choria-mcorpc-support 2.23.0 → 2.24.1

data/lib/mcollective/util/tasks_support.rb

@@ -250,8 +250,9 @@ module MCollective
       # @param environment [Hash] environment to run with
       # @param stdin [String] stdin to send to the command
       # @param spooldir [String] path to the spool for this specific request
+      # @param run_as [String] name of the user who will run the command
       # @return [Integer] the pid that was spawned
-      def spawn_command(command, environment, stdin, spooldir)
+      def spawn_command(command, environment, stdin, spooldir, run_as)
         wrapper_input = File.join(spooldir, "wrapper_stdin")
         wrapper_stdout = File.join(spooldir, "wrapper_stdout")
         wrapper_stderr = File.join(spooldir, "wrapper_stderr")
@@ -269,7 +270,25 @@ module MCollective
           options[:in] = wrapper_input
         end
 
-        pid = Process.spawn(environment, command, options)
+        if run_as
+          raise("System does not allow forking.  run_as not usable.") unless Process.respond_to?(:fork)
+
+          require "etc"
+
+          u = Etc.getpwnam(run_as)
+
+          FileUtils.chown_R(u.uid, u.gid, spooldir)
+
+          pid = Process.fork
+          if pid.nil?
+            Process.gid = Process.egid = u.gid
+            Process.uid = Process.euid = u.uid
+            ENV.delete_if { |name| name !~ /^LC_/ }
+            Process.exec(environment, command, options)
+          end
+        else
+          pid = Process.spawn(environment, command, options)
+        end
 
         sleep 0.1 until File.exist?(wrapper_stdout)
 
@@ -353,7 +372,7 @@ module MCollective
           meta.print(data.to_json)
         end
 
-        pid = spawn_command(wrapper_path, task_environment(task, requestid, callerid), wrapper_input.to_json, spool)
+        pid = spawn_command(wrapper_path, task_environment(task, requestid, callerid), wrapper_input.to_json, spool, task["run_as"])
 
         Log.info("Spawned task %s in spool %s with pid %s" % [task["task"], spool, pid])
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: choria-mcorpc-support
 version: !ruby/object:Gem::Version
-  version: 2.23.0
+  version: 2.24.1
 platform: ruby
 authors:
 - R.I.Pienaar
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-29 00:00:00.000000000 Z
+date: 2021-02-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: systemu
@@ -79,7 +79,6 @@ files:
 - lib/mcollective/application.rb
 - lib/mcollective/application/choria.rb
 - lib/mcollective/application/completion.rb
-- lib/mcollective/application/describe_filter.rb
 - lib/mcollective/application/facts.rb
 - lib/mcollective/application/federation.rb
 - lib/mcollective/application/find.rb
@@ -99,34 +98,22 @@ files:
 - lib/mcollective/connector/base.rb
 - lib/mcollective/connector/nats.ddl
 - lib/mcollective/connector/nats.rb
-- lib/mcollective/data.rb
-- lib/mcollective/data/agent_data.ddl
-- lib/mcollective/data/agent_data.rb
-- lib/mcollective/data/base.rb
-- lib/mcollective/data/bolt_task_data.ddl
-- lib/mcollective/data/bolt_task_data.rb
-- lib/mcollective/data/collective_data.ddl
-- lib/mcollective/data/collective_data.rb
-- lib/mcollective/data/fact_data.ddl
-- lib/mcollective/data/fact_data.rb
-- lib/mcollective/data/fstat_data.ddl
-- lib/mcollective/data/fstat_data.rb
-- lib/mcollective/data/result.rb
 - lib/mcollective/ddl.rb
 - lib/mcollective/ddl/agentddl.rb
 - lib/mcollective/ddl/base.rb
-- lib/mcollective/ddl/dataddl.rb
 - lib/mcollective/ddl/discoveryddl.rb
 - lib/mcollective/ddl/validatorddl.rb
 - lib/mcollective/discovery.rb
+- lib/mcollective/discovery/broadcast.ddl
 - lib/mcollective/discovery/choria.ddl
-- lib/mcollective/discovery/choria.rb
+- lib/mcollective/discovery/delegate.ddl
+- lib/mcollective/discovery/delegate.rb
+- lib/mcollective/discovery/external.ddl
+- lib/mcollective/discovery/file.ddl
 - lib/mcollective/discovery/flatfile.ddl
-- lib/mcollective/discovery/flatfile.rb
+- lib/mcollective/discovery/inventory.ddl
 - lib/mcollective/discovery/mc.ddl
 - lib/mcollective/discovery/mc.rb
-- lib/mcollective/discovery/stdin.ddl
-- lib/mcollective/discovery/stdin.rb
 - lib/mcollective/exceptions.rb
 - lib/mcollective/facts.rb
 - lib/mcollective/facts/base.rb
@@ -134,9 +121,7 @@ files:
 - lib/mcollective/generators.rb
 - lib/mcollective/generators/agent_generator.rb
 - lib/mcollective/generators/base.rb
-- lib/mcollective/generators/data_generator.rb
 - lib/mcollective/generators/templates/action_snippet.erb
-- lib/mcollective/generators/templates/data_input_snippet.erb
 - lib/mcollective/generators/templates/ddl.erb
 - lib/mcollective/generators/templates/plugin.erb
 - lib/mcollective/log.rb
@@ -145,9 +130,6 @@ files:
 - lib/mcollective/logger/console_logger.rb
 - lib/mcollective/logger/file_logger.rb
 - lib/mcollective/logger/syslog_logger.rb
-- lib/mcollective/matcher.rb
-- lib/mcollective/matcher/parser.rb
-- lib/mcollective/matcher/scanner.rb
 - lib/mcollective/message.rb
 - lib/mcollective/monkey_patches.rb
 - lib/mcollective/optionparser.rb
@@ -259,7 +241,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: Support libraries the Choria Server

data/lib/mcollective/application/describe_filter.rb

@@ -1,87 +0,0 @@
-module MCollective
-  class Application::Describe_filter < Application # rubocop:disable Style/ClassAndModuleChildren
-    exclude_argument_sections "common", "rpc"
-
-    description "Display human readable interpretation of filters"
-
-    usage "mco describe_filter -S <filter> -F <filter> -C <filter>"
-
-    def describe_s_filter(stack)
-      indent = "  "
-      old_indent = "  "
-      puts "-S Query expands to the following instructions:"
-      puts
-      stack.each do |token|
-        case token.keys[0]
-        when "statement"
-          if token.values[0] =~ /(<=|>=|=|=~|=)/
-            op = $1
-            k, v = token.values[0].split(op)
-            puts indent + get_fact_string(k, v, op)
-          else
-            puts indent + get_class_string(token.values[0])
-          end
-        when "fstatement"
-          v = token.values[0]
-          result_string = indent + "Execute the Data Query '#{v['name']}'"
-          result_string += " with parameters (#{v['params']})" if v["params"]
-          result_string += ". "
-          result_string += "Check if the query's '#{v['value']}' value #{v['operator']} '#{v['r_compare']}'  "
-          puts result_string
-        when "("
-          puts "#{indent}("
-          old_indent = indent
-          indent *= 2
-        when ")"
-          indent = old_indent
-          puts "#{indent})"
-        else
-          puts indent + token.keys[0].upcase
-        end
-      end
-    end
-
-    def describe_f_filter(facts)
-      puts "-F filter expands to the following fact comparisons:"
-      puts
-      facts.each do |f|
-        puts "  #{get_fact_string(f[:fact], f[:value], f[:operator])}"
-      end
-    end
-
-    def describe_c_filter(classes)
-      puts "-C filter expands to the following class checks:"
-      puts
-      classes.each do |c|
-        puts "  #{get_class_string(c)}"
-      end
-    end
-
-    def main
-      unless @options[:filter]["fact"].empty?
-        describe_f_filter(@options[:filter]["fact"])
-        puts
-      end
-
-      unless @options[:filter]["cf_class"].empty?
-        describe_c_filter(@options[:filter]["cf_class"])
-        puts
-      end
-
-      unless @options[:filter]["compound"].empty?
-        describe_s_filter(@options[:filter]["compound"][0])
-        puts
-      end
-    end
-
-    private
-
-    def get_fact_string(fact, value, oper)
-      "Check if fact '#{fact}' #{oper} '#{value}'"
-    end
-
-    def get_class_string(classname)
-      "Check if class '#{classname}' is present on the host"
-    end
-  end
-end

data/lib/mcollective/data.rb

@@ -1,96 +0,0 @@
-module MCollective
-  module Data
-    require "mcollective/data/base"
-    require "mcollective/data/result"
-
-    def self.load_data_sources
-      PluginManager.find_and_load("data")
-
-      PluginManager.grep(/_data$/).each do |plugin|
-        begin
-          unless PluginManager[plugin].class.activate?
-            Log.debug("Disabling data plugin %s due to plugin activation policy" % plugin)
-            PluginManager.delete(plugin)
-          end
-        rescue Exception => e # rubocop:disable Lint/RescueException
-          Log.debug("Disabling data plugin %s due to exception %s: %s" % [plugin, e.class, e])
-          PluginManager.delete(plugin)
-        end
-      end
-    end
-
-    def self.pluginname(plugin)
-      plugin.to_s =~ /_data$/i ? plugin.to_s.downcase : "%s_data" % plugin.to_s.downcase
-    end
-
-    def self.[](plugin)
-      PluginManager[pluginname(plugin)]
-    end
-
-    # Data.package("httpd").architecture
-    def self.method_missing(method, *args)
-      super unless PluginManager.include?(pluginname(method))
-
-      PluginManager[pluginname(method)].lookup(args.first)
-    end
-
-    def self.respond_to_missing?(method, *)
-      PluginManager.include?(pluginname(method)) || super
-    end
-
-    def self.ddl(plugin)
-      DDL.new(pluginname(plugin), :data)
-    end
-
-    def self.ddl_validate(ddl, argument)
-      name = ddl.meta[:name]
-      query = ddl.entities[:data]
-
-      raise DDLValidationError, "No dataquery has been defined in the DDL for data plugin #{name}" unless query
-
-      input = query.fetch(:input, {})
-      output = query.fetch(:output, {})
-
-      raise DDLValidationError, "No output has been defined in the DDL for data plugin #{name}" if output.keys.empty?
-
-      if input[:query]
-        return true if argument.nil? && input[:query][:optional]
-
-        ddl.validate_input_argument(input, :query, argument)
-      else
-        raise("No data plugin argument was declared in the %s DDL but an input was supplied" % name) if argument
-
-        true
-      end
-    end
-
-    def self.ddl_has_output?(ddl, output)
-      ddl.entities[:data][:output].include?(output.to_sym) rescue false
-    end
-
-    # For an input where the DDL requests a boolean or some number
-    # this will convert the input to the right type where possible
-    # else just returns the origin input unedited
-    #
-    # if anything here goes wrong just return the input value
-    # this is not really the end of the world or anything since
-    # all that will happen is that DDL validation will fail and
-    # the user will get an error, no need to be too defensive here
-    def self.ddl_transform_input(ddl, input)
-      begin
-        type = ddl.entities[:data][:input][:query][:type]
-
-        case type
-        when :boolean
-          return DDL.string_to_boolean(input)
-
-        when :number, :integer, :float
-          return DDL.string_to_number(input)
-        end
-      rescue # rubocop:disable Lint/SuppressedException
-      end
-
-      input
-    end
-  end
-end

data/lib/mcollective/data/agent_data.ddl

@@ -1,22 +0,0 @@
-metadata    :name        => "Agent",
-            :description => "Meta data about installed MColletive Agents",
-            :author      => "R.I.Pienaar <rip@devco.net>",
-            :license     => "ASL 2.0",
-            :version     => "1.0",
-            :url         => "https://docs.puppetlabs.com/mcollective/",
-            :timeout     => 1
-
-dataquery :description => "Agent Meta Data" do
-    input :query,
-          :prompt => "Agent Name",
-          :description => "Valid agent name",
-          :type => :string,
-          :validation => /^[\w\_]+$/,
-          :maxlength => 20
-
-    [:license, :timeout, :description, :url, :version, :author].each do |item|
-      output item,
-             :description => "Agent #{item}",
-             :display_as => item.to_s.capitalize
-    end
-end

data/lib/mcollective/data/agent_data.rb

@@ -1,17 +0,0 @@
-module MCollective
-  module Data
-    class Agent_data < Base
-      query do |plugin|
-        raise "No agent called #{plugin} found" unless PluginManager.include?("#{plugin}_agent")
-
-        agent = PluginManager["#{plugin}_agent"]
-
-        result[:agent] = plugin
-
-        [:license, :timeout, :description, :url, :version, :author].each do |item|
-          result[item] = agent.meta[item]
-        end
-      end
-    end
-  end
-end

data/lib/mcollective/data/base.rb

@@ -1,68 +0,0 @@
-module MCollective
-  module Data
-    class Base
-      attr_reader :name, :result, :ddl, :timeout
-
-      # Register plugins that inherits base
-      def self.inherited(klass)
-        type = klass.to_s.split("::").last.downcase
-
-        PluginManager << {:type => type, :class => klass.to_s, :single_instance => false}
-        super
-      end
-
-      def initialize
-        @name = self.class.to_s.split("::").last.downcase
-        @ddl = DDL.new(@name, :data)
-        @result = Result.new(@ddl.dataquery_interface[:output])
-        @timeout = @ddl.meta[:timeout] || 1
-
-        startup_hook
-      end
-
-      def lookup(what)
-        ddl_validate(what)
-
-        Log.debug("Doing data query %s for '%s'" % [@name, what])
-
-        Timeout.timeout(@timeout) do
-          query_data(what)
-        end
-
-        @result
-      rescue Timeout::Error
-        # Timeout::Error is a inherited from Interrupt which seems a really
-        # strange choice, making it an equivelant of ^C and such.  Catch it
-        # and raise something less critical that will not the runner to just
-        # give up the ghost
-        msg = "Data plugin %s timed out on query '%s'" % [@name, what]
-        Log.error(msg)
-        raise MsgTTLExpired, msg
-      end
-
-      def self.query(&block)
-        module_eval { define_method("query_data", &block) }
-      end
-
-      def ddl_validate(what)
-        Data.ddl_validate(@ddl, what)
-      end
-
-      # activate_when do
-      #    file.exist?("/usr/bin/puppet")
-      # end
-      def self.activate_when(&block)
-        (class << self; self; end).instance_eval do
-          define_method("activate?", &block)
-        end
-      end
-
-      # Always be active unless a specific block is given with activate_when
-      def self.activate?
-        true
-      end
-
-      def startup_hook; end
-    end
-  end
-end

data/lib/mcollective/data/bolt_task_data.ddl

@@ -1,90 +0,0 @@
-metadata    :name => "bolt_task",
-            :description => "Information about past Bolt Task",
-            :author => "R.I.Pienaar <rip@devco.net>",
-            :license => "Apache-2.0",
-            :version => "0.19.0",
-            :url => "https://choria.io",
-            :timeout => 1
-
-usage <<-EOU
-This data plugin let you extract information about a previously
-run Bolt Task for use in discovery and elsewhere.
-
-To run a task on nodes where one previously failed:
-
-   mco tasks run myapp::update -S "bolt_task('ae561842dc7d5a9dae94f766dfb3d4c8').exitcode > 0"
-EOU
-
-dataquery :description => "Puppet Bolt Task state" do
-    input :query,
-          :prompt => "Task ID",
-          :description => "The Task ID to retrieve",
-          :type => :string,
-          :validation  => '^[a-z,0-9]{32}$',
-          :maxlength   => 32
-
-    output :known,
-           :description => "If this is a known task on this node",
-           :display_as => "Known Task",
-           :default => false
-
-    output :spool,
-           :description => "Where on disk the task status is stored",
-           :display_as => "Spool",
-           :default => ""
-
-    output :task,
-           :description => "The name of the task that was run",
-           :display_as => "Task",
-           :default => ""
-
-    output :caller,
-           :description => "The user who invoked the task",
-           :display_as => "Invoked by",
-           :default => ""
-
-    output :stdout,
-           :description => "The STDOUT output from the task",
-           :display_as => "STDOUT",
-           :default => ""
-
-    output :stderr,
-           :description => "The STDERR output from the task",
-           :display_as => "STDERR",
-           :default => ""
-
-    output :exitcode,
-           :description => "The exitcode from the task",
-           :display_as => "Exit Code",
-           :default => 127
-
-    output :runtime,
-           :description => "How long the task took to run",
-           :display_as => "Runtime",
-           :default => 0.0
-
-    output :start_time,
-           :description => "When the task was started, seconds since 1970 in UTC time",
-           :display_as => "Start Time",
-           :default => 0
-
-    output :wrapper_spawned,
-           :description => "Did the wrapper start successfully",
-           :display_as => "Wrapper Spawned",
-           :default => false
-
-    output :wrapper_error,
-           :description => "Error output from the wrapper command",
-           :display_as => "Wrapper Error",
-           :default => ""
-
-    output :wrapper_pid,
-           :description => "The PID of the wrapper that runs the task",
-           :display_as => "Wrapper PID",
-           :default => -1
-
-    output :completed,
-           :description => "Did the task complete running",
-           :display_as => "Completed",
-           :default => false
-end