From 43af4a393e52900fd6e149cecedaeec12f1185d3 Mon Sep 17 00:00:00 2001 From: "Hongli Lai (Phusion)" Date: Wed, 15 Jul 2015 15:12:18 +0200 Subject: [PATCH] my_init container_environment.sh: ensure that environment variable names don't include characters unsupported by Bash Closes GH-230. --- Changelog.md | 1 + image/bin/my_init | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index 22e2722..09298ce 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,6 +1,7 @@ ## 0.9.17 (not yet released) * Removed nano and replaced vim with vim-tiny. This reduces Baseimage-docker's virtual size by 42 MB. + * When `my_init` generates `/etc/container_environment.sh`, it now ensures that environment variable names do not include any characters unsupported by Bash. Unsupported characters are now replaced with underscores. This fixes compatibility issues with Docker Compose. Closes GH-230. * `my_init` no longer reads from and writes to `/etc/container_environment` if that directory does not exist. Previously it would abort with an error. This change makes it easier to reuse `my_init` in other (non-Baseimage-docker-based) projects without having to modify it. * Baseimage-docker no longer sets the HOME environment variable by default. We used to set HOME by default to work around a Docker issue where HOME defaults to /, but this issue is now gone. Furthermore, the fact that we set HOME interfered with the USER stanza: USER would no longer set HOME. So we got rid of our HOME variable. Closes GH-231. * Some unnecessary Ubuntu cron jobs have been removed. Closes GH-205. diff --git a/image/bin/my_init b/image/bin/my_init index 2549388..325bff5 100755 --- a/image/bin/my_init +++ b/image/bin/my_init @@ -9,6 +9,8 @@ LOG_LEVEL_WARN = 1 LOG_LEVEL_INFO = 2 LOG_LEVEL_DEBUG = 3 +SHENV_NAME_WHITELIST_REGEX = re.compile('[^\w\-_\.]') + log_level = None terminated_child_processes = {} @@ -84,7 +86,7 @@ def export_envvars(to_dir = True): if to_dir: with open("/etc/container_environment/" + name, "w") as f: f.write(value) - shell_dump += "export " + shquote(name) + "=" + shquote(value) + "\n" + shell_dump += "export " + sanitize_shenvname(name) + "=" + shquote(value) + "\n" with open("/etc/container_environment.sh", "w") as f: f.write(shell_dump) with open("/etc/container_environment.json", "w") as f: @@ -103,6 +105,9 @@ def shquote(s): # the string $'b is then quoted as '$'"'"'b' return "'" + s.replace("'", "'\"'\"'") + "'" +def sanitize_shenvname(s): + return re.sub(SHENV_NAME_WHITELIST_REGEX, "_", s) + # Waits for the child process with the given PID, while at the same time # reaping any other child processes that have exited (e.g. adopted child # processes that have terminated).