summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAhmed RAHAL <arahal@syntax.com>2019-10-25 22:39:34 +0200
committerAhmed RAHAL <arahal@syntax.com>2019-10-25 22:44:59 +0200
commit2ec5dda1d8bc61b0b1bc827f9b2ad8a3bee53d9b (patch)
tree93621db6978cc004cee19e19a276dfb903a6c8e2
parentMerge pull request #5090 from lopf/5089-fix-psql-user-specification (diff)
downloadawx-2ec5dda1d8bc61b0b1bc827f9b2ad8a3bee53d9b.tar.xz
awx-2ec5dda1d8bc61b0b1bc827f9b2ad8a3bee53d9b.zip
Add quotes to shell variables with user input
The last update of this file added default values for passwords but removed the 'quote' filter. This is extremely problematic for database passwords that should always be complex and contain special characters that the shell may interpret wrongly. As a sanity measure, adding the quote filter to all fields.
-rw-r--r--installer/roles/local_docker/templates/environment.sh.j222
1 files changed, 11 insertions, 11 deletions
diff --git a/installer/roles/local_docker/templates/environment.sh.j2 b/installer/roles/local_docker/templates/environment.sh.j2
index 7d78b8c96f..832f112d6d 100644
--- a/installer/roles/local_docker/templates/environment.sh.j2
+++ b/installer/roles/local_docker/templates/environment.sh.j2
@@ -1,12 +1,12 @@
-DATABASE_USER={{ pg_username }}
-DATABASE_NAME={{ pg_database }}
-DATABASE_HOST={{ pg_hostname|default('postgres') }}
-DATABASE_PORT={{ pg_port|default('5432') }}
-DATABASE_PASSWORD={{ pg_password|default('awxpass') }}
-DATABASE_ADMIN_PASSWORD={{ pg_admin_password|default('postgrespass') }}
+DATABASE_USER={{ pg_username|quote }}
+DATABASE_NAME={{ pg_database|quote }}
+DATABASE_HOST={{ pg_hostname|default('postgres')|quote }}
+DATABASE_PORT={{ pg_port|default('5432')|quote }}
+DATABASE_PASSWORD={{ pg_password|default('awxpass')|quote }}
+DATABASE_ADMIN_PASSWORD={{ pg_admin_password|default('postgrespass')|quote }}
MEMCACHED_HOST={{ memcached_hostname|default('memcached') }}
-MEMCACHED_PORT={{ memcached_port|default('11211') }}
-RABBITMQ_HOST={{ rabbitmq_hostname|default('rabbitmq') }}
-RABBITMQ_PORT={{ rabbitmq_port|default('5672') }}
-AWX_ADMIN_USER={{ admin_user }}
-AWX_ADMIN_PASSWORD={{ admin_password | quote }}
+MEMCACHED_PORT={{ memcached_port|default('11211')|quote }}
+RABBITMQ_HOST={{ rabbitmq_hostname|default('rabbitmq')|quote }}
+RABBITMQ_PORT={{ rabbitmq_port|default('5672')|quote }}
+AWX_ADMIN_USER={{ admin_user|quote }}
+AWX_ADMIN_PASSWORD={{ admin_password|quote }}