From 499ea4753c90ca67a7715ab84d0138b02cc1b2f0 Mon Sep 17 00:00:00 2001 From: Douglas Raillard Date: Tue, 24 Sep 2024 10:52:08 +0100 Subject: [PATCH] target: Check command output sanity Check that no element in the chain adds any unwanted content to stdout or stderr when running a command. This is especially important as PAM modules can just write arbitrary messages to stdout when using sudo, such as password expiry notification. There unfortunately seems to be no way of silencing it, but we can at least catch it before it triggers errors down the line. --- devlib/target.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/devlib/target.py b/devlib/target.py index db4ed9a..9f2a5c1 100644 --- a/devlib/target.py +++ b/devlib/target.py @@ -535,9 +535,17 @@ class Target(object): """ Check that the connection works without obvious issues. """ - out = await self.execute.asyn('true', as_root=False) - if out.strip(): - raise TargetStableError('The shell seems to not be functional and adds content to stderr: {}'.format(out)) + async def check(**kwargs): + out = await self.execute.asyn('true', **kwargs) + if out: + raise TargetStableError('The shell seems to not be functional and adds content to stderr: {!r}'.format(out)) + + await check(as_root=False) + # If we are rooted, we usually run with sudo. Unfortunately, PAM + # modules can write random text to stdout such as: + # Your password will expire in XXX days. + if self.is_rooted: + await check(as_root=True) def disconnect(self): connections = self._conn.get_all_values()