diff options
author | Adam Edwards <adamed@opscode.com> | 2013-03-26 10:17:15 -0700 |
---|---|---|
committer | Adam Edwards <adamed@opscode.com> | 2013-03-26 10:17:15 -0700 |
commit | 6061e84ec5a1aca932746ec631ae903e89cd0f97 (patch) | |
tree | 46dc62eacd26f39b6873533f10b75535be72cc7f | |
parent | 933784a3240d488cfbf79b5a9b8ecb89ef2cb44f (diff) | |
parent | 52a51724a488cba92804a0c180d2c9d61358a882 (diff) | |
download | mixlib-shellout-6061e84ec5a1aca932746ec631ae903e89cd0f97.tar.gz |
Merge pull request #11 from opscode/adamed-mixlib-9
MIXLIB 9: Add Windows Impersonation to Mixlib-Shellout
-rw-r--r-- | README.md | 6 | ||||
-rw-r--r-- | lib/mixlib/shellout.rb | 14 | ||||
-rw-r--r-- | lib/mixlib/shellout/unix.rb | 5 | ||||
-rw-r--r-- | lib/mixlib/shellout/windows.rb | 13 | ||||
-rw-r--r-- | lib/mixlib/shellout/windows/core_ext.rb | 452 | ||||
-rw-r--r-- | mixlib-shellout-x86-mingw32.gemspec | 2 | ||||
-rw-r--r-- | mixlib-shellout.gemspec | 2 | ||||
-rw-r--r-- | spec/mixlib/shellout/windows_spec.rb | 2 | ||||
-rw-r--r-- | spec/mixlib/shellout_spec.rb | 75 |
9 files changed, 328 insertions, 243 deletions
@@ -36,6 +36,12 @@ Invoke crontab to edit user cron: crontab = Mixlib::ShellOut.new("crontab -l -u #{@new_resource.user}", :input => crontab_lines.join("\n")) crontab.run_command +## Windows Impersonation Example +Invoke crontab to edit user cron: + + whomai = Mixlib::ShellOut.new("whoami.exe", :user => "username", :domain => "DOMAIN", :password => "password") + whoami.run_command + ## Platform Support Mixlib::ShellOut does a standard fork/exec on Unix, and uses the Win32 API on Windows. There is not currently support for JRuby. diff --git a/lib/mixlib/shellout.rb b/lib/mixlib/shellout.rb index 3b2651c..63744f1 100644 --- a/lib/mixlib/shellout.rb +++ b/lib/mixlib/shellout.rb @@ -39,6 +39,9 @@ module Mixlib # User the command will run as. Normally set via options passed to new attr_accessor :user + attr_accessor :domain + attr_accessor :password + attr_accessor :with_logon # Group the command will run as. Normally set via options passed to new attr_accessor :group @@ -261,8 +264,13 @@ module Mixlib case option.to_s when 'cwd' self.cwd = setting + when 'domain' + self.domain = setting + when 'password' + self.password = setting when 'user' self.user = setting + self.with_logon = setting when 'group' self.group = setting when 'umask' @@ -288,8 +296,12 @@ module Mixlib raise InvalidCommandOption, "option '#{option.inspect}' is not a valid option for #{self.class.name}" end end - end + validate_options(opts) + end + def validate_options(opts) + super + end end end diff --git a/lib/mixlib/shellout/unix.rb b/lib/mixlib/shellout/unix.rb index a983e05..776169d 100644 --- a/lib/mixlib/shellout/unix.rb +++ b/lib/mixlib/shellout/unix.rb @@ -20,6 +20,11 @@ module Mixlib class ShellOut module Unix + # Option validation that is unix specific + def validate_options(opts) + # No options to validate, raise exceptions here if needed + end + # Run the command, writing the command's standard out and standard error # to +stdout+ and +stderr+, and saving its exit status object to +status+ # === Returns diff --git a/lib/mixlib/shellout/windows.rb b/lib/mixlib/shellout/windows.rb index 7bebb3b..ea809b5 100644 --- a/lib/mixlib/shellout/windows.rb +++ b/lib/mixlib/shellout/windows.rb @@ -35,6 +35,15 @@ module Mixlib TIME_SLICE = 0.05 + # Option validation that is windows specific + def validate_options(opts) + if opts[:user] + unless opts[:password] + raise InvalidCommandOption, "You must supply both a username and password when supplying a user in windows" + end + end + end + #-- # Missing lots of features from the UNIX version, such as # uid, etc. @@ -66,6 +75,10 @@ module Mixlib :close_handles => false } create_process_args[:cwd] = cwd if cwd + # default to local account database if domain is not specified + create_process_args[:domain] = domain.nil? ? "." : domain + create_process_args[:with_logon] = with_logon if with_logon + create_process_args[:password] = password if password # # Start the process diff --git a/lib/mixlib/shellout/windows/core_ext.rb b/lib/mixlib/shellout/windows/core_ext.rb index be25127..e692c7d 100644 --- a/lib/mixlib/shellout/windows/core_ext.rb +++ b/lib/mixlib/shellout/windows/core_ext.rb @@ -18,40 +18,65 @@ # require 'win32/process' -require 'windows/handle' -require 'windows/process' -require 'windows/synchronize' -# Override module Windows::Process.CreateProcess to fix bug when -# using both app_name and command_line -# -module Windows - module Process - API.new('CreateProcess', 'SPPPLLLPPP', 'B') +# Add new constants for Logon +module Process::Constants + LOGON32_LOGON_INTERACTIVE = 0x00000002 + LOGON32_PROVIDER_DEFAULT = 0x00000000 + UOI_NAME = 0x00000002 +end + +# Define the functions needed to check with Service windows station +module Process::Functions + module FFI::Library + # Wrapper method for attach_function + private + def attach_pfunc(*args) + attach_function(*args) + private args[0] + end end + + extend FFI::Library + + ffi_lib :advapi32 + + attach_pfunc :LogonUserW, + [:buffer_in, :buffer_in, :buffer_in, :ulong, :ulong, :pointer], :bool + + attach_pfunc :CreateProcessAsUserW, + [:ulong, :buffer_in, :buffer_in, :pointer, :pointer, :bool, + :ulong, :buffer_in, :buffer_in, :pointer, :pointer], :bool + + ffi_lib :user32 + + attach_pfunc :GetProcessWindowStation, + [], :ulong + + attach_pfunc :GetUserObjectInformationA, + [:ulong, :uint, :buffer_out, :ulong, :pointer], :bool end -# -# Override Win32::Process.create to take a proper environment hash -# so that variables can contain semicolons -# (submitted patch to owner) -# +# Override Process.create to check for running in the Service window station and doing +# a full logon with LogonUser, instead of a CreateProcessWithLogon module Process + include Process::Constants + include Process::Structs + def create(args) unless args.kind_of?(Hash) - raise TypeError, 'Expecting hash-style keyword arguments' + raise TypeError, 'hash keyword arguments expected' end - valid_keys = %w/ + valid_keys = %w[ app_name command_line inherit creation_flags cwd environment startup_info thread_inherit process_inherit close_handles with_logon domain password - / + ] - valid_si_keys = %/ + valid_si_keys = %w[ startf_flags desktop title x y x_size y_size x_count_chars y_count_chars fill_attribute sw_flags stdin stdout stderr - / + ] # Set default values hash = { @@ -93,46 +118,43 @@ module Process end end - # The environment string should be passed as an array of A=B paths, or - # as a string of ';' separated paths. + env = nil + + # The env string should be passed as a string of ';' separated paths. if hash['environment'] env = hash['environment'] - if !env.respond_to?(:join) - # Backwards compat for ; separated paths + + unless env.respond_to?(:join) env = hash['environment'].split(File::PATH_SEPARATOR) end - # The argument format is a series of null-terminated strings, with an additional null terminator. - env = env.map { |e| e + "\0" }.join("") + "\0" - if hash['with_logon'] - env = env.multi_to_wide(e) - end - env = [env].pack('p*').unpack('L').first - else - env = nil - end - startinfo = [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - startinfo = startinfo.pack('LLLLLLLLLLLLSSLLLL') - procinfo = [0,0,0,0].pack('LLLL') + env = env.map{ |e| e + 0.chr }.join('') + 0.chr + env.to_wide_string! if hash['with_logon'] + end # Process SECURITY_ATTRIBUTE structure - process_security = 0 + process_security = nil + if hash['process_inherit'] - process_security = [0,0,0].pack('LLL') - process_security[0,4] = [12].pack('L') # sizeof(SECURITY_ATTRIBUTE) - process_security[8,4] = [1].pack('L') # TRUE + process_security = SECURITY_ATTRIBUTES.new + process_security[:nLength] = 12 + process_security[:bInheritHandle] = true end # Thread SECURITY_ATTRIBUTE structure - thread_security = 0 + thread_security = nil + if hash['thread_inherit'] - thread_security = [0,0,0].pack('LLL') - thread_security[0,4] = [12].pack('L') # sizeof(SECURITY_ATTRIBUTE) - thread_security[8,4] = [1].pack('L') # TRUE + thread_security = SECURITY_ATTRIBUTES.new + thread_security[:nLength] = 12 + thread_security[:bInheritHandle] = true end # Automatically handle stdin, stdout and stderr as either IO objects - # or file descriptors. This won't work for StringIO, however. + # or file descriptors. This won't work for StringIO, however. It also + # will not work on JRuby because of the way it handles internal file + # descriptors. + # ['stdin', 'stdout', 'stderr'].each{ |io| if si_hash[io] if si_hash[io].respond_to?(:fileno) @@ -142,7 +164,15 @@ module Process end if handle == INVALID_HANDLE_VALUE - raise Error, get_last_error + ptr = FFI::MemoryPointer.new(:int) + + if windows_version >= 6 && get_errno(ptr) == 0 + errno = ptr.read_int + else + errno = FFI.errno + end + + raise SystemCallError.new("get_osfhandle", errno) end # Most implementations of Ruby on Windows create inheritable @@ -153,7 +183,7 @@ module Process HANDLE_FLAG_INHERIT ) - raise Error, get_last_error unless bool + raise SystemCallError.new("SetHandleInformation", FFI.errno) unless bool si_hash[io] = handle si_hash['startf_flags'] ||= 0 @@ -162,224 +192,172 @@ module Process end } - # The bytes not covered here are reserved (null) + procinfo = PROCESS_INFORMATION.new + startinfo = STARTUPINFO.new + unless si_hash.empty? - startinfo[0,4] = [startinfo.size].pack('L') - startinfo[8,4] = [si_hash['desktop']].pack('p*') if si_hash['desktop'] - startinfo[12,4] = [si_hash['title']].pack('p*') if si_hash['title'] - startinfo[16,4] = [si_hash['x']].pack('L') if si_hash['x'] - startinfo[20,4] = [si_hash['y']].pack('L') if si_hash['y'] - startinfo[24,4] = [si_hash['x_size']].pack('L') if si_hash['x_size'] - startinfo[28,4] = [si_hash['y_size']].pack('L') if si_hash['y_size'] - startinfo[32,4] = [si_hash['x_count_chars']].pack('L') if si_hash['x_count_chars'] - startinfo[36,4] = [si_hash['y_count_chars']].pack('L') if si_hash['y_count_chars'] - startinfo[40,4] = [si_hash['fill_attribute']].pack('L') if si_hash['fill_attribute'] - startinfo[44,4] = [si_hash['startf_flags']].pack('L') if si_hash['startf_flags'] - startinfo[48,2] = [si_hash['sw_flags']].pack('S') if si_hash['sw_flags'] - startinfo[56,4] = [si_hash['stdin']].pack('L') if si_hash['stdin'] - startinfo[60,4] = [si_hash['stdout']].pack('L') if si_hash['stdout'] - startinfo[64,4] = [si_hash['stderr']].pack('L') if si_hash['stderr'] + startinfo[:cb] = startinfo.size + startinfo[:lpDesktop] = si_hash['desktop'] if si_hash['desktop'] + startinfo[:lpTitle] = si_hash['title'] if si_hash['title'] + startinfo[:dwX] = si_hash['x'] if si_hash['x'] + startinfo[:dwY] = si_hash['y'] if si_hash['y'] + startinfo[:dwXSize] = si_hash['x_size'] if si_hash['x_size'] + startinfo[:dwYSize] = si_hash['y_size'] if si_hash['y_size'] + startinfo[:dwXCountChars] = si_hash['x_count_chars'] if si_hash['x_count_chars'] + startinfo[:dwYCountChars] = si_hash['y_count_chars'] if si_hash['y_count_chars'] + startinfo[:dwFillAttribute] = si_hash['fill_attribute'] if si_hash['fill_attribute'] + startinfo[:dwFlags] = si_hash['startf_flags'] if si_hash['startf_flags'] + startinfo[:wShowWindow] = si_hash['sw_flags'] if si_hash['sw_flags'] + startinfo[:cbReserved2] = 0 + startinfo[:hStdInput] = si_hash['stdin'] if si_hash['stdin'] + startinfo[:hStdOutput] = si_hash['stdout'] if si_hash['stdout'] + startinfo[:hStdError] = si_hash['stderr'] if si_hash['stderr'] + end + + app = nil + cmd = nil + + # Convert strings to wide character strings if present + if hash['app_name'] + app = hash['app_name'].to_wide_string + end + + if hash['command_line'] + cmd = hash['command_line'].to_wide_string + end + + if hash['cwd'] + cwd = hash['cwd'].to_wide_string end + inherit = hash['inherit'] || false + if hash['with_logon'] - logon = multi_to_wide(hash['with_logon']) - domain = multi_to_wide(hash['domain']) - app = hash['app_name'].nil? ? nil : multi_to_wide(hash['app_name']) - cmd = hash['command_line'].nil? ? nil : multi_to_wide(hash['command_line']) - cwd = multi_to_wide(hash['cwd']) - passwd = multi_to_wide(hash['password']) + logon = hash['with_logon'].to_wide_string + + if hash['password'] + passwd = hash['password'].to_wide_string + else + raise ArgumentError, 'password must be specified if with_logon is used' + end + + if hash['domain'] + domain = hash['domain'].to_wide_string + end hash['creation_flags'] |= CREATE_UNICODE_ENVIRONMENT - process_ran = CreateProcessWithLogonW( - logon, # User - domain, # Domain - passwd, # Password - LOGON_WITH_PROFILE, # Logon flags - app, # App name - cmd, # Command line - hash['creation_flags'], # Creation flags - env, # Environment - cwd, # Working directory - startinfo, # Startup Info - procinfo # Process Info + winsta_name = FFI::MemoryPointer.new(:char, 256) + return_size = FFI::MemoryPointer.new(:ulong) + + bool = GetUserObjectInformationA( + GetProcessWindowStation(), # Window station handle + UOI_NAME, # Information to get + winsta_name, # Buffer to receive information + winsta_name.size, # Size of buffer + return_size # Size filled into buffer ) + + unless bool + raise SystemCallError.new("GetUserObjectInformationA", FFI.errno) + end + + winsta_name = winsta_name.read_string(return_size.read_ulong) + + # If running in the service windows station must do a log on to get + # to the interactive desktop. Running process user account must have + # the 'Replace a process level token' permission. This is necessary as + # the logon (which happens with CreateProcessWithLogon) must have an + # interactive windows station to attach to, which is created with the + # LogonUser cann with the LOGON32_LOGON_INTERACTIVE flag. + if winsta_name =~ /^Service-0x0-.*$/i + token = FFI::MemoryPointer.new(:ulong) + + bool = LogonUserW( + logon, # User + domain, # Domain + passwd, # Password + LOGON32_LOGON_INTERACTIVE, # Logon Type + LOGON32_PROVIDER_DEFAULT, # Logon Provider + token # User token handle + ) + + unless bool + raise SystemCallError.new("LogonUserW", FFI.errno) + end + + token = token.read_ulong + + bool = CreateProcessAsUserW( + token, # User token handle + app, # App name + cmd, # Command line + process_security, # Process attributes + thread_security, # Thread attributes + inherit, # Inherit handles + hash['creation_flags'], # Creation Flags + env, # Environment + cwd, # Working directory + startinfo, # Startup Info + procinfo # Process Info + ) + + unless bool + raise SystemCallError.new("CreateProcessAsUserW (You must hold the 'Replace a process level token' permission)", FFI.errno) + end + else + bool = CreateProcessWithLogonW( + logon, # User + domain, # Domain + passwd, # Password + LOGON_WITH_PROFILE, # Logon flags + app, # App name + cmd, # Command line + hash['creation_flags'], # Creation flags + env, # Environment + cwd, # Working directory + startinfo, # Startup Info + procinfo # Process Info + ) + end + + unless bool + raise SystemCallError.new("CreateProcessWithLogonW", FFI.errno) + end else - process_ran = CreateProcess( - hash['app_name'], # App name - hash['command_line'], # Command line + bool = CreateProcessW( + app, # App name + cmd, # Command line process_security, # Process attributes thread_security, # Thread attributes - hash['inherit'], # Inherit handles? + inherit, # Inherit handles? hash['creation_flags'], # Creation flags env, # Environment - hash['cwd'], # Working directory + cwd, # Working directory startinfo, # Startup Info procinfo # Process Info ) - end - # TODO: Close stdin, stdout and stderr handles in the si_hash unless - # they're pointing to one of the standard handles already. [Maybe] - if !process_ran - raise_last_error("CreateProcess()") + unless bool + raise SystemCallError.new("CreateProcessW", FFI.errno) + end end # Automatically close the process and thread handles in the # PROCESS_INFORMATION struct unless explicitly told not to. if hash['close_handles'] - CloseHandle(procinfo[0,4].unpack('L').first) - CloseHandle(procinfo[4,4].unpack('L').first) + CloseHandle(procinfo[:hProcess]) + CloseHandle(procinfo[:hThread]) + CloseHandle(token) end ProcessInfo.new( - procinfo[0,4].unpack('L').first, # hProcess - procinfo[4,4].unpack('L').first, # hThread - procinfo[8,4].unpack('L').first, # hProcessId - procinfo[12,4].unpack('L').first # hThreadId + procinfo[:hProcess], + procinfo[:hThread], + procinfo[:dwProcessId], + procinfo[:dwThreadId] ) end - def self.raise_last_error(operation) - error_string = "#{operation} failed: #{get_last_error}" - last_error_code = GetLastError() - if ERROR_CODE_MAP.has_key?(last_error_code) - raise ERROR_CODE_MAP[last_error_code], error_string - else - raise Error, error_string - end - end - - # List from ruby/win32/win32.c - ERROR_CODE_MAP = { - ERROR_INVALID_FUNCTION => Errno::EINVAL, - ERROR_FILE_NOT_FOUND => Errno::ENOENT, - ERROR_PATH_NOT_FOUND => Errno::ENOENT, - ERROR_TOO_MANY_OPEN_FILES => Errno::EMFILE, - ERROR_ACCESS_DENIED => Errno::EACCES, - ERROR_INVALID_HANDLE => Errno::EBADF, - ERROR_ARENA_TRASHED => Errno::ENOMEM, - ERROR_NOT_ENOUGH_MEMORY => Errno::ENOMEM, - ERROR_INVALID_BLOCK => Errno::ENOMEM, - ERROR_BAD_ENVIRONMENT => Errno::E2BIG, - ERROR_BAD_FORMAT => Errno::ENOEXEC, - ERROR_INVALID_ACCESS => Errno::EINVAL, - ERROR_INVALID_DATA => Errno::EINVAL, - ERROR_INVALID_DRIVE => Errno::ENOENT, - ERROR_CURRENT_DIRECTORY => Errno::EACCES, - ERROR_NOT_SAME_DEVICE => Errno::EXDEV, - ERROR_NO_MORE_FILES => Errno::ENOENT, - ERROR_WRITE_PROTECT => Errno::EROFS, - ERROR_BAD_UNIT => Errno::ENODEV, - ERROR_NOT_READY => Errno::ENXIO, - ERROR_BAD_COMMAND => Errno::EACCES, - ERROR_CRC => Errno::EACCES, - ERROR_BAD_LENGTH => Errno::EACCES, - ERROR_SEEK => Errno::EIO, - ERROR_NOT_DOS_DISK => Errno::EACCES, - ERROR_SECTOR_NOT_FOUND => Errno::EACCES, - ERROR_OUT_OF_PAPER => Errno::EACCES, - ERROR_WRITE_FAULT => Errno::EIO, - ERROR_READ_FAULT => Errno::EIO, - ERROR_GEN_FAILURE => Errno::EACCES, - ERROR_LOCK_VIOLATION => Errno::EACCES, - ERROR_SHARING_VIOLATION => Errno::EACCES, - ERROR_WRONG_DISK => Errno::EACCES, - ERROR_SHARING_BUFFER_EXCEEDED => Errno::EACCES, -# ERROR_BAD_NETPATH => Errno::ENOENT, -# ERROR_NETWORK_ACCESS_DENIED => Errno::EACCES, -# ERROR_BAD_NET_NAME => Errno::ENOENT, - ERROR_FILE_EXISTS => Errno::EEXIST, - ERROR_CANNOT_MAKE => Errno::EACCES, - ERROR_FAIL_I24 => Errno::EACCES, - ERROR_INVALID_PARAMETER => Errno::EINVAL, - ERROR_NO_PROC_SLOTS => Errno::EAGAIN, - ERROR_DRIVE_LOCKED => Errno::EACCES, - ERROR_BROKEN_PIPE => Errno::EPIPE, - ERROR_DISK_FULL => Errno::ENOSPC, - ERROR_INVALID_TARGET_HANDLE => Errno::EBADF, - ERROR_INVALID_HANDLE => Errno::EINVAL, - ERROR_WAIT_NO_CHILDREN => Errno::ECHILD, - ERROR_CHILD_NOT_COMPLETE => Errno::ECHILD, - ERROR_DIRECT_ACCESS_HANDLE => Errno::EBADF, - ERROR_NEGATIVE_SEEK => Errno::EINVAL, - ERROR_SEEK_ON_DEVICE => Errno::EACCES, - ERROR_DIR_NOT_EMPTY => Errno::ENOTEMPTY, -# ERROR_DIRECTORY => Errno::ENOTDIR, - ERROR_NOT_LOCKED => Errno::EACCES, - ERROR_BAD_PATHNAME => Errno::ENOENT, - ERROR_MAX_THRDS_REACHED => Errno::EAGAIN, -# ERROR_LOCK_FAILED => Errno::EACCES, - ERROR_ALREADY_EXISTS => Errno::EEXIST, - ERROR_INVALID_STARTING_CODESEG => Errno::ENOEXEC, - ERROR_INVALID_STACKSEG => Errno::ENOEXEC, - ERROR_INVALID_MODULETYPE => Errno::ENOEXEC, - ERROR_INVALID_EXE_SIGNATURE => Errno::ENOEXEC, - ERROR_EXE_MARKED_INVALID => Errno::ENOEXEC, - ERROR_BAD_EXE_FORMAT => Errno::ENOEXEC, - ERROR_ITERATED_DATA_EXCEEDS_64k => Errno::ENOEXEC, - ERROR_INVALID_MINALLOCSIZE => Errno::ENOEXEC, - ERROR_DYNLINK_FROM_INVALID_RING => Errno::ENOEXEC, - ERROR_IOPL_NOT_ENABLED => Errno::ENOEXEC, - ERROR_INVALID_SEGDPL => Errno::ENOEXEC, - ERROR_AUTODATASEG_EXCEEDS_64k => Errno::ENOEXEC, - ERROR_RING2SEG_MUST_BE_MOVABLE => Errno::ENOEXEC, - ERROR_RELOC_CHAIN_XEEDS_SEGLIM => Errno::ENOEXEC, - ERROR_INFLOOP_IN_RELOC_CHAIN => Errno::ENOEXEC, - ERROR_FILENAME_EXCED_RANGE => Errno::ENOENT, - ERROR_NESTING_NOT_ALLOWED => Errno::EAGAIN, -# ERROR_PIPE_LOCAL => Errno::EPIPE, - ERROR_BAD_PIPE => Errno::EPIPE, - ERROR_PIPE_BUSY => Errno::EAGAIN, - ERROR_NO_DATA => Errno::EPIPE, - ERROR_PIPE_NOT_CONNECTED => Errno::EPIPE, - ERROR_OPERATION_ABORTED => Errno::EINTR, -# ERROR_NOT_ENOUGH_QUOTA => Errno::ENOMEM, - ERROR_MOD_NOT_FOUND => Errno::ENOENT, - WSAEINTR => Errno::EINTR, - WSAEBADF => Errno::EBADF, -# WSAEACCES => Errno::EACCES, - WSAEFAULT => Errno::EFAULT, - WSAEINVAL => Errno::EINVAL, - WSAEMFILE => Errno::EMFILE, - WSAEWOULDBLOCK => Errno::EWOULDBLOCK, - WSAEINPROGRESS => Errno::EINPROGRESS, - WSAEALREADY => Errno::EALREADY, - WSAENOTSOCK => Errno::ENOTSOCK, - WSAEDESTADDRREQ => Errno::EDESTADDRREQ, - WSAEMSGSIZE => Errno::EMSGSIZE, - WSAEPROTOTYPE => Errno::EPROTOTYPE, - WSAENOPROTOOPT => Errno::ENOPROTOOPT, - WSAEPROTONOSUPPORT => Errno::EPROTONOSUPPORT, - WSAESOCKTNOSUPPORT => Errno::ESOCKTNOSUPPORT, - WSAEOPNOTSUPP => Errno::EOPNOTSUPP, - WSAEPFNOSUPPORT => Errno::EPFNOSUPPORT, - WSAEAFNOSUPPORT => Errno::EAFNOSUPPORT, - WSAEADDRINUSE => Errno::EADDRINUSE, - WSAEADDRNOTAVAIL => Errno::EADDRNOTAVAIL, - WSAENETDOWN => Errno::ENETDOWN, - WSAENETUNREACH => Errno::ENETUNREACH, - WSAENETRESET => Errno::ENETRESET, - WSAECONNABORTED => Errno::ECONNABORTED, - WSAECONNRESET => Errno::ECONNRESET, - WSAENOBUFS => Errno::ENOBUFS, - WSAEISCONN => Errno::EISCONN, - WSAENOTCONN => Errno::ENOTCONN, - WSAESHUTDOWN => Errno::ESHUTDOWN, - WSAETOOMANYREFS => Errno::ETOOMANYREFS, -# WSAETIMEDOUT => Errno::ETIMEDOUT, - WSAECONNREFUSED => Errno::ECONNREFUSED, - WSAELOOP => Errno::ELOOP, - WSAENAMETOOLONG => Errno::ENAMETOOLONG, - WSAEHOSTDOWN => Errno::EHOSTDOWN, - WSAEHOSTUNREACH => Errno::EHOSTUNREACH, -# WSAEPROCLIM => Errno::EPROCLIM, -# WSAENOTEMPTY => Errno::ENOTEMPTY, - WSAEUSERS => Errno::EUSERS, - WSAEDQUOT => Errno::EDQUOT, - WSAESTALE => Errno::ESTALE, - WSAEREMOTE => Errno::EREMOTE - } - module_function :create end diff --git a/mixlib-shellout-x86-mingw32.gemspec b/mixlib-shellout-x86-mingw32.gemspec index 7244377..8cd15c1 100644 --- a/mixlib-shellout-x86-mingw32.gemspec +++ b/mixlib-shellout-x86-mingw32.gemspec @@ -3,6 +3,6 @@ gemspec = eval(IO.read(File.expand_path("../mixlib-shellout.gemspec", __FILE__)) gemspec.platform = "x86-mingw32" -gemspec.add_dependency "win32-process", "~> 0.6.5" +gemspec.add_dependency "win32-process", "~> 0.7.0" gemspec diff --git a/mixlib-shellout.gemspec b/mixlib-shellout.gemspec index c81c3e8..4c59291 100644 --- a/mixlib-shellout.gemspec +++ b/mixlib-shellout.gemspec @@ -14,7 +14,7 @@ Gem::Specification.new do |s| s.homepage = "http://wiki.opscode.com/" - %w(rspec).each { |gem| s.add_development_dependency gem } + %w(rspec ap).each { |gem| s.add_development_dependency gem } s.bindir = "bin" s.executables = [] diff --git a/spec/mixlib/shellout/windows_spec.rb b/spec/mixlib/shellout/windows_spec.rb index be515be..4d9359f 100644 --- a/spec/mixlib/shellout/windows_spec.rb +++ b/spec/mixlib/shellout/windows_spec.rb @@ -1,7 +1,7 @@ require 'spec_helper' describe 'Mixlib::ShellOut::Windows', :windows_only do - + describe 'Utils' do describe '.should_run_under_cmd?' do subject { Mixlib::ShellOut::Windows::Utils.should_run_under_cmd?(command) } diff --git a/spec/mixlib/shellout_spec.rb b/spec/mixlib/shellout_spec.rb index cc59829..14af6e2 100644 --- a/spec/mixlib/shellout_spec.rb +++ b/spec/mixlib/shellout_spec.rb @@ -31,6 +31,9 @@ describe Mixlib::ShellOut do context 'with default settings' do its(:cwd) { should be_nil } its(:user) { should be_nil } + its(:with_logon) { should be_nil } + its(:domain) { should be_nil } + its(:password) { should be_nil } its(:group) { should be_nil } its(:umask) { should be_nil } its(:timeout) { should eql(600) } @@ -76,7 +79,33 @@ describe Mixlib::ShellOut do shell_cmd.uid.should eql(expected_uid) end end + end + + context 'when setting with_logon' do + let(:accessor) { :with_logon } + let(:value) { 'root' } + + it "should set the with_logon" do + should eql(value) + end + end + + context 'when setting domain' do + let(:accessor) { :domain } + let(:value) { 'localhost' } + it "should set the domain" do + should eql(value) + end + end + + context 'when setting password' do + let(:accessor) { :password } + let(:value) { 'vagrant' } + + it "should set the password" do + should eql(value) + end end context 'when setting group' do @@ -174,12 +203,15 @@ describe Mixlib::ShellOut do context "with options hash" do let(:cmd) { 'brew install couchdb' } - let(:options) { { :cwd => cwd, :user => user, :group => group, :umask => umask, - :timeout => timeout, :environment => environment, :returns => valid_exit_codes, + let(:options) { { :cwd => cwd, :user => user, :domain => domain, :password => password, :group => group, + :umask => umask, :timeout => timeout, :environment => environment, :returns => valid_exit_codes, :live_stream => stream, :input => input } } let(:cwd) { '/tmp' } let(:user) { 'toor' } + let(:with_logon) { user } + let(:domain) { 'localhost' } + let(:password) { 'vagrant' } let(:group) { 'wheel' } let(:umask) { '2222' } let(:timeout) { 5 } @@ -196,6 +228,18 @@ describe Mixlib::ShellOut do shell_cmd.user.should eql(user) end + it "should set the with_logon" do + shell_cmd.with_logon.should eql(with_logon) + end + + it "should set the domain" do + shell_cmd.domain.should eql(domain) + end + + it "should set the password" do + shell_cmd.password.should eql(password) + end + it "should set the group" do shell_cmd.group.should eql(group) end @@ -358,6 +402,33 @@ describe Mixlib::ShellOut do end end + context "when running under Windows", :windows_only do + let(:cmd) { 'whoami.exe' } + let(:running_user) { shell_cmd.run_command.stdout.strip.downcase } + + context "when no user is set" do + # Need to adjust the username and domain if running as local system + # to match how whoami returns the information + + let(:local_system) { (ENV['USERNAME'].downcase == "#{ENV['COMPUTERNAME'].downcase}$") } + let(:domain) { local_system ? 'nt authority' : ENV['COMPUTERNAME'].downcase } + let(:user) { local_system ? 'system' : ENV['USERNAME'].downcase } + it "should run as current user" do + running_user.should eql("#{domain}\\#{user}") + end + end + + context "when user is set to Administrator" do + let(:user) { 'administrator' } + let(:domain) { ENV['COMPUTERNAME'].downcase } + let(:options) { { :domain => domain, :user => user, :password => 'vagrant' } } + + it "should run as Administrator" do + running_user.should eql("#{domain}\\#{user}") + end + end + end + context "with a live stream" do let(:stream) { StringIO.new } let(:ruby_code) { 'puts "hello"' } |