6 echo >&2 "novaboot-shell: $*"
23 if [ "$NB_ADMIN" ]; then
33 [ "$NB_ADMIN" ] || return 1
36 0) die "Username argument missing";;
38 *) die "User name must not contain spaces: $*";;
43 tmp=$(mktemp ~/.ssh/authorized_keys.XXXXXXXX)
45 cat ~/.ssh/authorized_keys
46 echo "command=\"user $user\" $key"
49 mv $tmp ~/.ssh/authorized_keys
53 lslocks | awk '{ if ($9 == "'"$RUN_DIR"'") { print $2 } }'
60 for pid in $(lock_queue); do
61 echo $pid $(sed --null-data -ne '/^NOVABOOT_ID=/ s///p' /proc/$pid/environ)
64 echo "Target is occupied by:"
65 ( echo "PID USER LOGIN_TIME FROM"; echo "$queue" ) | column -t
71 exec flock --no-fork "$RUN_DIR" "$@"
79 if eval [ "\"\$$1\"" ]; then
82 die "$1 variable not defined in $CFG"
86 # run_subcommand should be called only after permission checks and/or locking
90 trap "rm -f $RUN_DIR/ppid" EXIT
91 echo $NOVABOOT_PPID > $RUN_DIR/ppid
92 echo 'novaboot-shell: Connected'
93 # TODO: $reset_begin_cmd
94 check_var console_cmd && eval exec $console_cmd;;
96 check_var reset_cmd && eval exec $reset_cmd;;
97 "rsync --server "*" . .")
98 if ! [ $# -eq 5 -o \( $# -eq 6 -a "$4" = '--log-format=X' \) ]; then
99 die "Unexpected rsync invocation: $*"
101 mkdir -p "$HOME/tftproot"
105 check_var on_cmd && eval exec $on_cmd;;
107 check_var off_cmd && eval exec $off_cmd;;
112 if [ "$1" = "-c" ]; then shift
113 else die "Permission denied"; fi
116 if [ "${1%% *}" = "user" ]; then
117 # Get user name encoded in ~/.ssh/authorized_keys
120 [ "$3" = "admin" ] && NB_ADMIN=1
121 set -- $SSH_ORIGINAL_COMMAND
124 if [ $# -eq 0 ]; then print_help; fi
126 IP=${SSH_CONNECTION%% *}
127 HOST=$(getent hosts $IP) || HOST=$IP
129 DATE=$(LANG=C date +'%F_%T')
130 export NOVABOOT_ID="${NB_USER:-?} $DATE ${REMOTE}"
131 export NOVABOOT_PPID=$PPID
136 # Commands allowed at any time
137 "console") locked $0 console;;
138 "get-config") target_config; exit;;
139 "add-key") shift; add_key "$@"; exit;;
142 # Commands allowed only when nobody or the same user is connected
143 # to the console. "The same user" means that we were executed by
144 # the same sshd process that has the lock. This is ensured by
145 # using SSH connection sharing on cline side.
146 reset | rsync | on | off)
147 ALLOWED_PPID=$(cat $RUN_DIR/ppid 2>/dev/null || :)
148 if [ "$PPID" -eq "${ALLOWED_PPID:-0}" ]; then run=unlocked; else run=locked; fi
151 echo >&2 "novaboot-shell: Command not allowed: $*"
152 logger -p error "novaboot-shell: Command not allowed: $*"
159 if [ "$NOVABOOT_SHELL_CONFIG" ]; then
160 CFG="$NOVABOOT_SHELL_CONFIG"
162 CFG="$HOME/.novaboot-shell"
167 if [ -z "$NOVABOOT_ID" ]; then