[virt-tools-list] [PATCH virt-viewer] Use socat instead of nc if possible

Eric Blake eblake at redhat.com
Wed Sep 3 12:55:13 UTC 2014


On 09/02/2014 10:19 AM, Marc-André Lureau wrote:
> It turns out that nc does not leave on server disconnect, and there
> doesn't seem to be any option to do that, leaving client open, and
> a bunch of idle processes.
> 
> Replacing nc with socat solves that, client is disconnected when
> the VM is shut down, when the sever connection is closed.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1030487
> ---

> +
> +    cat = g_string_new("if command -v socat 2>&1 >/dev/null");

You mixed up your redirections.  This says to clone the original stdout
to stderr, then change stdout, so that success is silent but error
messages go to stdout.  But you probably want to redirect stdout to
/dev/null, then clone _that_ to stderr as well, so that the overall
command is silent, whether or not it encounters an error.

'command -v' is not universally supported (think Solaris /bin/sh).  It
is good enough for all clients where we expect to be connecting, though,
so I don't mind using it as written; but if you are ultra-worried about
it being missing, you have to do the redirections outside of a subshell
to protect from the potentially-missing builtin, as in:

if (command -v socat) >/dev/null 2>&1

> +
> +    g_string_append(cat, "; then socat - ");
> +    if (port)
> +        g_string_append_printf(cat, "TCP:%s:%s", host, port);
> +    else
> +        g_string_append_printf(cat, "UNIX-CONNECT:%s", unixsock);
> +
> +    g_string_append(cat, "; else nc ");
> +    if (port)
> +        g_string_append_printf(cat, "%s %s", host, port);
> +    else
> +        g_string_append_printf(cat, "-U %s", unixsock);

Can host, port, or unixsock contain any shell metacharacters?  If so,
remember that you are going through TWO levels of shell quoting - one
because of the shell command, another because of ssh.  But I don't think
this patch is any worse than the previous code at the potential for bad
things if a user-provided input contains shell metacharacters.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 539 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/virt-tools-list/attachments/20140903/1763ad0d/attachment.sig>


More information about the virt-tools-list mailing list