Skip to content

Commit d96f8f9

Browse files
majiayu000autofix-ci[bot]tusharmath
authored
fix: add fallback from rbash to bash/zsh/sh for command execution (#2629)
Signed-off-by: majiayu000 <1835304752@qq.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Tushar Mathur <tusharmath@gmail.com>
1 parent e946aaa commit d96f8f9

5 files changed

Lines changed: 13 additions & 27 deletions

File tree

crates/forge_infra/src/env.rs

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,8 @@ impl ForgeEnvironmentInfra {
1616
/// Creates a new EnvironmentFactory with specified working directory
1717
///
1818
/// # Arguments
19-
/// * `restricted` - If true, use restricted shell mode (rbash) If false,
20-
/// use unrestricted shell mode (sh/bash)
19+
/// * `restricted` - If true, enable restricted mode using the permissions
20+
/// feature. If false, use unrestricted mode
2121
/// * `cwd` - Required working directory path
2222
pub fn new(restricted: bool, cwd: PathBuf) -> Self {
2323
Self::dot_env(&cwd);
@@ -28,9 +28,6 @@ impl ForgeEnvironmentInfra {
2828
fn get_shell_path(&self) -> String {
2929
if cfg!(target_os = "windows") {
3030
std::env::var("COMSPEC").unwrap_or("cmd.exe".to_string())
31-
} else if self.restricted {
32-
// Default to rbash in restricted mode
33-
"/bin/rbash".to_string()
3431
} else {
3532
// Use user's preferred shell or fallback to sh
3633
std::env::var("SHELL").unwrap_or("/bin/sh".to_string())

crates/forge_infra/src/executor.rs

Lines changed: 9 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,6 @@ use crate::console::StdConsoleWriter;
1313
/// Service for executing shell commands
1414
#[derive(Clone, Debug)]
1515
pub struct ForgeCommandExecutorService {
16-
restricted: bool,
1716
env: Environment,
1817
output_printer: Arc<StdConsoleWriter>,
1918

@@ -22,13 +21,8 @@ pub struct ForgeCommandExecutorService {
2221
}
2322

2423
impl ForgeCommandExecutorService {
25-
pub fn new(restricted: bool, env: Environment, output_printer: Arc<StdConsoleWriter>) -> Self {
26-
Self {
27-
restricted,
28-
env,
29-
output_printer,
30-
ready: Arc::new(Mutex::new(())),
31-
}
24+
pub fn new(env: Environment, output_printer: Arc<StdConsoleWriter>) -> Self {
25+
Self { env, output_printer, ready: Arc::new(Mutex::new(())) }
3226
}
3327

3428
fn prepare_command(
@@ -39,11 +33,7 @@ impl ForgeCommandExecutorService {
3933
) -> Command {
4034
// Create a basic command
4135
let is_windows = cfg!(target_os = "windows");
42-
let shell = if self.restricted && !is_windows {
43-
"rbash"
44-
} else {
45-
self.env.shell.as_str()
46-
};
36+
let shell = self.env.shell.as_str();
4737
let mut command = Command::new(shell);
4838

4939
// Core color settings for general commands
@@ -265,7 +255,7 @@ mod tests {
265255

266256
#[tokio::test]
267257
async fn test_command_executor() {
268-
let fixture = ForgeCommandExecutorService::new(false, test_env(), test_printer());
258+
let fixture = ForgeCommandExecutorService::new(test_env(), test_printer());
269259
let cmd = "echo 'hello world'";
270260
let dir = ".";
271261

@@ -297,7 +287,7 @@ mod tests {
297287
std::env::set_var("ANOTHER_TEST_VAR", "another_value");
298288
}
299289

300-
let fixture = ForgeCommandExecutorService::new(false, test_env(), test_printer());
290+
let fixture = ForgeCommandExecutorService::new(test_env(), test_printer());
301291
let cmd = if cfg!(target_os = "windows") {
302292
"echo %TEST_ENV_VAR%"
303293
} else {
@@ -330,7 +320,7 @@ mod tests {
330320
std::env::remove_var("MISSING_ENV_VAR");
331321
}
332322

333-
let fixture = ForgeCommandExecutorService::new(false, test_env(), test_printer());
323+
let fixture = ForgeCommandExecutorService::new(test_env(), test_printer());
334324
let cmd = if cfg!(target_os = "windows") {
335325
"echo %MISSING_ENV_VAR%"
336326
} else {
@@ -353,7 +343,7 @@ mod tests {
353343

354344
#[tokio::test]
355345
async fn test_command_executor_with_empty_env_list() {
356-
let fixture = ForgeCommandExecutorService::new(false, test_env(), test_printer());
346+
let fixture = ForgeCommandExecutorService::new(test_env(), test_printer());
357347
let cmd = "echo 'no env vars'";
358348

359349
let actual = fixture
@@ -377,7 +367,7 @@ mod tests {
377367
std::env::set_var("SECOND_VAR", "second");
378368
}
379369

380-
let fixture = ForgeCommandExecutorService::new(false, test_env(), test_printer());
370+
let fixture = ForgeCommandExecutorService::new(test_env(), test_printer());
381371
let cmd = if cfg!(target_os = "windows") {
382372
"echo %FIRST_VAR% %SECOND_VAR%"
383373
} else {
@@ -407,7 +397,7 @@ mod tests {
407397

408398
#[tokio::test]
409399
async fn test_command_executor_silent() {
410-
let fixture = ForgeCommandExecutorService::new(false, test_env(), test_printer());
400+
let fixture = ForgeCommandExecutorService::new(test_env(), test_printer());
411401
let cmd = "echo 'silent test'";
412402
let dir = ".";
413403

crates/forge_infra/src/forge_infra.rs

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -78,7 +78,6 @@ impl ForgeInfra {
7878
create_dirs_service: Arc::new(ForgeCreateDirsService),
7979
directory_reader_service,
8080
command_executor_service: Arc::new(ForgeCommandExecutorService::new(
81-
restricted,
8281
env.clone(),
8382
output_printer.clone(),
8483
)),

crates/forge_main/src/cli.rs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,8 @@ pub struct Cli {
5454
#[arg(long, default_value_t = false)]
5555
pub verbose: bool,
5656

57-
/// Use restricted shell (rbash) for enhanced security.
57+
/// Enable restricted mode for enhanced security using the permissions
58+
/// feature.
5859
#[arg(long, default_value_t = false, short = 'r')]
5960
pub restricted: bool,
6061

crates/forge_services/src/tool_services/shell.rs

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@ fn strip_ansi(content: String) -> String {
1111
String::from_utf8_lossy(&strip(content.as_bytes())).into_owned()
1212
}
1313

14-
/// Executes shell commands with safety measures using restricted bash (rbash).
1514
/// Prevents potentially harmful operations like absolute path execution and
1615
/// directory changes. Use for file system interaction, running utilities,
1716
/// installing packages, or executing build commands. For operations requiring

0 commit comments

Comments
 (0)