wok-current rev 8781
mirror-tools: add shellinabox script
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Tue Feb 22 18:09:11 2011 +0100 (2011-02-22) |
parents | cc498b7cba29 |
children | 05bcd96a7adb |
files | mirror-tools/stuff/usr/share/mirror-host/boot/shellinabox.sh mirror-tools/stuff/usr/share/mirror-host/etc/init.d/shellinabox |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/mirror-tools/stuff/usr/share/mirror-host/boot/shellinabox.sh Tue Feb 22 18:09:11 2011 +0100 1.3 @@ -0,0 +1,107 @@ 1.4 +#!/bin/sh 1.5 + 1.6 +services="/ /reset /reboot /ssh" 1.7 + 1.8 +mkexe() 1.9 +{ 1.10 +exe=$0 1.11 +while true; do 1.12 + cd $(dirname $exe) 1.13 + exe=$(basename $exe) 1.14 + [ -L $exe ] || break 1.15 + exe=$(readlink $exe) 1.16 +done 1.17 +echo $(pwd)/$exe 1.18 +} 1.19 +exe=$(mkexe) 1.20 + 1.21 +services_arg() 1.22 +{ 1.23 +for i in $services ; do 1.24 + echo -n "-s '$i:root:root:/tmp:LINES=25 /bin/sh -c \"$exe service $i " 1.25 + echo -n "\${peer} \${url} \${columns} \${lines}\"' " 1.26 +done 1.27 +} 1.28 + 1.29 +launch_ssh() 1.30 +{ 1.31 + # Get SSH server 1.32 + server="" 1.33 + echo -n "SSH server: " 1.34 + read -t 300 server || exit 1 1.35 + [ -n "$server" ] || exit 1 1.36 + 1.37 + # Allow non default SSH port with format server:port 1.38 + sshport="" 1.39 + case "$server" in 1.40 + *:*) sshport="-p ${server#*:}" 1.41 + server=${server%:*};; 1.42 + esac 1.43 + 1.44 + # heading ! in server name means open remote ssh port with a knock sequence 1.45 + if [ -x /usr/bin/knock ]; then 1.46 + case "$server" in 1.47 + !*) server=${server#*!} 1.48 + echo -n "Knock sequence (port[:proto]...): " 1.49 + read -t 30 sequence && knock ${server#*@} $sequence 1.50 + esac 1.51 + fi 1.52 + 1.53 + # Get SSH user if missing 1.54 + case "$server" in 1.55 + *@*) ;; 1.56 + *) echo -n "$server login: " 1.57 + read -t 30 user || exit 1 1.58 + server="$user@$server";; 1.59 + esac 1.60 + 1.61 + # Launch OpenSSH or Dropbear 1.62 + sshargs="-oPreferredAuthentications=keyboard-interactive,password -oNoHostAuthenticationForLocalhost=yes -oLogLevel=FATAL -F/dev/null"; 1.63 + [ -L /usr/bin/ssh ] && sshargs="" 1.64 + exec ssh $sshport $sshargs $server 1.65 +} 1.66 + 1.67 +auth() 1.68 +{ 1.69 + while read host md5 ; do 1.70 + [ "${host#*.}" == "${1#*.}" ] && break 1.71 + done < $(dirname $exe)/shellinabox.secrets 1.72 + echo -n "$host password: " 1.73 + read -s -t 30 password || exit 1 1.74 + [ "$(echo $password | md5sum)" == "$md5 -" ] || exit 1 1.75 + echo "" 1.76 +} 1.77 + 1.78 +pidfile=/var/run/shellinaboxd.pid 1.79 +case "$1" in 1.80 +service) 1.81 + host=$(echo $4 | sed 's/.*\/\/\(.*\):.*/\1/') 1.82 + tty=$(awk "/$host/ { print \$2 }" /etc/inittab) 1.83 + vm=$(awk "/$host/ { print \$3 }" /etc/inittab) 1.84 + [ -n "$vm" ] || exit 1 1.85 + case "$2" in 1.86 + /) 1.87 + auth $host 1.88 + exec /usr/bin/conspy ${tty#tty} ;; 1.89 + /reboot) 1.90 + auth $host 1.91 + echo -n "Sure to reboot $host now (YES or NO) ?" 1.92 + read -t 30 answer || exit 1 1.93 + case "$answer" in 1.94 + YES*) ;; 1.95 + *) exit 1;; 1.96 + esac 1.97 + exec /bin/kill $(ps ww | grep $vm | awk '/lguest/ { printf "%s ",$1 }') ;; 1.98 + /ssh) 1.99 + auth $host 1.100 + launch_ssh ;; 1.101 + esac 1.102 + ;; 1.103 +start) 1.104 + dir=$(dirname $exe) 1.105 + eval shellinaboxd --background=$pidfile --cert=/boot/cert $(services_arg) 1.106 + ;; 1.107 +stop) 1.108 + [ -s $pidfile ] && kill $(cat $pidfile) 1.109 + ;; 1.110 +esac