1NAME
2 massadmin - parallelizes system commands on mass remote servers.
3
4DESCRIPTION
5 This program is used to send multiple system commands to a group of UNIX
6 like remote servers simultaneously using concurrent processes. Supported
7 protocol: FTP, SFTP, TELNET, SSH and SCP. With telnet and ssh all system
8 command are supported provide that they are not interactive.
9
10 His main usage is to send repetitive sysadmin task to a group of servers
11 but you can also use it for automatic ftp or scp backup and much more.
12
13 Commands are exactly those you will type on your terminal. It also allow
14 you to use 'su -' to execute your commands with TELNET and SSH
15 protocols.
16
17 For example, suppose that you want to install a new printer driver on
18 your hundred of Cups servers, with massadmin, you can ftp or scp the new
19 files or a tarball to each server and move or untar files and reload
20 cups in less than 10 secondes.
21
22 Or you may want to wake up a computer on a remote lan using a local
23 server:
24
25 ./massadmin -h "remotesrv.mydom:root:mdpadm" -e 'SSH::/usr/sbin/ether-wake 00\:25\:44\:DA\:43\:BF |:exit:'
26
27 This will execute the ether-wake command line on the remotesrv.mydom
28 server as root user.
29
30USAGE
31 /usr/local/bin/massadmin options
32
33 -c conf_file: commands list file.
34 -e cmd_list : comma separated list of commands.
35 -l srv_list : servers list file.
36 -h host_list: comma separated list of servers.
37 -d : debug mode.
38 -o out_file : output result to a file. Default is stdout.
39 -q nb_proc : change limit to nb_proc concurrent processes. Default: 15.
40 -r dir : change running directory to dir.
41 -p log_list : comma separated list of login:password pair to use.
42 -t seconds : set the timeout for all connections. Default is 60 seconds.
43
44 I really recommand you to test with the -d option on a single computer
45 the massadmin commands you will defined before running them on all you
46 remote servers. Remember that untested commands can mass damage your
47 servers especialy when tey are run asd root user!
48
49SERVERS LIST
50 Servers list file
51 You must set the -l command line option to specify the server list file
52 to use to specify the remote hosts to connect to and the login/password
53 pair to use.
54
55 Format of the server list file:
56
57 chdir:/jump/dir
58 login:login1:login2:login3...
59 password:pass1:pass2:pass3...
60
61 hostname:login:passwd
62
63 Note: All these configuration directives can be replaced with command
64 line options to allow dynamic calls (using xargs for example).
65
66 chdir
67 The 'chdir' directive is used to force massadmin to change the
68 running directory of massadmin. This overriden with the -r command
69 line option (see USAGE).
70
71 login and password
72 These two directives 'login' and 'password' are used to defined a
73 common set of login/password pair to use to connect to all following
74 hostname definition. Each login and password will be tried/used
75 until a connection to the server is openned and this is repeated for
76 all servers in the list.
77
78 The separator is the colon character ':'. If you have this character
79 in the password you have to add a backslash (\) before it.
80
81 These two directives can be replaced by the -p command line option
82 (see USAGE).
83
84 hostname definition
85 The hostname line must be replaced by the server real hostname or
86 his ip address. You can also give a specific login/password for this
87 host separated by the colon character ':'. If you have this
88 character in the password you have to add a backslash (\) before.
89
90 Each defined host will be ping before all. If a server is not
91 responding, it will be removed from the list and a warnong message
92 will be displayed.
93
94 Command line server list
95 You may want to specify dynamically the server list to massadmin, for
96 that use the -h command line option. The value of this option is a comma
97 separated list of hostname like in the servers list file.
98
99 For example:
100
101 massadmin -h "srv1.mydom.com:root:adm12,srv2.mydom.com:root:adm34"
102
103 or the same but using the global login/password definition with the -p
104 option
105
106 massadmin -h "srv1.mydom.com,srv2.mydom.com" -p "root:adm12,root:adm34"
107
108 If you have a comma in you password, you have to add a backslash (\)
109 before as well has the login/password colon separator ':'.
110
111CONFIGURATION FILE
112 Format:
113
114 protocol:authen:command1:command2:...:
115
116 Where
117
118 - Protocol can be: FTP,TELNET,RSH,SSH,SCP,SFTP
119 - Authen is the "login;password" phrase. Separator is a semi-colon ';'.
120 - command is any command handled by this protocol
121
122 Authen can be empty if you set login/password into the host list file.
123
124 Example:
125
126 FTP:ftpuser;ftppasswd:lcd /usr/tmp/:cd /usr/tmp:put foo.txt bar.txt:
127 TELNET:username;userpassw:cd /home/foo:rm bar.txt:
128 RSH:root:ls -la:
129
130 If you want to retrieve the output of a command just add a pipe at the
131 end of the command, the result of the command will be added to the
132 output stream:
133
134 RSH:root:ls -la:
135 FTP:ftpuser;ftppasswd:lcd /ust/tmp/:cd /usr/tmp:ls -la|:bye:
136 TELNET:usernam;userpassw:cd /home/toto:ls *.txt|:exit:
137 SSH:usernam;userpassw:cd /home/toto:ls *.txt|:exit:
138 # Local to remote (put)
139 SCP:usernam;userpassw:local_source_file:remote_destination_file
140 SCP:usernam;userpassw:local_source_dir:remote_destination_dir
141 # Remote to local (get)
142 SCP:usernam;userpassw::local_destination_file:remote_file
143 SCP:usernam;userpassw::local_destination_dir:remote_dir
144 SFTP:usernam;userpassw:cd /usr/tmp/:put foo.txt
145
146 All entries defined in the file are executed in the given order.
147
148 Some examples:
149
150 FTP::cd /usr/tmp/:del crontab.txt:del newcron.sh:put crontab.txt:ls |
151 RSH::perl /root/change_network.pl|
152 FTP::cd /home/someuser/:ls -la|:ls -la|
153 TELNET::ls -la|:ps auxw | grep "named" |
154 SSH::cd /home/someuser/:ls -la|:ls -la|
155 # Local to remote (put)
156 SCP::localarch.tar.gz:/user/tmp/localarch.tar.gz
157 SCP::/opt/someApp/:/home/program/
158 # Remote to local (get)
159 SCP:::/usr/tmp/localarch.tar.gz:localarch.tar.gz
160 SCP:::/home/program/:/opt/someApp/
161
162 Here is how to do a su - as root user, the su - and root password is
163 separated by a space character.
164
165 TELNET::su - RootPwd:ls -la |
166
167 In each command definition you can use the %SRVEXE_HOST special keyword,
168 it will be replaced by the remote server hostname in which the command
169 is executed. This is useful for example if you make backup and want to
170 add the hostname into a filename.
171
172SPECIAL CHARATERS
173 Remember that the commands are passed to a Perl program (massadmin) so
174 if you have special Perl characters like $ or other you need to escape
175 them.
176
177 For example a call to a perl command to replace some string into a file
178 must be written like that:
179
180 massadmin -h remotehost -p "root:admpasswd" \
181 -e "SSH::perl -p -i -e 's/cn\: ([^\\s]+) (.*)/cn\: \$2 \$1/' ldap-add.ldiff"
182
183 This command revert the first and last name in a LDAP ldiff file.
184
185 The normal perl command line substitution call would be:
186
187 perl -p -i -e 's/cn: ([^\s]+) (.*)/cn: $2 $1/' ldap-add.ldiff
188
189 Please always test your massadmin command before running it on mass
190 hosts.
191
192AUTHENTICATION
193 The authentication on remote servers can be defined at 3 different
194 levels. Here are how they are used by massadmin in the order they will
195 be executed.
196
197 Command line level
198 The command line configuration file support a per command
199 authentication level. If you defined authent at this level, it will
200 override all other authentication method. Or more precisely this
201 will be the first tried, if it failed the 2 other authentication
202 level will be tried.
203
204 Hostname level
205 The hostname definition allow a per host authentication level. If
206 you defined authent at this level, it will override the global
207 login/password definition.
208
209 Global level
210 In the login/password server list configuration directive you can
211 defined a set of authentication users and password that will be
212 tried on each remote servers in the order they are written.
213
214 In this example:
215
216 ./massadmin -h "remotesrv.mydom:root:mdpadm" -p "admin:pass1,root:pass2" \
217 -e 'SSH:root;myadmpass:/usr/sbin/ether-wake 00\:25\:44\:DA\:43\:BF |:exit:'
218
219 The first authentication that will be tried is the one given in the SSH
220 command, 'root;myadmpass'. If it fail or is not defined, this will be
221 the one given in the remote server definition, 'root:mdpadm' and if it
222 fail or is not defined here, massadmin will try each authentication
223 defined in the -p command line option, 'admin:pass1' first and if it
224 fail 'root:pass2'.
225
226AUTHOR
227 Gilles DAROLD <gilles@darold.net>
228
229COPYRIGHT
230 Copyright 2002-2010 Gilles Darold. All rights reserved.
231
232 This program is free software; you can redistribute it and/or modify it
233 under the terms of the GNU General Public License as published by the
234 Free Software Foundation; either version 3 of the License, or any later
235 version.
236
237 This program is distributed in the hope that it will be useful, but
238 WITHOUT ANY WARRANTY; without even the implied warranty of
239 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
240 Public License for more details.
241
242 You should have received a copy of the GNU General Public License along
243 with this program; if not, write to the Free Software Foundation, Inc.,
244 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
245
246DISCLAIMER
247 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
248 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
249 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
250 IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
251 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
252 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
253 OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
254 ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
255 TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
256 USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
257 DAMAGE.
258
259SEE ALSO
260 IO::Tty Net::Telnet Net::Ping Expect Proc::Queue
261
262