From: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Date: Thu, 16 Apr 2020 18:47:55 +0000 (+0200)
Subject: dns plugin: use non-usrmerged path for bash
X-Git-Url: https://git.proxmox.com/?p=proxmox-acme.git;a=commitdiff_plain;h=9ea3c3d9dee030eaf2ff4b3a662fbd059a5c060b

dns plugin: use non-usrmerged path for bash

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---

diff --git a/src/PVE/ACME/DNSChallenge.pm b/src/PVE/ACME/DNSChallenge.pm
index 107163a..98a183e 100644
--- a/src/PVE/ACME/DNSChallenge.pm
+++ b/src/PVE/ACME/DNSChallenge.pm
@@ -172,7 +172,7 @@ sub setup {
     # for security reasons, we execute the command as nobody
     # we can't verify that the code of the DNSPlugins are harmless.
     my $cmd = ["setpriv", "--reuid", "nobody", "--regid", "nogroup", "--clear-groups", "--"];
-    push @$cmd, "/usr/bin/bash", $ACME_PATH, "setup", $dnsplugin, $domain;
+    push @$cmd, "/bin/bash", $ACME_PATH, "setup", $dnsplugin, $domain;
     push @$cmd,	$txtvalue, $plugin_conf_string;
 
     PVE::Tools::run_command($cmd, outfunc => $outfunc);
@@ -193,7 +193,7 @@ sub teardown {
     # for security reasons, we execute the command as nobody
     # we can't verify that the code of the DNSPlugins are harmless.
     my $cmd = ["setpriv", "--reuid", "nobody", "--regid", "nogroup", "--clear-groups", "--"];
-    push @$cmd, "/usr/bin/bash", "$ACME_PATH", "teardown",  $dnsplugin, $domain ;
+    push @$cmd, "/bin/bash", "$ACME_PATH", "teardown",  $dnsplugin, $domain ;
     push @$cmd, $txtvalue, $plugin_conf_string;
     PVE::Tools::run_command($cmd, outfunc => $outfunc);
     print "Remove TXT record: _acme-challenge.$domain\n";