[pmwiki-users] New Recipe: WikiSh

Chris Cox ccox at airmail.net
Fri Feb 1 10:10:32 CST 2008 

Peter & Melodye Bowers wrote:
>> -----Original Message-----
>> From: pmwiki-users-bounces at pmichaud.com [mailto:pmwiki-users-
>> bounces at pmichaud.com] On Behalf Of Chris Cox
>> Sent: Thursday, January 31, 2008 8:29 PM
>> To: pmwiki-users at pmichaud.com
>> Subject: Re: [pmwiki-users] New Recipe: WikiSh
>>
>> We use one we call "shellout".  It merely allows you to
>> execute a shell command.  The security is that the
>> program has to be in /usr/local/sbin (which we'll assume
>> is root controlled).
>>
>> Usage:
>>
>> (:shellout cmd=mycustomcommand parms="arguments to pass":)
> 
> Do you have any "library functions" which help in parsing pages and writing
> pages from a shell perspective?  Have you figured out how to avoid people
> reading pages or writing pages they don't have authorization for?  Or just
> basing that on the /usr/local/sbin security?

I should have said this is primarily for internal web sites :)

So... right now the trust is that somebody can place "safe" commands
in /usr/local/sbin somehow.

Obviously, someone could create a page full of (:shellout:) calls
and make life tough :)

So... I wouldn't recommend it for an external web site or something
where you expect a level of abuse.... I just wanted to share what
we use on our intranet (where we believe we're all on the same team).



With regards to creating pages (e.g. wiki.d/GroupName.HomePage)...

Example (I copied it from a script... so ignore the
detail... just look at the usage).  We haven't gone through
the motions of making this better yet (it can be made
better).

ConvertToWikiText() {
        sed -e 's/[%]/%25/g' -e 's/$/%0a/' | tr -d '\012'
}

# ...
# $wikipage is the path to page name to create in wiki.d
# ...

   echo "version=pmwiki-2.0 urlencoded=1" >$wikipage
   echo "time=`date +%s`" >>$wikipage
   echo "text=(:include ${EditGroup}${host}/Status:)
(:include ${GenGroup}${host}/LastUp:)
(:include ${EditGroup}${host}/Hostname:)
(:include ${EditGroup}${host}/Os:)
(:include ${EditGroup}${host}/Memory:)
(:include ${EditGroup}${host}/Cpuinfo:)
(:include ${EditGroup}${host}/Interfaces:)
(:include ${EditGroup}${host}/Fs:)
(:include ${EditGroup}${host}/Disks:)
(:include ${EditGroup}${host}/Scan:)
" | ConvertToWikiText >>$wikipage

As for parsing pages... you can probably do something
somewhat in reverse, but you will get the markup... a lot
of people wanted the translated markup or something
with the markup removed.

More information about the pmwiki-users mailing list