nub 0.0.134 → 0.0.136
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/nub/user.rb +44 -21
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bc637d2de51ea4c4473d8659baae4e93f479e210825735eac4810ac504a802a6
|
|
4
|
+
data.tar.gz: 244953131f4c7bf9e89f9f6f5320d18691f1fb6db134c40de79388cb1a86800e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f6f526accb8fdfad3a18c5ac1b1f4a709f468d620560fcfa2ac545f2057fc4b93ad1c8b88f406f85381846b4cba1ae91f48092945d4054cbac0fb044c2842c41
|
|
7
|
+
data.tar.gz: 6d64c6c44ff233cc4dd781837eef8bad11ce2944804ee27623c914778d2d851630d82fa22231064182a065b2fc6bab39dc9b39a4d85eb49226f6233d1896ad6d
|
data/README.md
CHANGED
|
@@ -3,7 +3,7 @@ Collection of ruby utils I've used in several of my projects and wanted re-usabl
|
|
|
3
3
|
|
|
4
4
|
[](https://travis-ci.org/phR0ze/ruby-nub?branch=master)
|
|
5
5
|
[](https://badge.fury.io/rb/nub)
|
|
6
|
-
[](https://coveralls.io/github/phR0ze/ruby-nub?branch=master)
|
|
6
|
+
[](https://coveralls.io/github/phR0ze/ruby-nub?branch=master&service=github)
|
|
7
7
|
[](https://opensource.org/licenses/MIT)
|
|
8
8
|
|
|
9
9
|
### Table of Contents
|
data/lib/nub/user.rb
CHANGED
|
@@ -26,43 +26,66 @@ require 'etc'
|
|
|
26
26
|
module User
|
|
27
27
|
extend self
|
|
28
28
|
|
|
29
|
+
# Check if the current user has root privileges
|
|
30
|
+
def root?
|
|
31
|
+
return Process.uid.zero?
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
# Get the real user taking into account sudo priviledges
|
|
35
|
+
def name
|
|
36
|
+
return Process.uid.zero? ? Etc.getpwuid(ENV['SUDO_UID'].to_i).name : ENV['USER']
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
# Correctly and permanently drops privileges
|
|
40
|
+
# http://timetobleed.com/5-things-you-dont-know-about-user-ids-that-will-destroy-you/
|
|
41
|
+
# requires you drop the group before the user and use a safe solution
|
|
42
|
+
def drop_privileges!
|
|
43
|
+
if Process.uid.zero?
|
|
44
|
+
nobody = Etc.getpwnam('nobody')
|
|
45
|
+
Process::Sys.setresgid(nobody.gid, nobody.gid, nobody.gid)
|
|
46
|
+
Process::Sys.setresuid(nobody.uid, nobody.uid, nobody.uid)
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
|
|
29
50
|
# Drop root privileges to original user
|
|
30
|
-
#
|
|
31
|
-
# @returns [uid, gid]
|
|
32
|
-
def drop_privileges
|
|
51
|
+
# @param [Proc] optional block to execut in context of user
|
|
52
|
+
# @returns [uid, gid] or result
|
|
53
|
+
def drop_privileges
|
|
54
|
+
result = nil
|
|
33
55
|
uid = gid = nil
|
|
34
56
|
|
|
57
|
+
# Drop privileges
|
|
35
58
|
if Process.uid.zero?
|
|
36
59
|
uid, gid = Process.uid, Process.gid
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
Process::
|
|
60
|
+
user_uid = ENV['SUDO_UID'].to_i
|
|
61
|
+
user_gid = ENV['SUDO_GID'].to_i
|
|
62
|
+
Process::GID.grant_privilege(user_gid)
|
|
63
|
+
Process::UID.grant_privilege(user_uid)
|
|
40
64
|
end
|
|
41
65
|
|
|
42
|
-
|
|
66
|
+
# Execute block if given
|
|
67
|
+
begin
|
|
68
|
+
result = Proc.new.call
|
|
69
|
+
self.raise_privileges(uid, gid)
|
|
70
|
+
rescue ArgumentError
|
|
71
|
+
# No block given just return ids
|
|
72
|
+
result = [uid, gid]
|
|
73
|
+
rescue
|
|
74
|
+
self.raise_privileges(uid, gid)
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
return result
|
|
43
78
|
end
|
|
44
79
|
|
|
45
80
|
# Raise privileges if dropped earlier
|
|
46
|
-
# Only affects ruby commands not system commands
|
|
47
81
|
# @param uid [String] uid of user to assume
|
|
48
82
|
# @param gid [String] gid of user to assume
|
|
49
83
|
def raise_privileges(uid, gid)
|
|
50
84
|
if uid and gid
|
|
51
|
-
Process::
|
|
52
|
-
Process::
|
|
85
|
+
Process::UID.grant_privilege(uid)
|
|
86
|
+
Process::GID.grant_privilege(gid)
|
|
53
87
|
end
|
|
54
88
|
end
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
# Check if the current user has root privileges
|
|
58
|
-
def root?
|
|
59
|
-
return Process.uid.zero?
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
# Get the current user taking into account sudo priviledges
|
|
63
|
-
def name
|
|
64
|
-
return Process.uid.zero? ? Etc.getpwuid(ENV['SUDO_UID'].to_i).name : ENV['USER']
|
|
65
|
-
end
|
|
66
89
|
end
|
|
67
90
|
|
|
68
91
|
# vim: ft=ruby:ts=2:sw=2:sts=2
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nub
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.136
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Patrick Crummett
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-08-
|
|
11
|
+
date: 2018-08-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: colorize
|