linebook 0.7.0 → 0.8.0

data/History

@@ -1,3 +1,11 @@
+== 0.8.0 2011/05/23
+
+Updated to linecook-1.2.0. Added many utility commands for Posix/Linux, and
+wrapped Unix into Posix module. Standardized the behavior of the commands.
+Added definition of functions and variables.
+
+Very likely breaks most of what was in use in 0.7.0.
+
 == 0.7.0 2011/04/26
 
 Updated to linecook-1.0.0

data/HowTo/Setup/Debian

@@ -0,0 +1,75 @@
+= Debian
+
+<em>Note these instructions are for building a dev box only. In particular
+they allow the linecook user to sudo without a password, which may not be in
+you best production interests.</em>
+
+Build an Debian base box using the following:
+
+  * http://www.debian.org/distrib/netinst
+  - name: debian
+  - Debian
+  - 384 MB memory
+  - 8 GB dynamically resizing drive
+
+Add the iso to the cd/dvd device under Settings > Storage. Now start the
+server and install (use default settings unless specified):
+
+  - root password: linecook
+  - user/password: linecook
+  - select 'SSH server' and 'Standard system utilities' as software to install
+
+When the server has rebooted and is ready at the login screen, remove the
+install iso, take a snapshot and setup port forwarding.
+
+  (Devices > CD/DVD Devices > Remove disk from virtual drive)
+  VBoxManage snapshot debian take RAW
+  VBoxManage controlvm debian poweroff
+  # wait to fully power off
+  VBoxManage modifyvm debian --natpf1 'debian-ssh,tcp,,2222,,22'
+  VBoxManage -q snapshot debian restore RAW
+  VBoxManage startvm debian
+
+Transfer your ssh key to the vm. Help to generate ssh keys can be found on
+{GitHub}[http://help.github.com/key-setup-redirect]:
+
+  scp -P 2222 -o UserKnownHostsFile=/dev/null ~/.ssh/id_rsa.pub linecook@localhost:id_rsa.pub
+
+Login as root and setup su for the linecook user:
+
+  vm: vi /etc/pam.d/su
+
+  # uncomment:
+  #
+  #   # Uncomment this if you want wheel members to be able to
+  #   # su without a password.
+  #   auth       sufficient pam_wheel.so trust
+  #
+
+  vm: groupadd wheel
+  vm: usermod -a -G wheel linecook
+
+Setup SSH for the linecook user:
+
+  vm: su -l linecook
+  vm: mkdir .ssh
+  vm: mv id_rsa.pub .ssh/authorized_keys
+  vm: chmod 0700 .ssh
+  vm: chmod 0600 .ssh/authorized_keys
+  vm: exit
+
+Remove the login banner and exit:
+
+  vm: rm /etc/motd
+  vm: exit
+
+Now take the standard snapshots:
+
+  VBoxManage snapshot debian take BASE
+  VBoxManage snapshot debian take CURRENT
+  VBoxManage controlvm debian poweroff
+
+To cleanup the port forwarding (run later, if ever):
+
+  VBoxManage modifyvm debian --natpf1 delete 'debian-ssh'
+

data/HowTo/Setup/SLES

@@ -0,0 +1,87 @@
+= SLES
+
+<em>Note these instructions are for building a dev box only. In particular
+they allow the linecook user to sudo without a password and disable the
+firewall, which may not be in you best production interests.</em>
+
+Build a SLES11 base box using the following:
+
+  - name: sles
+  - Linux/Linux 2.6
+  - 256 MB memory
+  - 8 GB dynamically resizing drive
+
+Add the netinst.iso to the cd/dvd device under Settings > Storage. Now start
+the server and install (use default settings unless specified):
+
+  - Server Base Scenario: Virtual Machine (middle option)
+  - Installation (1.2 GB):
+      Base System
+      Novell AppArmor
+      Minimal System
+      c/c++ Compiler and Tools
+  - root password: linecook
+  - network settings:
+      hostname: sles
+      domain: pinnacol.com
+      [ ] change hostname via DHCP
+      [x] write hostname to /etc/hosts
+      (Change > Network Interfaces > Hostname/DNS)
+      Name Server 1: 10.2.24.11
+      Name Server 2: 65.125.146.66
+      (Change > Firewall > Disable Firewall Automatic Starting)
+  - configure novell customer stuff later
+  - user/password: linecook
+
+When the server has rebooted and is ready at the login screen, remove the
+install iso, take a snapshot and setup port forwarding.
+
+  (Devices > CD/DVD Devices > Remove disk from virtual drive)
+  VBoxManage snapshot sles take RAW
+  VBoxManage controlvm sles poweroff
+  # wait to fully power off
+  VBoxManage modifyvm sles --natpf1 'sles-ssh,tcp,,2223,,22'
+  VBoxManage -q snapshot sles restore RAW
+  VBoxManage startvm sles
+
+Transfer your ssh key to the vm. Help to generate ssh keys can be found on
+GitHub (http://help.github.com/key-setup-redirect):
+
+  scp -P 2223 -o UserKnownHostsFile=/dev/null ~/.ssh/id_rsa.pub linecook@localhost:id_rsa.pub
+
+Login as root and setup su for the linecook user:
+
+  vm: vi /etc/pam.d/su
+
+  # insert:
+  #   auth       sufficient pam_wheel.so trust
+  
+  vm: vi /etc/pam.d/su-l
+  
+  # insert:
+  #   auth       sufficient pam_wheel.so trust
+  
+  vm: p=$(id -gn linecook)
+  vm: g=$(id -Gn linecook | sed "s/$p //" | sed "s/ /,/g")
+  vm: groupadd linecook
+  vm: usermod -g linecook -G "wheel,$g" linecook
+
+Setup SSH for the linecook user:
+
+  vm: su -l linecook
+  vm: mkdir .ssh
+  vm: mv id_rsa.pub .ssh/authorized_keys
+  vm: chmod 0700 .ssh
+  vm: chmod 0600 .ssh/authorized_keys
+  vm: exit
+  vm: exit
+
+Now take the standard snapshots:
+
+  VBoxManage snapshot sles take BASE
+  VBoxManage snapshot sles take CURRENT
+  VBoxManage controlvm sles poweroff
+
+To cleanup the port forwarding (run later, if ever):
+
+  VBoxManage modifyvm sles --natpf1 delete 'sles-ssh'

data/HowTo/Setup/Ubuntu

@@ -0,0 +1,71 @@
+== Ubuntu
+
+<em>Note these instructions are for building a dev box only. In particular
+they allow the linecook user to sudo without a password, which may not be in
+you best production interests.</em>
+
+Build a Ubuntu base box using the following:
+
+  - name: ubuntu
+  - Linux/Ubuntu
+  - 512 MB memory
+  - 8 GB dynamically resizing drive
+
+Add the iso to the cd/dvd device under Settings > Storage. Now start the
+server and install ubuntu (use default settings unless specified):
+
+  - user/password: linecook
+  - select 'OpenSSH server' in packages to install
+
+When the server has rebooted and is ready at the login screen, remove the
+install iso, take a snapshot and setup port forwarding.
+
+  (Devices > CD/DVD Devices > Remove disk from virtual drive)
+  VBoxManage snapshot ubuntu take RAW
+  VBoxManage controlvm ubuntu poweroff
+  # wait to fully power off
+  VBoxManage modifyvm ubuntu --natpf1 'ubuntu-ssh,tcp,,2220,,22'
+  VBoxManage -q snapshot ubuntu restore RAW
+  VBoxManage startvm ubuntu
+
+Transfer your ssh key to the vm. Help to generate ssh keys can be found on
+{GitHub}[http://help.github.com/key-setup-redirect]:
+
+  scp -P 2220 -o UserKnownHostsFile=/dev/null ~/.ssh/id_rsa.pub linecook@localhost:id_rsa.pub
+
+Login as linecook and setup su permissions for the linecook user:
+
+  vm: sudo vi /etc/pam.d/su
+
+  # uncomment:
+  #
+  #   # Uncomment this if you want wheel members to be able to
+  #   # su without a password.
+  #   auth       sufficient pam_wheel.so trust
+  #
+
+  vm: sudo groupadd wheel
+  vm: sudo usermod -a -G wheel linecook
+
+Setup SSH:
+
+  vm: mkdir .ssh
+  vm: mv id_rsa.pub .ssh/authorized_keys
+  vm: chmod 0700 .ssh
+  vm: chmod 0600 .ssh/authorized_keys
+
+Remove the login banner and exit:
+
+  vm: sudo rm /etc/motd
+  vm: exit
+
+Now take some standard snapshots:
+
+  VBoxManage snapshot ubuntu take BASE
+  VBoxManage snapshot ubuntu take CURRENT
+  VBoxManage controlvm ubuntu poweroff
+
+To cleanup the port forwarding (run later, if ever):
+
+  VBoxManage modifyvm ubuntu --natpf1 delete 'ubuntu-ssh'
+

data/HowTo/Setup/openSUSE

@@ -0,0 +1,75 @@
+= openSUSE
+
+<em>Note these instructions are for building a dev box only. In particular
+they allow the linecook user to sudo without a password and turn off the
+firewall, which may not be in you best production interests.</em>
+
+Build an openSUSE base box using the following:
+
+  * http://software.opensuse.org/113/en
+  - name: opensuse
+  - openSUSE
+  - 512 MB memory
+  - 8 GB dynamically resizing drive
+
+Add the iso to the cd/dvd device under Settings > Storage. Now start the
+server and install (use default settings unless specified):
+
+  - Desktop Selection: Other > Minimal Server Selection
+  - user/password: linecook
+  - deselect automatic login
+  
+When the server has rebooted and is ready at the login screen, remove the
+install iso, take a snapshot and setup port forwarding.
+
+  (Devices > CD/DVD Devices > Remove disk from virtual drive)
+  VBoxManage snapshot opensuse take RAW
+  VBoxManage controlvm opensuse poweroff
+  # wait to fully power off
+  VBoxManage modifyvm opensuse --natpf1 'opensuse-ssh,tcp,,2221,,22'
+  VBoxManage -q snapshot opensuse restore RAW
+  VBoxManage startvm opensuse
+
+Login as root, start sshd, stop the firewall, and setup su for the linecook user:
+
+  vm: /etc/init.d/sshd start
+  vm: rcSuSEfirewall2 stop
+  vm: vi /etc/pam.d/su
+  
+  # insert:
+  #   auth       sufficient pam_wheel.so trust
+  
+  vm: vi /etc/pam.d/su-l
+  
+  # insert:
+  #   auth       sufficient pam_wheel.so trust
+  
+  vm: groupadd linecook
+  vm: usermod -g linecook -A wheel linecook
+  
+Transfer your ssh key to the vm. Help to generate ssh keys can be found on
+{GitHub}[http://help.github.com/key-setup-redirect]:
+
+  scp -P 2221 -o UserKnownHostsFile=/dev/null ~/.ssh/id_rsa.pub linecook@localhost:id_rsa.pub
+
+Setup SSH for linecook and exit:
+
+  vm: su -l linecook
+  vm: mkdir .ssh
+  vm: mv id_rsa.pub .ssh/authorized_keys
+  vm: chmod 0700 .ssh
+  vm: chmod 0600 .ssh/authorized_keys
+  vm: exit
+  vm: exit
+
+Now take the standard snapshots:
+
+  VBoxManage snapshot opensuse take BASE
+  VBoxManage snapshot opensuse take CURRENT
+  VBoxManage controlvm opensuse poweroff
+
+To cleanup the port forwarding (run later, if ever):
+
+  VBoxManage modifyvm opensuse --natpf1 delete 'opensuse-ssh'
+
+https://bugzilla.novell.com/show_bug.cgi?id=556077#c7

data/HowTo/Switch Users

@@ -0,0 +1,73 @@
+= Switch Users
+
+The login and su methods in the Linebook::Os::Linux module both provide a way
+to switch users. Login simulates a login and therefore you end up in the user
+home directory with the ENV as setup during login. By contrast su switches
+users such that it preserves exported ENV variables, including the pwd.
+
+Say you were the linecook user:
+
+  cd
+  export 'A', 'a'
+  variable 'B', 'b'
+  echo "$(whoami):$(pwd):$A:$B"             # => linecook:/home/linecook:a:b
+  login { echo "$(whoami):$(pwd):$A:$B" }   # => root:/root::
+  su    { echo "$(whoami):$(pwd):$A:$B" }   # => root:/home/linecook:a:
+
+User-management methods in this module assume root privileges (useradd,
+groupadd, etc) so unless you are already root, you need to wrap them in login
+or su. In this case login is more reliable than su because some systems leave
+the user management commands off the non-root PATH; using login ensures PATH
+will be set for root during the block.
+
+For example use:
+
+  login { useradd 'username' }
+
+Rather than:
+
+  su { useradd 'username' }   # may give 'useradd: command not found'
+
+== Permissions
+
+The user running the package needs the ability to su without a password,
+otherwise login/su will choke and fail when run by 'linecook run'. How this is
+accomplished is a matter of policy; something each user needs to decide for
+themselves.
+
+First you could run the package as root.
+
+Second you can grant the running user (ex 'linecook') su privileges. This can
+be accomplished by adding the user to the 'wheel' group and modifiying the PAM
+config files. Afterwards all wheel users can su without a password. To do so
+(repeat for '/etc/pam.d/su-l' if it exists):
+
+  vi /etc/pam.d/su
+  # insert:
+  #   auth       sufficient pam_wheel.so trust
+
+This is the default strategy and it works in a portable way because the {linux
+spec}[http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/su.html]
+requires su exists and has the necessary options.
+
+Third you can chuck the default login/su, re-implement them with sudo, and
+give the user (ex 'linecook') sudo privileges. This can be accomplished by
+adding the user to a group (ex 'linecook') and modifying the sudo config via
+visudo. Afterwards all the linecook users can sudo without a password.
+
+  visudo
+  # insert:
+  #   # Members of the linecook group may sudo without a password
+  #   %linecook ALL=NOPASSWD: ALL
+
+See an old version of the {linebook
+source}[https://github.com/pinnacol/linebook/tree/b786e1e63c68f5ddf3be15851d
+9b423bc05e5345/helpers/linebook/os/linux] for hints on how login/su could be
+reimplemented with sudo. This strategy was abandoned because sudo is not
+required by the linux spec and is does not come installed in many cases (ex
+Debian). Moreover the options needed to make this strategy work don't exist in
+sudo < 1.7, so even systems that come with sudo could need an upgrade.
+
+Lastly you can chuck all of these strategies and figure out your own way.
+Surely they exist, for example by running scripts manually and entering in
+passwords as prompted.

data/lib/linebook/os/linux.rb

@@ -2,82 +2,30 @@
 
 module Linebook
   module Os
-    # == login vs su
-    #
-    # The login and su methods both provide a way to switch users.  Login
-    # simulates a login and therefore you end up in the user home directory with
-    # the ENV as setup during login. By contrast su switches users such that it
-    # preserves exported ENV variables, including the pwd.
-    #
-    # Say you were the linecook user:
-    #
-    #   cd
-    #   export 'A', 'a'
-    #   variable 'B', 'b'
-    #   echo "$(whoami):$(pwd):$A:$B"             # => linecook:/home/linecook:a:b
-    #   login { echo "$(whoami):$(pwd):$A:$B" }   # => root:/root::
-    #   su    { echo "$(whoami):$(pwd):$A:$B" }   # => root:/home/linecook:a:
-    #
-    # User-management methods in this module assume root privileges (useradd,
-    # groupadd, etc) so unless you are already root, you need to wrap them in
-    # login or su. In this case login is more reliable than su because some
-    # systems leave the user management commands off the non-root PATH; using
-    # login ensures PATH will be set for root during the block.
-    #
-    # For example use:
-    #
-    #   login { useradd 'username' }
-    #
-    # Rather than:
-    #
-    #   su { useradd 'username' }   # => may give 'useradd: command not found'
-    #
-    # == Permissions
-    #
-    # The user running the package needs the ability to su without a password,
-    # otherwise login/su will choke and fail when run by 'linecook run'.  How this
-    # is accomplished is a matter of policy; something each user needs to decide
-    # for themselves.
-    #
-    # First you could run the package as root.
-    #
-    # Second you can grant the running user (ex 'linecook') su privileges.  This
-    # can be accomplished by adding the user to the 'wheel' group and modifiying
-    # the PAM config files. Afterwards all wheel users can su without a password.
-    # To do so (repeat for '/etc/pam.d/su-l' if it exists):
-    #
-    #   vi /etc/pam.d/su
-    #   # insert:
-    #   #   auth       sufficient pam_wheel.so trust
-    # 
-    # This is the default strategy and it works in a portable way because the
-    # {linux spec}[http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/cmdbehav.html]
-    # requires su exists and has the necessary options.
-    #
-    # Third you can chuck the default login/su, reimplement them with sudo, and
-    # give the user (ex 'linecook') sudo privileges.  This can be accomplished by
-    # adding the user to a group (ex 'linecook') and modifying the sudo config via
-    # visudo. Afterwards all the linecook users can sudo without a password.
-    #
-    #   visudo
-    #   # insert:
-    #   #   # Members of the linecook group may sudo without a password
-    #   #   %linecook ALL=NOPASSWD: ALL
-    #
-    # See an old version of the {linebook source}[https://github.com/pinnacol/linebook/tree/b786e1e63c68f5ddf3be15851d9b423bc05e5345/helpers/linebook/os/linux]
-    # for hints on how login/su could be reimplemented with sudo.  This strategy
-    # was abandonded as the default because sudo is not required by the linux spec
-    # and is does not come installed in many cases (ex Debian).  Moreover the
-    # options needed to make this strategy work don't exist in sudo < 1.7, so even
-    # systems that come with sudo could need an upgrade.
-    #
-    # Lastly you can chuck all of these strategies and figure out your own way.
-    # Surely they exist, for example by running the packages manually and entering
-    # in passwords as prompted.
-    #
+    # Defines Linux-compliant functionality, based on the {Linux Standard Base
+    # Core Specification 4.1 }[http://refspecs.linuxfoundation.org/lsb.shtml]. See
+    # the online documentation for:
+    #
+    # * {Commands and Utilities
+    #   }[http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/cmdbehav.html]
+    # * {Single Unix Specification V2
+    #   }[http://pubs.opengroup.org/onlinepubs/007908799/xcuix.html]
+    # Posix does not specify commands for user management, but Linux does. Now
+    # that users are overtly in the mix, see {How to Switch
+    # Users}[link:files/HowTo/Switch%20Users.html] for picking a su policy.
     module Linux
-      require 'linebook/os/unix'
-      include Unix
+      require 'linebook/os/posix'
+      include Posix
+      
+      require 'linebook/os/linux/utilities'
+      include Utilities
+      
+      def guess_target_name(source_name)
+        target_dir  = File.dirname(target_name)
+        name = File.basename(source_name)
+        
+        _package_.next_target_name(target_dir == '.' ? name : File.join(target_dir, name))
+      end
       
       def capture_script(options={})
         unless options.kind_of?(Hash)
@@ -97,76 +45,12 @@ module Linebook
         path
       end
       
-      # Returns true if the group exists as determined by checking /etc/group.
-      def group?(name)
-        #  grep "^<%= name %>:" /etc/group >/dev/null 2>&1
-        write "grep \"^"; write(( name ).to_s); write ":\" /etc/group >/dev/null 2>&1"
-        chain_proxy
-      end
-      
-      def _group?(*args, &block) # :nodoc:
-        str = capture_str { group?(*args, &block) }
-        str.strip!
-        str
-      end
-      
-      # Adds the group.
-      def groupadd(name, options={})
-        execute 'groupadd', name, options
-        chain_proxy
-      end
-      
-      def _groupadd(*args, &block) # :nodoc:
-        str = capture_str { groupadd(*args, &block) }
-        str.strip!
-        str
-      end
-      
-      # Removes the group.
-      def groupdel(name, options={})
-        execute 'groupdel', name, options
-        chain_proxy
-      end
-      
-      def _groupdel(*args, &block) # :nodoc:
-        str = capture_str { groupdel(*args, &block) }
-        str.strip!
-        str
-      end
-      
-      def groups(user, options={})
-        #  id -Gn <%= quote(user) %>
-        #  
-        #  
-        write "id -Gn "; write(( quote(user) ).to_s); write "\n"
-        write "\n"
-      
-        chain_proxy
-      end
-      
-      def _groups(*args, &block) # :nodoc:
-        str = capture_str { groups(*args, &block) }
-        str.strip!
-        str
-      end
-      
-      def install(source, target, options={})
-        execute 'install', source, target, options
-        chain_proxy
-      end
-      
-      def _install(*args, &block) # :nodoc:
-        str = capture_str { install(*args, &block) }
-        str.strip!
-        str
-      end
-      
       # Logs in as the specified user for the duration of a block (the current ENV
       # and pwd are reset as during a normal login).
       def login(user='root', options={})
         current = functions
         begin
-          @functions = []
+          @functions = nil
           
           path = capture_script(options) { yield }
           execute 'su', user, path, :l => true
@@ -181,65 +65,6 @@ module Linebook
         str.strip!
         str
       end
-      
-      # Switches to the specified user for the duration of a block.  The current ENV
-      # and pwd are preserved.
-      def su(user='root', options={})
-        path = capture_script(options) do
-          functions.each do |function|
-            writeln function
-          end
-          yield
-        end
-        execute 'su', user, path, :m => true
-        chain_proxy
-      end
-      
-      def _su(*args, &block) # :nodoc:
-        str = capture_str { su(*args, &block) }
-        str.strip!
-        str
-      end
-      
-      # Returns true if the user exists as determined by id.
-      def user?(name)
-        #  id <%= quote(name) %> >/dev/null 2>&1
-        write "id "; write(( quote(name) ).to_s); write " >/dev/null 2>&1"
-        chain_proxy
-      end
-      
-      def _user?(*args, &block) # :nodoc:
-        str = capture_str { user?(*args, &block) }
-        str.strip!
-        str
-      end
-      
-      # Adds the user.
-      def useradd(name, options={}) 
-        execute 'useradd', name, options
-        chain_proxy
-      end
-      
-      def _useradd(*args, &block) # :nodoc:
-        str = capture_str { useradd(*args, &block) }
-        str.strip!
-        str
-      end
-      
-      # Removes the user.
-      def userdel(name, options={}) 
-        # TODO - look into other things that might need to happen before:
-        # * kill processes belonging to user
-        # * remove at/cron/print jobs etc. 
-        execute 'userdel', name, options
-        chain_proxy
-      end
-      
-      def _userdel(*args, &block) # :nodoc:
-        str = capture_str { userdel(*args, &block) }
-        str.strip!
-        str
-      end
     end
   end
 end