Jira (BOLT-1329) Delete task wrapper script before running the task

9 views
Skip to first unread message

Nick Lewis (JIRA)

unread,
May 21, 2019, 3:09:03 PM5/21/19
to puppe...@googlegroups.com
Nick Lewis created an issue
 
Puppet Task Runner / Improvement BOLT-1329
Delete task wrapper script before running the task
Issue Type: Improvement Improvement
Assignee: Unassigned
Created: 2019/05/21 12:08 PM
Priority: Normal Normal
Reporter: Nick Lewis

When running a task over SSH with run-as and using the stdin input method, we write a wrapper script to the target that passes the stdin via a heredoc. That means that if the task invocation has sensitive parameters, they are persisted on disk (albeit in a secured temporary file) for the duration of the task run and only cleaned up after it's finished.

We should instead make the script self-deleting by making its first line a call to rm /path/to/the/wrapper/script. Since the script will already have been loaded by the shell, we can safely delete it and continue executing. That will significantly reduce the amount of time that parameters exist on disk, as it will only be between the time we write the script and the time we run the script.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Cas Donoghue (JIRA)

unread,
Jul 31, 2019, 1:14:03 PM7/31/19
to puppe...@googlegroups.com
Cas Donoghue updated an issue
Change By: Cas Donoghue
Sprint: Bolt Kanban

Cas Donoghue (JIRA)

unread,
Jul 31, 2019, 1:15:03 PM7/31/19
to puppe...@googlegroups.com
Cas Donoghue assigned an issue to Cas Donoghue
Change By: Cas Donoghue
Assignee: Cas Donoghue

Cas Donoghue (JIRA)

unread,
Aug 1, 2019, 2:14:04 PM8/1/19
to puppe...@googlegroups.com
Cas Donoghue assigned an issue to Unassigned

Cas Donoghue (JIRA)

unread,
Aug 1, 2019, 2:15:03 PM8/1/19
to puppe...@googlegroups.com
Cas Donoghue updated an issue
Change By: Cas Donoghue
Sprint: Bolt Kanban Ready for Grooming
Reply all
Reply to author
Forward
0 new messages