[arch-projects] [PATCH 1/2] Ensure all variables are unset before loading profile
dan at archlinux.org
Sun Jun 19 23:03:37 EDT 2011
There is a possible leak of profile info from one to the next if
profiles are loaded in sequence, due to the fact that we are running all
of this in a shared environment. Unset all currently known variables at
the start of load_profile().
This is most apparent in several functions in `src/network` which do
looping calls of profile_up or profile_down (which in turn call
load_profile). The script `wpa_actiond/netcfg-wpa_actiond` is safe due
to its use of subshells.
Signed-off-by: Dan McGee <dan at archlinux.org>
This sucks a bit, but is a big failing of netcfg I found when writing my next
patch. It screams "there must be a better way", but at the moment I'm not sure
what that may be. The biggest problem is there is no central collection of
these variables which I had to scrape from the various setup scripts. Thoughts?
src-wireless/netcfg-auto-wireless | 1 -
src/network | 9 ++++++++-
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/src-wireless/netcfg-auto-wireless b/src-wireless/netcfg-auto-wireless
index a3e3fb9..671d34e 100644
@@ -37,7 +37,6 @@ wifi_auto()
while read ap essid; do
echo $AUTO_PROFILES | while read network; do
- unset CONNECTION INTERFACE AP ESSID
case "$CONNECTION" in
diff --git a/src/network b/src/network
index 87c0e77..316183e 100644
@@ -8,6 +8,13 @@
# source profile, checking whether it exists and is usable
+ unset ADDR AP AUTH8021X CONNECTION DESCRIPTION
+ unset DHCP_OPTIONS DHCP_TIMEOUT DHCLIENT DNS DNS1 DNS2 DOMAIN
+ unset ESSID GATEWAY HIDDEN IFOPTS INTERFACE IP IPCFG
+ unset IWCONFIG
+ unset KEY NETMASK RFKILL RFKILL_NAME SCAN SEARCH TIMEOUT
+ unset VLAN_ID VLAN_PHYS_DEV
+ unset WPA_CONF WPA_COUNTRY WPA_DRIVER WPA_GROUP WPA_OPTS
[[ -z "$1" ]] && return 1
if [[ ! -f "$PROFILE_DIR/$1" ]]; then
report_err "Profile \"$1\" does not exist"
@@ -24,7 +31,7 @@ load_profile()
report_debug "Interface level configuration enabled: $IFACE_DIR/$INTERFACE"
- . "$PROFILE_DIR/$1" # we want profile settings to override, so need to source profile again
+ . "$PROFILE_DIR/$1"
if [[ ! -f "$CONN_DIR/$CONNECTION" ]]; then
report_err "$CONNECTION is not a valid connection, check spelling or look at examples"
More information about the arch-projects