- on
- off
- rsync ...
+- get-config
Management commands:
- help
locked() {
print_queue
- no_fork=
- flock -h 2>&1 | grep -q -e "--no-fork" && no_fork=--no-fork
- exec flock $no_fork "$RUN_DIR" "$@"
+ exec flock --no-fork "$RUN_DIR" "$@"
}
unlocked() {
NB_ADMIN=
if [ "$1" = "user" ]; then
# Get user name encoded in ~/.ssh/authorized_keys
- NB_USER="$2";
+ export NB_USER="$2";
[ "$3" = "admin" ] && NB_ADMIN=1
set -- $SSH_ORIGINAL_COMMAND
fi
IP=${SSH_CONNECTION%% *}
- HOST=$(getent hosts $IP) || HOST=$IP
+ if [ "$IP" ]; then
+ HOST=$(getent hosts $IP) || HOST=$IP
+ else
+ HOST=localhost
+ fi
REMOTE=${HOST##* }
DATE=$(LANG=C date +'%F_%T')
export NOVABOOT_ID="${NB_USER:-?} $DATE ${REMOTE}"
# Commands allowed only when nobody or the same user is connected
# to the console. "The same user" means that we were executed by
# the same sshd process that has the lock. This is ensured by
- # using SSH connection sharing on cline side.
+ # using SSH connection sharing on client side.
reset | rsync | on | off)
ALLOWED_PPID=$(cat $RUN_DIR/ppid 2>/dev/null || :)
if [ "$PPID" -eq "${ALLOWED_PPID:-0}" ]; then run=unlocked; else run=locked; fi
=head1 DESCRIPTION
-B<novaboot-shell> provides L<novaboot(1)> with unified SSH-based
-interface for controlling target hardware. This simplifies client-side
-configuration, because typically only I<-ssh=...> option is needed on
-the client side. B<novaboot-shell> is typically configured as a login
-shell of special user accounts associated with target hardware. It
-ensures that users are able to perform only a limited set of action
-(see L</COMMANDS> below) with the target and have no shell access on
-the server.
+B<novaboot-shell> provides L<novaboot(1)> with a unified SSH-based
+interface for controlling the target hardware. This simplifies
+client-side configuration, because clients typically need only the
+I<--ssh=...> option. B<novaboot-shell> is typically configured as a
+login shell of special user accounts associated with the target
+hardware (as set by L<adduser-novaboot(8)>). It ensures that users can
+perform only a limited set of actions (see L</COMMANDS> below) with
+the target and have no shell access on the server.
=head1 COMMANDS
an administrator and is allowed to run L</add-key> and L</shell>
commands.
+=item get-config
+
+Prints novaboot configuration options needed for the target. One
+option per line.
+
=back
=head2 Administration commands