File: commands.cf

package info (click to toggle)
cfengine3 3.24.2-1
links: PTS, VCS
area: main
in suites: forky, sid
size: 37,552 kB
sloc: ansic: 163,161; sh: 10,296; python: 2,950; makefile: 1,744; lex: 784; yacc: 633; perl: 211; pascal: 157; xml: 21; sed: 13
file content (309 lines) | stat: -rw-r--r-- 7,510 bytes
parent folder | download | duplicates (3)
# Commands bodies

bundle agent daemonize(command)
# @brief Run a command as a daemon. I.e., fully detaches from Cfengine.
# @param command The command to run detached
# Note: There will be no output from the command reported by cf-agent. This
# bundle has no effect on windows
#
# **Example:**
# ```cf3
# methods:
#   "Launch Daemon"
#     usebundle => daemonize("/bin/sleep 30");
# ```
{
  commands:
    !windows::
      "exec 1>&-; exec 2>&-; $(command) &"
        contain => in_shell;

  reports:
    "windows.(DEBUG|DEBUG_$(this.bundle))"::
      "DEBUG $(this.bundle): This bundle does not support Windows";
}

##-------------------------------------------------------
## contain
##-------------------------------------------------------

body contain powershell
# @brief Run command with powershell (windows only)
#
# **Example:**
#
# ```cf3
#  commands:
#    windows::
#      'schtasks /DELETE /TN "$(_taskname)" /F'
#        contain => powershell;
# ```
#
# **History:**
#
# * Introduced in 3.17.0
{
        useshell => "powershell";
}

body contain silent
# @brief suppress command output
{
      no_output => "true";
}

##

body contain in_dir(dir)
# @brief run command after switching to directory "dir"
# @param dir directory to change into
#
# **Example:**
#
# ```cf3
#  commands:
#    "/bin/pwd"
#      contain => in_dir("/tmp");
# ```
{
      chdir => "$(dir)";
}

##

body contain in_dir_shell(dir)
# @brief run command after switching to directory "dir" with full shell
# @param dir directory to change into
#
# **Example:**
#
# ```cf3
#  commands:
#    "/bin/pwd | /bin/cat"
#      contain => in_dir_shell("/tmp");
# ```
{
      chdir => "$(dir)";
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
}

##

body contain silent_in_dir(dir)
# @brief run command after switching to directory and suppress output
# @param dir directory to change into
#
# **Example:**
#
# ```cf3
#    "/bin/pwd"
#      contain => silent_in_dir("/tmp");
# ```
{
      chdir => "$(dir)";
      no_output => "true";
}

##

body contain in_shell
# @brief run command in shell
#
# **Example:**
#
# ```cf3
#  commands:
#    "/bin/pwd | /bin/cat"
#      contain => in_shell;
# ```
{
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
}

##

body contain in_shell_bg
# @brief deprecated
# This bundle previously had an invalid background attribute that was caught by
# parser strictness enhancements. Backgrounding is handeled by the body action
# background attribute.
{
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
}

##

body contain in_shell_and_silent
# @brief run command in shell and suppress output
#
# **Example:**
#
# ```cf3
#  commands:
#    "/bin/pwd | /bin/cat"
#      contain => in_shell_and_silent,
#      comment => "Silently run command in shell";
# ```
{
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
      no_output => "true";
}

##

body contain in_dir_shell_and_silent(dir)
# @brief run command in shell after switching to 'dir' and suppress output
# @param dir directory to change into
#
# **Example:**
#
# ```cf3
#  commands:
#    "/bin/pwd | /bin/cat"
#      contain => in_dir_shell_and_silent("/tmp"),
#      comment => "Silently run command in shell";
# ```

{
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
      no_output => "true";
      chdir => "$(dir)";
}

##

body contain setuid(owner)
# @brief run command as specified user
# @param owner username or uid to run command as
#
# **Example:**
#
# ```cf3
#  commands:
#    "/usr/bin/id"
#      contain => setuid("apache");
#    "/usr/bin/id"
#      contain => setuid("503");
# ```
{
      exec_owner => "$(owner)";
}

##

body contain setuid_sh(owner)
# @brief run command as specified user in shell
# @param owner username or uid to run command as
#
# **Example:**
#
# ```cf3
#  commands:
#    "/usr/bin/id | /bin/cat"
#      contain => setuid("apache");
#    "/usr/bin/id | /bin/cat"
#      contain => setuid("503");
# ```
{
      exec_owner => "$(owner)";
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
}

##

body contain setuidgid_dir(owner,group,dir)
# @brief run command as specified owner and group in shell
# @param owner username or uid to run command as
# @param group groupname or gid to run command as
# @param dir directory to run command from
{
      exec_owner => "$(owner)";
      exec_group => "$(group)";
      chdir      => "$(dir)";
}

##

body contain setuidgid_sh(owner,group)
# @brief run command as specified owner and group in shell
# @param owner username or uid to run command as
# @param group groupname or gid to run command as
{
      exec_owner => "$(owner)";
      exec_group => "$(group)";
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
}

##

body contain jail(owner,jail_root,dir)
# @brief run command as specified user in specified directory of jail
# @param owner username or uid to run command as
# @param jail_root path that will be the root directory for the process
# @param dir directory to change to before running command (must be within 'jail_root')
{
      exec_owner => "$(owner)";
      useshell => "true"; # canonical "useshell" but this is backwards-compatible
      chdir => "$(dir)";
      chroot => "$(jail_root)";
}

##

body contain setuid_umask(owner, umask)
# @brief run command as specified user with umask
#
#
# | Valid Values | Umask | Octal (files) |  Symbolic (files)  | Octal (dirs) | Symbolic (dirs) |
# |--------------|-------|-------|-------------|-------|-------------|
# | `0`          | `000` | `666` | `(rw-rw-rw-)` | `777` | `(rwxrwxrwx)` |
# | `002`        | `002` | `664` | `(rw-rw-r--)` | `775` | `(rwxrwxr-x)` |
# | `22`, `022`  | `022` | `644` | `(rw-r--r--)` | `755` | `(rwxr-xr-x)` |
# | `27`, `027`  | `027` | `640` | `(rw-r-----)` | `750` | `(rwxr-x---)` |
# | `77`, `077`  | `077` | `600` | `(rw-------)` | `700` | `(rwx------)` |
# | `72`, `072`  | `072` | `604` | `(rw----r--)` | `705` | `(rwx---r-x)` |
#
# @param owner username or uid to run command as
# @param umask controls permissions of created files and directories
#
# **Example:**
#
# ```cf3
#  commands:
#    "/usr/bin/git pull"
#      contain => setuid_umask("git", "022");
# ```
{
      exec_owner => "$(owner)";
      umask => "$(umask)";
}

body contain setuid_gid_umask(uid, gid, umask)
# @brief run command as specified user with umask
#
#
# | Valid Values | Umask | Octal (files) |  Symbolic (files)  | Octal (dirs) | Symbolic (dirs) |
# |--------------|-------|-------|-------------|-------|-------------|
# | `0`          | `000` | `666` | `(rw-rw-rw-)` | `777` | `(rwxrwxrwx)` |
# | `002`        | `002` | `664` | `(rw-rw-r--)` | `775` | `(rwxrwxr-x)` |
# | `22`, `022`  | `022` | `644` | `(rw-r--r--)` | `755` | `(rwxr-xr-x)` |
# | `27`, `027`  | `027` | `640` | `(rw-r-----)` | `750` | `(rwxr-x---)` |
# | `77`, `077`  | `077` | `600` | `(rw-------)` | `700` | `(rwx------)` |
# | `72`, `072`  | `072` | `604` | `(rw----r--)` | `705` | `(rwx---r-x)` |
#
# @param uid username or uid to run command as
# @param gid group name or gid to run command as
# @param umask controls permissions of created files and directories
#
# **Example:**
#
# ```cf3
#  commands:
#    "/usr/bin/git pull"
#      contain => setuid_gid_umask("git", "minions", "022");
# ```
{
      exec_owner => "$(uid)";
      exec_group => "$(uid)";
      umask => "$(umask)";
}