The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

Bug #12362

Don't rely on TMP environment variables during installation

Added by Josh Cooper almost 3 years ago. Updated almost 3 years ago.

Status:ClosedStart date:02/01/2012
Priority:NormalDue date:
Assignee:Josh Cooper% Done:

0%

Category:installation
Target version:1.6.6
Keywords: Affected Facter version:1.6.5
Branch:https://github.com/puppetlabs/facter/pull/163

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com

This issue is currently not available for export. If you are experiencing the issue described below, please file a new ticket in JIRA. Once a new ticket has been created, please add a link to it that points back to this Redmine ticket.


Description

Facter’s install.rb script currently uses ENV[‘TMP’], ENV[‘TEMP’], /tmp, etc as the temp directory search path, using the first one that exists. It then creates temp files using predictable file names within the directory, which are copied into ruby’s bin directory, and .bat files on Windows.

This isn’t secure as the files are predictable. Also in non-interactive shells, TMP and TEMP are often not defined, for example when installing facter during an acceptance test run. As a result, facter falls back to /tmp, but that doesn’t work when installing on Windows agents (during an acceptance test).

Since we’re in ruby, we should just use Tempfile

History

#1 Updated by Josh Cooper almost 3 years ago

  • Status changed from Accepted to In Topic Branch Pending Review
  • Branch set to https://github.com/puppetlabs/facter/pull/163

#2 Updated by Anonymous almost 3 years ago

  • Status changed from In Topic Branch Pending Review to Merged - Pending Release
  • Target version changed from 144 to 1.6.6

#3 Updated by Matthaus Owens almost 3 years ago

  • Status changed from Merged - Pending Release to Closed

released in facter 1.6.6rc1

Also available in: Atom PDF