Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Multiple groups support #102

Open
wants to merge 4 commits into from

1 participant

@icy

Allow a process to run under different groups

God.watch do |w|
  w.gid = "foo"
  w.gids = %w{bar rvm admin}
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jul 20, 2012
  1. @icy
  2. @icy

    Ensure gids_num to be defined

    icy authored
Commits on Nov 6, 2012
  1. @icy

    Merge tag 'v0.13.1' into mgroups

    icy authored
  2. @icy

    mgroups: Add simple tests

    icy authored
This page is out of date. Refresh to see the latest.
Showing with 31 additions and 1 deletion.
  1. +15 −1 lib/god/process.rb
  2. +16 −0 test/test_process.rb
View
16 lib/god/process.rb
@@ -4,7 +4,7 @@ class Process
attr_accessor :name, :uid, :gid, :log, :log_cmd, :err_log, :err_log_cmd,
:start, :stop, :restart, :unix_socket, :chroot, :env, :dir,
- :stop_timeout, :stop_signal, :umask
+ :stop_timeout, :stop_signal, :umask, :gids
def initialize
self.log = '/dev/null'
@@ -80,6 +80,18 @@ def valid?
end
end
+ # if multiple gids is provided
+ if self.gids
+ self.gids.each do |g|
+ begin
+ Etc.getgrnam(g)
+ rescue ArgumentError
+ valid = false
+ applog(self, :error, "GID for '#{g}' does not exist")
+ end
+ end
+ end
+
# dir must exist and be a directory if specified
if self.dir
if !File.exist?(self.dir)
@@ -289,10 +301,12 @@ def spawn(command)
File.umask self.umask if self.umask
uid_num = Etc.getpwnam(self.uid).uid if self.uid
gid_num = Etc.getgrnam(self.gid).gid if self.gid
+ gids_num = (self.gids || []).map{|g| Etc.getgrnam(g).gid}
::Dir.chroot(self.chroot) if self.chroot
::Process.setsid
::Process.groups = [gid_num] if self.gid
+ ::Process.groups |= gids_num unless gids_num.empty?
::Process::Sys.setgid(gid_num) if self.gid
::Process::Sys.setuid(uid_num) if self.uid
self.dir ||= '/'
View
16 test/test_process.rb
@@ -72,6 +72,22 @@ def test_valid_should_return_false_if_gid_does_not_exists
assert !@p.valid?
end
+ def test_valid_should_return_true_if_gids_exists
+ @p.start = 'qux'
+ @p.log = '/tmp/foo.log'
+ @p.gids = %w{wheel root}
+
+ assert @p.valid?
+ end
+
+ def test_valid_should_return_false_if_gids_does_not_exists
+ @p.start = 'qux'
+ @p.log = '/tmp/foo.log'
+ @p.gids = %w{foobarbaz root}
+
+ assert !@p.valid?
+ end
+
def test_valid_should_return_true_if_dir_exists
@p.start = 'qux'
@p.log = '/tmp/foo.log'
Something went wrong with that request. Please try again.