On 3/4/2010 10:16 AM, Chris Murphy wrote:
I used to manage ~150 Linux desktop and would have to do one off scripts to make updates. Fortunately I found Puppet and now I never have to do things like this any more but here's the Bash/Expect combo that I used to use:
chris$ ./mass_copy.sh:
#!/bin/sh export ROOTPW='secret1' export ADMINPW='secret2'
HIVES="machine1 machine2 machine3" for machine in $HIVES; do /path/to/script/get_root.exp $machine done
chris$ cat get_root.exp #!/usr/bin/expect -f
set timeout 40
spawn ssh [lrange $argv 0 0] expect "admin@$argv's password:" send "$env(ADMINPW)\n" expect "\$" send "exec su -\n" expect "Password: " send "$env(ROOTPW)\n" expect "#" send "/mnt/it_updates/update_something.sh\n" interact expect "\#" send "exit\n"
This was handed down to me by the sysadmin who was here before me and it worked great except sometimes it would not log out of each machine and I would have to babysit it and press CTRL-D after each run. It can easily be expanded on to suit your needs, and maybe someone in the mailing list can refine it, but if this is your job and you think there is even the remotest possibility that you would have to do this again, seriously look into Puppet, Func, mCollective, really anything is easier then doing it this way.
What's the problem with key-based ssh directly as root?