I am building a small system administration web application (think Web-Min, but in RoR) and I need to be able to access system parameters from my Ruby code. For instance, I want to allow the user to change the hostname, time zone, or network config of the server.
My current thoughts are to have a separate setuid script (Perl, Ruby, ??) so that I can call it from my RoR code and it will perform the actions. That is quite cumbersome and not very elegant. I'm a Ruby newbie and would like to know if there is a better way to accomplish this type of thing.
Thanks!
Ruby's and Ruby on Rails' Overall Popularity Although way behind main contenders, such as PHP or Python, Ruby still makes the cut for the 20 most popular programming languages list in 2022. The 2022 edition of Stack Overflow Annual Developer Survey also places RoR in a similar spot.
Go to Websites & Domains and click Ruby. After gems installation you can try to run a Rake task by clicking Run rake task. In the opened dialog, you can provide some parameters and click OK – this will be equivalent to running the rake utility with the specified parameters in the command line.
Rake is a popular task runner for Ruby and Rails applications. For example, Rails provides the predefined Rake tasks for creating databases, running migrations, and performing tests. You can also create custom tasks to automate specific actions - run code analysis tools, backup databases, and so on.
Rails scaffolding is a quick way to generate some of the major pieces of an application. If you want to create the models, views, and controllers for a new resource in a single operation, scaffolding is the tool for the job.
There was a series of RailsCasts episodes that covered background tasks.
Most fittingly to your problem is perhaps "Rake in Background", which could be a good starting point? As the name suggests, it covers triggering rake tasks from Ruby on Rails.
The most obvious solution to changing system-settings would be to have a daemon running as root, which accepts a few (very limited and strictly sanitised) inputs, such as a new hostname, or the new IP address for the server.. The other episodes "Starling and Workling" and "Custom Daemon" may help with this too.
A cleaner solution would be to use sudo
. There's two (similar) ways to do this I can think of:
Allow sudo access to certain commands (like hostname
, ifconfig
) to the user that will run the rake tasks. This can have big security problems. My favourite example of this is allowing sudo access to vim, which seems innocuous, until you run sudo vim
, then !bash
and suddenly you have full-root access to a machine via text editor..
The other way (that is easier to do securely) - have a rake task (or a few separate scripts) that performs the required tasks (changing hostname, for example). Say, /usr/bin/myapp_systemtasks
owned by root:root
, then allow sudo access to that script. Make sure you are very careful to sanitise the input that script accepts (to prevent things like shell-escaping).
So, there are ways to do it, but at the end of the day you are making a web-interface to system-level configurations, which is very difficult to do securely.. Whatever you decide to do, make sure it's well tested (by you, and others)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With