#29 runAs doesn't work on agent on mac os

Author: NikolayPianikov

README.md

@@ -2,7 +2,7 @@
 
 When building, testing, and deploying an application with TeamCity, you may need to run a build under a specific user account, different from the one used to run the build agent.
 
-The teamcity-runas plugin can be used to run TeamCity build steps under a specified user account on Windows or Linux. See [Wiki](https://github.com/JetBrains/teamcity-runas-plugin/wiki) for more information:
+The teamcity-runas plugin can be used to run TeamCity build steps under a specified user account on Windows, Mac or Linux. See [Wiki](https://github.com/JetBrains/teamcity-runas-plugin/wiki) for more information:
 
 * [How to Install](https://github.com/JetBrains/teamcity-runas-plugin/wiki/How-to-install)
 

cmd/runAs_mac.sh

@@ -0,0 +1,171 @@
+#!/bin/bash
+
+# runAs (settings_file_name, command, bitness, password)
+if [ $# -eq 4 ];
+then
+	# unquote args
+	eval "argsFile="$1""
+	args=$(cat "$argsFile")
+	eval "command="$2""
+	eval "password="$4""
+
+    # ensure runAs user has the read/write access for temp directory
+	chmod a+rwX "$TMPDIR"
+
+	# if root
+	if [[ "$EUID" -eq 0 ]];
+	then
+		# auth
+		su -c "\"${0}\" auth \"$password\"" "$args"
+		authCode=$?
+
+		if [ "$authCode" = "0" ];
+		then
+			# su
+			su "$args" -c "\"$command\""
+			exit $?
+		else
+			echo "##teamcity[message text='Can't run under ROOT user' status='ERROR']"
+			exit 255
+		fi
+	fi
+
+	# if not root
+	# Check an agent will be able to remove temporary files
+	tmpScriptFile=$(mktemp "$TMPDIR"/XXXXXXXX)
+	tmpFile=$tmpScriptFile.tmp
+
+	echo "#!/bin/bash" > "$tmpScriptFile"
+	echo "touch \"$tmpFile\"" >> "$tmpScriptFile"
+	chmod a+rwx "$tmpScriptFile"
+
+	# Create temp file under the runAs user
+	"${0}" runAs "$args" "$tmpScriptFile" "$password" arg5 &>/dev/null
+	exitCode=$?
+
+	if [ "$exitCode" != "0" ];
+	then
+	  echo "##teamcity[message text='User \"$args\" has no required permissions for target directory|n \"$TMPDIR\".|n Make sure this user has permissions to write and to execute files in the target directory (rwx)|n and to search (X) in all its parent directories' status='ERROR']"
+	  exit 255
+	fi
+
+	# check that agent won't be able to remove temporary files created by the build step
+	rm "$tmpFile" &>/dev/null
+
+	if [ -f "$tmpFile" ]; then
+	  rm "$tmpScriptFile" &>/dev/null
+	  echo ##teamcity[message text='Incorrect runAs configuration: agent won't be able to remove temporary files created by the build step, see teamcity-agent.log for details .' status='ERROR']
+	  exit 1
+	else
+	  # forcible remove tmp file
+	  echo "#!/bin/bash" > "$tmpScriptFile"
+	  echo "rm \"$tmpFile\" &>/dev/null" >> "$tmpScriptFile"
+	  chmod a+rwx "$tmpScriptFile"
+	  "${0}" runAs "$args" "$tmpScriptFile" "$password" arg5 &>/dev/null
+	  rm "$tmpScriptFile" &>/dev/null
+	fi
+
+    # Run as user
+	"${0}" runAs "$args" "$command" "$password" arg5
+
+	exit $?
+fi
+
+# runAs (runAs, args, command, password, arg5)
+if [ $# -eq 5 ];
+then
+	# runAs without ROOT
+	if [ "$1" = "runAs" ];
+	then
+		# check installed socat
+		socat -h &>/dev/null
+		socatExitCode=$?
+		if [ "$socatExitCode" != "0" ];
+		then
+			echo "##teamcity[message text='socat was not installed, see https://github.com/JetBrains/teamcity-runas-plugin/wiki/How-to-install#teamcity-agent-on-linux' status='ERROR']"
+			exit 255
+		fi
+
+		args="$2"
+		command="$3"
+		password="$4"
+
+        tmpFile=$(mktemp "$TMPDIR"/XXXXXXXX)
+        touch "$tmpFile"
+		chmod a+rw "$tmpFile"
+
+		cmd="'${0}' su '$tmpFile' '$command' '$args' arg5"
+		eval "export -- SOCAT_CMD=\"$cmd\""
+
+		# run command
+		(
+		    # wait for password input
+			attempts=50
+			while [[ ! -s "$tmpFile" || attemps -gt 0 ]];
+		    do
+				sleep .1
+				attempts=$((attempts-1))
+			done
+
+			if [[ $attempts -eq 0 ]];
+			then
+				echo "##teamcity[message text='Error during sending password' status='ERROR']"
+				exit 255
+			fi
+
+			# send password to su stdIn
+			echo "$password"
+
+			# wait for process finish
+			while ps axg | grep "$tmpFile" | grep -v "grep" > /dev/null;
+			do
+				sleep .1
+			done
+		) | (
+			# su
+			socat - $'EXEC:"bash -exec +x \'eval $SOCAT_CMD\'",pty,ctty,setsid'
+		) 1> >(tee > "$tmpFile" >(grep -v "[Pp]assword:" >&1))
+
+		# if exit file is empty
+		if [ ! -s "$tmpFile" ];
+		then
+			exit 255
+		fi
+
+		# take exit code from file
+		read -r exitCode<"$tmpFile"
+		rm "$tmpFile" & > /dev/null
+
+		exit $exitCode
+	fi
+
+	# change the user
+	# su (su, tmp_file, command, args, arg5)
+	if [ "$1" = "su" ];
+	then
+		tmpFile="$2"
+		command="$3"
+		args="$4"
+
+		su "$args" -c "\"$command\""
+		exitCode=$?
+
+		echo -e "$exitCode\n" > "$tmpFile"
+		exit $exitCode
+	fi
+fi
+
+echo Invalid arguments. >&2
+echo Usage: runAs.sh settings_file_name command_file_name bitness password >&2
+if [[ "$EUID" -eq 0 ]];
+then
+	exit 0
+else
+	# check installed socat
+	socat -h &>/dev/null
+	if [ "$?" = "0" ];
+	then
+	exit 0
+	fi
+fi
+exit 255

runAs-agent/src/main/java/jetbrains/buildServer/runAs/agent/Environment.java

@@ -0,0 +1,5 @@
+package jetbrains.buildServer.runAs.agent;
+
+public interface Environment {
+  OperationSystem getOperationSystem();
+}

runAs-agent/src/main/java/jetbrains/buildServer/runAs/agent/EnvironmentImpl.java

@@ -0,0 +1,18 @@
+package jetbrains.buildServer.runAs.agent;
+
+import com.intellij.openapi.util.SystemInfo;
+
+public class EnvironmentImpl implements Environment {
+  @Override
+  public OperationSystem getOperationSystem() {
+    if(SystemInfo.isWindows) {
+      return OperationSystem.Windows;
+    }
+
+    if(SystemInfo.isMac) {
+      return OperationSystem.Mac;
+    }
+
+    return OperationSystem.Other;
+  }
+}

runAs-agent/src/main/java/jetbrains/buildServer/runAs/agent/OperationSystem.java

@@ -0,0 +1,9 @@
+package jetbrains.buildServer.runAs.agent;
+
+public enum OperationSystem {
+  Windows,
+
+  Mac,
+
+  Other
+}