executor

package
v1.73.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 4, 2026 License: MPL-2.0 Imports: 11 Imported by: 0

Documentation

Overview

============================================================================= NFTBan v1.73 - Installer Executor Interface ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-executor" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="Executor interface abstracting system commands for testability" meta:inventory.files="internal/installer/executor/executor.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="none" =============================================================================

============================================================================= NFTBan v1.73 - Installer Mock Executor ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-executor-mock" meta:type="test" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="In-memory mock executor for unit testing" meta:inventory.files="internal/installer/executor/mock.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="none" =============================================================================

============================================================================= NFTBan v1.73 - Installer Real Executor ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-executor-real" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="Production executor using os/exec and syscalls" meta:inventory.files="internal/installer/executor/real.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="root" =============================================================================

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Executor 

type Executor interface {
	// Run executes a command and returns the result. Timeout defaults to 30s.
	Run(name string, args ...string) Result

	// RunContext executes a command with the given context for cancellation/timeout.
	RunContext(ctx context.Context, name string, args ...string) Result

	// RunTimeout is a convenience wrapper: creates a context with the given timeout.
	RunTimeout(timeout time.Duration, name string, args ...string) Result

	// ReadFile reads the contents of a file.
	ReadFile(path string) ([]byte, error)

	// WriteFileAtomic writes data to a temp file then renames to path (atomic on same FS).
	WriteFileAtomic(path string, data []byte, perm os.FileMode) error

	// FileExists returns true if path exists (file or directory).
	FileExists(path string) bool

	// MkdirAll creates a directory tree (like os.MkdirAll).
	MkdirAll(path string, perm os.FileMode) error

	// Chown changes file ownership.
	Chown(path string, uid, gid int) error

	// Chmod changes file permissions.
	Chmod(path string, perm os.FileMode) error

	// Remove deletes a file or empty directory.
	Remove(path string) error

	// Symlink creates a symbolic link (newname -> oldname).
	Symlink(oldname, newname string) error

	// NftTableExists returns true if the given nft table exists in the kernel.
	// family: "ip", "ip6", or "inet". table: e.g. "nftban".
	NftTableExists(family, table string) bool

	// NftListSet returns the elements of an nft set as a raw string.
	// Returns ("", error) if the set does not exist.
	NftListSet(family, table, set string) (string, error)

	// NftAddElement adds an element to an nft set.
	NftAddElement(family, table, set string, element string) error

	// NftDeleteTable deletes an nft table. Ignores "not found" errors.
	NftDeleteTable(family, table string) error

	// NftCheck runs nft -c -f on the given config content (syntax validation).
	// Returns nil if valid, error with details if invalid.
	NftCheck(configContent string) error

	// ServiceActive returns true if the systemd unit is active.
	ServiceActive(unit string) bool

	// ServiceEnable enables a systemd unit.
	ServiceEnable(unit string) error

	// ServiceStart starts a systemd unit.
	ServiceStart(unit string) error

	// ServiceStop stops a systemd unit.
	ServiceStop(unit string) error

	// ServiceDisable disables a systemd unit.
	ServiceDisable(unit string) error

	// ServiceMask masks a systemd unit (prevents start by any means).
	ServiceMask(unit string) error

	// DaemonReload runs systemctl daemon-reload.
	DaemonReload() error

	// CommandExists returns true if the named command is in PATH.
	CommandExists(name string) bool

	// UserExists returns true if the named system user exists.
	UserExists(name string) bool

	// GroupExists returns true if the named system group exists.
	GroupExists(name string) bool

	// Getenv returns the value of an environment variable.
	Getenv(key string) string
}

Executor contract (frozen):

Command execution:

  • Run: execute a command, return exit code + output
  • RunContext: execute with context (for timeout/cancellation)

File operations:

  • ReadFile / WriteFileAtomic / FileExists / MkdirAll
  • Chown / Chmod / Remove / Symlink

nftables queries:

  • NftTableExists / NftListSet / NftAddElement / NftDeleteTable / NftCheck

systemd:

  • ServiceActive / ServiceEnable / ServiceStart / ServiceStop
  • ServiceDisable / ServiceMask / DaemonReload

System:

  • CommandExists / UserExists / GroupExists / Getenv

type MockExecutor 

type MockExecutor struct {

	// Commands records every command executed (for assertion).
	Commands []RecordedCommand

	// RunResults maps "name:arg1:arg2" to a preset Result.
	// If a command is not in RunResults, it returns exit 0 with empty output.
	RunResults map[string]Result

	// Files maps path -> content for ReadFile/FileExists.
	Files map[string][]byte

	// WrittenFiles records what was written via WriteFileAtomic.
	WrittenFiles map[string][]byte

	// Dirs records directories created via MkdirAll.
	Dirs map[string]bool

	// NftTables maps "family:table" -> exists.
	NftTables map[string]bool

	// NftSets maps "family:table:set" -> element list as string.
	NftSets map[string]string

	// Services maps "unit" -> active.
	Services map[string]bool

	// Users maps "name" -> exists.
	Users map[string]bool

	// Groups maps "name" -> exists.
	Groups map[string]bool

	// Env maps "key" -> value.
	Env map[string]string

	// ExistingCommands maps "name" -> exists.
	ExistingCommands map[string]bool
	// contains filtered or unexported fields
}

MockExecutor implements Executor with in-memory state for testing.

func NewMockExecutor 

func NewMockExecutor() *MockExecutor

NewMockExecutor creates a MockExecutor with all maps initialized.

func (*MockExecutor) Chmod 

func (m *MockExecutor) Chmod(_ string, _ os.FileMode) error

func (*MockExecutor) Chown 

func (m *MockExecutor) Chown(_ string, _, _ int) error

func (*MockExecutor) CommandExists 

func (m *MockExecutor) CommandExists(name string) bool

func (*MockExecutor) DaemonReload 

func (m *MockExecutor) DaemonReload() error

func (*MockExecutor) FileExists 

func (m *MockExecutor) FileExists(path string) bool

func (*MockExecutor) Getenv 

func (m *MockExecutor) Getenv(key string) string

func (*MockExecutor) GroupExists 

func (m *MockExecutor) GroupExists(name string) bool

func (*MockExecutor) MkdirAll 

func (m *MockExecutor) MkdirAll(path string, _ os.FileMode) error

func (*MockExecutor) NftAddElement 

func (m *MockExecutor) NftAddElement(family, table, set string, element string) error

func (*MockExecutor) NftCheck 

func (m *MockExecutor) NftCheck(_ string) error

func (*MockExecutor) NftDeleteTable 

func (m *MockExecutor) NftDeleteTable(family, table string) error

func (*MockExecutor) NftListSet 

func (m *MockExecutor) NftListSet(family, table, set string) (string, error)

func (*MockExecutor) NftTableExists 

func (m *MockExecutor) NftTableExists(family, table string) bool

func (*MockExecutor) ReadFile 

func (m *MockExecutor) ReadFile(path string) ([]byte, error)

func (*MockExecutor) Remove 

func (m *MockExecutor) Remove(path string) error

func (*MockExecutor) Run 

func (m *MockExecutor) Run(name string, args ...string) Result

func (*MockExecutor) RunContext 

func (m *MockExecutor) RunContext(_ context.Context, name string, args ...string) Result

func (*MockExecutor) RunTimeout 

func (m *MockExecutor) RunTimeout(_ time.Duration, name string, args ...string) Result

func (*MockExecutor) ServiceActive 

func (m *MockExecutor) ServiceActive(unit string) bool

func (*MockExecutor) ServiceDisable 

func (m *MockExecutor) ServiceDisable(unit string) error

func (*MockExecutor) ServiceEnable 

func (m *MockExecutor) ServiceEnable(unit string) error

func (*MockExecutor) ServiceMask 

func (m *MockExecutor) ServiceMask(unit string) error

func (*MockExecutor) ServiceStart 

func (m *MockExecutor) ServiceStart(unit string) error

func (*MockExecutor) ServiceStop 

func (m *MockExecutor) ServiceStop(unit string) error
func (m *MockExecutor) Symlink(_, _ string) error

func (*MockExecutor) UserExists 

func (m *MockExecutor) UserExists(name string) bool

func (*MockExecutor) WriteFileAtomic 

func (m *MockExecutor) WriteFileAtomic(path string, data []byte, _ os.FileMode) error

type RealExecutor 

type RealExecutor struct{}

RealExecutor implements Executor using real system calls.

func (*RealExecutor) Chmod 

func (r *RealExecutor) Chmod(path string, perm os.FileMode) error

func (*RealExecutor) Chown 

func (r *RealExecutor) Chown(path string, uid, gid int) error

func (*RealExecutor) CommandExists 

func (r *RealExecutor) CommandExists(name string) bool

func (*RealExecutor) DaemonReload 

func (r *RealExecutor) DaemonReload() error

func (*RealExecutor) FileExists 

func (r *RealExecutor) FileExists(path string) bool

func (*RealExecutor) Getenv 

func (r *RealExecutor) Getenv(key string) string

func (*RealExecutor) GroupExists 

func (r *RealExecutor) GroupExists(name string) bool

func (*RealExecutor) MkdirAll 

func (r *RealExecutor) MkdirAll(path string, perm os.FileMode) error

func (*RealExecutor) NftAddElement 

func (r *RealExecutor) NftAddElement(family, table, set string, element string) error

func (*RealExecutor) NftCheck 

func (r *RealExecutor) NftCheck(configContent string) error

func (*RealExecutor) NftDeleteTable 

func (r *RealExecutor) NftDeleteTable(family, table string) error

func (*RealExecutor) NftListSet 

func (r *RealExecutor) NftListSet(family, table, set string) (string, error)

func (*RealExecutor) NftTableExists 

func (r *RealExecutor) NftTableExists(family, table string) bool

func (*RealExecutor) ReadFile 

func (r *RealExecutor) ReadFile(path string) ([]byte, error)

func (*RealExecutor) Remove 

func (r *RealExecutor) Remove(path string) error

func (*RealExecutor) Run 

func (r *RealExecutor) Run(name string, args ...string) Result

func (*RealExecutor) RunContext 

func (r *RealExecutor) RunContext(ctx context.Context, name string, args ...string) Result

func (*RealExecutor) RunTimeout 

func (r *RealExecutor) RunTimeout(timeout time.Duration, name string, args ...string) Result

func (*RealExecutor) ServiceActive 

func (r *RealExecutor) ServiceActive(unit string) bool

func (*RealExecutor) ServiceDisable 

func (r *RealExecutor) ServiceDisable(unit string) error

func (*RealExecutor) ServiceEnable 

func (r *RealExecutor) ServiceEnable(unit string) error

func (*RealExecutor) ServiceMask 

func (r *RealExecutor) ServiceMask(unit string) error

func (*RealExecutor) ServiceStart 

func (r *RealExecutor) ServiceStart(unit string) error

func (*RealExecutor) ServiceStop 

func (r *RealExecutor) ServiceStop(unit string) error
func (r *RealExecutor) Symlink(oldname, newname string) error

func (*RealExecutor) UserExists 

func (r *RealExecutor) UserExists(name string) bool

func (*RealExecutor) WriteFileAtomic 

func (r *RealExecutor) WriteFileAtomic(path string, data []byte, perm os.FileMode) error

type RecordedCommand 

type RecordedCommand struct {
	Name string
	Args []string
}

RecordedCommand tracks a command that was executed.

type Result 

type Result struct {
	ExitCode int
	Stdout   string
	Stderr   string
}

Result holds the output of an executed command.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.