Class: CMDB::Commands::Shim

Inherits:

Object

• Object
• CMDB::Commands::Shim

Defined in:

lib/cmdb/commands/shim.rb

Instance Attribute Summary

• #cmdb ⇒ CMDB::Interface readonly

Class Method Summary

• .create(interface) ⇒ Object
• .drop_privileges(login) ⇒ true

  Irrevocably change the current user for this Unix process by calling the setresuid system call.

Instance Method Summary

• #initialize(interface, command, rewrite:, pretend:, user:) ⇒ Shim constructor

  Create a Shim.

• #run ⇒ Object

  Run the shim.

Constructor Details

#initialize(interface, command, rewrite:, pretend:, user:) ⇒ Shim

Create a Shim.

Parameters:

• command (Array) —

  collection of string to pass to Kernel#exec; 0th element is the command name

# File 'lib/cmdb/commands/shim.rb', line 62

def initialize(interface, command, rewrite:, pretend:, user:)
  @cmdb            = interface
  @command         = command
  @dir             = rewrite
  @pretend         = pretend
  @user            = user
end

Instance Attribute Details

#cmdb ⇒ CMDB::Interface (readonly)

Returns:

• (CMDB::Interface)

# File 'lib/cmdb/commands/shim.rb', line 58

def cmdb
  @cmdb
end

Class Method Details

.create(interface) ⇒ Object

# File 'lib/cmdb/commands/shim.rb', line 5

def self.create(interface)
  options = Trollop.options do
    banner "The 'shim' command adapts your applications for use with CMDB without coupling them to\nthe CMDB RubyGem (or forcing you to write your applications in Ruby). It works by\nmanipulating the environment or filesystem to make CMDB inputs visible, then invoking\nyour app.\n\nTo use the shim with apps that read configuration from the filesystem, use the --rewrite\noption to tell the shim where to rewrite configuration files. It will look for tokens\nin JSON or YML that look like <<cmdb.key.name>> and replace them with the value of\nthe specified key.\n\nThe shim populates the environment with all data from every source. The source-\nspecific prefix of each key is omitted from the environment variable name,\ne.g. \"common.database.host\" is represented as DATABASE_HOST.\n\nUsage:\ncmdb shim [options] -- <command_to_exec> [options_for_command]\n\nWhere [options] are selected from:\n    EOS\n    opt :rewrite,\n        'Directory to scan for key-replacement tokens in data files',\n        type: :string\n    opt :pretend,\n        'Check for errors, but do not actually launch the app or rewrite files',\n        default: false\n    opt :user,\n        'Switch to named user before executing app',\n        type: :string\n  end\n  options.delete(:help)\n\n  options.delete_if { |k, v| k.to_s =~ /_given$/i }\n  new(interface, ARGV, **options)\nend\n"

.drop_privileges(login) ⇒ true

Irrevocably change the current user for this Unix process by calling the setresuid system call. This sets both the uid and gid (to the user’s primary group).

Parameters:

• login (String) —

  name of user to switch to

Returns:

• (true)

Raises:

• (ArgumentError) —

  if the named user does not exist

# File 'lib/cmdb/commands/shim.rb', line 50

def self.drop_privileges(login)
  pwent = Etc.getpwnam(login)
  Process::Sys.setresgid(pwent.gid, pwent.gid, pwent.gid)
  Process::Sys.setresuid(pwent.uid, pwent.uid, pwent.uid)
  true
end

Instance Method Details

#run ⇒ Object

Run the shim.

Raises:

• (SystemExit) —

  if something goes wrong

# File 'lib/cmdb/commands/shim.rb', line 73

def run
  populate_environment
  rewrote = rewrite_files

  if !rewrote && !@pretend && @command.empty?
    CMDB.log.warn 'CMDB: nothing to do; please specify --dir, or -- followed by a command to run'
    exit 7
  end

  launch_app
end