Getting output of system calls in Ruby

Question

If I call a command using Kernel system in Ruby  how do I get its output   system  ls

User · Answer

The straightforward way to do this correctly and securely is to use Open3.capture2(), Open3.capture2e(), or Open3.capture3().

Using ruby's backticks and its %x alias are NOT SECURE UNDER ANY CIRCUMSTANCES if used with untrusted data. It is DANGEROUS, plain and simple:

untrusted = "; date; echo"
out = `echo #{untrusted}`                              # BAD

untrusted = '"; date; echo"'
out = `echo "#{untrusted}"`                            # BAD

untrusted = "'; date; echo'"
out = `echo '#{untrusted}'`                            # BAD

The system function, in contrast, escapes arguments properly if used correctly:

ret = system "echo #{untrusted}"                       # BAD
ret = system 'echo', untrusted                         # good

Trouble is, it returns the exit code instead of the output, and capturing the latter is convoluted and messy.

The best answer in this thread so far mentions Open3, but not the functions that are best suited for the task. Open3.capture2, capture2e and capture3 work like system, but returns two or three arguments:

out, err, st = Open3.capture3("echo #{untrusted}")     # BAD
out, err, st = Open3.capture3('echo', untrusted)       # good
out_err, st  = Open3.capture2e('echo', untrusted)      # good
out, st      = Open3.capture2('echo', untrusted)       # good
p st.exitstatus

Another mentions IO.popen(). The syntax can be clumsy in the sense that it wants an array as input, but it works too:

out = IO.popen(['echo', untrusted]).read               # good

For convenience, you can wrap Open3.capture3() in a function, e.g.:

#
# Returns stdout on success, false on failure, nil on error
#
def syscall(*cmd)
  begin
    stdout, stderr, status = Open3.capture3(*cmd)
    status.success? && stdout.slice!(0..-(1 + $/.size)) # strip trailing eol
  rescue
  end
end

Example:

p system('foo')
p syscall('foo')
p system('which', 'foo')
p syscall('which', 'foo')
p system('which', 'which')
p syscall('which', 'which')

Yields the following:

nil
nil
false
false
/usr/bin/which         <— stdout from system('which', 'which')
true                   <- p system('which', 'which')
"/usr/bin/which"       <- p syscall('which', 'which')

User · Answer

You can use system   or  x   depending what kind of result you need   system   returning true if the command was found and ran successfully  false otherwise    gt  gt  s   system  uptime  10 56  up 3 days  23 10  2 users  load averages  0 17 0 17 0 14   gt  true  gt  gt  s class   gt  TrueClass  gt  gt     class   gt  Process  Status    x     on the other hand saves the results of the command as a string    gt  gt  result    x uptime    gt   13 16  up 4 days   1 30  2 users  load averages  0 39 0 29 0 23 n   gt  gt  p result   13 16  up 4 days   1 30  2 users  load averages  0 39 0 29 0 23 n   gt  gt  result class   gt  String   Th blog post by Jay Fields explains in detail the differences between using system  exec and  x

User · Answer

Just for the record  if you want both  output and operation result  you can do   output  ls no existing file     result    success

User · Answer

I d like to expand  amp  clarify chaos s answer a bit   If you surround your command with backticks  then you don t need to  explicitly  call system   at all  The backticks execute the command and return the output as a string  You can then assign the value to a variable like so   output    ls  p output   or  printf output   escapes newline chars

User · Answer

If you need to escape the arguments  in Ruby 1 9 IO popen also accepts an array   p IO popen   echo    it s escaped    read   In earlier versions you can use Open3 popen3   require  open3   Open3 popen3  echo    it s escaped      i  o  p o read     If you also need to pass stdin  this should work in both 1 9 and 1 8   out   IO popen  xxd -p    r       io      io print  xyz      io close write     io read chomp   p out    78797a

User · Answer

You use backticks    ls

User · Answer

Another way is   f   open   ls   foo   f read     Note that s the  pipe  character before  ls  in open  This can also be used to feed data into the programs standard input as well as reading its standard output

User · Answer

While using backticks or popen is often what you really want  it doesn t actually answer the question asked  There may be valid reasons for capturing system output  maybe for automated testing   A little Googling turned up an answer I thought I would post here for the benefit of others    Since I needed this for testing my example uses a block setup to capture the standard output since the actual system call is buried in the code being tested   require  tempfile   def capture stdout   stdout    stdout dup   Tempfile open  stdout-redirect  do  temp       stdout reopen temp path   w       yield if block given       stdout reopen stdout     temp read   end end   This method captures any output in the given block using a tempfile to store the actual data  Example usage   captured content   capture stdout do   system  echo foo  end puts captured content   You can replace the system call with anything that internally calls system  You could also use a similar method to capture stderr if you wanted

User · Answer

I didn t find this one here so adding it  I had some issues getting the full output       You can redirect STDERR to STDOUT if you want to capture STDERR using   backtick       output    grep hosts  private etc   2  amp 1    source  http   blog bigbinary com 2012 10 18 backtick-system-exec-in-ruby html

User · Answer

Be aware that all the solutions where you pass a string containing user provided values to system   x   etc  are unsafe  Unsafe actually means  the user may trigger code to run in the context and with all permissions of the program   As far as I can say only system and Open3 popen3 do provide a secure escaping variant in Ruby 1 8  In Ruby 1 9 IO  popen also accepts an array   Simply pass every option and argument as an array to one of these calls   If you need not just the exit status but also the result you probably want to use Open3 popen3   require  open3  stdin  stdout  stderr  wait thr   Open3 popen3  usermod    -p    options  shadow     options  username    stdout gets nil  stdout close stderr gets nil  stderr close exit code   wait thr value   Note that the block form will auto-close stdin  stdout and stderr- otherwise they d have to be closed explicitly   More information here  Forming sanitary shell commands or system calls in Ruby

User · Answer

As a direct system      replacement you may use Open3 popen3       Further discussion  http   tech natemurray com 2007 03 ruby-shell-commands html

User · Answer

If you want the output redirected to a file using Kernel system  you can do modify descriptors like this   redirect stdout and stderr to a file  tmp log  in append mode    system  ls -al    out   gt     tmp log    a     err   gt     tmp log    a      For a long running command  this will store the output in real time  You can also  store the output using a IO pipe and redirect it from Kernel system

User · Answer

puts  date  puts      Mon Mar  7 19 01 15 PST 2016 pid 13093 exit 0

User · Answer

As Simon H  rlimann already explained  Open3 is safer than backticks etc    require  open3  output   Open3 popen3  ls      stdin  stdout  stderr  wait thr  stdout read     Note that the block form will auto-close stdin  stdout and stderr- otherwise they d have to be closed explicitly

User · Answer

I found that the following is useful if you need the return value   result    x ls  puts result   I specifically wanted to list the pids of all the Java processes on my machine  and used this   ids    x ps ax   grep java   awk    print  1      xargs

[ruby] Getting output of system() calls in Ruby

Examples related to ruby

Examples related to system

Examples related to call