Jamis,
Ok, thanks, I will. I think the main thing will be to check if the
user has changed for the session, and close it conditionally, or cache
the open one with the different username. Additionally, it'd have to
cache the password for the different users.
Joe
On Oct 12, 4:16 pm, Jamis Buck <[EMAIL PROTECTED]> wrote:
> I wouldn't be opposed to a patch for this, but as you discovered,
> Capistrano currently makes some assumptions that make it hard to do
> this "right". Feel free to write up a patch, though, and we can
> negotiate the correct implementation. :)
>
> - Jamis
>
> On Oct 11, 2007, at 6:24 PM, Joe wrote:
>
>
>
> > Hi Jamis,
>
> > I have another feature request for you. I have a deployment where I
> > have a series of tasks that get executed on various machines, but I
> > need to login to those machines with public key auth with different
> > user ids. In this particular scenario, using sudo does not really work
> > as needed. What I want to do is something like:
>
> > run "some_command", :as => 'root'
>
> > which temporarily changes the 'user' variable for the duration of the
> > execution of the task.
>
> > I accomplish this by aliasing the run method as follows:
>
> > module CapistranoExt
> > class Configuration
> > module Actions
> > module Invocation
> > def self.append_features(base)
> > super
> > base.extend(ClassMethods)
> > base.class_eval do
> > alias_method_chain :run, :user
> > end
> > end
>
> > module ClassMethods
> > end
>
> > # TODO: this really only works if the authentication method is
> > # publickey, since the password is cached from a call to the
> > # proc to read it. Need to have a mechanism to cache that per
> > # user, and set it appropriately in here (if we need to
> > support
> > # this mechanism with password-based auth).
> > def run_with_user(cmd, options={}, &block)
> > u = fetch(:user)
> > as = options.delete(:as) || u
> > begin
> > set :user, as
> > run_without_user(cmd, options, &block)
> > ensure
> > set :user, u
> > end
> > end
> > end
> > end
> > end
> > end
>
> > This also requires a change to the following method in connections.rb
> > (from Cap 2.0.100):
>
> > def safely_establish_connection_to(server, failures=nil)
> > if fetch(:ssh_options)[:no_session_cache]
> > sessions[server].close if sessions[server]
> > sessions[server] = connection_factory.connect_to(server)
> > else
> > sessions[server] ||= connection_factory.connect_to(server)
> > end
> > rescue Exception => err
> > raise unless failures
> > failures << { :server => server, :error => err }
> > end
>
> > Then I set ssh_options[:no_session_cache] to true in my cap deployment
> > file, and everything works fine.
>
> > Per my comments in the code, there is a problem in that this only
> > works for non-password auth for now, since the password is obtained in
> > a Proc and I did not add code to cache it per user. This could
> > probably be done with a few more additions.
>
> > It's probably a little inefficient. I looked to see if there was a way
> > to drop the session only if the username had changed, but I don't
> > think net/ssh exposes that field.
>
> > Anyway, if you think you'd be willing to add something like this, I
> > could probably clean it up and just give you a patch.
>
> > Thanks,
> > Joe
>
> > >
>
>
> smime.p7s
> 3KDownload
--~--~---------~--~----~------------~-------~--~----~
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/capistrano
-~----------~----~----~----~------~----~------~--~---
