diff --git a/bin/cdist b/bin/cdist index b04f2eb2..75047acb 100755 --- a/bin/cdist +++ b/bin/cdist @@ -69,6 +69,15 @@ def commandline(): help='Operate on multiple hosts sequentially (default)', action='store_false', dest='parallel') + parser['configinstall'].add_argument('--remote-copy', + help='Command to use for remote copy (should behave like scp)', + action='store', dest='remote_copy', + default="scp -o User=root -q") + parser['configinstall'].add_argument('--remote-exec', + help='Command to use for remote execution (should behave like ssh)', + action='store', dest='remote_exec', + default="ssh -o User=root -q") + # Config parser['config'] = parser['sub'].add_parser('config', parents=[parser['loglevel'], parser['configinstall']]) @@ -160,6 +169,8 @@ def configinstall_onehost(host, args, mode, parallel): context = cdist.context.Context( target_host=host, + remote_copy=args.remote_copy, + remote_exec=args.remote_exec, initial_manifest=args.manifest, base_path=args.cdist_home, exec_path=sys.argv[0], diff --git a/doc/changelog b/doc/changelog index 0e10533b..3546fe46 100644 --- a/doc/changelog +++ b/doc/changelog @@ -10,6 +10,7 @@ Changelog 2.0.11: 2012-05-23 * Fix insecure file/directory creation: Use umask 077 + * Add support for --remote-exec and --remote-copy parameters 2.0.10: 2012-05-18 * Cleanup __group: No getent gshadow in old Redhat, use groupmod -g diff --git a/doc/man/man1/cdist.text b/doc/man/man1/cdist.text index e46e84a3..b92fba18 100644 --- a/doc/man/man1/cdist.text +++ b/doc/man/man1/cdist.text @@ -41,23 +41,29 @@ CONFIG Configure a system -h, --help:: - Show the help screen + Show the help screen -c CDIST_HOME, --cdist-home CDIST_HOME:: - Instead of using the parent of the bin directory as cdist home, - use the specified directory + Instead of using the parent of the bin directory as cdist home, + use the specified directory -d, --debug:: - Enable debug output + Enable debug output -i MANIFEST, --initial-manifest MANIFEST:: - Path to a cdist manifest or - to read from stdin + Path to a cdist manifest or - to read from stdin -p, --parallel:: - Operate on multiple hosts in parallel + Operate on multiple hosts in parallel -s, --sequential:: - Operate on multiple hosts sequentially + Operate on multiple hosts sequentially + +--remote-copy REMOTE_COPY: + Command to use for remote copy (should behave like scp) + +--remote-exec REMOTE_EXEC: + Command to use for remote execution (should behave like ssh) EXAMPLES @@ -69,7 +75,12 @@ cdist config -d ikq05.ethz.ch # Configure hosts in parallel and use a different home directory cdist config -c ~/p/cdist-nutzung \ - -p ikq02.ethz.ch ikq03.ethz.ch ikq04.ethz.ch + -p ikq02.ethz.ch ikq03.ethz.ch ikq04.ethz.ch + +# Use custom remote exec / copy commands +cdist config --remote-exec /path/to/my/remote/exec \ + --remote-copy /path/to/my/remote/copy \ + -p ikq02.ethz.ch ikq03.ethz.ch ikq04.ethz.ch # Display banner cdist banner @@ -98,7 +109,7 @@ The following exit values shall be returned: 0:: Successful completion 1:: - One or more host configuration failed. + One or more host configurations failed SEE ALSO diff --git a/doc/man/man7/cdist-remote-exec-copy.text b/doc/man/man7/cdist-remote-exec-copy.text new file mode 100644 index 00000000..d789b12d --- /dev/null +++ b/doc/man/man7/cdist-remote-exec-copy.text @@ -0,0 +1,46 @@ +cdist-remote-exec-copy(7) +========================= +Nico Schottelius + + +NAME +---- +cdist-remote-exec-copy - How to use remote exec and copy + + +INTRO +----- +Cdist interacts with the target host in two ways: +- it executes code (__remote_exec) +- and it copies files (__remote_copy) + +By default this is accomplished with ssh and scp respectively. +The default implementations used by cdist are: +__remote_exec: ssh -o User=root -q +__remote_copy: scp -o User=root -q + +The user can override these defaults by providing custom implementations and +passing them to cdist with the --remote-exec and/or --remote-copy arguments. + +For __remote_exec, the custom implementation must behave as if it where ssh. +For __remote_copy, it must behave like scp. + +With this simple interface the user can take total control of how cdist +interacts with the target when required, while the default implementation +remains as simple as possible. + + +EXAMPLES +-------------- +See cdist/other/examples/remote/ for some example implementations. + + +SEE ALSO +-------- +- cdist(7) + + +COPYING +------- +Copyright \(C) 2011-2012 Nico Schottelius. Free use of this software is +granted under the terms of the GNU General Public License version 3 (GPLv3). diff --git a/lib/cdist/context.py b/lib/cdist/context.py index ab8677a7..8b468739 100644 --- a/lib/cdist/context.py +++ b/lib/cdist/context.py @@ -35,6 +35,8 @@ class Context(object): def __init__(self, target_host, + remote_copy, + remote_exec, initial_manifest=False, base_path=False, exec_path=sys.argv[0], @@ -70,10 +72,18 @@ class Context(object): self.initial_manifest = (initial_manifest or os.path.join(self.local.manifest_path, "init")) - # Remote + self._init_remote(remote_copy, remote_exec) + + # Remote stuff + def _init_remote(self, remote_copy, remote_exec): + self.remote_base_path = os.environ.get('__cdist_remote_out_dir', "/var/lib/cdist") - self.remote_exec = os.environ.setdefault('__remote_exec', "ssh -o User=root -q") - self.remote_copy = os.environ.setdefault('__remote_copy', "scp -o User=root -q") + self.remote_copy = remote_copy + self.remote_exec = remote_exec + + os.environ['__remote_copy'] = self.remote_copy + os.environ['__remote_exec'] = self.remote_exec + self.remote = remote.Remote(self.target_host, self.remote_base_path, self.remote_exec, self.remote_copy) diff --git a/lib/cdist/exec/remote.py b/lib/cdist/exec/remote.py index fb90939d..487beea3 100644 --- a/lib/cdist/exec/remote.py +++ b/lib/cdist/exec/remote.py @@ -77,12 +77,7 @@ class Remote(object): self.log.debug("Remote transfer: %s -> %s", source, destination) self.rmdir(destination) command = self._copy.split() - # support rsync by appending a "/" to the source if it's a directory - if os.path.isdir(source): - command.extend(["-r", source + "/", self.target_host + ":" + destination]) - else: - command.extend(["-r", source, self.target_host + ":" + destination]) - + command.extend(["-r", source, self.target_host + ":" + destination]) self._run_command(command) def run_script(self, script, env=None, return_output=False): diff --git a/other/examples/remote/chroot/copy b/other/examples/remote/chroot/copy index 528a5faf..8f8cb680 100755 --- a/other/examples/remote/chroot/copy +++ b/other/examples/remote/chroot/copy @@ -22,7 +22,7 @@ # to a remote target host. # # Usage: -# __remote_copy="/path/to/this/script /path/to/your/chroot" cdist config target-id +# cdist config --remote-copy "/path/to/this/script /path/to/your/chroot" target-id # log() { diff --git a/other/examples/remote/chroot/exec b/other/examples/remote/chroot/exec index 19e76b0e..4637f918 100755 --- a/other/examples/remote/chroot/exec +++ b/other/examples/remote/chroot/exec @@ -22,7 +22,7 @@ # on a remote target host. # # Usage: -# __remote_exec="/path/to/this/script /path/to/your/chroot" cdist config target-id +# cdist config --remote-exec "/path/to/this/script /path/to/your/chroot" target-id # log() { diff --git a/other/examples/remote/rsync/copy b/other/examples/remote/rsync/copy index f6b93c5c..76217caf 100755 --- a/other/examples/remote/rsync/copy +++ b/other/examples/remote/rsync/copy @@ -1,6 +1,7 @@ #!/bin/sh # # 2012 Matt Coddington (mcoddington at gmail.com) +# 2012 Steven Armstrong (steven-cdist at armstrong.cc) # # This file is part of cdist. # @@ -24,7 +25,25 @@ # at /etc/passwd~cdist. # # Usage: -# __remote_copy="/path/to/this/script" cdist config target_host +# cdist config --remote-copy /path/to/this/script target_host # +# For rsync to do the right thing, the source has to end with "/" if it is +# a directory. The below preprocessor loop takes care of that. + +# second last argument is the source +source_index=$(($#-1)) +index=0 +for arg in $@; do + if [ $index -eq 0 ]; then + # reset $@ + set -- + fi + index=$((index+=1)) + if [ $index -eq $source_index -a -d "$arg" ]; then + arg="${arg%/}/" + fi + set -- "$@" "$arg" +done + rsync --backup --suffix=~cdist -e 'ssh -o User=root' $@ diff --git a/other/examples/remote/schroot-uri b/other/examples/remote/schroot-uri index a23277ec..5b50a195 100755 --- a/other/examples/remote/schroot-uri +++ b/other/examples/remote/schroot-uri @@ -1,6 +1,6 @@ #!/bin/sh -e # -# 2011 Steven Armstrong (steven-cdist at armstrong.cc) +# 2012 Steven Armstrong (steven-cdist at armstrong.cc) # # This file is part of cdist. # @@ -21,8 +21,10 @@ # __remote_{exec,copy} script to run cdist against a schroot target uri # # Usage: -# __remote_exec="/path/to/this/script exec" cdist config target_uri -# __remote_copy="/path/to/this/script copy" cdist config target_uri +# cdist config \ +# --remote-exec "/path/to/this/script exec" \ +# --remote-copy "/path/to/this/script copy" \ +# target_uri # # # target_uri examples: # schroot:///chroot-name @@ -49,7 +51,8 @@ my_name="${0##*/}" mode="$1"; shift log() { - echo "$@" | logger -t "cdist-$my_name-$mode" + # uncomment me for debugging + #echo "$@" | logger -t "cdist-$my_name-$mode" : } @@ -109,6 +112,9 @@ else copy_prefix="cp" copy_destination_prefix="" fi +log "exec_prefix: $exec_prefix" +log "copy_prefix: $copy_prefix" +log "copy_destination_prefix: $copy_destination_prefix" case "$mode" in exec) @@ -118,8 +124,9 @@ case "$mode" in ;; copy) # get directory for given chroot_name - schroot_directory="$($exec_prefix schroot $chroot_name --config | awk -F = '/directory=/ {print $2}')" + schroot_directory="$($exec_prefix schroot -c $schroot_name --config | awk -F = '/directory=/ {print $2}')" [ -n "$schroot_directory" ] || die "Failed to retreive schroot directory for schroot: $schroot_name" + log "schroot_directory: $schroot_directory" # prefix destination with chroot code="$copy_prefix $(echo "$@" | sed "s|$uri:|${copy_destination_prefix}${schroot_directory}|g")" ;; diff --git a/other/examples/remote/schroot/copy b/other/examples/remote/schroot/copy index 3587a4f2..d995055e 100755 --- a/other/examples/remote/schroot/copy +++ b/other/examples/remote/schroot/copy @@ -21,7 +21,7 @@ # __remote_copy script to run cdist against a chroot on the target host over ssh. # # Usage: -# __remote_copy="/path/to/this/script schroot-chroot-name" cdist config target_host +# cdist config --remote-copy "/path/to/this/script schroot-chroot-name" target_host # log() { @@ -33,7 +33,7 @@ chroot_name="$1"; shift target_host="$__target_host" # get directory for given chroot_name -chroot="$(ssh -o User=root -q $target_host schroot $chroot_name --config | awk -F = '/directory=/ {print $2}')" +chroot="$(ssh -o User=root -q $target_host schroot -c $chroot_name --config | awk -F = '/directory=/ {print $2}')" # prefix destination with chroot code="$(echo "$@" | sed "s|$target_host:|$target_host:$chroot|g")" diff --git a/other/examples/remote/schroot/exec b/other/examples/remote/schroot/exec index 5b561de0..2510fd22 100755 --- a/other/examples/remote/schroot/exec +++ b/other/examples/remote/schroot/exec @@ -21,7 +21,7 @@ # __remote_exec script to run cdist against a chroot on the target host over ssh. # # Usage: -# __remote_exec="/path/to/this/script schroot-chroot-name" cdist config target_host +# cdist config --remote-exec "/path/to/this/script schroot-chroot-name" target_host # log() { diff --git a/other/examples/remote/ssh/copy b/other/examples/remote/ssh/copy index 0ecd8c52..5b0ed324 100755 --- a/other/examples/remote/ssh/copy +++ b/other/examples/remote/ssh/copy @@ -21,7 +21,7 @@ # same as cdist default # # Usage: -# __remote_copy="/path/to/this/script" cdist config target_host +# cdist config --remote-copy "/path/to/this/script" target_host # #echo "$@" | logger -t "cdist-ssh-copy" diff --git a/other/examples/remote/ssh/exec b/other/examples/remote/ssh/exec index b597a47f..2875c3fc 100755 --- a/other/examples/remote/ssh/exec +++ b/other/examples/remote/ssh/exec @@ -21,7 +21,7 @@ # same as cdist default # # Usage: -# __remote_exec="/path/to/this/script" cdist config target_host +# cdist config --remote-exec "/path/to/this/script" target_host # #echo "$@" | logger -t "cdist-ssh-exec"