spring-boot icon indicating copy to clipboard operation
spring-boot copied to clipboard
verified publisher icon spring-projects

Escaped and quoted arguments are treated differently by the launch script depending on how it is invoked

Open Swissbite opened this issue 6 years ago • 2 comments

A spring-boot application treats the escaping of arguments differently at startup as root or as user if it is not using the start-stop-daemon.

The issue was introduced with commit 4c65e5e704cfab3160ea7276304f307c993bddf9 by using printf for arguments if running as root or just passing the arguments if running as user.

How to reproduce:

  1. Create a spring-boot-application with a config file
  2. Add RUN_ARGS with single quote, like RUN_ARGS='--spring.datasource.password=my$password$with$dollars'
  • Start the application as user will add the RUN_ARGS correct, even for multiline values
  • Start the application as root will not escape the value.

Solutions to make it predictable

  • Not using the printf (may be a bad solution? )
  • Using printf in all cases as it is currently done for root
  • Using printf in all cases and reflect single quote escaping defined in the .conf file.

Additional information I was not able to test against the start-stop-daemon. It might by that it is also ignoring the single quote arguments given in the .conf file.

Swissbite avatar Oct 08 '19 15:10 Swissbite

Update for peoples who may have the same issue:

Simple workaround:

  • Add an application.properties anywhere near your deployment path
  • Add following config to the run args--spring.config.additional-location=./path/to/folder/

Documentation about this config property: 2.3. Application Property Files

Swissbite avatar Nov 18 '19 13:11 Swissbite

To reduce the risk of regression, we should tackle #20335 before fixing this issue.

wilkinsona avatar Feb 27 '20 12:02 wilkinsona