Sisyphus repository
Last update: 2018-09-20 10:07:49 +0400 | SRPMs: 18652 | Sign in or Sign up
en ru uk br
Group :: System/Configuration/Other
Source RPM: alterator-mass-management

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR (0/0)   Repocop 

package id status test message
alterator-mass-management-0.1.7-alt1.noarch Fail
unsafe-tmp-usage-in-scripts The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/alterator/backend3/mass-management: $ grep -A5 -B5 /tmp/ /usr/lib/alterator/backend3/mass-management mkdir -p "$TASKS_DIR/task-$number" cat >"$TASKS_DIR/task-$number.yml" <<EOF --- - hosts: $group pre_tasks: - file: path=/tmp/amm-task-{{ task }}.{{ try }} state=directory roles: - $profile post_tasks: - file: path=/tmp/amm-task-{{ task }}.{{ try }} state=absent EOF return 0 } -- ### on_message() { date >> /tmp/mode.log echo "$(set|grep -a "in_")" >> /tmp/mode.log case "$in_action" in type) write_type_item hostlist hostname-list #write_type_item add_host hostname ;;;
alterator-mass-management-0.1.7-alt1.noarch Ok
alterator-mass-management-0.1.7-alt1.noarch Ok
alterator-mass-management-0.1.7-alt1.noarch Ok
© 2009–2018 Igor Zubkov