Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-105093

specifying multiple users causes resources to be associated with wrong user

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • rhel-system-roles
    • 0
    • Dev ack
    • False
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Red Hat Enterprise Linux
    • None
    • Bug Fix
    • Hide
      .Specifying multiple users no longer causes resources to be associated with the wrong user

      Previously, when managing resources for two different users, both `vars` and `set_fact` were used to set the `pass:[__podman_user]` and `pass:[__podman_user_home_dir]` variables. This led to unpredictable and undefined behavior as the system used the old values from the first user for the second user, causing the second user’s configuration to incorrectly reference the first user's data.

      With this fix, the role sets the `podman_user` variable only with `set_fact`, and the `pass:[__podman_user_home_dir]` variable only with `vars`. Also, the code has been refactored to use ` pass:[__podman_handle_user]` instead of `pass:[ __podman_user]` where the role could use `vars`.
      As a result, you keep data for multiple users separate and ensure consistent configurations.

      Show
      .Specifying multiple users no longer causes resources to be associated with the wrong user Previously, when managing resources for two different users, both `vars` and `set_fact` were used to set the `pass:[__podman_user]` and `pass:[__podman_user_home_dir]` variables. This led to unpredictable and undefined behavior as the system used the old values from the first user for the second user, causing the second user’s configuration to incorrectly reference the first user's data. With this fix, the role sets the `podman_user` variable only with `set_fact`, and the `pass:[__podman_user_home_dir]` variable only with `vars`. Also, the code has been refactored to use ` pass:[__podman_handle_user]` instead of `pass:[ __podman_user]` where the role could use `vars`. As a result, you keep data for multiple users separate and ensure consistent configurations.
    • Done
    • Done
    • Done
    • Not Required
    • None

      Cause: The variables __podman_user and __podman_user_home_dir were being
      set by both `vars` and `set_fact`. This causes unpredictable and
      undefined behavior.

      Consequence: When managing resources for two different users, the
      variables __podman_user and __podman_user_home_dir were using the old
      values from the first user, so config files for the first user were
      being used for the second user.

      Fix: Ensure that __podman_user is only ever set with `set_fact`, and
      __podman_user_home_dir is only ever set with `vars`. Refactor the
      code to use __podman_handle_user instead of __podman_user where a
      `vars` could be used.

      Result: Data for multiple users is kept separate.

      Signed-off-by: Rich Megginson <rmeggins@redhat.com>

        1. Summary by Sourcery

      Prevent cross-user data contamination by introducing a dedicated __podman_handle_user variable for user tasks and using vars instead of set_fact for __podman_user_home_dir.

      Bug Fixes:

      • Stop mixing facts and vars for __podman_user and __podman_user_home_dir to avoid stale user data when managing multiple users

      Enhancements:

      • Refactor handle_user_group and include_tasks calls to use __podman_handle_user consistently
      • Move __podman_user_home_dir assignment into vars blocks instead of set_fact

              rmeggins@redhat.com Richard Megginson
              rmeggins@redhat.com Richard Megginson
              Richard Megginson Richard Megginson
              David Jez David Jez
              Mugdha Soni Mugdha Soni
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: