 |
 |
How to use sudo rake gems:install
To install the gems for a Ruby on Rails project, you can use rake: rake gems:install
To use sudo
To install the gems system-wide for all users, you can use the sudo command. You will need your sysadmin to install sudo, and to use the editor visudo to add you to the /etc/sudoers file. Your sysadmin will add a line like this: joe ALL = (ALL) ALL
sudo rake gems:install
To use sudo with a specific command
To provide more specific security, your sysadmin can provide the specific command joe ALL = (ALL) /usr/local/bin/rake
To use sudo with NOPASSWD
To provide more convenience, your sysadmin can use the setting NOPASSWD which skips the password prompt: joe ALL = NOPASSWD: /usr/local/bin/rake
To use sudo to require command arguments
To require command arguments, your sysadmin adds them to /etc/sudoers. For example, to give you permission to run rake gems:install and require you to specify a Rails environment: joe ALL = NOPASSWD: /usr/local/bin/rake gems\:install RAILS_ENV=*
sudo rake gems:install RAILS_ENV=test
Be aware that rake is a powerful command because it can execute arbirtrary Ruby code. For example, if a hacker has access to the "joe" account, then he could create his own rake task called gems:install, then run it as root.
To secure your sudo rake gems:install
To secure your setup, your sysadmin can specify the exact rake task to run. For example, the "gems:install" task is in the "gems.rake" file, which is in the Rails gem, which is in the Ruby directory. joe ALL = NOPASSWD: /usr/local/bin/rake
-F /usr/local/ruby/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/tasks/gems.rake
gems\:install RAILS_ENV=test