The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

This issue tracker is now in read-only archive mode and automatic ticket export has been disabled. Redmine users will need to create a new JIRA account to file tickets using https://tickets.puppetlabs.com. See the following page for information on filing tickets with JIRA:

Bug #12362

Don't rely on TMP environment variables during installation

Added by Josh Cooper over 3 years ago. Updated over 3 years ago.

Status:ClosedStart date:02/01/2012
Priority:NormalDue date:
Assignee:Josh Cooper% Done:

0%

Category:installation
Target version:1.6.6
Keywords: Affected Facter version:1.6.5
Branch:https://github.com/puppetlabs/facter/pull/163

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com


Description

Facter’s install.rb script currently uses ENV[‘TMP’], ENV[‘TEMP’], /tmp, etc as the temp directory search path, using the first one that exists. It then creates temp files using predictable file names within the directory, which are copied into ruby’s bin directory, and .bat files on Windows.

This isn’t secure as the files are predictable. Also in non-interactive shells, TMP and TEMP are often not defined, for example when installing facter during an acceptance test run. As a result, facter falls back to /tmp, but that doesn’t work when installing on Windows agents (during an acceptance test).

Since we’re in ruby, we should just use Tempfile

History

#1 Updated by Josh Cooper over 3 years ago

  • Status changed from Accepted to In Topic Branch Pending Review
  • Branch set to https://github.com/puppetlabs/facter/pull/163

#2 Updated by Anonymous over 3 years ago

  • Status changed from In Topic Branch Pending Review to Merged - Pending Release
  • Target version changed from 144 to 1.6.6

#3 Updated by Matthaus Owens over 3 years ago

  • Status changed from Merged - Pending Release to Closed

released in facter 1.6.6rc1

Also available in: Atom PDF