-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathceph-post-file.in
executable file
·177 lines (154 loc) · 4.06 KB
/
ceph-post-file.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
#!/usr/bin/env bash
set -e
# If these files exist, assume we are a source install.
if [[ -f ../share/known_hosts_drop.ceph.com && -f ../share/id_rsa_drop.ceph.com ]]
then # running from source install
known_hosts=../share/known_hosts_drop.ceph.com
ssh_key=../share/id_rsa_drop.ceph.com
else # running from a pkg install
known_hosts=@datadir@/known_hosts_drop.ceph.com
ssh_key=@datadir@/id_rsa_drop.ceph.com
fi
function usage() {
echo "Usage: $0 [options] file1 [dir2 ...]
Easily upload files or directories to ceph.com for analysis by Ceph
developers.
Each invocation uploads files or directories to a separate directory
with a unique tag. That tag can be passed to a developer or
referenced in a bug report (http://tracker.ceph.com/). Once the
upload completes, the directory is marked non-readable and
non-writeable to prevent access or modification by other users.
WARNING:
Basic measures are taken to make posted data be visible only to
developers with access to ceph.com infrastructure. However, users
should think twice and/or take appropriate precautions before
posting potentially sensitive data (for example, logs or data
directories that contain Ceph secrets).
Options:
-d|--description <desc> Description for this post
[Default: none]
-u|--user <user> User identifier
[Default: \`whoami\`@\`hostname -f\`]
-r|--remote <user@host> Remote to upload to
[Default: [email protected]]
-k|--known_hosts <path> known_hosts file
[Default: /usr/share/ceph/known_hosts_drop.ceph.com]
-i <path> Ssh identity file
[Default: /usr/share/ceph/id_rsa_drop.ceph.com]
-h|--help Show this usage information
"
}
if [ -z "$*" ]; then
usage
exit 1
fi
description=""
user="`whoami`@`hostname -f`"
remote="[email protected]"
if [ `uname` = FreeBSD ]; then
GETOPT=/usr/local/bin/getopt
else
GETOPT=getopt
fi
ARGS=$(${GETOPT} -n "ceph-post-file" -o 'd:u:hk:i:r:' -l "description:,user:,help,known-hosts:,remote:" -- "$@")
eval set -- $ARGS
while true; do
echo "args: $@"
case $1 in
-d | --description)
description="$2"
shift
shift
;;
-u | --user)
user="$2"
shift
shift
;;
-h | --help)
usage
exit 0
;;
-k | --known-hosts)
known_hosts="$2"
shift
shift
;;
-i)
ssh_key="$2"
shift
shift
;;
-r | --remote)
remote="$2"
shift
shift
;;
--)
shift
break
;;
esac
done
# this id should be shared
id=`uuidgen`
echo "$0: upload tag $id"
# this is secret goop we add to the directory so that $id is not
# enough to find the data using the shared user; only ceph developers
# who have access to the server and can read the post directory can
# find the uploaded data.
nonce=`uuidgen`
# stick the user info in the dir too
dir="${id}_${user}_${nonce}"
t1=$(mktemp) || exit
t2=$(mktemp) || exit
t3=$(mktemp) || exit
t4=$(mktemp) || exit
trap "rm -f -- '$t1' '$t2' '$t3' '$t4'" EXIT
cat > $t1 <<EOF
mkdir post/$dir
cd post/$dir
EOF
echo "$0: user: $user"
cat > $t3 <<EOF
$user
EOF
echo put $t3 user >> $t1
if [ -n "$description" ]; then
echo "$0: description: $description"
cat > $t2 <<EOF
$description
EOF
echo put $t2 description >> $t1
fi
while [ -n "$*" ]; do
if [ -d "$1" ]; then
echo $0: will upload directory $1
bn=`basename "$1"`
cat >> $t1 <<EOF
mkdir $bn
put -r $1
EOF
else
echo $0: will upload file $1
cat >> $t1 <<EOF
put $1
EOF
fi
shift
done
# no UserKnownHostsFile so that we don't try to record the IP hash key
# GlobalKnownHostsFile so that we are verifying that this is the real drop.ceph.com
# IdentitiesOnly=yes forces sftp to ignore any keys offered by ssh-agent
cp "$ssh_key" "$t4"
cp "${ssh_key}.pub" "$t4.pub"
sftp -o "IdentityFile=$t4" \
-C \
-oCheckHostIP=no \
-oGlobalKnownHostsFile=$known_hosts \
-oBatchMode=no \
-oIdentitiesOnly=yes \
-b $t1 -- $remote
echo "$0: copy the upload id below to share with a dev:
ceph-post-file: $id
"