Skip to content

minikube ssh doesn't escape args properly #20855

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
zimbatm opened this issue May 28, 2025 · 1 comment
Open

minikube ssh doesn't escape args properly #20855

zimbatm opened this issue May 28, 2025 · 1 comment

Comments

@zimbatm
Copy link

zimbatm commented May 28, 2025

What Happened?

$ minikube ssh -- bash -c "sudo ls"
usage: sudo -h | -K | -k | -V
usage: sudo -v [-ABknS] [-g group] [-h host] [-p prompt] [-u user]
usage: sudo -l [-ABknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command]
usage: sudo [-ABbEHknPS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory]
            [-T timeout] [-u user] [VAR=value] [-i|-s] [<command>]
usage: sudo -e [-ABknS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory]
            [-T timeout] [-u user] file ...
ssh: Process exited with status 1

This looks like an issue where the arguments with whitespaces don't get escaped properly. Instead of sending bash -c "sudo ls" it looks like it gets translated to bash -c "sudo" "ls".

Attach the log file

log.txt

Operating System

Other

Driver

Docker
@zimbatm
Copy link
Author

zimbatm commented May 28, 2025
edited
Loading

After following the invocation trail, ssh is using docker's libmachine, and here is the bug:

https://github.com/minikube-machine/machine/blob/cd9dd9aaf4aa9b3265d19f520101af822659b1a3/libmachine/ssh/client.go#L327-L329

args.Join(" ") is squashing all the arguments together without the proper escaping.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zimbatm
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy