diff options
| author | Robert Gingras <rgingras@mieweb.com> | 2025-01-27 11:30:46 -0500 |
|---|---|---|
| committer | Robert Gingras <rgingras@mieweb.com> | 2025-01-27 11:46:40 -0500 |
| commit | a24d2f87fdde466625d9b6173657f07cf4401f30 (patch) | |
| tree | 3353cc342fbd9a60f20b3611b15eb6ebbcf3d015 /python | |
| parent | cb546cb6caa0e1f52c425eb13a093e66343e1bd1 (diff) | |
| download | vyos-1x-a24d2f87fdde466625d9b6173657f07cf4401f30.tar.gz vyos-1x-a24d2f87fdde466625d9b6173657f07cf4401f30.zip | |
utils: T7095: make wrapper use_shell aware and only utilize if vrf or netns are requested
Diffstat (limited to 'python')
| -rw-r--r-- | python/vyos/utils/process.py | 36 |
1 files changed, 21 insertions, 15 deletions
diff --git a/python/vyos/utils/process.py b/python/vyos/utils/process.py index d47e64588..faed8f1b0 100644 --- a/python/vyos/utils/process.py +++ b/python/vyos/utils/process.py @@ -14,6 +14,7 @@ # License along with this library. If not, see <http://www.gnu.org/licenses/>. import os +import shlex from subprocess import Popen from subprocess import PIPE @@ -22,11 +23,11 @@ from subprocess import DEVNULL def get_wrapper(vrf, netns): - wrapper = '' + wrapper = None if vrf: - wrapper = f'ip vrf exec {vrf} ' + wrapper = ['ip', 'vrf', 'exec', vrf] elif netns: - wrapper = f'ip netns exec {netns} ' + wrapper = ['ip', 'netns', 'exec', netns] return wrapper @@ -72,6 +73,15 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None, if not debug.enabled(flag): flag = 'command' + use_shell = shell + stdin = None + if shell is None: + use_shell = False + if ' ' in command: + use_shell = True + if env: + use_shell = True + # Must be run as root to execute command in VRF or network namespace if vrf or netns: if os.getuid() != 0: @@ -79,21 +89,17 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None, 'Permission denied: cannot execute commands in VRF and netns contexts as an unprivileged user' ) - wrapper = get_wrapper(vrf, netns) - command = f'{wrapper} {command}' + wrapper = get_wrapper(vrf, netns) + if use_shell: + command = f'{shlex.join(wrapper)} {command}' + else: + if type(command) is not list: + command = [command] + command = wrapper + command - cmd_msg = f"cmd '{command}'" + cmd_msg = f"cmd '{command}'" if use_shell else f"cmd '{shlex.join(command)}'" debug.message(cmd_msg, flag) - use_shell = shell - stdin = None - if shell is None: - use_shell = False - if ' ' in command: - use_shell = True - if env: - use_shell = True - if input: stdin = PIPE input = input.encode() if type(input) is str else input |