From 94562235564e69cb20fe6196f690d6763d4daee8 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 30 May 2026 14:31:32 +0200 Subject: [PATCH] fix: prevent package postinstall hang when generating jwt secret The postinstall scripts generated the jwt secret with: cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 This relies on SIGPIPE to terminate the infinite `cat /dev/urandom` once `head` has read its single line. Inside a dpkg/apt maintainer-script context the SIGPIPE disposition is not reliably delivered, so `cat /dev/urandom` spins forever, the postinstall never returns, and the whole `dpkg -i` / upgrade hangs. Read a bounded 512 bytes with `head -c` instead so nothing depends on SIGPIPE to terminate. 512 random bytes yield ~124 alphanumerics on average, so the trailing `head -c 32` reliably produces a full 32-char secret while staying dependency-free. Fixes #2660 --- build/after-install-openrc.sh | 2 +- build/after-install.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build/after-install-openrc.sh b/build/after-install-openrc.sh index c0e01cd03..8c3e9a638 100755 --- a/build/after-install-openrc.sh +++ b/build/after-install-openrc.sh @@ -2,7 +2,7 @@ rc-update add vikunja default # Fix the config to contain proper values -NEW_SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) +NEW_SECRET=$(head -c 512 /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 32) sed -i "s//$NEW_SECRET/g" /etc/vikunja/config.yml sed -i "s//\/opt\/vikunja\//g" /etc/vikunja/config.yml sed -i "s/path: \"\.\/vikunja.db\"/path: \"\\/opt\/vikunja\/vikunja.db\"/g" /etc/vikunja/config.yml diff --git a/build/after-install.sh b/build/after-install.sh index a8f2840d7..1b6399a49 100644 --- a/build/after-install.sh +++ b/build/after-install.sh @@ -3,7 +3,7 @@ systemctl enable vikunja.service # Fix the config to contain proper values -NEW_SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) +NEW_SECRET=$(head -c 512 /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 32) sed -i "s//$NEW_SECRET/g" /etc/vikunja/config.yml sed -i "s//\/opt\/vikunja\//g" /etc/vikunja/config.yml sed -i "s/path: \"\.\/vikunja.db\"/path: \"\\/opt\/vikunja\/vikunja.db\"/g" /etc/vikunja/config.yml