This would be great, I could also use it. In ec2onrails I need to run some
roles with a different user but I have a workaround. For each role that
exists I programmatically create a new role that has a different user, I do
it like this:
def make_admin_role(role, newrole_sym)
roles[role].each do |srv_def|
options = srv_def.options.dup
options[:user] = "admin"
options[:port] = srv_def.port
options[:no_release] = true
role newrole_sym, srv_def.host, options
end
end
# It can be used like this for example:
make_admin_role(:web, :web_admin)
Then there's a new role called "web_admin", which is a copy of "web" but
with the user set to "admin". Then I have some admin tasks that only run for
the "web_admin" role. Setting no_release prevents this new host definition
from being used by built-in tasks like deploy that don't explicitly specify
a role.
It's a bit ugly though. "run :as" would be much nicer.
Paul
On 10/11/07, Joe <[EMAIL PROTECTED] > wrote:
>
>
> Hi Jamis,
>
> I have another feature request for you. I have a deployment where I
> have a series of tasks that get executed on various machines, but I
> need to login to those machines with public key auth with different
> user ids. In this particular scenario, using sudo does not really work
> as needed. What I want to do is something like:
>
> run "some_command", :as => 'root'
>
> which temporarily changes the 'user' variable for the duration of the
> execution of the task.
>
> I accomplish this by aliasing the run method as follows:
>
> module CapistranoExt
> class Configuration
> module Actions
> module Invocation
> def self.append_features(base)
> super
> base.extend(ClassMethods)
> base.class_eval do
> alias_method_chain :run, :user
> end
> end
>
> module ClassMethods
> end
>
> # TODO: this really only works if the authentication method is
> # publickey, since the password is cached from a call to the
> # proc to read it. Need to have a mechanism to cache that per
> # user, and set it appropriately in here (if we need to
> support
> # this mechanism with password-based auth).
> def run_with_user(cmd, options={}, &block)
> u = fetch(:user)
> as = options.delete(:as) || u
> begin
> set :user, as
> run_without_user(cmd, options, &block)
> ensure
> set :user, u
> end
> end
> end
> end
> end
> end
>
> This also requires a change to the following method in connections.rb
> (from Cap 2.0.100):
>
> def safely_establish_connection_to(server, failures=nil)
> if fetch(:ssh_options)[:no_session_cache]
> sessions[server].close if sessions[server]
> sessions[server] = connection_factory.connect_to(server)
> else
> sessions[server] ||= connection_factory.connect_to(server)
> end
> rescue Exception => err
> raise unless failures
> failures << { :server => server, :error => err }
> end
>
> Then I set ssh_options[:no_session_cache] to true in my cap deployment
> file, and everything works fine.
>
> Per my comments in the code, there is a problem in that this only
> works for non-password auth for now, since the password is obtained in
> a Proc and I did not add code to cache it per user. This could
> probably be done with a few more additions.
>
> It's probably a little inefficient. I looked to see if there was a way
> to drop the session only if the username had changed, but I don't
> think net/ssh exposes that field.
>
> Anyway, if you think you'd be willing to add something like this, I
> could probably clean it up and just give you a patch.
>
> Thanks,
> Joe
>
>
> >
>
--
http://pauldowman.com
--~--~---------~--~----~------------~-------~--~----~
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/capistrano
-~----------~----~----~----~------~----~------~--~---
