https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290564
Bug ID: 290564
Summary: "jail -e" output is ambiguous regarding list values
Product: Base System
Version: Unspecified
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
PROBLEM
When printing jail.conf(5) parameter lists via "jail -e", the separation of the
individual list values is ambiguous.
For example, consider the following jail.conf:
some-jail {
single = 'abc,def';
list = 'abc';
list += 'def';
tricky = 'abc';
tricky += 'def,ghi';
}
Expected output (via "jail -e $'\n'"):
single="abc,def"
list=abc,def
tricky=abc,"def,ghi"
Actual output:
single=abc,def
list=abc,def
tricky=abc,def,ghi # no, it doesn't help to _know_ that this is a list
ANALYSIS
A simple solution would be to add the comma to the list of characters causing a
quoted string (like a space). To simulate the behaviour, let's add a space
after each comma in the example above:
some-jail {
single = 'abc, def';
list = 'abc';
list += 'def';
tricky = 'abc';
tricky += 'def, ghi';
}
Result:
single="abc, def"
list=abc,def
tricky=abc,"def, ghi"
As an additional remark: newline characters should also be escaped - or better
even - all control characters (ASCII <= 31) should be escaped.
To provide a feasible solution to the "parsing jail configurations by shell
script" (or any other language for that matter), list values could be printed
double-quoted by convention. This way values would _always_ be separated by
'","' (dquote-comma-dquote), which could never occur _within_ a value, as a
double-quote within double-quotes must always be escaped ("\"").
Wishful thinking example output for the example above (plus bonus line):
single="abc,def"
list=abc,def
tricky="abc","def,ghi"
verytricky="abc\",\"def","ghi"
How to process this safely in /bin/sh:
while read -r param; do
name=$(echo "${param}" | cut -d = -f 1)
value=$(echo "${param}" | cut -d = -f 2-)
if echo "${value}" | grep -q '^[^"]' || echo "${value}" | grep -qv
'","'; then
echo "${name} = ${value}"
continue
fi
echo "${name}:"
IFS=$'\n'
for item in $(echo "${value}" | sed 's/","/"\n"/g'); do
echo "- ${item}"
done
done
Result:
name = some-jail
single = "abc,def"
list:
- "abc"
- "def"
tricky:
- "abc"
- "def,ghi"
verytricky:
- "abc"
- "def\",\"ghi"
HOW TO REPRODUCE
cat << EOF | jail -e $'\n' -f -
some-jail {
single = 'abc, def';
list = 'abc';
list += 'def';
tricky = 'abc';
tricky += 'def, ghi';
verytricky = 'abc';
verytricky += 'def","ghi\'';
}
--
You are receiving this mail because:
You are the assignee for the bug.
