module User

Some user related helper methods

Public Instance Methods

drop_privileges() click to toggle source

Drop root privileges to original user @param [Proc] optional block to execut in context of user @returns [uid, gid] or result

# File lib/nub/user.rb, line 53
def drop_privileges
  result = nil
  uid = gid = nil

  # Drop privileges
  if Process.uid.zero?
    uid, gid = Process.uid, Process.gid
    user_uid = ENV['SUDO_UID'].to_i
    user_gid = ENV['SUDO_GID'].to_i
    Process::GID.grant_privilege(user_gid)
    Process::UID.grant_privilege(user_uid)
  end

  # Execute block if given
  begin
    result = Proc.new.call
    self.raise_privileges(uid, gid)
  rescue ArgumentError
    # No block given just return ids
    result = [uid, gid]
  rescue
    self.raise_privileges(uid, gid)
  end

  return result
end
drop_privileges!() click to toggle source

Correctly and permanently drops privileges timetobleed.com/5-things-you-dont-know-about-user-ids-that-will-destroy-you/ requires you drop the group before the user and use a safe solution

# File lib/nub/user.rb, line 42
def drop_privileges!
  if Process.uid.zero?
    nobody = Etc.getpwnam('nobody')
    Process::Sys.setresgid(nobody.gid, nobody.gid, nobody.gid)
    Process::Sys.setresuid(nobody.uid, nobody.uid, nobody.uid)
  end
end
name() click to toggle source

Get the real user taking into account sudo priviledges

# File lib/nub/user.rb, line 35
def name
  return Process.uid.zero? ? Etc.getpwuid(ENV['SUDO_UID'].to_i).name : ENV['USER']
end
raise_privileges(uid, gid) click to toggle source

Raise privileges if dropped earlier @param uid [String] uid of user to assume @param gid [String] gid of user to assume

# File lib/nub/user.rb, line 83
def raise_privileges(uid, gid)
  if uid and gid
    Process::UID.grant_privilege(uid)
    Process::GID.grant_privilege(gid)
  end
end
root?() click to toggle source

Check if the current user has root privileges

# File lib/nub/user.rb, line 30
def root?
  return Process.uid.zero?
end