Perforce: run script as particular user and workspace - perforce

I have a powershell script that does various things, including running p4 commands such as syncing, creating a changelist and checking files into it, create a label etc. My script works fine when I run it on my development environment as my user.
Now I would like to run the script on another machine, against a specific workspace, and a specific Perforce user. Is there some set of commands I can add to the beginning of my script so that I can set the perforce user and use a specific workspace for the remainder of the script? If yes, I'd like to know 2 ways of doing this, one with the password in plain text (for testing and verifying), and one without it (for production use).
Releated: I think part of my problem is that I don't fully understand how the session user is determined. On the other machine, if I try to run any p4 command, I get the message: "Perforce password (P4PASSWD) is invalid or unset." I got that message even if I try:
p4 login abc
"abc" can be anything and I get the same message. I must be wrong in thinking that the "login" command can be used to login as a particular user. I was expecting it to prompt me for abc's password, rather than telling me I need to set a password before I can login as someone else.
But if I type in this:
p4 login
I am prompted to enter in a password. But for what user would that be? My Windows account user? What if I don't have a perforce user with the same name as my windows account user?

This is the doc page you need:
http://www.perforce.com/perforce/doc.current/manuals/cmdref/envars.html
In general, this should do the trick (with the current version of the command line client that supports "p4 set" on all platforms):
p4 set P4USER=username
p4 set P4CLIENT=clientname
p4 login
The "p4 login USERNAME" syntax is used when you've already logged in as a super user to get a login ticket for a different user (with no password prompt). Like all other commands, "p4 login" uses your P4USER to determine who you're running the command as.

To Auto login via powershell, login -a means allow login from any ip...
$USER = "My.User"
$PASS = "P455w0rd"
Out-File -FilePath C:\p4pass.txt -InputObject $PASS -Encoding ASCII -Width 50
cmd /c "p4 -u $USER login -a < `"C:\p4pass.txt`" " 2>&1
To specify the user, workspace and server:port append the below before the perforce command... e.g:
p4 -u ${USER} -c ${WORKSPACE} -p ${perforce:1666} login -a
p4 -u ${USER} -c ${WORKSPACE} -p ${perforce:1666} sync -f -q //...#head
To specify a ticket, get the ticket from the command:
p4 tickets
and specify it with an upper case -P, e.g:
p4 -u username -P 5E8ED75FB5086BE82D9BCD5561D32AEE sync...

Related

Missing command prompt user name when a user account is created - Linux - Debian?

I am writing a bash script to create user account with password, that will expire. After creating the user account and then login using su - , I get the prompt, but the user id is missing in the prompt. Also, the tab auto complete is missing. Here is my bash script. Remember, I am using Debian 9 in Windows - WSL2.
#!/bin/bash
# This script creates an account on the local system.
# You will be prompted for the account name and password.
# Ask for the user name.
read -p 'Enter the username to create: ' USER_NAME
# Ask for the real name.
read -p 'Enter the name of the person who this account is for: ' COMMENT
# Ask for the password
read -p 'Enter the password to use for the account: ' PASSWORD
# Create the user
useradd -c "${COMMENT}" -m ${USER_NAME}
# Set the password for the user.
# echo ${PASSWORD} | passwd --stdin ${USER_NAME}
echo "${USER_NAME}:${PASSWORD}" | chpasswd
# Force password change on first login.
passwd -e ${USER_NAME}
After running this, I get a prompt which doesn't has a user-id in it on the left side. Also, the auto completion using tab isn't working. I am a bit surprised, am I doing something wrong here?
Here is what I am seeing.
Add a user with adduser command instead of useradd.
Inscript always user adduser.
tested the same script on the Debian box and it's working fine.

Perforce log in as someone else

In the doc's I'm reading: To log in to Perforce automatically, you can save your password in a text file, and redirect p4 login to read from that file. For example, if you saved your password to a file called password.txt, the command would be:
Command:
p4 login < password.txt
However I've created a new local account using the following commands:
p4 user -f test
p4 passwd perforce-bot
When I now wan't to login with p4 login test < password.txt it complains about "Perforce password (P4PASSWD) invalid or unset".
How should I understand that? This operation works fine if I first do a p4 login (I'm an admin) and then run that snippet, it basically feels like sudo'ing as someone else, but I would want to use it without the need to login as my user first so I can run it as a cronjob on any machine.
These are two different commands:
p4 login: authenticates the current user ($P4USER) by prompting for a password
p4 login USER: authenticates an arbitrary other user IF already authenticated as a super user
Note also that if you run p4 passwd perforce-bot, you're setting the password for a user called perforce-bot (again, this is an admin command).
To temporarily switch the current user without resetting $P4USER, use the -u global flag:
p4 -u test user # creates a new user called "test"
p4 -u test passwd # sets the password for "test"
p4 -u test login # login "test" via stdin password prompt
p4 -u test <any command> # run any other command as "test"

FTP output redirect to a file on my linux box using shell script

I am looking for a Bash script to redirect a simple ls command output to a file on my Linux box from my FTP Server.
Here follows the step by step commands to illustrate what I am looking to script. The FTP site can be accessed without a user/password, so i am entering user as anonymous and password as blank when prompted.
ftp <FTP_SERVER>
Connected to <FTP_SERVER> (IP_ADDRESS).
220 Microsoft FTP Service
Name (<FTP_SERVER>:root): anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
Password:
230 Anonymous user logged in.
Remote system type is Windows_NT.
ftp> ls /Outgoing/Artemis/incremental/Hashes-1492870261.zip
227 Entering Passive Mode (10,37,108,77,5,87).
125 Data connection already open; Transfer starting.
04-22-17 07:11AM 227634 Hashes-1492870261.zip
226 Transfer complete.
I need the output of the command 'ls' command I am executing to be saved in a file on my linux box.
Here is the script i have:
ftp FTP_SERVER <<EOF >outputfile
quote USER anonymous
quote PASS
prompt noprompt
ls -la /Outgoing/Artemis/incremental/Hashes-1492870261.zip
quit
EOF
when i execute this i get a login failed error.
sh -x test.sh
+ ftp FTP_SERVER`
Password:
Login failed.
local: /Outgoing/Artemis/incremental/Hashes-1492870261.zip: No such file or directory
I used some random password as a test instead of blank (null) which I used previously, but still get the same error. How can I fix this?
Turn interactive mode off:
ftp -i -n FTP_SERVER <<EOF >outputfile
user <user> <password>
binary
ls -la .
quit
EOF
You might get on better with lftp:
lftp -e 'ls -l someFile.zip; quit' -u USER,PASSWORD FTPSERVER > ls.txt
where all the words in capitals need replacing by your own values.
Or you could try with curl:
curl ftp://FTPSERVER --user USER:PASSWORD

p4 client returns with credential mismatch error

When I use p4 client I get a "credential mismatch" error:
~$ p4 client
credential mismatch: P4USER specified abadescu, p4filter command line specified idror
Partner exited unexpectedly.
Perforce client error:
Partner exited unexpectedly.
~$ echo $P4USER
~$ P4USER=idror p4 client
credential mismatch: P4USER specified abadescu, p4filter command line specified idror
Partner exited unexpectedly.
Perforce client error:
Partner exited unexpectedly.
using p4 -u idror client does open the editor, but after I save the modifications don't seem to affect p4 sync or p4 -u idror sync
That "credential mismatch" message is not a Perforce message, but rather is coming from some locally-customized configuration at your site.
Perhaps you have a trigger, for example a 'form-out' trigger.
Your trigger might use a locally-developed program named 'p4filter'.
Or perhaps you have a client-side wrapper for the 'p4' command, which might use a locally-developed client-side program named 'p4filter'.
You should ask the Perforce administrator at your site for help with resolving this.
You need to remove temporary the P4CONFIG from environment variables.
And most of all you need to have loaded ssh-agent that has key for user abadescu. If you don't use ssh keys to authenticate remove them from chain
So:
$ export -n P4CONFIG
$ ssh-add -D # if needed
And then set client, user, port in the p4 command like:
$ p4 -c client_name -u abadescu -p port_string_here

Script to change password on linux servers over ssh

We have a number of Red Hat linux servers in our IT environment. I am being asked by my team members to write a script (preferably shell script) to change a user's password on each one of those in a single go, using SSH.
I have tried to find a solution but many of the scripts I found are using Expect. We do not have Expect installed on our servers and the system admins have refused to let us install it. Also, the users do not have root access so passwd --stdin or chpasswd cannot be used.
Is there any way a script can be written so that a user can run it and change the password of only his own user on all the servers in a list?
The remote machine(s) do not need expect installed. You can install expect on a local workstation or VM (virtualbox) or whichever *nix box, and write a wrapper that calls this .ex (expect) script (there may be small changes from distro to distro, this tested on CentOS 5/6):
#!/usr/bin/expect -f
# wrapper to make passwd(1) be non-interactive
# username is passed as 1st arg, passwd as 2nd
set username [lindex $argv 0]
set password [lindex $argv 1]
set serverid [lindex $argv 2]
set newpassword [lindex $argv 3]
spawn ssh $serverid passwd
expect "assword:"
send "$password\r"
expect "UNIX password:"
send "$password\r"
expect "password:"
send "$newpassword\r"
expect "password:"
send "$newpassword\r"
expect eof
You do not need root access to use passwd.
This shoud work just fine.
passwd <<EOF
old password
new password
new password
EOF
You should try pssh (parallel ssh at the same time).
cat>~/ssh-hosts<<EOF
user100#host-foo
user200#host-bar
user848#host-qux
EOF
pssh -h ~/pssh-hosts 'printf "%s\n" old_pass new_pass new_pass | passwd'
Building on squashbuff's example, I tried the following, which worked well for me:
#!/bin/bash
for server in `cat hostlist`; do
echo $server;
ssh username#$server 'passwd &lt&ltEOF
old_password
new_password
new_password
EOF';
done
Security wise, Could be improved to take input without echoing to the screen OR saving the plaintext to disk.
echo "name:password" | chpasswd
Another possibility: change it manually on one server. Get the encrypted password out of /etc/shadow. Now, do something like this:
for host in $HOST_LIST; do
ssh $host "passwd -p 'encrypted_passwd' user"
done
Of course, 'encrypted_passwd" is what you got out of /etc/shadow where you manually changed the password. And $HOST_LIST is a list of hosts where you want the password changed. That could be created simply with:
export HOST_LIST="server1 server2 server15 server67"
Or perhaps with a file (as others have suggested):
export HOST_LIST=`cat host_list.txt`
Where the file "host_list.txt" has a list of all the systems where you want the password changed.
Edit: if your version of passwd doesn't support the -p option, you might have the 'usermod' program available. The example above remains the same, simply replace 'passwd' with 'usermod'.
Furthermore, you might consider the useful tool pdsh, which would simplify the above example to something like this:
echo $HOST_LIST | pdsh -Rssh -w- "usermod -p 'encrypted_passwd' user"
One last "gotcha" to look out for: the encrypted password likely contains the dollar sign character ('$') as a field separator. You'll probably have to escape those in your for loop or pdsh command (i.e. "$" becomes "\$").
Install sshpass on any of the server from where you want to execute the script.
yum -y install sshpass
Prepare a text file in which you have to pass details like Host, User Name, Password and Port. (Based on your requirement).
192.168.1.2|sachin|dddddd|22
Prepare a script file using below details.
#!/bin/bash
FILE=/tmp/ipaddress.txt
MyServer=""
MyUser=""
MyPassword=""
MyPort=""
exec 3<&0
exec 0<$FILE
while read line
do
MyServer=$(echo $line | cut -d'|' -f1)
MyUser=$(echo $line | cut -d'|' -f2)
MyPassword=$(echo $line | cut -d'|' -f3)
MyPort=$(echo $line | cut -d'|' -f4)
HOST=$MyServer
USR=$MyUser
PASS=$MyPassword
sshpass -p $PASS ssh -p $MyPort -o StrictHostKeychecking=no $USR#$HOST \
-T "echo 'sachin#patel' | passwd --stdin root" \
< /dev/null | tee -a output.log
done
exec 0<&3
An alternative you may want to present to your peers would be to have them use password-less authentication. They'd generate a public/private key pair and register their public key in the ~/.ssh/authorized_keys file on each of the servers they log into.
Can you use Perl?
Here there is an script that changes the password in a set of hosts.
If requires some Perl modules (Net::OpenSSH::Parallel, Expect and their dependencies) installed on the local machine running the script but nothing on the remote servers where the password has to be changed.
Have you tried App::Unix::RPasswd
The passmass script (man page) that comes with Expect doesn't require Expect to be installed on the remote machines.
I just implemented a small tool that changes password for many users/hosts at once. It's java based application so it works on both Windows and Linux. It's free, enjoy :)
Thought I should put my solution in an answer field - not sure if this should be a part of the question..
OK, I have put together a partially working solution using Dennis' suggestion.
servers.txt looks like:
server1
server2
server3
.
.
.
I am using:
for server in `cat servers.txt`; do
ssh $server -l user 'passwd <<EOF
old_pass
new_pass
new_pass
EOF';
done
This produces:
user#server1's password: **<Type password manually>**
(current) UNIX password: New UNIX password: Retype new UNIX password: Changing password for user user.
Changing password for user
passwd: all authentication tokens updated successfully.
user#server2's password: **<Type password manually>**
(current) UNIX password: New UNIX password: Retype new UNIX password: Changing password for user user.
Changing password for user
passwd: all authentication tokens updated successfully.
So here, I still need to type my old password once for each server. Can this be avoided?
If you have ssh, why have passwords in the first place? Push the user's public ssh key to all the servers they're authorized to use and be done with it. This also lets you easily grant and revoke access all you want.
At a previous $dayjob, where we had literally tens of thousands of servers, they had a database of which engineers were allowed on which servers, and the installation of ssh keys was an automated process. Almost NOBODY had a password on ANY machine.
echo -e "wakka2\nwakka2\n" | passwd root
cat /tmp/passwords | ssh $server sudo chpasswd -e
if the password is encrypted, or
cat /tmp/passwords | ssh $server sudo chpasswd
if the password is not encrypted.
/tmp/passwords should have format of "user:password"
The real question is why were they not using some sort of name services? NIS/Yellow Pages or LDAP and you're not having to manually change passwords across a bunch of servers. A user changes their password once and it's done across the domain master.

Resources