Project

Profile

Help

Issue #2192

The RPM rsync distributor's "root" config option isn't validated

Added by Ichimonji10 over 5 years ago. Updated over 2 years ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
2.10.0
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

Let's say I decide to create an RPM repository with a yum importer, yum distributor and RPM rsync distributor. To do so, I might submit an HTTP POST request to /pulp/api/v2/repositories/ with the following payload:

{
    "importer_type_id": "yum_importer",
    "importer_config": {
        "feed": "https://repos.fedorapeople.org/pulp/pulp/fixtures/rpm/" 
    },
    "notes": {
        "_repo-type": "rpm-repo" 
    },
    "id": "4818bdb8-1fc8-44e8-8504-231466a057f1",
    "distributors": [
        {
            "distributor_config": {
                "http": true,
                "relative_url": "c23ae706-d9f9-4740-aecd-4bbb2bfde953/",
                "https": true
            },
            "distributor_id": "d2160bbe-ba12-4079-bf61-2c898337780a",
            "distributor_type_id": "yum_distributor",
            "auto_publish": false
        },
        {
            "distributor_config": {
                "predistributor_id": "d2160bbe-ba12-4079-bf61-2c898337780a",
                "remote": {
                    "root": "home/a8333f9e-027",
                    "host": "example.com",
                    "ssh_user": "a8333f9e-027",
                    "ssh_identity_file": "/27f14dc8-3562-4065-ad1d-b5827522b5c2" 
                }
            },
            "distributor_id": "a6658d24-2bde-4f85-8afd-5dfe45d53527",
            "distributor_type_id": "rpm_rsync_distributor" 
        }
    ]
}

The RPM rsync distributor's root option must be an absolute path. However, in the example payload above, root is a relative URL. Pulp accepts this payload anyway and will create the repository, importer and distributors.

Pulp should verify root when processing the request. This will prevent mysterious errors from occurring later when a user decides to perform a publish. Providing immediate feedback to the user also makes the application more user-friendly.

History

#1 Updated by amacdona@redhat.com over 5 years ago

  • Triaged changed from No to Yes

#2 Updated by bmbouter over 2 years ago

  • Status changed from NEW to CLOSED - WONTFIX

Pulp 2 is approaching maintenance mode, and this Pulp 2 ticket is not being actively worked on. As such, it is being closed as WONTFIX. Pulp 2 is still accepting contributions though, so if you want to contribute a fix for this ticket, please reopen or comment on it. If you don't have permissions to reopen this ticket, or you want to discuss an issue, please reach out via the developer mailing list.

#3 Updated by bmbouter over 2 years ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF