key_control 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/README.md +9 -2
- data/Rakefile +24 -0
- data/Vagrantfile +27 -0
- data/lib/key_control/key_ring.rb +1 -1
- data/lib/key_control/system.rb +3 -3
- data/lib/key_control/version.rb +1 -1
- data/lib/key_control.rb +19 -6
- data/test/key_control/key_ring_test.rb +92 -0
- data/test/key_control_test.rb +16 -0
- data/test/test_helper.rb +11 -0
- metadata +10 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e1ae894b32a61b12e85b7ba01c280974f6bcca55
|
4
|
+
data.tar.gz: 687ea1f4369b0753b879e61dfe875742a121fbf5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e8608272a5c149c1b536fb888645508236c14ea1f546302dbf8b26c262e01cc6cf738f8f2e05df45948934a42f92305fd84b73af5f67c5c694ce6364fa9b24e3
|
7
|
+
data.tar.gz: 83d071c944ecdecd8ded2653bd268ef002344d151706b501fe03dc29bf1529da9488679b2c32cfb09f71ce36839aa2779847ce50408392ede965e1c55aaaf320
|
data/.gitignore
CHANGED
data/README.md
CHANGED
@@ -20,6 +20,14 @@ Or install it yourself as:
|
|
20
20
|
|
21
21
|
## Usage
|
22
22
|
|
23
|
+
### Availability
|
24
|
+
|
25
|
+
You can check if `KeyControl` is supported on your system with
|
26
|
+
`KeyControl.available?`. This will attempt to locate a libkeyutils shared
|
27
|
+
library on the system, and return a boolean based on detection.
|
28
|
+
|
29
|
+
### Key Storage/Retrieval
|
30
|
+
|
23
31
|
The basic API consists of a single class, `KeyControl::KeyRing`. The `KeyRing`
|
24
32
|
initializer takes a single argument, the ID of the keyring you wish to store
|
25
33
|
your data in. There are several (very useful) [special keyrings](http://manpages.ubuntu.com/manpages/oneiric/man1/keyctl.1.html),
|
@@ -43,8 +51,7 @@ without exposing your data to the outside world.
|
|
43
51
|
|
44
52
|
## Future Enhancements
|
45
53
|
|
46
|
-
-
|
47
|
-
- Basic keyring management (creation, specifically)
|
54
|
+
- Non-default keyring management (creation, specifically)
|
48
55
|
|
49
56
|
## Contributing
|
50
57
|
|
data/Rakefile
CHANGED
@@ -1 +1,25 @@
|
|
1
1
|
require "bundler/gem_tasks"
|
2
|
+
require "rake/testtask"
|
3
|
+
|
4
|
+
Rake::TestTask.new do |t|
|
5
|
+
t.libs << "test"
|
6
|
+
t.test_files = FileList['test/**/*_test.rb']
|
7
|
+
t.verbose = true
|
8
|
+
end
|
9
|
+
|
10
|
+
desc "Bring up Vagrant VM for testing"
|
11
|
+
task "vagrant:up" do
|
12
|
+
# `unset` call due to https://github.com/mitchellh/vagrant/issues/3193
|
13
|
+
system("unset RUBYLIB RUBYOPT; vagrant up")
|
14
|
+
end
|
15
|
+
|
16
|
+
|
17
|
+
task :default do
|
18
|
+
if RUBY_PLATFORM =~ /linux/
|
19
|
+
Rake::Task['test'].invoke
|
20
|
+
else
|
21
|
+
Rake::Task['vagrant:up'].invoke
|
22
|
+
# `unset` call due to https://github.com/mitchellh/vagrant/issues/3193
|
23
|
+
system("unset RUBYLIB RUBYOPT; vagrant ssh -c 'cd /vagrant && bundle && rake test'")
|
24
|
+
end
|
25
|
+
end
|
data/Vagrantfile
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
# -*- mode: ruby -*-
|
2
|
+
# vi: set ft=ruby :
|
3
|
+
|
4
|
+
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
|
5
|
+
VAGRANTFILE_API_VERSION = "2"
|
6
|
+
DEFAULT_RUBY = "2.0.0-p451"
|
7
|
+
|
8
|
+
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
9
|
+
config.vm.box = "chef/centos-6.5"
|
10
|
+
config.vm.box_url = "https://vagrantcloud.com/chef/centos-6.5/version/1/provider/virtualbox.box"
|
11
|
+
|
12
|
+
config.vm.provision "shell", inline: <<-PROVISIONER
|
13
|
+
yum update -y
|
14
|
+
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
|
15
|
+
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
|
16
|
+
rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
|
17
|
+
yum install git libffi-devel openssl-devel readline-devel -y
|
18
|
+
yum groupinstall "Development Tools" -y
|
19
|
+
sudo -u vagrant git clone https://github.com/sstephenson/rbenv.git ~vagrant/.rbenv
|
20
|
+
sudo -u vagrant echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~vagrant/.bash_profile
|
21
|
+
sudo -u vagrant echo 'eval "$(rbenv init -)"' >> ~vagrant/.bash_profile
|
22
|
+
sudo -u vagrant git clone https://github.com/sstephenson/ruby-build.git ~vagrant/.rbenv/plugins/ruby-build
|
23
|
+
sudo -u vagrant -i rbenv install #{DEFAULT_RUBY}
|
24
|
+
sudo -u vagrant -i rbenv global #{DEFAULT_RUBY}
|
25
|
+
sudo -u vagrant -i gem install bundler
|
26
|
+
PROVISIONER
|
27
|
+
end
|
data/lib/key_control/key_ring.rb
CHANGED
data/lib/key_control/system.rb
CHANGED
@@ -50,13 +50,13 @@ module KeyControl
|
|
50
50
|
#
|
51
51
|
# Returns a Fiddle::Handle.
|
52
52
|
def keyutils
|
53
|
-
@keyutils ||= KeyControl::LIBRARIES.
|
53
|
+
@keyutils ||= KeyControl::LIBRARIES.detect do |library|
|
54
54
|
begin
|
55
|
-
Fiddle::Handle.new(library)
|
55
|
+
break Fiddle::Handle.new(library)
|
56
56
|
rescue Fiddle::DLError
|
57
57
|
nil
|
58
58
|
end
|
59
|
-
end
|
59
|
+
end
|
60
60
|
end
|
61
61
|
end
|
62
62
|
end
|
data/lib/key_control/version.rb
CHANGED
data/lib/key_control.rb
CHANGED
@@ -13,16 +13,29 @@ module KeyControl
|
|
13
13
|
DEFAULT = -5
|
14
14
|
GROUP = -6
|
15
15
|
|
16
|
-
# A list of potential library paths. Currently
|
17
|
-
# CentOS installations.
|
18
|
-
# TODO: Track down and add the default library paths for more distros.
|
16
|
+
# A list of potential library paths. Currently looks for the default shared
|
17
|
+
# libraries on CentOS installations.
|
19
18
|
LIBRARIES = %w(
|
20
|
-
|
19
|
+
libkeyutils.so
|
20
|
+
libkeyutils.so.1 )
|
21
21
|
|
22
|
-
# Public:
|
22
|
+
# Public: Shared library names.
|
23
|
+
#
|
24
|
+
# Returns an Array.
|
25
|
+
def self.library_names
|
26
|
+
LIBRARIES
|
27
|
+
end
|
28
|
+
|
29
|
+
# Public: Is a libkeyutils shared library detected on this system?
|
23
30
|
#
|
24
31
|
# Returns a boolean.
|
25
32
|
def self.available?
|
26
|
-
|
33
|
+
library_names.any? do |library_name|
|
34
|
+
begin
|
35
|
+
Fiddle::Handle.new(library_name)
|
36
|
+
rescue Fiddle::DLError
|
37
|
+
false
|
38
|
+
end
|
39
|
+
end
|
27
40
|
end
|
28
41
|
end
|
@@ -0,0 +1,92 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
describe KeyControl::KeyRing do
|
4
|
+
|
5
|
+
describe "thread keyring" do
|
6
|
+
let(:ring) do
|
7
|
+
KeyControl::KeyRing.new(KeyControl::THREAD)
|
8
|
+
end
|
9
|
+
|
10
|
+
it "allows read/write for values in the same thread" do
|
11
|
+
ring["testing"] = "testdata"
|
12
|
+
ring["testing"].must_equal "testdata"
|
13
|
+
end
|
14
|
+
|
15
|
+
it "uses a new keyring for new threads" do
|
16
|
+
ring["thread_test"].must_equal nil
|
17
|
+
thr = Thread.new do
|
18
|
+
ring["thread-test"] = "testdata"
|
19
|
+
end
|
20
|
+
thr.join
|
21
|
+
|
22
|
+
ring["thread-test"].must_equal nil
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
describe "process keyring" do
|
27
|
+
let(:ring) do
|
28
|
+
KeyControl::KeyRing.new(KeyControl::PROCESS)
|
29
|
+
end
|
30
|
+
|
31
|
+
it "allows read/write of values in the same process" do
|
32
|
+
ring["process-test-1"] = "foobar"
|
33
|
+
ring["process-test-1"].must_equal "foobar"
|
34
|
+
end
|
35
|
+
|
36
|
+
it "allows read/write of values across threads in the same process" do
|
37
|
+
ring["process-thread-test"].must_equal nil
|
38
|
+
|
39
|
+
thr = Thread.new do
|
40
|
+
ring["process-thread-test"] = "baz"
|
41
|
+
end
|
42
|
+
thr.join
|
43
|
+
|
44
|
+
ring["process-thread-test"].must_equal "baz"
|
45
|
+
end
|
46
|
+
|
47
|
+
it "uses a new keyring for new processes" do
|
48
|
+
ring["child-process-test"].must_equal nil
|
49
|
+
|
50
|
+
pid = fork do
|
51
|
+
ring["child-process-test"] = "too many secrets"
|
52
|
+
exit
|
53
|
+
end
|
54
|
+
|
55
|
+
Process.waitpid(pid)
|
56
|
+
ring["child-process-test"].must_equal nil
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
describe "session keyring" do
|
61
|
+
let(:ring) do
|
62
|
+
KeyControl::KeyRing.new(KeyControl::SESSION)
|
63
|
+
end
|
64
|
+
|
65
|
+
it "allows read/write of values in the same process" do
|
66
|
+
ring["session-test"] = "foobar"
|
67
|
+
ring["session-test"].must_equal "foobar"
|
68
|
+
end
|
69
|
+
|
70
|
+
it "allows read/write of values across threads in the same process" do
|
71
|
+
ring["session-thread-test"].must_equal nil
|
72
|
+
thr = Thread.new do
|
73
|
+
ring["session-thread-test"] = "baz"
|
74
|
+
end
|
75
|
+
thr.join
|
76
|
+
|
77
|
+
ring["session-thread-test"].must_equal "baz"
|
78
|
+
end
|
79
|
+
|
80
|
+
it "allows read/write of values across processes in the same session" do
|
81
|
+
ring["session-process-test"].must_equal nil
|
82
|
+
|
83
|
+
pid = fork do
|
84
|
+
ring["session-process-test"] = "too many secrets"
|
85
|
+
exit
|
86
|
+
end
|
87
|
+
|
88
|
+
Process.waitpid(pid)
|
89
|
+
ring["session-process-test"].must_equal "too many secrets"
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
describe KeyControl do
|
4
|
+
|
5
|
+
describe ".available?" do
|
6
|
+
it "returns false if the keyctl library can not be found" do
|
7
|
+
KeyControl.stub(:library_names, %w[badlib]) do
|
8
|
+
KeyControl.available?.must_equal false
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
it "returns true if the keyctl library is available" do
|
13
|
+
KeyControl.available?.must_equal true
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
require "minitest/unit"
|
2
|
+
require "minitest/autorun"
|
3
|
+
require "minitest/mock"
|
4
|
+
require "key_control"
|
5
|
+
|
6
|
+
if RUBY_PLATFORM !~ /linux/
|
7
|
+
raise "The test suite must be run on Linux"
|
8
|
+
elsif
|
9
|
+
system("/sbin/ldconfig -p | grep -i libkeyutils.so > /dev/null 2>&1") ||
|
10
|
+
raise("libkeyutils is not available")
|
11
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: key_control
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Horner
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-03-
|
11
|
+
date: 2014-03-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -52,11 +52,15 @@ files:
|
|
52
52
|
- LICENSE.txt
|
53
53
|
- README.md
|
54
54
|
- Rakefile
|
55
|
+
- Vagrantfile
|
55
56
|
- key_control.gemspec
|
56
57
|
- lib/key_control.rb
|
57
58
|
- lib/key_control/key_ring.rb
|
58
59
|
- lib/key_control/system.rb
|
59
60
|
- lib/key_control/version.rb
|
61
|
+
- test/key_control/key_ring_test.rb
|
62
|
+
- test/key_control_test.rb
|
63
|
+
- test/test_helper.rb
|
60
64
|
homepage: https://github.com/ahorner/key_control
|
61
65
|
licenses:
|
62
66
|
- MIT
|
@@ -81,4 +85,7 @@ rubygems_version: 2.2.2
|
|
81
85
|
signing_key:
|
82
86
|
specification_version: 4
|
83
87
|
summary: A simple wrapper for the `keyctl` utility.
|
84
|
-
test_files:
|
88
|
+
test_files:
|
89
|
+
- test/key_control/key_ring_test.rb
|
90
|
+
- test/key_control_test.rb
|
91
|
+
- test/test_helper.rb
|