rvagrant 0.8.7.dev

data/lib/vagrant/provisioners/shell.rb

@@ -0,0 +1,96 @@
+module Vagrant
+  module Provisioners
+    class Shell < Base
+      register :shell
+
+      class Config < Vagrant::Config::Base
+        attr_accessor :inline
+        attr_accessor :path
+        attr_accessor :upload_path
+        attr_accessor :args
+
+        def initialize
+          @inline = nil
+          @path = nil
+          @upload_path = "/tmp/vagrant-shell"
+          @args = nil
+        end
+
+        def expanded_path
+          Pathname.new(path).expand_path(env.root_path) if path
+        end
+
+        def validate(errors)
+          super
+
+          # Validate that the parameters are properly set
+          if path && inline
+            errors.add(I18n.t("vagrant.provisioners.shell.path_and_inline_set"))
+          elsif !path && !inline
+            errors.add(I18n.t("vagrant.provisioners.shell.no_path_or_inline"))
+          end
+
+          # Validate the existence of a script to upload
+          if path && !expanded_path.file?
+            errors.add(I18n.t("vagrant.provisioners.shell.path_invalid", :path => expanded_path))
+          end
+
+          # There needs to be a path to upload the script to
+          if !upload_path
+            errors.add(I18n.t("vagrant.provisioners.shell.upload_path_not_set"))
+          end
+
+          # If there are args and its not a string, that is a problem
+          if args && !args.is_a?(String)
+            errors.add(I18n.t("vagrant.provisioners.shell.args_not_string"))
+          end
+        end
+      end
+
+      # This method yields the path to a script to upload and execute
+      # on the remote server. This method will properly clean up the
+      # script file if needed.
+      def with_script_file
+        if config.path
+          # Just yield the path to that file...
+          yield config.expanded_path
+          return
+        end
+
+        # Otherwise we have an inline script, we need to Tempfile it,
+        # and handle it specially...
+        file = Tempfile.new('vagrant-shell')
+        begin
+          file.write(config.inline)
+          file.fsync
+          yield file.path
+        ensure
+          file.close
+          file.unlink
+        end
+      end
+
+      def provision!
+        args = ""
+        args = " #{config.args}" if config.args
+        commands = ["chmod +x #{config.upload_path}", "#{config.upload_path}#{args}"]
+
+        with_script_file do |path|
+          # Upload the script to the VM
+          vm.ssh.upload!(path.to_s, config.upload_path)
+
+          # Execute it with sudo
+          vm.ssh.execute do |ssh|
+            ssh.sudo!(commands) do |ch, type, data|
+              if type == :exit_status
+                ssh.check_exit_status(data, commands)
+              else
+                env.ui.info(data)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant/ssh.rb

@@ -0,0 +1,224 @@
+require 'net/ssh'
+require 'net/scp'
+
+module Vagrant
+  # Manages SSH access to a specific environment. Allows an environment to
+  # replace the process with SSH itself, run a specific set of commands,
+  # upload files, or even check if a host is up.
+  class SSH
+    # Autoload this guy because he is really only used in one location
+    # and not for every Vagrant command.
+    autoload :Session, 'vagrant/ssh/session'
+
+    include Util::Retryable
+    include Util::SafeExec
+
+    # Reference back up to the environment which this SSH object belongs
+    # to
+    attr_accessor :env
+
+    def initialize(environment)
+      @env = environment
+      @current_session = nil
+    end
+
+    # Connects to the environment's virtual machine, replacing the ruby
+    # process with an SSH process. This method optionally takes a hash
+    # of options which override the configuration values.
+    def connect(opts={})
+      if Util::Platform.windows?
+        raise Errors::SSHUnavailableWindows, :key_path => env.config.ssh.private_key_path,
+                                             :ssh_port => port(opts)
+      end
+
+      raise Errors::SSHUnavailable if !Kernel.system("which ssh > /dev/null 2>&1")
+
+      options = {}
+      options[:port] = port(opts)
+      [:host, :username, :private_key_path].each do |param|
+        options[param] = opts[param] || env.config.ssh.send(param)
+      end
+
+      check_key_permissions(options[:private_key_path])
+
+      # Command line options
+      command_options = ["-p #{options[:port]}", "-o UserKnownHostsFile=/dev/null",
+                         "-o StrictHostKeyChecking=no", "-o IdentitiesOnly=yes",
+                         "-i #{options[:private_key_path]}", "-o LogLevel=ERROR"]
+      command_options << "-o ForwardAgent=yes" if env.config.ssh.forward_agent
+
+      if env.config.ssh.forward_x11
+        # Both are required so that no warnings are shown regarding X11
+        command_options << "-o ForwardX11=yes"
+        command_options << "-o ForwardX11Trusted=yes"
+      end
+
+      # Some hackery going on here. On Mac OS X Leopard (10.5), exec fails
+      # (GH-51). As a workaround, we fork and wait. On all other platforms,
+      # we simply exec.
+      command = "ssh #{command_options.join(" ")} #{options[:username]}@#{options[:host]}".strip
+      env.logger.info("ssh") { "Invoking SSH: #{command}" }
+      safe_exec(command)
+    end
+
+    # Opens an SSH connection to this environment's virtual machine and yields
+    # a Net::SSH object which can be used to execute remote commands.
+    def execute(opts={})
+      # Check the key permissions to avoid SSH hangs
+      check_key_permissions(env.config.ssh.private_key_path)
+
+      # Merge in any additional options
+      opts = opts.dup
+      opts[:forward_agent] = true if env.config.ssh.forward_agent
+      opts[:port] ||= port
+
+      # Check if we have a currently open SSH session which has the
+      # same options, and use that if possible.
+      #
+      # NOTE: This is experimental and unstable. Therefore it is disabled
+      # by default.
+      session, options = nil
+      session, options = @current_session if env.config.vagrant.ssh_session_cache
+
+      if session && options == opts
+        # Verify that the SSH session is still valid
+        begin
+          session.exec!("echo foo")
+        rescue IOError
+          # Reset the session, we need to reconnect
+          session = nil
+        end
+      end
+
+      if !session || options != opts
+        env.logger.info("ssh") { "Connecting to SSH: #{env.config.ssh.host} #{opts[:port]}" }
+
+        # The exceptions which are acceptable to retry on during
+        # attempts to connect to SSH
+        exceptions = [Errno::ECONNREFUSED, Net::SSH::Disconnect]
+
+        # Connect to SSH and gather the session
+        session = retryable(:tries => 5, :on => exceptions) do
+          connection = Net::SSH.start(env.config.ssh.host,
+                         env.config.ssh.username,
+                         opts.merge( :keys => [env.config.ssh.private_key_path],
+                                     :keys_only => true,
+                                     :user_known_hosts_file => [],
+                                     :paranoid => false,
+                                     :config => false))
+          SSH::Session.new(connection, env)
+        end
+
+        # Save the new session along with the options which created it
+        @current_session = [session, opts]
+      else
+        env.logger.info("ssh") { "Using cached SSH session: #{session}" }
+      end
+
+      # Yield our session for executing
+      return yield session if block_given?
+    rescue Errno::ECONNREFUSED
+      raise Errors::SSHConnectionRefused
+    end
+
+    # Uploads a file from `from` to `to`. `from` is expected to be a filename
+    # or StringIO, and `to` is expected to be a path. This method simply forwards
+    # the arguments to `Net::SCP#upload!` so view that for more information.
+    def upload!(from, to)
+      retryable(:tries => 5, :on => IOError) do
+        execute do |ssh|
+          scp = Net::SCP.new(ssh.session)
+          scp.upload!(from, to)
+        end
+      end
+    end
+
+    # Checks if this environment's machine is up (i.e. responding to SSH).
+    #
+    # @return [Boolean]
+    def up?
+      # We have to determine the port outside of the block since it uses
+      # API calls which can only be used from the main thread in JRuby on
+      # Windows
+      ssh_port = port
+
+      require 'timeout'
+      Timeout.timeout(env.config.ssh.timeout) do
+        execute(:timeout => env.config.ssh.timeout,
+                :port => ssh_port) { |ssh| }
+      end
+
+      true
+    rescue Net::SSH::AuthenticationFailed
+      raise Errors::SSHAuthenticationFailed
+    rescue Timeout::Error, Errno::ECONNREFUSED, Net::SSH::Disconnect,
+           Errors::SSHConnectionRefused, Net::SSH::AuthenticationFailed
+      return false
+    end
+
+    # Checks the file permissions for the private key, resetting them
+    # if needed, or on failure erroring.
+    def check_key_permissions(key_path)
+      # Windows systems don't have this issue
+      return if Util::Platform.windows?
+
+      env.logger.info("ssh") { "Checking key permissions: #{key_path}" }
+
+      stat = File.stat(key_path)
+
+      if stat.owned? && file_perms(key_path) != "600"
+        env.logger.info("ssh") { "Attempting to correct key permissions to 0600" }
+
+        File.chmod(0600, key_path)
+        raise Errors::SSHKeyBadPermissions, :key_path => key_path if file_perms(key_path) != "600"
+      end
+    rescue Errno::EPERM
+      # This shouldn't happen since we verify we own the file, but just
+      # in case.
+      raise Errors::SSHKeyBadPermissions, :key_path => key_path
+    end
+
+    # Returns the file permissions of a given file. This is fairly unix specific
+    # and probably doesn't belong in this class. Will be refactored out later.
+    def file_perms(path)
+      perms = sprintf("%o", File.stat(path).mode)
+      perms.reverse[0..2].reverse
+    end
+
+    # Returns the port which is either given in the options hash or taken from
+    # the config by finding it in the forwarded ports hash based on the
+    # `config.ssh.forwarded_port_key`.
+    def port(opts={})
+      # Check if port was specified in options hash
+      return opts[:port] if opts[:port]
+
+      # Check if a port was specified in the config
+      return env.config.ssh.port if env.config.ssh.port
+
+      # Check if we have an SSH forwarded port
+      pnum_by_name = nil
+      pnum_by_destination = nil
+      env.vm.vm.network_adapters.each do |na|
+        # Look for the port number by name...
+        pnum_by_name = na.nat_driver.forwarded_ports.detect do |fp|
+          fp.name == env.config.ssh.forwarded_port_key
+        end
+
+        # Look for the port number by destination...
+        pnum_by_destination = na.nat_driver.forwarded_ports.detect do |fp|
+          fp.guestport == env.config.ssh.forwarded_port_destination
+        end
+
+        # pnum_by_name is what we're looking for here, so break early
+        # if we have it.
+        break if pnum_by_name
+      end
+
+      return pnum_by_name.hostport if pnum_by_name
+      return pnum_by_destination.hostport if pnum_by_destination
+
+      # This should NEVER happen.
+      raise Errors::SSHPortNotDetected
+    end
+  end
+end

data/lib/vagrant/ssh/session.rb

@@ -0,0 +1,136 @@
+module Vagrant
+  class SSH
+    # A helper class which wraps around `Net::SSH::Connection::Session`
+    # in order to provide basic command error checking while still
+    # providing access to the actual session object.
+    class Session
+      include Util::Retryable
+
+      attr_reader :session
+      attr_reader :env
+
+      def initialize(session, env)
+        @session = session
+        @env = env
+      end
+
+      # Executes a given command and simply returns true/false if the
+      # command succeeded or not.
+      def test?(command)
+        exec!(command) do |ch, type, data|
+          return true if type == :exit_status && data == 0
+        end
+
+        false
+      end
+
+      # Executes a given command on the SSH session using `sudo` and
+      # blocks until the command completes. This takes the same parameters
+      # as {#exec!}. The only difference is that the command can be an
+      # array of commands, which will be placed into the same script.
+      #
+      # This is different than just calling {#exec!} with `sudo`, since
+      # this command is tailor-made to be compliant with older versions
+      # of `sudo`.
+      def sudo!(commands, options=nil, &block)
+        channel = session.open_channel do |ch|
+          ch.exec("sudo -H #{env.config.ssh.shell} -l") do |ch2, success|
+            # Set the terminal
+            ch2.send_data "export TERM=vt100\n"
+
+            # Output each command as if they were entered on the command line
+            [commands].flatten.each do |command|
+              ch2.send_data "#{command}\n"
+            end
+
+            # Remember to exit or we'll hang!
+            ch2.send_data "exit\n"
+
+            # Setup the callbacks with our options so we get all the
+            # stdout/stderr and error checking goodies
+            setup_channel_callbacks(ch2, commands, options, block)
+          end
+        end
+
+        channel.wait
+        channel[:result]
+      end
+
+      # Executes a given command on the SSH session and blocks until
+      # the command completes. This is an almost line for line copy of
+      # the actual `exec!` implementation, except that this
+      # implementation also reports `:exit_status` to the block if given.
+      def exec!(commands, options=nil, &block)
+        retryable(:tries => 5, :on => [IOError, Net::SSH::Disconnect], :sleep => 1.0) do
+          metach = session.open_channel do |ch|
+            ch.exec("#{env.config.ssh.shell} -l") do |ch2, success|
+              # Set the terminal
+              ch2.send_data "export TERM=vt100\n"
+
+              # Output the commands as if they were entered on the command line
+              [commands].flatten.each do |command|
+                ch2.send_data "#{command}\n"
+              end
+
+              # Remember to exit
+              ch2.send_data "exit\n"
+
+              # Setup the callbacks
+              setup_channel_callbacks(ch2, commands, options, block)
+            end
+          end
+
+          metach.wait
+          metach[:result]
+        end
+      end
+
+      # Sets up the channel callbacks to properly check exit statuses and
+      # callback on stdout/stderr.
+      def setup_channel_callbacks(channel, command, options, block)
+        options = { :error_check => true }.merge(options || {})
+
+        block ||= Proc.new do |ch, type, data|
+          check_exit_status(data, command, options, ch[:result]) if type == :exit_status && options[:error_check]
+
+          ch[:result] ||= ""
+          ch[:result] << data if [:stdout, :stderr].include?(type)
+        end
+
+        # Output stdout data to the block
+        channel.on_data do |ch2, data|
+          # This clears the screen, we want to filter it out.
+          data.gsub!("\e[H", "")
+
+          block.call(ch2, :stdout, data)
+        end
+
+        # Output stderr data to the block
+        channel.on_extended_data do |ch2, type, data|
+          block.call(ch2, :stderr, data)
+        end
+
+        # Output exit status information to the block
+        channel.on_request("exit-status") do |ch2, data|
+          block.call(ch2, :exit_status, data.read_long)
+        end
+      end
+
+      # Checks for an erroroneous exit status and raises an exception
+      # if so.
+      def check_exit_status(exit_status, commands, options=nil, output=nil)
+        if exit_status != 0
+          output ||= '[no output]'
+          options = {
+            :_error_class => Errors::VagrantError,
+            :_key => :ssh_bad_exit_status,
+            :command => [commands].flatten.join("\n"),
+            :output => output
+          }.merge(options || {})
+
+          raise options[:_error_class], options
+        end
+      end
+    end
+  end
+end