard-env' when calling lxc-attach to anticipate the upcoming change in default behavior. Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> --- This wasn't present in v1 src/PVE/CLI/pct.pm | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm index 091ac8e..7ce0de0 100755 --- a/src/PVE/CLI/pct.pm +++ b/src/PVE/CLI/pct.pm @@ -162,12 +162,21 @@ __PACKAGE__->register_method ({ additionalProperties => 0, properties => { vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }), + # TODO: set keep-env to default false with PVE 9 + 'keep-env' => { + type => 'boolean', + description => "Keep the current environment. This option will disabled by default with PVE 9. " + ."If you rely on a preserved environment, please use this option to be future-proof.", + optional => 1, + default => 1, + }, }, }, returns => { type => 'null' }, code => sub { my ($param) = @_; + my $keep_env = $param->{'keep-env'} // 1; # TODO: toggle with pve 9 my $vmid = $param->{vmid}; @@ -175,7 +184,7 @@ __PACKAGE__->register_method ({ die "container '$vmid' not running!\n" if !PVE::LXC::check_running($vmid); clean_environment(); - exec('lxc-attach', '-n', $vmid); + exec('lxc-attach', $keep_env ? '--keep-env' : '--clear-env', '-n', $vmid); }}); __PACKAGE__->register_method ({ @@ -187,12 +196,21 @@ __PACKAGE__->register_method ({ additionalProperties => 0, properties => { vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }), + # TODO: set keep-env to default false with PVE 9 + 'keep-env' => { + type => 'boolean', + description => "Keep the current environment. This option will disabled by default with PVE 9. " + ."If you rely on a preserved environment, please use this option to be future-proof.", + optional => 1, + default => 1, + }, 'extra-args' => get_standard_option('extra-args'), }, }, returns => { type => 'null' }, code => sub { my ($param) = @_; + my $keep_env = $param->{'keep-env'} // 1; # TODO: toggle with pve 9 my $vmid = $param->{vmid}; PVE::LXC::Config->load_config($vmid); # test if container exists on this node @@ -201,7 +219,7 @@ __PACKAGE__->register_method ({ die "missing command" if !@{$param->{'extra-args'}}; clean_environment(); - exec('lxc-attach', '-n', $vmid, '--', @{$param->{'extra-args'}}); + exec('lxc-attach', $keep_env ? '--keep-env' : '--clear-env', '-n', $vmid, '--', @{$param->{'extra-args'}}); }}); __PACKAGE__->register_method ({ -- 2.39.2 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [pve-devel] [PATCH container v2 2/2] pct: add keep-env option 2024-01-29 15:43 ` [pve-devel] [PATCH container v2 2/2] pct: add keep-env option Folke Gleumes @ 2024-02-02 16:53 ` Thomas Lamprecht 2024-02-09 13:17 ` [pve-devel] [PATCH container v3] " Folke Gleumes 2024-02-09 19:07 ` [pve-devel] applied: [PATCH container v2 2/2] " Thomas Lamprecht 0 siblings, 2 replies; 6+ messages in thread From: Thomas Lamprecht @ 2024-02-02 16:53 UTC (permalink / raw) To: Proxmox VE development discussion, Folke Gleumes Am 29/01/2024 um 16:43 schrieb Folke Gleumes: > The keep-env option allows the user to define if the current environment > should be kept when running 'pct enter/exec'. pct will now always set > '--keep-env' or '--discard-env' when calling lxc-attach to anticipate > the upcoming change in default behavior. seems fine in general, but I saw a two code style nits, of which one I'd really like to avoid, see comment in line. > > Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> > --- > This wasn't present in v1 > > src/PVE/CLI/pct.pm | 22 ++++++++++++++++++++-- > 1 file changed, 20 insertions(+), 2 deletions(-) > > diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm > index 091ac8e..7ce0de0 100755 > --- a/src/PVE/CLI/pct.pm > +++ b/src/PVE/CLI/pct.pm > @@ -162,12 +162,21 @@ __PACKAGE__->register_method ({ > additionalProperties => 0, > properties => { > vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }), > + # TODO: set keep-env to default false with PVE 9 no hard feelings for thiss one, but could be a better fit if located in the default line, which would be the one that will be changed, e.g.: default => 1, # TODO: make keep-env opt-out here and in the code with PVE 9 or before with even more context, something like: # FIXME: passing the environment in CT is really not ideal, it can leak secrets or cause # programs to do behave weird, so change to opt-in in PVE 9 Having some more context about the reasoning can be good for such comments (or at least the commit message), even if it should be relatively clear, like here. > + 'keep-env' => {> + type => 'boolean', > + description => "Keep the current environment. This option will disabled by default with PVE 9. " nit: for line continuations the next line should hold the space, that way one can add or remove sentences more likely without touching other unrelated lines. As example for here: description => "Keep the current environment. This option will disabled by default with PVE 9." ." If you rely on a preserved environment, please use this option to be future-proof." But would not have blocked applying just because of this, so mostly mentioning it due to writing a reply anyway. > + ."If you rely on a preserved environment, please use this option to be future-proof.", > @@ -175,7 +184,7 @@ __PACKAGE__->register_method ({ > die "container '$vmid' not running!\n" if !PVE::LXC::check_running($vmid); > > clean_environment(); > - exec('lxc-attach', '-n', $vmid); > + exec('lxc-attach', $keep_env ? '--keep-env' : '--clear-env', '-n', $vmid); I'd prefer to avoid such "hidden" ternaries inside other statements, that makes the code unnecessarily hard to read without much gain. While it makes it longer, having this split over a few line seems a bit nicer, e.g. something like (untested): my @lxc_attach_cmd = ('lxc-attach', '-n', $vmid); push @lxc_attach_cmd, $keep_env ? '--keep-env' : '--clear-env'; exec(@lxc_attach_cmd); > }}); > > __PACKAGE__->register_method ({ > @@ -187,12 +196,21 @@ __PACKAGE__->register_method ({ > additionalProperties => 0, > properties => { > vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }), > + # TODO: set keep-env to default false with PVE 9 > + 'keep-env' => { > + type => 'boolean', > + description => "Keep the current environment. This option will disabled by default with PVE 9. " same here w.r.t. trailing space for literal string continuation > + ."If you rely on a preserved environment, please use this option to be future-proof.", > + optional => 1, > + default => 1, > + }, > 'extra-args' => get_standard_option('extra-args'), > }, > }, > returns => { type => 'null' }, > code => sub { > my ($param) = @_; > + my $keep_env = $param->{'keep-env'} // 1; # TODO: toggle with pve 9 > > my $vmid = $param->{vmid}; > PVE::LXC::Config->load_config($vmid); # test if container exists on this node > @@ -201,7 +219,7 @@ __PACKAGE__->register_method ({ > die "missing command" if !@{$param->{'extra-args'}}; > > clean_environment(); > - exec('lxc-attach', '-n', $vmid, '--', @{$param->{'extra-args'}}); > + exec('lxc-attach', $keep_env ? '--keep-env' : '--clear-env', '-n', $vmid, '--', @{$param->{'extra-args'}}); same here w.r.t. ternary, gets a bit unwieldy > }}); > > __PACKAGE__->register_method ({ ^ permalink raw reply [flat|nested] 6+ messages in thread
* [pve-devel] [PATCH container v3] pct: add keep-env option 2024-02-02 16:53 ` Thomas Lamprecht @ 2024-02-09 13:17 ` Folke Gleumes 2024-02-09 19:07 ` [pve-devel] applied: [PATCH container v2 2/2] " Thomas Lamprecht 1 sibling, 0 replies; 6+ messages in thread From: Folke Gleumes @ 2024-02-09 13:17 UTC (permalink / raw) To: pve-devel The keep-env option allows the user to define if the current environment should be kept when running 'pct enter/exec'. pct will now always set '--keep-env' or '--clear-env' when calling lxc-attach to anticipate the upcoming change in default behavior. Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> --- changes in v3: * fix code style nits changes in v2: * add this patch src/PVE/CLI/pct.pm | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm index 091ac8e..325178f 100755 --- a/src/PVE/CLI/pct.pm +++ b/src/PVE/CLI/pct.pm @@ -162,12 +162,22 @@ __PACKAGE__->register_method ({ additionalProperties => 0, properties => { vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }), + # FIXME: passing the environment into the container potentially leaks hosts secrets, or causes + # unexpected behavior. Change to opt-in for pve 9 + 'keep-env' => { + type => 'boolean', + description => "Keep the current environment. This option will disabled by default with PVE 9." + ." If you rely on a preserved environment, please use this option to be future-proof.", + optional => 1, + default => 1, + }, }, }, returns => { type => 'null' }, code => sub { my ($param) = @_; + my $keep_env = $param->{'keep-env'} // 1; # FIXME: switch to default 0 with pve 9, see above my $vmid = $param->{vmid}; @@ -175,7 +185,10 @@ __PACKAGE__->register_method ({ die "container '$vmid' not running!\n" if !PVE::LXC::check_running($vmid); clean_environment(); - exec('lxc-attach', '-n', $vmid); + + my @lxc_attach_cmd = ('lxc-attach', '-n', $vmid); + push @lxc_attach_cmd, $keep_env ? '--keep-env' : '--clear-env'; + exec(@lxc_attach_cmd); }}); __PACKAGE__->register_method ({ @@ -187,12 +200,20 @@ __PACKAGE__->register_method ({ additionalProperties => 0, properties => { vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid_running }), + 'keep-env' => { + type => 'boolean', + description => "Keep the current environment. This option will disabled by default with PVE 9." + ." If you rely on a preserved environment, please use this option to be future-proof.", + optional => 1, + default => 1, # FIXME: switch to default 0 with pve 9, see enter method + }, 'extra-args' => get_standard_option('extra-args'), }, }, returns => { type => 'null' }, code => sub { my ($param) = @_; + my $keep_env = $param->{'keep-env'} // 1; # FIXME: switch to default 0 with pve 9, see enter method my $vmid = $param->{vmid}; PVE::LXC::Config->load_config($vmid); # test if container exists on this node @@ -201,7 +222,11 @@ __PACKAGE__->register_method ({ die "missing command" if !@{$param->{'extra-args'}}; clean_environment(); - exec('lxc-attach', '-n', $vmid, '--', @{$param->{'extra-args'}}); + + my @lxc_attach_cmd = ('lxc-attach', '-n', $vmid); + push @lxc_attach_cmd, $keep_env ? '--keep-env' : '--clear-env'; + push @lxc_attach_cmd, '--', @{$param->{'extra-args'}}; + exec(@lxc_attach_cmd); }}); __PACKAGE__->register_method ({ -- 2.39.2 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [pve-devel] applied: [PATCH container v2 2/2] pct: add keep-env option 2024-02-02 16:53 ` Thomas Lamprecht 2024-02-09 13:17 ` [pve-devel] [PATCH container v3] " Folke Gleumes @ 2024-02-09 19:07 ` Thomas Lamprecht 1 sibling, 0 replies; 6+ messages in thread From: Thomas Lamprecht @ 2024-02-09 19:07 UTC (permalink / raw) To: Proxmox VE development discussion, Folke Gleumes Am 02/02/2024 um 17:53 schrieb Thomas Lamprecht: > Am 29/01/2024 um 16:43 schrieb Folke Gleumes: >> The keep-env option allows the user to define if the current environment >> should be kept when running 'pct enter/exec'. pct will now always set >> '--keep-env' or '--discard-env' when calling lxc-attach to anticipate >> the upcoming change in default behavior. > > seems fine in general, but I saw a two code style nits, of which one I'd > really like to avoid, see comment in line. > >> >> Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> >> --- >> This wasn't present in v1 >> >> src/PVE/CLI/pct.pm | 22 ++++++++++++++++++++-- >> 1 file changed, 20 insertions(+), 2 deletions(-) >> >> applied, thanks! Two small things though: - there where two instances with double whitespace, e.g. after the `my @lxc_attach_cmd = `and before `$vmid`, and that then copied over to the other command too. It really did not seemed to be due to some vertical alignment, so I ameded the commit and dropped them. - in general it's preferred to send new patches, single or series, as new thread, i.e., without in-reply too. I know some open source projects sometimes are fine with sending those as in-reply-to, but IMO that hides them more. It's naturally fine to propose ad-hock diffs/code in a discussion in thread, but if there's a full patch with a new revision, then one is basically always better off when sending that as new thread. Oh, and while at it, w.r.t perl array-refs you nowadays can write `@{$foo->{bar}}` as `$foo->{bar}->@*`, and you can concat lists, so the final "add base command + user params then exec" part could look like: exec(@lxc_attach_cmd, '--', $foo->{bar}->@*); I kept that as is for now, it's IMO really not worse if done explicitly. ^ permalink raw reply [flat|nested] 6+ messages in thread
* [pve-devel] applied: [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve 2024-01-29 15:43 [pve-devel] [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve Folke Gleumes 2024-01-29 15:43 ` [pve-devel] [PATCH container v2 2/2] pct: add keep-env option Folke Gleumes @ 2024-02-02 16:32 ` Thomas Lamprecht 1 sibling, 0 replies; 6+ messages in thread From: Thomas Lamprecht @ 2024-02-02 16:32 UTC (permalink / raw) To: Proxmox VE development discussion, Folke Gleumes Am 29/01/2024 um 16:43 schrieb Folke Gleumes: > proxmox-perl-rs set's SSL_CERT_{DIR,FILE}, which can break ssl in > containers if their certificate store can't be found in the same spot. > This patch explicitly unsets those variables before starting the > container. > > Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> > --- > Changes since v1: > * Add reevaluation notice for pve9 > > src/PVE/CLI/pct.pm | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > > applied, thanks! ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-02-09 19:07 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2024-01-29 15:43 [pve-devel] [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve Folke Gleumes 2024-01-29 15:43 ` [pve-devel] [PATCH container v2 2/2] pct: add keep-env option Folke Gleumes 2024-02-02 16:53 ` Thomas Lamprecht 2024-02-09 13:17 ` [pve-devel] [PATCH container v3] " Folke Gleumes 2024-02-09 19:07 ` [pve-devel] applied: [PATCH container v2 2/2] " Thomas Lamprecht 2024-02-02 16:32 ` [pve-devel] applied: [PATCH container v2 1/2] fix #5194: pct: delete environment variables set by pve Thomas Lamprecht
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox