diff --git a/layerindex/update.py b/layerindex/update.py index ea86b72..983216d 100755 --- a/layerindex/update.py +++ b/layerindex/update.py @@ -103,7 +103,7 @@ def fetch_repo(vcs_url, repodir, urldir, fetchdir, layer_name): logger.info("Fetching remote repository %s" % vcs_url) try: if not os.path.exists(repodir): - utils.runcmd("git clone %s %s" % (vcs_url, urldir), fetchdir, logger=logger, printerr=False) + utils.runcmd(['git', 'clone', vcs_url, urldir], fetchdir, logger=logger, printerr=False, shell=False) else: utils.runcmd("git fetch -p", repodir, logger=logger, printerr=False) return (vcs_url, None) diff --git a/layerindex/utils.py b/layerindex/utils.py index 88b3bd6..ed1ebbc 100644 --- a/layerindex/utils.py +++ b/layerindex/utils.py @@ -241,7 +241,7 @@ def checkout_repo(repodir, commit, logger, force=False): # interfere with operation, e.g. stale pyc files) runcmd("git clean -qdfx", repodir, logger=logger) # Now check out the revision - runcmd("git checkout %s" % commit, repodir, logger=logger) + runcmd(['git', 'checkout', commit], repodir, logger=logger, shell=False) def checkout_layer_branch(layerbranch, repodir, logger=None): branchname = layerbranch.get_checkout_branch() @@ -286,7 +286,7 @@ def parse_layer_conf(layerdir, data, logger=None): data.expandVarref('LAYERDIR') child_pid = 0 -def runcmd(cmd, destdir=None, printerr=True, outfile=None, logger=None): +def runcmd(cmd, destdir=None, printerr=True, outfile=None, logger=None, shell=True): """ execute command, raise CalledProcessError if fail return output if succeed @@ -303,7 +303,7 @@ def runcmd(cmd, destdir=None, printerr=True, outfile=None, logger=None): os.kill(child_pid, signal.SIGTERM) signal.signal(signal.SIGUSR2, onsigusr2) try: - proc = subprocess.Popen(cmd, stdout=out, stderr=out, cwd=destdir, shell=True) + proc = subprocess.Popen(cmd, stdout=out, stderr=out, cwd=destdir, shell=shell) global child_pid child_pid = proc.pid proc.communicate()