Tags:
create new tag
view all tags
%FORTUNE{small="yes"}%

Programs Plugin

[ move discussions to ProgramsPluginDev ]

This is a generalization of the (discontinued) PrologPlugin:

  • You can run programs in a somewhat controlled setting
  • You can add new tags/programs just by editing this page
    • some sanity checking is done at tag usage (args and domains)
  • you can use the declared tags also as form ACTIONs by means of the enclosed doit script (see DoItExamples)
  • you can execute the program at save time and cache its results (see TWiki:Codev/PoorManCache)
  • the initialization of the plugin is cached to speed its start-up

Security issues

  • Keep this topic protected by properly setting the two lines below:
  • BEWARE: the isChrooted feature is NOT YET IMPLEMENTED. The programs are run in the web or in the attachment dir, USE AT YOUR OWN RISK



HOWTO: Defining a new tag/program and its arguments

First you list all the desired tags

  • Use capitals (preferred) if you want capitalized tags
  • You can deactivate a tag (but leave all its definitions) by just removing it from next line
    • Set TAGS = BASH, MAKE, PROLOG, FORTUNE, PDFLATEX

Then you define each tag by editing the table below

  • Remember to define the command to be run with all its arguments
    • the last column lists argument names, remember to list them! (else they would silently be ignored).
    • the command is written <command> < <stdin> to define both the command and the stdin formats, else you can use the simpler <command> syntax
    • use $arg1 ... $argn as placeholders for formatted arguments with names arg1 ... argn, remember to use all of them! (else they would silently be ignored).
    • the isChrooted argument IS NOT HONORED YET!, use at your own risk.

Tag Command isChrooted Description Args
BASH bash -s < $code no Run bash interpreter code
MAKE make $file $target $fake $silent no Run make on a target file, target, fake, silent
PROLOG gprolog $goal $init $entry $query no Run GnuProlog interpreter goal, init, entry, query, CSTRSZ, GLOBALSZ, TRAILSZ, LOCALSZ
FORTUNE /usr/games/fortune $file $match $small $big no pulls a fortune cookie out of the jar file, match, small, big
PDFLATEX pdflatex $file no produces a PDF file from a LaTeX text file file

... Any other idea? ...

Finally you define each allowed parameter

  • Use a table row for each tag and arg, (beware of the case! use the same you used in the tag table above).
    • use the format column to define the argument usage
    • use $arg as a placeholder for the argument value
    • use the domain column to restrict the admissible values to a (comma-separated) fixed set
    • use the isEnvVar column to declare environment variables

Tag Arg Default isEnvVar Format Description Domain
BASH code   no $code ; exit Code to be executed  
MAKE target   no $target target to be made  
MAKE file   no -f $file Filename of the \'Makefile\'  
MAKE fake   no -n Do a dry run just to see what would come out 0, 1
MAKE silent   no -s Do not print the commands applied 0, 1
PROLOG goal   no --init-goal $goal,halt;halt Code to be executed without prompt  
PROLOG init   no --init-goal $init Code to be executed at initialization  
PROLOG entry   no --entry-goal $entry Code to be executed before prompt  
PROLOG query   no --query-goal $query Code to be executed at the prompt  
PROLOG CSTRSZ 3072 yes $CSTRSZ Size of the constraint memory area  
PROLOG GLOBALSZ 8192 yes $GLOBALSZ Size of the heap memory area  
PROLOG TRAILSZ 3072 yes $TRAILSZ Size of the trail memory area  
PROLOG LOCALSZ 4096 yes $LOCALSZ Size of the local memory area  
FORTUNE file   no -f $file File containing the cookies  
FORTUNE match   no -m $match ... you are looking for a cookie with this pattern ...  
FORTUNE small   no -s small cookies only  
FORTUNE big   no -l big cookies only  
PDFLATEX file   no $file File containing the LaTeX text  

All tags accept also the following (hard-coded) args

Arg Default isEnvVar Format Description Domain
when view no   When the code should be executed view, save
timeout 5 no   Timeout in seconds  
format $stdout no   Format for the replacement string (use $stdout,$stdin,$stderr)  
dir web no   Directory wher the program runs: web or topic (attachment) web, topic
cachedvalue   no   Contains the value cached at save time (do not use)  

And then you use it in forms also!

If the plugin is properly installed just press this button! (See also DoItExamples)


Tips and tricks

  • use when="save" to run the program at save time and cache the result (this speeds-up the view!)
  • use dir="web" to run the program in the topic's web
    • useful to use other topics as source files ...
      • in some cases we are luky, the META tags do not interferes (prolog, make)
  • use dir="topic" to run the program in the topic's attachments dir
    • useful if you want to create attachments reachable with the %ATTACHURL% tag
  • use a looooong timeout together with when="save" to run long programs and cache the result

Installation

  • Use a version of Plugins.pm that supports OO-Plugins (attached)
  • Install the CPAN IPC::Run and Storable modules.
  • Patch Store.pm to get rid of <verbatim> tags during beforeSaveHandler (attached)
  • You definitely want the TWiki:Plugins/EditTablePlugin to edit the above tables
  • Unzip the package in your TWiki dir
    • If you like, move the Plugins/* files to the TWiki Web
  • Activate ONLY the tags you need (e.g. the BASH tag is a RISK!)
  • protect the ProgramsPlugin topic to avoid improper use
  • protect the doit script by adding the following lines to bin/.htaccess
<Files "doit">
   require valid-user
</Files>

Check if it works

  • you will see a fortune cookie at beginning of this page (if fortune is installed)

TODO

  • Security issues: how to limit malicious usage?
    • use chroot/jail (automatic setup and execution)
    • use a jailed and virtual environment? (plex86, user-mode-linux, bochs, ...)
    • enforce other limits (disk quota, ...)
    • do better checks of the definitions read
    • restrict specific tags only to specific group of users on a per-web basis
      • introduce a TAGS variable at Web/TWikiPreferences level
  • make a wider usage of 'format' args
  • refactor good code to a general Plugin.pm object
    • cache of the values computed at initialization


General settings

  • Short description of this Plugin
    • Set SHORTDESCRIPTION = Runs a command in a slightly controlled environment
  • Set to 1 to view the command that would be executed
    • Set DEBUG = 0

Examples

Example of a BASH execution

| *stdout* | *stderr* |
%BASH{
   code="echo -n 'Hello world from BASH'"
   format="| $stdout  | $stderr  |"
   when="save"
}%

stdout stderr
%SAVEDBASH{ code="echo -n 'Hello world from BASH'" format="| $stdout | $stderr |" when="save" cachedval="| Hello world from BASH | |"}%


Example of a MAKE execution

%MAKE{
   dir="web"
   file="MakefileExample.txt"
   target="hello"
   silent="1"
   format="
Output:<font color=blue>$stdout</font>
Errors:<font color=red>$stderr</font>
"
   when="save"
}%

%SAVEDMAKE{
   dir="web"
   file="MakefileExample.txt"
   target="hello"
   silent="1"
   format="
Output:$stdout
Errors:$stderr
"
   when="save"
 cachedval="
Output:Hello world from MAKE!

Errors:
"}%


Example of GnuProlog execution

%PROLOG{
   goal="format('Hello world from Gnuprolog.\n',[])"
   when="save"
}%

%SAVEDPROLOG{
   goal="format('Hello world from Gnuprolog.\n',[])"
   when="save"
 cachedval="Hello world from Gnuprolog.
"}%

Example of timed-out processes

%SAVEDBASH{
   code="for ((I=1;I<100;I++)) ; do sleep 1 ; echo 'Hello BASH World!' ; done"
   when="save"
 cachedval="Hello BASH World!
Hello BASH World!
Hello BASH World!
Hello BASH World!
Hello BASH World!
BASH process timed out after 5 seconds."}%
%SAVEDPROLOG{
   goal="repeat,sleep(1),format('Hello world from Gnuprolog.\n',[]),fail"
   when="save"
 cachedval="Hello world from Gnuprolog.
Hello world from Gnuprolog.
Hello world from Gnuprolog.
Hello world from Gnuprolog.
Hello world from Gnuprolog.
PROLOG process timed out after 5 seconds."}%


Plugin Info

Plugin Author: TWiki:Main.AndreaSterbini
Plugin Version: 1.000
Change History: 6 Sep 2003: Initial version
CPAN Dependencies: IPC::Run, Storable
Perl Version: 5.0
Plugin Home: http://TWiki.org/cgi-bin/view/Plugins/ProgramsPlugin
Feedback: http://TWiki.org/cgi-bin/view/Plugins/ProgramsPluginDev

-- TWiki:Main.AndreaSterbini - 06 Sep 2003

Topic attachments
I Attachment History Action Size Date Who Comment
Perl source code filepm Plugins.pm r1 manage 14.1 K 2003-09-06 - 10:05 UnknownUser version with OO plugins (first implem.)
Compressed Zip archivetgz ProgramsPlugin.tgz r2 r1 manage 20.8 K 2003-09-06 - 22:19 UnknownUser version 1.000 (with doit)
Unknown file formatdiff Store-verbatim.diff r1 manage 0.7 K 2003-09-06 - 10:06 UnknownUser avoids running beforeSaveHandler on verbatims
Edit | Attach | Watch | Print version | History: r6 < r5 < r4 < r3 < r2 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r6 - 2012-12-03 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.