Charm Helpers

Generated NRPE checks swallow quotes

Bug #1706265 reported by Haw Loeung
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Charm Helpers
Confirmed
Undecided
Unassigned

Bug Description

Hi,

The graylog charm has this bit of code:

| if conf['web_listen_uri']:
| url = urlparse(conf['web_listen_uri'])
| check_string = '<title>Graylog Web Interface</title>'
| nrpe_setup.add_check(
| 'graylog_http',
| 'Graylog Web UI check',
| '/usr/lib/nagios/plugins/check_http -I {} -p {} -s "{}"'.format(url.hostname, str(url.port), check_string)

Which is supposed to generate a check such as this:

| command[check_graylog_http]=/usr/lib/nagios/plugins/check_http -I 0.0.0.0 -p 9000 -s "<title>Graylog Web Interface</title>"

Unfortunately, the double-quote characters are being stripped and the generated check is actually this:

| $ cat /etc/nagios/nrpe.d/check_graylog_http.cfg
| # check graylog_http
| # The following header was added automatically by juju
| # Modifying it will affect nagios monitoring and alerting
| # servicegroups: is-centralized-logging
| command[check_graylog_http]=/usr/lib/nagios/plugins/check_http -I 0.0.0.0 -p 9000 -s <title>Graylog Web Interface</title>

Which then causes the check to fail.

I think it may be the use of **kwargs, but I'm not sure.

Revision history for this message
Paul Collins (pjdc) wrote :

I think it's because Check.__init__ does this:

        parts = shlex.split(check_cmd)

and then does this:

                    command += " " + " ".join(parts[1:])

instead of using shlex.join.

Revision history for this message
Paul Collins (pjdc) wrote :

https://github.com/juju/charm-helpers/pull/438

Revision history for this message
Paul Collins (pjdc) wrote :

PR won't work as-is, since shlex.quote is very new.

Revision history for this message
Paul Collins (pjdc) wrote :

Updated PR with adapted copy of shlex.quote etc. from Python 3.8 to use as a fallback.

Revision history for this message
Paul Collins (pjdc) wrote :

I realized the approach in the PR above will break the existing escaping workarounds used in all such add_check calls, so I've closed the PR while I try to think of a better idea.

Changed in charm-helpers:
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.