module User
Some user related helper methods
Public Instance Methods
drop_privileges()
click to toggle source
Drop root privileges to original user @param [Proc] optional block to execut in context of user @returns [uid, gid] or result
# File lib/nub/user.rb, line 53 def drop_privileges result = nil uid = gid = nil # Drop privileges if Process.uid.zero? uid, gid = Process.uid, Process.gid user_uid = ENV['SUDO_UID'].to_i user_gid = ENV['SUDO_GID'].to_i Process::GID.grant_privilege(user_gid) Process::UID.grant_privilege(user_uid) end # Execute block if given begin result = Proc.new.call self.raise_privileges(uid, gid) rescue ArgumentError # No block given just return ids result = [uid, gid] rescue self.raise_privileges(uid, gid) end return result end
drop_privileges!()
click to toggle source
Correctly and permanently drops privileges timetobleed.com/5-things-you-dont-know-about-user-ids-that-will-destroy-you/ requires you drop the group before the user and use a safe solution
# File lib/nub/user.rb, line 42 def drop_privileges! if Process.uid.zero? nobody = Etc.getpwnam('nobody') Process::Sys.setresgid(nobody.gid, nobody.gid, nobody.gid) Process::Sys.setresuid(nobody.uid, nobody.uid, nobody.uid) end end
name()
click to toggle source
Get the real user taking into account sudo priviledges
# File lib/nub/user.rb, line 35 def name return Process.uid.zero? ? Etc.getpwuid(ENV['SUDO_UID'].to_i).name : ENV['USER'] end
raise_privileges(uid, gid)
click to toggle source
Raise privileges if dropped earlier @param uid [String] uid of user to assume @param gid [String] gid of user to assume
# File lib/nub/user.rb, line 83 def raise_privileges(uid, gid) if uid and gid Process::UID.grant_privilege(uid) Process::GID.grant_privilege(gid) end end
root?()
click to toggle source
Check if the current user has root privileges
# File lib/nub/user.rb, line 30 def root? return Process.uid.zero? end