状况
- h1、h2 和 h3 是加入同一 Active Directory 域的三台 Linux 主机
- A、B账户均为AD账户
- B 可以通过 SSH 连接到所有主机,无需密码(已设置 Kerberos 身份验证),并且
sudoer
在每台主机上使用 sudo 作为 A(已设置,以便无需密码即可运行所有命令) - A 无法直接通过 SSH 连接到这些主机
/local/path/
存在于所有主机上- f1和f2是
/local/path/
在h1下创建的,这些文件只有A可读 - 这些文件可以包含多行、双引号、$
目标
- 在h2和h3上创建f1和f2,内容相同
我的不完整的解决方案
我想出了以下脚本,但是它有一些问题:""
并且$
会消失
- 你能帮助我的脚本按预期工作吗
- 有更好的方法来实现我的目标吗?
# src and dest should actually be the same (but on different hosts)
# Since we are doing the test on localhost, they are set to different directories (only accessible by testuser, i.e. account A)
SRC_DIR=/home/testuser
DEST_DIR=/var/tmp/testuser
# For demo purpose. In reality, it should be an array of hosts, i.e. h2, h3
HOSTS=(localhost)
FILES=(f1 f2)
declare -A FILE_TO_CONTENT=([f1]="`sudo -i -u testuser cat /home/testuser/f1`" [f2]="`sudo -i -u testuser cat /home/testuser/f2`")
for h in ${HOSTS[@]}
do
for f in ${FILES[@]}
do
file_content=${FILE_TO_CONTENT[$f]}
echo "$file_content" # The output looks normal
ssh $h "echo \"${file_content}\" | sudo -i -u testuser tee $DEST_DIR/$f " # Double quotes are removed, $dollar disappears
echo "" # Separate output for different files
done
done
的内容f1
和f2
# f1
f1-line 1
f1-line 2
f1-line 3 with "double quote"
f1-line 4 with 'single quote'
f1-line 5 with special char: #hash, $dollar
# f2
f2-line 1
f2-line 2
运行脚本后的输出(并且下面的输出文件/var/tmp/testuser
也没有""
and $
)
f1-line 1
f1-line 2
f1-line 3 with "double quote"
f1-line 4 with 'single quote'
f1-line 5 with special char: #hash, $dollar
f1-line 1
f1-line 2
f1-line 3 with double quote
f1-line 4 with 'single quote'
f1-line 5 with special char: #hash,
f2-line 1
f2-line 2
f2-line 1
f2-line 2
答案1
我不会将文件的内容放入变量中。
在循环中你可以做
sudo -u testuser cat "SRC_DIR/$f" | ssh "$h" sudo -u testuser tee "$DEST_DIR/$f"
# src and dest should actually be the same (but on different hosts)
# Since we are doing the test on localhost, they are set to different directories (only accessible by testuser, i.e. account A)
SRC_DIR=/home/testuser
DEST_DIR=/var/tmp/testuser
# For demo purpose. In reality, it should be an array of hosts, i.e. h2, h3
HOSTS=(localhost)
FILES=(f1 f2)
for h in "${HOSTS[@]}"
do
for f in "${FILES[@]}"
do
sudo -u testuser cat "SRC_DIR/$f" | ssh "$h" sudo -u testuser tee "$DEST_DIR/$f"
echo "" # Separate output for different files
done
done
或使用 GNUtar
并且仅在主机上循环
sudo -u testuser tar -C "$SRC_DIR" c "${FILES[@]}" | ssh "$h" sudo -u testuser tar -C "$DEST_DIR" x
# src and dest should actually be the same (but on different hosts)
# Since we are doing the test on localhost, they are set to different directories (only accessible by testuser, i.e. account A)
SRC_DIR=/home/testuser
DEST_DIR=/var/tmp/testuser
# For demo purpose. In reality, it should be an array of hosts, i.e. h2, h3
HOSTS=(localhost)
FILES=(f1 f2)
for h in "${HOSTS[@]}"
do
sudo -u testuser tar -C "$SRC_DIR" c "${FILES[@]}" | ssh "$h" sudo -u testuser tar -C "$DEST_DIR" x
done
由于缓存,重复读取相同的文件可能会很快。