Hi,
I've found a "small bug" in the install_ssh that prevents correct ssh config on
client images if there is a cp -i alias in the root env (default on CentOS 5.4)
(I've noticed that because ssh node->head failed because /etc/ssh/ssh_config on
nodes lacked ForwardX11 yes)
Thus, cp -pfr does nothing as it is in fact a cp -ipfr.
As there is no tty during script, no files are overwritten (auto-answer is NO
to all overwrite questions).
Attached is a fix to this problem. all $cmd paths are now hard-coded to avoid
calling aliases instead of native command.
Here was the log showing script in action with no error, then manual cp command
asking to overwrite file despite the -f option (-i option has priority), then
/bin/cp command (avoiding alias) that do not ask for overwrite.
[r...@is005760 scripts]# ./ssh_install --verbose
/var/lib/systemimager/images/oscarimage
[INFO] Configuring ssh for the following images:[
/var/lib/systemimager/images/oscarimage ]
Array: 1 element(s)
[INFO] Configuring ssh for the following images:[
/var/lib/systemimager/images/oscarimage ]
Array: 1 element(s)
--> Checking for host key file /etc/ssh/ssh_host_key...
--> Checking for host key file /etc/ssh/ssh_host_dsa_key...
--> Checking configuration file /etc/ssh/ssh_config...
--> Adding ForwardX11 yes
to /etc/ssh/ssh_config
--> Adding StrictHostKeyChecking no
to /etc/ssh/ssh_config
--> Adding UsePrivilegedPort no
to /etc/ssh/ssh_config
--> Checking configuration file /etc/ssh/sshd_config...
--> Adding IgnoreRhosts yes
to /etc/ssh/sshd_config
--> Adding X11Forwarding yes
to /etc/ssh/sshd_config
--> Adding RhostsRSAAuthentication yes
to /etc/ssh/sshd_config
--> Adding RSAAuthentication yes
to /etc/ssh/sshd_config
--> Adding PermitRootLogin yes
to /etc/ssh/sshd_config
--> Adding RhostsAuthentication no
to /etc/ssh/sshd_config
--> Setting up user root on this machine...
--> The home directory for user root is /root
--> /root/.ssh/identity already exists
--> /root/.ssh/id_rsa already exists
--> /root/.ssh/id_dsa already exists
--> Checking/updating image /var/lib/systemimager/images/oscarimage...
--> Executing: cp -fpr /etc/ssh /var/lib/systemimager/images/oscarimage/etc/ssh
--> Copying ssh files for root to image
/var/lib/systemimager/images/oscarimage...
--> Executing: cp -fpr /root/.ssh /var/lib/systemimager/images/oscarimage/root
[r...@is005760 scripts]# cp -fpr /etc/ssh
/var/lib/systemimager/images/oscarimage/etc/ssh
cp: overwrite `/var/lib/systemimager/images/oscarimage/etc/ssh/ssh/moduli'?
[r...@is005760 scripts]# man cp
[r...@is005760 scripts]# cp -fpr /etc/ssh
/var/lib/systemimager/images/oscarimage/etc/ssh
cp: overwrite `/var/lib/systemimager/images/oscarimage/etc/ssh/ssh/moduli'?
[r...@is005760 scripts]# ls -la
/var/lib/systemimager/images/oscarimage/etc/ssh/ssh/moduli
-rw------- 1 root root 132839 fév 28 23:24
/var/lib/systemimager/images/oscarimage/etc/ssh/ssh/moduli
[r...@is005760 scripts]# man cp
[r...@is005760 scripts]# /bin/cp -fpr /etc/ssh
/var/lib/systemimager/images/oscarimage/etc/ssh
[r...@is005760 scripts]#
Regards.
--
Olivier LAHAYE
CEAEA Saclay
DRT-LIST-DCSI-DIR
Index: ssh_install
===================================================================
--- ssh_install (révision 9206)
+++ ssh_install (copie de travail)
@@ -250,9 +250,9 @@
die "ERROR: file $orig_file does not exist";
}
if (! -f $dest_file) {
- $cmd = "cat $orig_file > $dest_file";
+ $cmd = "/bin/cat $orig_file > $dest_file";
} else {
- $cmd = "cat $orig_file >> $dest_file";
+ $cmd = "/bin/cat $orig_file >> $dest_file";
}
OSCAR::Logger::oscar_log_subsection ("Executing: $cmd");
if (system ($cmd)) {
@@ -263,7 +263,7 @@
}
}
- $cmd = "chmod 600 $home/.ssh/authorized_keys*";
+ $cmd = "/bin/chmod 600 $home/.ssh/authorized_keys*";
if (system ($cmd)) {
die "ERROR: Impossible to execute $cmd";
}
@@ -272,7 +272,7 @@
# now we take care of updating each specified image
foreach my $image (@BASES) {
OSCAR::Logger::oscar_log_subsection ("Checking/updating image $image...");
- $cmd = "cp -fpr $SSHCFGDIR $image$SSHCFGDIR";
+ $cmd = "/bin/cp -fpr $SSHCFGDIR $image$SSHCFGDIR";
OSCAR::Logger::oscar_log_subsection ("Executing: $cmd");
if (system ($cmd)) {
die "ERROR: Impossible to execute $cmd";
@@ -284,12 +284,12 @@
if (! -d "$image$home") {
File::Path::mkpath ("$image$home")
or die "ERROR: Impossible to create $image$home";
- $cmd = "chown $user $image$home";
+ $cmd = "/bin/chown $user $image$home";
if (system ($cmd)) {
die "ERROR: Impossible to execute $cmd";
}
}
- $cmd = "cp -fpr $home/.ssh $image$home";
+ $cmd = "/bin/cp -fpr $home/.ssh $image$home";
OSCAR::Logger::oscar_log_subsection ("Executing: $cmd");
if (system ($cmd)) {
die "ERROR: Impossible to execute $cmd";
------------------------------------------------------------------------------
_______________________________________________
Oscar-devel mailing list
Oscar-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/oscar-devel
