diff --git a/Makefile.am b/Makefile.am index e7dd86ee1ae..8e0c650bc23 100644 --- a/Makefile.am +++ b/Makefile.am @@ -12,8 +12,17 @@ EXTRA_DIST += \ udev/50-rbd.rules \ udev/60-ceph-partuuid-workaround.rules \ udev/95-ceph-osd.rules \ - udev/95-ceph-osd-alt.rules + udev/95-ceph-osd-alt.rules \ + share/known_hosts_drop.ceph.com \ + share/id_dsa_drop.ceph.com \ + share/id_dsa_drop.ceph.com.pub +# why is it so hard to make autotools to this? +install-data-local: + -mkdir -p $(DESTDIR)$(datadir)/ceph + -install -m 644 share/known_hosts_drop.ceph.com $(DESTDIR)$(datadir)/ceph/known_hosts_drop.ceph.com + -install -m 644 share/known_hosts_drop.ceph.com $(DESTDIR)$(datadir)/ceph/id_dsa_drop.ceph.com + -install -m 644 share/known_hosts_drop.ceph.com $(DESTDIR)$(datadir)/ceph/id_dsa_drop.ceph.com.pub all-local: if WITH_DEBUG diff --git a/ceph.spec.in b/ceph.spec.in index 0e18f2b656d..82c9d073980 100644 --- a/ceph.spec.in +++ b/ceph.spec.in @@ -384,6 +384,9 @@ fi %dir %{_docdir}/ceph %{_docdir}/ceph/sample.ceph.conf %{_docdir}/ceph/sample.fetch_config +%{_datadir}/ceph/known_hosts_drop.ceph.com +%{_datadir}/ceph/id_dsa_drop.ceph.com +%{_datadir}/ceph/id_dsa_drop.ceph.com.pub %{_bindir}/ceph %{_bindir}/cephfs %{_bindir}/ceph-conf @@ -394,6 +397,7 @@ fi %{_bindir}/osdmaptool %{_bindir}/ceph-authtool %{_bindir}/ceph-syn +%{_bindir}/ceph-post-file %{_bindir}/ceph-run %{_bindir}/ceph-mon %{_bindir}/ceph-mds @@ -445,6 +449,7 @@ fi %{_mandir}/man8/mkcephfs.8* %{_mandir}/man8/ceph-run.8* %{_mandir}/man8/ceph-syn.8* +%{_mandir}/man8/ceph-post-file.8* %{_mandir}/man8/ceph-dencoder.8* %{_mandir}/man8/ceph-rest-api.8* %{_mandir}/man8/crushtool.8* diff --git a/debian/ceph-common.install b/debian/ceph-common.install index 6c8af7c74b2..41453f5a646 100644 --- a/debian/ceph-common.install +++ b/debian/ceph-common.install @@ -8,11 +8,16 @@ usr/bin/ceph-rest-api usr/bin/ceph-syn usr/bin/rados usr/bin/rbd +usr/bin/ceph-post-file usr/share/man/man8/ceph-authtool.8 usr/share/man/man8/ceph-conf.8 usr/share/man/man8/ceph-dencoder.8 usr/share/man/man8/ceph-rest-api.8 usr/share/man/man8/ceph-syn.8 +usr/share/man/man8/ceph-post-file.8 usr/share/man/man8/ceph.8 usr/share/man/man8/rados.8 usr/share/man/man8/rbd.8 +usr/share/ceph/known_hosts_drop.ceph.com +usr/share/ceph/id_dsa_drop.ceph.com +usr/share/ceph/id_dsa_drop.ceph.com.pub diff --git a/doc/man/8/ceph-debugpack.rst b/doc/man/8/ceph-debugpack.rst index ecfafb1211f..d07f53dee72 100644 --- a/doc/man/8/ceph-debugpack.rst +++ b/doc/man/8/ceph-debugpack.rst @@ -45,3 +45,4 @@ See also ======== :doc:`ceph `\(8) +:doc:`ceph-post-file `\(8) diff --git a/doc/man/8/ceph-post-file.rst b/doc/man/8/ceph-post-file.rst new file mode 100644 index 00000000000..5625843eaa6 --- /dev/null +++ b/doc/man/8/ceph-post-file.rst @@ -0,0 +1,69 @@ +======================================== + ceph-post-file -- post files for ceph developers +======================================== + +.. program:: ceph-post-file + +Synopsis +======== + +| **ceph-post-file** [-d *description] [-u *user*] *file or dir* ... + + +Description +=========== + +**ceph-post-file** will upload files or directories to ceph.com for +later analysis by Ceph developers. + +Each invocation uploads files or directories to a separate directory +with a unique tag. That tag can be passed to a developer or +referenced in a bug report (http://tracker.ceph.com/). Once the +upload completes, the directory is marked non-readable and +non-writeable to prevent access or modification by other users. + +Warning +======= + +Basic measures are taken to make posted data be visible only to +developers with access to ceph.com infrastructure. However, users +should think twice and/or take appropriate precautions before +posting potentially sensitive data (for example, logs or data +directories that contain Ceph secrets). + + +Options +======= + +.. option:: -d *description*, --description *description* + + Add a short description for the upload. This is a good opportunity + to reference a bug number. There is no default value. + +.. option:: -u *user* + + Set the user metadata for the upload. This defaults to `whoami`@`hostname -f`. + +Examples +======== + +To upload a single log:: + + ceph-post-file /var/log/ceph/ceph-mon.`hostname`.log + +To upload several directories:: + + ceph-post-file -d 'mon data directories' /var/log/ceph/mon/* + + +Availability +============ + +**ceph-post-file** is part of the Ceph distributed file system. Please refer to +the Ceph documentation at http://ceph.com/docs for more information. + +See also +======== + +:doc:`ceph `\(8), +:doc:`ceph-debugpack `\(8), diff --git a/man/Makefile.am b/man/Makefile.am index 5096022ab46..be071b17bb6 100644 --- a/man/Makefile.am +++ b/man/Makefile.am @@ -26,4 +26,5 @@ dist_man_MANS = \ ceph-dencoder.8 \ ceph-rest-api.8 \ ceph-rbdnamer.8 \ + ceph-post-file.8 \ rbd-fuse.8 diff --git a/man/ceph-post-file.8 b/man/ceph-post-file.8 new file mode 100644 index 00000000000..110f3c223b8 --- /dev/null +++ b/man/ceph-post-file.8 @@ -0,0 +1,130 @@ +.\" Man page generated from reStructuredText. +. +.TH "CEPH-POST-FILE" "8" "August 14, 2013" "dev" "Ceph" +.SH NAME +ceph-post-file \- post files for ceph developers +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +.SH SYNOPSIS +.nf +\fBceph\-post\-file\fP [\-d \fIdescription] [\-u *user\fP] \fIfile or dir\fP ... +.fi +.sp +.SH DESCRIPTION +.sp +\fBceph\-post\-file\fP will upload files or directories to ceph.com for +later analysis by Ceph developers. +.sp +Each invocation uploads files or directories to a separate directory +with a unique tag. That tag can be passed to a developer or +referenced in a bug report (\fI\%http://tracker.ceph.com/\fP). Once the +upload completes, the directory is marked non\-readable and +non\-writeable to prevent access or modification by other users. +.SH WARNING +.sp +Basic measures are taken to make posted data be visible only to +developers with access to ceph.com infrastructure. However, users +should think twice and/or take appropriate precautions before +posting potentially sensitive data (for example, logs or data +directories that contain Ceph secrets). +.SH OPTIONS +.INDENT 0.0 +.TP +.B \-d *description*, \-\-description *description* +Add a short description for the upload. This is a good opportunity +to reference a bug number. There is no default value. +.UNINDENT +.INDENT 0.0 +.TP +.B \-u *user* +Set the user metadata for the upload. This defaults to \fIwhoami\(ga@\(gahostname \-f\fP\&. +.UNINDENT +.SH EXAMPLES +.sp +To upload a single log: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +ceph\-post\-file /var/log/ceph/ceph\-mon.\(gahostname\(ga.log +.ft P +.fi +.UNINDENT +.UNINDENT +.sp +To upload several directories: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +ceph\-post\-file \-d \(aqmon data directories\(aq /var/log/ceph/mon/* +.ft P +.fi +.UNINDENT +.UNINDENT +.SH AVAILABILITY +.sp +\fBceph\-post\-file\fP is part of the Ceph distributed file system. Please refer to +the Ceph documentation at \fI\%http://ceph.com/docs\fP for more information. +.SH SEE ALSO +.sp +\fBceph\fP(8), +\fBceph\-debugpack\fP(8), +.SH COPYRIGHT +2010-2013, Inktank Storage, Inc. and contributors. Licensed under Creative Commons BY-SA +.\" Generated by docutils manpage writer. +. diff --git a/share/id_dsa_drop.ceph.com b/share/id_dsa_drop.ceph.com new file mode 100644 index 00000000000..3efc985a129 --- /dev/null +++ b/share/id_dsa_drop.ceph.com @@ -0,0 +1,12 @@ +-----BEGIN DSA PRIVATE KEY----- +MIIBugIBAAKBgQDv8F/WToUDOc2HRWUOqtq5ilORE+5P53yZUo7ugr8XD3wM0H7Q +IIl9F9fizwUtL2gh3n1BnBxmPhkVU6VYsiDpn1P3dWvRmf+jyqPuk+b185L0Erb8 +QsExADv6v33Yyd+9i5oTI988Rm1VWY6QhP7neW6yMPt2noi1TwleLm6z2wIVAKHL +ciT2S0w/dbTFQDFHSEOCAif3AoGAHwOYd8YEInrcBrXPFJuPFbQKr8ceO3/ItY0r +/W/L92nXUJbdl1JEt2KfkdwaxkBhlYT7E1JR5MRoTNBTEMCFjHxemZCdH+03+Jzq ++RAQ28p77przbqOFaMuZuQoGlqMy3gYrhnPRGEJGjh+pkhMePqUPCCKFtRntNzlH +lDh4uOACgYBLGpqu3Pthhd4fnawv8Md16gc/p1Vg/5vyAzi9Gshhgf1hXvFHdeJv +AN/5mgE/Ekg7fqeNUhui9LYkuuOMgP267naGkAAgxV3bbiy439Vj8SzXdOQk4agA +YgebWkmJrdMtUSzeBYBkqBZTZODvQwCmYdR6INuNuZtA+rHgKwiAHQIUZak7aJD8 +y4kap9GmduDYmp6/JxU= +-----END DSA PRIVATE KEY----- diff --git a/share/id_dsa_drop.ceph.com.pub b/share/id_dsa_drop.ceph.com.pub new file mode 100644 index 00000000000..e7e53834434 --- /dev/null +++ b/share/id_dsa_drop.ceph.com.pub @@ -0,0 +1 @@ +ssh-dss AAAAB3NzaC1kc3MAAACBAO/wX9ZOhQM5zYdFZQ6q2rmKU5ET7k/nfJlSju6CvxcPfAzQftAgiX0X1+LPBS0vaCHefUGcHGY+GRVTpViyIOmfU/d1a9GZ/6PKo+6T5vXzkvQStvxCwTEAO/q/fdjJ372LmhMj3zxGbVVZjpCE/ud5brIw+3aeiLVPCV4ubrPbAAAAFQChy3Ik9ktMP3W0xUAxR0hDggIn9wAAAIAfA5h3xgQietwGtc8Um48VtAqvxx47f8i1jSv9b8v3addQlt2XUkS3Yp+R3BrGQGGVhPsTUlHkxGhM0FMQwIWMfF6ZkJ0f7Tf4nOr5EBDbynvumvNuo4Voy5m5CgaWozLeBiuGc9EYQkaOH6mSEx4+pQ8IIoW1Ge03OUeUOHi44AAAAIBLGpqu3Pthhd4fnawv8Md16gc/p1Vg/5vyAzi9Gshhgf1hXvFHdeJvAN/5mgE/Ekg7fqeNUhui9LYkuuOMgP267naGkAAgxV3bbiy439Vj8SzXdOQk4agAYgebWkmJrdMtUSzeBYBkqBZTZODvQwCmYdR6INuNuZtA+rHgKwiAHQ== public_ceph_post_key_2013-08-16 diff --git a/share/known_hosts_drop.ceph.com b/share/known_hosts_drop.ceph.com new file mode 100644 index 00000000000..862df67aeef --- /dev/null +++ b/share/known_hosts_drop.ceph.com @@ -0,0 +1 @@ +drop.ceph.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjl2XzIpS92snr4SymcBVQx7y6d/ZjzCKJAlGZYkgknWWf+JBEpXp+cOoMk2Td5pIPkOdn72pGAuuPzL9HSJpN/o75tzbv0mAd//3t9D5/Kpnd+tWIDDgj+RIz8ZKRxSR8lnVjsUHlTrwQwaUkZ3KDiVgtQXDp0+1rU1+02cEkeBStoMLQt/6xw1hmPGSIAMH2HRkyge+/I8RwK7jbTwwcxh61Vxe0qMGkDO6vUVXw+K6hoXV4uGaqZ9/B2GirXJPz6ulvLC/mtEdgtfKS3eiMTaJS5Cpne6rJw2Wm7kHfQPstJaUq06BJiRe6R+JHC897NVZd0yc1bZe+BI0PmQJL diff --git a/src/.gitignore b/src/.gitignore index 5c52f6c4f42..4c98529bd87 100644 --- a/src/.gitignore +++ b/src/.gitignore @@ -12,6 +12,7 @@ Makefile /ceph-conf /ceph-coverage /ceph-debugpack +/ceph-post-file /ceph-dencoder /ceph-fuse /ceph-mds diff --git a/src/Makefile.am b/src/Makefile.am index de1b81fb4ba..7c3ade4706f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -39,7 +39,7 @@ ceph_sbin_SCRIPTS = \ sbin_SCRIPTS = \ mount.fuse.ceph -bin_SCRIPTS = ceph ceph-run ceph-rest-api ceph-clsinfo ceph-debugpack ceph-rbdnamer +bin_SCRIPTS = ceph ceph-run ceph-rest-api ceph-clsinfo ceph-debugpack ceph-rbdnamer ceph-post-file dist_bin_SCRIPTS = # C/C++ tests to build will be appended to this check_PROGRAMS = @@ -184,7 +184,7 @@ base: ceph-mon ceph-osd ceph-mds \ ceph-syn \ rados radosgw librados-config \ ceph-conf monmaptool osdmaptool crushtool ceph-authtool \ - init-ceph mkcephfs mon_store_converter + init-ceph mkcephfs mon_store_converter ceph-post-file # fuse targets? @@ -1287,7 +1287,7 @@ editpaths = sed \ -e 's|@prefix[@]|$(prefix)|g' \ -e 's|@@GCOV_PREFIX_STRIP[@][@]|$(GCOV_PREFIX_STRIP)|g' -shell_scripts = init-ceph mkcephfs ceph-debugpack ceph-coverage +shell_scripts = init-ceph mkcephfs ceph-debugpack ceph-coverage ceph-post-file $(shell_scripts): Makefile diff --git a/src/ceph-post-file.in b/src/ceph-post-file.in new file mode 100755 index 00000000000..27fea287fc6 --- /dev/null +++ b/src/ceph-post-file.in @@ -0,0 +1,157 @@ +#!/bin/bash -e + +# if we start up as ./$0, assume we are running from a source +# checkout. +if [ `dirname $0` = "." ] && [ $PWD != "/usr/bin" ]; then + known_hosts=../share/known_hosts_drop.ceph.com + ssh_key=../share/id_dsa_drop.ceph.com +else + known_hosts=@datadir@/known_hosts_drop.ceph.com + ssh_key=@datadir@/id_dsa_drop.ceph.com +fi + +usage() { + echo "Usage: $0 [options] file1 [dir2 ...] + +Easily upload files or directories to ceph.com for analysis by Ceph +developers. + +Each invocation uploads files or directories to a separate directory +with a unique tag. That tag can be passed to a developer or +referenced in a bug report (http://tracker.ceph.com/). Once the +upload completes, the directory is marked non-readable and +non-writeable to prevent access or modification by other users. + +WARNING: + Basic measures are taken to make posted data be visible only to + developers with access to ceph.com infrastructure. However, users + should think twice and/or take appropriate precautions before + posting potentially sensitive data (for example, logs or data + directories that contain Ceph secrets). + +Options: + -d Description for this post + [Default: none] + -u User identifier + [Default: \`whoami\`@\`hostname -f\`] + -r Remote to upload to + [Default: postfile@drop.ceph.com] + -k known_hosts file + [Default: /usr/share/ceph/known_hosts_drop.ceph.com] + -i Ssh identity file + [Default: /usr/share/ceph/id_dsa_drop.ceph.com] + -h Show this usage information +" +} + +if [ -z "$*" ]; then + usage + exit 1 +fi + +description="" +user="`whoami`@`hostname -f`" +remote="postfile@drop.ceph.com" +case $1 in + -d | --description) + description="$2" + shift + shift + ;; + -u | --user) + user="$2" + shift + shift + ;; + -h | --help) + usage + exit 0 + ;; + -k | --known-hosts) + known_hosts="$1" + shift + shift + ;; + -i) + ssh_key="$1" + shift + shift + ;; + -r | --remote) + remote="$1" + shift + shift + ;; +esac + +# this id should be shared +id=`uuidgen` +echo "$0: upload tag $id" + +# this is secret goop we add to the directory so that $id is not +# enough to find the data using the shared user; only ceph developers +# who have access to the server and can read the post directory can +# find the uploaded data. +nonce=`uuidgen` + +# stick the user info in the dir too +dir="${id}_${user}_${nonce}" + +t1=$(tempfile) || exit +t2=$(tempfile) || exit +t3=$(tempfile) || exit +t4=$(tempfile) || exit +trap "rm -f -- '$t1' '$t2' '$t3' '$t4'" EXIT +cat > $t1 < $t3 <> $t1 + +if [ -n "$description" ]; then + echo "$0: description: $description" + cat > $t2 <> $t1 +fi + +while [ -n "$*" ]; do + if [ -d "$1" ]; then + echo $0: will upload directory $1 + bn=`basename "$1"` + cat >> $t1 <> $t1 <