From bcc2df7e20713f1d1d1f2d5c5a83ced6ee251fcf Mon Sep 17 00:00:00 2001 From: Richard Alpe Date: Tue, 19 May 2026 09:53:56 +0200 Subject: [PATCH] statd: yanger: stop overwriting infix-containers 'command' leaf The 'command' leaf is config, with a strict pattern that doesn't allow '&', quotes or pipes. Yanger was populating it from podman's full, untruncated container command -- so any container whose entrypoint uses shell metacharacters (e.g. sh -c "... && ...") failed YANG validation. The symptom: every operational read of /infix-containers:containers returns SR_ERR_INTERNAL, which in turn fails the whole get-data on the operational datastore. This breaks case/misc/operational_all and any RESTCONF/NETCONF read that touches containers. This was introduced in 59028c4 ("Fix #1466: 'show container' shows no output"), which added the operational, pattern-less 'cmdline' leaf but left the old 'command' assignment in place. Drop it -- 'cmdline' already carries the full command line, and 'command' belongs to running config. Note: the failure can look intermittent across test runs because podman storage is persistent. It only triggers once a container with a bad-pattern command ends up in 'podman ps -a', including stale or exited leftovers from earlier runs. Signed-off-by: Richard Alpe --- src/statd/python/yanger/infix_containers.py | 4 ---- test/case/statd/containers/infix-containers.json | 3 --- test/case/statd/containers/operational.json | 3 --- 3 files changed, 10 deletions(-) diff --git a/src/statd/python/yanger/infix_containers.py b/src/statd/python/yanger/infix_containers.py index df14f2482..8e90fdb9d 100644 --- a/src/statd/python/yanger/infix_containers.py +++ b/src/statd/python/yanger/infix_containers.py @@ -234,10 +234,6 @@ def container(ps): if path: out["cmdline"] = " ".join([path] + args) - cmd = inspect.get("Config", {}).get("Cmd", []) - if cmd: - out["command"] = " ".join(cmd) - net = network(ps, inspect) if net: out["network"] = net diff --git a/test/case/statd/containers/infix-containers.json b/test/case/statd/containers/infix-containers.json index 45833df4b..943bbe210 100644 --- a/test/case/statd/containers/infix-containers.json +++ b/test/case/statd/containers/infix-containers.json @@ -9,7 +9,6 @@ "running": true, "status": "Up About a minute", "cmdline": "/usr/bin/tini -- /usr/sbin/httpd -f -v", - "command": "/usr/sbin/httpd -f -v", "network": { "interface": [ { @@ -30,7 +29,6 @@ "running": true, "status": "Up About a minute", "cmdline": "/usr/bin/tini -- /usr/sbin/httpd -f -v -p 91", - "command": "/usr/sbin/httpd -f -v -p 91", "network": { "interface": [ { @@ -53,7 +51,6 @@ "running": true, "status": "Up About a minute", "cmdline": "/usr/bin/tini -- /usr/sbin/nft-helper /etc/nftables.conf", - "command": "/usr/sbin/nft-helper /etc/nftables.conf", "network": { "host": true } diff --git a/test/case/statd/containers/operational.json b/test/case/statd/containers/operational.json index 23198c4a3..8b448c1a9 100644 --- a/test/case/statd/containers/operational.json +++ b/test/case/statd/containers/operational.json @@ -1188,7 +1188,6 @@ "container": [ { "cmdline": "/usr/bin/tini -- /usr/sbin/httpd -f -v", - "command": "/usr/sbin/httpd -f -v", "id": "78d28082c2e5d494c82aa181c95118ce498e25930ad9e288ba010257ca336378", "image": "localhost/curios-httpd-oci-amd64-v24.11.0:latest", "image-id": "d6930d60a73be9980f8e19b4b4f63586a6d3492178e20bea962e4e9b8c654033", @@ -1209,7 +1208,6 @@ }, { "cmdline": "/usr/bin/tini -- /usr/sbin/httpd -f -v -p 91", - "command": "/usr/sbin/httpd -f -v -p 91", "id": "3451cfceca4eee1091c1dfedece2faee99bc8a729e781799d9c0b4368a31d86d", "image": "localhost/curios-httpd-oci-amd64-v24.11.0:latest", "image-id": "d6930d60a73be9980f8e19b4b4f63586a6d3492178e20bea962e4e9b8c654033", @@ -1232,7 +1230,6 @@ }, { "cmdline": "/usr/bin/tini -- /usr/sbin/nft-helper /etc/nftables.conf", - "command": "/usr/sbin/nft-helper /etc/nftables.conf", "id": "4e7c3daeba15546e7640014b9ee46e389737ed36583e5cb2f8b75a07a82e8523", "image": "localhost/curios-nftables-oci-amd64-v24.11.0:latest", "image-id": "7a3cc502436250357a6664100a600f306334b4d7203890b85b7ea9b8da6b5665",