/usr/bin/ceph-post-file is in ceph-common 12.2.4-0ubuntu1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 | #!/bin/bash -e
# If these files exist, assume we are a source install.
if [[ -f ../share/known_hosts_drop.ceph.com && -f ../share/id_rsa_drop.ceph.com ]]
then # running from source install
known_hosts=../share/known_hosts_drop.ceph.com
ssh_key=../share/id_rsa_drop.ceph.com
else # running from a pkg install
known_hosts=/usr/share/ceph/known_hosts_drop.ceph.com
ssh_key=/usr/share/ceph/id_rsa_drop.ceph.com
fi
function usage() {
echo "Usage: $0 [options] file1 [dir2 ...]
Easily upload files or directories to ceph.com for analysis by Ceph
developers.
Each invocation uploads files or directories to a separate directory
with a unique tag. That tag can be passed to a developer or
referenced in a bug report (http://tracker.ceph.com/). Once the
upload completes, the directory is marked non-readable and
non-writeable to prevent access or modification by other users.
WARNING:
Basic measures are taken to make posted data be visible only to
developers with access to ceph.com infrastructure. However, users
should think twice and/or take appropriate precautions before
posting potentially sensitive data (for example, logs or data
directories that contain Ceph secrets).
Options:
-d|--description <desc> Description for this post
[Default: none]
-u|--user <user> User identifier
[Default: \`whoami\`@\`hostname -f\`]
-r|--remote <user@host> Remote to upload to
[Default: postfile@drop.ceph.com]
-k|--known_hosts <path> known_hosts file
[Default: /usr/share/ceph/known_hosts_drop.ceph.com]
-i <path> Ssh identity file
[Default: /usr/share/ceph/id_rsa_drop.ceph.com]
-h|--help Show this usage information
"
}
if [ -z "$*" ]; then
usage
exit 1
fi
description=""
user="`whoami`@`hostname -f`"
remote="postfile@drop.ceph.com"
if [ `uname` = FreeBSD ]; then
GETOPT=/usr/local/bin/getopt
else
GETOPT=getopt
fi
ARGS=$(${GETOPT} -n "ceph-post-file" -o 'd:u:hk:i:r:' -l "description:,user:,help,known-hosts:,remote:" -- "$@")
eval set -- $ARGS
while true; do
echo "args: $@"
case $1 in
-d | --description)
description="$2"
shift
shift
;;
-u | --user)
user="$2"
shift
shift
;;
-h | --help)
usage
exit 0
;;
-k | --known-hosts)
known_hosts="$2"
shift
shift
;;
-i)
ssh_key="$2"
shift
shift
;;
-r | --remote)
remote="$2"
shift
shift
;;
--)
shift
break
;;
esac
done
# this id should be shared
id=`uuidgen`
echo "$0: upload tag $id"
# this is secret goop we add to the directory so that $id is not
# enough to find the data using the shared user; only ceph developers
# who have access to the server and can read the post directory can
# find the uploaded data.
nonce=`uuidgen`
# stick the user info in the dir too
dir="${id}_${user}_${nonce}"
t1=$(mktemp) || exit
t2=$(mktemp) || exit
t3=$(mktemp) || exit
t4=$(mktemp) || exit
trap "rm -f -- '$t1' '$t2' '$t3' '$t4'" EXIT
cat > $t1 <<EOF
mkdir post/$dir
cd post/$dir
EOF
echo "$0: user: $user"
cat > $t3 <<EOF
$user
EOF
echo put $t3 user >> $t1
if [ -n "$description" ]; then
echo "$0: description: $description"
cat > $t2 <<EOF
$description
EOF
echo put $t2 description >> $t1
fi
while [ -n "$*" ]; do
if [ -d "$1" ]; then
echo $0: will upload directory $1
bn=`basename "$1"`
cat >> $t1 <<EOF
mkdir $bn
put -r $1
EOF
else
echo $0: will upload file $1
cat >> $t1 <<EOF
put $1
EOF
fi
shift
done
# no UserKnownHostsFile so that we don't try to record the IP hash key
# GlobalKnownHostsFile so that we are verifying that this is the real drop.ceph.com
# IdentitiesOnly=yes forces sftp to ignore any keys offered by ssh-agent
cp "$ssh_key" "$t4"
cp "${ssh_key}.pub" "$t4.pub"
sftp -o "IdentityFile=$t4" \
-C \
-oCheckHostIP=no \
-oGlobalKnownHostsFile=$known_hosts \
-oBatchMode=no \
-oIdentitiesOnly=yes \
-b $t1 -- $remote
echo "$0: copy the upload id below to share with a dev:
ceph-post-file: $id
"
|