ensure_package

Install or remove packages on remote servers via SSH to maintain desired system states. This tool verifies package presence or absence and takes action when needed.

Instructions

Ensures a package is installed or removed

Input Schema

TableJSON Schema

Name	Required	Description
`sessionId`	Yes	SSH session ID
`name`	Yes	Package name
`state`	Yes	Desired state

Implementation Reference

src/ensure.ts:39-116 (handler)

The implementation of the ensurePackage function, which sanitizes the input, checks if the package is already installed, and runs the appropriate installation command for the detected package manager.

export async function ensurePackage(
  sessionId: string,
  packageName: string,
  sudoPassword?: string
): Promise<PackageResult> {
  // Validate and sanitize package name to prevent injection
  const safePackageName = sanitizePackageName(packageName);
  logger.debug('Ensuring package is installed', { sessionId, packageName: safePackageName });

  const session = sessionManager.getSession(sessionId);
  if (!session) {
    throw new Error(`Session ${sessionId} not found or expired`);
  }

  try {
    // Detect OS and package manager
    const osInfo = await sessionManager.getOSInfo(sessionId);
    const pm = osInfo.packageManager;

    if (pm === 'unknown') {
      throw createPackageManagerError(
        'No supported package manager found',
        'Supported package managers: apt, dnf, yum, pacman, apk, zypper, brew'
      );
    }
    if (osInfo.platform === 'windows') {
      throw createPackageManagerError(
        'Package management on Windows hosts is not supported by this tool yet',
        'Use winget/choco manually or install via other Windows package workflows'
      );
    }

    logger.debug('Detected package manager', { sessionId, pm });

    // Check if package is already installed
    const isInstalled = await checkPackageInstalled(sessionId, safePackageName, pm);
    if (isInstalled) {
      logger.info('Package already installed', { sessionId, packageName: safePackageName });
      return {
        ok: true,
        pm,
        code: 0,
        stdout: `Package ${safePackageName} is already installed`,
        stderr: ''
      };
    }

    // Install the package using sanitized name
    const installCommand = getInstallCommand(pm, safePackageName);
    logger.debug('Installing package', { sessionId, packageName: safePackageName, command: installCommand });

    const runInstaller = pm === 'brew'
      ? () => execCommand(sessionId, installCommand)
      : () => execSudo(sessionId, installCommand, sudoPassword);

    const result = await runInstaller();

    const packageResult: PackageResult = {
      ok: result.code === 0,
      pm,
      code: result.code,
      stdout: result.stdout,
      stderr: result.stderr
    };

    if (result.code === 0) {
      logger.info('Package installed successfully', { sessionId, packageName: safePackageName });
    } else {
      logger.error('Package installation failed', { sessionId, packageName: safePackageName, code: result.code });
    }

    return packageResult;

  } catch (error) {
    logger.error('Failed to ensure package', { sessionId, packageName, error });
    throw error;
  }
}

src/types.ts:281-285 (schema)

Input validation schema for the ensure_package tool.

export const EnsurePackageSchema = z.object({
  sessionId: z.string().min(1),
  name: z.string().min(1),
  sudoPassword: z.string().optional()
});

src/mcp.ts:475-479 (registration)

Registration/handler logic for the ensure_package MCP tool within the main MCP loop.

case 'ensure_package': {
  const params = EnsurePackageSchema.parse(args);
  const result = await ensurePackage(params.sessionId, params.name, params.sudoPassword);
  logger.info('Package ensured', { sessionId: params.sessionId, name: params.name });
  return { content: [{ type: 'text', text: JSON.stringify(result, null, 2) }] };

mcp-ssh-tool

ensure_package

Instructions

Input Schema

Implementation Reference

Other Tools

Latest Blog Posts

MCP directory API