mixlib-shellout 2.0.1 → 2.1.0

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    NGM3NmFiYjNlN2IwZTI3YWNiNTJiYWViODg3MTlhYTNlZjZiMzlkNg==
-  data.tar.gz: !binary |-
-    ZmQ5NDI4Nzc0MzJiOGYxNzQ1NDZkODYwZTRhZmQ4OTQ1YjYxMmVhYQ==
+SHA1:
+  metadata.gz: f89036d9e49a1aa022ad2a3a386c7c470c47bae3
+  data.tar.gz: 28a237b3cf0725a1deb0871f2a1b30a76f505025
 SHA512:
-  metadata.gz: !binary |-
-    NjU0MjZkMDFkNDAwMDQ3Y2I3NTJkZTVhMTQ5MTc3MzY1MTBhMzU0ZWZlYjAx
-    NjBlMTU2ZmRiODAyNjI4ODlkOWEzYmFiNzJjNzc3YTg5NWQ4MzVmZDViM2Iw
-    YWQyMWIyNTcxYjUxNjVjNTk4YjdiNGJkYjc2NmE4YzhhYjlkZjI=
-  data.tar.gz: !binary |-
-    MmE4ZjAxOGU0ZGM3OTY3M2EyZmExMjJkODI1ZDE0YmQwZDU4ZGY0YzQyYThh
-    MzI1NDdkMTc3MGFkNGQwZDA5NmJjMzg2NmFhNWQzOWExMDczZTFkZWQ5NzVh
-    YWVlNjRlNTEyN2VlMDU1YTY3M2I5NDFlZDI3NTk2OTU5ZTk1YWQ=
+  metadata.gz: 7c06cca58cd3c1192c1d591e95c4ddd79961de7eca1a4f255ef70443c4c4dd323f8a07db4f0681d58f759fc3048ffa03081956d1277cdf8b356be86a6a9d7358
+  data.tar.gz: f9964010b07fc39958ff65ff37b4906c6f1867ab7262e4dbc2c4df32500de257536c50007e02466869f495ae260c284eb78a9d7d9b6cf90b0affdabc1943c044

data/README.md

@@ -39,7 +39,7 @@ Invoke crontab to edit user cron:
 ## Windows Impersonation Example
 Invoke "whoami.exe" to demonstrate running a command as another user:
 
-      whomai = Mixlib::ShellOut.new("whoami.exe", :user => "username", :domain => "DOMAIN", :password => "password")
+      whoami = Mixlib::ShellOut.new("whoami.exe", :user => "username", :domain => "DOMAIN", :password => "password")
       whoami.run_command      
 
 ## Platform Support

data/lib/mixlib/shellout.rb

@@ -40,8 +40,13 @@ module Mixlib
     attr_accessor :user
     attr_accessor :domain
     attr_accessor :password
+    # TODO remove
     attr_accessor :with_logon
 
+    # Whether to simulate logon as the user. Normally set via options passed to new
+    # Always enabled on windows
+    attr_accessor :login
+
     # Group the command will run as. Normally set via options passed to new
     attr_accessor :group
 
@@ -141,6 +146,8 @@ module Mixlib
     #   child process. Generally this is used to copy data from the child to
     #   the parent's stdout so that users may observe the progress of
     #   long-running commands.
+    # * +login+: Whether to simulate a login (set secondary groups, primary group, environment
+    #   variables etc) as done by the OS in an actual login
     # === Examples:
     # Invoke find(1) to search for .rb files:
     #   find = Mixlib::ShellOut.new("find . -name '*.rb'")
@@ -164,6 +171,7 @@ module Mixlib
       @cwd = nil
       @valid_exit_codes = [0]
       @terminate_reason = nil
+      @timeout = nil
 
       if command_args.last.is_a?(Hash)
         parse_options(command_args.pop)
@@ -192,6 +200,7 @@ module Mixlib
 
     # The uid that the subprocess will switch to. If the user attribute was
     # given as a username, it is converted to a uid by Etc.getpwnam
+    # TODO migrate to shellout/unix.rb
     def uid
       return nil unless user
       user.kind_of?(Integer) ? user : Etc.getpwnam(user.to_s).uid
@@ -199,9 +208,11 @@ module Mixlib
 
     # The gid that the subprocess will switch to. If the group attribute is
     # given as a group name, it is converted to a gid by Etc.getgrnam
+    # TODO migrate to shellout/unix.rb
     def gid
-      return nil unless group
-      group.kind_of?(Integer) ? group : Etc.getgrnam(group.to_s).gid
+      return group.kind_of?(Integer) ? group : Etc.getgrnam(group.to_s).gid if group
+      return Etc.getpwuid(uid).gid if using_login?
+      return nil
     end
 
     def timeout
@@ -322,7 +333,8 @@ module Mixlib
           self.log_tag = setting
         when 'environment', 'env'
           self.environment = setting || {}
-
+        when 'login'
+          self.login = setting
         else
           raise InvalidCommandOption, "option '#{option.inspect}' is not a valid option for #{self.class.name}"
         end
@@ -332,6 +344,9 @@ module Mixlib
     end
 
     def validate_options(opts)
+      if login && !user
+        raise InvalidCommandOption, "cannot set login without specifying a user"
+      end
       super
     end
   end

data/lib/mixlib/shellout/unix.rb

@@ -30,6 +30,47 @@ module Mixlib
         # No options to validate, raise exceptions here if needed
       end
 
+      # Whether we're simulating a login shell
+      def using_login?
+        return login && user
+      end
+
+      # Helper method for sgids
+      def all_seconderies
+        ret = []
+        Etc.endgrent
+        while ( g = Etc.getgrent ) do
+          ret << g
+        end
+        Etc.endgrent
+        return ret
+      end
+
+      # The secondary groups that the subprocess will switch to.
+      # Currently valid only if login is used, and is set
+      # to the user's secondary groups
+      def sgids
+        return nil unless using_login?
+        user_name = Etc.getpwuid(uid).name
+        all_seconderies.select{|g| g.mem.include?(user_name)}.map{|g|g.gid}
+      end
+
+      # The environment variables that are deduced from simulating logon
+      # Only valid if login is used
+      def logon_environment
+        return {} unless using_login?
+        entry = Etc.getpwuid(uid)
+        # According to `man su`, the set fields are:
+        #  $HOME, $SHELL, $USER, $LOGNAME, $PATH, and $IFS
+        # Values are copied from "shadow" package in Ubuntu 14.10
+        {'HOME'=>entry.dir, 'SHELL'=>entry.shell, 'USER'=>entry.name, 'LOGNAME'=>entry.name, 'PATH'=>'/sbin:/bin:/usr/sbin:/usr/bin', 'IFS'=>"\t\n"}
+      end
+
+      # Merges the two environments for the process
+      def process_environment
+        logon_environment.merge(self.environment)
+      end
+
       # Run the command, writing the command's standard out and standard error
       # to +stdout+ and +stderr+, and saving its exit status object to +status+
       # === Returns
@@ -63,8 +104,8 @@ module Mixlib
         # CHEF-3390: Marshall.load on Ruby < 1.8.7p369 also has a GC bug related
         # to Marshall.load, so try disabling GC first.
         propagate_pre_exec_failure
-        get_child_pgid
 
+        @status = nil
         @result = nil
         @execution_time = 0
 
@@ -107,18 +148,6 @@ module Mixlib
 
       private
 
-      def get_child_pgid
-        # The behavior of Process.getpgid (see also getpgid(2) ) when the
-        # argument is the pid of a zombie isn't well specified. On Linux it
-        # works, on OS X it returns ESRCH (which ruby turns into Errno::ESRCH).
-        #
-        # If the child dies very quickly, @child_pid may be a zombie, so handle
-        # ESRCH here.
-        @child_pgid = -Process.getpgid(@child_pid)
-      rescue Errno::ESRCH, Errno::EPERM
-        @child_pgid = nil
-      end
-
       def set_user
         if user
           Process.uid = uid
@@ -133,8 +162,15 @@ module Mixlib
         end
       end
 
+      def set_secondarygroups
+        if sgids
+          Process.groups = sgids
+        end
+      end
+
       def set_environment
-        environment.each do |env_var,value|
+        # user-set variables should override the login ones
+        process_environment.each do |env_var,value|
           ENV[env_var] = value
         end
       end
@@ -147,14 +183,10 @@ module Mixlib
         Dir.chdir(cwd) if cwd
       end
 
-      # Process group id of the child. Returned as a negative value so you can
-      # put it directly in arguments to kill, wait, etc.
-      #
-      # This may be nil if the child dies before the parent can query the
-      # system for its pgid (on some systems it is an error to get the pgid of
-      # a zombie).
+      # Since we call setsid the child_pgid will be the child_pid, set to negative here
+      # so it can be directly used in arguments to kill, wait, etc.
       def child_pgid
-        @child_pgid
+        -@child_pid
       end
 
       def initialize_ipc
@@ -288,13 +320,14 @@ module Mixlib
           # support the "ONESHOT" optimization (where sh -c does exec without
           # forking). To support cleaning up all the children, we need to
           # ensure they're in a unique process group.
-          # We cannot use setsid here since getpgid fails on AIX with EPERM 
-          # when parent and child have different sessions and the parent tries to get the process group,
-          # hence we just create a new process group, and have the same session.
-          Process.setpgrp
+          #
+          # We use setsid here to abandon our controlling tty and get a new session
+          # and process group that are set to the pid of the child process.
+          Process.setsid
 
           configure_subprocess_file_descriptors
 
+          set_secondarygroups
           set_group
           set_user
           set_environment

data/lib/mixlib/shellout/version.rb

@@ -1,5 +1,5 @@
 module Mixlib
   class ShellOut
-    VERSION = "2.0.1"
+    VERSION = "2.1.0"
   end
 end

metadata

@@ -1,29 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: mixlib-shellout
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.1.0
 platform: ruby
 authors:
 - Opscode
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-19 00:00:00.000000000 Z
+date: 2015-05-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
 description: Run external commands on Unix or Windows
 email: info@opscode.com
 executables: []
@@ -49,17 +49,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.1
+rubygems_version: 2.4.6
 signing_key: 
 specification_version: 4
 summary: Run external commands on Unix or Windows