$ gem install gmp
Building native extensions. This could take a while...
Successfully installed gmp-0.7.43
Parsing documentation for gmp-0.7.43
Done installing documentation for gmp after 0 seconds
1 gem installed
$ cat gmp-test.rb
require 'gmp'
$ /opt/src/ruby-3.2.0/bin/ruby gmp-test.rb
<internal:/opt/src/ruby-3.2.0/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:85:in `require': cannot load such file -- /home/dunham/.local/share/gem/ruby/3.2.0/gems/gmp-0.7.43/lib/../ext/gmp (LoadError)
from <internal:/opt/src/ruby-3.2.0/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:85:in `require'
from /home/dunham/.local/share/gem/ruby/3.2.0/gems/gmp-0.7.43/lib/gmp.rb:9:in `<top (required)>'
from <internal:/opt/src/ruby-3.2.0/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:159:in `require'
from <internal:/opt/src/ruby-3.2.0/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:159:in `rescue in require'
from <internal:/opt/src/ruby-3.2.0/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:149:in `require'
from gmp-test.rb:1:in `<main>'
<internal:/opt/src/ruby-3.2.0/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:85:in `require': cannot load such file -- gmp (LoadError)
from <internal:/opt/src/ruby-3.2.0/lib/ruby/site_ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:85:in `require'
from gmp-test.rb:1:in `<main>'
Library seems to be dead. It's expecting gmp.so to be in ext directory but it ends up in lib directory, it's probably new rubygems doing things differently.
>> require "gmp"
<internal:/home/alex/.rbenv/versions/3.2.0/lib/ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:85:in 'require':
cannot load such file -- /home/alex/.rbenv/versions/3.2.0/lib/ruby/gems/3.2.0/gems/gmp-0.7.43/lib/../ext/gmp (LoadError)
$ ls $(dirname $(gem which gmp))
gmp.rb gmp.so
# move ^ that to ../ext/
$ mv $(dirname $(gem which gmp))/gmp.so $(dirname $(gem which gmp))/../ext/
>> require "gmp"
=> true
>> GMP::Z(0)
=> 0
Update
From the linked logs looks like you're still not loading gmp.so which is where all the classes are defined. You can copy gmp.so into your app:
# copy `gmp.rb`
$ cp $(gem which gmp) .
# copy `gmp.so`
$ cp $(dirname $(gem which gmp))/gmp.so .
# or if you moved it to ext
$ cp $(dirname $(gem which gmp))/../ext/gmp.so .
$ touch app.rb
$ ls
app.rb gmp.rb gmp.so
gmp.rb defines GMP.sprintf method, if this is not a required method and you don't use it, you can remove this file.
# gmp.rb
# require 'rbconfig'
#
# ENV['PATH'] = [File.expand_path(
# File.join(File.dirname(__FILE__), "..", "ext")
# ), ENV['PATH']].compact.join(';') if RbConfig::CONFIG['host_os'] =~ /(mswin|mingw|mingw32)/i
#
# require File.dirname(__FILE__) + '/../ext/gmp'
# unless RUBY_VERSION =~ /^1.8/
module GMP
def self.sprintf(format, *args)
first_pct = format.index '%'
result = format[0...first_pct]
#format.gsub(/(?<!%)%[0#+ ']*[0-9]*.?[0-9]*[a-zA-Z][^%]*/) do |fragment|
format.gsub(Regexp.new('(?<!%)%[0#+ \']*[0-9]*.?[0-9]*[a-zA-Z][^%]*')) do |fragment|
arg = args.shift
if fragment =~ /%[0#+ ']*[0-9]*.?[0-9]*[ZQF]/
result << sprintf2(fragment, arg)
elsif fragment =~ /%[0#+ ']*[0-9]*.?[0-9]*[PR]/ && GMP.const_defined?(:MPFR_VERSION)
result << GMP::F.sprintf2(fragment, arg)
else
result << (fragment % arg)
end
end
result
end
end
# end
# app.rb
require_relative "gmp.so"
p GMP::Z
p GMP::Z(0)
p GMP::Q
p GMP::F
require_relative "gmp.rb"
p GMP.sprintf "%Zd", GMP.Z(0)
$ ruby --yjit -v
ruby 3.2.0 (2022-12-25 revision a528908271) +YJIT [x86_64-linux]
$ ruby --yjit app.rb
GMP::Z
0
GMP::Q
GMP::F
"0"
We're trying to build a Docker container that contains Logstash-8.0.0 (the latest version, came out yesterday), such that it can be scanned with Trivy and not have any "HIGH" or "CRITICAL" severity alerts.
It's proving very hard to do, as we're not proficient with Java, Ruby, or JRuby.
If we have a Dockerfile that has the Elastic repository in it:
$ cat /etc/apt/sources.list.d/elastic-8.x.list
deb https://artifacts.elastic.co/packages/8.x/apt stable main
And we install logstash:
$ sudo apt-get update
$ sudo apt-get install logstash
Then install and run trivy:
$ curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b .
$ sudo trivy fs -s HIGH,CRITICAL /
We get one critical and two high severity alerts, concerning ruby gems listed in /usr/share/logstash/Gemfile.lock:
usr/share/logstash/Gemfile.lock (bundler)
=========================================
Total: 3 (HIGH: 2, CRITICAL: 1)
+----------+------------------+----------+-------------------+---------------+---------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+----------+------------------+----------+-------------------+---------------+---------------------------------------+
| json | CVE-2020-10663 | HIGH | 1.8.6-java | >= 2.3.0 | rubygem-json: Unsafe object |
| | | | | | creation vulnerability in JSON |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10663 |
+----------+------------------+----------+-------------------+ +---------------------------------------+
| kramdown | CVE-2020-14001 | CRITICAL | 1.14.0 | | rubygem-kramdown: processing template |
| | | | | | options inside documents allows |
| | | | | | unintended read access or embedded... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14001 |
+----------+------------------+----------+-------------------+---------------+---------------------------------------+
| nokogiri | CVE-2021-41098 | HIGH | 1.12.5-java | >= 1.12.5 | rubygem-nokogiri: XEE on JRuby |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-41098 |
+----------+------------------+----------+-------------------+---------------+---------------------------------------+
By changing the path to include the appropriate(?) directories, we can run ruby, jruby, gem and bundle:
$ export PATH=/usr/share/logstash/bin:/usr/share/logstash/vendor/jruby/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:.
But we're a bit at a loss as to what to try next. So far, it looks like editing /usr/share/logstash/Gemfile to have the right versions of json and nokogiri and commenting out the gems that are marked :development and then run bundle install; bundle update is the way to go:
diff --git a/Gemfile b/Gemfile
index 6e90ef4..1054cb3 100644
--- a/Gemfile
+++ b/Gemfile
## -6,7 +6,8 ## gem "logstash-core", :path => "./logstash-core"
gem "logstash-core-plugin-api", :path => "./logstash-core-plugin-api"
gem "atomic", "~> 1"
gem "builder", "~> 3"
-gem "json", "~> 1"
+gem "json", "~> 2.3.0"
+gem "nokogiri", "1.12.5"
gem "paquet", "~> 0.2"
gem "pleaserun", "~>0.0.28"
gem "rake", "~> 12"
## -18,15 +19,6 ## gem "gems", "~> 1", :group => :build
gem "octokit", "~> 4", :group => :build
gem "rubyzip", "~> 1", :group => :build
gem "stud", "~> 0.0.22", :group => :build
-# gem "belzebuth", :group => :development
-# gem "benchmark-ips", :group => :development
-# # # gem "ci_reporter_rspec", "~> 1", :group => :development
-# gem "flores", "~> 0.0.6", :group => :development
-# gem "json-schema", "~> 2", :group => :development
-# gem "logstash-devutils", "~> 1", :group => :development
-# gem "rack-test", :require => "rack/test", :group => :development
-# gem "rspec", "~> 3.5", :group => :development
-# gem "webmock", "~> 3", :group => :development
gem "logstash-codec-avro"
gem "logstash-codec-cef"
gem "logstash-codec-collectd"
But it seems that the Gemfile.lock file was created by bundler 2.3.6, which is not installed. When we installed bundler 2.3.6, it complained about an unexpected error with openssl. So, upgraded to bundler 2.3.7 (also released yesterday!), and it succeeded with bundle install. But now logstash won't run:
[FATAL] 2022-02-10 18:12:40.504 [main] Logstash - Logstash stopped
processing because of an error: (GemNotFound) Could not find
logstash-filter-elasticsearch-3.11.1,
logstash-filter-http-1.3.0,
logstash-filter-kv-4.6.0,
logstash-input-beats-6.2.6-java,
logstash-input-dead_letter_queue-1.1.10,
logstash-input-http_poller-5.2.0,
logstash-input-sqs-3.2.0,
logstash-input-tcp-6.2.7-java,
logstash-integration-elastic_enterprise_search-2.2.1,
logstash-integration-
kafka-10.10.0-java,
logstash-output-http-5.4.0,
logstash-output-tcp-6.0.1,
puma-5.6.1-java,
jruby-openssl-0.12.1-java,
i18n-1.9.1,
elasticsearch-7.17.0,
logstash-mixin-http_client-7.1.0,
json-2.6.1-java,
redis-4.6.0,
logstash-mixin-aws-5.0.0,
elastic-enterprise-search-7.16.0,
sequel-5.53.0,
elasticsearch-api-7.17.0,
elasticsearch-transport-7.17.0
in any of the sources
Edit: Figured it out!
This makes logstash find the updated ruby gems:
# cd /usr/share/logstash/vendor/jruby/lib/ruby/gems/shared
# tar c . | ( cd /usr/share/logstash/vendor/bundle/jruby/2.5.0; tar x )
This makes trivy stop complaining about snakeyaml-1.23 while letting logstash keep working:
# rm /usr/share/logstash/logstash-core/lib/jars/snakeyaml-1.23.jar
# cp /usr/share/logstash/vendor/jruby/lib/ruby/stdlib/org/yaml/snakeyaml/1.26/snakeyaml-1.26.jar /usr/share/logstash/logstash-core/lib/jars
This cleans up the other trivy jar alerts:
# rm -rf ~/.m2 # Delete maven cache
Cheers!
It was long and involved, but updating to logstash-8.0.0 allowed bundler-2.3.7 to work, and then copying the gems from one directory to another let logstash actually find the gems.
Details added to question.
Cheers!
# coding: utf-8
Gem::Specification.new do |spec|
spec.name = "myJekyllTheme"
spec.version = "1.0.1"
spec.authors = ["Mai Walters"]
spec.email = ["maiverily#gmail.com"]
spec.summary = %q{A simple theme for my CMS class.}
spec.homepage = "https://www.github.uconn.edu/mvw13001/myJekyllTheme"
spec.license = "MIT"
spec.files = `git ls-files -z`.split("\x0").reject { |f|
f.match(%r{^(test|spec|features)/}) }
spec.add_runtime_dependency "jekyll", "~> 3.4"
spec.add_development_dependency "bundler", "~> 1.12"
spec.add_development_dependency "rake", "~> 10.0"
spec.add_development_dependency "jekyll-polyglot", ">= 1.2.4"
spec.add_development_dependency "jekyll-seo-tag", ">= 2.1.0"
spec.add_development_dependency "jekyll-paginate", ">= 1.1.0"
spec.add_development_dependency "jekyll-feed", "~> 0.6"
end
I am using this code to try to create a jekyll theme and I am setting up my gemspec file but every time I run bundle install, I get this error:
C:\Users\M\myJekyllTheme>bundle install
[!] There was an error parsing `Gemfile`: syntax error, unexpected unary-,
expecting keyword_do or '{' or '(' - ....files = git ls-files -
z.split("\x0").select { |f| f...
... ^. Bundler cannot continue.
# from C:/Users/M/myJekyllTheme/Gemfile:15
# -------------------------------------------
# spec.add_development_dependency "bundler", "~> 1.12"
> end # source "https://rubygems.org"
# -------------------------------------------
Does anyone know why this would be?
Try changing this:
spec.files = `git ls-files -z`.split("\x0").reject { |f|
f.match(%r{^(test|spec|features)/}) }
to this (one line):
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
I've written a gem and have installed it, despite this gem which does not find the gem, nor does require 'gem_name'
Here is my gemspec
# coding: utf-8
lib = File.expand_path('../lib', __FILE__)
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
require 'faker/faker-rpg/version'
Gem::Specification.new do |spec|
spec.name = "faker-rpg"
spec.version = Faker::Rpg::VERSION
spec.authors = [""]
spec.email = [""]
spec.summary = ""
spec.description = ""
spec.homepage = ""
spec.license = "MIT"
spec.files = `git ls-files -z`.split("\x0")
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
spec.require_paths = ["lib"]
spec.add_development_dependency "bundler", "~> 1.5"
spec.add_development_dependency "rake"
end
gem list does find the gem
gem list faker-rpg
*** LOCAL GEMS ***
faker-rpg (0.0.1)
It is definitely installed to the gem folder
ls /Users/User/.rvm/gems/ruby-2.0.0-p353/gems/ | grep faker-rpg
faker-rpg-0.0.1
And this is the file structure of faker-rpg-0.0.1 inside the above gems folder
ls -R
Gemfile Rakefile
LICENSE.txt faker-rpg.gemspec
README.md lib
./lib:
faker locales
./lib/faker:
faker-rpg faker-rpg.rb
./lib/faker/faker-rpg:
version.rb
./lib/locales:
faker.en.yml
gem which won't find the gem
gem which faker-rpg
ERROR: Can't find ruby library file or shared library faker-rpg
In the ruby console require won't work
2.0.0-p353 :001 > require 'faker-rpg'
LoadError: cannot load such file -- faker-rpg
And here is what gem spec faker-rpg gives
gem spec faker-rpg
--- !ruby/object:Gem::Specification
name: faker-rpg
version: !ruby/object:Gem::Version
version: 0.0.1
platform: ruby
authors:
- ''
autorequire:
bindir: bin
cert_chain: []
date: 2014-06-25 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: bundler
requirement: !ruby/object:Gem::Requirement
requirements:
- - ~>
- !ruby/object:Gem::Version
version: '1.5'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - ~>
- !ruby/object:Gem::Version
version: '1.5'
- !ruby/object:Gem::Dependency
name: rake
requirement: !ruby/object:Gem::Requirement
requirements:
- - '>='
- !ruby/object:Gem::Version
version: '0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - '>='
- !ruby/object:Gem::Version
version: '0'
description: ''
email:
- ''
executables: []
extensions: []
extra_rdoc_files: []
files: []
homepage: ''
licenses:
- MIT
metadata: {}
post_install_message:
rdoc_options: []
require_paths:
- lib
required_ruby_version: !ruby/object:Gem::Requirement
requirements:
- - '>='
- !ruby/object:Gem::Version
version: '0'
required_rubygems_version: !ruby/object:Gem::Requirement
requirements:
- - '>='
- !ruby/object:Gem::Version
version: '0'
requirements: []
rubyforge_project:
rubygems_version: 2.2.2
signing_key:
specification_version: 4
summary: ''
test_files: []
I've found multiple questions about this, and none of the answers that were accepted solved my problem.
The only thing I can think of is that gemspec has the line 'files: []' but the files are definitely in the gem installed to the gems folder.
Does anyone have an ideas?
The gem is actually installed correctly, it’s just you haven’t got your lib paths quite right. Try running gem which faker/faker-rpg to see.
You just need to move the contents of lib/faker up a level, so that they are directly under lib. Currently you are searching for faker-rpg.rb, but that file only exists as faker/faker-rpg.rb, so it isn’t being found.
You’ll probably need to adjust some other parts to make it all work. You don’t mention what is in the locales directory – it might be better to move that under the faker-rpg directory as well. Also the require line in your gemspec where you get the version will need to be adjusted.
I have two apps on my machine.
Each app (server) has it's own gemset and works on a different ruby version.
I will manage those apps with god which is installed in it's own gemset.
My god config file config.god looks like this:
God.watch do |w|
current_path = "/home/vagrant/server-1"
w.name = "server 1"
w.start = "ruby #{current_path}/simple-server.rb"
w.keepalive
end
God.watch do |w|
current_path = "/home/vagrant/server-2"
w.name = "server 2"
w.start = "ruby #{current_path}/simple-server.rb"
w.keepalive
end
My servers are simply writing the ruby version to a file (/home/vagrant/server-2/simple-server.rb):
require "date"
loop do
# simple console output
puts "Hello on #{RUBY_VERSION}, #{RUBY_PATCHLEVEL}, #{RUBY_PLATFORM}, #{RUBY_RELEASE_DATE}"
# Specify the name of the log file
log_file = File.join File.expand_path( File.dirname(__FILE__) ), "testfile.txt"
# Write the log into the file
File.open( log_file, 'a') do |f|
date = DateTime.now
date = date.strftime("%H:%M:%S")
f.puts "#{date} on #{RUBY_VERSION}, #{RUBY_PATCHLEVEL}, #{RUBY_PLATFORM}, #{RUBY_RELEASE_DATE}"
end
sleep 2
end
I run god with god -c config.god.
The problem is that my apps are not running with the ruby versions which is specified in the .rvmrc.
I have also tried:
~/.rvm/bin/wrapped_god -d config.god -D
rvmsudo ~/.rvm/bin/wrapped_god -d config.god -D
rvmsudo god -d config.god -D
Is there a solution for this case?
EDIT 2012.08.27:
I have changed my god config as follows:
w.start="~/.rvm/bin/rvm in #{current_path} do ruby simple-server.rb"
And it worked.
try:
start="~/.rvm/bin/rvm in #{current_path} do ruby simple-server.rb"