rails_pwnerer 0.6.7 → 0.6.8

Sign up to get free protection for your applications and to get access to all the features.
data/CHANGELOG CHANGED
@@ -1,3 +1,5 @@
1
+ v0.6.8. Added command for re-keying an app (changing the db user's password).
2
+
1
3
  v0.6.7. Tighter permissions around the configuration database files.
2
4
 
3
5
  v0.6.6. Bugfix in configuration update system: wasn't retaining database settings.
data/README CHANGED
@@ -75,6 +75,9 @@ rpwn db_console your_application
75
75
  * Configure DynDns for your application server
76
76
  sudo rpwn scaffold ddns full_host_name ddns_user ddns_password
77
77
 
78
+ * Change the database password
79
+ sudp rpwn rekey your_application
80
+
78
81
  * Bring down all the applications (panic mode):
79
82
  sudo rpwn go down
80
83
 
@@ -3,6 +3,10 @@ require 'yaml'
3
3
 
4
4
  class RailsPwnage::App::Config
5
5
  include RailsPwnage::Base
6
+
7
+ def random_db_password
8
+ (0...16).map { |i| "abcdefghijklmnopqrstuvwxyz"[rand(26),1]}.join
9
+ end
6
10
 
7
11
  # fills inexsitent keys with their default values
8
12
  # setup: this effectively creates the baseline configuration db
@@ -24,7 +28,7 @@ class RailsPwnage::App::Config
24
28
  # the datbase user for the given application
25
29
  app_db[:db_user] ||= (app_name + '_' + instance_name)[0...16] # mySQL doesn't like long user names
26
30
  # the password of the database user for the given application
27
- app_db[:db_pass] ||= (0...16).map { |i| "abcdefghijklmnopqrstuvwxyz"[rand(26),1]}.join
31
+ app_db[:db_pass] ||= random_db_password
28
32
  # a DNS name for server-based filtering (multiple apps on the same box)
29
33
  app_db[:dns_name] ||= ''
30
34
  # the environment to run the application in
@@ -57,6 +61,8 @@ class RailsPwnage::App::Config
57
61
 
58
62
  db_name, db_user, db_pass = app_config[:db_name], app_config[:db_user], app_config[:db_pass]
59
63
  app_config.clear
64
+ # TODO: don't restore the password, to force new password generation on the update
65
+ # this is useful so processes that were spawned before the update can't corrupt the db
60
66
  app_config[:db_name], app_config[:db_user], app_config[:db_pass] = db_name, db_user, db_pass
61
67
 
62
68
  populate_defaults app_name, instance_name, app_config
@@ -71,9 +77,21 @@ class RailsPwnage::App::Config
71
77
  end
72
78
 
73
79
  # TODO: if database settings changed, the database should be moved (re-created or re-keyed)
80
+ if db_pass != app_config[:db_pass]
81
+ db_pass = random_db_password if !db_pass || db_pass.empty?
82
+ RailsPwnage::Databaase.new.manage app_name, instance_name, :rekey
83
+ end
74
84
 
75
85
  RailsPwnage::Config.flush_db RailsPwnage::Config.app_db_name(app_name, instance_name)
76
86
  end
87
+
88
+ def manage(app_name, instance_name, action)
89
+ case action
90
+ when :rekey
91
+ app_config = RailsPwnage::Config[app_name, instance_name]
92
+ app_config[:db_pass] = random_db_password
93
+ end
94
+ end
77
95
 
78
96
  def setup(app_name, instance_name)
79
97
  update app_name, instance_name
@@ -21,6 +21,11 @@ class RailsPwnage::App::Database
21
21
  CREATE DATABASE #{db_name};
22
22
  GRANT ALL ON #{db_name}.* TO '#{db_user}'@'localhost' IDENTIFIED BY '#{db_pass}' WITH GRANT OPTION;
23
23
  ENDSQL
24
+ when :rekey
25
+ sql_commands = <<ENDSQL
26
+ GRANT ALL ON #{db_name}.* TO '#{db_user}'@'localhost' IDENTIFIED BY '#{db_pass}' WITH GRANT OPTION;
27
+ ENDSQL
28
+
24
29
  when :drop
25
30
  sql_commands = <<ENDSQL
26
31
  DROP DATABASE #{db_name};
@@ -146,6 +151,9 @@ ENDSQL
146
151
  load_database app_name, instance_name
147
152
  configure_rails app_name, instance_name
148
153
  migrate_database app_name, instance_name
154
+ when :rekey
155
+ admin_database app_name, instance_name, :rekey
156
+ configure_rails app_name, instance_name
149
157
  end
150
158
  end
151
159
 
@@ -85,6 +85,12 @@ module RailsPwnage::App
85
85
  mod.new.manage app, instance, action
86
86
  end
87
87
  end
88
+ when :rekey
89
+ self.update_app app, instance do
90
+ [Config, Database].each do |mod|
91
+ mod.new.manage app, instance, action
92
+ end
93
+ end
88
94
  when :console
89
95
  Svn.new.manage app, instance, action
90
96
  when :db_console
@@ -89,6 +89,10 @@ class RailsPwnage::Executor
89
89
  app_name = args[1]
90
90
  instance_name = args[2] || '.'
91
91
  RailsPwnage::App.manage app_name, instance_name, :db_console
92
+ when 'rekey'
93
+ app_name = args[1]
94
+ instance_name = args[2] || '.'
95
+ RailsPwnage::App.manage app_name, instance_name, :rekey
92
96
 
93
97
  when 'showconfig', 'configshow', 'show_config', 'config_show', 'showconf'
94
98
  if args.length < 2
@@ -1,11 +1,11 @@
1
1
 
2
- # Gem::Specification for Rails_pwnerer-0.6.7
2
+ # Gem::Specification for Rails_pwnerer-0.6.8
3
3
  # Originally generated by Echoe
4
4
 
5
5
  --- !ruby/object:Gem::Specification
6
6
  name: rails_pwnerer
7
7
  version: !ruby/object:Gem::Version
8
- version: 0.6.7
8
+ version: 0.6.8
9
9
  platform: ruby
10
10
  authors:
11
11
  - Victor Costan
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_pwnerer
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.7
4
+ version: 0.6.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Victor Costan