Programs using netrc with containing an entry without a password fail with an exception "malformed machine entry <> terminated by ''"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python3.10 (Ubuntu) |
Incomplete
|
Medium
|
Eero Aaltonen | ||
Jammy |
New
|
Undecided
|
Unassigned |
Bug Description
Some services use provide token authentication, where the users token is input as the "username" field, resulting in a netrc entry containing
```
machine SOME_ADDRESS
login SOME_TOKEN
```
but no password entry.
Trying to run some python based program, that uses netrc, such as
```
ansible-galaxy collection install SOME_PACKAGE
```
with this such a netrc file will fail with an exception
"malformed machine entry SOME_ADDRESS terminated by ''".
This is upstream bug https:/
[ Impact ]
* Users are not able to run Python based programs using netrc credentials, such as ansible.
[ Test Plan ]
* Install ansible with `sudo apt install ansible`
* Add an entry to ~/.netrc containing only the "machine" and "login" tokens
* observe failure when trying to run `ansible-galaxy collection install community.crypto`
[ Where problems could occur ]
* Some over specific test suite relying on current overly strict parsing. However such a test suite would have to be fixed for python3.11 anyway.
[ Other Info ]
Changed in python3.10 (Ubuntu): | |
assignee: | nobody → Dan Bungert (dbungert) |
Hi Eero, thanks for the patch. Some comments:
* I targeted this bug to Jammy, since that's the only relevant series with py3.10
* changelog: note that we should close the bug with a syntax like LP: #2067361 instead of "Closes"
Now about the content - this patch is described as a "Minimal change of upstream fix". I get that this is a minimal backport, which is nice from a SRU perspective in terms of lines of code. That said, the logic in that commit and what's shown here are quite a bit different, much more than I expected to see from the "Minimal change" description, so plainly there are going to be differences in what is present in py3.11 and what would be supported here. I'm not sure I would call this an "obviously safe patch" per https:/ /wiki.ubuntu. com/StableRelea seUpdates# Other_safe_ cases
The upstream commit does have unit tests, I think it would be sensible to include relevant tests, and I'd suggest a discussion here on the merits of the current backported logic versus what the full upstream commit would offer.
My primary concern here is to not make some existing use cases worse while making this case better.
I'm going to unsubscribe Sponsors for the moment, please update this bug with your thoughts.