Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The default vars file problem #1015

Closed
TinCanTech opened this issue Sep 1, 2023 · 4 comments · Fixed by #1021 or #1025
Closed

The default vars file problem #1015

TinCanTech opened this issue Sep 1, 2023 · 4 comments · Fixed by #1021 or #1025
Assignees
@TinCanTech
Labels
BUG ChangeLog Item development Possible changes discussion documentation Major Changes Changes between Major 3.X version numbers - X is Major URGENT BLOCKER: Line in the Sand
Milestone
v3.1.7

Comments

@TinCanTech
Copy link
Collaborator

TinCanTech commented Sep 1, 2023
edited
Loading

The problem with vars is that it allows setting EASYRSA.

This is a simple problem of authority, who is in charge ?

The solution is simple:

  • EASYRSA default IS $PWD
  • vars default MUST, therefore, be $PWD/vars

All other vars can be ignored, unless user specified.

The problem of authority is resolved by putting $PWD in charge of defaults.

As an easy to understand example of the problem, consider that:

# Set EASYRSA_VARS_FILE to your preferred vars file
set_var EASYRSA_VARS_FILE "$The_Moon"

is set inside the vars file.
@TinCanTech TinCanTech self-assigned this Sep 1, 2023
@TinCanTech TinCanTech added BUG documentation URGENT BLOCKER: Line in the Sand development Possible changes discussion Major Changes Changes between Major 3.X version numbers - X is Major ChangeLog Item labels Sep 1, 2023
@TinCanTech TinCanTech modified the milestone: v3.1.7 Sep 1, 2023
@TinCanTech
Copy link
Collaborator Author

TinCanTech commented Sep 1, 2023
edited
Loading

For version 3.1.x, easyrsa can still search for duplicates and issue a warning, instead of the current error.

The vars file in use is already shown to the user.

@TinCanTech TinCanTech mentioned this issue Sep 4, 2023
Closed
@TinCanTech
Copy link
Collaborator Author

TinCanTech commented Sep 4, 2023
edited
Loading

Reminder: Remove init-pki soft.

@TinCanTech TinCanTech mentioned this issue Sep 4, 2023
Closed
@TinCanTech TinCanTech linked a pull request Sep 15, 2023 that will close this issue
Forbid "default vars in the default PKI" for all commands #1021
Merged
@TinCanTech
Copy link
Collaborator Author

TinCanTech commented Sep 18, 2023
edited
Loading

User confirmation confirm() seems less heavy handed than forbidden.

@TinCanTech TinCanTech linked a pull request Sep 19, 2023 that will close this issue
Improve vars auto load #1025
Merged
@TinCanTech
Copy link
Collaborator Author

Follow-up: #1027

@TinCanTech TinCanTech mentioned this issue Oct 16, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@TinCanTech TinCanTech

Labels
BUG ChangeLog Item development Possible changes discussion documentation Major Changes Changes between Major 3.X version numbers - X is Major URGENT BLOCKER: Line in the Sand
Projects
None yet
Milestone
v3.1.7
1 participant
@TinCanTech