[jira] [Updated] (HADOOP-16146) Make start-build-env.sh safe in case of misusage of DOCKER_INTERACTIVE_RUN
[
https://issues.apache.org/jira/browse/HADOOP-16146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marton Elek updated HADOOP-16146:
-
Status: Open (was: Patch Available)
> Make start-build-env.sh safe in case of misusage of DOCKER_INTERACTIVE_RUN
> --
>
> Key: HADOOP-16146
> URL: https://issues.apache.org/jira/browse/HADOOP-16146
> Project: Hadoop Common
> Issue Type: Bug
>Reporter: Marton Elek
>Assignee: Marton Elek
>Priority: Major
> Labels: pull-request-available
>
> [~aw] reported the problem in HDDS-891:
> {quote}DOCKER_INTERACTIVE_RUN opens the door for users to set command line
> options to docker. Most notably, -c and -v and a few others that share one
> particular characteristic: they reference the file system. As soon as shell
> code hits the file system, it is no longer safe to assume space delimited
> options. In other words, -c /My Cool Filesystem/Docker Files/config.json or
> -v /c_drive/Program Files/Data:/data may be something a user wants to do, but
> the script now breaks because of the IFS assumptions.
> {quote}
> DOCKER_INTERACTIVE_RUN was used in jenkins to run normal build process in
> docker. In case of DOCKER_INTERACTIVE_RUN was set to empty the docker
> container is started without the "-i -t" flags.
> It can be improved by checking the value of the environment variable and
> enable only fixed set of values.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
-
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Resolved] (HADOOP-16146) Make start-build-env.sh safe in case of misusage of DOCKER_INTERACTIVE_RUN
[
https://issues.apache.org/jira/browse/HADOOP-16146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marton Elek resolved HADOOP-16146.
--
Resolution: Won't Fix
no review
> Make start-build-env.sh safe in case of misusage of DOCKER_INTERACTIVE_RUN
> --
>
> Key: HADOOP-16146
> URL: https://issues.apache.org/jira/browse/HADOOP-16146
> Project: Hadoop Common
> Issue Type: Bug
>Reporter: Marton Elek
>Assignee: Marton Elek
>Priority: Major
> Labels: pull-request-available
>
> [~aw] reported the problem in HDDS-891:
> {quote}DOCKER_INTERACTIVE_RUN opens the door for users to set command line
> options to docker. Most notably, -c and -v and a few others that share one
> particular characteristic: they reference the file system. As soon as shell
> code hits the file system, it is no longer safe to assume space delimited
> options. In other words, -c /My Cool Filesystem/Docker Files/config.json or
> -v /c_drive/Program Files/Data:/data may be something a user wants to do, but
> the script now breaks because of the IFS assumptions.
> {quote}
> DOCKER_INTERACTIVE_RUN was used in jenkins to run normal build process in
> docker. In case of DOCKER_INTERACTIVE_RUN was set to empty the docker
> container is started without the "-i -t" flags.
> It can be improved by checking the value of the environment variable and
> enable only fixed set of values.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
-
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
