linebook 0.2.0 → 0.7.0

data/History

@@ -1,3 +1,35 @@
+== 0.7.0 2011/04/26
+
+Updated to linecook-1.0.0
+
+== 0.6.0 2011/03/15
+
+Updated to linecook-0.19.1.  Sketched out use of method chaining.
+
+== 0.5.0 2011/03/09
+
+Updated to linecook-0.16.0. Properly scoped *nix modules under os. Added
+support for su/login. Progress in testing and developing the base dialect.
+
+== 0.4.0 2011/02/23
+
+Updated to linecook-0.15.0
+
+== 0.3.2 2011/02/03
+
+* updated dependencies
+* added echo, cp_rf
+
+== 0.3.1 2011/01/31
+
+* cleaned up formatting of check_status_function
+* made Shell.extend include os/shell helpers
+* bug in target_path
+
+== 0.3.0 2011/01/28
+
+Added back everything to make Linebook a base distribution module.
+
 == 0.2.0 2010/12/27
 
 Cleared everything out to make Linebook purely a distribution module.

data/License.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2010 Pinnacol Assurance
+Copyright (c) 2010-2011 Pinnacol Assurance
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README

@@ -1,16 +1,11 @@
 = Linebook
 
-Cookbooks for {Linecook}[http://gemcutter.org/gems/linecook].
+The {Linecook}[http://gemcutter.org/gems/linecook] standard library.
 
 == Description
 
-Linebook is a distribution module used by
-{Linecook}[http://gemcutter.org/gems/linecook]. Linebook has no content and
-exists solely to claim the namespace.
-
-== Usage
-
-None!
+The standard library for Linecook, and a namespace for distributing Linecook
+cookbooks.
 
 == Installation
 
@@ -20,5 +15,5 @@ Linebook is available as a gem on {Gemcutter}[http://gemcutter.org/gems/linebook
 
 == Info 
 
-Developer:: {Simon Chiang}[http://bahuvrihi.wordpress.com]
+Developer:: {Simon Chiang}[http://github.com/thinkerbot]
 License:: {MIT-Style}[link:files/License_txt.html]

data/attributes/linebook/shell.rb

@@ -0,0 +1,2 @@
+attrs['linebook']['os']    = 'linebook/os/linux'
+attrs['linebook']['shell'] = 'linebook/shell/bash'

data/cookbook

@@ -0,0 +1,9 @@
+# Configure the cookbook here.
+# Adding this file to a gem marks it as a cookbook gem
+# (note that in a gem the contents of this file are ignored)
+
+# Define directories searched for attributes/recipes/etc.
+# paths: ['.']
+
+# Name the gems added to path - defaults to all marked gems.
+# gems: []

data/lib/linebook/os/linux.rb

@@ -0,0 +1,245 @@
+# Generated by Linecook
+
+module Linebook
+  module Os
+    # == login vs su
+    #
+    # The login and su methods both provide a way to switch users.  Login
+    # simulates a login and therefore you end up in the user home directory with
+    # the ENV as setup during login. By contrast su switches users such that it
+    # preserves exported ENV variables, including the pwd.
+    #
+    # Say you were the linecook user:
+    #
+    #   cd
+    #   export 'A', 'a'
+    #   variable 'B', 'b'
+    #   echo "$(whoami):$(pwd):$A:$B"             # => linecook:/home/linecook:a:b
+    #   login { echo "$(whoami):$(pwd):$A:$B" }   # => root:/root::
+    #   su    { echo "$(whoami):$(pwd):$A:$B" }   # => root:/home/linecook:a:
+    #
+    # User-management methods in this module assume root privileges (useradd,
+    # groupadd, etc) so unless you are already root, you need to wrap them in
+    # login or su. In this case login is more reliable than su because some
+    # systems leave the user management commands off the non-root PATH; using
+    # login ensures PATH will be set for root during the block.
+    #
+    # For example use:
+    #
+    #   login { useradd 'username' }
+    #
+    # Rather than:
+    #
+    #   su { useradd 'username' }   # => may give 'useradd: command not found'
+    #
+    # == Permissions
+    #
+    # The user running the package needs the ability to su without a password,
+    # otherwise login/su will choke and fail when run by 'linecook run'.  How this
+    # is accomplished is a matter of policy; something each user needs to decide
+    # for themselves.
+    #
+    # First you could run the package as root.
+    #
+    # Second you can grant the running user (ex 'linecook') su privileges.  This
+    # can be accomplished by adding the user to the 'wheel' group and modifiying
+    # the PAM config files. Afterwards all wheel users can su without a password.
+    # To do so (repeat for '/etc/pam.d/su-l' if it exists):
+    #
+    #   vi /etc/pam.d/su
+    #   # insert:
+    #   #   auth       sufficient pam_wheel.so trust
+    # 
+    # This is the default strategy and it works in a portable way because the
+    # {linux spec}[http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/cmdbehav.html]
+    # requires su exists and has the necessary options.
+    #
+    # Third you can chuck the default login/su, reimplement them with sudo, and
+    # give the user (ex 'linecook') sudo privileges.  This can be accomplished by
+    # adding the user to a group (ex 'linecook') and modifying the sudo config via
+    # visudo. Afterwards all the linecook users can sudo without a password.
+    #
+    #   visudo
+    #   # insert:
+    #   #   # Members of the linecook group may sudo without a password
+    #   #   %linecook ALL=NOPASSWD: ALL
+    #
+    # See an old version of the {linebook source}[https://github.com/pinnacol/linebook/tree/b786e1e63c68f5ddf3be15851d9b423bc05e5345/helpers/linebook/os/linux]
+    # for hints on how login/su could be reimplemented with sudo.  This strategy
+    # was abandonded as the default because sudo is not required by the linux spec
+    # and is does not come installed in many cases (ex Debian).  Moreover the
+    # options needed to make this strategy work don't exist in sudo < 1.7, so even
+    # systems that come with sudo could need an upgrade.
+    #
+    # Lastly you can chuck all of these strategies and figure out your own way.
+    # Surely they exist, for example by running the packages manually and entering
+    # in passwords as prompted.
+    #
+    module Linux
+      require 'linebook/os/unix'
+      include Unix
+      
+      def capture_script(options={})
+        unless options.kind_of?(Hash)
+          options = {:target_name => guess_target_name(options)}
+        end
+      
+        target_name = options[:target_name] || guess_target_name('script')
+        path = capture_path(target_name, options[:mode] || 0770) { yield }
+      
+        owner, group = options[:owner], options[:group]
+        if owner || group
+          callback 'before' do
+            chown owner, group, path
+          end
+        end
+      
+        path
+      end
+      
+      # Returns true if the group exists as determined by checking /etc/group.
+      def group?(name)
+        #  grep "^<%= name %>:" /etc/group >/dev/null 2>&1
+        write "grep \"^"; write(( name ).to_s); write ":\" /etc/group >/dev/null 2>&1"
+        chain_proxy
+      end
+      
+      def _group?(*args, &block) # :nodoc:
+        str = capture_str { group?(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      # Adds the group.
+      def groupadd(name, options={})
+        execute 'groupadd', name, options
+        chain_proxy
+      end
+      
+      def _groupadd(*args, &block) # :nodoc:
+        str = capture_str { groupadd(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      # Removes the group.
+      def groupdel(name, options={})
+        execute 'groupdel', name, options
+        chain_proxy
+      end
+      
+      def _groupdel(*args, &block) # :nodoc:
+        str = capture_str { groupdel(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      def groups(user, options={})
+        #  id -Gn <%= quote(user) %>
+        #  
+        #  
+        write "id -Gn "; write(( quote(user) ).to_s); write "\n"
+        write "\n"
+      
+        chain_proxy
+      end
+      
+      def _groups(*args, &block) # :nodoc:
+        str = capture_str { groups(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      def install(source, target, options={})
+        execute 'install', source, target, options
+        chain_proxy
+      end
+      
+      def _install(*args, &block) # :nodoc:
+        str = capture_str { install(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      # Logs in as the specified user for the duration of a block (the current ENV
+      # and pwd are reset as during a normal login).
+      def login(user='root', options={})
+        current = functions
+        begin
+          @functions = []
+          
+          path = capture_script(options) { yield }
+          execute 'su', user, path, :l => true
+        ensure
+          @functions = current
+        end
+        chain_proxy
+      end
+      
+      def _login(*args, &block) # :nodoc:
+        str = capture_str { login(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      # Switches to the specified user for the duration of a block.  The current ENV
+      # and pwd are preserved.
+      def su(user='root', options={})
+        path = capture_script(options) do
+          functions.each do |function|
+            writeln function
+          end
+          yield
+        end
+        execute 'su', user, path, :m => true
+        chain_proxy
+      end
+      
+      def _su(*args, &block) # :nodoc:
+        str = capture_str { su(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      # Returns true if the user exists as determined by id.
+      def user?(name)
+        #  id <%= quote(name) %> >/dev/null 2>&1
+        write "id "; write(( quote(name) ).to_s); write " >/dev/null 2>&1"
+        chain_proxy
+      end
+      
+      def _user?(*args, &block) # :nodoc:
+        str = capture_str { user?(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      # Adds the user.
+      def useradd(name, options={}) 
+        execute 'useradd', name, options
+        chain_proxy
+      end
+      
+      def _useradd(*args, &block) # :nodoc:
+        str = capture_str { useradd(*args, &block) }
+        str.strip!
+        str
+      end
+      
+      # Removes the user.
+      def userdel(name, options={}) 
+        # TODO - look into other things that might need to happen before:
+        # * kill processes belonging to user
+        # * remove at/cron/print jobs etc. 
+        execute 'userdel', name, options
+        chain_proxy
+      end
+      
+      def _userdel(*args, &block) # :nodoc:
+        str = capture_str { userdel(*args, &block) }
+        str.strip!
+        str
+      end
+    end
+  end
+end