MASSADMIN(1) User Contributed Perl Documentation MASSADMIN(1)NAMEmassadmin - parallelizes system commands on mass remote servers.
DESCRIPTION
This program is used to send multiple system commands to a group of
UNIX like remote servers simultaneously using concurrent processes.
Supported protocol: FTP, SFTP, TELNET, SSH and SCP. With telnet and ssh
all system command are supported provide that they are not interactive.
His main usage is to send repetitive sysadmin task to a group of
servers but you can also use it for automatic ftp or scp backup and
much more.
Commands are exactly those you will type on your terminal. It also
allow you to use 'su -' to execute your commands with TELNET and SSH
protocols.
For example, suppose that you want to install a new printer driver on
your hundred of Cups servers, with massadmin, you can ftp or scp the
new files or a tarball to each server and move or untar files and
reload cups in less than 10 secondes.
Or you may want to wake up a computer on a remote lan using a local
server:
./massadmin -h "remotesrv.mydom:root:mdpadm" -e 'SSH::/usr/sbin/ether-wake 00\:25\:44\:DA\:43\:BF |:exit:'
This will execute the ether-wake command line on the remotesrv.mydom
server as root user.
USAGE
/usr/local/bin/massadmin options
-c conf_file: commands list file.
-e cmd_list : comma separated list of commands.
-l srv_list : servers list file.
-h host_list: comma separated list of servers.
-d : debug mode.
-o out_file : output result to a file. Default is stdout.
-q nb_proc : change limit to nb_proc concurrent processes. Default: 15.
-r dir : change running directory to dir.
-p log_list : comma separated list of login:password pair to use.
-t seconds : set the timeout for all connections. Default is 60 seconds.
I really recommand you to test with the -d option on a single computer
the massadmin commands you will defined before running them on all you
remote servers. Remember that untested commands can mass damage your
servers especialy when tey are run asd root user!
SERVERS LIST
Servers list file
You must set the -l command line option to specify the server list file
to use to specify the remote hosts to connect to and the login/password
pair to use.
Format of the server list file:
chdir:/jump/dir
login:login1:login2:login3...
password:pass1:pass2:pass3...
hostname:login:passwd
Note: All these configuration directives can be replaced with command
line options to allow dynamic calls (using xargs for example).
chdir
The 'chdir' directive is used to force massadmin to change the
running directory of massadmin. This overriden with the -r command
line option (see USAGE).
login and password
These two directives 'login' and 'password' are used to defined a
common set of login/password pair to use to connect to all
following hostname definition. Each login and password will be
tried/used until a connection to the server is openned and this is
repeated for all servers in the list.
The separator is the colon character ':'. If you have this
character in the password you have to add a backslash (\) before
it.
These two directives can be replaced by the -p command line option
(see USAGE).
hostname definition
The hostname line must be replaced by the server real hostname or
his ip address. You can also give a specific login/password for
this host separated by the colon character ':'. If you have this
character in the password you have to add a backslash (\) before.
Each defined host will be ping before all. If a server is not
responding, it will be removed from the list and a warnong message
will be displayed.
Command line server list
You may want to specify dynamically the server list to massadmin, for
that use the -h command line option. The value of this option is a
comma separated list of hostname like in the servers list file.
For example:
massadmin-h "srv1.mydom.com:root:adm12,srv2.mydom.com:root:adm34"
or the same but using the global login/password definition with the -p
option
massadmin-h "srv1.mydom.com,srv2.mydom.com" -p "root:adm12,root:adm34"
If you have a comma in you password, you have to add a backslash (\)
before as well has the login/password colon separator ':'.
CONFIGURATION FILE
Format:
protocol:authen:command1:command2:...:
Where
- Protocol can be: FTP,TELNET,RSH,SSH,SCP,SFTP
- Authen is the "login;password" phrase. Separator is a semi-colon ';'.
- command is any command handled by this protocol
Authen can be empty if you set login/password into the host list file.
Example:
FTP:ftpuser;ftppasswd:lcd /usr/tmp/:cd /usr/tmp:put foo.txt bar.txt:
TELNET:username;userpassw:cd /home/foo:rm bar.txt:
RSH:root:ls -la:
If you want to retrieve the output of a command just add a pipe at the
end of the command, the result of the command will be added to the
output stream:
RSH:root:ls -la:
FTP:ftpuser;ftppasswd:lcd /ust/tmp/:cd /usr/tmp:ls -la|:bye:
TELNET:usernam;userpassw:cd /home/toto:ls *.txt|:exit:
SSH:usernam;userpassw:cd /home/toto:ls *.txt|:exit:
# Local to remote (put)
SCP:usernam;userpassw:local_source_file:remote_destination_file
SCP:usernam;userpassw:local_source_dir:remote_destination_dir
# Remote to local (get)
SCP:usernam;userpassw::local_destination_file:remote_file
SCP:usernam;userpassw::local_destination_dir:remote_dir
SFTP:usernam;userpassw:cd /usr/tmp/:put foo.txt
All entries defined in the file are executed in the given order.
Some examples:
FTP::cd /usr/tmp/:del crontab.txt:del newcron.sh:put crontab.txt:ls |
RSH::perl /root/change_network.pl|
FTP::cd /home/someuser/:ls -la|:ls -la|
TELNET::ls -la|:ps auxw | grep "named" |
SSH::cd /home/someuser/:ls -la|:ls -la|
# Local to remote (put)
SCP::localarch.tar.gz:/user/tmp/localarch.tar.gz
SCP::/opt/someApp/:/home/program/
# Remote to local (get)
SCP:::/usr/tmp/localarch.tar.gz:localarch.tar.gz
SCP:::/home/program/:/opt/someApp/
Here is how to do a su - as root user, the su - and root password is
separated by a space character.
TELNET::su - RootPwd:ls -la |
In each command definition you can use the %SRVEXE_HOST special
keyword, it will be replaced by the remote server hostname in which the
command is executed. This is useful for example if you make backup and
want to add the hostname into a filename.
SPECIAL CHARATERS
Remember that the commands are passed to a Perl program (massadmin) so
if you have special Perl characters like $ or other you need to escape
them.
For example a call to a perl command to replace some string into a file
must be written like that:
massadmin-h remotehost -p "root:admpasswd" \
-e "SSH::perl -p -i -e 's/cn\: ([^\\s]+) (.*)/cn\: \$2 \$1/' ldap-add.ldiff"
This command revert the first and last name in a LDAP ldiff file.
The normal perl command line substitution call would be:
perl -p -i -e 's/cn: ([^\s]+) (.*)/cn: $2 $1/' ldap-add.ldiff
Please always test your massadmin command before running it on mass
hosts.
AUTHENTICATION
The authentication on remote servers can be defined at 3 different
levels. Here are how they are used by massadmin in the order they will
be executed.
Command line level
The command line configuration file support a per command
authentication level. If you defined authent at this level, it
will override all other authentication method. Or more precisely
this will be the first tried, if it failed the 2 other
authentication level will be tried.
Hostname level
The hostname definition allow a per host authentication level. If
you defined authent at this level, it will override the global
login/password definition.
Global level
In the login/password server list configuration directive you can
defined a set of authentication users and password that will be
tried on each remote servers in the order they are written.
In this example:
./massadmin -h "remotesrv.mydom:root:mdpadm" -p "admin:pass1,root:pass2" \
-e 'SSH:root;myadmpass:/usr/sbin/ether-wake 00\:25\:44\:DA\:43\:BF |:exit:'
The first authentication that will be tried is the one given in the SSH
command, 'root;myadmpass'. If it fail or is not defined, this will be
the one given in the remote server definition, 'root:mdpadm' and if it
fail or is not defined here, massadmin will try each authentication
defined in the -p command line option, 'admin:pass1' first and if it
fail 'root:pass2'.
AUTHOR
Gilles DAROLD <gilles@darold.net>
COPYRIGHT
Copyright 2002-2010 Gilles Darold. All rights reserved.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 3 of the License, or any later
version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
DISCLAIMER
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
SEE ALSO
IO::Tty Net::Telnet Net::Ping Expect Proc::Queue
perl v5.10.0 2010-09-27 MASSADMIN(1)
