Presenting adhocr (abbreviation for Ad-hoc copy and run) as a simple, but powerful UNIX administrator tool. If you like to retrieve data or execute commands on lots of systems simultaneously then this tool is your friend. There is no need to exchange your ssh keys as the power behind adhocr is the expect tool (language). For example, it is plain easy to use adhocr to distribute your public ssh key to all your systems. The real power of adhocr is the central point of logging, which is perfect for \'grep\'ing into stuff you\'re looking for.
You also have the ability to execute commands via the \'sudo su -\' way, which is a blessing in environments where root is not permitted to login directly.
You can even use it monitoring your systems thanks to the powerful error catching.
Upgrade-UX is an open source framework developed to assist in patching and/or updating Unix Operating Systems in a consistent and repeatable way. Especially in the industry it is forbidden just to run yum update (on Linux) to update your Linux system, therefore, upgrade-ux may proof to be a handy tool to guide you through the patching and/or update process as it follows a track you control (evidence gathering, pre/post executing of scripts, logging, and so on).
U-Boot project has evolved in the time span of over 17 years and so as its complexity and its uses. This has made it a daunting task in getting started with its development and uses. This talk will address all these issues start with overview, features, efforts created by community and future plans.
The U-Boot project has evolved in the time span of over 17 years and so as its complexity and its uses. This has made it a daunting task in getting started with its development and uses. This talk will address all these issues and share development efforts created by the U-Boot community.
In this talk Jagan Teki(Maintainer for Allwinner SoC, SPI, SPI FLASH Subsystems) will introduce U-Boot from scratch with a brief overview of U-Boot history, U-Boot Proper, SPL, TPL, Build process and Startup sequence. He will talk about other preliminaries such as Image booting, Falcon Mode, Secure Boot and U-Boot features like device tree, device overlays, driver model and DFU, etc.
Once giving enough introduction, he will also talk about steps to port U-Boot to new hardware with a demo, along with U-Boot testing process. Finally, he will address and review ongoing development work, issues and future development regarding U-Boot.
Angelo Compagnucci - Upgrading buildroot based devices with swupdatelinuxlab_conf
This talk will guide you through the perils of building a resilient software stack for embedded system using buildroot as a base, stuff your software in between and adding swupdate as cherry on top! The talk will be composed by three main areas:
How to use buildroot as a base system for your stack
An introduction to swupdate and it’s fields of use
An example of using buildroot + swupdate to update your stack.
In the first we will talk about using buildroot as base for your software and how to add your software around. Buildroot make really easy to build a complete firmware image when using the standard configurations provided by the software but it could be cumbersome if you want to add your software in simple, easy and automated way. So we will show you how to write a simple makefile to add your software as an external component and how to automate the process of compiling everything to produce your binary artifacts.
The second part will discuss about swupdate and it’s field of use. Swupdate provides several ways of use: it can be used in a simple way, it could be integrated to do A/B updates, it could be used via network or locally using a medium. We will discuss about the possibility of approaches of system updates and how swupdate can satisfy each one of the use cases.
The third phase will show you a real approach adopted to solve a specific use cause with the hope it can be used a reference for auditor specific needs.
While probably the most prominent, Docker is not the only tool for building and managing containers. Originally meant to be a "chroot on steroids" to help debug systemd, systemd-nspawn provides a fairly uncomplicated approach to work with containers. Being part of systemd, it is available on most recent distributions out-of-the-box and requires no additional dependencies.
This deck will introduce a few concepts involved in containers and will guide you through the steps of building a container from scratch. The payload will be a simple service, which will be automatically activated by systemd when the first request arrives.
Upgrade-UX is an open source framework developed to assist in patching and/or updating Unix Operating Systems in a consistent and repeatable way. Especially in the industry it is forbidden just to run yum update (on Linux) to update your Linux system, therefore, upgrade-ux may proof to be a handy tool to guide you through the patching and/or update process as it follows a track you control (evidence gathering, pre/post executing of scripts, logging, and so on).
U-Boot project has evolved in the time span of over 17 years and so as its complexity and its uses. This has made it a daunting task in getting started with its development and uses. This talk will address all these issues start with overview, features, efforts created by community and future plans.
The U-Boot project has evolved in the time span of over 17 years and so as its complexity and its uses. This has made it a daunting task in getting started with its development and uses. This talk will address all these issues and share development efforts created by the U-Boot community.
In this talk Jagan Teki(Maintainer for Allwinner SoC, SPI, SPI FLASH Subsystems) will introduce U-Boot from scratch with a brief overview of U-Boot history, U-Boot Proper, SPL, TPL, Build process and Startup sequence. He will talk about other preliminaries such as Image booting, Falcon Mode, Secure Boot and U-Boot features like device tree, device overlays, driver model and DFU, etc.
Once giving enough introduction, he will also talk about steps to port U-Boot to new hardware with a demo, along with U-Boot testing process. Finally, he will address and review ongoing development work, issues and future development regarding U-Boot.
Angelo Compagnucci - Upgrading buildroot based devices with swupdatelinuxlab_conf
This talk will guide you through the perils of building a resilient software stack for embedded system using buildroot as a base, stuff your software in between and adding swupdate as cherry on top! The talk will be composed by three main areas:
How to use buildroot as a base system for your stack
An introduction to swupdate and it’s fields of use
An example of using buildroot + swupdate to update your stack.
In the first we will talk about using buildroot as base for your software and how to add your software around. Buildroot make really easy to build a complete firmware image when using the standard configurations provided by the software but it could be cumbersome if you want to add your software in simple, easy and automated way. So we will show you how to write a simple makefile to add your software as an external component and how to automate the process of compiling everything to produce your binary artifacts.
The second part will discuss about swupdate and it’s field of use. Swupdate provides several ways of use: it can be used in a simple way, it could be integrated to do A/B updates, it could be used via network or locally using a medium. We will discuss about the possibility of approaches of system updates and how swupdate can satisfy each one of the use cases.
The third phase will show you a real approach adopted to solve a specific use cause with the hope it can be used a reference for auditor specific needs.
While probably the most prominent, Docker is not the only tool for building and managing containers. Originally meant to be a "chroot on steroids" to help debug systemd, systemd-nspawn provides a fairly uncomplicated approach to work with containers. Being part of systemd, it is available on most recent distributions out-of-the-box and requires no additional dependencies.
This deck will introduce a few concepts involved in containers and will guide you through the steps of building a container from scratch. The payload will be a simple service, which will be automatically activated by systemd when the first request arrives.
Presentation at October SG Android Developer Meetup by Jeff Pang.
Jeff Pang shows us how you can build your own Android Tablet using BeagleBone and a capacitive touch screen.
BeagleBone is an $89 MSRP, credit-card-sized Linux computer that connects to the Internet and runs software such as Android 4.0 and Ubuntu. With plenty of I/O and processing power for real-time analysis provided by an AM335x 720MHz ARM® processor, BeagleBone can be complemented with cape plug-in boards to augment functionality.
Systemd: the modern Linux init system you will learn to loveAlison Chaiken
The talk combines a design overview of systemd with some tutorial incofrmation about how to configure it. Systemd's features and pitfalls are illustrated by short demos and real-life examples. Files used in the demos are listed under "Presentations" at http://she-devel.com/
Video of the live presentation will appear here:
http://www.meetup.com/Silicon-Valley-Linux-Technology/events/208133972/
U-Boot, a boot loader for Embedded boards based on PowerPC, ARM, MIPS and several other processors, which can be installed in a boot ROM and used to initialize and test the hardware or to download and run application
code.
BeagleBone Black: Platform Bring-Up with Upstream ComponentsGlobalLogic Ukraine
This document is intended to give the user overall instructions on how to obtain, build and flash upstream software to the BeagleBone Black board, with detailed explanation of all related features and components.
Please find the additional details in this deck: https://www.slideshare.net/GlobalLogicUkraine/beaglebone-black-with-upstream-software
The respective workshop was held by Victoriia Taraniuk (Associate Manager, Quality Assurance, Consultant, GlobalLogic) at GlobalLogic Mykolaiv Embedded TechTalk #1 on May 25, 2018.
Kernel Recipes 2013 - Conditional bootAnne Nicolas
When booting the same Linux Kernel over various hardware setups, it could necessary to add some arguements on the command line. Usually, people solve this issue by adding a new boot entry which features the necessary arguments.
This lightning talk will be demontrating how Syslinux can add dynamically arguments to the command line or even choose a different kernel regarding some hardware properties.
Luca Ceresoli - Buildroot vs Yocto: Differences for Your Daily Joblinuxlab_conf
Buildroot and Yocto, the two leading embedded Linux buildsystems, have largely overlapping goals but vastly different implementations.
Perhaps you’re familiar with either, and wonder how your daily job would change if you used the other.
Luca will share insights he gained while managing projects with both tools, spending a lot of time in learning how to achieve the same goals in a different way.
He will give a sort of “translation table” to ease the transition
between the two, covering: bootstrapping a project, what happens under the hood, invoking the build, customizing the rootfs and tweaking recipes.
Linux has become integral part of Embedded systems. This three part presentation gives deeper perspective of Linux from system programming perspective. Stating with basics of Linux it goes on till advanced aspects like thread and IPC programming.
Presentation at October SG Android Developer Meetup by Jeff Pang.
Jeff Pang shows us how you can build your own Android Tablet using BeagleBone and a capacitive touch screen.
BeagleBone is an $89 MSRP, credit-card-sized Linux computer that connects to the Internet and runs software such as Android 4.0 and Ubuntu. With plenty of I/O and processing power for real-time analysis provided by an AM335x 720MHz ARM® processor, BeagleBone can be complemented with cape plug-in boards to augment functionality.
Systemd: the modern Linux init system you will learn to loveAlison Chaiken
The talk combines a design overview of systemd with some tutorial incofrmation about how to configure it. Systemd's features and pitfalls are illustrated by short demos and real-life examples. Files used in the demos are listed under "Presentations" at http://she-devel.com/
Video of the live presentation will appear here:
http://www.meetup.com/Silicon-Valley-Linux-Technology/events/208133972/
U-Boot, a boot loader for Embedded boards based on PowerPC, ARM, MIPS and several other processors, which can be installed in a boot ROM and used to initialize and test the hardware or to download and run application
code.
BeagleBone Black: Platform Bring-Up with Upstream ComponentsGlobalLogic Ukraine
This document is intended to give the user overall instructions on how to obtain, build and flash upstream software to the BeagleBone Black board, with detailed explanation of all related features and components.
Please find the additional details in this deck: https://www.slideshare.net/GlobalLogicUkraine/beaglebone-black-with-upstream-software
The respective workshop was held by Victoriia Taraniuk (Associate Manager, Quality Assurance, Consultant, GlobalLogic) at GlobalLogic Mykolaiv Embedded TechTalk #1 on May 25, 2018.
Kernel Recipes 2013 - Conditional bootAnne Nicolas
When booting the same Linux Kernel over various hardware setups, it could necessary to add some arguements on the command line. Usually, people solve this issue by adding a new boot entry which features the necessary arguments.
This lightning talk will be demontrating how Syslinux can add dynamically arguments to the command line or even choose a different kernel regarding some hardware properties.
Luca Ceresoli - Buildroot vs Yocto: Differences for Your Daily Joblinuxlab_conf
Buildroot and Yocto, the two leading embedded Linux buildsystems, have largely overlapping goals but vastly different implementations.
Perhaps you’re familiar with either, and wonder how your daily job would change if you used the other.
Luca will share insights he gained while managing projects with both tools, spending a lot of time in learning how to achieve the same goals in a different way.
He will give a sort of “translation table” to ease the transition
between the two, covering: bootstrapping a project, what happens under the hood, invoking the build, customizing the rootfs and tweaking recipes.
Linux has become integral part of Embedded systems. This three part presentation gives deeper perspective of Linux from system programming perspective. Stating with basics of Linux it goes on till advanced aspects like thread and IPC programming.
Tips and Tricks for Increased Development EfficiencyOlivier Bourgeois
Short presentation targetted at university students showing some tools and software that are usually not talked about in courses which helps development productivity.
Introduction to Docker (as presented at December 2013 Global Hackathon)Jérôme Petazzoni
Not on board of the Docker ship yet? This presentation will get you up to speed, and explain everything you want to know about Linux Containers and Docker, including the new features of the latest 0.7 version (which brings support for all Linux distros and kernels).
This Slide was presented as an introduction to Linux . Students with little experience in free operating systems were encouraged to take up Linux based operating systems.
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQJérôme Petazzoni
Docker is the Open Source container engine. This is an introduction to Docker, what it is, how it works, and some material presenting the new features in versions 0.8 and 0.9.
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Docker and Containers for Development and Deployment — SCALE12XJérôme Petazzoni
Docker is an Open Source engine to build, run, and manage containers. We'll explain what are Linux Containers, what powers them (under the hood), and what extra value Docker brings to the table. Then we'll see what the typical Docker workflow looks like from a developer point of view. We'll also give an Ops perspective, including deployment options. If you already saw a "Docker 101", consider this presentation as the February 2014 update! :-)
Workflow story: Theory versus Practice in large enterprises by Marcin PiebiakNETWAYS
Uphill battle against large enterprise it environments and IT corporate culture. How those difficulties turned out opportunities and clever implementations. Interesting modules, integrations and workflow pieces.
Docker is the Open Source container engine. It lets you author, run, and manage software containers. Escape from dependency hell, and make deployment a breeze! This presentation includes the standard Docker intro (actualized for Docker 0.11) as well as some insights about how to perform orchestration and multi-host container linking.
The Domain Name System (DNS) is a critical part of Internet infrastructure and the largest distributed Internet directory service. DNS translates names to IP addresses, a required process for web navigation, email delivery, and other Internet functions. However, the DNS infrastructure is not secure enough unless the security mechanisms such as Transaction Signatures (TSIG) and DNS Security Extensions (DNSSEC) are implemented. To guarantee the availability and the secure Internet services, it is important for networking professionals to understand DNS concepts, DNS Security, configurations, and operations.
This course will discuss the concept of DNS Operations in detail, mechanisms to authenticate the communication between DNS Servers, mechanisms to establish authenticity, and integrity of DNS data and mechanisms to delegate trust to public keys of third parties. Participant will be involved in Lab exercises and do configurations based on number of scenarios.
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionJérôme Petazzoni
Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere.
This is the presentation which was shown in December 2014 for the last stop of the "Tour de France" in Bordeaux. It is slightly different from the presentation which was shown in the other cities (http://www.slideshare.net/jpetazzo/introduction-to-docker-december-2014-tour-de-france-edition), and includes a detailed history of dotCloud and Docker and a few other differences.
Special thanks to https://twitter.com/LilliJane and https://twitter.com/zirkome, who gave me the necessary motivation to put together this slightly different presentation, since they had already seen the other presentation in Paris :-)
Business Continuity Planning with Bareos and rear (Loadays 2015)Gratien D'haese
Business Continuity Planning explained in details with examples and going a bit deeper with the best Open Source Linux Disaster Recovery framework "Relax-and-Recover" integrated with the Open Source backup solution BAREOS.
1. Run Ad-Hoc Copy and Run
(adhocr)
Gratien D'haese
IT3 Consultants
gratien.dhaese@it3.be
2. Who is Gratien D'haese?
● Independent UNIX Consultant
● Over 25 years of experience with UNIX
(using Linux since Dec 1991 version 0.1)
● Open source projects involved:
– Relax-and-Recover
– Make CD-ROM Recovery (dev on hold)
– WBEMextras (towards HP-UX HPSIM clients)
– Ad-hoc Copy and Run (adhocr)
– Lots of other scripts that might be donated
3. So What ?
● ADHOCR stands for Ad-Hoc Copy and Run
commands on remote Unix systems
● Nice – SSH and/or SCP do the same, right?
● However, in some organisations it is not
that simple to use ssh & scp as “root”
● Fine – SUDO is the answer
● Yes, however, in some organisations it is
not that simple to use sudo without
passwords
4. Confused?
● Indeed, sometimes it gets the form of a real
bureaucracy to get something done
● Security, logging, evidence, segregation of
duties make our lives as system
administrators not easy
● The opposite of bureaucracy is adhocracy
– be flexible and responsive to the needs
of the moment
● Bonsai: strip 'till the essentials remain
5. Challenges
● Amount of systems in global organisations
● Old systems get decommissioned
● New systems are set-up
● In a global organisation no-one really
knows how many systems disappear or
being added (monthly extract from central
management database)
● On most systems Secure Shell keys were
exchanged, but we lost track of it
● Audit trails - login as root user is not
allowed
6. What can adhocr do for you?
● Run commands on remote Unix systems
(Linux, HP-UX, Solaris, AIX, …)
– Under your account
– As 'root' via 'sudo su -'
● Enter your password only once
– Ideal in Active Directory environments,
LDAP integration with e.g. centrify
– “sudo su –“ must be execute under your
account
● Upload/Download files
7. What can adhocr do for you?
● Central point of logging
● Output of running commands collected in
one output file (or optional per system)
● Batch mode
● Parallellization
● Easy error reporting (at the end of the
batch)
8. Adhocr building blocks
● Written in Korn shell (or Bash)
● Secure Shell
● Requires expect tool:
● Programmed dialogue with interactive
programs, e.g. telnet, ftp, ssh, sftp, etc...
● Written by Don Libes between 1987 and
1999
● Home page: http://expect.nist.gov
● Learning expect – see README of expect
● Available for all Operating Systems
9. Re-inventing the wheel?
● Probably 'adhocr' seems nothing new?
Inventing the Wheel cartoon,
October 2, 2009.
(Bill Abbott http://www.toonpool.com/)
10. Alternatives (1)
● Parallel-ssh -
http://code.google.com/p/parallel-ssh/
● Enhanced parallel-ssh with modules and
scripts
https://github.com/jcmcken/parallel-ssh
● pssh -h hostfile.txt --script
restart_iptables.sh –sudo
● Still expecting sudo without password
prompting
● Written in python
11. Alternatives (2)
● Parallel Distributed Shell -
https://code.google.com/p/pdsh/
● pdsh -R ssh -w host1,host2 command
● Expects ssh keys have been exchanged
● Sudo is not native foreseen
● Written in C language
12. Alternatives (3)
● Fabric - https://github.com/fabric/fabric
● Python library and command-line tool for
streamlining the use of SSH for application
deployment or systems administration
tasks
● Seems to be python version dependent
● Problematic to use on different UNIXes
● Too complicated for simple tasks
● Learning curve too long (for me at least)
13. Alternatives (4)
● Rex - http://rexify.org/
● Manage from a central point through the
complete process of configuration
management and software deployment
● rex -e 'say run "uptime";' -H
"hosts[01..10]" -u root -p password
● Written in perl
● Complicated tasks need rexfiles
● Requires a learning curve
14. Alternatives (5)
● Func (Fedora Unified Network Controller) -
https://fedorahosted.org/func/
● Written in python and needs certmaster
● Is Linux focused
● func *.domain.com call hardware info
● Not really an option in our organisation
● Not too complicated if used as SSH
replacement
15. Alternatives (6)
● Ansible - http://ansible.github.com/
● Written in python
● Uses SSH and has no other dependencies
● Ansible has a short learning curve
● ansible atlanta -a "commands" -u
username --sudo [--ask-sudo-pass]
● Comes very close to what we need
● Sudo to root (without password prompting)
● Supported on Linux, FreeBSD, Darwin
16. Tips and Tricks (1)
● Distributing your public key
● ssh-copy-id -i ~/.ssh/id_rsa.pub
user@server
● Pitty ssh-copy-id command is not available
on all Unix versions.
● Distributing your public key (alternative)
● Use adhocr for this task
● Play with Ansible playbooks (very
attractive)
19. Makefile (Linux only)
rewrite:
@echo -e "033[1m== Rewriting $(adhocr_source) ==033[0;0m"
sed -i.orig
-e 's#^Version=.*#Version=$(version)#'
-e 's#^CompanyName=.*#CompanyName=$(companyname)#'
-e 's#^SudoGroup=.*#SudoGroup=$(sudogroup)#'
$(adhocr_source)
adhocr: adhocr.sh.x
-cp -f adhocr.sh.x adhocr
-chmod 711 adhocr
adhocr.sh.x: $(adhocr_source) rewrite shc
/usr/local/bin/shc -r -T -f $(adhocr_source)
shc:
@echo -e "033[1m== Shell Compiling $(adhocr_source) ==033[0;0m"
if test ! -x $(shc_bin) ; then
@echo "Error: we need shc (http://www.datsi.fi.upm.es/~frosal/)" ;
exit 1 ;
fi
20. Tips and Tricks (2)
● Shell Compiling : Source code protection
● Tired of customers using your trial scripts
(free development)?
● Try SHC from Francisco Rosales
● Encrypts the shell script, and puts a C
wrapper around it
● http://www.datsi.fi.upm.es/~frosal/
● Does not compile on all OSes
● Remember security by obscurity is no good
21. adhocr.spec file
$ more spec/adhocr.spec
%define rpmrelease %{nil}
%define companyname "Your Company Name"
%define sudogroup "wheel"
Summary: A tool to run commands on multiple systems
simultaneously using expect
Name: adhocr
Version: 1.4
Release: 1%{?rpmrelease}%{?dist}
License: GPLv3
Group: Applications/File
URL: https://github.com/gdha/adhocr
22. Installation of rpm (Linux)
● $ make rpm
● $ sudo rpm -ivh adhocr-1.4-
1.el6.x86_64.rpm
error: Failed dependencies:
expect is needed by adhocr-1.4-
1.el6.x86_64
ksh is needed by adhocr-1.4-1.el6.x86_64
● Install the missing dependencies
● $ file /usr/bin/adhocr
/usr/bin/adhocr: ELF 64-bit LSB executable, x86-
64, version 1 (SYSV), dynamically linked (uses
shared libs), for GNU/Linux 2.6.18, stripped
23. Installation on non-Linux
● The adhocr.sh is the only script that is
needed
● Customise 2 parameters:
● CompanyName
● SudoGroup
● Copy script to /usr/local/bin/adhocr
● Keep in mind the dependencies for
● Ksh
● Expect
24. Tips and Tricks (3)
● To install dependencies on HP-UX use
depothelper (free)
● http://hpux.connect.org.uk/hppd/hpux/Sysadmin/
depothelper-2.00/
● # bin/depothelper expect
● On Windows use Cygwin (free)
● Run setup.exe and select ksh and expect
● Solaris: https://unixpackages.com/ (not free)
● AIX: http://www.bullfreeware.com/ (free)
25. Adhocr usage
$ adhocr
*************************************************
adhocr : Ad-hoc Copy and Run
version 1.4
*************************************************
Usage: adhocr [-p #max-processes] [-u username] [-k] -f filename-containing-
systems [-h] -c "commands to execute"
-p maximum number of concurrent processes running (in the
background) [optional - default is 10]
-u The user "username" should be part of the "se" group for executing
sudo [default is gdha]
-k keep the log directory with individual log files per system [optional -
default is remove]
-f filename containing list of systems to process
-h show extended usage
-c "command(s) to execute on remote systems"
26. Extended help (1)
● -p #threads (Maximum number of concurrent
processes running)
● -u <username> (by default your account)
● -k (keep the log directory)
● -f <filename> (containing list of systems)
● -l <logdir> (by default . or logs/ if it exists)
● -o <outputdir> (by default . or output/ if it
exists)
● -sudo (force remote cmds to be exec as root)
27. Extended help (2)
● -x (use expect – is default behaviour)
● - npw|-nx|-bg (use only SSH keys) !
● -up (upload files)
● -dl (download files)
● -t <timeout> (in secs to kill hanging procs)
● -h show extended help
● -c <command(s)>
28. Simple queries
$ adhocr -f HPUX1111-systems -t 30 -p 50 -c uptime
*************************************************
adhocr : Ad-hoc Copy and Run
version 1.4
*************************************************
** Enter the domain password of user gdhaese:
Script name : /usr/bin/adhocr
Filename containing list of systems : HPUX1111-systems
Amount of systems to roll-over is 334
Will execute the commands in a bunch of 50
Command to execute : uptime
The individual log files found under ./2012-10-19.153459 will be removed at the end
[1] Executing expect with ssh gdhaese1@brsjd002 uptime
======= brsjd002 (starting at 101912_1535)
29. Run adhocr as another user (1)
# adhocr -u gdhaese -f systems/tape-hosts -t 30
-c /home/gdhaese/bin/check_san_tape_device.sh
*************************************************
adhocr : Ad-hoc Copy and Run
version 1.4
*************************************************
** Enter the domain password of user gdhaese:
Script name : adhocr
Filename containing list of systems : systems/tape-hosts
Amount of systems to roll-over is 2
Will execute the commands in a bunch of 10
Command to execute : /home/gdhaese/bin/check_san_tape_device.sh
The individual log files found under ./logs/2012-10-18.160819
will be removed at the end
…..
30. Run adhocr as another user (2)
...
[1] Executing expect with ssh gdhaese@mdde1d01
/home/gdhaese/bin/check_san_tape_device.sh
======= mdde1d01 (starting at 101812_1608)
[2] Executing expect with ssh gdhaese@mdde1d02
/home/gdhaese/bin/check_san_tape_device.sh
======= mdde1d02 (starting at 101812_1608)
- 2 running jobs at this moment.
======= mdde1d01 (ending at 101812_1608)
======= mdde1d02 (ending at 101812_1608)
*** Logfile = ./logs/adhocr-2012-10-18.160819.log
(containing error messages)
*** Output = ./output/adhocr-2012-10-18.160819.output
(concatenated output of system output)
..
*** Removing Output directory ./logs/2012-10-18.160819/
32. Uploading files with adhocr
● To upload scripts or other files to selected
hosts use
● adhocr -f systems -t 30 -up -c “local-file
remote-location”
● adhocr -f systems -c "mkdir -m 700 .ssh"
● adhocr -t 60 -f systems -up -c
"~/.ssh/authorized_keys .ssh/"
33. Executing tasks with adhocr
● adhocr -f systems -t 30 -up -c
“adhocr_rear_upgrade.sh bin/”
● adhocr -f systems -t 30 -c
"/home/gdha/bin/adhocr_rear_upgrade.sh"
-sudo
*************************************************
adhocr : Ad-hoc Copy and Run
version 1.4
*************************************************
###################################################################
S U D O W A R N I N G
###################################################################
You are about to be granted root shell access. By continuing,
you agree to the following requirements:
….
34. Output cluttered with sudo stuff
● The output file is not really readable with
all the sudo output
BEGIN HOST ##### itsusralabvm029 #####
spawn ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=no gdhaese@itsusralabvm029
gdhaese@itsusralabvm029's password:
Last login: Thu Oct 25 04:30:08 2012 from itsusralabvm029
gdhaese@itsusralabvm029:~>
gdhaese@itsusralabvm029:~> sudo su -
You are about to be granted root shell access. By continuing, you agree to
the following requirements:
- Your access to the root shell must have been authorized by being a member
of one of the groups that grants this access.
- You may not use the privileges granted by the use of the root shell to
grant elevated privileges to any other user or any other account.
- If you have been granted root shell access on a temporary basis, you MUST
exit the root shell as soon as you complete your actions.
Unauthorized use may subject you to My Company disciplinary proceedings
and/or criminal and civil penalties under state, federal or other applicable
domestic and foreign laws. The use of this system may be monitored and recorded
for administrative and security reasons. If such monitoring and/or recording
reveal possible evidence of criminal activity, My Company may provide
the evidence of such monitoring to law enforcement officials.
gdhaese's password:
[root@itsusralabvm029:/root]#
#->
[root@itsusralabvm029:/root]#
#-> /home/gdhaese1/adhocr_rear_upgrade.sh
--------------------------------------------------------------------------------
Script: adhocr_rear_upgrade.sh
Installation Host: itsusralabvm029
Installation User: root
Installation Date: Thu Oct 25 08:35:46 UTC 2012
Installation Log: /var/adm/install-logs/adhocr_rear_upgrade.scriptlog
--------------------------------------------------------------------------------
*** Pre-installation Test on system itsusralabvm029.dfdev.jnj.com ***
rear-1.14-3
35. Using start-end markers
● #=-=-=#Start … #=-=-=#End
cat ./adhocr-2012-10-25.071012.output
BEGIN HOST ##### itsusralabvm029 #####
--------------------------------------------------------------------------------
Script: adhocr_rear_upgrade.sh
Installation Host: itsusralabvm029
Installation User: root
Installation Date: Thu Oct 25 11:10:28 UTC 2012
Installation Log: /var/adm/install-logs/adhocr_rear_upgrade.scriptlog
--------------------------------------------------------------------------------
*** Pre-installation Test on system itsusralabvm029 ***
rear-1.14-3
--------------------------------------------------------------------------------
*** Installation Steps on system itsusralabvm029 ***
Upgrading rear
Loading repository data...
Reading installed packages...
'rear' is already installed.
Resolving package dependencies...
Nothing to do.
--------------------------------------------------------------------------------
*** Post-installation Test on system itsusralabvm029 ***
rear-1.14-3
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
** Script ended at Thu Oct 25 11:10:30 UTC 2012
Execution time on host itsusralabvm029 was 11.4928730220794678 seconds
END HOST ##### itsusralabvm029 #####
--------------------------------------------------------------------------------
36. adhocr or not to adhocr?
● Run commands on remote Unix systems
(Linux, HP-UX, Solaris, AIX, …)
– Under your account
– As 'root' via 'sudo su -'
● Enter your password only once
– Ideal in Active Directory environments,
LDAP integration with e.g. centrify
– “sudo su –“ must be execute under your
account
● Upload/Download files