console1984 0.1.18 → 0.1.22

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 68e6cdce847f11b0872e12826a4fd65b7e31e267461de5b6e85582a692310e0a
-  data.tar.gz: aac2138d6008c87076de90b8944bf246584b47cd061a160c54f0138345491f6d
+  metadata.gz: 688301b16bc228224855392b24a0e4159a4e03acc4d1512f918a2c6a87a73ce1
+  data.tar.gz: 72433eff8fb2d85f7faa44653b653231da3081e1766f7e1f2303b7af628f095e
 SHA512:
-  metadata.gz: '0388bba4469870ce2616845c31ee6ea34e08e6af1bb3d39e239a87cd4c3c7ee4ec7602f0e928904ae256e0bbc17554e694724067e529026f9d5cae9dff83bc0f'
-  data.tar.gz: 2a96eaa2ecd586694a12d0bbf9dc717ef4a9585ebd277a1b538d5e589495742c63cb6d2b8c9918db9b55f07d9c1338416e4d18365628daf7286757d953cdc316
+  metadata.gz: d554267c6099abfc1b1a2f2aca9341adb13060f6cc007122a2cf172a76f2a4fa871959adc33dec2e01581e279f94cad9370a5aefb5f186bcfce0f8d85a652e12
+  data.tar.gz: f3074ebd12bf9547a54d4bfba5733fa5552bfa5cc809b2e8c1fd0191e90e925ba3817e8f4cdbbc5d08b5b67fd0ebc1c8cabf7da3bfec26a8bdb7848f84c1b718

data/README.md

@@ -156,6 +156,27 @@ These config options are namespaced in `config.console1984`:
 | `incinerate_after`                          | The period to keep sessions around before incinerate them. Default `30.days`. |
 | `incineration_queue`                        | The name of the queue for session incineration jobs. Default `console1984_incineration`. |
 
+### SSH Config
+
+To automatically set the `CONSOLE_USER` env var for sessions, you'll need to configure SSH on the server to accept the environment variable.
+
+On the server, edit `/etc/ssh/sshd_config` to accept the environment variable:
+```
+AcceptEnv LANG LC_* CONSOLE_USER
+```
+
+Restart the SSH server to use the new config:
+```bash
+service sshd restart
+```
+
+On the client side, you can provide this env var from your clients by adding the variable to the ssh config:
+
+```
+Host *
+  SetEnv CONSOLE_USER=david
+```
+
 ## About built-in protection mechanisms
 
 `console1984` adds many protection mechanisms to prevent tampering. This includes attempts to alter data in auditing tables or monkey patching certain classes to change how the system works. If you find a way to circumvent these tampering controls, please [report an issue](https://github.com/basecamp/console1984/issues).

data/app/models/console1984/session/incineratable.rb

@@ -25,6 +25,6 @@ module Console1984::Session::Incineratable
     end
 
     def earliest_possible_incineration_date
-      created_at + Console1984.incinerate_after
+      created_at + Console1984.incinerate_after - 1.second
     end
 end

data/lib/console1984/ext/socket/tcp_socket.rb

@@ -2,13 +2,13 @@
 module Console1984::Ext::Socket::TcpSocket
   include Console1984::Freezeable
 
-  def write(*args)
+  def write(...)
     protecting do
       super
     end
   end
 
-  def write_nonblock(*args)
+  def write_nonblock(...)
     protecting do
       super
     end

data/lib/console1984/refrigerator.rb

@@ -17,6 +17,7 @@ class Console1984::Refrigerator
     end
 
     def freeze_internal_instances
+      Console1984.freeze # Because it's the root engine module it can't mix Freezable.
       Console1984.config.freeze unless Console1984.config.test_mode
     end
 

data/lib/console1984/shield/modes/protected.rb

@@ -6,6 +6,11 @@ class Console1984::Shield::Modes::Protected
 
   thread_mattr_accessor :currently_protected_urls, default: []
 
+  # Materialize the thread attribute before freezing the class. +thread_mattr_accessor+ attributes rely on
+  # setting a class variable the first time they are referenced, and that will fail in frozen classes
+  # like this one.
+  currently_protected_urls
+
   def execute(&block)
     protecting(&block)
   end

data/lib/console1984/version.rb

@@ -1,3 +1,3 @@
 module Console1984
-  VERSION = '0.1.18'
+  VERSION = '0.1.22'
 end

data/lib/console1984.rb

@@ -38,7 +38,7 @@ class_loader.setup
 # the console. For example, to prevent the user from deleting audit trails. See
 # Console1984::Shield and Console1984::CommandValidator to learn more.
 module Console1984
-  include Messages, Freezeable
+  include Messages
 
   mattr_accessor :supervisor, default: Supervisor.new
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: console1984
 version: !ruby/object:Gem::Version
-  version: 0.1.18
+  version: 0.1.22
 platform: ruby
 authors:
 - Jorge Manrubia
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-27 00:00:00.000000000 Z
+date: 2021-12-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -39,19 +39,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: activeresource
+  name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '7.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '7.0'
 - !ruby/object:Gem::Dependency
   name: benchmark-ips
   requirement: !ruby/object:Gem::Requirement
@@ -261,14 +261,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.32
 signing_key:
 specification_version: 4
 summary: Your Rails console, 1984 style