💯 Doug Bell

NAME

Beam::Runnable::DenyUsers - Deny certain users from running a command

VERSION

version 0.012

SYNOPSIS

    ### In a Runnable module
    package My::Runnable::Script;
    use Moo;
    with 'Beam::Runnable', 'Beam::Runnable::DenyUsers';
    has '+deny_users' => ( default => [ 'root' ] );
    sub run { }

    ### In a container config file
    runnable:
        $class: My::Runnable::Script
        $with:
            - 'Beam::Runnable::DenyUsers'
        deny_users:
            - root
            - doug

DESCRIPTION

This role checks to ensure that certain users don't run a command. If an unauthorized user runs the command, it dies with an error instead.

NOTE: This is mostly a demonstration of a Beam::Runnable role. Users that can write to the configuration file can edit who is denied to run the command, and there are other ways to prevent access to a file/command.

ATTRIBUTES

deny_users

An array reference of user names that are denied to run this task.

METHODS

run

This role wraps the run method of your runnable class to check that the user isn't unauthorized.

SEE ALSO

Beam::Runnable, "getpwuid" in perlfunc, "$>" in perlvar

AUTHOR

Doug Bell <preaction@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2016 by Doug Bell.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.