From: James McCoy Date: Wed, 31 Dec 2014 03:01:18 +0000 (-0500) Subject: dd-schroot-cmd: Relax session name check X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=ca7e8f4cc9ea7cb01e332eb6f784b30b0a952594;p=mirror%2Fdsa-puppet.git dd-schroot-cmd: Relax session name check As per schroot.conf(5): A number of characters or words are not permitted in a chroot name, session name or configuration filename. The name may not contain a leading period (‘.’). The characters ‘:’ (colon), ‘,’ (comma) and ‘/’ (forward slash) are not permitted anywhere in the name. The name may also not contain a trailing tilde (‘~’). Relaxing the session name check in get_session_owner to better align with schroot's actual restrictions reduces the chance that a user will create a session yet be unable to manipulate it with dd-schroot-cmd. Signed-off-by: James McCoy Signed-off-by: Paul Wise --- diff --git a/modules/porterbox/files/dd-schroot-cmd b/modules/porterbox/files/dd-schroot-cmd index 6506b6ed1..598fb1258 100755 --- a/modules/porterbox/files/dd-schroot-cmd +++ b/modules/porterbox/files/dd-schroot-cmd @@ -56,7 +56,7 @@ def die(s): sys.exit(1) def get_session_owner(session): - if re.search('[^0-9a-zA-Z_-]', session): + if re.search('^\.|~$|[^0-9a-zA-Z_.~-]', session): die("Invalid session name.") path = os.path.join('/var/lib/schroot/session', session)