From 9a3447d4bec21bdfb13b59994df8d8509c176d08 Mon Sep 17 00:00:00 2001 From: Jake Hunsaker Date: Tue, 14 Jun 2022 09:53:00 -0400 Subject: [PATCH] Backport full random temp dir change Backports the change to temp dir creation to be fully random and not reliant on the rig's ID. Related: RHBZ#2077096 Signed-off-by: Jake Hunsaker --- rig-full-random-temp.patch | 59 ++++++++++++++++++++++++++++++++++++++ rig.spec | 7 ++++- 2 files changed, 65 insertions(+), 1 deletion(-) create mode 100644 rig-full-random-temp.patch diff --git a/rig-full-random-temp.patch b/rig-full-random-temp.patch new file mode 100644 index 0000000..a9d6c47 --- /dev/null +++ b/rig-full-random-temp.patch @@ -0,0 +1,59 @@ +From 90c5505d82b288bbc0b2e8b01e85b78d18a0bd18 Mon Sep 17 00:00:00 2001 +From: Jake Hunsaker +Date: Thu, 9 Jun 2022 14:26:02 -0400 +Subject: [PATCH] [rig] Use `tempfile` module for temp directory creation + +Previously, a change was made to temp directory creation in an effort to +make it more secure. While that was largely handled, it left us with an +unhandled error in an edge case configuration. Rather than putting a +band-aid over that again, re-write the temp directory creation process +to leverage the `tempfile` module, so that we can safely and completely +ignore the id/name of a rig, and leave the use of that for the +communication socket. + +Signed-off-by: Jake Hunsaker +--- + rigging/rigs/__init__.py | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/rigging/rigs/__init__.py b/rigging/rigs/__init__.py +index f14f312..29bb8b4 100644 +--- a/rigging/rigs/__init__.py ++++ b/rigging/rigs/__init__.py +@@ -18,6 +18,7 @@ import string + import socket + import sys + import tarfile ++import tempfile + import time + + from argparse import Action +@@ -110,7 +111,7 @@ class BaseRig(): + self.log_debug("Initializing %s rig %s" % + (self.resource_name, self.id)) + self._sock, self._sock_address = self._create_rig_socket() +- self._tmp_dir = self._create_temp_dir() ++ self._create_temp_dir() + self.files = [] + + def set_rig_id(self): +@@ -196,11 +197,11 @@ class BaseRig(): + Create a temp directory for rig to use for saving created files too + """ + try: +- _dir = "%s.%s/" % (RIG_TMP_DIR_PREFIX, self.id) +- os.makedirs(_dir) +- return _dir +- except OSError: +- raise CannotConfigureRigError('failed to create temp directory') ++ self._tmp_dir = tempfile.mkdtemp(prefix='rig.', dir='/var/tmp') ++ except Exception as err: ++ raise CannotConfigureRigError( ++ "failed to create temp directory: %s" % err ++ ) + + def _load_args(self): + """ +-- +2.35.3 + diff --git a/rig.spec b/rig.spec index cb5622b..02985e0 100644 --- a/rig.spec +++ b/rig.spec @@ -1,7 +1,7 @@ Name: rig Summary: Monitor a system for events and trigger specific actions Version: 1.1 -Release: 4%{?dist} +Release: 5%{?dist} Url: https://github.com/TurboTurtle/rig Source0: %{url}/archive/%{name}-%{version}.tar.gz License: GPLv2 @@ -13,6 +13,7 @@ BuildRequires: python3dist(systemd-python) BuildRequires: python3dist(psutil) Patch1: rig-fix-rig-list.patch +Patch2: rig-full-random-temp.patch %description Rig is a utility designed to watch or monitor specific system resources (e.g. @@ -23,6 +24,7 @@ troubleshooting and data collection for randomly occurring events. %prep %setup -q %patch1 -p1 +%patch2 -p1 %build %py3_build @@ -43,6 +45,9 @@ install -p -m644 man/en/rig.1 ${RPM_BUILD_ROOT}%{_mandir}/man1/ %doc README.md %changelog +* Tue Jun 14 2022 Jake Hunsaker - 1.1-5 +- Backport change to temp dir creation to ignore rig ID + * Thu Jun 02 2022 Jake Hunsaker - 1.1-4 - Backport fix for rig list race condition