3 =head1 NAME $RCSfile: Rexec.pm,v $
5 Execute commands remotely and returning the output and status of the
6 remotely executed command.
13 Andrew DeFaria <Andrew@ClearSCM.com>
21 Mon Oct 9 18:28:28 CDT 2006
25 $Date: 2012/04/07 00:39:48 $
37 my $remote = new Rexec (host => $host);
40 print "Connected using " . $remote->{protocol} . " protocol\n";
43 @lines = $remote->execute ($cmd);
44 $status = $remote->status;
45 print "$cmd status: $status\n";
48 print "$_\n" foreach ($remote->execute ("cat /etc/passwd"));
50 print "Unable to connect to $username\@$host\n";
55 This module provides an object oriented interface to executing remote
56 commands on Linux/Unix system (or potentially well configured Windows
57 machines with Cygwin installed). Upon object creation a connection is
58 attempted to the specified host in a cascaded fashion. First ssh is
59 attempted, then rsh/rlogin and finally telnet. This clearly favors
60 secure methods over those less secure ones. If username or password is
61 prompted for, and if they are supplied, then they are used, otherwise
62 the attempted connection is considered failed.
64 Once connected the caller can use the exec method to execute commands
65 on the remote host. Upon object destruction the connection is
66 shutdown. Output from the remotely executed command is returned
67 through the exec method and also avaiable view the lines
68 method. Remote status is available via the status method. This means
69 you can now more reliably obtain the status of the command executed
70 remotely instead of just the status of the ssh/rsh command itself.
72 Note: Currently no attempt has been made to differentiate output
73 written to stdout and stderr.
75 As Expect is used to drive the remote session particular attention
76 should be defining a regex to locate the prompt. The standard prompt
77 regex (if not specified by the caller at object creation) is
79 qr'[#>:$](\s*|\e.+)$'.
81 This covers most default and common prompts.
83 =head1 Handling Timeouts
85 The tricky thing when dealing with remote execution is attempting to
86 determine if the remote machine has finished, stopped responding or
87 otherwise crashed. It's more of an art than a science! The best one
88 can do it send the command along and wait for a response. But how long
89 to wait is the question. If your wait is too short then you run the
90 risk of timing out before the remote command is finished. If you wait
91 too long then you can be possibly waiting for something that will not
92 be happening because the remote machine is either down or did not
93 behave in a manner that you expected it to.
95 To a large extent this module attempts to mitigate these issues on the
96 principal that remote command execution is pretty well known. You log
97 in and get a prompt. Issue a command and get another prompt. If the
98 prompts are well known and easily determinable things go smoothly.
99 However what happens if you execute a command remotely that will take
100 30 minutes to finish?
102 This module has two timeout values. The first is login timeout. It's
103 assumed that logins should happen fairly quickly. The default timeout
104 for logins is 5 seconds.
106 Command timeouts are set by default to 30 seconds. Most commands will
107 finish before then. If you expect a command to take much longer then
108 you can set an alternate timeout period.
110 You can achieve longer timeouts in several ways. To give a longer
111 login timeout specify your timeout to the new call. To give a longer
112 exec timeout either pass a longer timeout to exec or set it view
113 setTimeout. The current exec timeout is returned by getTimeout.
117 The following routines are exported:
131 our $VERSION = '1.0';
133 # This is the "normal" definition of a prompt. However what's normal?
134 # For example, my prompt it typically the machine name followed by a
135 # colon. But even that appears in error messages such as <host>: not
136 # found and will be mistaken for a prompt. No real good way to handle
137 # this so we define a standard prompt here and allow the caller to
138 # override that. But overriding it is tricky and left as an exercise
141 # Here we have a number of the common prompt characters [#>:%$]
142 # followed by zero or more spaces and end of line.
143 our $DEFAULT_PROMPT = qr'[#>:%$](\s*|\e.+)$';
145 my $default_login_timeout = 5;
146 my $default_exec_timeout = 30;
148 my $debug = $ENV{DEBUG} || 0;
166 my ($logged_in, $timedout, $password_attempts) = 0;
168 $self->{protocol} = 'ssh';
170 my $user = $self->{username} ? "$self->{username}\@" : '';
172 my $remote = Expect->new ("ssh $self->{opts} $user$self->{host}");
174 return unless $remote;
176 $remote->log_user ($debug);
181 # If password is prompted for, and if one has been specified, then
183 [ qr "[P|p]assword: $",
185 # If we already supplied the password then it must not have
186 # worked so this protocol is no good.
187 return if $password_attempts;
191 # If we're being prompted for password and there is no
192 # password to supply then there is nothing much we can do but
193 # return undef since we can't get in with this protocol
194 return unless $self->{password};
196 $exp->send ("$self->{password}\n") if $self->{password};
197 $password_attempts++;
203 # Discard lines that begin with "ssh:" (like "ssh: <host>: not
211 # If we find a prompt then everything's good
218 # Of course we may time out...
227 # It's always hard to find the prompt. So let's make a distintive one
228 $self->{prompt} = '@@@';
229 $self->{handle} = $remote;
231 if ($self->{shellstyle} eq 'sh') {
232 $self->execute ('PS1=@@@');
234 $self->execute ('set prompt=@@@');
238 } elsif ($timedout) {
239 carp "WARNING: $self->{host} is not responding to $self->{protocol} protocol";
243 carp "WARNING: Unable to connect to $self->{host} using $self->{protocol} protocol";
251 my ($logged_in, $timedout, $password_attempts) = 0;
253 $self->{protocol} = "rlogin";
255 my $user = $self->{username} ? "-l $self->{username}" : "";
257 my $remote = Expect->new ("rsh $user $self->{host}");
259 return unless $remote;
261 $remote->log_user ($debug);
266 # If password is prompted for, and if one has been specified, then
268 [ qr "[P|p]assword: $",
270 # If we already supplied the password then it must not have
271 # worked so this protocol is no good.
272 return if $password_attempts;
276 # If we're being prompted for password and there is no
277 # password to supply then there is nothing much we can do but
278 # return undef since we can't get in with this protocol
279 return unless $self->{password};
281 $exp->send ("$self->{password}\n");
282 $password_attempts++;
288 # HACK! rlogin may return "<host>: unknown host" which clashes
289 # with some prompts (OK it clashes with my prompt...)
296 # If we find a prompt then everything's good
303 # Of course we may time out...
312 # It's always hard to find the prompt. So let's make a distintive one
313 $self->{prompt} = '@@@';
314 $self->{handle} = $remote;
316 if ($self->{shellstyle} eq 'sh') {
317 $self->execute ('PS1=@@@');
319 $self->execute ('set prompt=@@@');
323 } elsif ($timedout) {
324 carp "WARNING: $self->{host} is not responding to $self->{protocol} protocol";
328 carp "WARNING: Unable to connect to $self->{host} using $self->{protocol} protocol";
336 my ($logged_in, $timedout, $password_attempts) = 0;
338 $self->{protocol} = "telnet";
340 my $remote = Expect->new ("telnet $self->{host}");
342 return unless $remote;
344 $remote->log_user ($debug);
349 # If login is prompted for, and if what has been specified, then
355 # If we're being prompted for username and there is no
356 # username to supply then there is nothing much we can do but
357 # return undef since we can't get in with this protocol
358 return unless $self->{username};
360 $exp->send ("$self->{username}\n");
365 # If password is prompted for, and if one has been specified, then
367 [ qr "[P|p]assword: $",
369 # If we already supplied the password then it must not have
370 # worked so this protocol is no good.
371 return if $password_attempts;
375 # If we're being prompted for password and there is no
376 # password to supply then there is nothing much we can do but
377 # return undef since we can't get in with this protocol
378 return unless $self->{password};
380 $exp->send ("$self->{password}\n");
381 $password_attempts++;
387 # HACK! rlogin may return "<host>: Unknown host" which clashes
388 # with some prompts (OK it clashes with my prompt...)
395 # If we find a prompt then everything's good
402 # Of course we may time out...
411 # It's always hard to find the prompt. So let's make a distintive one
412 $self->{prompt} = '@@@';
413 $self->{handle} = $remote;
415 if ($self->{shellstyle} eq 'sh') {
416 $self->execute ('PS1=@@@');
418 $self->execute ('set prompt=@@@');
422 } elsif ($timedout) {
423 carp "WARNING: $self->{host} is not responding to $self->{protocol} protocol";
427 carp "WARNING: Unable to connect to $self->{host} using $self->{protocol} protocol";
439 Performs a login on the remote host. Normally this is done during
440 construction but this method allows you to login, say again, as maybe
445 =for html <blockquote>
453 =for html </blockquote>
457 =for html <blockquote>
465 =for html </blockquote>
469 # Close any prior opened sessions
470 $self->logoff if ($self->{handle});
474 if ($self->{protocol}) {
475 if ($self->{protocol} eq "ssh") {
477 } elsif ($self->{protocol} eq "rsh" or $self->{protocol} eq "rlogin") {
478 return $self->rlogin;
479 } elsif ($self->{protocol} eq "telnet") {
480 return $self->telnet;
482 croak "ERROR: Invalid protocol $self->{protocol} specified", 1;
485 return $remote if $remote = $self->ssh;
486 return $remote if $remote = $self->rlogin;
487 return $self->telnet;
500 Performs a logout on the remote host. Normally handled in the
501 destructor but you could call logout to logout if you wish.
505 =for html <blockquote>
513 =for html </blockquote>
517 =for html <blockquote>
525 =for html </blockquote>
529 $self->{handle}->soft_close;
531 undef $self->{handle};
532 undef $self->{status};
533 undef $self->{lines};
545 This method instantiates a new Rexec object. Currently only hash style
546 parameter passing is supported.
550 =for html <blockquote>
554 =item host => <host>:
556 Specifies the host to connect to. Default: localhost
558 =item username => <username>
560 Specifies the username to use if prompted. Default: No username specified.
562 =item password => <password>
564 Specifies the password to use if prompted. Default: No password
565 specified. Note passwords must be in cleartext at this
566 time. Specifying them makes you insecure!
568 =item prompt => <prompt regex>
570 Specifies a regex describing how to identify a prompt. Default:
571 qr'[#>:$](\s*|\e.+)$'
573 =item protocol => <ssh|rsh|rlogin|telnet>
575 Specifies the protocol to use when connecting. Default: Try them all
578 =item opts => <options>
580 Additional options for protocol (e.g. -X for ssh and X forwarding)
582 =item verbose => <0|1>
584 If true then status messages are echoed to stdout. Default: 0.
588 =for html </blockquote>
592 =for html <blockquote>
600 =for html </blockquote>
608 $self->{host} = $parms{host} ? $parms{host} : 'localhost';
609 $self->{username} = $parms{username};
610 $self->{password} = $parms{password};
611 $self->{prompt} = $parms{prompt} ? $parms{prompt} : $DEFAULT_PROMPT;
612 $self->{protocol} = $parms{protocol};
613 $self->{verbose} = $parms{verbose};
614 $self->{shellstyle} = $parms{shellstyle} ? $parms{shellstyle} : 'sh';
615 $self->{opts} = $parms{opts} ? $parms{opts} : '';
616 $self->{timeout} = $parms{timeout} ? $parms{timeout} : $default_login_timeout;
618 if ($self->{shellstyle} ne 'sh' and $self->{shellstyle} ne 'csh') {
619 croak 'ERROR: Unknown shell style specified. Must be one of "sh" or "csh"',
622 bless ($self, $class);
625 $self->{handle} = $self->login;
627 # Set timeout to $default_exec_timeout
628 $self->{timeout} = $default_exec_timeout;
630 return $self->{handle} ? $self : undef;
634 my ($self, $cmd, $timeout) = @_;
638 =head3 exec ($cmd, $timeout)
640 This method executes a command on the remote host returning an array
641 of lines that the command produced, if any. Status of the command is
642 stored in the object and accessible via the status method.
646 =for html <blockquote>
652 Command to execute remotely
656 Set timeout for this execution. If timeout is 0 then wait forever. If
657 you wish to interrupt this then set up a signal handler.
661 =for html </blockquote>
665 =for html <blockquote>
671 An array of lines from STDOUT of the command. If STDERR is also wanted
672 then add STDERR redirection to $cmd. Exit status is not returned by
673 retained in the object. Use status method to retrieve it.
677 =for html </blockquote>
681 # If timeout is specified for this exec then use it - otherwise
682 # use the object's defined timeout.
683 $timeout = $timeout ? $timeout : $self->{timeout};
685 # If timeout is set to 0 then the user wants an indefinite
686 # timeout. But Expect wants it to be undefined. So undef it if
687 # it's 0. Note this means we do not support Expect's "check it
688 # only one time" option.
689 undef $timeout if $timeout == 0;
691 # If timeout is < 0 then the user wants to run the command in the
692 # background and return. We still need to wait as we still may
693 # timeout so change $timeout to the $default_exec_timeout in this
694 # case and add a "&" to the command if it's not already there.
695 # because the user has added a & to the command to run it in the
696 if ($timeout && $timeout < 0) {
697 $timeout = $default_exec_timeout;
698 $cmd .= "&" if $cmd !~ /&$/;
701 # Set status to -2 indicating nothing happened! We should never
702 # return -2 (unless a command manages to set $? to -2!)
703 $self->{status} = -2;
705 # Empty lines of any previous command output
708 # Hopefully we will not see the following in the output string
709 my $errno_str = "ReXeCerRoNO=";
710 my $start_str = "StaRT";
714 # If cmd ends in a & then it makes no sense to compose a compound
715 # command. The original command will be in the background and thus
716 # we should not attempt to get a status - there will be none.
718 $compound_cmd = "echo $start_str; $cmd; echo $errno_str";
719 $compound_cmd .= $self->{shellstyle} eq "sh" ? "\$?" : "\$status";
721 $compound_cmd = $cmd;
724 $self->{handle}->send ("$compound_cmd\n");
726 $self->{handle}->expect (
731 $self->{status} = -1;
745 my $before = $exp->before;
746 my $after = $exp->after;
748 if ($after =~ /(\d+)/) {
749 $self->{status} = $1;
752 my @output = split /\n/, $before;
755 chop @output if $output[0] =~ /\r$/;
759 last if /$errno_str=/;
770 print 'Hit prompt!' if $debug;
775 $self->{lines} = \@lines;
781 my ($self, $timeout) = @_;
787 Aborts the current command by sending a Control-C (assumed to be the
788 interrupt character).
792 =for html <blockquote>
800 =for html </blockquote>
804 =for html <blockquote>
810 1 if abort was successful (we got a command prompt back) or 0 if it
815 =for html </blockquote>
819 # If timeout is specified for this exec then use it - otherwise
820 # use the object's defined timeout.
821 $timeout = $timeout ? $timeout : $self->{timeout};
823 # If timeout is set to 0 then the user wants an indefinite
824 # timeout. But Expect wants it to be undefined. So undef it if
825 # it's 0. Note this means we do not support Expect's "check it
826 # only one time" option.
827 undef $timeout if $timeout == 0;
829 # Set status to -2 indicating nothing happened! We should never
830 # return -2 (unless a command manages to set $? to -2!)
831 $self->{status} = -2;
833 $self->{handle}->send ("\cC");
835 $self->{handle}->expect (
840 $self->{status} = -1;
846 print "Hit prompt!" if $debug;
851 return $self->{status};
861 Returns the status of the last command executed remotely.
865 =for html <blockquote>
873 =for html </blockquote>
877 =for html <blockquote>
883 Last status from exec.
887 =for html </blockquote>
891 return $self->{status};
901 Returns the shellstyle
905 =for html <blockquote>
913 =for html </blockquote>
917 =for html <blockquote>
923 sh: Bourne or csh: for csh style shells
927 =for html </blockquote>
931 return $self->{shellstyle};
941 Returns the lines array from the last command called by exec.
945 =for html <blockquote>
953 =for html </blockquote>
957 =for html <blockquote>
963 An array of lines from the last call to exec.
967 =for html </blockquote>
971 return @{$self->{lines}};
981 Essentially prints the lines array to stdout
985 =for html <blockquote>
993 =for html </blockquote>
997 =for html <blockquote>
1005 =for html </blockquote>
1009 print "$_\n" foreach ($self->lines);
1021 Returns the host from the object.
1025 =for html <blockquote>
1033 =for html </blockquote>
1037 =for html <blockquote>
1045 =for html </blockquote>
1049 return $self->{host};
1055 $self->{handle}->hard_close
1066 Returns the timeout from the object.
1070 =for html <blockquote>
1078 =for html </blockquote>
1082 =for html <blockquote>
1090 =for html </blockquote>
1094 return $self->{timeout} ? $self->{timeout} : $default_login_timeout;
1097 sub setTimeout ($) {
1098 my ($self, $timeout) = @_;
1102 =head3 setTimeout ($timeout)
1104 Sets the timeout value for subsequent execution.
1108 =for html <blockquote>
1114 New timeout value to set
1118 =for html </blockquote>
1122 =for html <blockquote>
1132 =for html </blockquote>
1136 my $oldTimeout = $self->getTimeout;
1137 $self->{timeout} = $timeout;
1148 If verbose is turned on then connections or failure to connect will be
1153 <host> is not responding to <protocol>
1154 Connected to <host> using <protocol> protocol
1155 Unable to connect to <host> using <protocol> protocol
1159 Specifying cleartext passwords is not recommended for obvious security concerns.
1161 =head1 CONFIGURATION AND ENVIRONMENT
1163 Configuration files and environment variables.
1175 =for html <a href="http://search.cpan.org/~rgiersig/Expect-1.21/Expect.pod">Expect</a>
1177 =head3 ClearSCM Perl Modules
1179 =for html <p><a href="/php/scm_man.php?file=lib/Display.pm">Display</a></p>
1181 =head1 INCOMPATABILITIES
1185 =head1 BUGS AND LIMITATIONS
1187 There are no known bugs in this module.
1189 Please report problems to Andrew DeFaria <Andrew@ClearSCM.com>.
1191 =head1 LICENSE AND COPYRIGHT
1193 This Perl Module is freely available; you can redistribute it and/or
1194 modify it under the terms of the GNU General Public License as
1195 published by the Free Software Foundation; either version 2 of the
1196 License, or (at your option) any later version.
1198 This Perl Module is distributed in the hope that it will be useful,
1199 but WITHOUT ANY WARRANTY; without even the implied warranty of
1200 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1201 General Public License (L<http://www.gnu.org/copyleft/gpl.html>) for more
1204 You should have received a copy of the GNU General Public License
1205 along with this Perl Module; if not, write to the Free Software Foundation,
1206 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.