Commit hooks not running

bri · January 1, 2023, 1:30am

the problem:

I’m trying to add a commit post-hook, but it doesn’t run.

Here’s a simple vbash script that tests this as far as I understand how to set it up. Using this script on v1.3.2 or v1.4-rolling does not function as expected. I’ve tried on an unofficial stock build of 1.3.2, the 1.4-rolling-202212310809 from vyos.io, and my own custom build of 1.4-rolling.

#!/bin/vbash
# -rwxrwxr-x 1 vyos vyattacfg /config/scripts/commit/post-hooks.d/01-hello
echo hello world
touch "$HOME/`date +%s`"

what happens:

This hook should echo some text and create a new file with the current unix timestamp on every commit (this is just an example), but in actuality the commit proceeds normally as if there’s no hook.

PS C:\Users\brire> ssh vyos@172.20.48.130 -oidentitiesonly=true
vyos@172.20.48.130's password:
Welcome to VyOS!

Check out project news at https://blog.vyos.io
and feel free to report bugs at https://phabricator.vyos.net

You can change this banner using "set system login banner post-login" command.

VyOS is a free software distribution that includes multiple components,
you can check individual component licenses under /usr/share/doc/\*/copyright
Last login: Sun Jan  1 01:07:52 2023 from 172.20.48.1
vyos@vyos:~$ show conf
interfaces {
    ethernet eth0 {
        address dhcp
        hw-id 00:15:5d:0c:7a:00
    }
}
service {
    ssh {
        listen-address 0.0.0.0
    }
}
vyos@vyos:~$ conf
[edit]
vyos@vyos# comment interfaces ethernet eth0 "just making a change so I can commit"
[edit]
vyos@vyos# commit
[edit]
vyos@vyos# ### Something should have happened.
[edit]
vyos@vyos# ls -l ~
total 0
[edit]
vyos@vyos# ### ...but nothing happened!!!
vyos@vyos# show
 interfaces {
     /* just making a change so I can commit */
     ethernet eth0 {
         address dhcp
         hw-id 00:15:5d:0c:7a:00
     }
 }
 service {
     ssh {
         listen-address 0.0.0.0
     }
 }
[edit]
vyos@vyos# ###So the commit did succeed! But the hooks were not run. 
[edit]
vyos@vyos# ### Let's set this back and try again.
[edit]
vyos@vyos# comment interfaces ethernet eth0 ""
vyos@vyos# show
 interfaces {
-    /* just making a change so I can commit */
     ethernet eth0 {
         address dhcp
         hw-id 00:15:5d:0c:7a:00
     }
 }
 service {
     ssh {
         listen-address 0.0.0.0
     }
 }
[edit]
vyos@vyos# commit
[edit]
vyos@vyos# ### Still nothing!

Running on Hyper-V on Windows 11 and Windows Server 2022, if that matters.

roedie · January 1, 2023, 11:17am

Hi,

I just tested this on 1.4-202212280917 and it works.

There is one little caveat though, the docs state:

Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed.

which I didn’t read, so my test.sh script didn’t run. Changing it to just test made it work. Could it be your script has a character in it that is not allowed?

roedie · January 1, 2023, 11:23am

Ah, I just saw that you show the name of your script. My script is called test and contains the following:

#!/bin/vbash
if [ "$(id -g -n)" != 'vyattacfg' ] ; then
    exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@"
fi

echo "pipo"

Could you test by renaming your script?

bri · January 2, 2023, 7:32am

I don’t think it’s the filename

I just tried putting your script in just in case something somehow was wrong with mine, and it still doesn’t work. I also tried with a fresh install of 1.4-202212280917 as you used, and oddly enough it worked once or twice but then stopped working. I cannot figure out what I did that broke it, but it definitely wasn’t anything too crazy.

Is it possible that adding a new system image and doing the config migration breaks the hook scripts? This is just a hunch, because the following caused the scripts to stop running:

I built a blank VM
installed stock 1.4-202212280917
created and tested hook script (worked)
added a new system image (my own https://github.com/b-/vyos-build-action/releases/download/v1.4-rolling_bri_add-ssh_config-202301020550/vyos-1.4-rolling_bri_add-ssh_config-202301020550-amd64.iso)
rebooted into new system image
commit hooks do not work anymore.

but then rebooting back into the stock 1.4-202212280917 didn’t cause the script to start working again, so maybe it’s something to do with when the machine boots?

I’m really grasping at straws here I can’t seem to figure out what I could possibly be doing wrong myself, but then that means this is one of those weird bugs that just doesn’t always bug?

I have no idea how to debug this, because when I tried running set -x before committing the config I didn’t see the shell attempt to run the scripts amongst all the output, but looking in the vyos repo it seems that /opt/vyatta/sbin/my_commit (which is itself a symlink to /opt/vyatta/sbin/my_cli_bin) is responsible for running the hooks so I wouldn’t expect to see what’s wrong in the shell debug output.

Viacheslav · January 2, 2023, 11:10am

Check execution rights:
ls -la /config/scripts/commit/post-hooks.d

bri · January 2, 2023, 6:10pm

vyos@vyos# ls -Rla /config/scripts/commit/
/config/scripts/commit/:
total 12
drwxrwsr-x 3 root vyattacfg 4096 Jan  2 07:13 .
drwxrwsr-x 3 root vyattacfg 4096 Jan  2 07:13 ..
drwxr-sr-x 2 root vyattacfg 4096 Jan  2 07:14 post-hooks.d

/config/scripts/commit/post-hooks.d:
total 12
drwxr-sr-x 2 root vyattacfg 4096 Jan  2 07:14 .
drwxrwsr-x 3 root vyattacfg 4096 Jan  2 07:13 ..
-rwxr-xr-x 1 root vyattacfg  131 Jan  2 07:14 test

bri · January 2, 2023, 6:13pm

I’ve tried using 755 and 775 permissions, and I’ve tried with /config/scripts/commit recursively chown’d to vyos:vyattacfg so I don’t think it’s permissions either