remotus 0.2.2 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 46da915bc63af444b4bed497e154bec84c780f20bb92be17618f22444fd26889
-  data.tar.gz: 43f29167c6c4a9c264208f8c2454278b884edb78ea596cb00d1439db05a846ea
+  metadata.gz: 34953ce4b1c254e31a40b7b3ff3795124fe98b712722862a35813cceba686759
+  data.tar.gz: 3d342087b707b3078cedf38038b3ba21c1a1db6ed7c7d189f5912d9cd5adf4e7
 SHA512:
-  metadata.gz: e4421747e84af73d3c2648430ccb4717b9ecb01eef6044560a1d28e101f1f2082d357c4d1827c7921aace92b513123c4097419a587d31425d62d3ccbbf0e6d2f
-  data.tar.gz: 40dffbc5f8fa8db04fd9a803d73d3396ce31084da733b653c6636de73eb5e03c644f130b1f51baa6672f94955fb2a5b29fcd6def0b5ec3c8cb59afbc5319453c
+  metadata.gz: c884fbb30a585899e840ab9e3dddd3b3d6ac052d4b10745bc9c582f9e67ca445aa9ef98af7ac8cbba551cc6594f23a9583d3f54cfba6202f3b8595804bd60641
+  data.tar.gz: 166f8cb4e3e633a79f1f28ddba9a3ff8793cc2927873bdd349e035870273c81ad6a9688f37d2f871413f43451604f64a06631e0813f8e111f7d36c701a168b05

data/.rubocop.yml

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.4
+  TargetRubyVersion: 2.5
   NewCops: enable
 
 Style/StringLiterals:
@@ -42,3 +42,6 @@ Metrics/PerceivedComplexity:
 
 Metrics/ParameterLists:
   Max: 6
+
+Gemspec/RequireMFA:
+  Enabled: false

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 ## [Unreleased]
 
+## [0.4.0] - 2022-06-02
+* Added winrm-elevated gem to solve wirnrm AuthenticationError
+
+## [0.3.0] - 2022-02-18
+* Add retries to SSH SCP transactions
+
+## [0.2.3] - 2021-05-01
+* Resolve rexml vulnerability CVE-2021-28965
+
 ## [0.2.2] - 2021-03-23
 * Ensure both user and password are populated before using a cached credential
 

data/Gemfile.lock

@@ -1,11 +1,12 @@
 PATH
   remote: .
   specs:
-    remotus (0.2.2)
+    remotus (0.4.0)
       connection_pool (~> 2.2)
       net-scp (~> 3.0)
       net-ssh (~> 6.1)
       winrm (~> 2.3)
+      winrm-elevated (~> 1.2)
       winrm-fs (~> 1.3)
 
 GEM
@@ -13,17 +14,18 @@ GEM
   specs:
     ast (2.4.2)
     builder (3.2.4)
-    connection_pool (2.2.3)
-    diff-lcs (1.4.4)
+    connection_pool (2.2.5)
+    diff-lcs (1.5.0)
     erubi (1.10.0)
-    ffi (1.15.0)
+    ffi (1.15.5)
     gssapi (1.3.1)
       ffi (>= 1.0.1)
-    gyoku (1.3.1)
+    gyoku (1.4.0)
       builder (>= 2.1.2)
+      rexml (~> 3.0)
     httpclient (2.8.3)
     little-plugger (1.1.4)
-    logging (2.3.0)
+    logging (2.3.1)
       little-plugger (~> 1.1)
       multi_json (~> 1.14)
     multi_json (1.15.0)
@@ -31,46 +33,46 @@ GEM
       net-ssh (>= 2.6.5, < 7.0.0)
     net-ssh (6.1.0)
     nori (2.6.0)
-    parallel (1.20.1)
-    parser (3.0.0.0)
+    parallel (1.21.0)
+    parser (3.1.0.0)
       ast (~> 2.4.1)
-    rainbow (3.0.0)
-    rake (13.0.3)
-    regexp_parser (2.1.1)
-    rexml (3.2.4)
-    rspec (3.10.0)
-      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.10.0)
-    rspec-core (3.10.1)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.1)
+    rainbow (3.1.1)
+    rake (13.0.6)
+    regexp_parser (2.2.1)
+    rexml (3.2.5)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.2)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-support (3.10.2)
-    rubocop (1.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
+    rubocop (1.25.1)
       parallel (~> 1.10)
-      parser (>= 3.0.0.0)
+      parser (>= 3.1.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml
-      rubocop-ast (>= 1.2.0, < 2.0)
+      rubocop-ast (>= 1.15.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.4.1)
-      parser (>= 2.7.1.5)
-    rubocop-rake (0.5.1)
-      rubocop
-    rubocop-rspec (2.2.0)
+    rubocop-ast (1.15.2)
+      parser (>= 3.0.1.1)
+    rubocop-rake (0.6.0)
       rubocop (~> 1.0)
-      rubocop-ast (>= 1.1.0)
+    rubocop-rspec (2.8.0)
+      rubocop (~> 1.19)
     ruby-progressbar (1.11.0)
     rubyntlm (0.6.3)
-    rubyzip (2.3.0)
-    unicode-display_width (2.0.0)
+    rubyzip (2.3.2)
+    unicode-display_width (2.1.0)
+    webrick (1.7.0)
     winrm (2.3.6)
       builder (>= 2.1.2)
       erubi (~> 1.8)
@@ -80,12 +82,17 @@ GEM
       logging (>= 1.6.1, < 3.0)
       nori (~> 2.0)
       rubyntlm (~> 0.6.0, >= 0.6.3)
+    winrm-elevated (1.2.3)
+      erubi (~> 1.8)
+      winrm (~> 2.0)
+      winrm-fs (~> 1.0)
     winrm-fs (1.3.5)
       erubi (~> 1.8)
       logging (>= 1.6.1, < 3.0)
       rubyzip (~> 2.0)
       winrm (~> 2.0)
-    yard (0.9.26)
+    yard (0.9.27)
+      webrick (~> 1.7.0)
 
 PLATFORMS
   ruby
@@ -101,4 +108,4 @@ DEPENDENCIES
   yard (~> 0.9)
 
 BUNDLED WITH
-   2.2.14
+   2.2.22

data/README.md

@@ -54,6 +54,9 @@ result.exit_code
 # Run a command on the remote host with sudo (Linux only, requires password to be specified)
 result = connection.run("ls /root", sudo: true)
 
+# Run a command on the remote host with elevated shell privilege
+result = connection.run("ipconfig", shell: :elevated)
+
 # Run a script on the remote host
 connection.run_script("/local/script.sh", "/remote/path/script.sh")
 
@@ -87,7 +90,7 @@ require "remotus"
 
 class SimpleStore < Remotus::Auth::Store
   def credential(connection, **options)
-    "#{connection.host}_password"
+    Remotus::Auth::Credential.new('user', "#{connection.host}_password")
   end
 end
 

data/lib/remotus/core_ext/elevated.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require "winrm-elevated"
+
+module Remotus
+  # Core Ruby extensions
+  module CoreExt
+    # WinRM Elevated extension module
+    module Elevated
+      unless method_defined?(:connection_opts)
+        #
+        # Returns a hash for the connection options from the interal
+        # WinRM::Shells::Powershell object
+        #
+        # @return [Hash] internal WinRM::Shells::Powershell connection options
+        #
+        def connection_opts
+          @shell.connection_opts
+        end
+      end
+    end
+  end
+end
+
+# @api private
+# Main WinRM module
+module WinRM
+  # Shells module (contains PowerShell, Elevated, etc.)
+  module Shells
+    # Elevated PowerShell class from winrm-elevated
+    class Elevated
+      include Remotus::CoreExt::Elevated
+    end
+  end
+end

data/lib/remotus/core_ext/string.rb

@@ -24,4 +24,8 @@ module Remotus
   end
 end
 
-String.include(Remotus::CoreExt::String)
+# @api private
+# Core ruby string class
+class String
+  include Remotus::CoreExt::String
+end

data/lib/remotus/result.rb

@@ -66,7 +66,7 @@ module Remotus
       return unless error?(accepted_exit_codes)
 
       raise Remotus::ResultError, "Error encountered executing #{@command}! Exit code #{@exit_code} was returned "\
-        "while a value in #{accepted_exit_codes} was expected.\n#{output}"
+                                  "while a value in #{accepted_exit_codes} was expected.\n#{output}"
     end
 
     #

data/lib/remotus/ssh_connection.rb

@@ -113,7 +113,7 @@ module Remotus
     # @param [Hash] options command options
     # @option options [Boolean] :sudo whether to run the command with sudo (defaults to false)
     # @option options [Boolean] :pty  whether to allocate a terminal (defaults to false)
-    # @option options [Integer] :retries number of times to retry a closed connection (defaults to 1)
+    # @option options [Integer] :retries number of times to retry a closed connection (defaults to 2)
     # @option options [String] :input stdin input to provide to the command
     # @option options [Array<Integer>] :accepted_exit_codes array of acceptable exit codes (defaults to [0])
     #                                                       only used if :on_error or :on_success are set
@@ -141,121 +141,88 @@ module Remotus
       # Refer to the command by object_id throughout the log to avoid logging sensitive data
       Remotus.logger.debug { "Preparing to run command #{command.object_id} on #{@host}" }
 
-      # Handle sudo
-      if options[:sudo]
-        Remotus.logger.debug { "Sudo is enabled for command #{command.object_id}" }
-        ssh_command = "sudo -p '' -S sh -c '#{command.gsub("'", "'\"'\"'")}'"
-        input = "#{Remotus::Auth.credential(self).password}\n#{input}"
-
-        # If password was nil, raise an exception
-        raise Remotus::MissingSudoPassword, "#{host} credential does not have a password specified" if input.start_with?("\n")
-      end
+      with_retries(command, retries) do
+        # Handle sudo
+        if options[:sudo]
+          Remotus.logger.debug { "Sudo is enabled for command #{command.object_id}" }
+          ssh_command = "sudo -p '' -S sh -c '#{command.gsub("'", "'\"'\"'")}'"
+          input = "#{Remotus::Auth.credential(self).password}\n#{input}"
 
-      # Allocate a terminal if specified
-      pty = options[:pty] || false
-      skip_first_output = pty && options[:sudo]
-
-      # Open an SSH channel to the host
-      channel_handle = connection.open_channel do |channel|
-        # Execute the command
-        if pty
-          Remotus.logger.debug { "Requesting pty for command #{command.object_id}" }
-          channel.request_pty do |ch, success|
-            raise Remotus::PtyError, "could not obtain pty" unless success
+          # If password was nil, raise an exception
+          raise Remotus::MissingSudoPassword, "#{host} credential does not have a password specified" if input.start_with?("\n")
+        end
 
-            ch.exec(ssh_command)
+        # Allocate a terminal if specified
+        pty = options[:pty] || false
+        skip_first_output = pty && options[:sudo]
+
+        # Open an SSH channel to the host
+        channel_handle = connection.open_channel do |channel|
+          # Execute the command
+          if pty
+            Remotus.logger.debug { "Requesting pty for command #{command.object_id}" }
+            channel.request_pty do |ch, success|
+              raise Remotus::PtyError, "could not obtain pty" unless success
+
+              ch.exec(ssh_command)
+            end
+          else
+            Remotus.logger.debug { "Executing command #{command.object_id}" }
+            channel.exec(ssh_command)
           end
-        else
-          Remotus.logger.debug { "Executing command #{command.object_id}" }
-          channel.exec(ssh_command)
-        end
 
-        # Provide input
-        unless input.empty?
-          Remotus.logger.debug { "Sending input for command #{command.object_id}" }
-          channel.send_data input
-          channel.eof!
-        end
+          # Provide input
+          unless input.empty?
+            Remotus.logger.debug { "Sending input for command #{command.object_id}" }
+            channel.send_data input
+            channel.eof!
+          end
 
-        # Process stdout
-        channel.on_data do |ch, data|
-          # Skip the first iteration if sudo and pty is enabled to avoid outputting the sudo password
-          if skip_first_output
-            skip_first_output = false
-            next
+          # Process stdout
+          channel.on_data do |ch, data|
+            # Skip the first iteration if sudo and pty is enabled to avoid outputting the sudo password
+            if skip_first_output
+              skip_first_output = false
+              next
+            end
+            stdout << data
+            output << data
+            options[:on_stdout].call(ch, data) if options[:on_stdout].respond_to?(:call)
+            options[:on_output].call(ch, data) if options[:on_output].respond_to?(:call)
           end
-          stdout << data
-          output << data
-          options[:on_stdout].call(ch, data) if options[:on_stdout].respond_to?(:call)
-          options[:on_output].call(ch, data) if options[:on_output].respond_to?(:call)
-        end
 
-        # Process stderr
-        channel.on_extended_data do |ch, _, data|
-          stderr << data
-          output << data
-          options[:on_stderr].call(ch, data) if options[:on_stderr].respond_to?(:call)
-          options[:on_output].call(ch, data) if options[:on_output].respond_to?(:call)
-        end
+          # Process stderr
+          channel.on_extended_data do |ch, _, data|
+            stderr << data
+            output << data
+            options[:on_stderr].call(ch, data) if options[:on_stderr].respond_to?(:call)
+            options[:on_output].call(ch, data) if options[:on_output].respond_to?(:call)
+          end
 
-        # Process exit status/code
-        channel.on_request("exit-status") do |_, data|
-          exit_code = data.read_long
+          # Process exit status/code
+          channel.on_request("exit-status") do |_, data|
+            exit_code = data.read_long
+          end
         end
-      end
-
-      # Block until the command has completed execution
-      channel_handle.wait
-
-      Remotus.logger.debug { "Generating result for command #{command.object_id}" }
-      result = Remotus::Result.new(command, stdout, stderr, output, exit_code)
 
-      # If we are using sudo and experience an authentication failure, raise an exception
-      if options[:sudo] && result.error? && !result.stderr.empty? && result.stderr.match?(/^sudo: \d+ incorrect password attempts?$/)
-        raise Remotus::AuthenticationError, "Could not authenticate to sudo as #{Remotus::Auth.credential(self).user}"
-      end
+        # Block until the command has completed execution
+        channel_handle.wait
 
-      # Perform success, error, and completion callbacks
-      options[:on_success].call(result) if options[:on_success].respond_to?(:call) && result.success?(accepted_exit_codes)
-      options[:on_error].call(result) if options[:on_error].respond_to?(:call) && result.error?(accepted_exit_codes)
-      options[:on_complete].call(result) if options[:on_complete].respond_to?(:call)
+        Remotus.logger.debug { "Generating result for command #{command.object_id}" }
+        result = Remotus::Result.new(command, stdout, stderr, output, exit_code)
 
-      result
-    rescue Remotus::AuthenticationError => e
-      # Re-raise exception if the retry count is exceeded
-      Remotus.logger.debug do
-        "Sudo authentication failed for command #{command.object_id}, retrying with #{retries} attempt#{retries.abs == 1 ? "" : "s"} remaining..."
-      end
-      retries -= 1
-      raise if retries.negative?
-
-      # Remove user password to force credential store update on next retry
-      Remotus.logger.debug { "Removing current credential for #{@host} to force credential retrieval." }
-      Remotus::Auth.cache.delete(@host)
-
-      retry
-    rescue Net::SSH::AuthenticationFailed => e
-      # Attempt to update the user password and retry
-      Remotus.logger.debug do
-        "SSH authentication failed for command #{command.object_id}, retrying with #{retries} attempt#{retries.abs == 1 ? "" : "s"} remaining..."
-      end
-      retries -= 1
-      raise Remotus::AuthenticationError, e.to_s if retries.negative?
+        # If we are using sudo and experience an authentication failure, raise an exception
+        if options[:sudo] && result.error? && !result.stderr.empty? && result.stderr.match?(/^sudo: \d+ incorrect password attempts?$/)
+          raise Remotus::AuthenticationError, "Could not authenticate to sudo as #{Remotus::Auth.credential(self).user}"
+        end
 
-      # Remove user password to force credential store update on next retry
-      Remotus.logger.debug { "Removing current credential for #{@host} to force credential retrieval." }
-      Remotus::Auth.cache.delete(@host)
+        # Perform success, error, and completion callbacks
+        options[:on_success].call(result) if options[:on_success].respond_to?(:call) && result.success?(accepted_exit_codes)
+        options[:on_error].call(result) if options[:on_error].respond_to?(:call) && result.error?(accepted_exit_codes)
+        options[:on_complete].call(result) if options[:on_complete].respond_to?(:call)
 
-      retry
-    rescue IOError => e
-      # Re-raise exception if it is not a closed stream error or if the retry count is exceeded
-      Remotus.logger.debug do
-        "IOError (#{e}) encountered for command #{command.object_id}, retrying with #{retries} attempt#{retries.abs == 1 ? "" : "s"} remaining..."
+        result
       end
-      retries -= 1
-      raise if e.to_s != "closed stream" || retries.negative?
-
-      retry
     end
 
     #
@@ -267,7 +234,7 @@ module Remotus
     # @param [Hash] options command options
     # @option options [Boolean] :sudo whether to run the script with sudo (defaults to false)
     # @option options [Boolean] :pty  whether to allocate a terminal (defaults to false)
-    # @option options [Integer] :retries number of times to retry a closed connection (defaults to 1)
+    # @option options [Integer] :retries number of times to retry a closed connection (defaults to 2)
     # @option options [String] :input stdin input to provide to the command
     # @option options [Array<Integer>] :accepted_exit_codes array of acceptable exit codes (defaults to [0])
     #                                                       only used if :on_error or :on_success are set
@@ -297,6 +264,7 @@ module Remotus
     # @option options [String] :owner file owner ("oracle")
     # @option options [String] :group file group ("dba")
     # @option options [String] :mode file mode ("0640")
+    # @option options [Integer] :retries number of times to retry a closed connection (defaults to 2)
     #
     # @return [String] remote path
     #
@@ -307,7 +275,11 @@ module Remotus
         sudo_upload(local_path, remote_path, options)
       else
         permission_cmd = permission_cmds(remote_path, options[:owner], options[:group], options[:mode])
-        connection.scp.upload!(local_path, remote_path, options)
+
+        with_retries("Upload #{local_path} to #{remote_path}", options[:retries] || DEFAULT_RETRIES) do
+          connection.scp.upload!(local_path, remote_path, options)
+        end
+
         run(permission_cmd).error! unless permission_cmd.empty?
       end
 
@@ -322,6 +294,7 @@ module Remotus
     #                            if local_path is nil, the file's content will be returned
     # @param [Hash] options download options
     # @option options [Boolean] :sudo whether to run the download with sudo (defaults to false)
+    # @option options [Integer] :retries number of times to retry a closed connection (defaults to 2)
     #
     # @return [String] local path or file content (if local_path is nil)
     #
@@ -343,7 +316,12 @@ module Remotus
       end
 
       Remotus.logger.debug { "Downloading file from #{@host}:#{remote_path}" }
-      result = connection.scp.download!(remote_path, local_path, options)
+
+      result = nil
+
+      with_retries("Download #{remote_path} to #{local_path}", options[:retries] || DEFAULT_RETRIES) do
+        result = connection.scp.download!(remote_path, local_path, options)
+      end
 
       # Return the file content if that is desired
       local_path.nil? ? result : local_path
@@ -372,6 +350,39 @@ module Remotus
 
     private
 
+    #
+    # Wraps one or many SSH commands to provide exception handling and retry support
+    # to a given block
+    #
+    # @param [String] command command to be run or command description
+    # @param [Integer] retries number of retries
+    #
+    def with_retries(command, retries)
+      yield if block_given?
+    rescue Remotus::AuthenticationError, Net::SSH::AuthenticationFailed => e
+      # Re-raise exception if the retry count is exceeded
+      Remotus.logger.debug do
+        "Sudo authentication failed for command #{command.object_id}, retrying with #{retries} attempt#{retries.abs == 1 ? "" : "s"} remaining..."
+      end
+      retries -= 1
+      raise Remotus::AuthenticationError, e.to_s if retries.negative?
+
+      # Remove user password to force credential store update on next retry
+      Remotus.logger.debug { "Removing current credential for #{@host} to force credential retrieval." }
+      Remotus::Auth.cache.delete(@host)
+
+      retry
+    rescue IOError => e
+      # Re-raise exception if it is not a closed stream error or if the retry count is exceeded
+      Remotus.logger.debug do
+        "IOError (#{e}) encountered for command #{command.object_id}, retrying with #{retries} attempt#{retries.abs == 1 ? "" : "s"} remaining..."
+      end
+      retries -= 1
+      raise if e.to_s != "closed stream" || retries.negative?
+
+      retry
+    end
+
     #
     # Whether to restart the current SSH connection
     #
@@ -413,13 +424,17 @@ module Remotus
     # @option options [String] :owner file owner ("oracle")
     # @option options [String] :group file group ("dba")
     # @option options [String] :mode file mode ("0640")
+    # @option options [Integer] :retries number of times to retry a closed connection (defaults to 2)
     #
     def sudo_upload(local_path, remote_path, options = {})
       # Must first upload the file to an accessible directory for the login user
       user_remote_path = sudo_remote_file_path(remote_path)
       Remotus.logger.debug { "Sudo enabled, uploading file to #{user_remote_path}" }
       permission_cmd = permission_cmds(user_remote_path, options[:owner], options[:group], options[:mode])
-      connection.scp.upload!(local_path, user_remote_path, options)
+
+      with_retries("Upload #{local_path} to #{user_remote_path}", options[:retries] || DEFAULT_RETRIES) do
+        connection.scp.upload!(local_path, user_remote_path, options)
+      end
 
       # Set permissions and move the file to the correct destination
       move_cmd = "/bin/mv -f '#{user_remote_path}' '#{remote_path}'"

data/lib/remotus/version.rb

@@ -2,5 +2,5 @@
 
 module Remotus
   # Remotus gem version
-  VERSION = "0.2.2"
+  VERSION = "0.4.0"
 end

data/lib/remotus/winrm_connection.rb

@@ -4,7 +4,9 @@ require "forwardable"
 require "remotus"
 require "remotus/result"
 require "remotus/auth"
+require "remotus/core_ext/elevated"
 require "winrm"
+require "winrm-elevated"
 require "winrm-fs"
 
 module Remotus
@@ -21,6 +23,9 @@ module Remotus
     # @return [String] host hostname
     attr_reader :host
 
+    # @return [String] shell type
+    attr_reader :shell
+
     # @return [Remotus::HostPool] host_pool associated host pool
     attr_reader :host_pool
 
@@ -38,6 +43,7 @@ module Remotus
       @host = host
       @port = port
       @host_pool = host_pool
+      @shell = :powershell
     end
 
     #
@@ -69,14 +75,17 @@ module Remotus
 
     #
     # Retrieves/creates the WinRM shell connection for the host
+    #
+    # @param [symbol] shell connection shell type, defaults to :powershell
     # If the connection already exists, the existing connection will be retrieved
     #
-    # @return [WinRM::Shells::Powershell] remote connection
+    # @return [WinRM::Shells::Powershell, WinRM::Shells::Elevated] remote connection
     #
-    def connection
-      return @connection unless restart_connection?
+    def connection(shell = :powershell)
+      return @connection unless restart_connection?(shell: shell)
 
-      @connection = base_connection(reload: true).shell(:powershell)
+      @shell = shell
+      @connection = base_connection(reload: true).shell(@shell)
     end
 
     #
@@ -93,13 +102,14 @@ module Remotus
     #
     # @param [String] command command to run
     # @param [Array] args command arguments
-    # @param [Hash] _options unused command options
+    # @param [Hash] options command options
+    # @option options [Symbol] :shell shell type to use for the connection
     #
     # @return [Remotus::Result] result describing the stdout, stderr, and exit status of the command
     #
-    def run(command, *args, **_options)
+    def run(command, *args, **options)
       command = "#{command}#{args.empty? ? "" : " "}#{args.join(" ")}"
-      run_result = connection.run(command)
+      run_result = options[:shell].nil? ? connection.run(command) : connection(options[:shell]).run(command)
       Remotus::Result.new(command, run_result.stdout, run_result.stderr, run_result.output, run_result.exitcode)
     rescue WinRM::WinRMAuthorizationError => e
       raise Remotus::AuthenticationError, e.to_s
@@ -171,7 +181,7 @@ module Remotus
     # @return [Boolean] whether to restart the current base connection
     #
     def restart_base_connection?
-      return restart_connection? if @connection
+      return restart_connection?(shell: @shell) if @connection
       return true unless @base_connection
       return true if @host != @base_connection.instance_values["connection_opts"][:endpoint].scan(%r{//(.*):}).flatten.first
       return true if Remotus::Auth.credential(self).user != @base_connection.instance_values["connection_opts"][:user]
@@ -183,10 +193,14 @@ module Remotus
     #
     # Whether to restart the current WinRM connection
     #
+    # @param [Hash] options restart connection options
+    # @option options [Symbol] :shell shell type to use for the connection
+    #
     # @return [Boolean] whether to restart the current connection
     #
-    def restart_connection?
+    def restart_connection?(**options)
       return true unless @connection
+      return true if shell && !options[:shell].casecmp?(@shell)
       return true if @host != @connection.connection_opts[:endpoint].scan(%r{//(.*):}).flatten.first
       return true if Remotus::Auth.credential(self).user != @connection.connection_opts[:user]
       return true if Remotus::Auth.credential(self).password != @connection.connection_opts[:password]

data/remotus.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.description   = "Ruby gem for connecting to remote systems seamlessly via WinRM or SSH."
   spec.homepage      = "https://github.com/wheatevo/remotus"
   spec.license       = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.4.0")
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
 
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/wheatevo/remotus"
@@ -33,6 +33,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "net-scp", "~> 3.0"
   spec.add_dependency "net-ssh", "~> 6.1"
   spec.add_dependency "winrm", "~> 2.3"
+  spec.add_dependency "winrm-elevated", "~> 1.2"
   spec.add_dependency "winrm-fs", "~> 1.3"
 
   # Development dependencies

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: remotus
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.4.0
 platform: ruby
 authors:
 - Matthew Newell
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-03-23 00:00:00.000000000 Z
+date: 2022-06-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: connection_pool
@@ -66,6 +66,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: winrm-elevated
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: winrm-fs
   requirement: !ruby/object:Gem::Requirement
@@ -188,6 +202,7 @@ files:
 - lib/remotus/auth/credential.rb
 - lib/remotus/auth/hash_store.rb
 - lib/remotus/auth/store.rb
+- lib/remotus/core_ext/elevated.rb
 - lib/remotus/core_ext/string.rb
 - lib/remotus/host_pool.rb
 - lib/remotus/logger.rb
@@ -213,7 +228,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.4.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="