Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

cgi wrapper??

by RayRay459 (Pilgrim)
on Aug 28, 2001 at 03:26 UTC ( [id://108311]=perlquestion: print w/replies, xml ) Need Help??

RayRay459 has asked for the wisdom of the Perl Monks concerning the following question:

I have a script that copies out another perl script to a remote machine and i want to execute it locally on the remote machine. someone suggested using a cgi wrapper. Being fairly new to perl, does anyone have an examples or resources that i can look to. All i want to do is execute it locally on the remote machine. I do have limitations. No WMI no SSH or SOAP. I can't install anything else on the machines. I have to work with the servers as is. i support about 300+ machines so setting up a service or scheduled job would be more tedious then physically touching the machine to run my script. Any help would be great. Thanks
Ray

Replies are listed 'Best First'.
Re: cgi wrapper??
by $code or die (Deacon) on Aug 28, 2001 at 04:11 UTC
    I have a script that copies out another perl script to a remote machine and i want to execute it locally on the remote machine

    I am not entirely sure what you mean by this.

    If you are refering to this thread, perrin mentioned a cgi wrapper or SOAP. I'll elaborate.

    You can set up a website on the remote server - if it's Win2k, then IIS is installed, or you can install Apache. Whichever you use, make sure your servers have all the latest security patches.

    On this remote website you have a simple CGI script which will execute a "selection" of programs - or the program you just copied. make sure that it's not allowed to execute any old program.

    Your local script then executes the remote script using LWP. I.e. you POST or GET the URL of the script on the remote webserver.

    I know you mention no SOAP, but if Perl is installed on the remote machine, SOAP::Lite is installed with it (at least I think it is with AS Perl. And it's not too difficult to use SOAP

    Error: Keyboard not attached. Press F1 to continue.

    Update: If Perl is not installed on all 300 of the remote machines - then this will not work (Not to mention that it would take days to set up 300 websites for this!!!). Also, if you are ruling out WMI, then I don't think there is a Perl solution (not that WMI has anything to do with Perl!). In which case check out psexec as I mentioned in your previous question. With psexec, it can be as simple as:
    use strict; # etc... my @servers = ("\\\\server1", "\\\\server2", "\\\\server3"); foreach my $server (@servers) { my $error = system ("psexec", $server, "-u", "username", "-p", "password", "remote_program name"); warn "failed to execute on $server ($error), $!" if $error; }
      I do have perl installed on all the machines. My 300+ machines are web servers. Just so you know where i am at. Thank you for your help. I do appreciate it. We were told not to use psexec because it copies itself to the system32 directory and could be a possilbe exploit. Damn i hate limits. :)
      Thanks again.
      Ray
Re: cgi wrapper??
by joefission (Monk) on Aug 28, 2001 at 06:16 UTC
    Since I brought up the scheduler in the previous thread, I'll defend my choice ;-)

    Scheduler is built into NT/W2K/XP/2002/yadayadayada). So no need to install it.

    Win32::AdminMisc::ScheduleAdd( $Machine, $Time, $DOM, $DOW, $Flags, $Command )
    will schedule $Command to run on the computer $Machine at $Time on the day of the month determined by the bitmask $DOM and the day of the week determined by the bitmask DOW.

    So, you loop through your list of servers, executing the function with each iteration. What's so tedious about that?

      Note: To add things to the AT scheduler on a windows machine, you don't actually need a module. You can do this via command line from a remote PC using at \\computername. See AT /? for further info.

      -OzzyOsbourne

        Right, but at is very cumbersome and it's much more easier to use Win32::AdminMisc for this - i.e. if you want to add a scheduled task but don't want to add it if it's already there, then you have to parse the output of "at" - This could be tricky and requires an extra system call for each addition. It's much easier to use the ScheduleList() method and then use ScheduleAdd() if you need to.

        If it's well written and easy to use, I prefer to use a module than a system call.

        Error: Keyboard not attached. Press F1 to continue.
      Excellent, I forgot that you can specify a remote machine for ScheduleAdd(). That would be the best way to do it, unless it's something that has to be executed on demand.

      Error: Keyboard not attached. Press F1 to continue.
      Do the targer machines have to have AdminMisc module installed or just the machine running the script?
      Thanks,
      Ray
        Just the machine running the script needs to have AdminMisc installed. The target machines need to have the scheduler/mstask service running.
Re: cgi wrapper??
by mitd (Curate) on Aug 28, 2001 at 05:57 UTC
    I like to suggest a different method that does not involve cgi wrappers and if (I hope this true) your support environment is *nix it is simple.

    Use Net::Telnet to programatically sign on and execute your script on the remote host.

    Example:

    use Net::Telnet (); #set up telnet session the prompt # can be tricky if not the same #on each machine but some #creative regex'ing should get you over tht hump $t = new Net::Telnet (Timeout => 2-, Prompt => '/bash\$ $/'); $t->open("your.remote.host.com"); $t->login($username, $passwd); @lines = $t->cmd("./your_remote_script.pl"); # returns any result or error lines print @lines;

    I have used this approach in several fairly complex situations like compiling code on a machine that requires 3 hops through a firewall and returning results to me.

    mitd-Made in the Dark
    'My favourite colour appears to be grey.'

      That may work for me, but i will have to send a username and password in clear text over the wire. Not sure if that will fly with our network security team. but i will check that out as well. Thanks, mitd.
      Ray
        Ray,

        So assuming from your response you are in a *NIX environment, right? So Net::Telnet will 'technically' work but your Security folks will balk at 'plan-text' id/pw's.

        So I am a little confused since you have stated no SSH, how do your security folks provide SECURE access to the remote machines?

        mitd-Made in the Dark
        'My favourite colour appears to be grey.'

Re: cgi wrapper??
by mattr (Curate) on Aug 28, 2001 at 08:05 UTC
    No ssh.. how about rsh?

    Also, if you use telnet the nohup command might be needed.. maybe your first use of this could be to install Perl on them?

    Perhaps if you can't telnet, another way would be to ftp a shell script into a cgi directory and call it from the web, and bootstrap from there.


    Move SIG!

Re: cgi wrapper??
by idnopheq (Chaplain) on Aug 28, 2001 at 14:19 UTC
    I'm anticipating the boxen are wintel ( Win32, etc. ). Some things I can think of are ...

    1. The NT/2K resource kits provide Remote Command Service (rcmd), which is fairly trivial to set-up in bulk. The ActiveState Perl-Win32-Admin mail list has had examples of how to install it on multiple machines given you have rights to the boxen.
    2. Perhaps Penguin can be worked as a purer perl solution.
    3. Just use the Win32 modules, like Win32::Lanman, Win32::AdminMisc, Win32::Perms, and so on for the basic admin tasks via M$ Networking/NetBIOS ... or for the sadist in all of us, the M$ 'net' commands ...

    Seems a little odd that you have to manage so many boxes, yet not install any convenient method to manage them. Yet, never underestimate management's ability to seriously FUBAR any straight forward task. Perhaps if you can elaborate on what you need to do to the boxen ...

    HTH
    --
    idnopheq
    Apply yourself to new problems without preparation, develop confidence in your ability to to meet situations as they arrise.

      Perhaps Penguin can be worked as a purer perl solution.
      Any idea what is up with this project? It appears to be dead, dead, dead. No releases since 1997?

      --
      Believe nothing, no matter where you read it, or who said it - even if I have said it - unless it agrees with your own reason and your own common sense.
      (Buddha)
Re: cgi wrapper??
by mr.dunstan (Monk) on Aug 29, 2001 at 10:27 UTC
    Is Net::Telnet really secure enough (or rather is allowing telnet at all secure enough) to trust distributing executable code to 300 machines!? This is scary stuff.

    Is there a secure-enough, centrally administratable RPC/RMI type of server that could be trusted enough to do something like this?

    -mr.dunstan
Re: cgi wrapper??
by johanvdb (Beadle) on Aug 29, 2001 at 00:36 UTC
    Hi, Why don't you use "Agent"? It allows to send out agents, written in perl, to other machines. I've never used it, but it seems very interesting ... Anyway, the Net::Telnet thingy seems to be the most realistic one ... Johan

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://108311]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others about the Monastery: (7)
As of 2024-03-28 21:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found