Module: Portless::Privilege

Defined in:

lib/portless/privilege.rb

Overview

The whole privileged-port trick (ports < 1024): re-exec the CLI under sudo so the elevated process binds the socket itself, then chown state files back to the invoking user. Fall back to the unprivileged port 1355 if sudo is denied and no explicit port was asked for. Refuse silently-in-CI. Mirrors portless.

Class Method Summary

• .interactive? ⇒ Boolean

  A real terminal we can prompt on.

• .needs_sudo?(port) ⇒ Boolean
• .portless_env_args ⇒ Object
• .privileged_port?(port) ⇒ Boolean
• .program ⇒ Object

  The executable to re-invoke.

• .reexec_with_sudo(args) ⇒ Object

  Re-run this CLI under sudo, preserving PORTLESS_* env (sudo strips env).

• .root? ⇒ Boolean
• .truthy(value) ⇒ Object

Class Method Details

.interactive? ⇒ Boolean

A real terminal we can prompt on. CI / no-TTY must never hang on a sudo password — callers turn this into a clear error or the 1355 fallback.

Returns:

• (Boolean)

# File 'lib/portless/privilege.rb', line 23

def interactive?
  $stdin.tty? && $stdout.tty? && !truthy(ENV["CI"])
end

.needs_sudo?(port) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/portless/privilege.rb', line 17

def needs_sudo?(port)
  !Constants::WINDOWS && privileged_port?(port) && !root?
end

.portless_env_args ⇒ Object

# File 'lib/portless/privilege.rb', line 34

def portless_env_args
  ENV.select { |k, _| k.start_with?("PORTLESS") }.map { |k, v| "#{k}=#{v}" }
end

.privileged_port?(port) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/portless/privilege.rb', line 15

def privileged_port?(port) = port.to_i < Constants::PRIVILEGED_PORT_THRESHOLD

.program ⇒ Object

The executable to re-invoke. $PROGRAM_NAME is the exe path (gem wrapper or exe/rb-portless in dev).

# File 'lib/portless/privilege.rb', line 40

def program = $PROGRAM_NAME

.reexec_with_sudo(args) ⇒ Object

Re-run this CLI under sudo, preserving PORTLESS_* env (sudo strips env). Returns true on success. stdio is inherited so the password prompt shows.

# File 'lib/portless/privilege.rb', line 29

def reexec_with_sudo(args)
  cmd = [ "sudo", "env", *portless_env_args, RbConfig.ruby, program, *args ]
  system(*cmd)
end

.root? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/portless/privilege.rb', line 13

def root? = Process.respond_to?(:uid) && Process.uid.zero?

.truthy(value) ⇒ Object

# File 'lib/portless/privilege.rb', line 42

def truthy(value) = %w[1 true yes].include?(value.to_s.downcase)