From 6719487a3012d04743ddad638bc74e0fa9fe0c80 Mon Sep 17 00:00:00 2001 From: Johannes Truschnigg Date: Sat, 27 Sep 2025 13:34:02 +0200 Subject: [PATCH 1/2] Don't fork/exec/cat/grep for evaluating ifupdown2.conf This avoids gratuitous execution of POSIX utilities in a forked shell to do a job that python itself is perfectly capable of doing. Note that it changes existing behavior *slightly* (but for the better), as before this patch, even a commented out line like the following: # enable_persistent_debug_logging=yes ... in `ifupdown2.conf` would have led to the persistent debugging feature being enabled, despite `ifupdown2.conf`'s content suggesting that this is against the (afaict not formally specified) parsing rules. --- ifupdown2/lib/log.py | 40 ++++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/ifupdown2/lib/log.py b/ifupdown2/lib/log.py index 7d03d265..487fad69 100644 --- a/ifupdown2/lib/log.py +++ b/ifupdown2/lib/log.py @@ -23,6 +23,7 @@ import os import sys import shutil +import re import traceback import logging @@ -126,31 +127,34 @@ def __init__(self): self.__root_logger.debug("couldn't initialize persistent debug logging: %s" % str(e)) def __get_enable_persistent_debug_logging(self): - # ifupdownconfig.config is not yet initialized so we need to cat and grep ifupdown2.conf + # ifupdownconfig.config is not yet initialized so we need to evaluate ifupdown2.conf # by default we limit logging to LOGGING_DIRECTORY_LIMIT number of files # the user can specify a different amount in /etc/network/ifupdown2/ifupdown2.conf # or just yes/no to enable/disable the feature. - try: - user_config_limit_str = ( - utils.exec_user_command( - "cat /etc/network/ifupdown2/ifupdown2.conf | grep enable_persistent_debug_logging") or "" - ).strip().split("=", 1)[1] - try: - # get the integer amount - return int(user_config_limit_str) - except ValueError: - # the user didn't specify an integer but a boolean - # if the input is not recognized we are disabling the feature - user_config_limit = { - True: self.LOGGING_DIRECTORY_LIMIT, - False: 0, - }.get(utils.get_boolean_from_string(user_config_limit_str)) + # ensure a safe default return value + result = self.LOGGING_DIRECTORY_LIMIT + cfg_valid_values = r"^(yes|no|\d+)$" + try: + with open('/etc/network/ifupdown2/ifupdown2.conf', 'r') as conffile: + for line in conffile.readlines(): + if line.startswith('enable_persistent_debug_logging='): + val = line.split("=")[-1].strip() + if re.match(cfg_valid_values, val): + try: + val = int(val) + result = max(0, val) + except ValueError: + result = { + True: self.LOGGING_DIRECTORY_LIMIT, + False: 0, + }.get(utils.get_boolean_from_string(user_config_limit_str)) except Exception: - user_config_limit = self.LOGGING_DIRECTORY_LIMIT + pass + + return result - return user_config_limit def __init_debug_logging(self): # check if enable_persistent_debug_logging is enabled From 86978db1a06685470692ef59961a179bf70011ae Mon Sep 17 00:00:00 2001 From: Johannes Truschnigg Date: Sat, 27 Sep 2025 13:50:46 +0200 Subject: [PATCH 2/2] Fix comment with proper LOGGING_DIRECTORY value --- etc/network/ifupdown2/ifupdown2.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/network/ifupdown2/ifupdown2.conf b/etc/network/ifupdown2/ifupdown2.conf index bc1acb9c..0e1d5e3c 100644 --- a/etc/network/ifupdown2/ifupdown2.conf +++ b/etc/network/ifupdown2/ifupdown2.conf @@ -5,7 +5,7 @@ # # enable persistent ifupdown2 debug logs -# ifupdown2 will keep debug logs in /etc/network/ifupdown2/logs +# ifupdown2 will keep debug logs in /var/log/ifupdown2/logs/ # by default the last 42 configurations logs will be kept. # yes - (default) enable persistent logging (42 configs) # no - disable persistent logging