Browse Source

Added support of "srv0-gem"

Dmitry Yu Okunev 4 years ago
parent
commit
eb4ac8373f
3 changed files with 102 additions and 0 deletions
  1. 31 0
      _context-chruby-run
  2. 3 0
      context-chruby-run
  3. 68 0
      remotewrapper-gem

+ 31 - 0
_context-chruby-run

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+CONTEXT="$1";     shift
+RUBYVERSION="$1"; shift
+
+if [ "$CONTEXT" = "" ]; then
+	echo "    Internal error: /opt context is not set" >&2
+	exit 4
+fi
+
+if [ "$RUBYVERSION" = "" ]; then
+	echo "    Internal error: Ruby version is not set" >&2
+	exit 4
+fi
+
+SYS_MNT_NS="$(sudo readlink /proc/1/ns/mnt)"
+MY_MNT_NS="$(readlink /proc/self/ns/mnt)"
+
+if [ "$SYS_MNT_NS" = "$MY_MNT_NS" ]; then
+	echo "    Internal error: Wrong MNT namespace" >&2
+	exit 4
+fi
+
+mount --bind /srv/share/nfs/opt/"$CONTEXT" /opt
+source /usr/local/share/chruby/chruby.sh
+chruby "$RUBYVERSION"
+runuser -u nobody -g "$CONTEXT" $@
+RC="$?"
+umount -l /opt
+
+exit $RC

+ 3 - 0
context-chruby-run

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec unshare -m _context-chruby-run $@

+ 68 - 0
remotewrapper-gem

@@ -0,0 +1,68 @@
+#!/bin/bash
+
+CONTEXT="$1"; shift
+ARGS=($@)
+
+if [ "$CONTEXT" = "-c" ]; then
+	ARGS_ALL=($@)
+	CONTEXT="${ARGS_ALL[0]}"
+	ARGS=(${ARGS_ALL[@]:1})
+fi
+
+RUBYVERSION="${ARGS[0]}"
+CMD="${ARGS[1]}"
+ARGS=(${ARGS[@]:2})
+
+if [ "$CONTEXT" = "" ]; then
+	echo "    Error: /opt context is not set" >&2
+	exit 2
+fi
+
+if [ "$RUBYVERSION" = "" ]; then
+	echo "    Error: Ruby version is not set" >&2
+	exit 2
+fi
+
+run() {
+	exec sudo context-chruby-run "$CONTEXT"  "$RUBYVERSION" gem $@
+}
+
+forbidden() {
+	echo '    This command is forbidden' >&2
+	exit 1
+}
+
+help() {
+	gem help $@ | sed -e 's/ gem/ srv0-gem/g'
+	exit 0
+}
+
+cmd_proc() {
+	case "$CMD" in
+		install)
+			run install $@
+			;;
+		list)
+			run list $@
+			;;
+		build)
+			forbidden $@
+			;;
+		server)
+			forbidden $@
+			;;
+		help)
+			help $@
+			;;
+		"")
+			help $@
+			;;
+		*)
+			#exec gem help
+			echo "    Unknown or forbidden command $CMD" >&2
+			exit 1
+			;;
+	esac
+}
+
+cmd_proc $ARGS