[Libguestfs] [PATCH nbdkit v2 1/4] server: Add -D nbdkit.environ=1 to dump the environment
Laszlo Ersek
lersek at redhat.com
Tue May 9 12:24:54 UTC 2023
On 5/9/23 11:51, Richard W.M. Jones wrote:
> This is not secure so should not be used routinely. Also we do not
> attempt to filter environment variables, so even ones containing
> multiple lines or special characters are all sent to nbdkit_debug.
>
> The reason for adding this is to allow for debugging the new
> nbd_set_socket_activation_name(3) API added in libnbd 1.16.
> ---
> docs/nbdkit.pod | 8 ++++++++
> server/main.c | 22 ++++++++++++++++++++++
> 2 files changed, 30 insertions(+)
>
> diff --git a/docs/nbdkit.pod b/docs/nbdkit.pod
> index 83cf6a11c..634c97e3a 100644
> --- a/docs/nbdkit.pod
> +++ b/docs/nbdkit.pod
> @@ -619,6 +619,14 @@ are numerous and not usually very interesting.
> S<I<-D nbdkit.backend.controlpath=0>> suppresses the non-datapath
> commands (config, open, close, can_write, etc.)
>
> +=item B<-D nbdkit.environ=1>
> +
> +Print nbdkit's environment variables in the debug output at start up.
> +This is insecure because environment variables may contain both
> +sensitive and user-controlled information, so it should not be used
> +routinely. But it is useful for tracking down problems related to
> +environment variables.
> +
> =item B<-D nbdkit.tls.log=>N
>
> Enable TLS logging. C<N> can be in the range 0 (no logging) to 99.
> diff --git a/server/main.c b/server/main.c
> index 1df5d69ac..528a2dfea 100644
> --- a/server/main.c
> +++ b/server/main.c
> @@ -210,6 +210,22 @@ dump_config (void)
> #endif
> }
>
> +/* -D nbdkit.environ=1 to dump the environment at start up. */
> +NBDKIT_DLL_PUBLIC int nbdkit_debug_environ;
> +
> +#ifndef HAVE_ENVIRON_DECL
> +extern char **environ;
> +#endif
> +
> +static void
> +dump_environment (void)
> +{
> + size_t i;
> +
> + for (i = 0; environ[i]; ++i)
> + nbdkit_debug ("%s", environ[i]);
> +}
> +
> int
> main (int argc, char *argv[])
> {
> @@ -662,6 +678,12 @@ main (int argc, char *argv[])
> /* Check all debug flags were used, and free them. */
> free_debug_flags ();
>
> + /* Dump the environment if asked. This is the earliest we can do it
> + * because it uses a debug flag.
> + */
> + if (nbdkit_debug_environ && verbose)
> + dump_environment ();
> +
> if (help) {
> struct backend *b;
>
Reviewed-by: Laszlo Ersek <lersek at redhat.com>
More information about the Libguestfs
mailing list