org.eclipse.equinox.http.jetty,\
org.eclipse.equinox.metatype,\
org.eclipse.equinox.cm,\
-org.eclipse.rap.rwt.osgi
argeo.osgi.start.3.node=\
org.argeo.cms
-
argeo.osgi.start.4.apps=\
org.eclipse.gemini.blueprint.extender
-argeo.osgi.start.5.apps=\
-org.argeo.jackrabbit.webapp,\
+argeo.osgi.start.5.slc=\
+org.argeo.slc.agent,\
+org.argeo.slc.agent.jcr,\
+
+argeo.node.repo.type=localfs
slc.executionModules=org.argeo.slc.demo.ant,\
org.argeo.slc.demo.basic,\
#argeo.server.tomcat.config=conf/default-server-ssl.xml
+sun.security.jgss.native=false
org.osgi.framework.security=osgi
java.security.policy=file:../../all.policy
+# DON'T CHANGE BELOW UNLESS YOU KNOW WHAT YOU ARE DOING
org.eclipse.equinox.http.jetty.autostart=false
import java.io.IOException;
import java.io.InputStream;
+import java.security.PrivilegedAction;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
+import com.jcraft.jsch.Logger;
import com.jcraft.jsch.Session;
+import com.jcraft.jsch.UserAuthGSSAPIWithMIC;
public abstract class AbstractJschTask implements Runnable {
private final Log log = LogFactory.getLog(getClass());
Session session = sshTarget.getSession();
if (session.isConnected()) {
if (log.isTraceEnabled())
- log.debug("Using cached session to " + getSshTarget()
- + " via SSH");
+ log.debug("Using cached session to " + getSshTarget() + " via SSH");
return session;
}
}
try {
JSch jsch = new JSch();
- if (sshTarget.getUsePrivateKey()
- && sshTarget.getLocalPrivateKey().exists())
- jsch.addIdentity(sshTarget.getLocalPrivateKey()
- .getAbsolutePath());
- Session session = jsch.getSession(getSshTarget().getUser(),
- getSshTarget().getHost(), getSshTarget().getPort());
+ if (sshTarget.getUsePrivateKey() && sshTarget.getLocalPrivateKey().exists())
+ jsch.addIdentity(sshTarget.getLocalPrivateKey().getAbsolutePath());
+ Session session = jsch.getSession(getSshTarget().getUser(), getSshTarget().getHost(),
+ getSshTarget().getPort());
session.setUserInfo(getSshTarget().getUserInfo());
+ session.setConfig("userauth.gssapi-with-mic", UserAuthGSSAPIWithMIC.class.getName());
session.setServerAliveInterval(1000);
session.connect();
if (log.isTraceEnabled())
log.trace("Connected to " + getSshTarget() + " via SSH");
if (sshTarget.getSession() != null) {
if (log.isTraceEnabled())
- log.trace("The cached session to " + getSshTarget()
- + " was disconnected and was reset.");
+ log.trace("The cached session to " + getSshTarget() + " was disconnected and was reset.");
sshTarget.setSession(session);
}
return session;
} catch (JSchException e) {
if (sshTarget.getUserInfo() instanceof SimpleUserInfo)
((SimpleUserInfo) sshTarget.getUserInfo()).reset();
- throw new SlcException("Could not open session to "
- + getSshTarget(), e);
+ throw new SlcException("Could not open session to " + getSshTarget(), e);
}
}
if (sshTarget != null && sshTarget.getSession() == null) {
session.disconnect();
if (log.isTraceEnabled())
- log.trace("Disconnected from " + getSshTarget()
- + " via SSH");
+ log.trace("Disconnected from " + getSshTarget() + " via SSH");
}
}
}
this.sshTarget = sshTarget;
}
+ PrivilegedAction<Void> asPrivilegedAction() {
+ return new PrivilegedAction<Void>() {
+ public Void run() {
+ AbstractJschTask.this.run();
+ return null;
+ }
+ };
+ }
+
+ static {
+ JSch.setLogger(new JschLogger());
+ }
+
+ private static class JschLogger implements Logger {
+ private final Log log = LogFactory.getLog(JschLogger.class);
+
+ // TODO better support levels
+ @Override
+ public boolean isEnabled(int level) {
+ if (log.isTraceEnabled())
+ return true;
+ return false;
+ }
+
+ @Override
+ public void log(int level, String message) {
+ log.trace(message);
+ }
+
+ }
}
--- /dev/null
+package org.argeo.slc.jsch;
+
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+
+class GetMachineId {
+
+ public static void main(String[] args) {
+ URL url = GetMachineId.class.getResource("jaas.cfg");
+ System.setProperty("java.security.auth.login.config", url.toExternalForm());
+
+ String hostname = args[0];
+ try {
+ LoginContext lc = new LoginContext("SINGLE_USER");
+ lc.login();
+
+ SshTarget sshTarget = new SshTarget();
+ sshTarget.setHost(hostname);
+ RemoteExec remoteExec = new RemoteExec();
+ remoteExec.setCommand("cat /etc/machine-id");
+ remoteExec.setSshTarget(sshTarget);
+ List<String> lines = new ArrayList<>();
+ remoteExec.setStdOutLines(lines);
+
+ Subject.doAs(lc.getSubject(), remoteExec.asPrivilegedAction());
+
+ String machineId = lines.get(0);
+ System.out.println(hostname + ": " + machineId);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ }
+
+}