Re^6: Linux::usermod - user name ... already exists

It runs under taint mode. As mentioned earlier in the thread, the script does sanitization and validation of the strings earlier on long before they get sent to the shell scripts. I would avoid using the system programs directly if possible, but Linux::usermod is missing the functions needed to proerly rename an account belonging to several groups.

Could you please explain the advantages or differences between system() in list form and qx/ / in practice? I'm only interested in tracking if the action failed or succeeded and wish to suppress anything sent to stdin or stdout.

Comment on Re^6: Linux::usermod - user name ... already exists

Replies are listed 'Best First'.
Re^7: Linux::usermod - user name ... already exists by haukex (Archbishop) on Mar 25, 2019 at 09:55 UTC
Could you please explain the advantages or differences between `system()` in list form and `qx/ /` in practice? Other than that system doesn't capture output, it's that there is no built-in "list form" of `qx//`, meaning that reliably avoiding issues with shell quoting or security issues will always take extra code or a module, be it ShellQuote::Any or one of the modules I mentioned in the post I linked to earlier. IPC::System::Simple's `capturex` comes closest as a drop-in replacement to `qx` that avoids the shell. I'm only interested in tracking if the action failed or succeeded and wish to suppress anything sent to stdin or stdout. There's several options to do so, all involving external modules. For example, the aforementioned IPC::System::Simple, although you might have to wrap that in an eval or Try::Tiny because its errors are fatal by default, or you could wrap a system call in Capture::Tiny's `capture`, or you could use IPC::Run3... Of course it's possible to DIY by redirecting `STDOUT/ERR`, but then you'd just be reproducing the code that's in those modules, and most likely the code would not be as portable and not cover as many special cases as the modules do.	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re^7: Linux::usermod - user name ... already exists
by haukex (Archbishop) on Mar 25, 2019 at 09:55 UTC

Could you please explain the advantages or differences between system() in list form and qx/ / in practice?

Other than that system doesn't capture output, it's that there is no built-in "list form" of qx//, meaning that reliably avoiding issues with shell quoting or security issues will always take extra code or a module, be it ShellQuote::Any or one of the modules I mentioned in the post I linked to earlier. IPC::System::Simple's capturex comes closest as a drop-in replacement to qx that avoids the shell.

I'm only interested in tracking if the action failed or succeeded and wish to suppress anything sent to stdin or stdout.

There's several options to do so, all involving external modules*. For example, the aforementioned IPC::System::Simple, although you might have to wrap that in an eval or Try::Tiny because its errors are fatal by default, or you could wrap a system call in Capture::Tiny's capture, or you could use IPC::Run3...

* Of course it's possible to DIY by redirecting STDOUT/ERR, but then you'd just be reproducing the code that's in those modules, and most likely the code would not be as portable and not cover as many special cases as the modules do.

[reply]
[d/l]
[select]