add code to support xdsh -K for non-root ids and not to use xcatbypass
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@2701 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
parent
37db64b1e8
commit
bae1e1110a
@ -40,7 +40,7 @@ our @dsh_valid_env = (
|
||||
'DSH_NODE_OPTS', 'DSH_NODE_RCP',
|
||||
'DSH_NODE_RSH', 'DSH_OUTPUT',
|
||||
'DSH_PATH', 'DSH_SYNTAX',
|
||||
'DSH_TIMEOUT',
|
||||
'DSH_TIMEOUT', 'DSH_REMOTE_PASSWORD',
|
||||
);
|
||||
select(STDERR);
|
||||
$| = 1;
|
||||
@ -2127,20 +2127,23 @@ sub config_dsh
|
||||
&& xCAT::MsgUtils->message("I", $rsp, $::CALLBACK);
|
||||
|
||||
# Check devicetype attr and try to load device configuration
|
||||
$$options{'devicetype'} =
|
||||
$$options{'devicetype'} || $ENV{'DEVICETYPE'} || undef;
|
||||
if ( $$options{'devicetype'} )
|
||||
$$options{'devicetype'} = $$options{'devicetype'}
|
||||
|| $ENV{'DEVICETYPE'}
|
||||
|| undef;
|
||||
if ($$options{'devicetype'})
|
||||
{
|
||||
$ENV{'DEVICETYPE'} = $$options{'devicetype'};
|
||||
my $devicepath = $$options{'devicetype'};
|
||||
$devicepath =~ s/::/\//g;
|
||||
$devicepath = "/var/opt/xcat/" . $devicepath. "/config";
|
||||
$devicepath = "/var/opt/xcat/" . $devicepath . "/config";
|
||||
|
||||
# Get configuration from $::XCATDEVCFGDIR
|
||||
if ( -e $devicepath)
|
||||
if (-e $devicepath)
|
||||
{
|
||||
my $deviceconf = get_config($devicepath);
|
||||
|
||||
# Get all dsh section configuration
|
||||
foreach my $entry (keys %{ $$deviceconf{'xdsh'} } )
|
||||
foreach my $entry (keys %{$$deviceconf{'xdsh'}})
|
||||
{
|
||||
my $value = $$deviceconf{'xdsh'}{$entry};
|
||||
if ($value)
|
||||
@ -2259,6 +2262,7 @@ sub config_dsh
|
||||
# Check if $$options{'pre-command'} has been overwritten
|
||||
if (!$$options{'pre-command'})
|
||||
{
|
||||
|
||||
# Set a default PATH
|
||||
$$options{'pre-command'} = $path_set;
|
||||
|
||||
@ -2294,7 +2298,7 @@ sub config_dsh
|
||||
{
|
||||
push @settings, "PERL_BADLANG${env_assign}0";
|
||||
}
|
||||
|
||||
|
||||
my $locale_settings = join ' ', @settings;
|
||||
!($$options{'syntax'} eq 'csh') && ($locale_settings .= ' ; ');
|
||||
|
||||
@ -2307,7 +2311,7 @@ sub config_dsh
|
||||
}
|
||||
|
||||
# Check if $$options{'post-command'} has been overwritten.
|
||||
if (! $$options{'post-command'} )
|
||||
if (!$$options{'post-command'})
|
||||
{
|
||||
if ($$options{'syntax'} eq 'csh')
|
||||
{
|
||||
@ -2327,19 +2331,22 @@ sub config_dsh
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
# post-command is overwritten by user , set env $::USER_POST_CMD
|
||||
$::USER_POST_CMD = 1;
|
||||
if ($$options{'post-command'} =~ /NULL/ )
|
||||
if ($$options{'post-command'} =~ /NULL/)
|
||||
{
|
||||
$$options{'post-command'} = '';
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
# $::DSH_EXIT_STATUS ony can be used in DSHCore::pipe_handler_buffer
|
||||
# and DSHCore::pipe_handler
|
||||
$$options{'exit-status'}
|
||||
&& ($::DSH_EXIT_STATUS = 1);
|
||||
&& ($::DSH_EXIT_STATUS = 1);
|
||||
$$options{'post-command'} = ";$$options{'post-command'}";
|
||||
|
||||
# Append "DSH_RC" keyword to mark output
|
||||
$$options{'post-command'} = "$$options{'post-command'};echo DSH_RC";
|
||||
}
|
||||
@ -3540,9 +3547,10 @@ sub usage_dsh
|
||||
## usage message
|
||||
my $usagemsg1 =
|
||||
" xdsh -h \n xdsh -q \n xdsh -v \n xdsh [noderange] [group]\n";
|
||||
my $usagemsg2 =
|
||||
my $usagemsg1a = " xdsh [noderange] -K [-w touserid]\n";
|
||||
my $usagemsg2 =
|
||||
" [-B bypass ] [-C context] [-c] [-e] [-E environment_file] [--devicetype type_of_device] [-f fanout]\n";
|
||||
my $usagemsg3 = " [-l user_ID] [-L] [-K ssh setup] ";
|
||||
my $usagemsg3 = " [-l user_ID] [-L] ";
|
||||
my $usagemsg4 =
|
||||
"[-m] [-o options][-q] [-Q] [-r remote_shell] [-i image path]\n";
|
||||
my $usagemsg5 =
|
||||
@ -3550,8 +3558,8 @@ sub usage_dsh
|
||||
my $usagemsg6 = " [command_list]\n";
|
||||
my $usagemsg7 =
|
||||
"Note:Context always defaults to XCAT unless -C flag is set.";
|
||||
my $usagemsg .= $usagemsg1 .= $usagemsg2 .= $usagemsg3 .= $usagemsg4 .=
|
||||
$usagemsg5 .= $usagemsg6 .= $usagemsg7;
|
||||
my $usagemsg .= $usagemsg1 .= $usagemsg1a .= $usagemsg2 .= $usagemsg3 .=
|
||||
$usagemsg4 .= $usagemsg5 .= $usagemsg6 .= $usagemsg7;
|
||||
### end usage mesage
|
||||
if ($::CALLBACK)
|
||||
{
|
||||
@ -3599,11 +3607,12 @@ sub parse_and_run_dsh
|
||||
my ($class, $nodes, $args, $callback, $command, $noderange) = @_;
|
||||
|
||||
$::CALLBACK = $callback;
|
||||
if (!($args)) {
|
||||
if (!($args))
|
||||
{
|
||||
usage_dsh;
|
||||
exit 1;
|
||||
}
|
||||
@ARGV = @{$args}; # get arguments
|
||||
@ARGV = @{$args}; # get arguments
|
||||
if ($ENV{'XCATROOT'})
|
||||
{
|
||||
$::XCATROOT = $ENV{'XCATROOT'}; # setup xcatroot home directory
|
||||
@ -3633,20 +3642,20 @@ sub parse_and_run_dsh
|
||||
|
||||
if (
|
||||
!GetOptions(
|
||||
'e|execute' => \$options{'execute'},
|
||||
'f|fanout=i' => \$options{'fanout'},
|
||||
'h|help' => \$options{'help'},
|
||||
'l|user=s' => \$options{'user'},
|
||||
'm|monitor' => \$options{'monitor'},
|
||||
'o|node-options=s' => \$options{'node-options'},
|
||||
'q|show-config' => \$options{'show-config'},
|
||||
'r|node-rsh=s' => \$options{'node-rsh'},
|
||||
'i|rootimg=s' => \$options{'rootimg'},
|
||||
's|stream' => \$options{'streaming'},
|
||||
't|timeout=i' => \$options{'timeout'},
|
||||
'v|verify' => \$options{'verify'},
|
||||
'z|exit-status' => \$options{'exit-status'},
|
||||
|
||||
'e|execute' => \$options{'execute'},
|
||||
'f|fanout=i' => \$options{'fanout'},
|
||||
'h|help' => \$options{'help'},
|
||||
'l|user=s' => \$options{'user'},
|
||||
'm|monitor' => \$options{'monitor'},
|
||||
'o|node-options=s' => \$options{'node-options'},
|
||||
'q|show-config' => \$options{'show-config'},
|
||||
'r|node-rsh=s' => \$options{'node-rsh'},
|
||||
'i|rootimg=s' => \$options{'rootimg'},
|
||||
's|stream' => \$options{'streaming'},
|
||||
't|timeout=i' => \$options{'timeout'},
|
||||
'v|verify' => \$options{'verify'},
|
||||
'w|touserid=s' => \$options{'touserid'},
|
||||
'z|exit-status' => \$options{'exit-status'},
|
||||
'B|bypass' => \$options{'bypass'},
|
||||
'C|context=s' => \$options{'context'},
|
||||
'E|environment=s' => \$options{'environment'},
|
||||
@ -3658,7 +3667,7 @@ sub parse_and_run_dsh
|
||||
'T|trace' => \$options{'trace'},
|
||||
'V|version' => \$options{'version'},
|
||||
|
||||
'devicetype|devicetype=s' => \$options{'devicetype'},
|
||||
'devicetype|devicetype=s' => \$options{'devicetype'},
|
||||
'command-name|commandName=s' => \$options{'command-name'},
|
||||
'command-description|commandDescription=s' =>
|
||||
\$options{'command-description'},
|
||||
@ -3718,8 +3727,9 @@ sub parse_and_run_dsh
|
||||
# we will use the create the nostname from the directory
|
||||
# for the hostname in the output
|
||||
my $path = $options{'rootimg'};
|
||||
$imagename= xCAT::Utils->get_image_name($path);
|
||||
if (@$nodes[0] eq "NO_NODE_RANGE") { # from sinv, discard this name
|
||||
$imagename = xCAT::Utils->get_image_name($path);
|
||||
if (@$nodes[0] eq "NO_NODE_RANGE")
|
||||
{ # from sinv, discard this name
|
||||
undef @$nodes;
|
||||
}
|
||||
if (defined(@$nodes))
|
||||
@ -3727,7 +3737,7 @@ sub parse_and_run_dsh
|
||||
my $rsp = ();
|
||||
$rsp->{data}->[0] =
|
||||
"Input noderange:@$nodes and any other xdsh flags or environment variables are not valid with -i flag.";
|
||||
xCAT::MsgUtils->message("E", $rsp, $::CALLBACK,1);
|
||||
xCAT::MsgUtils->message("E", $rsp, $::CALLBACK, 1);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -3755,25 +3765,89 @@ sub parse_and_run_dsh
|
||||
return;
|
||||
|
||||
}
|
||||
else
|
||||
|
||||
# Rules: if (current userid running command) not eq touserid,
|
||||
# the current running userid must be root
|
||||
#
|
||||
# if not set then the touserid will be defaulted to
|
||||
# the current running userid.
|
||||
# DSH_REMOTE_PASSWORD env variable must be set to the correct
|
||||
# password for the key update. This was setup in xdsh client
|
||||
# frontend. remoteshell.expect depends on this
|
||||
|
||||
if (!($ENV{'DSH_REMOTE_PASSWORD'}))
|
||||
{
|
||||
if (defined $options{'devicetype'})
|
||||
{
|
||||
$ENV{'DEVICETYPE'} = $options{'devicetype'};
|
||||
my $devicepath = $options{'devicetype'};
|
||||
$devicepath =~ s/::/\//g;
|
||||
$devicepath = "/var/opt/xcat/" . $devicepath. "/config";
|
||||
if ( -e $devicepath)
|
||||
{
|
||||
my $deviceconf = get_config($devicepath);
|
||||
# Get ssh-setup-command attribute from configuration
|
||||
$ENV{'SSH_SETUP_COMMAND'} = $$deviceconf{'main'}{'ssh-setup-command'};
|
||||
}
|
||||
}
|
||||
my $rc = xCAT::Utils->setupSSH(@nodelist);
|
||||
my @results = "return code = $rc";
|
||||
return (@results);
|
||||
my $rsp = ();
|
||||
$rsp->{data}->[0] =
|
||||
"User password for ssh key exchange has not been supplied./n Cannot complete the -K command./n";
|
||||
xCAT::MsgUtils->message("E", $rsp, $::CALLBACK, 1);
|
||||
return;
|
||||
|
||||
}
|
||||
|
||||
if (!($ENV{'DSH_CURRENT_USERID'}))
|
||||
{
|
||||
my $rsp = ();
|
||||
$rsp->{data}->[0] =
|
||||
"Current Userid has not been supplied./n Cannot complete the -K command./n";
|
||||
xCAT::MsgUtils->message("E", $rsp, $::CALLBACK, 1);
|
||||
return;
|
||||
|
||||
}
|
||||
|
||||
my $current_userid = $ENV{'DSH_CURRENT_USERID'};
|
||||
|
||||
# if touser id defined
|
||||
if (defined $options{'touserid'})
|
||||
{
|
||||
|
||||
# if current_userid ne touserid then current_userid
|
||||
# must be root
|
||||
if ( ($current_userid ne $options{'touserid'})
|
||||
&& ($current_userid ne "root"))
|
||||
{
|
||||
my $rsp = ();
|
||||
$rsp->{data}->[0] =
|
||||
"When touserid:$options{'touserid'} is not the same as the current user:$current_userid. The the command must be run by root id.";
|
||||
xCAT::MsgUtils->message("E", $rsp, $::CALLBACK, 1);
|
||||
return;
|
||||
}
|
||||
|
||||
# passed security checks so, if set
|
||||
$ENV{'DSH_FROM_USERID'} = $current_userid;
|
||||
$ENV{'DSH_TO_USERID'} = $options{'touserid'};
|
||||
}
|
||||
else
|
||||
{ # not defined, so default to current userid
|
||||
$ENV{'DSH_FROM_USERID'} = $current_userid;
|
||||
$ENV{'DSH_TO_USERID'} = $current_userid;
|
||||
}
|
||||
|
||||
# setting up IB switch ssh, different interface that ssh for
|
||||
# userid on node. Must build special ssh command to be sent
|
||||
# to the IB switch to setup ssh
|
||||
if (defined $options{'devicetype'})
|
||||
{
|
||||
$ENV{'DEVICETYPE'} = $options{'devicetype'};
|
||||
my $devicepath = $options{'devicetype'};
|
||||
$devicepath =~ s/::/\//g;
|
||||
$devicepath = "/var/opt/xcat/" . $devicepath . "/config";
|
||||
if (-e $devicepath)
|
||||
{
|
||||
my $deviceconf = get_config($devicepath);
|
||||
|
||||
# Get ssh-setup-command attribute from configuration
|
||||
$ENV{'SSH_SETUP_COMMAND'} =
|
||||
$$deviceconf{'main'}{'ssh-setup-command'};
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
# setup ssh keys on the nodes or ib switch
|
||||
#
|
||||
my $rc = xCAT::Utils->setupSSH(@nodelist);
|
||||
my @results = "return code = $rc";
|
||||
return (@results);
|
||||
}
|
||||
if (!(@ARGV))
|
||||
{ # no args , an error
|
||||
@ -3892,11 +3966,12 @@ sub parse_and_run_dcp
|
||||
{
|
||||
my ($class, $nodes, $args, $callback, $command, $noderange) = @_;
|
||||
$::CALLBACK = $callback;
|
||||
if (!($args)) {
|
||||
if (!($args))
|
||||
{
|
||||
usage_dcp;
|
||||
exit 1;
|
||||
}
|
||||
@ARGV = @{$args}; # get arguments
|
||||
@ARGV = @{$args}; # get arguments
|
||||
if ($ENV{'XCATROOT'})
|
||||
{
|
||||
$::XCATROOT = $ENV{'XCATROOT'}; # setup xcatroot home directory
|
||||
@ -4031,20 +4106,24 @@ sub parse_and_run_dcp
|
||||
#
|
||||
# build list of nodes
|
||||
my @nodelist;
|
||||
if (defined(@$nodes)) { # there are nodes
|
||||
@nodelist = @$nodes;
|
||||
$options{'nodes'} = join(',', @nodelist);
|
||||
} else {
|
||||
my $rsp={};
|
||||
if (defined(@$nodes))
|
||||
{ # there are nodes
|
||||
@nodelist = @$nodes;
|
||||
$options{'nodes'} = join(',', @nodelist);
|
||||
}
|
||||
else
|
||||
{
|
||||
my $rsp = {};
|
||||
$rsp->{data}->[0] = "Noderange missing in command input.";
|
||||
xCAT::MsgUtils->message("E", $rsp, $::CALLBACK, 1);
|
||||
return;
|
||||
}
|
||||
|
||||
# Execute the dcp api
|
||||
my @results = xCAT::DSHCLI->runDcp_api(\%options, 0);
|
||||
if ($::RUNCMD_RC)
|
||||
{ # error from dcp
|
||||
my $rsp={};
|
||||
my $rsp = {};
|
||||
$rsp->{data}->[0] = "Error from xdsh. Return Code = $::RUNCMD_RC";
|
||||
xCAT::MsgUtils->message("E", $rsp, $::CALLBACK, 1);
|
||||
|
||||
@ -4383,7 +4462,7 @@ sub runDcp_api
|
||||
if (!$DSHCLI::NO_MESSAGES)
|
||||
{
|
||||
xCAT::MsgUtils->message("E",
|
||||
"dcp command failed, Return code=$::RUNCMD_RC.");
|
||||
"dcp command failed, Return code=$::RUNCMD_RC.");
|
||||
}
|
||||
}
|
||||
|
||||
@ -4490,8 +4569,8 @@ duke.edu/pub/yum-repository/redhat/$releasever/$basearch/'
|
||||
#-------------------------------------------------------------------------------
|
||||
sub get_config
|
||||
{
|
||||
my $configfile = shift;
|
||||
my @content = readFile($configfile);
|
||||
my $configfile = shift;
|
||||
my @content = readFile($configfile);
|
||||
my $current_section = "DEFAULT";
|
||||
my %config;
|
||||
my $xcat_use;
|
||||
@ -4500,27 +4579,34 @@ sub get_config
|
||||
{
|
||||
my ($entry, $value);
|
||||
chomp $line;
|
||||
if ( $line =~ /\QDO NOT ERASE THIS SECTION\E/ )
|
||||
if ($line =~ /\QDO NOT ERASE THIS SECTION\E/)
|
||||
{
|
||||
# reverse flag
|
||||
$xcat_use = ! $xcat_use;
|
||||
|
||||
# reverse flag
|
||||
$xcat_use = !$xcat_use;
|
||||
}
|
||||
if ($xcat_use)
|
||||
{
|
||||
# Remove leading "#". This line is used by xCAT
|
||||
$line =~ s/^#//g;
|
||||
|
||||
# Remove leading "#". This line is used by xCAT
|
||||
$line =~ s/^#//g;
|
||||
}
|
||||
else
|
||||
{
|
||||
# Remove comment line
|
||||
$line =~ s/#.*$//g;
|
||||
|
||||
# Remove comment line
|
||||
$line =~ s/#.*$//g;
|
||||
}
|
||||
$line =~ s/^\s+//g;
|
||||
$line =~ s/\s+$//g;
|
||||
next unless $line;
|
||||
if ( $line =~ /^\s*\[([\w+-\.]+)\]\s*$/ ) {
|
||||
if ($line =~ /^\s*\[([\w+-\.]+)\]\s*$/)
|
||||
{
|
||||
$current_section = $1;
|
||||
} else {
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
# Ignore line doesn't key/value pair.
|
||||
if ($line !~ /=/)
|
||||
{
|
||||
@ -4530,6 +4616,7 @@ sub get_config
|
||||
$entry = $1;
|
||||
$value = $2;
|
||||
$entry =~ s/^#*//g;
|
||||
|
||||
# Remove leading and trailing spaces
|
||||
$entry =~ s/^\s+//g;
|
||||
$entry =~ s/\s+$//g;
|
||||
@ -4573,5 +4660,4 @@ sub readFile
|
||||
return @contents;
|
||||
}
|
||||
|
||||
|
||||
1;
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -151,6 +151,14 @@ if (!($::CONTEXT_SET))
|
||||
push(@{$cmdref->{env}}, "DSH_CONTEXT=$ENV{'DSH_CONTEXT'}");
|
||||
}
|
||||
}
|
||||
if ($ENV{'DSH_REMOTE_PASSWORD'})
|
||||
{
|
||||
push(@{$cmdref->{env}}, "DSH_REMOTE_PASSWORD=$ENV{'DSH_REMOTE_PASSWORD'}");
|
||||
}
|
||||
if ($ENV{'DSH_CURRENT_USERID'})
|
||||
{
|
||||
push(@{$cmdref->{env}}, "DSH_CURRENT_USERID=$ENV{'DSH_CURRENT_USERID'}");
|
||||
}
|
||||
|
||||
xCAT::Client::submit_request($cmdref, \&xCAT::Client::handle_response);
|
||||
exit $xCAT::Client::EXITCODE;
|
||||
@ -176,20 +184,20 @@ sub parse_args_xdsh
|
||||
my %options = ();
|
||||
if (
|
||||
!GetOptions(
|
||||
'e|execute' => \$options{'execute'},
|
||||
'f|fanout=i' => \$options{'fanout'},
|
||||
'h|help' => \$options{'help'},
|
||||
'l|user=s' => \$options{'user'},
|
||||
'm|monitor' => \$options{'monitor'},
|
||||
'o|node-options=s' => \$options{'node-options'},
|
||||
'q|show-config' => \$options{'show-config'},
|
||||
'r|node-rsh=s' => \$options{'node-rsh'},
|
||||
'i|rootimg=s' => \$options{'rootimg'},
|
||||
's|stream' => \$options{'streaming'},
|
||||
't|timeout=i' => \$options{'timeout'},
|
||||
'v|verify' => \$options{'verify'},
|
||||
'z|exit-status' => \$options{'exit-status'},
|
||||
|
||||
'e|execute' => \$options{'execute'},
|
||||
'f|fanout=i' => \$options{'fanout'},
|
||||
'h|help' => \$options{'help'},
|
||||
'l|user=s' => \$options{'user'},
|
||||
'm|monitor' => \$options{'monitor'},
|
||||
'o|node-options=s' => \$options{'node-options'},
|
||||
'q|show-config' => \$options{'show-config'},
|
||||
'r|node-rsh=s' => \$options{'node-rsh'},
|
||||
'i|rootimg=s' => \$options{'rootimg'},
|
||||
's|stream' => \$options{'streaming'},
|
||||
't|timeout=i' => \$options{'timeout'},
|
||||
'v|verify' => \$options{'verify'},
|
||||
'w|touserid=s' => \$options{'touserid'},
|
||||
'z|exit-status' => \$options{'exit-status'},
|
||||
'B|bypass' => \$options{'bypass'},
|
||||
'C|context=s' => \$options{'context'},
|
||||
'E|environment=s' => \$options{'environment'},
|
||||
@ -201,7 +209,7 @@ sub parse_args_xdsh
|
||||
'T|trace' => \$options{'trace'},
|
||||
'V|version' => \$options{'version'},
|
||||
|
||||
'devicetype=s' => \$options{'devicetype'},
|
||||
'devicetype=s' => \$options{'devicetype'},
|
||||
'command-name|commandName=s' => \$options{'command-name'},
|
||||
'command-description|commandDescription=s' =>
|
||||
\$options{'command-description'},
|
||||
@ -225,7 +233,29 @@ sub parse_args_xdsh
|
||||
}
|
||||
if ($options{'ssh-setup'})
|
||||
{
|
||||
$ENV{XCATBYPASS} = "yes"; # bypass xcatd
|
||||
|
||||
# prompt for the password for the current userid on the node
|
||||
my $current_userid = getlogin();
|
||||
$ENV{DSH_CURRENT_USERID} = $current_userid;
|
||||
my $userpw;
|
||||
my $msg =
|
||||
"Enter the password for the userid on the node where the ssh keys \nwill be updated:\n";
|
||||
xCAT::MsgUtils->message("I", $msg);
|
||||
system("stty -echo"); # turn off keyboard
|
||||
chop($userpw = <STDIN>);
|
||||
system("stty echo"); # turn on keyboard
|
||||
|
||||
if ($userpw eq "")
|
||||
{ # did not enter a password
|
||||
$msg = "Did not enter a password must abort the key exchange";
|
||||
xCAT::MsgUtils->message("E", $msg);
|
||||
exit 2;
|
||||
}
|
||||
else
|
||||
{ # password entered pass to the server
|
||||
$ENV{DSH_REMOTE_PASSWORD} = $userpw;
|
||||
|
||||
}
|
||||
}
|
||||
if ($options{'version'})
|
||||
{
|
||||
|
@ -1,17 +1,34 @@
|
||||
#!/usr/bin/expect --
|
||||
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
|
||||
#
|
||||
#
|
||||
# sets up ssh on the input node list
|
||||
# called from by xdsh <nodelist> -K command
|
||||
# Environment Variables:
|
||||
#
|
||||
# DSH_REMOTE_CMD set to path to remote shell (ssh)
|
||||
# DSH_REMOTE_CMD set to path to remote shell (ssh)
|
||||
# root password must agree on all the nodes
|
||||
#
|
||||
# XCAT_ROOT set to root of xCAT install
|
||||
#
|
||||
# DSH_REMOTE_PASSWORD - user password for -s option
|
||||
#
|
||||
# SSH_SETUP_COMMAND - Command to be sent to the IB switch to setup SSH.
|
||||
#
|
||||
# DSH_FROM_USERID_HOME - The home directory of the userid from
|
||||
# where the ssh keys will be obtained
|
||||
# to send
|
||||
#
|
||||
# DSH_FROM_USERID - The userid from where the ssh keys will be obtained
|
||||
# to send
|
||||
# to the node, or generated and then obtained to send to the
|
||||
# node.
|
||||
# DSH_TO_USERID - The userid on the node where the ssh keys will be updated.
|
||||
#
|
||||
# Usage: remoteshell.expect
|
||||
# [-t remote_shell hostname] test the remoteshell on the host
|
||||
# [-k] Generates the ssh keys needed
|
||||
# [-n hostname] - gather ssh keys for the hostname
|
||||
# [-s node_list]
|
||||
# [-s node_list] copies the ssh keys to the nodes
|
||||
# [-h ] usage
|
||||
#
|
||||
# exit 0 - good
|
||||
@ -21,6 +38,9 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
#
|
||||
################################################################################
|
||||
|
||||
set timeout 80
|
||||
log_user 0
|
||||
|
||||
@ -39,17 +59,34 @@ if { [info exists env(XCATROOT)] } {
|
||||
} else {
|
||||
set xcatroot "/opt/xcat"
|
||||
}
|
||||
if { [info exists env(XCAT_UPD_MULTNODES)] } {
|
||||
set manynodes $env(XCAT_UPD_MULTNODES)
|
||||
} else {
|
||||
set manynodes ""
|
||||
}
|
||||
|
||||
if { [info exists env(SSH_SETUP_COMMAND)] } {
|
||||
set ssh_setup_cmd $env(SSH_SETUP_COMMAND)
|
||||
} else {
|
||||
set ssh_setup_cmd ""
|
||||
}
|
||||
# User on the Management node that has the ssh keys
|
||||
if { [info exists env(DSH_FROM_USERID)] } {
|
||||
set from_userid $env(DSH_FROM_USERID)
|
||||
} else {
|
||||
set from_userid "root"
|
||||
}
|
||||
|
||||
# User on the node where we will send the ssh keys
|
||||
if { [info exists env(DSH_TO_USERID)] } {
|
||||
set to_userid $env(DSH_TO_USERID)
|
||||
} else {
|
||||
set to_userid "root"
|
||||
}
|
||||
|
||||
# get the from userid and its home directory to get the ssh keys
|
||||
|
||||
#set home [exec /usr/bin/perl -e {$user = $ENV{'DSH_FROM_USERID'} ? $ENV{'DSH_FROM_USERID'} : "root"; @info = getpwnam($user); print $info[7] . "\n";}]
|
||||
|
||||
#if { [string compare $home $empty] ==0 } {
|
||||
#set home $env(HOME)
|
||||
#}
|
||||
set home $env(DSH_FROM_USERID_HOME)
|
||||
|
||||
#
|
||||
# check input arguments
|
||||
@ -60,7 +97,6 @@ if { [llength $argv] != 0 } {
|
||||
puts "Usage: remoteshell.expect"
|
||||
puts " -t remote_shell hostname - test the remoteshell on the host"
|
||||
puts " -k Generates the ssh keys needed"
|
||||
puts " -n hostname - gather ssh keys for the hostname"
|
||||
puts " -s node_list - copies keys to the nodes"
|
||||
puts " -h usage"
|
||||
exit 0
|
||||
@ -68,13 +104,8 @@ if { [llength $argv] != 0 } {
|
||||
# -t means test to see if the shell is already setup
|
||||
if { [string compare "-t" [lindex $argv 0]] ==0 } {
|
||||
set env(LC_ALL) "C"
|
||||
if { [string compare $ssh_setup_cmd $empty] !=0 } {
|
||||
set userid "admin"
|
||||
} else {
|
||||
set userid "root"
|
||||
}
|
||||
|
||||
set pid [ spawn [lindex $argv 1] [lindex $argv 2] -l $userid echo test.success ]
|
||||
set pid [ spawn [lindex $argv 1] [lindex $argv 2] -l $to_userid echo test.success ]
|
||||
expect {
|
||||
timeout { exit 1 }
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
@ -94,11 +125,7 @@ if { [llength $argv] != 0 } {
|
||||
}
|
||||
exit 1
|
||||
} elseif { [string compare "-k" [lindex $argv 0]] ==0 } {
|
||||
# -k means copy the keys to the nodes
|
||||
set home [exec /usr/bin/perl -e {$user = $ENV{'USER'} ? $ENV{'USER'} : "root"; @info = getpwnam($user); print $info[7] . "\n";}]
|
||||
if { [string compare $home $empty] ==0 } {
|
||||
set home $env(HOME)
|
||||
}
|
||||
# -k means generate the keys to the nodes
|
||||
# check to see if ssh rsa1 keys exists, if not generate it
|
||||
if {![file exists "$home/.ssh/identity"]} { # key does not exist
|
||||
set env(LC_ALL) "C"
|
||||
@ -179,39 +206,8 @@ if { [llength $argv] != 0 } {
|
||||
send "\r"
|
||||
expect eof
|
||||
}
|
||||
} elseif { [string compare "-n" [lindex $argv 0]] ==0 } {
|
||||
#gather ssh host keys
|
||||
set hostname [lindex $argv 1]
|
||||
set hlist [split $hostname '.']
|
||||
set name ""
|
||||
set nlist ""
|
||||
set j [llength $hlist]
|
||||
for { set i 0 } { $i<$j} {incr i } {
|
||||
set element [lindex $hlist $i]
|
||||
if { $i == 0 } {
|
||||
set name $element
|
||||
} else {
|
||||
|
||||
set name "$name.$element"
|
||||
}
|
||||
lappend nlist $name
|
||||
}
|
||||
|
||||
foreach hn $nlist {
|
||||
set env(LC_ALL) "C"
|
||||
set pid [ spawn $remoteshell $hn -l root echo test.success ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
exp_continue
|
||||
}
|
||||
"*ssword*" {
|
||||
exec /bin/kill $pid
|
||||
}
|
||||
"test.success" { continue }
|
||||
}
|
||||
}
|
||||
} elseif { [string compare "-s" [lindex $argv 0]] ==0 } {
|
||||
# copy the keys to the nodes
|
||||
set nodes [lindex $argv 1]
|
||||
set empty ""
|
||||
if { [string compare $nodes $empty] ==0 } {
|
||||
@ -222,27 +218,29 @@ if { [llength $argv] != 0 } {
|
||||
set nodelist2 $nodelist
|
||||
set printlist [ join $nodelist ", " ]
|
||||
set scp "/usr/bin/scp"
|
||||
set directory "/install/postscripts/.ssh"
|
||||
set fh_auth_keys2 [ open "/install/postscripts/.ssh/authorized_keys2" "r"]
|
||||
set directory "$home/.ssh"
|
||||
set fh_auth_keys2 [ open "$home/.ssh/authorized_keys2" "r"]
|
||||
set auth_keys2 [read $fh_auth_keys2]
|
||||
close $fh_auth_keys2
|
||||
if { [info exists env(XCAT_REMOTE_PASSWORD)] } {
|
||||
set word $env(XCAT_REMOTE_PASSWORD)
|
||||
if { [info exists env(DSH_REMOTE_PASSWORD)] } {
|
||||
set word $env(DSH_REMOTE_PASSWORD)
|
||||
} else {
|
||||
exec /bin/stty -echo
|
||||
set timeout 360
|
||||
puts "Enter the password for the userid (usually root) used to access the following target nodes: $printlist"
|
||||
expect_user "*\n"
|
||||
set timeout 80
|
||||
exec /bin/stty echo
|
||||
set word $expect_out(buffer)
|
||||
set expect_out(buffer) ""
|
||||
send_user "\n"
|
||||
exec /bin/stty -echo
|
||||
set timeout 360
|
||||
puts "Enter the password for the userid:$to_userid to access the following target nodes: $printlist"
|
||||
expect_user "*\n"
|
||||
set timeout 80
|
||||
exec /bin/stty echo
|
||||
set word $expect_out(buffer)
|
||||
set expect_out(buffer) ""
|
||||
send_user "\n"
|
||||
}
|
||||
|
||||
foreach node $nodelist {
|
||||
puts $node
|
||||
if { [string compare $ssh_setup_cmd $empty] ==0 } {
|
||||
set env(LC_ALL) "C"
|
||||
set pid [ spawn $scp -r -p $directory root\@$node:/tmp ]
|
||||
set pid [ spawn $remoteshell $node -l $to_userid /bin/mkdir -p /tmp/$to_userid/.ssh ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
@ -256,7 +254,49 @@ if { [llength $argv] != 0 } {
|
||||
exec /bin/kill $pid
|
||||
}
|
||||
}
|
||||
set pid [ spawn $remoteshell $node -l root /tmp/.ssh/copy.perl ]
|
||||
set pid [ spawn $scp $directory/authorized_keys2 $to_userid\@$node:/tmp/$to_userid/.ssh ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
exp_continue
|
||||
}
|
||||
"*ssword*" {
|
||||
send "$word\r"
|
||||
exp_continue
|
||||
}
|
||||
"Permission denied*" {
|
||||
exec /bin/kill $pid
|
||||
}
|
||||
}
|
||||
set pid [ spawn $scp $directory/authorized_keys $to_userid\@$node:/tmp/$to_userid/.ssh ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
exp_continue
|
||||
}
|
||||
"*ssword*" {
|
||||
send "$word\r"
|
||||
exp_continue
|
||||
}
|
||||
"Permission denied*" {
|
||||
exec /bin/kill $pid
|
||||
}
|
||||
}
|
||||
set pid [ spawn $scp $directory/copy.perl $to_userid\@$node:/tmp/$to_userid/.ssh ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
exp_continue
|
||||
}
|
||||
"*ssword*" {
|
||||
send "$word\r"
|
||||
exp_continue
|
||||
}
|
||||
"Permission denied*" {
|
||||
exec /bin/kill $pid
|
||||
}
|
||||
}
|
||||
set pid [ spawn $remoteshell $node -l $to_userid /tmp/$to_userid/.ssh/copy.perl ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
@ -285,7 +325,7 @@ if { [llength $argv] != 0 } {
|
||||
}
|
||||
# Trim semicolon at the tail
|
||||
set ssh_setup_string [string range $ssh_setup_string 1 end]
|
||||
set pid [ spawn $remoteshell $node -l admin $ssh_setup_string ]
|
||||
set pid [ spawn $remoteshell $node -l $to_userid $ssh_setup_string ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
@ -320,12 +360,7 @@ if { [llength $argv] != 0 } {
|
||||
}
|
||||
foreach hn $nlist {
|
||||
set env(LC_ALL) "C"
|
||||
if { [string compare $ssh_setup_cmd $empty] !=0 } {
|
||||
set userid "admin"
|
||||
} else {
|
||||
set userid "root"
|
||||
}
|
||||
set pid [ spawn $remoteshell $hn -l $userid echo test.success ]
|
||||
set pid [ spawn $remoteshell $hn -l $to_userid echo test.success ]
|
||||
expect {
|
||||
"Are you sure you want to continue connecting (yes/no)?" {
|
||||
send "yes\r"
|
||||
@ -356,80 +391,19 @@ if { [llength $argv] != 0 } {
|
||||
} else {
|
||||
exit 0
|
||||
}
|
||||
} elseif { [string compare "-d" [lindex $argv 0]] ==0 } {
|
||||
# check xdsh ping to verify
|
||||
set env(DSH_PING_VERIFY) "1"
|
||||
set env(DSH_LIST) [lindex $argv 1]
|
||||
log_user 1
|
||||
set timeout 360
|
||||
set env(LC_ALL) "C"
|
||||
if { [info exists env(XCAT_PING)] } {
|
||||
set pid [ spawn "$xcatroot/bin/xdsh" -B -v -t 80 /bin/echo test.success ]
|
||||
} else {
|
||||
set pid [ spawn "$xcatroot/bin/xdsh" -B -t 80 /bin/echo test.success ]
|
||||
}
|
||||
expect {
|
||||
timeout {
|
||||
exec /bin/kill $pid
|
||||
set failed "1"
|
||||
}
|
||||
}
|
||||
log_user 0
|
||||
set timeout 80
|
||||
} elseif { [string compare "-dn" [lindex $argv 0]] ==0 } {
|
||||
# check xdsh ping nodes
|
||||
set env(DSH_PING_VERIFY) "1"
|
||||
#set env(DSH_LIST) [lindex $argv 1]
|
||||
set node [lindex $argv 1]
|
||||
log_user 1
|
||||
set timeout 360
|
||||
set env(LC_ALL) "C"
|
||||
if { [info exists env(XCAT_PING)] } {
|
||||
set pid [ spawn "$xcatroot/bin/xdsh" $node -B -v -t 80 /bin/echo test.success ]
|
||||
} else { # no verify
|
||||
set pid [ spawn "$xcatroot/bin/xdsh" $node -B -t 80 /bin/echo test.success ]
|
||||
}
|
||||
expect {
|
||||
timeout {
|
||||
exec /bin/kill $pid
|
||||
set failed "1"
|
||||
}
|
||||
}
|
||||
log_user 0
|
||||
set timeout 80
|
||||
} elseif { [string compare "-ds" [lindex $argv 0]] ==0 } {
|
||||
# check dsh, ssh with options
|
||||
set env(DSH_PING_VERIFY) "1"
|
||||
set env(DSH_LIST) [lindex $argv 1]
|
||||
log_user 1
|
||||
set timeout 360
|
||||
set env(LC_ALL) "C"
|
||||
if { [info exists env(XCAT_PING)] } {
|
||||
set pid [ spawn $xcatroot/bin/xdsh -B -v -o "-o BatchMode=yes" -t 80 /bin/echo test.success ]
|
||||
} else { # no verify
|
||||
set pid [ spawn $xcatroot/bin/xdsh -B -o "-o BatchMode=yes" -t 80 /bin/echo test.success ]
|
||||
}
|
||||
expect {
|
||||
timeout {
|
||||
exec /bin/kill $pid
|
||||
set failed "1"
|
||||
}
|
||||
}
|
||||
log_user 0
|
||||
set timeout 80
|
||||
} else { # usage error
|
||||
} else { # usage error
|
||||
puts "flag entered is not valid"
|
||||
puts "Usage: remoteshell.expect"
|
||||
puts " -t remote_shell hostname - test the remoteshell on the host"
|
||||
puts " -k Generates the ssh keys needed"
|
||||
puts " -n hostname - gather ssh keys for the hostname"
|
||||
puts " -s node_list - copies keys to the nodes"
|
||||
exit 2
|
||||
}
|
||||
} else { # usage error
|
||||
puts "Command requires a flag"
|
||||
puts "Usage: remoteshell.expect"
|
||||
puts " -t remote_shell hostname - test the remoteshell on the host"
|
||||
puts " -k Generates the ssh keys needed"
|
||||
puts " -n hostname - gather ssh keys for the hostname"
|
||||
puts " -s node_list - copies keys to the nodes"
|
||||
exit 2
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user