From c2d9ea1f610ee431cfcd0d0557cfd88ac78fc08b Mon Sep 17 00:00:00 2001 From: Adrien Ferrand Date: Thu, 4 Apr 2019 19:46:46 +0200 Subject: [PATCH] Protect certbot-auto against non numerical version release in some RPM distributions (#6913) Fixes #6912 Bash evaluate all condition in a predicate statement, eg. `"$SOMEVAR" = "test" -a "$ANOTHERVAR" = "test2"`, even if it is not necessary, for instance if the first condition is false in the example here. As a consequence, on non-Fedora distributions, an evaluation of the distribution version could be done on non numeric value, eg. `"6.7" -eq "29"`, making certbot-auto failing in this case. This PR fixes that, by evaluating the version on RPM distributions only if we are on Fedora. Otherwise, version will be "0". --- letsencrypt-auto-source/letsencrypt-auto | 5 ++++- letsencrypt-auto-source/letsencrypt-auto.template | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto index ac72dfac9..1958a5195 100755 --- a/letsencrypt-auto-source/letsencrypt-auto +++ b/letsencrypt-auto-source/letsencrypt-auto @@ -750,7 +750,10 @@ elif [ -f /etc/redhat-release ]; then DeterminePythonVersion "NOCRASH" # Starting to Fedora 29, python2 is on a deprecation path. Let's move to python3 then. RPM_DIST_NAME=`(. /etc/os-release 2> /dev/null && echo $ID) || echo "unknown"` - RPM_DIST_VERSION=`(. /etc/os-release 2> /dev/null && echo $VERSION_ID) || echo "0"` + RPM_DIST_VERSION=0 + if [ "$RPM_DIST_NAME" = "fedora" ]; then + RPM_DIST_VERSION=`(. /etc/os-release 2> /dev/null && echo $VERSION_ID) || echo "0"` + fi if [ "$RPM_DIST_NAME" = "fedora" -a "$RPM_DIST_VERSION" -ge 29 -o "$PYVER" -eq 26 ]; then Bootstrap() { BootstrapMessage "RedHat-based OSes that will use Python3" diff --git a/letsencrypt-auto-source/letsencrypt-auto.template b/letsencrypt-auto-source/letsencrypt-auto.template index 0d3312968..a5a29c483 100755 --- a/letsencrypt-auto-source/letsencrypt-auto.template +++ b/letsencrypt-auto-source/letsencrypt-auto.template @@ -325,7 +325,10 @@ elif [ -f /etc/redhat-release ]; then DeterminePythonVersion "NOCRASH" # Starting to Fedora 29, python2 is on a deprecation path. Let's move to python3 then. RPM_DIST_NAME=`(. /etc/os-release 2> /dev/null && echo $ID) || echo "unknown"` - RPM_DIST_VERSION=`(. /etc/os-release 2> /dev/null && echo $VERSION_ID) || echo "0"` + RPM_DIST_VERSION=0 + if [ "$RPM_DIST_NAME" = "fedora" ]; then + RPM_DIST_VERSION=`(. /etc/os-release 2> /dev/null && echo $VERSION_ID) || echo "0"` + fi if [ "$RPM_DIST_NAME" = "fedora" -a "$RPM_DIST_VERSION" -ge 29 -o "$PYVER" -eq 26 ]; then Bootstrap() { BootstrapMessage "RedHat-based OSes that will use Python3"