X-Git-Url: https://code.grnet.gr/git/ganeti-local/blobdiff_plain/e66d9f1abf0e6be79dd5677054ba8c3aae9dc799..3d836750238cde8c63ceb8d3ae94d5cd2b78cea7:/lib/ssh.py diff --git a/lib/ssh.py b/lib/ssh.py index 4610e2d..5c11be2 100644 --- a/lib/ssh.py +++ b/lib/ssh.py @@ -1,7 +1,7 @@ # # -# Copyright (C) 2006, 2007 Google Inc. +# Copyright (C) 2006, 2007, 2010, 2011 Google Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -26,10 +26,24 @@ import os import logging +import re from ganeti import utils from ganeti import errors from ganeti import constants +from ganeti import netutils + + +def FormatParamikoFingerprint(fingerprint): + """Format paramiko PKey fingerprint. + + @type fingerprint: str + @param fingerprint: PKey fingerprint + @return: The string hex representation of the fingerprint + + """ + assert len(fingerprint) % 2 == 0 + return ":".join(re.findall(r"..", fingerprint.lower())) def GetUserFiles(user, mkdir=False): @@ -52,18 +66,13 @@ def GetUserFiles(user, mkdir=False): if not user_dir: raise errors.OpExecError("Cannot resolve home of user %s" % user) - ssh_dir = os.path.join(user_dir, ".ssh") - if not os.path.lexists(ssh_dir): - if mkdir: - try: - os.mkdir(ssh_dir, 0700) - except EnvironmentError, err: - raise errors.OpExecError("Can't create .ssh dir for user %s: %s" % - (user, str(err))) + ssh_dir = utils.PathJoin(user_dir, ".ssh") + if mkdir: + utils.EnsureDirs([(ssh_dir, constants.SECURE_DIR_MODE)]) elif not os.path.isdir(ssh_dir): - raise errors.OpExecError("path ~%s/.ssh is not a directory" % user) + raise errors.OpExecError("Path %s is not a directory" % ssh_dir) - return [os.path.join(ssh_dir, base) + return [utils.PathJoin(ssh_dir, base) for base in ["id_dsa", "id_dsa.pub", "authorized_keys"]] @@ -71,11 +80,20 @@ class SshRunner: """Wrapper for SSH commands. """ - def __init__(self, cluster_name): + def __init__(self, cluster_name, ipv6=False): + """Initializes this class. + + @type cluster_name: str + @param cluster_name: name of the cluster + @type ipv6: bool + @param ipv6: If true, force ssh to use IPv6 addresses only + + """ self.cluster_name = cluster_name + self.ipv6 = ipv6 def _BuildSshOptions(self, batch, ask_key, use_cluster_key, - strict_host_check): + strict_host_check, private_key=None, quiet=True): """Builds a list with needed SSH options. @param batch: same as ssh's batch option @@ -84,9 +102,11 @@ class SshRunner: @param use_cluster_key: if True, use the cluster name as the HostKeyAlias name @param strict_host_check: this makes the host key checking strict + @param private_key: use this private key instead of the default + @param quiet: whether to enable -q to ssh @rtype: list - @return: the list of options ready to use in L{utils.RunCmd} + @return: the list of options ready to use in L{utils.process.RunCmd} """ options = [ @@ -94,11 +114,18 @@ class SshRunner: "-oHashKnownHosts=no", "-oGlobalKnownHostsFile=%s" % constants.SSH_KNOWN_HOSTS_FILE, "-oUserKnownHostsFile=/dev/null", + "-oCheckHostIp=no", ] if use_cluster_key: options.append("-oHostKeyAlias=%s" % self.cluster_name) + if quiet: + options.append("-q") + + if private_key: + options.append("-i%s" % private_key) + # TODO: Too many boolean options, maybe convert them to more descriptive # constants. @@ -124,10 +151,14 @@ class SshRunner: else: options.append("-oStrictHostKeyChecking=no") + if self.ipv6: + options.append("-6") + return options def BuildCmd(self, hostname, user, command, batch=True, ask_key=False, - tty=False, use_cluster_key=True, strict_host_check=True): + tty=False, use_cluster_key=True, strict_host_check=True, + private_key=None, quiet=True): """Build an ssh command to execute a command on a remote node. @param hostname: the target host, string @@ -140,15 +171,18 @@ class SshRunner: @param use_cluster_key: whether to expect and use the cluster-global SSH key @param strict_host_check: whether to check the host's SSH key at all + @param private_key: use this private key instead of the default + @param quiet: whether to enable -q to ssh @return: the ssh call to run 'command' on the remote host. """ - argv = [constants.SSH, "-q"] + argv = [constants.SSH] argv.extend(self._BuildSshOptions(batch, ask_key, use_cluster_key, - strict_host_check)) + strict_host_check, private_key, + quiet=quiet)) if tty: - argv.append("-t") + argv.extend(["-t", "-t"]) argv.extend(["%s@%s" % (user, hostname), command]) return argv @@ -160,8 +194,8 @@ class SshRunner: Args: see SshRunner.BuildCmd. - @rtype: L{utils.RunResult} - @return: the result as from L{utils.RunCmd()} + @rtype: L{utils.process.RunResult} + @return: the result as from L{utils.process.RunCmd()} """ return utils.RunCmd(self.BuildCmd(*args, **kwargs)) @@ -184,16 +218,19 @@ class SshRunner: logging.error("File %s does not exist", filename) return False - command = [constants.SCP, "-q", "-p"] + command = [constants.SCP, "-p"] command.extend(self._BuildSshOptions(True, False, True, True)) command.append(filename) + if netutils.IP6Address.IsValid(node): + node = netutils.FormatAddress((node, None)) + command.append("%s:%s" % (node, filename)) result = utils.RunCmd(command) if result.failed: - logging.error("Copy to node %s failed (%s) error %s," - " command was %s", + logging.error("Copy to node %s failed (%s) error '%s'," + " command was '%s'", node, result.fail_reason, result.output, result.cmd) return not result.failed @@ -217,7 +254,7 @@ class SshRunner: - detail: string with details """ - retval = self.Run(node, 'root', 'hostname --fqdn') + retval = self.Run(node, "root", "hostname --fqdn", quiet=False) if retval.failed: msg = "ssh problem" @@ -235,7 +272,7 @@ class SshRunner: if node.startswith(remotehostname + "."): msg = "hostname not FQDN" else: - msg = "hostname mistmatch" + msg = "hostname mismatch" return False, ("%s: expected %s but got %s" % (msg, node, remotehostname))