Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

blewithin does not seem to respect as #373

Open
cbowdon opened this issue Oct 6, 2016 · 3 comments
Open

blewithin does not seem to respect as #373

cbowdon opened this issue Oct 6, 2016 · 3 comments
Labels
bug? help wanted

Comments

@cbowdon
Copy link

cbowdon commented Oct 6, 2016
edited
Loading

From the readme, within/as/with should be stackable. But this scenario, that does not work as expected:

require 'sshkit'
require 'sshkit/dsl'

include SSHKit::DSL

# Set up a directory that your user cannot enter
`sudo mkdir -p /tmp/only_root`
`sudo chmod og-rwx /tmp/only_root`

on :local do
  # But root should be able to enter it...
  as :root do
    within '/tmp/only_root' do
      execute :ls # --> Permission denied
    end
  end
end

It looks like within always runs as the user executing the script, which is unexpected. I would have thought that it's done as the user of the enclosing as. I've tried with the local and netssh backends and get the same results.

This is with SSHKit 1.11.3 and Ruby 2.3.1 on Centos 6.
@mattbrictson
Copy link
Member

Thanks for the report. You're right, the within is always evaluated first. So if you need to become a different user to enter the directory, it will fail.

The reason for this is that the various DSL methods are executed in a fixed order:

within -> with -> as

This is always the order; the way that you nest them does not have any effect, which I agree is somewhat counterintuitive.

Changing SSHKit's behavior in this regard would be risky for us, because it would affect the commands that are executed for everyone that uses nesting. For now, I would encourage you to find a workaround.

I'll leave this issue open just in case it is something the maintainers want to tackle for a future backwards-incompatible version of SSHKit.

@cbowdon
Copy link
Author

cbowdon commented Oct 6, 2016

Thanks for the prompt response and explanation. I misunderstood the README about them being nestable and stackable in any order as meaning they would also be evaluated in that order. I'm happy finding a workaround, but it would be nice to make the execution order explicit in the README. (Apologies if it is but I didn't find it.)

@mattbrictson
Copy link
Member

FYI, the execution order in the code is specified here:

sshkit/lib/sshkit/command.rb

Lines 191 to 206 in 72a39a2

def to_command
return command.to_s unless should_map?
within do
umask do
with do
user do
in_background do
group do
to_s
end
end
end
end
end
end
end

If someone wants to contribute a PR with an explanation for the README, please do!

@cbowdon cbowdon changed the title within does not seem to respect as blewithin does not seem to respect as Oct 10, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug? help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mattbrictson @cbowdon