linebook 0.2.0 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- data/History +32 -0
- data/License.txt +1 -1
- data/README +4 -9
- data/attributes/linebook/shell.rb +2 -0
- data/cookbook +9 -0
- data/lib/linebook/os/linux.rb +245 -0
- data/lib/linebook/os/posix.rb +390 -0
- data/lib/linebook/os/ubuntu.rb +23 -0
- data/lib/linebook/os/unix.rb +462 -0
- data/lib/linebook/shell/bash.rb +11 -0
- data/lib/linebook/shell.rb +147 -0
- data/lib/linebook/version.rb +1 -1
- metadata +32 -10
data/History
CHANGED
@@ -1,3 +1,35 @@
|
|
1
|
+
== 0.7.0 2011/04/26
|
2
|
+
|
3
|
+
Updated to linecook-1.0.0
|
4
|
+
|
5
|
+
== 0.6.0 2011/03/15
|
6
|
+
|
7
|
+
Updated to linecook-0.19.1. Sketched out use of method chaining.
|
8
|
+
|
9
|
+
== 0.5.0 2011/03/09
|
10
|
+
|
11
|
+
Updated to linecook-0.16.0. Properly scoped *nix modules under os. Added
|
12
|
+
support for su/login. Progress in testing and developing the base dialect.
|
13
|
+
|
14
|
+
== 0.4.0 2011/02/23
|
15
|
+
|
16
|
+
Updated to linecook-0.15.0
|
17
|
+
|
18
|
+
== 0.3.2 2011/02/03
|
19
|
+
|
20
|
+
* updated dependencies
|
21
|
+
* added echo, cp_rf
|
22
|
+
|
23
|
+
== 0.3.1 2011/01/31
|
24
|
+
|
25
|
+
* cleaned up formatting of check_status_function
|
26
|
+
* made Shell.extend include os/shell helpers
|
27
|
+
* bug in target_path
|
28
|
+
|
29
|
+
== 0.3.0 2011/01/28
|
30
|
+
|
31
|
+
Added back everything to make Linebook a base distribution module.
|
32
|
+
|
1
33
|
== 0.2.0 2010/12/27
|
2
34
|
|
3
35
|
Cleared everything out to make Linebook purely a distribution module.
|
data/License.txt
CHANGED
data/README
CHANGED
@@ -1,16 +1,11 @@
|
|
1
1
|
= Linebook
|
2
2
|
|
3
|
-
|
3
|
+
The {Linecook}[http://gemcutter.org/gems/linecook] standard library.
|
4
4
|
|
5
5
|
== Description
|
6
6
|
|
7
|
-
|
8
|
-
|
9
|
-
exists solely to claim the namespace.
|
10
|
-
|
11
|
-
== Usage
|
12
|
-
|
13
|
-
None!
|
7
|
+
The standard library for Linecook, and a namespace for distributing Linecook
|
8
|
+
cookbooks.
|
14
9
|
|
15
10
|
== Installation
|
16
11
|
|
@@ -20,5 +15,5 @@ Linebook is available as a gem on {Gemcutter}[http://gemcutter.org/gems/linebook
|
|
20
15
|
|
21
16
|
== Info
|
22
17
|
|
23
|
-
Developer:: {Simon Chiang}[http://
|
18
|
+
Developer:: {Simon Chiang}[http://github.com/thinkerbot]
|
24
19
|
License:: {MIT-Style}[link:files/License_txt.html]
|
data/cookbook
ADDED
@@ -0,0 +1,9 @@
|
|
1
|
+
# Configure the cookbook here.
|
2
|
+
# Adding this file to a gem marks it as a cookbook gem
|
3
|
+
# (note that in a gem the contents of this file are ignored)
|
4
|
+
|
5
|
+
# Define directories searched for attributes/recipes/etc.
|
6
|
+
# paths: ['.']
|
7
|
+
|
8
|
+
# Name the gems added to path - defaults to all marked gems.
|
9
|
+
# gems: []
|
@@ -0,0 +1,245 @@
|
|
1
|
+
# Generated by Linecook
|
2
|
+
|
3
|
+
module Linebook
|
4
|
+
module Os
|
5
|
+
# == login vs su
|
6
|
+
#
|
7
|
+
# The login and su methods both provide a way to switch users. Login
|
8
|
+
# simulates a login and therefore you end up in the user home directory with
|
9
|
+
# the ENV as setup during login. By contrast su switches users such that it
|
10
|
+
# preserves exported ENV variables, including the pwd.
|
11
|
+
#
|
12
|
+
# Say you were the linecook user:
|
13
|
+
#
|
14
|
+
# cd
|
15
|
+
# export 'A', 'a'
|
16
|
+
# variable 'B', 'b'
|
17
|
+
# echo "$(whoami):$(pwd):$A:$B" # => linecook:/home/linecook:a:b
|
18
|
+
# login { echo "$(whoami):$(pwd):$A:$B" } # => root:/root::
|
19
|
+
# su { echo "$(whoami):$(pwd):$A:$B" } # => root:/home/linecook:a:
|
20
|
+
#
|
21
|
+
# User-management methods in this module assume root privileges (useradd,
|
22
|
+
# groupadd, etc) so unless you are already root, you need to wrap them in
|
23
|
+
# login or su. In this case login is more reliable than su because some
|
24
|
+
# systems leave the user management commands off the non-root PATH; using
|
25
|
+
# login ensures PATH will be set for root during the block.
|
26
|
+
#
|
27
|
+
# For example use:
|
28
|
+
#
|
29
|
+
# login { useradd 'username' }
|
30
|
+
#
|
31
|
+
# Rather than:
|
32
|
+
#
|
33
|
+
# su { useradd 'username' } # => may give 'useradd: command not found'
|
34
|
+
#
|
35
|
+
# == Permissions
|
36
|
+
#
|
37
|
+
# The user running the package needs the ability to su without a password,
|
38
|
+
# otherwise login/su will choke and fail when run by 'linecook run'. How this
|
39
|
+
# is accomplished is a matter of policy; something each user needs to decide
|
40
|
+
# for themselves.
|
41
|
+
#
|
42
|
+
# First you could run the package as root.
|
43
|
+
#
|
44
|
+
# Second you can grant the running user (ex 'linecook') su privileges. This
|
45
|
+
# can be accomplished by adding the user to the 'wheel' group and modifiying
|
46
|
+
# the PAM config files. Afterwards all wheel users can su without a password.
|
47
|
+
# To do so (repeat for '/etc/pam.d/su-l' if it exists):
|
48
|
+
#
|
49
|
+
# vi /etc/pam.d/su
|
50
|
+
# # insert:
|
51
|
+
# # auth sufficient pam_wheel.so trust
|
52
|
+
#
|
53
|
+
# This is the default strategy and it works in a portable way because the
|
54
|
+
# {linux spec}[http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/cmdbehav.html]
|
55
|
+
# requires su exists and has the necessary options.
|
56
|
+
#
|
57
|
+
# Third you can chuck the default login/su, reimplement them with sudo, and
|
58
|
+
# give the user (ex 'linecook') sudo privileges. This can be accomplished by
|
59
|
+
# adding the user to a group (ex 'linecook') and modifying the sudo config via
|
60
|
+
# visudo. Afterwards all the linecook users can sudo without a password.
|
61
|
+
#
|
62
|
+
# visudo
|
63
|
+
# # insert:
|
64
|
+
# # # Members of the linecook group may sudo without a password
|
65
|
+
# # %linecook ALL=NOPASSWD: ALL
|
66
|
+
#
|
67
|
+
# See an old version of the {linebook source}[https://github.com/pinnacol/linebook/tree/b786e1e63c68f5ddf3be15851d9b423bc05e5345/helpers/linebook/os/linux]
|
68
|
+
# for hints on how login/su could be reimplemented with sudo. This strategy
|
69
|
+
# was abandonded as the default because sudo is not required by the linux spec
|
70
|
+
# and is does not come installed in many cases (ex Debian). Moreover the
|
71
|
+
# options needed to make this strategy work don't exist in sudo < 1.7, so even
|
72
|
+
# systems that come with sudo could need an upgrade.
|
73
|
+
#
|
74
|
+
# Lastly you can chuck all of these strategies and figure out your own way.
|
75
|
+
# Surely they exist, for example by running the packages manually and entering
|
76
|
+
# in passwords as prompted.
|
77
|
+
#
|
78
|
+
module Linux
|
79
|
+
require 'linebook/os/unix'
|
80
|
+
include Unix
|
81
|
+
|
82
|
+
def capture_script(options={})
|
83
|
+
unless options.kind_of?(Hash)
|
84
|
+
options = {:target_name => guess_target_name(options)}
|
85
|
+
end
|
86
|
+
|
87
|
+
target_name = options[:target_name] || guess_target_name('script')
|
88
|
+
path = capture_path(target_name, options[:mode] || 0770) { yield }
|
89
|
+
|
90
|
+
owner, group = options[:owner], options[:group]
|
91
|
+
if owner || group
|
92
|
+
callback 'before' do
|
93
|
+
chown owner, group, path
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
path
|
98
|
+
end
|
99
|
+
|
100
|
+
# Returns true if the group exists as determined by checking /etc/group.
|
101
|
+
def group?(name)
|
102
|
+
# grep "^<%= name %>:" /etc/group >/dev/null 2>&1
|
103
|
+
write "grep \"^"; write(( name ).to_s); write ":\" /etc/group >/dev/null 2>&1"
|
104
|
+
chain_proxy
|
105
|
+
end
|
106
|
+
|
107
|
+
def _group?(*args, &block) # :nodoc:
|
108
|
+
str = capture_str { group?(*args, &block) }
|
109
|
+
str.strip!
|
110
|
+
str
|
111
|
+
end
|
112
|
+
|
113
|
+
# Adds the group.
|
114
|
+
def groupadd(name, options={})
|
115
|
+
execute 'groupadd', name, options
|
116
|
+
chain_proxy
|
117
|
+
end
|
118
|
+
|
119
|
+
def _groupadd(*args, &block) # :nodoc:
|
120
|
+
str = capture_str { groupadd(*args, &block) }
|
121
|
+
str.strip!
|
122
|
+
str
|
123
|
+
end
|
124
|
+
|
125
|
+
# Removes the group.
|
126
|
+
def groupdel(name, options={})
|
127
|
+
execute 'groupdel', name, options
|
128
|
+
chain_proxy
|
129
|
+
end
|
130
|
+
|
131
|
+
def _groupdel(*args, &block) # :nodoc:
|
132
|
+
str = capture_str { groupdel(*args, &block) }
|
133
|
+
str.strip!
|
134
|
+
str
|
135
|
+
end
|
136
|
+
|
137
|
+
def groups(user, options={})
|
138
|
+
# id -Gn <%= quote(user) %>
|
139
|
+
#
|
140
|
+
#
|
141
|
+
write "id -Gn "; write(( quote(user) ).to_s); write "\n"
|
142
|
+
write "\n"
|
143
|
+
|
144
|
+
chain_proxy
|
145
|
+
end
|
146
|
+
|
147
|
+
def _groups(*args, &block) # :nodoc:
|
148
|
+
str = capture_str { groups(*args, &block) }
|
149
|
+
str.strip!
|
150
|
+
str
|
151
|
+
end
|
152
|
+
|
153
|
+
def install(source, target, options={})
|
154
|
+
execute 'install', source, target, options
|
155
|
+
chain_proxy
|
156
|
+
end
|
157
|
+
|
158
|
+
def _install(*args, &block) # :nodoc:
|
159
|
+
str = capture_str { install(*args, &block) }
|
160
|
+
str.strip!
|
161
|
+
str
|
162
|
+
end
|
163
|
+
|
164
|
+
# Logs in as the specified user for the duration of a block (the current ENV
|
165
|
+
# and pwd are reset as during a normal login).
|
166
|
+
def login(user='root', options={})
|
167
|
+
current = functions
|
168
|
+
begin
|
169
|
+
@functions = []
|
170
|
+
|
171
|
+
path = capture_script(options) { yield }
|
172
|
+
execute 'su', user, path, :l => true
|
173
|
+
ensure
|
174
|
+
@functions = current
|
175
|
+
end
|
176
|
+
chain_proxy
|
177
|
+
end
|
178
|
+
|
179
|
+
def _login(*args, &block) # :nodoc:
|
180
|
+
str = capture_str { login(*args, &block) }
|
181
|
+
str.strip!
|
182
|
+
str
|
183
|
+
end
|
184
|
+
|
185
|
+
# Switches to the specified user for the duration of a block. The current ENV
|
186
|
+
# and pwd are preserved.
|
187
|
+
def su(user='root', options={})
|
188
|
+
path = capture_script(options) do
|
189
|
+
functions.each do |function|
|
190
|
+
writeln function
|
191
|
+
end
|
192
|
+
yield
|
193
|
+
end
|
194
|
+
execute 'su', user, path, :m => true
|
195
|
+
chain_proxy
|
196
|
+
end
|
197
|
+
|
198
|
+
def _su(*args, &block) # :nodoc:
|
199
|
+
str = capture_str { su(*args, &block) }
|
200
|
+
str.strip!
|
201
|
+
str
|
202
|
+
end
|
203
|
+
|
204
|
+
# Returns true if the user exists as determined by id.
|
205
|
+
def user?(name)
|
206
|
+
# id <%= quote(name) %> >/dev/null 2>&1
|
207
|
+
write "id "; write(( quote(name) ).to_s); write " >/dev/null 2>&1"
|
208
|
+
chain_proxy
|
209
|
+
end
|
210
|
+
|
211
|
+
def _user?(*args, &block) # :nodoc:
|
212
|
+
str = capture_str { user?(*args, &block) }
|
213
|
+
str.strip!
|
214
|
+
str
|
215
|
+
end
|
216
|
+
|
217
|
+
# Adds the user.
|
218
|
+
def useradd(name, options={})
|
219
|
+
execute 'useradd', name, options
|
220
|
+
chain_proxy
|
221
|
+
end
|
222
|
+
|
223
|
+
def _useradd(*args, &block) # :nodoc:
|
224
|
+
str = capture_str { useradd(*args, &block) }
|
225
|
+
str.strip!
|
226
|
+
str
|
227
|
+
end
|
228
|
+
|
229
|
+
# Removes the user.
|
230
|
+
def userdel(name, options={})
|
231
|
+
# TODO - look into other things that might need to happen before:
|
232
|
+
# * kill processes belonging to user
|
233
|
+
# * remove at/cron/print jobs etc.
|
234
|
+
execute 'userdel', name, options
|
235
|
+
chain_proxy
|
236
|
+
end
|
237
|
+
|
238
|
+
def _userdel(*args, &block) # :nodoc:
|
239
|
+
str = capture_str { userdel(*args, &block) }
|
240
|
+
str.strip!
|
241
|
+
str
|
242
|
+
end
|
243
|
+
end
|
244
|
+
end
|
245
|
+
end
|