update-keys 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165
  1. #!/bin/bash
  2. ################################################################################
  3. # HPCC SYSTEMS software Copyright (C) 2018 HPCC Systems®.
  4. #
  5. # Licensed under the Apache License, Version 2.0 (the "License");
  6. # you may not use this file except in compliance with the License.
  7. # You may obtain a copy of the License at
  8. #
  9. # http://www.apache.org/licenses/LICENSE-2.0
  10. #
  11. # Unless required by applicable law or agreed to in writing, software
  12. # distributed under the License is distributed on an "AS IS" BASIS,
  13. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14. # See the License for the specific language governing permissions and
  15. # limitations under the License.
  16. ################################################################################
  17. ###<REPLACE>###
  18. source ${INSTALL_DIR}/etc/init.d/hpcc_common
  19. source ${INSTALL_DIR}/etc/init.d/init-functions
  20. source ${INSTALL_DIR}/etc/init.d/export-path
  21. exec 3>&2 2>$LOG_DIR/update-keys_$$.debug
  22. set -x
  23. usage() {
  24. echo ""
  25. echo "usage: update-keys [-s <secret> -p <public>] [-g] [-n <concurrent>]"
  26. echo " -n: when specified, denotes the number of concurrent execution threads."
  27. echo " The default is 5."
  28. echo " -s: secret key."
  29. echo " -p: public key."
  30. echo " -g: generate keys."
  31. echo ""
  32. exit 1
  33. }
  34. createScriptFile() {
  35. cat > $SCRIPT_FILE <<SCRIPTFILE
  36. #~/bin/bash
  37. IP=\$1
  38. if ping -c 1 -w 5 -n \$IP > /dev/null 2>&1; then
  39. echo "\$IP: Host is alive."
  40. CAN_SSH="\`ssh -i $home/$user/.ssh/id_rsa -o BatchMode=yes -o LogLevel=QUIET -o StrictHostKeyChecking=no $user@\$IP exit > /dev/null 2>&1; echo \$?\`"
  41. if [ "\$CAN_SSH" -eq 255 ]; then
  42. echo "\$IP: Cannot SSH to host.";
  43. else
  44. echo "\$IP: Copying $source to $target on \$IP";
  45. MKD=\$(ssh -i $home/$user/.ssh/id_rsa $user@\$IP "mkdir -p $home/$user/tmp_ssh"; echo \$?)
  46. if [ "\$MKD" -eq 0 ]; then
  47. echo "\$IP: Success";
  48. else
  49. echo "\$IP: Failure";
  50. exit 1
  51. fi
  52. SCP=\$(scp -r -i $home/$user/.ssh/id_rsa $secret $user@\$IP:$home/$user/tmp_ssh; echo \$?)
  53. if [ "\$SCP" -eq 0 ]; then
  54. echo "\$IP: Success";
  55. else
  56. echo "\$IP: Failure";
  57. exit 1
  58. fi
  59. SCP=\$(scp -r -i $home/$user/.ssh/id_rsa $public $user@\$IP:$home/$user/tmp_ssh; echo \$?)
  60. if [ "\$SCP" -eq 0 ]; then
  61. echo "\$IP: Success";
  62. else
  63. echo "\$IP: Failure";
  64. exit 1
  65. fi
  66. public_file=\$(basename $public)
  67. CPY=\$(ssh -i $home/$user/.ssh/id_rsa -t $user@\$IP "cat $home/$user/tmp_ssh/\$public_file > $home/$user/tmp_ssh/authorized_keys; cp -R $home/$user/tmp_ssh/* $home/$user/.ssh; rm -rf $home/$user/tmp_ssh"; echo \$?)
  68. if [ "\$CPY" -eq 0 ]; then
  69. echo "\$IP: Success";
  70. else
  71. echo "\$IP: Failure";
  72. exit 1
  73. fi
  74. fi
  75. else
  76. echo "\$IP: Cannot Ping host? (Host Alive?)"
  77. exit 1
  78. fi
  79. SCRIPTFILE
  80. chmod +x ${SCRIPT_FILE}
  81. }
  82. cluster_tools_init
  83. if [ "$(whoami)" != "root" ] && [ "$(whoami)" != "${user}" ]; then
  84. echo ""
  85. echo "The script must run as root, $user or sudo."
  86. echo ""
  87. exit 1
  88. fi
  89. secret=
  90. public=
  91. generate="false"
  92. OPTION="-e ${CONFIG_DIR}/${ENV_CONF_FILE} -s ${SECTION:-DEFAULT}"
  93. TEMP=`/usr/bin/getopt -o n:s:p:gh --long help,generate,concurrent:,secret:,public: -n 'update-keys' -- "$@"`
  94. if [ $? != 0 ] ; then echo "Failure to parse commandline." >&2 ; end 1 ; fi
  95. eval set -- "$TEMP"
  96. while true ; do
  97. case "$1" in
  98. -n|--concurrent)
  99. if [ -n "$2" ] && [[ $2 =~ ^[0-9]+$ ]]
  100. then
  101. [ $2 -gt 0 ] && $OPTION="${OPTION:+"$OPTION "}-n $2"
  102. fi
  103. shift 2 ;;
  104. -s|--secret) secret="$2"
  105. shift 2 ;;
  106. -p|--public) public="$2"
  107. shift 2 ;;
  108. -g|--generate) generate="true"
  109. shift ;;
  110. -h|--help) usage
  111. shift ;;
  112. --) shift ; break ;;
  113. *) usage ;;
  114. esac
  115. done
  116. if [ $generate == "true" ]; then
  117. sudo -u ${user} mkdir -p /tmp/update-keys
  118. sudo -u ${user} ssh-keygen -f /tmp/update-keys/id_rsa -N "" -q
  119. secret="/tmp/update-keys/id_rsa"
  120. public="/tmp/update-keys/id_rsa.pub"
  121. elif [ -z "$secret" ] || [ -z "$public" ]; then
  122. usage
  123. fi
  124. SCRIPT_FILE=~/update-keys_$$
  125. createScriptFile
  126. python_expected_version=3.4
  127. is_python_installed ${python_expected_version}
  128. if [ $? -eq 0 ]
  129. then
  130. eval ${INSTALL_DIR}/sbin/cluster_script.py -f ${SCRIPT_FILE} $OPTION
  131. else
  132. echo ""
  133. echo "Cannot detect python version ${python_expected_version}+. Will run on the cluster hosts sequentially."
  134. echo ""
  135. run_cluster ${SCRIPT_FILE} ${exclude}
  136. fi
  137. ## Cleanup ##
  138. if [ $generate == "true" ]; then
  139. rm -rf /tmp/update-keys
  140. fi
  141. rm -rf ${SCRIPT_FILE}
  142. set +x