Linux installation method is dangerous
mark-wagner opened this issue · 2 comments
The Linux installation method is dangerous but I'm not talking about the use of curl | bash
. When using this installation method, the best practice it to wrap the installation in a single character function to safely handle network interruptions.
In install_collector.sh you have
function cleanup() {
rm -f $NPIPE
rm -rf $TEMP_DIR
}
trap cleanup EXIT
Consider what would happen if the script download was interrupted after line 158 character 10 was downloaded. You'd have
TEMP_DIR=/
Thus curl | bash
would execute rm -rf /
Hi Mark,
Thank you for the warning. You are right, "rm -rf" is always very dangerous. If we don't handle it carefully, it can cause disasters.
In this case, I don't think cleanup() function can be called before TEMP_DIR is set to correct value. Please see the code below. TEMP_DIR is set at line 158, ERR and EXIT signal handler are set up at line 169 and line 171. So TEMP_DIR is always set to correct value before the handler functions are installed.
158 TEMP_DIR=/tmp/zlog-collector-install.$$
159 mkdir -p $TEMP_DIR
160
161 # Set up a named pipe for logging
162 NPIPE=/tmp/$$.tmp
163 mknod $NPIPE p
164
165 # Log all output to a log for error checking
166 tee <$NPIPE $LOG_FILE &
167 exec 1>&-
168 exec 1>$NPIPE 2>&1
169 trap cleanup EXIT
170
171 trap on_error ERR
Brady
Thanks for looking into this. You're right!