I'm trying to run a script via the SSH package in my Go program (so far I've had success).
My issue is, the script attempts to run a command with sudo if the user has sudo privileges, and this causes the bash script to pause until a password is entered by the user.
For example:
[ERROR ] Install cs-server: Checking dependencies: missing: lib32gcc1
# It attempts to install the missing dependencies with sudo but pauses here
[sudo] password for guest:
In my Go program, I have written something that looks similar to this:
// Connect to SSH and retreive session...
out, err := session.StdoutPipe()
if err != nil {
log.Fatal(err)
}
go func(out io.Reader) {
r := bufio.NewScanner(out)
for r.Scan() {
fmt.Println(r.Text())
}
}(out)
// Execute ssh command...
And I receive the exact same output as the example above, only in this case, I don't even see the line [sudo] password for guest:... it only prints up to [ERROR ] Install cs-server: Checking dependencies: missing: lib32gcc1 and pauses forever.
How can I bypass this pause? My options are to either enter the password from my Go program automatically, or end the ssh execution and just receive the output.
I managed to fix this issue by making use of the session.StdoutPipe() and session.StdinPipe(). I wrote a go routine which scans each byte and checks if the last written line starts with "[sudo] password for " and ends with ": ". It will write the password + "\n" to the session.StdinPipe() which continues execution of the script.
Here's all of the code I have for this.
package ssh
import (
"bufio"
"io"
"log"
"net"
"strings"
"golang.org/x/crypto/ssh"
)
type Connection struct {
*ssh.Client
password string
}
func Connect(addr, user, password string) (*Connection, error) {
sshConfig := &ssh.ClientConfig{
User: user,
Auth: []ssh.AuthMethod{
ssh.Password(password),
},
HostKeyCallback: ssh.HostKeyCallback(func(hostname string, remote net.Addr, key ssh.PublicKey) error { return nil }),
}
conn, err := ssh.Dial("tcp", addr, sshConfig)
if err != nil {
return nil, err
}
return &Connection{conn, password}, nil
}
func (conn *Connection) SendCommands(cmds ...string) ([]byte, error) {
session, err := conn.NewSession()
if err != nil {
log.Fatal(err)
}
defer session.Close()
modes := ssh.TerminalModes{
ssh.ECHO: 0, // disable echoing
ssh.TTY_OP_ISPEED: 14400, // input speed = 14.4kbaud
ssh.TTY_OP_OSPEED: 14400, // output speed = 14.4kbaud
}
err = session.RequestPty("xterm", 80, 40, modes)
if err != nil {
return []byte{}, err
}
in, err := session.StdinPipe()
if err != nil {
log.Fatal(err)
}
out, err := session.StdoutPipe()
if err != nil {
log.Fatal(err)
}
var output []byte
go func(in io.WriteCloser, out io.Reader, output *[]byte) {
var (
line string
r = bufio.NewReader(out)
)
for {
b, err := r.ReadByte()
if err != nil {
break
}
*output = append(*output, b)
if b == byte('\n') {
line = ""
continue
}
line += string(b)
if strings.HasPrefix(line, "[sudo] password for ") && strings.HasSuffix(line, ": ") {
_, err = in.Write([]byte(conn.password + "\n"))
if err != nil {
break
}
}
}
}(in, out, &output)
cmd := strings.Join(cmds, "; ")
_, err = session.Output(cmd)
if err != nil {
return []byte{}, err
}
return output, nil
}
And an example of how you could use it.
// ssh refers to the custom package above
conn, err := ssh.Connect("0.0.0.0:22", "username", "password")
if err != nil {
log.Fatal(err)
}
output, err := conn.SendCommands("sleep 2", "echo Hello!")
if err != nil {
log.Fatal(err)
}
fmt.Println(string(output))
This is an issue that output stream can't be fully captured for #acidic's code.
The updated code is as following
package main
import (
"bytes"
"fmt"
"io"
"log"
"net"
"strings"
"golang.org/x/crypto/ssh"
)
type Connection struct {
*ssh.Client
password string
}
func Connect(addr, user, password string) (*Connection, error) {
sshConfig := &ssh.ClientConfig{
User: user,
Auth: []ssh.AuthMethod{
ssh.Password(password),
},
HostKeyCallback: ssh.HostKeyCallback(func(hostname string, remote net.Addr, key ssh.PublicKey) error { return nil }),
}
conn, err := ssh.Dial("tcp", addr, sshConfig)
if err != nil {
return nil, err
}
return &Connection{conn, password}, nil
}
func (conn *Connection) SendCommands(cmds string) ([]byte, error) {
session, err := conn.NewSession()
if err != nil {
log.Fatal(err)
}
defer session.Close()
modes := ssh.TerminalModes{
ssh.ECHO: 0, // disable echoing
ssh.TTY_OP_ISPEED: 14400, // input speed = 14.4kbaud
ssh.TTY_OP_OSPEED: 14400, // output speed = 14.4kbaud
}
err = session.RequestPty("xterm", 80, 40, modes)
if err != nil {
return []byte{}, err
}
stdoutB := new(bytes.Buffer)
session.Stdout = stdoutB
in, _ := session.StdinPipe()
go func(in io.Writer, output *bytes.Buffer) {
for {
if strings.Contains(string(output.Bytes()), "[sudo] password for ") {
_, err = in.Write([]byte(conn.password + "\n"))
if err != nil {
break
}
fmt.Println("put the password --- end .")
break
}
}
}(in, stdoutB)
err = session.Run(cmds)
if err != nil {
return []byte{}, err
}
return stdoutB.Bytes(), nil
}
func main() {
// ssh refers to the custom package above
conn, err := Connect("0.0.0.0:22", "username", "password")
if err != nil {
log.Fatal(err)
}
output, err := conn.SendCommands("sudo docker ps")
if err != nil {
log.Fatal(err)
}
fmt.Println(string(output))
}
A work around is converting sudo [cmd] to echo [password] | sudo -S [cmd], it is not good, but working for me.
Another workaround if you dont want to use ssh library is to make a pseudo terminal using pty library. An extremely simple example as above
import (
"io"
"os"
"os/exec"
"time"
"github.com/creack/pty"
)
func main() {
c := exec.Command("ssh", "<user>#<IP>")
f, err := pty.Start(c)
if err != nil {
panic(err)
}
time.Sleep(2 * time.Second)
f.Write([]byte("1234\n"))
io.Copy(os.Stdout, f)
}
Related
I am using our go library (it could be changed if necessary) with a folder named "devops", which contains nested content.
in the library, I copy the devops folder with his content, to another folder.
this is the copy function:
func CopyDirectory(scrDir, dest string) error { // scrDir = devops
entries, err := ioutil.ReadDir(scrDir)
if err != nil {
return err
}
for _, entry := range entries {
sourcePath := filepath.Join(scrDir, entry.Name())
destPath := filepath.Join(dest, entry.Name())
fileInfo, err := os.Stat(sourcePath)
fmt.Println(fileInfo)
if err != nil {
return err
}
stat, ok := fileInfo.Sys().(*syscall.Stat_t)
if !ok {
return fmt.Errorf("failed to get raw syscall.Stat_t data for '%s'", sourcePath)
}
switch fileInfo.Mode() & os.ModeType {
case os.ModeDir:
if err := CreateIfNotExists(destPath, 0755); err != nil { // CreateIfNotExists is a internal function
return err
}
if err := CopyDirectory(sourcePath, destPath); err != nil { // CopyDirectory is a internal function
return err
}
case os.ModeSymlink:
if err := CopySymLink(sourcePath, destPath); err != nil { // CopySymLink is a internal function
return err
}
default:
if err := Copy(sourcePath, destPath); err != nil { // Copy is a internal function
return err
}
}
if err := os.Lchown(destPath, int(stat.Uid), int(stat.Gid)); err != nil {
return err
}
isSymlink := entry.Mode()&os.ModeSymlink != 0
if !isSymlink {
if err := os.Chmod(destPath, entry.Mode()); err != nil {
return err
}
}
}
return nil
}
the library runs well as self-running, but when I use it from another project, it tries to copy the devops folder from the project path, and of course, fails.
I tried doing it with embed pkg, but the code fails when calling
fileInfo.Sys().(*syscall.Stat_t)
with an error that doesn't give any details.
this is the my code:
//go:embed devops
var f embed.FS
...
dir, _ := f.ReadDir("devops")
for _, entry := range dir {
fileInfo, _ := entry.Info()
err, ok := fileInfo.Sys().(*syscall.Stat_t)
if !ok {
println(err) // prints 0x0
}
}
How to solve it?
P.S. the code runs in Linux OS.
If I want to scan through a string, I can do this:
package main
import (
"fmt"
"strings"
)
func main() {
r := strings.NewReader("west north east")
for {
var s string
_, e := fmt.Fscan(r, &s)
fmt.Printf("%q %v\n", s, e)
if e != nil { break }
}
}
Result:
"west" <nil>
"north" <nil>
"east" <nil>
"" EOF
I recently discovered fmt.Scanner [1], so I thought I would try to implement
it. I came up with this:
package main
import (
"fmt"
"strings"
)
type comma struct { tok string }
func (c *comma) Scan(state fmt.ScanState, verb rune) error {
tok, err := state.Token(false, func(r rune) bool {
return r != ','
})
if err != nil {
return err
}
if _, _, err := state.ReadRune(); err != nil {
if len(tok) == 0 {
return err
}
}
c.tok = string(tok)
return nil
}
func main() {
r := strings.NewReader("west,north,east")
for {
var c comma
_, e := fmt.Fscan(r, &c)
fmt.Printf("%q %v\n", c.tok, e)
if e != nil { break }
}
}
Result:
"west" <nil>
"north" <nil>
"east" <nil>
"" unexpected EOF
So the result is pretty close, but what bothers me is the unexpected EOF. Is
it possible to just get a regular EOF with a custom fmt.Scanner? Am I doing
something wrong here, or is this a bug?
https://golang.org/pkg/fmt#Scanner
Thanks to Ian Lance Taylor on the golang-nuts list, he suggested to panic
the error instead of return. In the Go code, Fscan calls a function
doScan, which in turn calls a function errorHandler [1]. This last function
uses recover to turn any panic into regular error. This program gives
idential output to my original example:
package main
import (
"fmt"
"strings"
)
type comma struct { tok string }
func (c *comma) Scan(state fmt.ScanState, verb rune) error {
tok, err := state.Token(false, func(r rune) bool {
return r != ','
})
if err != nil { return err }
if _, _, err := state.ReadRune(); err != nil {
if len(tok) == 0 {
panic(err)
}
}
c.tok = string(tok)
return nil
}
func main() {
r := strings.NewReader("west,north,east")
for {
var c comma
_, err := fmt.Fscan(r, &c)
fmt.Printf("%q %v\n", c.tok, err)
if err != nil { break }
}
}
https://github.com/golang/go/blob/go1.16.4/src/fmt/scan.go#L1056-L1067
i am trying to use the hyperledger go sdk by importing on
of the module
https://godoc.org/github.com/hyperledger/fabric-sdk-go/pkg/client/msp .
I want to create the CA client instance by using hyperledger fabric go-sdk, which module do i need to import and how to do it, could anyone please suggest?
I am using below cmd to generate the fabric server CA client config file.
./bin/fabric-ca-client enroll admin:adminpws localhost:7054
Below is the code, which create the fabric sdk context, using the fabric-ca-client.yaml file which is generated by using the above cmd. if i am doing anything wrong let me know.
package main
import (
"fmt"
"net"
"os"
"path/filepath"
"strings"
clientmsp "github.com/hyperledger/fabric-sdk-go/pkg/client/msp"
"github.com/hyperledger/fabric-sdk-go/pkg/common/providers/core"
mspid "github.com/hyperledger/fabric-sdk-go/pkg/common/providers/msp"
"github.com/hyperledger/fabric-sdk-go/pkg/core/config"
"github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite"
"github.com/hyperledger/fabric-sdk-go/pkg/fabsdk"
"github.com/hyperledger/fabric-sdk-go/pkg/msp"
"github.com/hyperledger/fabric-sdk-go/pkg/msp/test/mockmsp"
)
var (DefaultHome = os.ExpandEnv("$PWD/CONFIG"))
var caServerURL string
var caServer = &mockmsp.MockFabricCAServer{}
const (
caServerURLListen = "http://localhost:7054"
configFile = "fabric-ca-server-config.yaml"
)
type nwConfig struct {
CertificateAuthorities map[string]msp.CAConfig
}
type clientFixture struct {
cryptoSuiteConfig core.CryptoSuiteConfig
identityConfig mspid.IdentityConfig
}
func main() {
// Initiate the sdk using the config file
client := clientFixture{}
sdk := client.setup()
//create the CA instance
c, err := clientmsp.New(sdk.Context())
if err != nil {
fmt.Println("failed to create msp client", err)
return
}
fmt.Println("New client instance created", c)
}
func (f *clientFixture) setup() *fabsdk.FabricSDK {
var lis net.Listener
var err error
if !caServer.Running() {
lis, err = net.Listen("tcp", strings.TrimPrefix(caServerURLListen,
"http://"))
if err != nil {
panic(fmt.Sprintf("Error starting CA Server %s", err))
}
caServerURL = "http://" + lis.Addr().String()
}
configPath := filepath.Join(DefaultHome, configFile)
backend, err := config.FromFile(configPath)()
if err != nil {
fmt.Println(err)
}
configProvider := func() ([]core.ConfigBackend, error) {
return backend, nil
}
// Instantiate the SDK
sdk, err := fabsdk.New(configProvider)
if err != nil {
fmt.Println(err)
}
configBackend, err := sdk.Config()
if err != nil {
panic(fmt.Sprintf("Failed to get config: %s", err))
}
f.cryptoSuiteConfig = cryptosuite.ConfigFromBackend(configBackend)
f.identityConfig, _ = msp.ConfigFromBackend(configBackend)
if err != nil {
fmt.Println(err)
}
ctxProvider := sdk.Context()
ctx, err := ctxProvider()
if err != nil {
fmt.Println(err)
}
// Start Http Server if it's not running
if !caServer.Running() {
caServer.Start(lis, ctx.CryptoSuite())
}
return sdk
}
import mspclient
mspclient "github.com/hyperledger/fabric-sdk-go/pkg/client/msp"
"github.com/hyperledger/fabric-sdk-go/pkg/fabsdk"
mspClient, err := mspclient.New(
*fabsdk.FabricSDK.Context(),
mspclient.WithOrg(OrgName),
)
if err != nil {
return mspClient, errors.WithMessage(err, "failed to create MSP client")
}
After that you can use below services
err = mspClient.Enroll("Admin#org1",
msp.WithSecret("Admin#org1"),
msp.WithProfile("tls"),
)
if err != nil {
return errors.WithMessage(err, "failed to register identity")
}
I am trying to use sidecar mode in kubernetes to create a logs sidecar to expose specific container logs. And I am using kubernetes client to fetch logs from kubernetes api and send it out by websocket. The code shows below:
func serveWs(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
conn, err := upgrader.Upgrade(w, r, nil)
if err != nil {
if _, ok := err.(websocket.HandshakeError); !ok {
log.Println(err)
}
return
}
defer conn.Close()
logsClient, err := InitKubeLogsClient(config.InCluster)
if err != nil {
log.Fatalln(err)
}
stream, err := logsClient.GetLogs(config.Namespace, config.PodName, config.ContainerName)
if err != nil {
log.Fatalln(err)
}
defer stream.Close()
reader := bufio.NewReader(stream)
for {
line, err := reader.ReadString('\n')
if err != nil {
log.Fatalln(err)
}
conn.WriteMessage(websocket.TextMessage, []byte(line))
}
}
I am using https://github.com/gorilla/websocket as the websocket lib. And on the browser
Is this the best way to do what I want? Is there some better way to just expose the logs api from k8s to websocket?
Put my final code here, thanks for the tips from #Peter:
func serveWs(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
conn, err := upgrader.Upgrade(w, r, nil)
if err != nil {
if _, ok := err.(websocket.HandshakeError); !ok {
log.Println(err)
}
return
}
log.Println("create new connection")
defer func() {
conn.Close()
log.Println("connection close")
}()
logsClient, err := InitKubeLogsClient(config.InCluster)
if err != nil {
log.Println(err)
return
}
stream, err := logsClient.GetLogs(config.Namespace, config.PodName, config.ContainerName)
if err != nil {
log.Println(err)
return
}
defer stream.Close()
reader := bufio.NewReaderSize(stream, 16)
lastLine := ""
for {
data, isPrefix, err := reader.ReadLine()
if err != nil {
log.Println(err)
return
}
lines := strings.Split(string(data), "\r")
length := len(lines)
if len(lastLine) > 0 {
lines[0] = lastLine + lines[0]
lastLine = ""
}
if isPrefix {
lastLine = lines[length-1]
lines = lines[:(length - 1)]
}
for _, line := range lines {
if err := conn.WriteMessage(websocket.TextMessage, []byte(line)); err != nil {
log.Println(err)
return
}
}
}
}
I am trying to write a function to keep reading from a buffered reader until I hit a certain string, then to stop reading and return everything read prior to that string.
In other words, I want to do the same thing as reader.ReadString() does, except taking a string instead of a single byte.
For instance:
mydata, err := reader.ReadString("\r\n.\r\n") //obviously will not compile
How can I do this?
Thanks in advance,
Twichy
Amendment 1: Previous attempt
Here is my previous attempt; its badly written and doesnt work but hopefully it demonstrates what I am trying to do.
func readDotData(reader *bufio.Reader)(string, error){
delims := []byte{ '\r', '\n', '.', '\r', '\n'}
curpos := 0
var buffer []byte
for {
curpos = 0
data, err := reader.ReadSlice(delims[0])
if err!=nil{ return "", err }
buffer = append(buffer, data...)
for {
curpos++
b, err := reader.ReadByte()
if err!=nil{ return "", err }
if b!=delims[curpos]{
for curpos >= 0{
buffer = append(buffer, delims[curpos])
curpos--
}
break
}
if curpos == len(delims){
return string(buffer[len(buffer)-1:]), nil
}
}
}
panic("unreachable")
}
package main
import (
"bytes"
"fmt"
"log"
)
type reader interface {
ReadString(delim byte) (line string, err error)
}
func read(r reader, delim []byte) (line []byte, err error) {
for {
s := ""
s, err = r.ReadString(delim[len(delim)-1])
if err != nil {
return
}
line = append(line, []byte(s)...)
if bytes.HasSuffix(line, delim) {
return line[:len(line)-len(delim)], nil
}
}
}
func main() {
src := bytes.NewBufferString("123deli456elim789delimABCdelimDEF")
for {
b, err := read(src, []byte("delim"))
if err != nil {
log.Fatal(err)
}
fmt.Printf("%q\n", b)
}
}
Playground
Output:
"123deli456elim789"
"ABC"
2009/11/10 23:00:00 EOF
http://play.golang.org/p/BpA5pOc-Rn
package main
import (
"bytes"
"fmt"
)
func main() {
b := bytes.NewBuffer([]byte("Hello, playground!\r\n.\r\nIrrelevant trailer."))
c := make([]byte, 0, b.Len())
for {
p := b.Bytes()
if bytes.Equal(p[:5], []byte("\r\n.\r\n")) {
fmt.Println(string(c))
return
}
c = append(c, b.Next(1)...)
}
}
For example,
package main
import (
"bufio"
"bytes"
"fmt"
"strings"
)
var delim = []byte{'\r', '\n', '.', '\r', '\n'}
func ScanLines(data []byte, atEOF bool) (advance int, token []byte, err error) {
if atEOF && len(data) == 0 {
return 0, nil, nil
}
for i := 0; i+len(delim) <= len(data); {
j := i + bytes.IndexByte(data[i:], delim[0])
if j < i {
break
}
if bytes.Equal(data[j+1:j+len(delim)], delim[1:]) {
// We have a full delim-terminated line.
return j + len(delim), data[0:j], nil
}
i = j + 1
}
// If we're at EOF, we have a final, non-terminated line. Return it.
if atEOF {
return len(data), data, nil
}
// Request more data.
return 0, nil, nil
}
func main() {
delims := string(delim)
input := "1234" + delims + "5678" + delims + "1234567901234567890" + delims
scanner := bufio.NewScanner(strings.NewReader(input))
scanner.Split(ScanLines)
for scanner.Scan() {
fmt.Printf("%s\n", scanner.Text())
}
if err := scanner.Err(); err != nil {
fmt.Printf("Invalid input: %s", err)
}
}
Output:
1234
5678
1234567901234567890
Because you have the same byte in the string, you can do it as below:
func readWithEnd(reader *bufio.Reader) ([]byte, error) {
message, err := reader.ReadBytes('#')
if err != nil {
return nil, err
}
a1, err := reader.ReadByte()
if err != nil {
return nil, err
}
message = append(message, a1)
if a1 != '\t' {
message2, err := readWithEnd(reader)
if err != nil {
return nil, err
}
ret := append(message, message2...)
return ret, nil
}
a2, err := reader.ReadByte()
if err != nil {
return nil, err
}
message = append(message, a2)
if a2 != '#' {
message2, err := readWithEnd(reader)
if err != nil {
return nil, err
}
ret := append(message, message2...)
return ret, nil
}
return message, nil
}
This is the sample that can recognize the "#\t#" in TCP connection