Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
trunk
-
CentOS7.2
-
Patch
Description
In firewall.py, "systemctl is-active iptables || systemctl is-active firewalld" is passed to run_in_shell function, which splits cmd string by using shlex.split.
run_in_shell function finally calls subprocess.Popen with shell=True, so the cmd string is evaluated like Popen(['/bin/sh', '-c', 'systemctl', 'is-active', 'iptables', '||', 'systemctl', 'is-active', 'firewalld']). This doesn't returns values as expected, because after args[1] (in this case, after the first is-active) are evaluated as sh arguements.
systemctl is-active can take multiple arugments, so we can use it.
Attachments
Attachments
Issue Links
- links to