public static Statement addAuthorizedKeysToRoot(String publicKey) { return newStatementList( appendFile("/root/.ssh/authorized_keys", Splitter.on('\n').split(publicKey)), interpret("chmod 600 /root/.ssh/authorized_keys")); }
public String render(OsFamily family) { String linesToPrepend = Joiner.on('\n').withKeyValueSeparator(" ").join(params); Statement prependSshdConfig = exec(String.format( "exec 3<> %1$s && awk -v TEXT=\"%2$s\n\" 'BEGIN {print TEXT}{print}' %1$s >&3", sshdConfig, linesToPrepend)); Statement reloadSshdConfig = exec("hash service 2>&- && service ssh reload 2>&- || /etc/init.d/ssh* reload"); return newStatementList(prependSshdConfig, reloadSshdConfig).render(family); }
public String render(OsFamily family) { String linesToPrepend = Joiner.on('\n').withKeyValueSeparator(" ").join(params); Statement prependSshdConfig = exec(String.format( "exec 3<> %1$s && awk -v TEXT=\"%2$s\n\" 'BEGIN {print TEXT}{print}' %1$s >&3", sshdConfig, linesToPrepend)); Statement reloadSshdConfig = exec("hash service 2>&- && service ssh reload 2>&- || /etc/init.d/ssh* reload"); return newStatementList(prependSshdConfig, reloadSshdConfig).render(family); }
public String render(OsFamily family) { String linesToPrepend = Joiner.on('\n').withKeyValueSeparator(" ").join(params); Statement prependSshdConfig = exec(String.format( "exec 3<> %1$s && awk -v TEXT=\"%2$s\n\" 'BEGIN {print TEXT}{print}' %1$s >&3", sshdConfig, linesToPrepend)); Statement reloadSshdConfig = exec("hash service 2>&- && service ssh reload 2>&- || /etc/init.d/ssh* reload"); return newStatementList(prependSshdConfig, reloadSshdConfig).render(family); }
public String render(OsFamily family) { String linesToPrepend = Joiner.on('\n').withKeyValueSeparator(" ").join(params); Statement prependSshdConfig = exec(String.format( "exec 3<> %1$s && awk -v TEXT=\"%2$s\n\" 'BEGIN {print TEXT}{print}' %1$s >&3", sshdConfig, linesToPrepend)); Statement reloadSshdConfig = exec("hash service 2>&- && service ssh reload 2>&- || service sshd reload 2>&- || /etc/init.d/ssh* reload"); return newStatementList(prependSshdConfig, reloadSshdConfig).render(family); }
public String render(OsFamily family) { String linesToPrepend = Joiner.on('\n').withKeyValueSeparator(" ").join(params); Statement prependSshdConfig = exec(String.format( "exec 3<> %1$s && awk -v TEXT=\"%2$s\n\" 'BEGIN {print TEXT}{print}' %1$s >&3", sshdConfig, linesToPrepend)); Statement reloadSshdConfig = exec("hash service 2>&- && service ssh reload 2>&- || service sshd reload 2>&- || /etc/init.d/ssh* reload"); return newStatementList(prependSshdConfig, reloadSshdConfig).render(family); }
public String render(OsFamily family) { String linesToPrepend = Joiner.on('\n').withKeyValueSeparator(" ").join(params); Statement prependSshdConfig = exec(String.format( "exec 3<> %1$s && awk -v TEXT=\"%2$s\n\" 'BEGIN {print TEXT}{print}' %1$s >&3", sshdConfig, linesToPrepend)); Statement reloadSshdConfig = exec("hash service 2>&- && service ssh reload 2>&- || service sshd reload 2>&- || /etc/init.d/ssh* reload"); return newStatementList(prependSshdConfig, reloadSshdConfig).render(family); }
public static Statement authorizePortInIpTables(int port) { // TODO gogrid rules only allow ports 22, 3389, 80 and 443. // the first rule will be ignored, so we have to apply this // directly return Statements.newStatementList(// just in case iptables are being used, try to open 8080 exec("iptables -I INPUT 1 -p tcp --dport " + port + " -j ACCEPT"),// exec("iptables -I RH-Firewall-1-INPUT 1 -p tcp --dport " + port + " -j ACCEPT"),// exec("iptables-save")); }
public void testWhenAdminAccessInsideList() { AdminAccess.Configuration configuration = createMock(AdminAccess.Configuration.class); AdminAccess statement = createMock(AdminAccess.class); Credentials creds = createMock(Credentials.class); expect(statement.getAdminCredentials()).andReturn(creds); replay(configuration); replay(statement); replay(creds); assertEquals(CredentialsFromAdminAccess.INSTANCE.apply(Statements.newStatementList(statement)), creds); verify(configuration); verify(statement); verify(creds); }
public void testWhenNotAdminAccess() { Statement statement = Statements.exec("echo hello"); assertEquals(CredentialsFromAdminAccess.INSTANCE.apply(statement), null); Statement statementList = Statements.newStatementList(statement); assertEquals(CredentialsFromAdminAccess.INSTANCE.apply(statementList), null); }
public void testWhenNotAdminAccess() { Statement statement = Statements.exec("echo hello"); assertEquals(CredentialsFromAdminAccess.INSTANCE.apply(statement), null); Statement statementList = Statements.newStatementList(statement); assertEquals(CredentialsFromAdminAccess.INSTANCE.apply(statementList), null); }
private static void ensureUserExistsAndAuthorizeSudo( StatementBuilder builder, String user, String publicKey, String privateKey ) { builder.addExport("NEW_USER", user); builder.addExport("DEFAULT_HOME", "/home/users"); builder.addStatement(0, newStatementList( ensureUserExistsWithPublicAndPrivateKey(user, publicKey, privateKey), makeSudoersOnlyPermitting(user), disablePasswordBasedAuth()) ); }
private static void ensureUserExistsAndAuthorizeSudo( StatementBuilder builder, String user, String publicKey, String privateKey ) { builder.addExport("NEW_USER", user); builder.addExport("DEFAULT_HOME", "/home/users"); builder.addStatement(0, newStatementList( ensureUserExistsWithPublicAndPrivateKey(user, publicKey, privateKey), makeSudoersOnlyPermitting(user), disablePasswordBasedAuth()) ); }
public void testWhenNotAdminAccess() { AdminAccess.Configuration configuration = createMock(AdminAccess.Configuration.class); InitAdminAccess initAdminAccess = new InitAdminAccess(configuration); replay(configuration); initAdminAccess.visit(Statements.exec("echo hello")); initAdminAccess.visit(Statements.newStatementList(Statements.exec("echo hello"))); verify(configuration); }
public Boolean call() { Statement statement = Statements.newStatementList(exec("hostname")); // NB this assumes passwordless sudo ! ExecResponse response = computeService.runScriptOnNode(nodeRef.getId(), statement, overrideLoginCredentials(expectedCredentialsRef).runAsRoot(false)); return response.getExitStatus() == 0; }}) .limitTimeTo(delayMs, MILLISECONDS)
public void testWhenNotAdminAccess() { AdminAccess.Configuration configuration = createMock(AdminAccess.Configuration.class); InitAdminAccess initAdminAccess = new InitAdminAccess(configuration); replay(configuration); initAdminAccess.visit(Statements.exec("echo hello")); initAdminAccess.visit(Statements.newStatementList(Statements.exec("echo hello"))); verify(configuration); }
protected static Template addRunScriptToTemplate(Template template) { template.getOptions().runScript(Statements.newStatementList(AdminAccess.standard(), InstallJDK.fromOpenJDK())); return template; }
/** * Record timestamps for this phase execution on the remote machine */ @Override public void beforeBootstrap(ClusterActionEvent event) { addStatement(event, Statements.newStatementList( exec("date +%s > /tmp/bootstrap-start"), exec("sleep 60"), // 1 minute exec("date +%s > /tmp/bootstrap-end") )); recordTime("before-bootstrap"); }
protected Template addRunScriptToTemplate(Template template) { template.getOptions().runScript(Statements.newStatementList(AdminAccess.standard(), InstallJDK.fromOpenJDK())); return template; }
@Override protected Template addRunScriptToTemplate(Template template) { template.getOptions().runScript( Statements.newStatementList(new Statement[] { AdminAccess.standard(), Statements.exec("sleep 50"), InstallJDK.fromOpenJDK() })); return template; } }