module Mixlib::ShellOut::Unix
Public Instance Methods
Source
# File lib/mixlib/shellout/unix.rb, line 39 def all_seconderies ret = [] Etc.endgrent while ( g = Etc.getgrent ) ret << g end Etc.endgrent ret end
Helper method for sgids
Source
# File lib/mixlib/shellout/unix.rb, line 61 def logon_environment return {} unless using_login? entry = Etc.getpwuid(uid) # According to `man su`, the set fields are: # $HOME, $SHELL, $USER, $LOGNAME, $PATH, and $IFS # Values are copied from "shadow" package in Ubuntu 14.10 { "HOME" => entry.dir, "SHELL" => entry.shell, "USER" => entry.name, "LOGNAME" => entry.name, "PATH" => "/sbin:/bin:/usr/sbin:/usr/bin", "IFS" => "\t\n" } end
The environment variables that are deduced from simulating logon Only valid if login is used
Source
# File lib/mixlib/shellout/unix.rb, line 72 def process_environment logon_environment.merge(environment) end
Merges the two environments for the process
Source
# File lib/mixlib/shellout/unix.rb, line 94 def run_command @child_pid = fork_subprocess @reaped = false configure_parent_process_file_descriptors # CHEF-3390: Marshall.load on Ruby < 1.8.7p369 also has a GC bug related # to Marshall.load, so try disabling GC first. propagate_pre_exec_failure @status = nil @result = nil @execution_time = 0 write_to_child_stdin until @status ready_buffers = attempt_buffer_read unless ready_buffers @execution_time += READ_WAIT_TIME if @execution_time >= timeout && !@result # kill the bad proccess reap_errant_child # read anything it wrote when we killed it attempt_buffer_read # raise raise CommandTimeout, "Command timed out after #{@execution_time.to_i}s:\n#{format_for_exception}" end end attempt_reap end self rescue Errno::ENOENT # When ENOENT happens, we can be reasonably sure that the child process # is going to exit quickly, so we use the blocking variant of waitpid2 reap raise ensure reap_errant_child if should_reap? # make one more pass to get the last of the output after the # child process dies attempt_buffer_read(0) # no matter what happens, turn the GC back on, and hope whatever busted # version of ruby we're on doesn't allocate some objects during the next # GC run. GC.enable close_all_pipes end
Run the command, writing the command’s standard out and standard error to stdout and stderr, and saving its exit status object to status
Returns
returns self; stdout, stderr, status, and exitstatus will be populated with results of the command.
Raises
-
Errno::EACCES when you are not privileged to execute the command
-
Errno::ENOENT when the command is not available on the system (or not in the current $PATH)
-
Chef::Exceptions::CommandTimeout when the command does not complete within
timeoutseconds (default: 600s). When this happens,ShellOutwill send a TERM and then KILL to the entire process group to ensure that any grandchild processes are terminated. If the invocation of the child process spawned multiple child processes (which commonly happens if the command is passed as a single string to be interpreted by bin/sh, and bin/sh is not bash), the exit status object may not contain the correct exit code of the process (of course there is no exit code if the command is killed by SIGKILL, also).
Source
# File lib/mixlib/shellout/unix.rb, line 52 def sgids return nil unless using_login? user_name = Etc.getpwuid(uid).name all_seconderies.select { |g| g.mem.include?(user_name) }.map(&:gid) end
The secondary groups that the subprocess will switch to. Currently valid only if login is used, and is set to the user’s secondary groups
Source
# File lib/mixlib/shellout/unix.rb, line 34 def using_login? login && user end
Whether we’re simulating a login shell
Source
# File lib/mixlib/shellout/unix.rb, line 27 def validate_options(opts) if opts[:elevated] raise InvalidCommandOption, "Option `elevated` is supported for Powershell commands only" end end
Option validation that is unix specific
Private Instance Methods
Source
# File lib/mixlib/shellout/unix.rb, line 281 def attempt_buffer_read(timeout = READ_WAIT_TIME) ready = IO.select(open_pipes, nil, nil, timeout) if ready read_stdout_to_buffer if ready.first.include?(child_stdout) read_stderr_to_buffer if ready.first.include?(child_stderr) read_process_status_to_buffer if ready.first.include?(child_process_status) end ready end
Source
# File lib/mixlib/shellout/unix.rb, line 418 def attempt_reap results = Process.waitpid2(@child_pid, Process::WNOHANG) if results @reaped = true @status = results.last else nil end end
Try to reap the child process but don’t block if it isn’t dead yet.
Source
# File lib/mixlib/shellout/unix.rb, line 320 def cgroupv2_available? File.read("/proc/mounts").match?(%r{^cgroup2 /sys/fs/cgroup}) end
Source
# File lib/mixlib/shellout/unix.rb, line 194 def child_pgid -@child_pid end
Since we call setsid the child_pgid will be the child_pid, set to negative here so it can be directly used in arguments to kill, wait, etc.
Source
# File lib/mixlib/shellout/unix.rb, line 215 def child_process_status @process_status_pipe[0] end
Source
# File lib/mixlib/shellout/unix.rb, line 211 def child_stderr @stderr_pipe[0] end
Source
# File lib/mixlib/shellout/unix.rb, line 203 def child_stdin @stdin_pipe[1] end
Source
# File lib/mixlib/shellout/unix.rb, line 207 def child_stdout @stdout_pipe[0] end
Source
# File lib/mixlib/shellout/unix.rb, line 219 def close_all_pipes child_stdin.close unless child_stdin.closed? child_stdout.close unless child_stdout.closed? child_stderr.close unless child_stderr.closed? child_process_status.close unless child_process_status.closed? end
Source
# File lib/mixlib/shellout/unix.rb, line 252 def configure_parent_process_file_descriptors # Close the sides of the pipes we don't care about stdin_pipe.first.close stdin_pipe.last.close unless input stdout_pipe.last.close stderr_pipe.last.close process_status_pipe.last.close # Get output as it happens rather than buffered child_stdin.sync = true if input child_stdout.sync = true child_stderr.sync = true true end
Source
# File lib/mixlib/shellout/unix.rb, line 231 def configure_subprocess_file_descriptors process_status_pipe.first.close # HACK: for some reason, just STDIN.close isn't good enough when running # under ruby 1.9.2, so make it good enough: stdin_pipe.last.close STDIN.reopen stdin_pipe.first stdin_pipe.first.close unless input stdout_pipe.first.close STDOUT.reopen stdout_pipe.last stdout_pipe.last.close stderr_pipe.first.close STDERR.reopen stderr_pipe.last stderr_pipe.last.close STDOUT.sync = STDERR.sync = true STDIN.sync = true if input end
Replace stdout, and stderr with pipes to the parent, and close the reader side of the error marshaling side channel.
If there is no input, close STDIN so when we exec, the new program will know it’s never getting input ever.
Source
# File lib/mixlib/shellout/unix.rb, line 324 def fork_subprocess initialize_ipc fork do # Child processes may themselves fork off children. A common case # is when the command is given as a single string (instead of # command name plus Array of arguments) and /bin/sh does not # support the "ONESHOT" optimization (where sh -c does exec without # forking). To support cleaning up all the children, we need to # ensure they're in a unique process group. # # We use setsid here to abandon our controlling tty and get a new session # and process group that are set to the pid of the child process. Process.setsid configure_subprocess_file_descriptors if cgroup && cgroupv2_available? set_cgroup end set_secondarygroups set_group set_user set_environment set_umask set_cwd begin command.is_a?(Array) ? exec(*command, close_others: true) : exec(command, close_others: true) raise "forty-two" # Should never get here rescue Exception => e Marshal.dump(e, process_status_pipe.last) process_status_pipe.last.flush end process_status_pipe.last.close unless process_status_pipe.last.closed? exit! end end
Source
# File lib/mixlib/shellout/unix.rb, line 198 def initialize_ipc @stdin_pipe, @stdout_pipe, @stderr_pipe, @process_status_pipe = IO.pipe, IO.pipe, IO.pipe, IO.pipe @process_status_pipe.last.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC) end
Source
# File lib/mixlib/shellout/unix.rb, line 269 def open_pipes @open_pipes ||= [child_stdout, child_stderr, child_process_status] end
Some patch levels of ruby in wide use (in particular the ruby 1.8.6 on OSX) segfault when you IO.select a pipe that’s reached eof. Weak sauce.
Source
# File lib/mixlib/shellout/unix.rb, line 368 def propagate_pre_exec_failure attempt_buffer_read until child_process_status.eof? e = Marshal.load(@process_status) raise(Exception === e ? e : "unknown failure: #{e.inspect}") rescue ArgumentError # If we get an ArgumentError error, then the exec was successful true ensure child_process_status.close open_pipes.delete(child_process_status) end
Attempt to get a Marshaled error from the side-channel. If it’s there, un-marshal it and raise. If it’s not there, assume everything went well.
Source
# File lib/mixlib/shellout/unix.rb, line 311 def read_process_status_to_buffer while ( chunk = child_process_status.read_nonblock(READ_SIZE) ) @process_status << chunk end rescue Errno::EAGAIN rescue EOFError open_pipes.delete(child_process_status) end
Source
# File lib/mixlib/shellout/unix.rb, line 301 def read_stderr_to_buffer while ( chunk = child_stderr.read_nonblock(READ_SIZE) ) @stderr << chunk @live_stderr << chunk if @live_stderr end rescue Errno::EAGAIN rescue EOFError open_pipes.delete(child_stderr) end
Source
# File lib/mixlib/shellout/unix.rb, line 291 def read_stdout_to_buffer while ( chunk = child_stdout.read_nonblock(READ_SIZE) ) @stdout << chunk @live_stdout << chunk if @live_stdout end rescue Errno::EAGAIN rescue EOFError open_pipes.delete(child_stdout) end
Source
# File lib/mixlib/shellout/unix.rb, line 405 def reap results = Process.waitpid2(@child_pid) @reaped = true @status = results.last rescue Errno::ECHILD # When cleaning up timed-out processes, we might send SIGKILL to the # whole process group after we've cleaned up the direct child. In that # case the grandchildren will have been adopted by init so we can't # reap them even if we wanted to (we don't). nil end
Unconditionally reap the child process. This is used in scenarios where we can be confident the child will exit quickly, and has not spawned and grandchild processes.
Source
# File lib/mixlib/shellout/unix.rb, line 379 def reap_errant_child return if attempt_reap @terminate_reason = "Command exceeded allowed execution time, process terminated" logger&.error("Command exceeded allowed execution time, sending TERM") Process.kill(:TERM, child_pgid) sleep 3 attempt_reap logger&.error("Command exceeded allowed execution time, sending KILL") Process.kill(:KILL, child_pgid) reap # Should not hit this but it's possible if something is calling waitall # in a separate thread. rescue Errno::ESRCH nil end
Source
# File lib/mixlib/shellout/unix.rb, line 182 def set_cgroup new_cgroup_path = "/sys/fs/cgroup/#{cgroup}" # Create cgroup if missing unless Dir.exist?(new_cgroup_path) FileUtils.mkdir_p new_cgroup_path end # Migrate current process to newly cgroup, any subprocesses will run inside new cgroup File.write("#{new_cgroup_path}/cgroup.procs", Process.pid.to_s) end
Source
# File lib/mixlib/shellout/unix.rb, line 178 def set_cwd Dir.chdir(cwd) if cwd end
Source
# File lib/mixlib/shellout/unix.rb, line 167 def set_environment # user-set variables should override the login ones process_environment.each do |env_var, value| ENV[env_var] = value end end
Source
# File lib/mixlib/shellout/unix.rb, line 154 def set_group if group Process.egid = gid Process.gid = gid end end
Source
# File lib/mixlib/shellout/unix.rb, line 161 def set_secondarygroups if sgids Process.groups = sgids end end
Source
# File lib/mixlib/shellout/unix.rb, line 174 def set_umask File.umask(umask) if umask end
Source
# File lib/mixlib/shellout/unix.rb, line 147 def set_user if user Process.uid = uid Process.euid = uid end end
Source
# File lib/mixlib/shellout/unix.rb, line 397 def should_reap? # if we fail to fork, no child pid so nothing to reap @child_pid && !@reaped end
Source
# File lib/mixlib/shellout/unix.rb, line 274 def write_to_child_stdin return unless input child_stdin << input child_stdin.close # Kick things off end
Keep this unbuffered for now