adding experimental rcpu service

this is a reimplementation of cpu and import utilities in rc using a tlsclient and tlssrv as the encryption and authentication layers. there is only one new service, which after authentication and encryption setup accepts an arbitrary rc script over the network and executes it with the standard filedescriptors redirected to the conversaion (this is *after* authentication and in the context of the authorized user). the new rcpu program has a few improvements over cpu(1): - doesnt mangle program arguments - the remote process will get the clients standard file descriptors, so error and output are separated and you can consume the clients input from the remote side :-) - forwards error status of remote process theres no backwards mode for rimport, but a new program called rexport for the same purpose. all these services use exportfs without the bolted on initial handshake, so the hope is to clean up exportfs in the future and remove all the ugly crap in there.
2016-02-14 05:18:33 +01:00 · 2016-02-14 05:18:33 +01:00 · fde5906b30
commit fde5906b30
parent 4fe7daeca4
6 changed files with 285 additions and 0 deletions
--- a/rc/bin/rconnect
+++ b/rc/bin/rconnect
@ -0,0 +1,84 @@
 #!/bin/rc
 rfork e
 argv0=$0
 fn usage {
 	echo 'usage:' $argv0 '[-p] [-u user] [-k keyspec] host remotescript localcommand ...' >[1=2]
 	exit 'usage'
 }
 fn pvar {
 	while(! ~ $#* 0){
 		~ $#$1 0 || path=/dev/null builtin whatis $1
 		shift
 	}
 }
 filter=()
 keyspec=()
 while(~ $1 -*){
 	switch($1){
 	case -p; filter=aan
 	case *
 		~ $#* 1 && usage
 		switch($1){
 		case -k; keyspec=($keyspec $2)
 		case -u; keyspec=($keyspec `{user=$2 pvar user})
 		case *; usage
 		}
 		shift
 	}
 	shift
 }
 ~ $#* 0 1 2 && usage
 host=$1
 shift
 fn sendscript {
 	echo -n $host >/proc/$pid/args
 	cat $1 >/env/v; wc -c </env/v; cat /env/v; rm /env/v
 	shift
 	$*
 }
 if(~ $filter aan){
 	fn aanserver {
 		~ $#netdir 1 || netdir=/net/tcp/clone
 		netdir=`{basename -d $netdir} || exit
 		<>$netdir/clone {
 			netdir=$netdir/`{read} || exit
 			>[3] $netdir/ctl {
 				echo -n 'announce *!0' >[1=3]
 				echo `{cat $netdir/local} || exit
 				bind '#|' /mnt/aan || exit
 				exec aan $netdir <>/mnt/aan/data1 >[1=0] >[2]/dev/null &
 			}
 		}
 		<>/mnt/aan/data >[1=0] >[2]/dev/null {
 			rfork n
 			fn server {
 				echo -n aanserver $netdir >/proc/$pid/args
 				. <{n=`{read} && ! ~ $#n 0 && read -c $n} >[2=1]
 			}
 			rm -f /env/^'fn#aanserver'
 			exec tlssrv -A /bin/rc -c server
 			exit
 		}
 	}
 	fn aanclient {
 		host=`{echo $host | sed 's/(.*)!([^!]+)$/\1/'}^!^`{read | sed 's/(.*)!([^!]+)$/\2/'} || exit
 		tlsclient -a -o <>{rfork s; aan -c $host >[1=0]} /bin/rc -c 'sendscript $*' $*
 	}
 	exec $argv0 -k $"keyspec $host <{builtin whatis aanserver; echo aanserver} aanclient $*
 	exit
 }
 switch($host){
 case *!*!*;
 case *!*; host=$host!rcpu
 case *; host=net!$host!rcpu
 }
 exec tlsclient -ak $"keyspec $host /bin/rc -c 'sendscript $*' $*
--- a/rc/bin/rcpu
+++ b/rc/bin/rcpu
@ -0,0 +1,83 @@
 #!/bin/rc
 rfork e
 argv0=$0
 fn usage {
 	echo 'usage:' $argv0 '[-p] [-h host] [-u user] [-k keypattern] [-P patternfile] [-c cmd arg ...]' >[1=2]
 	exit 'usage'
 }
 fn server {
 	mount -nc /fd/0 /mnt/term || exit
 	bind -q /mnt/term/dev/cons /dev/cons
 	</mnt/term/fd/10 >/mnt/term/fd/11 >[2]/mnt/term/fd/12 {
 		~ $#dir 0 || cd $"dir || echo 'can''t change directory: '^$"dir >[1=2]
 		switch($#cmd){
 		case 0;	cmd=(rc -li)
 		case 1; cmd=(rc -lc $cmd)
 		case *; cmd=(rc -lc '$*' $cmd)
 		}
 	 	rm -f /env/^(cmd dir 'fn#server')
 	 	service=cpu exec $cmd
 	} &
 	if(test -d /mnt/term/mnt/cpunote) {
 		rfork e
 		mainproc=$apid
 		exec cat </mnt/term/mnt/cpunote/data >/proc/$mainproc/notepg &
 		noteproc=$apid
 		wait $mainproc
 		echo -n $status >/mnt/term/env/rstatus >[2]/dev/null
 		echo -n kill >/proc/$noteproc/note
 	}
 }
 fn client {
 	echo -n >/env/rstatus
 	rfork n
 	bind '#|' /mnt/cpunote || exit
 	</fd/0 exec $exportfs -r / &
 	</dev/null >/mnt/cpunote/data1 {
 		fn sigkill { echo -n kill >/mnt/cpunote/data1 }
 		fn sighup { echo -n hangup >/mnt/cpunote/data1 }
 		fn sigint { status=interrupted }
 		wait
 		while(~ $status interrupted) {
 			echo -n interrupt
 			wait
 		}
 		status=`{cat /env/rstatus}
 		exit $"status
 	}
 }
 cmd=()
 host='$cpu'
 exportfs=/bin/exportfs
 connect=/bin/rconnect
 while(~ $1 -*){
 	switch($1){
 	case -p; connect=($connect $1)
 	case *
 		~ $#* 1 && usage
 		switch($1){
 		case -P; exportfs=($exportfs $1 $2)
 		case -[uk]; connect=($connect $1 $2)
 		case -h; host=$2
 		case -c; cmd=$*(2-); *=()
 		case *; usage
 		}
 		shift
 	}
 	shift
 }
 ~ $#* 0 || usage
 fn pvar {
 	while(! ~ $#* 0){
 		~ $#$1 0 || path=/dev/null builtin whatis $1
 		shift
 	}
 }
 exec $connect $host <{dir=`{pwd} pvar dir cmd; builtin whatis server; echo server} client <[10=0] >[11=1] >[12=2]
--- a/rc/bin/rexport
+++ b/rc/bin/rexport
@ -0,0 +1,57 @@
 #!/bin/rc
 rfork e
 argv0=$0
 fn usage {
 	echo 'usage:' $argv0 '[options] [-s remotesrv] [-m remotemtpt] tree host [remotecmd [args ...]]' >[1=2]
 	exit 'usage'
 }
 fn domount {
 	if(~ $#sname 1){
 		rm -f /srv/$sname
 		echo -n 0 >/srv/$sname
 	}
 	~ $#mtpt 0 || mount -n $mopt /fd/0 $mtpt || exit
 	~ $#cmd 0 || service=import exec $cmd </dev/null >/dev/null >[2=1]
 }
 sname=()
 mopt=()
 mtpt=()
 exportfs=/bin/exportfs
 connect=/bin/rconnect
 while(~ $1 -*){
 	switch($1){
 	case -p; connect=($connect $1)
 	case -[abcCnq]*; mopt=($mopt $1)
 	case *
 		~ $#* 1 && usage
 		switch($1){
 		case -P; exportfs=($exportfs $1 $2)
 		case -[uk]; connect=($connect $1 $2)
 		case -s; sname=`{basename $2}
 		case -m; mtpt=$2
 		case *; usage
 		}
 		shift
 	}
 	shift
 }
 ~ $#* 0 1 && usage
 exportfs=($exportfs -r $1)
 shift
 host=$1
 shift
 cmd=$*
 fn pvar {
 	while(! ~ $#* 0){
 		~ $#$1 0 || path=/dev/null builtin whatis $1
 		shift
 	}
 }
 exec $connect $host <{pvar sname mtpt mopt cmd; builtin whatis domount; echo domount} exec $exportfs
--- a/rc/bin/rimport
+++ b/rc/bin/rimport
@ -0,0 +1,52 @@
 #!/bin/rc
 rfork e
 argv0=$0
 fn usage {
 	echo 'usage:' $argv0 '[options] host tree [mountpoint]' >[1=2]
 	exit 'usage'
 }
 fn domount {
 	if(~ $#sname 1){
 		rm -f /srv/$sname
 		echo -n 0 >/srv/$sname
 	}
 	~ $#mtpt 0 || mount -n $mopt /fd/0 $mtpt
 }
 tree=()
 mopt=()
 mtpt=()
 sname=()
 exportfs=/bin/exportfs
 connect=/bin/rconnect
 while(~ $1 -*){
 	switch($1){
 	case -p; connect=($connect $1)
 	case -[abcCnq]*; mopt=($mopt $1)
 	case *
 		~ $#* 1 && usage
 		switch($1){
 		case -[uk]; connect=($connect $1 $2)
 		case -s; sname=`{basename $2}
 		case *; usage
 		}
 		shift
 	}
 	shift
 }
 switch($#*){
 case 2 3; tree=$2; mtpt=$$#*
 case *; usage
 }
 fn pvar {
 	while(! ~ $#* 0){
 		~ $#$1 0 || path=/dev/null builtin whatis $1
 		shift
 	}
 }
 exec $connect $1 <{pvar tree; echo exec $exportfs -r '$tree'} domount
--- a/rc/bin/service/tcp17019
+++ b/rc/bin/service/tcp17019
@ -0,0 +1,8 @@
 #!/bin/rc
 netdir=$3
 remote=$2!`{cat $3/remote}
 fn server {
 	echo -n $netdir $remote >/proc/$pid/args
 	. <{n=`{read} && ! ~ $#n 0 && read -c $n} >[2=1]
 }
 exec tlssrv -a /bin/rc -c server
--- a/sys/lib/dist/ndb/common
+++ b/sys/lib/dist/ndb/common
@ -284,6 +284,7 @@ tcp=exportfs port=17007
 tcp=rexexec port=17009
 tcp=ncpu port=17010
 tcp=cpu port=17013
 tcp=rcpu port=17019
 tcp=glenglenda1 port=17020
 tcp=glenglenda2 port=17021
 tcp=glenglenda3 port=17022