From: James McCoy <jamessan@debian.org>
Date: Wed, 31 Dec 2014 03:01:18 +0000 (-0500)
Subject: dd-schroot-cmd: Relax session name check
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=ca7e8f4cc9ea7cb01e332eb6f784b30b0a952594;p=mirror%2Fdsa-puppet.git

dd-schroot-cmd: Relax session name check

As per schroot.conf(5):

  A  number  of characters or words are not permitted in a chroot name,
  session name or configuration filename.  The name may not contain a
  leading period (‘.’).  The characters ‘:’ (colon), ‘,’ (comma) and ‘/’
  (forward slash) are not permitted anywhere in the name.  The name may
  also not contain  a  trailing  tilde  (‘~’).

Relaxing the session name check in get_session_owner to better align
with schroot's actual restrictions reduces the chance that a user will
create a session yet be unable to manipulate it with dd-schroot-cmd.

Signed-off-by: James McCoy <jamessan@debian.org>
Signed-off-by: Paul Wise <pabs@debian.org>
---

diff --git a/modules/porterbox/files/dd-schroot-cmd b/modules/porterbox/files/dd-schroot-cmd
index 6506b6ed1..598fb1258 100755
--- a/modules/porterbox/files/dd-schroot-cmd
+++ b/modules/porterbox/files/dd-schroot-cmd
@@ -56,7 +56,7 @@ def die(s):
     sys.exit(1)
 
 def get_session_owner(session):
-    if re.search('[^0-9a-zA-Z_-]', session):
+    if re.search('^\.|~$|[^0-9a-zA-Z_.~-]', session):
         die("Invalid session name.")
 
     path = os.path.join('/var/lib/schroot/session', session)