diff options
| -rwxr-xr-x | bin/runmirrors | 51 | ||||
| -rw-r--r-- | etc/common | 29 |
2 files changed, 60 insertions, 20 deletions
diff --git a/bin/runmirrors b/bin/runmirrors index c718ab4..1357f8b 100755 --- a/bin/runmirrors +++ b/bin/runmirrors @@ -112,7 +112,7 @@ rm -f "${LOCKDIR}/all_stage1" # Now read our mirrorfile and push the mirrors defined in there. # We use grep to easily sort out all lines having a # in front of them or are empty. egrep -v '^[[:space:]]*(#|$)' "${MIRRORS}" | -while read MTYPE MLNAME MHOSTNAME MUSER MPROTO MKEYFILE; do +while read MTYPE MLNAME MHOSTNAME MUSER MSSHOPT; do if [ "x${MTYPE}x" = "xDELAYx" ]; then # We should wait a bit. if [ -z ${MLNAME} ]; then @@ -123,19 +123,43 @@ while read MTYPE MLNAME MHOSTNAME MUSER MPROTO MKEYFILE; do continue fi - # Process the two options that can be left blank in the config - if [ -z ${MPROTO} ]; then - MPROTO=2 - fi - if [ -z ${MKEYFILE} ]; then + # Now, MSSHOPT may start with a -. In that case the whole rest of the line is taken + # as a set of options to give to ssh, we pass it without doing anything with it. + # If it starts with a 1 or 2 then it will tell us about the ssh protocol version to use, + # and also means we look if there is one value more after a space. That value would then + # be the ssh keyfile we use with -i. That gives us full flexibility for all + # ssh options but doesn't destroy backwards compatibility. + # If it is empty we assume proto 2 and the default keyfile. + # + # There is one bug in here. We will give out the master keyfile, even if there is a + # "-i /bla/bla" in the options. ssh stuffs them together and presents two keys to the + # target server. In the case both keys do some actions- the first one presented wins. + # And this might not be what one wants. + # + # The only sane way to go around this, i think, is by dropping backward compability. + # Which I don't really like. + if [ -n "${MSSHOPT}" ]; then + # So its not empty, lets check if it starts with a - and as such is a "new-style" + # ssh options set. + if [ "x${MSSHOPT:0:1}x" = "x-x" ]; then + # Yes we start with a - + SSHOPT="${MSSHOPT}" + MPROTO="99" + MKEYFILE="${BASEDIR}/${KEYFILE}" + elif [ ${MSSHOPT:0:1} -eq 1 ] || [ ${MSSHOPT:0:1} -eq 2 ]; then + # We do seem to have oldstyle options here. + MPROTO=${MSSHOPT:0:1} + MKEYFILE=${MSSHOPT:1} + SSHOPT="" + else + error "I don't know what is configured for mirror ${MLNAME}" + continue + fi + else + MPROTO=2 MKEYFILE="${BASEDIR}/${KEYFILE}" - fi - # Now, people can do stupid things and leave out the protocol, but - # define a keyfile... - if [ ${MPROTO} -ne 1 ] && [ ${MPROTO} -ne 2 ]; then - error "Need a correct ssh protocol version for ${MLNAME}, skipping" >> ${LOG} - continue - fi + SSHOPT="" + fi # Built our array SIGNAL_OPTS=( @@ -144,6 +168,7 @@ while read MTYPE MLNAME MHOSTNAME MUSER MPROTO MKEYFILE; do USERNAME="${MUSER}" SSHPROTO="${MPROTO}" SSHKEY="${MKEYFILE}" + SSHOPTS="${SSHOPT/ /#}" PUSHLOCKOWN="${LOCKDIR}/${MLNAME}.stage1" PUSHTYPE="${MTYPE}" PUSHARCHIVE=${PUSHARCHIVE} @@ -39,16 +39,31 @@ signal () { PUSHARCHIVE=${PUSHARCHIVE:-""} PUSHCB=${PUSHCB:-""} + # And now get # back to space... + SSHOPTS=${SSHOPTS/\#/ } + # Defaults we always want, no matter what - SSH_OPTIONS="-o BatchMode=yes -o SetupTimeOut=45 -o ConnectTimeout=45 -o PasswordAuthentication=no" + SSH_OPTIONS="-o user=${USERNAME} -o BatchMode=yes -o SetupTimeOut=45 -o ConnectTimeout=45 -o PasswordAuthentication=no" if [ -n "${SSH_OPTS}" ]; then SSH_OPTIONS="${SSH_OPTIONS} ${SSH_OPTS}" fi - if [ ${SSHPROTO} -ne 1 ] && [ ${SSHPROTO} -ne 2 ]; then - # Idiots, we only want 1 or 2. Cant decide? Lets force 2 - ${SSHPROTO}=2 + if [ -n "${SSHKEY}" ]; then + SSH_OPTIONS="${SSH_OPTIONS} -i ${SSHKEY}" + fi + + if [ -n "${SSHOPTS}" ]; then + SSH_OPTIONS="${SSH_OPTIONS} ${SSHOPTS}" + fi + + if [ ${SSHPROTO} -ne 1 ] && [ ${SSHPROTO} -ne 2 ] && [ ${SSHPROTO} -ne 99 ]; then + # Idiots, we only want 1 or 2. Cant decide? Lets force 2. + SSHPROTO=2 + fi + + if [ -n "${SSHPROTO}" ] && [ ${SSHPROTO} -ne 99 ]; then + SSH_OPTIONS="${SSH_OPTIONS} -${SSHPROTO}" fi date -u >> "${LOGDIR}/${MIRROR}.log" @@ -65,14 +80,14 @@ signal () { # Default normal "fire and forget" push echo "Sending normal push" >> "${LOGDIR}/${MIRROR}.log" PUSHARGS1="sync:all" - ssh $SSH_OPTIONS -i "${SSHKEY}" -o"user ${USERNAME}" -${SSHPROTO} "${HOSTNAME}" "${PUSHARGS} ${PUSHARGS1}" >>"${LOGDIR}/${MIRROR}.log" 2>&1 & + ssh $SSH_OPTIONS "${HOSTNAME}" "${PUSHARGS} ${PUSHARGS1}" >>"${LOGDIR}/${MIRROR}.log" 2>&1 & elif [ "xstagedx" = "x${PUSHTYPE}x" ]; then # Want a staged push. Fine, lets do that echo "Sending staged push" >> "${LOGDIR}/${MIRROR}.log" # Step1: Do a push to only sync stage1, do not background PUSHARGS1="sync:stage1" - ssh $SSH_OPTIONS -i "${SSHKEY}" -o"user ${USERNAME}" -${SSHPROTO} "${HOSTNAME}" "${PUSHARGS} ${PUSHARGS1}" >>"${LOGDIR}/${MIRROR}.log" 2>&1 + ssh $SSH_OPTIONS "${HOSTNAME}" "${PUSHARGS} ${PUSHARGS1}" >>"${LOGDIR}/${MIRROR}.log" 2>&1 touch "${PUSHLOCKOWN}" # Step2: Wait for all the other "lock"files to appear. @@ -111,7 +126,7 @@ signal () { # Step3: It either timed out or we have all the "lock"files, sync stage2 PUSHARGS2="sync:stage2" echo "Now doing the second stage push" >> "${LOGDIR}/${MIRROR}.log" - ssh $SSH_OPTIONS -i "${SSHKEY}" -o"user ${USERNAME}" -${SSHPROTO} "${HOSTNAME}" "${PUSHARGS} ${PUSHARGS2}" >>"${LOGDIR}/${MIRROR}.log" 2>&1 + ssh $SSH_OPTIONS "${HOSTNAME}" "${PUSHARGS} ${PUSHARGS2}" >>"${LOGDIR}/${MIRROR}.log" 2>&1 else # Can't decide? Then you get nothing. return |