Felix Frank wrote:
On 03/31/2011 03:42 PM, Mohamed Lrhazi wrote:
but it does not look safe as the $content could contain single quotes,
could it not?
That't true, and I don't see a way that you can waterproof this
construct. Sorry.
Then you haven't seen the shellquote() function. It is there
specifically so you can construct safe shell commands:
$echocmd = shellquote('/bin/echo', $content)
exec {
"generate_facts_yaml":
command => "/bin/false",
unless => "$echocmd >/path/to/file";
}
Note that shellquote('/bin/echo', $content, '>/path/to/file'),
would be wrong, since shellquote() would then quote the >
character so the shell won't interpret it as a redirection.
/Bellman
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
