mixlib-shellout 2.1.0-universal-mingw32

data/lib/mixlib/shellout/exceptions.rb

@@ -0,0 +1,7 @@
+module Mixlib
+  class ShellOut
+    class ShellCommandFailed < RuntimeError; end
+    class CommandTimeout < RuntimeError; end
+    class InvalidCommandOption < RuntimeError; end
+  end
+end

data/lib/mixlib/shellout/unix.rb

@@ -0,0 +1,415 @@
+#--
+# Author:: Daniel DeLeo (<dan@opscode.com>)
+# Copyright:: Copyright (c) 2010, 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module Mixlib
+  class ShellOut
+    module Unix
+
+      # "1.8.7" as a frozen string. We use this with a hack that disables GC to
+      # avoid segfaults on Ruby 1.8.7, so we need to allocate the fewest
+      # objects we possibly can.
+      ONE_DOT_EIGHT_DOT_SEVEN = "1.8.7".freeze
+
+      # Option validation that is unix specific
+      def validate_options(opts)
+        # No options to validate, raise exceptions here if needed
+      end
+
+      # Whether we're simulating a login shell
+      def using_login?
+        return login && user
+      end
+
+      # Helper method for sgids
+      def all_seconderies
+        ret = []
+        Etc.endgrent
+        while ( g = Etc.getgrent ) do
+          ret << g
+        end
+        Etc.endgrent
+        return ret
+      end
+
+      # The secondary groups that the subprocess will switch to.
+      # Currently valid only if login is used, and is set
+      # to the user's secondary groups
+      def sgids
+        return nil unless using_login?
+        user_name = Etc.getpwuid(uid).name
+        all_seconderies.select{|g| g.mem.include?(user_name)}.map{|g|g.gid}
+      end
+
+      # The environment variables that are deduced from simulating logon
+      # Only valid if login is used
+      def logon_environment
+        return {} unless using_login?
+        entry = Etc.getpwuid(uid)
+        # According to `man su`, the set fields are:
+        #  $HOME, $SHELL, $USER, $LOGNAME, $PATH, and $IFS
+        # Values are copied from "shadow" package in Ubuntu 14.10
+        {'HOME'=>entry.dir, 'SHELL'=>entry.shell, 'USER'=>entry.name, 'LOGNAME'=>entry.name, 'PATH'=>'/sbin:/bin:/usr/sbin:/usr/bin', 'IFS'=>"\t\n"}
+      end
+
+      # Merges the two environments for the process
+      def process_environment
+        logon_environment.merge(self.environment)
+      end
+
+      # Run the command, writing the command's standard out and standard error
+      # to +stdout+ and +stderr+, and saving its exit status object to +status+
+      # === Returns
+      # returns   +self+; +stdout+, +stderr+, +status+, and +exitstatus+ will be
+      # populated with results of the command.
+      # === Raises
+      # * Errno::EACCES  when you are not privileged to execute the command
+      # * Errno::ENOENT  when the command is not available on the system (or not
+      #   in the current $PATH)
+      # * Chef::Exceptions::CommandTimeout  when the command does not complete
+      #   within +timeout+ seconds (default: 600s). When this happens, ShellOut
+      #   will send a TERM and then KILL to the entire process group to ensure
+      #   that any grandchild processes are terminated. If the invocation of
+      #   the child process spawned multiple child processes (which commonly
+      #   happens if the command is passed as a single string to be interpreted
+      #   by bin/sh, and bin/sh is not bash), the exit status object may not
+      #   contain the correct exit code of the process (of course there is no
+      #   exit code if the command is killed by SIGKILL, also).
+      def run_command
+        @child_pid = fork_subprocess
+        @reaped = false
+
+        configure_parent_process_file_descriptors
+
+        # Ruby 1.8.7 and 1.8.6 from mid 2009 try to allocate objects during GC
+        # when calling IO.select and IO#read. Disabling GC works around the
+        # segfault, but obviously it's a bad workaround. We no longer support
+        # 1.8.6 so we only need this hack for 1.8.7.
+        GC.disable if RUBY_VERSION == ONE_DOT_EIGHT_DOT_SEVEN
+
+        # CHEF-3390: Marshall.load on Ruby < 1.8.7p369 also has a GC bug related
+        # to Marshall.load, so try disabling GC first.
+        propagate_pre_exec_failure
+
+        @status = nil
+        @result = nil
+        @execution_time = 0
+
+        write_to_child_stdin
+
+        until @status
+          ready_buffers = attempt_buffer_read
+          unless ready_buffers
+            @execution_time += READ_WAIT_TIME
+            if @execution_time >= timeout && !@result
+              # kill the bad proccess
+              reap_errant_child
+              # read anything it wrote when we killed it
+              attempt_buffer_read
+              # raise
+              raise CommandTimeout, "Command timed out after #{@execution_time.to_i}s:\n#{format_for_exception}"
+            end
+          end
+
+          attempt_reap
+        end
+
+        self
+      rescue Errno::ENOENT
+        # When ENOENT happens, we can be reasonably sure that the child process
+        # is going to exit quickly, so we use the blocking variant of waitpid2
+        reap
+        raise
+      ensure
+        reap_errant_child if should_reap?
+        # make one more pass to get the last of the output after the
+        # child process dies
+        attempt_buffer_read
+        # no matter what happens, turn the GC back on, and hope whatever busted
+        # version of ruby we're on doesn't allocate some objects during the next
+        # GC run.
+        GC.enable
+        close_all_pipes
+      end
+
+      private
+
+      def set_user
+        if user
+          Process.uid = uid
+          Process.euid = uid
+        end
+      end
+
+      def set_group
+        if group
+          Process.egid = gid
+          Process.gid = gid
+        end
+      end
+
+      def set_secondarygroups
+        if sgids
+          Process.groups = sgids
+        end
+      end
+
+      def set_environment
+        # user-set variables should override the login ones
+        process_environment.each do |env_var,value|
+          ENV[env_var] = value
+        end
+      end
+
+      def set_umask
+        File.umask(umask) if umask
+      end
+
+      def set_cwd
+        Dir.chdir(cwd) if cwd
+      end
+
+      # Since we call setsid the child_pgid will be the child_pid, set to negative here
+      # so it can be directly used in arguments to kill, wait, etc.
+      def child_pgid
+        -@child_pid
+      end
+
+      def initialize_ipc
+        @stdin_pipe, @stdout_pipe, @stderr_pipe, @process_status_pipe = IO.pipe, IO.pipe, IO.pipe, IO.pipe
+        @process_status_pipe.last.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
+      end
+
+      def child_stdin
+        @stdin_pipe[1]
+      end
+
+      def child_stdout
+        @stdout_pipe[0]
+      end
+
+      def child_stderr
+        @stderr_pipe[0]
+      end
+
+      def child_process_status
+        @process_status_pipe[0]
+      end
+
+      def close_all_pipes
+        child_stdin.close   unless child_stdin.closed?
+        child_stdout.close  unless child_stdout.closed?
+        child_stderr.close  unless child_stderr.closed?
+        child_process_status.close unless child_process_status.closed?
+      end
+
+      # Replace stdout, and stderr with pipes to the parent, and close the
+      # reader side of the error marshaling side channel.
+      #
+      # If there is no input, close STDIN so when we exec,
+      # the new program will know it's never getting input ever.
+      def configure_subprocess_file_descriptors
+        process_status_pipe.first.close
+
+        # HACK: for some reason, just STDIN.close isn't good enough when running
+        # under ruby 1.9.2, so make it good enough:
+        stdin_pipe.last.close
+        STDIN.reopen stdin_pipe.first
+        stdin_pipe.first.close unless input
+
+        stdout_pipe.first.close
+        STDOUT.reopen stdout_pipe.last
+        stdout_pipe.last.close
+
+        stderr_pipe.first.close
+        STDERR.reopen stderr_pipe.last
+        stderr_pipe.last.close
+
+        STDOUT.sync = STDERR.sync = true
+        STDIN.sync = true if input
+      end
+
+      def configure_parent_process_file_descriptors
+        # Close the sides of the pipes we don't care about
+        stdin_pipe.first.close
+        stdin_pipe.last.close unless input
+        stdout_pipe.last.close
+        stderr_pipe.last.close
+        process_status_pipe.last.close
+        # Get output as it happens rather than buffered
+        child_stdin.sync = true if input
+        child_stdout.sync = true
+        child_stderr.sync = true
+
+        true
+      end
+
+      # Some patch levels of ruby in wide use (in particular the ruby 1.8.6 on OSX)
+      # segfault when you IO.select a pipe that's reached eof. Weak sauce.
+      def open_pipes
+        @open_pipes ||= [child_stdout, child_stderr, child_process_status]
+      end
+
+      # Keep this unbuffered for now
+      def write_to_child_stdin
+        return unless input
+        child_stdin << input
+        child_stdin.close # Kick things off
+      end
+
+      def attempt_buffer_read
+        ready = IO.select(open_pipes, nil, nil, READ_WAIT_TIME)
+        if ready
+          read_stdout_to_buffer if ready.first.include?(child_stdout)
+          read_stderr_to_buffer if ready.first.include?(child_stderr)
+          read_process_status_to_buffer if ready.first.include?(child_process_status)
+        end
+        ready
+      end
+
+      def read_stdout_to_buffer
+        while chunk = child_stdout.read_nonblock(READ_SIZE)
+          @stdout << chunk
+          @live_stdout << chunk if @live_stdout
+        end
+      rescue Errno::EAGAIN
+      rescue EOFError
+        open_pipes.delete(child_stdout)
+      end
+
+      def read_stderr_to_buffer
+        while chunk = child_stderr.read_nonblock(READ_SIZE)
+          @stderr << chunk
+          @live_stderr << chunk if @live_stderr
+        end
+      rescue Errno::EAGAIN
+      rescue EOFError
+        open_pipes.delete(child_stderr)
+      end
+
+      def read_process_status_to_buffer
+        while chunk = child_process_status.read_nonblock(READ_SIZE)
+          @process_status << chunk
+        end
+      rescue Errno::EAGAIN
+      rescue EOFError
+        open_pipes.delete(child_process_status)
+      end
+
+      def fork_subprocess
+        initialize_ipc
+
+        fork do
+          # Child processes may themselves fork off children. A common case
+          # is when the command is given as a single string (instead of
+          # command name plus Array of arguments) and /bin/sh does not
+          # support the "ONESHOT" optimization (where sh -c does exec without
+          # forking). To support cleaning up all the children, we need to
+          # ensure they're in a unique process group.
+          #
+          # We use setsid here to abandon our controlling tty and get a new session
+          # and process group that are set to the pid of the child process.
+          Process.setsid
+
+          configure_subprocess_file_descriptors
+
+          set_secondarygroups
+          set_group
+          set_user
+          set_environment
+          set_umask
+          set_cwd
+
+          begin
+            command.kind_of?(Array) ? exec(*command, :close_others=>true) : exec(command, :close_others=>true)
+
+            raise 'forty-two' # Should never get here
+          rescue Exception => e
+            Marshal.dump(e, process_status_pipe.last)
+            process_status_pipe.last.flush
+          end
+          process_status_pipe.last.close unless (process_status_pipe.last.closed?)
+          exit!
+        end
+      end
+
+      # Attempt to get a Marshaled error from the side-channel.
+      # If it's there, un-marshal it and raise. If it's not there,
+      # assume everything went well.
+      def propagate_pre_exec_failure
+        begin
+          attempt_buffer_read until child_process_status.eof?
+          e = Marshal.load(@process_status)
+          raise(Exception === e ? e : "unknown failure: #{e.inspect}")
+        rescue ArgumentError # If we get an ArgumentError error, then the exec was successful
+          true
+        ensure
+          child_process_status.close
+          open_pipes.delete(child_process_status)
+        end
+      end
+
+      def reap_errant_child
+        return if attempt_reap
+        @terminate_reason = "Command exceeded allowed execution time, process terminated"
+        logger.error("Command exceeded allowed execution time, sending TERM") if logger
+        Process.kill(:TERM, child_pgid)
+        sleep 3
+        attempt_reap
+        logger.error("Command exceeded allowed execution time, sending KILL") if logger
+        Process.kill(:KILL, child_pgid)
+        reap
+
+        # Should not hit this but it's possible if something is calling waitall
+        # in a separate thread.
+      rescue Errno::ESRCH
+        nil
+      end
+
+      def should_reap?
+        # if we fail to fork, no child pid so nothing to reap
+        @child_pid && !@reaped
+      end
+
+      # Unconditionally reap the child process. This is used in scenarios where
+      # we can be confident the child will exit quickly, and has not spawned
+      # and grandchild processes.
+      def reap
+        results = Process.waitpid2(@child_pid)
+        @reaped = true
+        @status = results.last
+      rescue Errno::ECHILD
+        # When cleaning up timed-out processes, we might send SIGKILL to the
+        # whole process group after we've cleaned up the direct child. In that
+        # case the grandchildren will have been adopted by init so we can't
+        # reap them even if we wanted to (we don't).
+        nil
+      end
+
+      # Try to reap the child process but don't block if it isn't dead yet.
+      def attempt_reap
+        if results = Process.waitpid2(@child_pid, Process::WNOHANG)
+          @reaped = true
+          @status = results.last
+        else
+          nil
+        end
+      end
+
+    end
+  end
+end

data/lib/mixlib/shellout/version.rb

@@ -0,0 +1,5 @@
+module Mixlib
+  class ShellOut
+    VERSION = "2.1.0"
+  end
+end

data/lib/mixlib/shellout/windows.rb

@@ -0,0 +1,320 @@
+#--
+# Author:: Daniel DeLeo (<dan@opscode.com>)
+# Author:: John Keiser (<jkeiser@opscode.com>)
+# Author:: Ho-Sheng Hsiao (<hosh@opscode.com>)
+# Copyright:: Copyright (c) 2011, 2012 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'win32/process'
+require 'windows/handle'
+require 'windows/process'
+require 'windows/synchronize'
+
+require 'mixlib/shellout/windows/core_ext'
+
+module Mixlib
+  class ShellOut
+    module Windows
+
+      include ::Windows::Handle
+      include ::Windows::Process
+      include ::Windows::Synchronize
+
+      TIME_SLICE = 0.05
+
+      # Option validation that is windows specific
+      def validate_options(opts)
+        if opts[:user]
+          unless opts[:password]
+            raise InvalidCommandOption, "You must supply both a username and password when supplying a user in windows"
+          end
+        end
+      end
+
+      #--
+      # Missing lots of features from the UNIX version, such as
+      # uid, etc.
+      def run_command
+
+        #
+        # Create pipes to capture stdout and stderr,
+        #
+        stdout_read, stdout_write = IO.pipe
+        stderr_read, stderr_write = IO.pipe
+        stdin_read, stdin_write = IO.pipe
+        open_streams = [ stdout_read, stderr_read ]
+
+        begin
+
+          #
+          # Set cwd, environment, appname, etc.
+          #
+          app_name, command_line = command_to_run(self.command)
+          create_process_args = {
+            :app_name => app_name,
+            :command_line => command_line,
+            :startup_info => {
+              :stdout => stdout_write,
+              :stderr => stderr_write,
+              :stdin => stdin_read
+            },
+            :environment => inherit_environment.map { |k,v| "#{k}=#{v}" },
+            :close_handles => false
+          }
+          create_process_args[:cwd] = cwd if cwd
+          # default to local account database if domain is not specified
+          create_process_args[:domain] = domain.nil? ? "." : domain
+          create_process_args[:with_logon] = with_logon if with_logon
+          create_process_args[:password] = password if password
+
+          #
+          # Start the process
+          #
+          process = Process.create(create_process_args)
+          begin
+            # Start pushing data into input
+            stdin_write << input if input
+
+            # Close pipe to kick things off
+            stdin_write.close
+
+            #
+            # Wait for the process to finish, consuming output as we go
+            #
+            start_wait = Time.now
+            while true
+              wait_status = WaitForSingleObject(process.process_handle, 0)
+              case wait_status
+              when WAIT_OBJECT_0
+                # Get process exit code
+                exit_code = [0].pack('l')
+                unless GetExitCodeProcess(process.process_handle, exit_code)
+                  raise get_last_error
+                end
+                @status = ThingThatLooksSortOfLikeAProcessStatus.new
+                @status.exitstatus = exit_code.unpack('l').first
+
+                return self
+              when WAIT_TIMEOUT
+                # Kill the process
+                if (Time.now - start_wait) > timeout
+                  begin
+                    Process.kill(:KILL, process.process_id)
+                  rescue Errno::EIO
+                    logger.warn("Failed to kill timed out process #{process.process_id}") if logger
+                  end
+
+                  raise Mixlib::ShellOut::CommandTimeout, "command timed out:\n#{format_for_exception}"
+                end
+
+                consume_output(open_streams, stdout_read, stderr_read)
+              else
+                raise "Unknown response from WaitForSingleObject(#{process.process_handle}, #{timeout*1000}): #{wait_status}"
+              end
+
+            end
+
+          ensure
+            CloseHandle(process.thread_handle) if process.thread_handle
+            CloseHandle(process.process_handle) if process.process_handle
+          end
+
+        ensure
+          #
+          # Consume all remaining data from the pipes until they are closed
+          #
+          stdout_write.close
+          stderr_write.close
+
+          while consume_output(open_streams, stdout_read, stderr_read)
+          end
+        end
+      end
+
+      private
+
+      class ThingThatLooksSortOfLikeAProcessStatus
+        attr_accessor :exitstatus
+        def success?
+          exitstatus == 0
+        end
+      end
+
+      def consume_output(open_streams, stdout_read, stderr_read)
+        return false if open_streams.length == 0
+        ready = IO.select(open_streams, nil, nil, READ_WAIT_TIME)
+        return true if ! ready
+
+        if ready.first.include?(stdout_read)
+          begin
+            next_chunk = stdout_read.readpartial(READ_SIZE)
+            @stdout << next_chunk
+            @live_stdout << next_chunk if @live_stdout
+          rescue EOFError
+            stdout_read.close
+            open_streams.delete(stdout_read)
+          end
+        end
+
+        if ready.first.include?(stderr_read)
+          begin
+            next_chunk = stderr_read.readpartial(READ_SIZE)
+            @stderr << next_chunk
+            @live_stderr << next_chunk if @live_stderr
+          rescue EOFError
+            stderr_read.close
+            open_streams.delete(stderr_read)
+          end
+        end
+
+        return true
+      end
+
+      IS_BATCH_FILE = /\.bat"?$|\.cmd"?$/i
+
+      def command_to_run(command)
+        return _run_under_cmd(command) if Utils.should_run_under_cmd?(command)
+
+        candidate = candidate_executable_for_command(command)
+
+        # Don't do searching for empty commands.  Let it fail when it runs.
+        return [ nil, command ] if candidate.length == 0
+
+        # Check if the exe exists directly.  Otherwise, search PATH.
+        exe = Utils.find_executable(candidate)
+        exe = Utils.which(unquoted_executable_path(command)) if exe.nil? && exe !~ /[\\\/]/
+
+        # Batch files MUST use cmd; and if we couldn't find the command we're looking for,
+        # we assume it must be a cmd builtin.
+        if exe.nil? || exe =~ IS_BATCH_FILE
+          _run_under_cmd(command)
+        else
+          _run_directly(command, exe)
+        end
+      end
+
+      # cmd does not parse multiple quotes well unless the whole thing is wrapped up in quotes.
+      # https://github.com/opscode/mixlib-shellout/pull/2#issuecomment-4837859
+      # http://ss64.com/nt/syntax-esc.html
+      def _run_under_cmd(command)
+        [ ENV['COMSPEC'], "cmd /c \"#{command}\"" ]
+      end
+
+      def _run_directly(command, exe)
+        [ exe, command ]
+      end
+
+      def unquoted_executable_path(command)
+        command[0,command.index(/\s/) || command.length]
+      end
+
+      def candidate_executable_for_command(command)
+        if command =~ /^\s*"(.*?)"/
+          # If we have quotes, do an exact match
+          $1
+        else
+          # Otherwise check everything up to the first space
+          unquoted_executable_path(command).strip
+        end
+      end
+
+      def inherit_environment
+        result = {}
+        ENV.each_pair do |k,v|
+          result[k] = v
+        end
+
+        environment.each_pair do |k,v|
+          if v == nil
+            result.delete(k)
+          else
+            result[k] = v
+          end
+        end
+        result
+      end
+
+      module Utils
+        # api: semi-private
+        # If there are special characters parsable by cmd.exe (such as file redirection), then
+        # this method should return true.
+        #
+        # This parser is based on
+        # https://github.com/ruby/ruby/blob/9073db5cb1d3173aff62be5b48d00f0fb2890991/win32/win32.c#L1437
+        def self.should_run_under_cmd?(command)
+          return true if command =~ /^@/
+
+          quote = nil
+          env = false
+          env_first_char = false
+
+          command.dup.each_char do |c|
+            case c
+            when "'", '"'
+              if (!quote)
+                quote = c
+              elsif quote == c
+                quote = nil
+              end
+              next
+            when '>', '<', '|', '&', "\n"
+              return true unless quote
+            when '%'
+              return true if env
+              env = env_first_char = true
+              next
+            else
+              next unless env
+              if env_first_char
+                env_first_char = false
+                env = false and next if c !~ /[A-Za-z_]/
+              end
+              env = false if c !~ /[A-Za-z1-9_]/
+            end
+          end
+          return false
+        end
+
+        def self.pathext
+          @pathext ||= ENV['PATHEXT'] ? ENV['PATHEXT'].split(';') + [''] : ['']
+        end
+
+        # which() mimicks the Unix which command
+        # FIXME: it is not working
+        def self.which(cmd)
+          ENV['PATH'].split(File::PATH_SEPARATOR).each do |path|
+            exe = find_executable("#{path}/#{cmd}")
+            return exe if exe
+          end
+          return nil
+        end
+
+        # Windows has a different notion of what "executable" means
+        # The OS will search through valid the extensions and look
+        # for a binary there.
+        def self.find_executable(path)
+          return path if File.executable? path
+
+          pathext.each do |ext|
+            exe = "#{path}#{ext}"
+            return exe if File.executable? exe
+          end
+          return nil
+        end
+      end
+    end # class
+  end
+end