Merge branch 'stretch-testing' into stretch-stable

2024-09-03 20:06:10 +02:00 · 2019-08-04 18:23:34 +02:00 · 2019-08-04 18:23:34 +02:00 · f462a22b27
commit f462a22b27
parent a7e49cd184 cd912db8b2
5 changed files with 33 additions and 88 deletions
--- a/data/helpers.d/utils
+++ b/data/helpers.d/utils
@ -378,16 +378,18 @@ ynh_secure_remove () {
 ynh_get_plain_key() {
    local prefix="#"
    local founded=0
-    local key=$1
+    # We call this key_ so that it's not caught as
    # an info to be redacted by the core
    local key_=$1
    shift
    while read line; do
        if [[ "$founded" == "1" ]] ; then
            [[ "$line" =~ ^${prefix}[^#] ]] && return
            echo $line
-        elif [[ "$line" =~ ^${prefix}${key}$ ]]; then
+        elif [[ "$line" =~ ^${prefix}${key_}$ ]]; then
            if [[ -n "${1:-}" ]]; then
                prefix+="#"
-                key=$1
+                key_=$1
                shift
            else
                founded=1
--- a/debian/changelog
+++ b/debian/changelog
@ -1,14 +1,25 @@
 yunohost (3.6.4.4) stable; urgency=low
  - [fix] Small typo breaking experimental config panel for apps (1224380)
  - [mod] Remove the old ugly trick to change the admin password, not needed anymore (1cb0a26)
  - [fix] Legit variable getting caught as an info to be redacted by the core (8212010)
  - [fix] Exception handling for corrupted metadata about operation logs (#754)
  Contributors: Aleks, Bram, ljf
 -- Alexandre Aubin <alex.aubin@mailoo.org>  Sun, 04 Aug 2019 18:20:00  +0000
 yunohost (3.6.4.3) stable; urgency=low
  - [hotfix] Fix some password-redacting cases that weren't caught up
- -- Alexandre Aubin <alex.aubin@mailoo.org>  Set, 06 Jul 2019 19:35:00  +0000
+ -- Alexandre Aubin <alex.aubin@mailoo.org>  Sat, 06 Jul 2019 19:35:00  +0000
 yunohost (3.6.4.2) stable; urgency=low
  - [hotfix] Use the acme-v02 API to fix the newAccount keyError in acme_tiny
- -- Alexandre Aubin <alex.aubin@mailoo.org>  Set, 06 Jul 2019 18:40:00  +0000
+ -- Alexandre Aubin <alex.aubin@mailoo.org>  Sat, 06 Jul 2019 18:40:00  +0000
 yunohost (3.6.4.1) stable; urgency=low
--- a/locales/en.json
+++ b/locales/en.json
@ -234,7 +234,7 @@
    "invalid_url_format": "Invalid URL format",
    "ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it",
    "iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it",
-    "log_corrupted_md_file": "The yaml metadata file associated with logs is corrupted: '{md_file}'",
+    "log_corrupted_md_file": "The yaml metadata file associated with logs is corrupted: '{md_file}\nError: {error}'",
    "log_category_404": "The log category '{category}' does not exist",
    "log_link_to_log": "Full log of this operation: '<a href=\"#/tools/logs/{name}\" style=\"text-decoration:underline\">{desc}</a>'",
    "log_help_to_get_log": "To view the log of the operation '{desc}', use the command 'yunohost log display {name}'",
--- a/sbin/yunohost-reset-ldap-password
+++ b/sbin/yunohost-reset-ldap-password
@ -1,69 +1,3 @@
 #!/bin/bash
-
+echo "Warning: this script is now deprecated. You can simply type 'yunohost tools adminpw' to change the root/admin password."
 ################################
 #   Set a temporary password   #
 ################################
 # Generate a random temporary password (won't be valid after this script ends !)
 # and hash it
 TMP_LDAPROOT_PASSWORD=`slappasswd -g`
 TMP_LDAPROOT_PASSWORD_HASH=`slappasswd -h {SSHA} -s ${TMP_LDAPROOT_PASSWORD}`
 # Stop slapd service...
 service slapd stop
 # Backup slapd.conf (to be restored at the end of script)
 cp /etc/ldap/slapd.conf /root/slapd.conf.bkp
 # Append lines to slapd.conf to manually define root password hash
 echo 'rootdn "cn=admin,dc=yunohost,dc=org"' >> /etc/ldap/slapd.conf
 echo "rootpw $TMP_LDAPROOT_PASSWORD_HASH" >> /etc/ldap/slapd.conf
 # Test conf (might not be entirely necessary though :P)
 slaptest -Q -u -f /etc/ldap/slapd.conf
 # Regenerate slapd.d directory
 rm -Rf /etc/ldap/slapd.d
 mkdir /etc/ldap/slapd.d
 slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
 # Set permissions to slapd.d
 chown -R openldap:openldap /etc/ldap/slapd.d/
 # Restore slapd.conf
 mv /root/slapd.conf.bkp /etc/ldap/slapd.conf
 # Restart slapd service
 service slapd start
 #######################################
 #   Properly set new admin password   #
 #######################################
 # Display tmp password to user
 # NB : we do NOT pass it as a command line argument for "yunohost tools adminpw"
 # as a malicious user could run a script in background waiting for this command
 # to pop in ps -ef and automatically do nasty stuff in the ldap database
 # meanwhile.
 echo "Use this temporary password when asked for the administration password : $TMP_LDAPROOT_PASSWORD"
 # Call yunohost tools adminpw for user to set new password
 yunohost tools adminpw
 ###########################
 #   Forget tmp password   #
 ###########################
 # Stop slapd service
 service slapd stop
 # Regenerate slapd.d directory
 rm -Rf /etc/ldap/slapd.d
 mkdir /etc/ldap/slapd.d
 slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
 # Set permissions to slapd.d
 chown -R openldap:openldap /etc/ldap/slapd.d/
 # Restart slapd service
 service slapd start
--- a/src/yunohost/log.py
+++ b/src/yunohost/log.py
@ -33,9 +33,10 @@ from datetime import datetime
 from logging import FileHandler, getLogger, Formatter
 from moulinette import m18n, msettings
 from moulinette.core import MoulinetteError
 from yunohost.utils.error import YunohostError
 from moulinette.utils.log import getActionLogger
-from moulinette.utils.filesystem import read_file
+from moulinette.utils.filesystem import read_file, read_yaml
 CATEGORIES_PATH = '/var/log/yunohost/categories/'
 OPERATIONS_PATH = '/var/log/yunohost/categories/operation/'
@ -102,13 +103,8 @@ def log_list(category=[], limit=None, with_details=False):
                entry["started_at"] = log_datetime
            if with_details:
-                with open(md_path, "r") as md_file:
+                metadata = read_yaml(md_path)
-                    try:
+                entry["success"] = metadata.get("success", "?") if metadata else "?"
                        metadata = yaml.safe_load(md_file)
                    except yaml.YAMLError:
                        logger.warning(m18n.n('log_corrupted_md_file', file=md_path))
                    entry["success"] = metadata.get("success", "?") if metadata else "?"
            result[category].append(entry)
@ -186,17 +182,19 @@ def log_display(path, number=50, share=False):
    if os.path.exists(md_path):
        with open(md_path, "r") as md_file:
            try:
-                metadata = yaml.safe_load(md_file)
+                metadata = read_yaml(md_file)
-                infos['metadata_path'] = md_path
+            except MoulinetteError as e:
-                infos['metadata'] = metadata
+                error = m18n.n('log_corrupted_md_file', md_file=md_path, error=e)
                if 'log_path' in metadata:
                    log_path = metadata['log_path']
            except yaml.YAMLError:
                error = m18n.n('log_corrupted_md_file', file=md_path)
                if os.path.exists(log_path):
                    logger.warning(error)
                else:
                    raise YunohostError(error)
            else:
                infos['metadata_path'] = md_path
                infos['metadata'] = metadata
                if 'log_path' in metadata:
                    log_path = metadata['log_path']
    # Display logs if exist
    if os.path.exists(log_path):