Class: CMDB::Commands::Shim

Inherits:

Object

• Object
• CMDB::Commands::Shim

Defined in:

lib/cmdb/commands/shim.rb

Instance Attribute Summary

• #cmdb ⇒ CMDB::Interface readonly

Class Method Summary

• .create(interface) ⇒ Object
• .drop_privileges(login) ⇒ true

  Irrevocably change the current user for this Unix process by calling the setresuid system call.

Instance Method Summary

• #initialize(interface, command, rewrite:, pretend:, user:) ⇒ Shim constructor

  Create a Shim.

• #run ⇒ Object

  Run the shim.

Constructor Details

#initialize(interface, command, rewrite:, pretend:, user:) ⇒ Shim

Create a Shim.

Parameters:

• command (Array) —

  collection of string to pass to Kernel#exec; 0th element is the command name

# File 'lib/cmdb/commands/shim.rb', line 62

def initialize(interface, command, rewrite:, pretend:, user:)
  @cmdb            = interface
  @command         = command
  @dir             = rewrite
  @pretend         = pretend
  @user            = user
end

Instance Attribute Details

#cmdb ⇒ CMDB::Interface (readonly)

Returns:

• (CMDB::Interface)

# File 'lib/cmdb/commands/shim.rb', line 58

def cmdb
  @cmdb
end

Class Method Details

.create(interface) ⇒ Object

# File 'lib/cmdb/commands/shim.rb', line 5

def self.create(interface)
  options = Trollop.options do
    banner <<-EOS
The 'shim' command adapts your applications for use with CMDB without coupling them to
the CMDB RubyGem (or forcing you to write your applications in Ruby). It works by
manipulating the environment or filesystem to make CMDB inputs visible, then invoking
your app.

To use the shim with apps that read configuration from the filesystem, use the --rewrite
option to tell the shim where to rewrite configuration files. It will look for tokens
in JSON or YML that look like <<cmdb.key.name>> and replace them with the value of
the specified key.

The shim populates the environment with all data from every source. The source-
specific prefix of each key is omitted from the environment variable name,
e.g. "common.database.host" is represented as DATABASE_HOST.

Usage:
cmdb shim [options] -- <command_to_exec> [options_for_command]

Where [options] are selected from:
    EOS
    opt :rewrite,
        'Directory to scan for key-replacement tokens in data files',
        type: :string
    opt :pretend,
        'Check for errors, but do not actually launch the app or rewrite files',
        default: false
    opt :user,
        'Switch to named user before executing app',
        type: :string
  end
  options.delete(:help)

  options.delete_if { |k, v| k.to_s =~ /_given$/i }
  new(interface, ARGV, **options)
end

.drop_privileges(login) ⇒ true

Irrevocably change the current user for this Unix process by calling the setresuid system call. This sets both the uid and gid (to the user’s primary group).

Parameters:

• login (String) —

  name of user to switch to

Returns:

• (true)

Raises:

• (ArgumentError) —

  if the named user does not exist

# File 'lib/cmdb/commands/shim.rb', line 50

def self.drop_privileges(login)
  pwent = Etc.getpwnam(login)
  Process::Sys.setresgid(pwent.gid, pwent.gid, pwent.gid)
  Process::Sys.setresuid(pwent.uid, pwent.uid, pwent.uid)
  true
end

Instance Method Details

#run ⇒ Object

Run the shim.

Raises:

• (SystemExit) —

  if something goes wrong

# File 'lib/cmdb/commands/shim.rb', line 73

def run
  populate_environment
  rewrote = rewrite_files

  if !rewrote && !@pretend && @command.empty?
    CMDB.log.warn 'CMDB: nothing to do; please specify --dir, or -- followed by a command to run'
    exit 7
  end

  launch_app
end