From cd9df7873d718015ab1d1ea24d8cb2cc4a8eb035 Mon Sep 17 00:00:00 2001 From: MoritzWeber Date: Tue, 19 Sep 2023 10:49:48 +0200 Subject: [PATCH] fix: Fail if RMT_PASSWORD is unset When RMT_PASSWORD wasn't set, openssl was waiting for the argument, This could cause the Docker container to hang up. --- readonly/startup.sh | 5 +++-- remote/startup.sh | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/readonly/startup.sh b/readonly/startup.sh index efe9ce6b..8da5364b 100755 --- a/readonly/startup.sh +++ b/readonly/startup.sh @@ -3,9 +3,10 @@ # SPDX-FileCopyrightText: Copyright DB Netz AG and the capella-collab-manager contributors # SPDX-License-Identifier: Apache-2.0 -set -ex +set -exuo pipefail + line=$(grep techuser /etc/shadow); -echo ${line%%:*}:$(openssl passwd -6 -salt $(openssl rand -base64 16) $RMT_PASSWORD):${line#*:*:} > /etc/shadow; +echo ${line%%:*}:$(openssl passwd -6 -salt $(openssl rand -base64 16) "${RMT_PASSWORD:?}"):${line#*:*:} > /etc/shadow; unset RMT_PASSWORD # Prepare Workspace diff --git a/remote/startup.sh b/remote/startup.sh index a5d4e888..14c70891 100755 --- a/remote/startup.sh +++ b/remote/startup.sh @@ -3,11 +3,12 @@ # SPDX-FileCopyrightText: Copyright DB Netz AG and the capella-collab-manager contributors # SPDX-License-Identifier: Apache-2.0 -set -e +set -exuo pipefail + if [ "$(whoami)" == "root" ] || [ "$(whoami)" == "techuser" ]; then line=$(grep techuser /etc/shadow); - echo ${line%%:*}:$(openssl passwd -6 -salt $(openssl rand -base64 16) $RMT_PASSWORD):${line#*:*:} > /etc/shadow; + echo ${line%%:*}:$(openssl passwd -6 -salt $(openssl rand -base64 16) "${RMT_PASSWORD:?}"):${line#*:*:} > /etc/shadow; else echo "Only techuser and root are supported as users."; exit 1;