diff --git a/data/helpers.d/utils b/data/helpers.d/utils index a93fbf227..c9034ebc6 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -378,16 +378,18 @@ ynh_secure_remove () { ynh_get_plain_key() { local prefix="#" local founded=0 - local key=$1 + # We call this key_ so that it's not caught as + # an info to be redacted by the core + local key_=$1 shift while read line; do if [[ "$founded" == "1" ]] ; then [[ "$line" =~ ^${prefix}[^#] ]] && return echo $line - elif [[ "$line" =~ ^${prefix}${key}$ ]]; then + elif [[ "$line" =~ ^${prefix}${key_}$ ]]; then if [[ -n "${1:-}" ]]; then prefix+="#" - key=$1 + key_=$1 shift else founded=1 diff --git a/debian/changelog b/debian/changelog index e0557021a..bf38802ab 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,14 +1,25 @@ +yunohost (3.6.4.4) stable; urgency=low + + - [fix] Small typo breaking experimental config panel for apps (1224380) + - [mod] Remove the old ugly trick to change the admin password, not needed anymore (1cb0a26) + - [fix] Legit variable getting caught as an info to be redacted by the core (8212010) + - [fix] Exception handling for corrupted metadata about operation logs (#754) + + Contributors: Aleks, Bram, ljf + + -- Alexandre Aubin Sun, 04 Aug 2019 18:20:00 +0000 + yunohost (3.6.4.3) stable; urgency=low - [hotfix] Fix some password-redacting cases that weren't caught up - -- Alexandre Aubin Set, 06 Jul 2019 19:35:00 +0000 + -- Alexandre Aubin Sat, 06 Jul 2019 19:35:00 +0000 yunohost (3.6.4.2) stable; urgency=low - [hotfix] Use the acme-v02 API to fix the newAccount keyError in acme_tiny - -- Alexandre Aubin Set, 06 Jul 2019 18:40:00 +0000 + -- Alexandre Aubin Sat, 06 Jul 2019 18:40:00 +0000 yunohost (3.6.4.1) stable; urgency=low diff --git a/locales/en.json b/locales/en.json index 22247c97e..d1203c757 100644 --- a/locales/en.json +++ b/locales/en.json @@ -234,7 +234,7 @@ "invalid_url_format": "Invalid URL format", "ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it", "iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it", - "log_corrupted_md_file": "The yaml metadata file associated with logs is corrupted: '{md_file}'", + "log_corrupted_md_file": "The yaml metadata file associated with logs is corrupted: '{md_file}\nError: {error}'", "log_category_404": "The log category '{category}' does not exist", "log_link_to_log": "Full log of this operation: '{desc}'", "log_help_to_get_log": "To view the log of the operation '{desc}', use the command 'yunohost log display {name}'", diff --git a/sbin/yunohost-reset-ldap-password b/sbin/yunohost-reset-ldap-password index 916b70b18..95f84875f 100755 --- a/sbin/yunohost-reset-ldap-password +++ b/sbin/yunohost-reset-ldap-password @@ -1,69 +1,3 @@ #!/bin/bash - -################################ -# Set a temporary password # -################################ - -# Generate a random temporary password (won't be valid after this script ends !) -# and hash it -TMP_LDAPROOT_PASSWORD=`slappasswd -g` -TMP_LDAPROOT_PASSWORD_HASH=`slappasswd -h {SSHA} -s ${TMP_LDAPROOT_PASSWORD}` - -# Stop slapd service... -service slapd stop - -# Backup slapd.conf (to be restored at the end of script) -cp /etc/ldap/slapd.conf /root/slapd.conf.bkp - -# Append lines to slapd.conf to manually define root password hash -echo 'rootdn "cn=admin,dc=yunohost,dc=org"' >> /etc/ldap/slapd.conf -echo "rootpw $TMP_LDAPROOT_PASSWORD_HASH" >> /etc/ldap/slapd.conf - -# Test conf (might not be entirely necessary though :P) -slaptest -Q -u -f /etc/ldap/slapd.conf - -# Regenerate slapd.d directory -rm -Rf /etc/ldap/slapd.d -mkdir /etc/ldap/slapd.d -slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1 - -# Set permissions to slapd.d -chown -R openldap:openldap /etc/ldap/slapd.d/ - -# Restore slapd.conf -mv /root/slapd.conf.bkp /etc/ldap/slapd.conf - -# Restart slapd service -service slapd start - -####################################### -# Properly set new admin password # -####################################### - -# Display tmp password to user -# NB : we do NOT pass it as a command line argument for "yunohost tools adminpw" -# as a malicious user could run a script in background waiting for this command -# to pop in ps -ef and automatically do nasty stuff in the ldap database -# meanwhile. -echo "Use this temporary password when asked for the administration password : $TMP_LDAPROOT_PASSWORD" - -# Call yunohost tools adminpw for user to set new password +echo "Warning: this script is now deprecated. You can simply type 'yunohost tools adminpw' to change the root/admin password." yunohost tools adminpw - -########################### -# Forget tmp password # -########################### - -# Stop slapd service -service slapd stop - -# Regenerate slapd.d directory -rm -Rf /etc/ldap/slapd.d -mkdir /etc/ldap/slapd.d -slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1 - -# Set permissions to slapd.d -chown -R openldap:openldap /etc/ldap/slapd.d/ - -# Restart slapd service -service slapd start diff --git a/src/yunohost/log.py b/src/yunohost/log.py index 8f8c92010..aa41cd85f 100644 --- a/src/yunohost/log.py +++ b/src/yunohost/log.py @@ -33,9 +33,10 @@ from datetime import datetime from logging import FileHandler, getLogger, Formatter from moulinette import m18n, msettings +from moulinette.core import MoulinetteError from yunohost.utils.error import YunohostError from moulinette.utils.log import getActionLogger -from moulinette.utils.filesystem import read_file +from moulinette.utils.filesystem import read_file, read_yaml CATEGORIES_PATH = '/var/log/yunohost/categories/' OPERATIONS_PATH = '/var/log/yunohost/categories/operation/' @@ -102,13 +103,8 @@ def log_list(category=[], limit=None, with_details=False): entry["started_at"] = log_datetime if with_details: - with open(md_path, "r") as md_file: - try: - metadata = yaml.safe_load(md_file) - except yaml.YAMLError: - logger.warning(m18n.n('log_corrupted_md_file', file=md_path)) - - entry["success"] = metadata.get("success", "?") if metadata else "?" + metadata = read_yaml(md_path) + entry["success"] = metadata.get("success", "?") if metadata else "?" result[category].append(entry) @@ -186,17 +182,19 @@ def log_display(path, number=50, share=False): if os.path.exists(md_path): with open(md_path, "r") as md_file: try: - metadata = yaml.safe_load(md_file) - infos['metadata_path'] = md_path - infos['metadata'] = metadata - if 'log_path' in metadata: - log_path = metadata['log_path'] - except yaml.YAMLError: - error = m18n.n('log_corrupted_md_file', file=md_path) + metadata = read_yaml(md_file) + except MoulinetteError as e: + error = m18n.n('log_corrupted_md_file', md_file=md_path, error=e) if os.path.exists(log_path): logger.warning(error) else: raise YunohostError(error) + else: + infos['metadata_path'] = md_path + infos['metadata'] = metadata + + if 'log_path' in metadata: + log_path = metadata['log_path'] # Display logs if exist if os.path.exists(log_path):