diff options
| author | erikh <erikh@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-09-22 22:42:15 +0000 |
|---|---|---|
| committer | erikh <erikh@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-09-22 22:42:15 +0000 |
| commit | 287b18c281959b824706ee4e36165d418873765f (patch) | |
| tree | 0982307d3b6fafdaa66d521e8f25587ec2fe1ec8 /lib/puppet | |
| parent | 55f2873d454dfb32593171e3f2b16f3b4221d897 (diff) | |
| download | puppet-287b18c281959b824706ee4e36165d418873765f.tar.gz puppet-287b18c281959b824706ee4e36165d418873765f.tar.xz puppet-287b18c281959b824706ee4e36165d418873765f.zip | |
+ New assertion: assert_uid_gid will check that the UID and GID have been changed to the proper values. This uses a fork and a FIFO to achieve it's checking.
! nonrootuser and nonrootgroup now only return users/groups that are less than 255, due to the "Darwin debacle"
! many, many, many fixes for suidmanager. This is rather embarassing.
git-svn-id: https://reductivelabs.com/svn/puppet/trunk@1674 980ebf18-57e1-0310-9a29-db15c13687c0
Diffstat (limited to 'lib/puppet')
| -rw-r--r-- | lib/puppet/suidmanager.rb | 50 |
1 files changed, 33 insertions, 17 deletions
diff --git a/lib/puppet/suidmanager.rb b/lib/puppet/suidmanager.rb index 2f4d428e3..abe99c8b2 100644 --- a/lib/puppet/suidmanager.rb +++ b/lib/puppet/suidmanager.rb @@ -1,17 +1,22 @@ require 'facter' -require 'puppet' module Puppet module SUIDManager platform = Facter["kernel"].value - [:uid=, :uid, :gid=, :gid].each do |method| + [:uid=, :gid=, :uid, :gid].each do |method| define_method(method) do |*args| - if platform == "Darwin" and (Facter['rubyversion'] <=> "1.8.5") < 0 - Puppet.warning "Cannot change real UID on Darwin on Ruby versions earlier than 1.8.5" - method = ("e" + method.to_s).intern unless method.to_s[0] == 'e' + # NOTE: 'method' is closed here. + newmethod = method + + if platform == "Darwin" + if !@darwinwarned + Puppet.warning "Cannot change real UID on Darwin" + @darwinwarned = true + end + newmethod = ("e" + method.to_s).intern end - return Process.send(method, *args) + return Process.send(newmethod, *args) end module_function method end @@ -47,28 +52,39 @@ module Puppet module_function :run_and_capture def system(command, new_uid=self.euid, new_gid=self.egid) + status = nil asuser(new_uid, new_gid) do Kernel.system(command) + status = $?.dup end + status end module_function :system - def asuser(new_euid, new_egid) - new_euid = Puppet::Util.uid(new_euid) - new_egid = Puppet::Util.uid(new_egid) + def asuser(new_euid=nil, new_egid=nil) + begin + old_egid = old_euid = nil + if new_egid + new_egid = Puppet::Util.uid(new_egid) + old_egid = self.egid + self.egid = new_egid + end + if new_euid + new_euid = Puppet::Util.uid(new_euid) + old_euid = self.euid + self.euid = new_euid + end - old_euid, old_egid = [ self.euid, self.egid ] - self.egid = new_egid ? new_egid : old_egid - self.euid = new_euid ? new_euid : old_euid - output = yield - self.egid = old_egid - self.euid = old_euid + output = yield - output + output + ensure + self.egid = old_egid + self.euid = old_euid + end end module_function :asuser end end - |