8 comments

[ 3.0 ms ] story [ 27.5 ms ] thread
Very creative and useful!
This is a great open source tool. Very useful.
It's MIT-licensed, which is great. I don't so much need a web interface to grep on my own servers, but would very much like to embed something like this into my product.

I can imagine it would be extremely useful to an ops team; my whole life is driven off my browser bookmark bar, and this presumably lets people bookmark server logs.

Under the hood, this is single-threaded EventMachine, using EventMachine::popen to relay output from processes to the client, and HTTP chunked encoding to push results to the browser. It's HTTP Basic Auth only, and it runs Actual Unix Commands, so make that password good.

Nicely done!

Yea that's a good point. You really don't want to have someone else access your clarity installation. This takes URL parameters and runs them on the command line. Probably the most insecure thing invented by man. Hide it will.
No, the most insecure things invented by people take URL parameters from unauthenticated requests and run them on the command line.

I didn't audit the code or anything, but all the request processing is gated by a function that requires HTTP basic-auth, which is at least hard to screw up. To accidentally add a function that bypasses auth, they'd have to write an entire new request handler chain.

That said, I noticed the same thing (popen), and if I was going to integrate this with our product, I'd hardcode the command line.

Absolutely right. It is maybe not insecure in itself. But as we all know: More possibilities to get into the server increases the possibility for an attacker to find an open door. Maybe everybody who has the right to grep and tail should get ssh access anyway. But wether or not this App is useful: Nice implementation. Looks usable and gives clear output.
any idea how to port this line of code to work on a MS Windows ruby platform?

    %[sh -c '#{results.join(" | ")}']
~ I've tried a few things but keep getting this: Running: sh -c 'grep -e hello access.log'

This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information.

Actually that error is being thrown when the shell command hits EventMachine::popen

hmm...