Run script in a clean environment
You can re-exec the script from within it:
[ -z "$CLEANED" ] && exec env -i CLEANED=1 "PATH=$PATH" "HOME=$HOME" bash "$0" "$@"
unset CLEANED
Where CLEANED
is a marker variable to tell your script that the environment has been cleaned.
In a bash script, how do I sanitize user input?
As dj_segfault points out, the shell can do most of this for you. Looks like you'll have to fall back on something external for lower-casing the string, though. For this you have many options, like the perl one-liners above, etc., but I think tr is probably the simplest.
# first, strip underscores
CLEAN=${STRING//_/}
# next, replace spaces with underscores
CLEAN=${CLEAN// /_}
# now, clean out anything that's not alphanumeric or an underscore
CLEAN=${CLEAN//[^a-zA-Z0-9_]/}
# finally, lowercase with TR
CLEAN=`echo -n $CLEAN | tr A-Z a-z`
The order here is somewhat important. We want to get rid of underscores, plus replace spaces with underscores, so we have to be sure to strip underscores first. By waiting to pass things to tr until the end, we know we have only alphanumeric and underscores, and we can be sure we have no spaces, so we don't have to worry about special characters being interpreted by the shell.
Run from clean login shell without credentials
You can pass environment variables directly in a command line, right before the executable name:
ENV_VAR=foo command -options ...
If you want to pass multiple variables just add them one after one:
ENV_VAR_FOO=foo ENV_VAR_BAR=bar command -options ...
In your case, you'll need to find out which environment variable cmake
needs to access the libraries. Then pass this to the call, like:
LIB_PATH=/path/to/libs cmake -options ...
How to run a terminal with clean environment from Python
Use the env
argument when calling subprocess.Popen
:
subprocess.Popen([cmd], stdout=subprocess.PIPE, shell=True, env={})
This will run it in as clean environment as possible, however a lot of maybe needed environment variables will be missing. You may want to cache os.environ
when you start your script and then populate the env
argument with that cache to get the same environment variables you had when you started your script.
Update (for clarity sake): Keep in mind that the current environment is always copied to any sub-process (and sub-processes cannot access/change the environment of their parents) so the above essentially takes the current environment and blanks it out (giving the sub-process copy of an empty environment) and if the sub-process cannot establish new environment it will never know the variables from your script's environment. One way to partially mitigate that is to actually let bash (or whatever shell you're calling from your sub-process) to load profile and other user scripts but it still won't get the global environment.
Set environment variables from file of key/value pairs
Problem with your approach is the export
in the while
loop is happening in a sub shell, and those variable will not be available in current shell (parent shell of while loop).
Add export
command in the file itself:
export MINIENTREGA_FECHALIMITE="2011-03-31"
export MINIENTREGA_FICHEROS="informe.txt programa.c"
export MINIENTREGA_DESTINO="./destino/entrega-prac1"
Then you need to source in the file in current shell using:
. ./conf/prac1
OR
source ./conf/prac1
How do I sanitize EDITOR, etc, environment variables?
I have only ever done something like this in CGI scripts, so perhaps this is not at all what you're looking for; I'm just hoping it'll help a bit. Here's a modified version of the selection of allowed characters I used, and a code suggestion:
my $editor = '/usr/bin/nano';
my $allowed = 'a-zA-Z0-9.\-_/';
# this is what I did, but you will probably not want to do this...
#$file =~ s/[^$allowed]//go; # Remove every character thats NOT in the OK-list
# check that the variables contain only allowed characters
if ($VISUAL =~ m/^[$allowed]+$/) {
$editor = $VISUAL;
}
elsif ($EDITOR =~ m/^[$allowed]+$/) {
$editor = $EDITOR;
}
else {
# message
}
# The code I have given above should also leave $editor in its default
# state if neither $VISUAL nor $EDITOR has been set, as the condition
# will not be true for empty strings/undef values.
Obviously, you cannot change the environment variables if you notice characters in them which you think shouldn't be there (i.e. characters which are not in the $allowed string), but you could check for the presence of such characters and fall back on your default editor in such a case. This is just my humble suggestion; perhaps an expert on the topic will reply in a while, and you'll get her/his wisdom served on a silver platter :)
Passing an environment variable to a bash script over ssh from perl system
Try this:
system("ssh -t remote FOO='dir/dir/filename.stderr' $dir/bashscript> $dir/stdout.stdout 2> $dir/stderr.stderr &");
Note that if the value comes from an untrusted source this can be dangerous. You should really escape the value before you pass is like that. For example, you could do something like this:
my $foo='some value here';
$foo=~s/'/'\\''/g; # escape the '
system("ssh -t remote env FOO='$FOO' $dir/bashscript> $dir/stdout.stdout 2> $dir/stderr.stderr &");
In either case, bashscript
can access the value via $FOO
.
Related Topics
Installed Clang++3.6 on Ubuntu, Can't Select as Alternative
How to Check That Two Folders Are the Same in Linux
Linux Loopback Performance with Tcp_Nodelay Enabled
Openssh Client Hangs on Logout When Forwarding X Connections
How to Obtain the Mdns.Service File Needed for Building Mdns in Yocto
How to Fix Symbol Lookup Error: Undefined Symbol Errors in a Cluster Environment
Changing Highlight Line Color in Emacs
Checking for Installed Packages and If Not Found Install
How to Get "Requests Per Second" for Apache in Linux
Shared Libraries: Windows VS Linux Method
When to Use --Dynamic Option in Nm
How to Kill Tcp Port 16969 in Bash
How to Develop Linux Screen Saver
Systemctl Status Shows Inactive Dead
Python Module Import Error for One User But Not the Other
Fata[0000] Get Http:///Var/Run/Docker.Sock/V1.17/Version: Dial Unix /Var/Run/Docker.Sock