crontab issue on linux

allanm78 · 05-09-2013, 11:28 PM

ssh -n host1 "crontab << */10 * * * * /usr/local/script.sh > /logs/output.${HOSTNAME}"

I have around 100 hosts and need to populate(add if there are more entries) this cron entry on them but the variable $HOSTNAME is expanding to the name of the admin box I am trying to deploy from.

How can I fix this. Please advise.

Thanks,

Allan.

chrism01 · 05-09-2013, 11:43 PM

How about using single quotes; they usually prevent interpolation.

allanm78 · 05-09-2013, 11:52 PM

thanks for the reply!

even with single quotes I am getting -

ssh -n host1 echo '*/10 * * * * /usr/local/script.sh > /logs/output.${HOSTNAME}' >> /tmp/cron-list

HOSTNAME: Undefined variable.

chrism01 · 05-10-2013, 12:49 AM

Quick test locally (non-ssh)

Code:

echo $HOSTNAME
boole

echo \$HOSTNAME
$HOSTNAME

the old backslash standby.

Works same even if you have those {}'s.

allanm78 · 05-10-2013, 12:57 AM

ssh -n user@host1 "echo */10 * * * * /script.sh '>' /logs/output.\$HOSTNAME '>' /tmp/cron-list"

HOSTNAME: Undefined variable.

chrism01 · 05-10-2013, 01:36 AM

OK; I spun up a VM to test

Code:

# host
ssh -n vm1 "echo '*/10 * * * * /usr/local/script.sh > /logs/output.\${HOSTNAME}' >/root/t.t"

# on VM
 cat t.t
*/10 * * * * /usr/local/script.sh > /logs/output.${HOSTNAME}

Sheesh ...

allanm78 · 05-10-2013, 01:48 AM

thanks that worked! I figured the solution a little before I saw your reply, but thanks again.

chrism01 · 05-10-2013, 03:13 AM

Yeah, well I knew I was on the right track, but I rarely have to get all the quotes and backslashes down to that level of sophistication.

allanm78 · 05-11-2013, 01:18 PM

Hi Chris,

Another issue I wanted to solve is that I dont have sshkeyless setup to the hosts and dont have expect installed on the admin box, how do I remote ssh without(or automatically) feeding in the password each time for all 100 hosts?

Thanks,
Allan.

btmiller · 05-11-2013, 03:14 PM

For this many machines, you really want to look at a configuration management system (e.g. Puppet, Chef, CFEngine). Doing this by hand is just horrific and error prone (been there, done that).

Can you not install expect on the admin host? Even if so, having passwords in an expect file is terribly insecure.

This sounds like a large installation. Are you the administrator of it, or just a regular user? If the latter, ignore my advice about configuration management (should be set up by the administrator), but ask your administrator to populate your account on all machines with a public key that you send him. Then use key based authentication.

chrism01 · 05-11-2013, 06:52 PM

I would go with ssh auth keys; much safer than expect and much simpler than Puppet etc (unless its already setup).

era31415 · 05-12-2013, 02:27 PM

ssh does not allow redirecting the password response from a file but you might be able to use...

Sshpass is a tool for non-interactivly performing password authentication with SSH
http://sourceforge.net/projects/sshp...urce=directory

Perhaps you should look into passwordless logins for the ssh accounts using .ssh/authorized_keys file.

You could then use sshpass and "ssh-copy-id (1) - install your public key in a remote machine's authorized_keys" to
update them all to passwordless logins.

allanm78 · 05-18-2013, 03:55 PM

Thanks era31415 - worked like a charm, awesome!