diff options
author | Ludovic Courtès <ludo@gnu.org> | 2023-02-24 11:15:45 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2023-02-27 23:40:43 +0100 |
commit | 43c36c5c9f7a31649eb059fd16ed82bde20da3fc (patch) | |
tree | 305f5793c75a118ef9a76d8229110ee104859f35 /gnu | |
parent | 92a0e60a963a54230e400c5c2ae585205489bf35 (diff) | |
download | guix-43c36c5c9f7a31649eb059fd16ed82bde20da3fc.tar.gz |
ui: 'display-hint' quotes extra arguments for Texinfo.
Fixes <https://issues.guix.gnu.org/61201>. Previously, common practice was to splice arbitrary strings (user names, file names, etc.) into Texinfo snippets passed to 'display-hint'. This is unsafe in the general case because at signs and braces need to be escaped to produced valid Texinfo. This commit addresses that. * guix/ui.scm (texinfo-quote): New procedure. (display-hint): When ARGUMENTS is non-empty, pass it to 'texinfo-quote' and call 'format'. (report-unbound-variable-error, check-module-matches-file) (display-collision-resolution-hint, run-guix-command): Remove explicit 'format' call; pass 'format' arguments as extra arguments to 'display-hint'. * gnu/services/monitoring.scm (zabbix-front-end-config): Likewise. * guix/scripts.scm (warn-about-disk-space): Likewise. * guix/scripts/build.scm (%standard-cross-build-options) (%standard-native-build-options): Likewise. * guix/scripts/describe.scm (display-checkout-info): Likewise. * guix/scripts/environment.scm (suggest-command-name): Likewise. * guix/scripts/home.scm (process-command): Likewise. * guix/scripts/home/edit.scm (service-type-not-found): Likewise. * guix/scripts/import.scm (guix-import): Likewise. * guix/scripts/package.scm (display-search-path-hint): Likewise. * guix/scripts/pull.scm (build-and-install): Likewise. * guix/scripts/shell.scm (auto-detect-manifest): Likewise. * guix/scripts/system.scm (check-file-system-availability): Likewise. (guix-system): Likewise. * guix/scripts/system/edit.scm (service-type-not-found): Likewise. * guix/status.scm (print-build-event): Likewise.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/services/monitoring.scm | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/gnu/services/monitoring.scm b/gnu/services/monitoring.scm index 44e2e8886c..bbf8b10f8b 100644 --- a/gnu/services/monitoring.scm +++ b/gnu/services/monitoring.scm @@ -662,9 +662,11 @@ $DB['PASSWORD'] = " (let ((file (location-file %location)) (string-append "trim(file_get_contents('" db-secret-file "'));\n")) (begin - (display-hint (format #f (G_ "~a:~a:~a: ~a: + (display-hint (G_ "~a:~a:~a: ~a: Consider using @code{db-secret-file} instead of @code{db-password} for better -security.") file line column 'zabbix-front-end-configuration)) +security.") + file line column + 'zabbix-front-end-configuration) (format #f "'~a';~%" db-password)))) " // Schema name. Used for IBM DB2 and PostgreSQL. |