diff --git a/tsshbatch.py b/tsshbatch.py index e67189e..c8bd885 100755 --- a/tsshbatch.py +++ b/tsshbatch.py @@ -14,11 +14,11 @@ # Program Housekeeping ##### -PROGNAME = "tsshbatch.py" -BASENAME = PROGNAME.split(".py")[0] -PROGENV = BASENAME.upper() -CVSID = "$Id: tsshbatch.py,v 1.149 2013/10/23 02:47:19 tundra Exp $" -VERSION = CVSID.split()[2] +PROGNAME = "tsshbatch.py" +BASENAME = PROGNAME.split(".py")[0] +PROGENV = BASENAME.upper() +CVSID = "$Id: tsshbatch.py,v 1.150 2013/10/23 15:24:09 tundra Exp $" +VERSION = CVSID.split()[2] CPRT = "(c)" DATE = "2011-2013" @@ -63,7 +63,7 @@ FAILURE = "FAILURE: %s" HOSTSEP = ":" INDENTWIDTH = 8 -OPTIONSLIST = "G:H:NP:ehkn:p:v" +OPTIONSLIST = "G:H:NP:ehkn:p:sv" PADWIDTH = 12 PATHSEP = os.sep SEPARATOR = " ---> " @@ -71,12 +71,12 @@ SUDO = 'sudo' SUDOPROMPT = 'READINGSUDOPW' SUDOARGS = '-S -p %s' % SUDOPROMPT -SUDOPWHINT = ' (Default: login password)' +SUDOPWHINT = '(Default: login password): ' TRAILER = ": " USAGE = \ PROGVER + "\n" +\ HOMEPAGE + "\n\n" +\ - "Usage: tsshbatch.py [-Nehkv] [-n name] [-p pw] -G 'file dest' -P 'file dest' [-H 'host ..' | serverlistfile] [command arg ... | - ]\n" +\ + "Usage: tsshbatch.py [-Nehksv] [-n name] [-p pw] -G 'file dest' -P 'file dest' [-H 'host ..' | serverlistfile] [command arg ... | - ]\n" +\ " where,\n" +\ "\n" +\ " -G 'file dest' GET file on host and write local dest directory\n" +\ @@ -88,6 +88,7 @@ " -k Use key exchange-based authentication\n" +\ " -n name Specify login name\n" +\ " -p pw Specify login password\n" +\ + " -s Force prompting for sudo password\n" +\ " -v Display extended program version information\n" ##### @@ -327,6 +328,7 @@ # Options that can be overriden by user +GETSUDOPW = False # Prompt for sudo password HOSTS = "" # List of hosts to target KEYEXCHANGE = False # Do key exchange-based auth? PROMPTUSERNAME = False # Don't use $USER, prompt for username @@ -386,6 +388,9 @@ if opt == "-p": PWORD = val + if opt == "-s": + GETSUDOPW = True + if opt == "-v": PrintStdout(CVSID) sys.exit() @@ -473,25 +478,46 @@ elif command: Commands = [command,] -# If user want 'sudo' execution, they MUST provide a password -# regardkess if how they intially authenticate to the system. -# This allows the user to have a different password (or a key) for -# logging in than for promoting privlege. +# The need to prompt for a sudo password depends on a number of +# conditions: +# +# If a login password is present either via manual entry or -p, sudo +# will use that without further prompting. (Default) +# +# The user is prompted for a sudo password under two conditions: +# +# 1) -k option was selected but no password was set with -p +# 2) -s option was selected +# +# If the user IS prompted for a sudo password, any login password +# previously entered - either via -p or interactive entry - will be +# used as the default. The user can hit enter to accept this or enter +# a different password. This allows login and sudo passwords to be +# the same or different. -# If the user did use password authentication to initially -# authenticate, it's used as the default in the sudo password -# dialog below. +# Find out if we have any sudo commands -hint = "" -if PWORD: - hint = SUDOPWHINT - -SUDOPW = "" +SUDOPRESENT = False for command in Commands: - if command.startswith(SUDO + " "): - SUDOPW = getpass.getpass(pSUDO + hint) - if PWORD and not SUDOPW: - SUDOPW = PWORD + if command.startswith(SUDO + " "): + SUDOPRESENT = True + +# Check condition 1) above. +# (Condition 2 handled during options processing). + +if KEYEXCHANGE and not PWORD: + GETSUDOPW = True + +SUDOPW = PWORD +if SUDOPRESENT and GETSUDOPW: + + sudopwmsg = pSUDO + if PWORD: + sudopwmsg = sudopwmsg[:-2] + " " + SUDOPWHINT + + SUDOPW = getpass.getpass(sudopwmsg) + if PWORD and not SUDOPW: + SUDOPW = PWORD # Iterate over the list of hosts, executing any file transfers and # commands. Accomodate commenting out hosts in a list.