vines-agent 0.1.0

data/lib/vines/agent/shell.rb

@@ -0,0 +1,166 @@
+# encoding: UTF-8
+
+module Vines
+  module Agent
+
+    # Provides a shell session to execute commands as a particular user. All
+    # commands are forked and executed in a child process to isolate them from
+    # the agent process. Keeping the same session open between commands allows
+    # stateful commands like 'cd' to work properly.
+    class Shell
+      include Vines::Log
+
+      attr_writer :permissions
+
+      # Create a new shell session to asynchronously execute commands for this
+      # JID. The JID is validated in the permissions Hash before executing
+      # commands.
+      def initialize(jid, permissions)
+        @jid, @permissions = jid, permissions
+        @user, @commands = allowed_users.first, EM::Queue.new
+        spawn(@user)
+        process_command_queue
+      end
+
+      # Queue the shell command to run as soon as the currently executing tasks
+      # complete. Yields the shell output to the callback block.
+      def run(command, &callback)
+        if reset?(command)
+          callback.call(run_built_in(command))
+        else
+          @commands.push({command: command.strip, callback: callback})
+        end
+      end
+
+      private
+
+      # Schedule a queue pop on the EM thread to handle the next command.
+      # This guarantees in-order shell command processing while not blocking
+      # the EM loop, waiting for long running tasks to complete.
+      def process_command_queue
+        @commands.pop do |command|
+          op = proc do
+            if built_in?(command[:command])
+              run_built_in(command[:command])
+            else
+              run_in_slave(command[:command])
+            end
+          end
+          cb = proc do |output|
+            command[:callback].call(output)
+            process_command_queue
+          end
+          EM.defer(op, cb)
+        end
+      end
+
+      def run_in_slave(command)
+        log.info("Running #{command} as #{@user}")
+        out, err = @shell.execute(command)
+        output = [].tap do |arr|
+          arr << out if out && !out.empty?
+          arr << err if err && !err.empty?
+        end.join("\n")
+        output.empty? ? '-> command completed' : output
+      rescue
+        spawn(@user)
+        '-> restarted shell'
+      end
+
+      # Fork a child process in which to run a shell as this user. Return
+      # the slave and its remote shell proxy. The agent process must be run
+      # as root for the user switch to work.
+      def spawn(user)
+        log.info("Starting shell as #{user}")
+        @slave.shutdown(quiet: true) if @slave
+        Thread.new do # so em thread won't die on @slave.shutdown
+          slave = Slave.new(psname: "vines-session-#{user}") do
+            uid = Process.euid
+
+            # switch user so shell is run by non-root
+            passwd = Etc.getpwnam(user)
+            Process.egid = Process.gid = passwd.gid
+            Process.euid = Process.uid = passwd.uid
+
+            # fork shell as non-root user
+            ENV.clear
+            ENV['HOME'] = passwd.dir
+            ENV['USER'] = user
+            Dir.chdir(ENV['HOME'])
+
+            shell = Session::Bash::Login.new
+
+            # switch back so domain socket is owned by root
+            Process.euid = Process.uid = uid
+            shell
+          end
+          File.chmod(0700, slave.socket)
+          @slave, @shell = [slave, slave.object]
+        end.join
+      end
+
+      # The agent supports special, built-in "vines" commands beginning with
+      # 'v' that the agent executes itself, without invoking a shell.  For example,
+      # +v user root+ will change the user account that future shell commands
+      # execute as.
+      def built_in?(command)
+        command.strip.start_with?('v ')
+      end
+
+      # Run a built-in vines command without using a shell. Return output to
+      # be sent back to the user.
+      def run_built_in(command)
+        _, command, *args = command.strip.split(/\s+/)
+        case command
+          when 'user'  then user_command(args)
+          when 'reset' then reset_command(args)
+          else '-> not a vines command'
+        end
+      end
+
+      # Run the +v user+ built-in vines command to list or change the current
+      # unix account executing shell commands.
+      def user_command(args)
+        return "-> current: #{@user}\n   allowed: #{allowed_users.join(', ')}" if args.empty?
+        return "-> usage: v user [name]" if args.size > 1
+        return "-> user switch not allowed" unless allowed?(args.first)
+        @user = args.first
+        spawn(@user)
+        "-> switched user to #{@user}"
+      end
+
+      def reset?(command)
+        v, command, *args = command.strip.split(/\s+/)
+        v == 'v' && command == 'reset'
+      end
+
+      def reset_command(args)
+        return "-> usage: v reset" unless args.empty?
+        @commands = EM::Queue.new
+        spawn(@user)
+        process_command_queue
+        "-> reset shell"
+      end
+
+      # Return true if the current JID is allowed to run commands as the given
+      # user name on this system.
+      def allowed?(user)
+        jids = @permissions[user] || []
+        valid = jids.include?(@jid) && exists?(user)
+        log.warn("#{@jid} denied access to #{user}") unless valid
+        valid
+      end
+
+      def exists?(user)
+        Etc::getpwnam(user) rescue false
+      end
+
+      # Return the list of unix user accounts this user is allowed to access.
+      def allowed_users
+        @permissions.select do |unix, jids|
+          jids.include?(@jid) && exists?(unix)
+        end.keys.sort
+      end
+    end
+  end
+end

data/lib/vines/agent/version.rb

@@ -0,0 +1,7 @@
+# encoding: UTF-8
+
+module Vines
+  module Agent
+    VERSION = '0.1.0'
+  end
+end

data/test/config_test.rb

@@ -0,0 +1,115 @@
+# encoding: UTF-8
+
+require 'vines/agent'
+require 'minitest/autorun'
+
+class ConfigTest < MiniTest::Unit::TestCase
+
+  def teardown
+    %w[data downloads].each do |dir|
+      FileUtils.remove_dir(dir) if File.exist?(dir)
+    end
+  end
+
+  def test_missing_host_raises
+    assert_raises(RuntimeError) do
+      Vines::Agent::Config.new do
+        # missing domain
+      end
+    end
+  end
+
+  def test_multiple_domains_raises
+    assert_raises(RuntimeError) do
+      Vines::Agent::Config.new do
+        domain 'wonderland.lit' do
+          upstream 'localhost', 5222
+          password 'secr3t'
+        end
+        domain 'verona.lit' do
+          upstream 'localhost', 5222
+          password 'secr3t'
+        end
+      end
+    end
+  end
+
+  def test_configure
+    config = Vines::Agent::Config.configure do
+      domain 'wonderland.lit' do
+        upstream 'localhost', 5222
+        password 'secr3t'
+      end
+    end
+    refute_nil config
+    assert_same config, Vines::Agent::Config.instance
+  end
+
+  def test_default_download_directory
+    config = Vines::Agent::Config.configure do
+      domain 'wonderland.lit' do
+        password 'secr3t'
+      end
+    end
+    assert File.exist?('data')
+  end
+
+  def test_custom_download_directory
+    config = Vines::Agent::Config.configure do
+      domain 'wonderland.lit' do
+        password 'secr3t'
+        download 'downloads'
+      end
+    end
+    assert File.exist?('downloads')
+  end
+
+  def test_missing_password_raises
+    assert_raises(RuntimeError) do
+      Vines::Agent::Config.new do
+        domain 'wonderland.lit' do
+          upstream 'localhost', 5222
+        end
+      end
+    end
+    assert_raises(RuntimeError) do
+      Vines::Agent::Config.new do
+        domain 'wonderland.lit' do
+          upstream 'localhost', 5222
+          password nil
+        end
+      end
+    end
+    assert_raises(RuntimeError) do
+      Vines::Agent::Config.new do
+        domain 'wonderland.lit' do
+          upstream 'localhost', 5222
+          password ''
+        end
+      end
+    end
+  end
+
+  def test_invalid_log_level
+    assert_raises(RuntimeError) do
+      config = Vines::Agent::Config.new do
+        log 'bogus'
+        domain 'wonderland.lit' do
+          upstream 'localhost', 5222
+          password 'secr3t'
+        end
+      end
+    end
+  end
+
+  def test_valid_log_level
+    config = Vines::Agent::Config.new do
+      log :error
+      domain 'wonderland.lit' do
+        upstream 'localhost', 5222
+        password 'secr3t'
+      end
+    end
+    assert_equal Logger::ERROR, Class.new.extend(Vines::Log).log.level
+  end
+end

data/test/rake_test_loader.rb

@@ -0,0 +1,17 @@
+require 'rake'
+
+# Use the latest MiniTest gem instead of the buggy
+# version included with Ruby 1.9.2.
+gem 'minitest'
+
+# Load the test files from the command line.
+
+ARGV.each do |f|
+  next if f =~ /^-/
+
+  if f =~ /\*/
+    FileList[f].to_a.each { |fn| require File.expand_path(fn) }
+  else
+    require File.expand_path(f)
+  end
+end

metadata

@@ -0,0 +1,155 @@
+--- !ruby/object:Gem::Specification 
+name: vines-agent
+version: !ruby/object:Gem::Version 
+  prerelease: 
+  version: 0.1.0
+platform: ruby
+authors: 
+- David Graham
+- Chris Johnson
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-09-28 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: blather
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 0.5.4
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: ohai
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 0.6.4
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: session
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 3.1.0
+  type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: slave
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 1.2.1
+  type: :runtime
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: vines
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: "0.3"
+  type: :runtime
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: minitest
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  version_requirements: *id007
+description: |-
+  Vines Agent executes shell commands sent by users after
+  authorizing them against an access control list, provided by the Vines Services
+  component. Manage a server as easily as chatting with a friend.
+email: 
+- david@negativecode.com
+- chris@negativecode.com
+executables: 
+- vines-agent
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- LICENSE
+- Rakefile
+- README
+- bin/vines-agent
+- lib/vines/agent/agent.rb
+- lib/vines/agent/command/init.rb
+- lib/vines/agent/command/restart.rb
+- lib/vines/agent/command/start.rb
+- lib/vines/agent/command/stop.rb
+- lib/vines/agent/config.rb
+- lib/vines/agent/connection.rb
+- lib/vines/agent/shell.rb
+- lib/vines/agent/version.rb
+- lib/vines/agent.rb
+- conf/certs/ca-bundle.crt
+- conf/certs/README
+- conf/config.rb
+- test/config_test.rb
+- test/rake_test_loader.rb
+homepage: http://www.getvines.com
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: 1.9.2
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: An XMPP bot that runs shell commands on remote machines.
+test_files: 
+- test/config_test.rb
+- test/rake_test_loader.rb