]>
Commit | Line | Data |
---|---|---|
11fdf7f2 TL |
1 | #!/usr/bin/env bash |
2 | set -e | |
7c673cae FG |
3 | |
4 | # If these files exist, assume we are a source install. | |
5 | if [[ -f ../share/known_hosts_drop.ceph.com && -f ../share/id_rsa_drop.ceph.com ]] | |
6 | then # running from source install | |
7 | known_hosts=../share/known_hosts_drop.ceph.com | |
8 | ssh_key=../share/id_rsa_drop.ceph.com | |
9 | else # running from a pkg install | |
10 | known_hosts=@datadir@/known_hosts_drop.ceph.com | |
11 | ssh_key=@datadir@/id_rsa_drop.ceph.com | |
12 | fi | |
13 | ||
14 | function usage() { | |
15 | echo "Usage: $0 [options] file1 [dir2 ...] | |
16 | ||
17 | Easily upload files or directories to ceph.com for analysis by Ceph | |
18 | developers. | |
19 | ||
20 | Each invocation uploads files or directories to a separate directory | |
21 | with a unique tag. That tag can be passed to a developer or | |
22 | referenced in a bug report (http://tracker.ceph.com/). Once the | |
23 | upload completes, the directory is marked non-readable and | |
24 | non-writeable to prevent access or modification by other users. | |
25 | ||
26 | WARNING: | |
27 | Basic measures are taken to make posted data be visible only to | |
28 | developers with access to ceph.com infrastructure. However, users | |
29 | should think twice and/or take appropriate precautions before | |
30 | posting potentially sensitive data (for example, logs or data | |
31 | directories that contain Ceph secrets). | |
32 | ||
33 | Options: | |
34 | -d|--description <desc> Description for this post | |
35 | [Default: none] | |
36 | -u|--user <user> User identifier | |
37 | [Default: \`whoami\`@\`hostname -f\`] | |
38 | -r|--remote <user@host> Remote to upload to | |
39 | [Default: postfile@drop.ceph.com] | |
40 | -k|--known_hosts <path> known_hosts file | |
41 | [Default: /usr/share/ceph/known_hosts_drop.ceph.com] | |
42 | -i <path> Ssh identity file | |
43 | [Default: /usr/share/ceph/id_rsa_drop.ceph.com] | |
44 | -h|--help Show this usage information | |
45 | " | |
46 | } | |
47 | ||
48 | if [ -z "$*" ]; then | |
49 | usage | |
50 | exit 1 | |
51 | fi | |
52 | ||
53 | description="" | |
54 | user="`whoami`@`hostname -f`" | |
55 | remote="postfile@drop.ceph.com" | |
56 | ||
57 | if [ `uname` = FreeBSD ]; then | |
58 | GETOPT=/usr/local/bin/getopt | |
59 | else | |
60 | GETOPT=getopt | |
61 | fi | |
62 | ||
63 | ARGS=$(${GETOPT} -n "ceph-post-file" -o 'd:u:hk:i:r:' -l "description:,user:,help,known-hosts:,remote:" -- "$@") | |
64 | eval set -- $ARGS | |
65 | ||
66 | while true; do | |
67 | echo "args: $@" | |
68 | case $1 in | |
69 | -d | --description) | |
70 | description="$2" | |
71 | shift | |
72 | shift | |
73 | ;; | |
74 | -u | --user) | |
75 | user="$2" | |
76 | shift | |
77 | shift | |
78 | ;; | |
79 | -h | --help) | |
80 | usage | |
81 | exit 0 | |
82 | ;; | |
83 | -k | --known-hosts) | |
84 | known_hosts="$2" | |
85 | shift | |
86 | shift | |
87 | ;; | |
88 | -i) | |
89 | ssh_key="$2" | |
90 | shift | |
91 | shift | |
92 | ;; | |
93 | -r | --remote) | |
94 | remote="$2" | |
95 | shift | |
96 | shift | |
97 | ;; | |
98 | --) | |
99 | shift | |
100 | break | |
101 | ;; | |
102 | esac | |
103 | done | |
104 | ||
105 | # this id should be shared | |
106 | id=`uuidgen` | |
107 | echo "$0: upload tag $id" | |
108 | ||
109 | # this is secret goop we add to the directory so that $id is not | |
110 | # enough to find the data using the shared user; only ceph developers | |
111 | # who have access to the server and can read the post directory can | |
112 | # find the uploaded data. | |
113 | nonce=`uuidgen` | |
114 | ||
115 | # stick the user info in the dir too | |
116 | dir="${id}_${user}_${nonce}" | |
117 | ||
118 | t1=$(mktemp) || exit | |
119 | t2=$(mktemp) || exit | |
120 | t3=$(mktemp) || exit | |
121 | t4=$(mktemp) || exit | |
122 | trap "rm -f -- '$t1' '$t2' '$t3' '$t4'" EXIT | |
123 | cat > $t1 <<EOF | |
124 | mkdir post/$dir | |
125 | cd post/$dir | |
126 | EOF | |
127 | ||
128 | echo "$0: user: $user" | |
129 | cat > $t3 <<EOF | |
130 | $user | |
131 | EOF | |
132 | echo put $t3 user >> $t1 | |
133 | ||
134 | if [ -n "$description" ]; then | |
135 | echo "$0: description: $description" | |
136 | cat > $t2 <<EOF | |
137 | $description | |
138 | EOF | |
139 | echo put $t2 description >> $t1 | |
140 | fi | |
141 | ||
142 | while [ -n "$*" ]; do | |
143 | if [ -d "$1" ]; then | |
144 | echo $0: will upload directory $1 | |
145 | bn=`basename "$1"` | |
146 | cat >> $t1 <<EOF | |
147 | mkdir $bn | |
148 | put -r $1 | |
149 | EOF | |
150 | else | |
151 | echo $0: will upload file $1 | |
152 | cat >> $t1 <<EOF | |
153 | put $1 | |
154 | EOF | |
155 | fi | |
156 | shift | |
157 | done | |
158 | ||
159 | # no UserKnownHostsFile so that we don't try to record the IP hash key | |
160 | # GlobalKnownHostsFile so that we are verifying that this is the real drop.ceph.com | |
161 | # IdentitiesOnly=yes forces sftp to ignore any keys offered by ssh-agent | |
162 | ||
163 | cp "$ssh_key" "$t4" | |
164 | cp "${ssh_key}.pub" "$t4.pub" | |
165 | ||
166 | sftp -o "IdentityFile=$t4" \ | |
167 | -C \ | |
168 | -oCheckHostIP=no \ | |
169 | -oGlobalKnownHostsFile=$known_hosts \ | |
170 | -oBatchMode=no \ | |
171 | -oIdentitiesOnly=yes \ | |
172 | -b $t1 -- $remote | |
173 | ||
174 | echo "$0: copy the upload id below to share with a dev: | |
175 | ||
176 | ceph-post-file: $id | |
177 | " |