Enter password multiple times - passwords

I am running an application, which prompts for a password of the user about a dozen times :-(
I tried using expect to circumvent this issue, and make it run in auto mode, but am unable to get over the issue of the multiple times password, which is not exactly static. Sometimes it asks 4-5 times and sometime around 9-10 times.
Is there a better solution to the problem than what I have given below:
spawn myApp [lindex $argv 0]
expect " password: $"
send "$password\r"
expect {
" password: $" send "$password\r"
"^Rollout Done "
"^Rollout Updated "
}
With the above solution, I have only been able to catch the password twice and then manually start entering for the rest of the time, is there a loop possible with the password?

Look up the exp_continue command -- it prevents the current [expect] command from returning, so it can find any subsequent password prompts.
spawn myApp [lindex $argv 0]
expect {
-re { password: $} {
send "$password\r"
exp_continue
}
-re {^Rollout (?:Done|Updated) }
}
If you want the user to enter the password, rather than storing it in plain text in the script, see How can I make an expect script prompt for a password?

Expect can use loops -- it is just TCL with some added commands I believe. So just do
set found 0
while {$found < 1}
{
expect {
" password: $" send "$password\r"
"^Rollout Done " set found 1
"^Rollout Updated " set found 1
}
}

Related

How to implement "fallback condition" in while loop in Expect?

I have a machine I telnet into, and pass "ctrl+C" until I see the prompt. The ctrl+C may not always work, so I must try after every 5 seconds until I see my expected output ($prompt).
In case I don't get a $prompt, how do I ensure I can retry the while loop effectively? Is this code below the best practice? My concern is, that I don't know what I may get when the "ctrl+C" fails, it could be anything and it must be ignored unless it's $prompt.
while { $disableFlag == 0 } {
send "^C\r"
expect {
"*$prompt*" {
puts "Found the prompt"
sleep 5
}
"*" {
set disableFlag 1
puts "Retrying"
sleep 5
}
}
}
You probably want something like this (untested)
set timeout 5
send \03
expect {
"*$prompt*" {
puts "found the prompt"
}
timeout {
puts "did not see prompt within $timeout seconds. Retrying"
send \03
exp_continue
}
}
# do something after seeing the prompt
\03 is the octal value for ctrl-C: see http://wiki.tcl.tk/3038
If you want to bail out eventually:
set timeout 5
set count 0
send \03
expect {
"*$prompt*" {
puts "found the prompt"
}
timeout {
if {[incr count] == 10} { # die
error "did not see prompt after [expr {$timeout * $count}] seconds. Aborting"
}
puts "did not see prompt within $timeout seconds. Retrying"
send \03
exp_continue
}
}

Running multiple exec commands and waiting to finish before continuing

I know I ask a lot of questions and I know there is a lot on here about this exactly what I am trying to do but I have not been able to get it to work in my script nor figure out why it does not let me do this. I am trying to run several commands using exec in the background and the tests can range anywhere between 5 and 45 minutes (longer if they have to cue for a license). It takes forever to run them back to back so I was wondering what I need to do to make my script wait for them to finish before moving on the the next section of script.
while {$cnt <= $len} {
# Begin count for running tests
set testvar [lindex $f $cnt]
if {[file exists $path0/$testvar] == 1} {
cd $testvar
} else {
exec mkdir $testvar
cd $testvar
exec create_symobic_link_here
}
# Set up test environment
exec -ignorestderr make clean
exec -ignorestderr make depends
puts "Running $testvar"
set runtest [eval exec -ignorestderr bsub -I -q lin_i make $testvar SEED=1 VPDDUMP=on |tail -n 1 >> $path0/runtestfile &]
cd ../
incr cnt
}
I know there is nothing here to make the script wait for the process to finish but I have tried many different things any this is the only way I can get it to run everything. It just doesn't wait.
One way is to modify your tests to create a "finished" file. This file should be created whether the test completes correctly or fails.
Modify the startup loop to remove this file before starting the test:
catch { file delete $path0/$testvar/finished }
Then create a second loop:
while { true } {
after 60000
set cnt 1 ; # ?
set result 0
while { $cnt <= $len } {
set testvar [lindex $f $cnt]
if { [file exists $path0/$testvar/finished] } {
incr result
}
incr cnt
}
if { $result == $len } {
break
}
}
This loop as written will never exit if any one test doesn't create the 'finished' file. So I would add in an additional stop condition (no more than one hour) to exit the loop.
Another way would be to save the process ids of the background processes in a list and then the second loop would check each process id to see if it is still running. This method would not require any modifications to the test, but is a little harder to implement (not too hard on unix/mac, harder on windows).
Edit: loop using process id check:
To use process ids, the main loop needs to be modified to save the process ids of the background jobs:
Before the main loop starts, clear the process id list:
set pidlist {}
In the main loop, save the process ids from the exec command (In tcl, [exec ... &] returns the background process id):
lappend pidlist $runtest ; # goes after the exec bsub...
A procedure to check for the existence of a process (for unix/mac). Tcl/Tk does not have any process control commands, so the unix 'kill' command is used. 'kill -0' on unix only checks for process existence, and does not affect the execution of the process.
# return 0 if the process does not exist, 1 if it does
proc checkpid { ppid } {
set pexists [catch {exec kill -0 $ppid}]
return [expr {1-$pexists}]
}
And the second loop to check to see if the tests are done becomes:
set tottime 0
while { true } {
after 60000
incr tottime 1 ; # in minutes
set result 0
foreach {pid} $pidlist {
if { ! [checkpid $pid] } {
incr result
}
}
if { $result == $len } {
break
}
if { $tottime > 120 } {
puts "Total test time exceeded."
break ; # or exit
}
}
If a test process gets hung and never exits, this loop will never exit, so a second stop condition on total time is used.

Rancid/ Looking Glass perl script hitting an odd error: $router unavailable

I am attempting to set up a small test environment (homelab) using CentOS 6.6, Rancid 3.1, Looking Glass, and some Cisco Switches/Routers, with httpd acting as the handler. I have picked up a little perl by means of this endeavor, but python (more 2 than 3) is my background. Right now, everything on the rancid side of things works without issue: bin/clogin successfully logs into all of the equipment in the router.db file, and logging of the configs is working as expected. All switches/routers to be accessed are available and online, verified by ssh connection to devices as well as using bin/clogin.
Right now, I have placed the lg.cgi and lgform.cgi files into var/www/cgi-bin/ which allows the forms to be run as cgi scripts. I had to modify the files to split on ';' instead of ':' due to the change in the .db file in Rancid 3.1:#record = split('\:', $_); was replaced with: #record = split('\;', $_); etc. Once that change was made, I was able to load the lgform.cgi with the proper router.db parsing. At this point, it seemed like everything should be good to go. When I attempt to ping from one of those devices out to 8.8.8.8, the file correctly redirects to lg.cgi, and the page loads, but with
main is unavailable. Try again later.
as the error, where 'main' is the router hostname. Using this output, I was able to find the function responsible for this output. Here it is before I added anything:
sub DoRsh
{
my ($router, $mfg, $cmd, $arg) = #_;
my($ctime) = time();
my($val);
my($lckobj) = LockFile::Simple->make(-delay => $lock_int,
-max => $max_lock_wait, -hold => $max_lock_hold);
if ($pingcmd =~ /\d$/) {
`$pingcmd $router`;
} else {
`$pingcmd $router 56 1`;
}
if ($?) {
print "$router is unreachable. Try again later.\n";
return(-1);
}
if ($LG_SINGLE) {
if (! $lckobj->lock("$cache_dir/$router")) {
print "$router is busy. Try again later.\n";
return(-1);
}
}
$val = &DoCmd($router, $mfg, $cmd, $arg);
if ($LG_SINGLE) {
$lckobj->unlock("$cache_dir/$router");
}
return($val);
}
In order to dig in a little deeper, I peppered that function with several print statements. Here is the modified function, followed by the output from the loaded lg.cgi page:
sub DoRsh
{
my ($router, $mfg, $cmd, $arg) = #_;
my($ctime) = time();
my($val);
my($lckobj) = LockFile::Simple->make(-delay => $lock_int,
-max => $max_lock_wait, -hold => $max_lock_hold);
if ($pingcmd =~ /\d$/) {
`$pingcmd $router`;
} else {
`$pingcmd $router 56 1`;
}
print "About to test the ($?) branch.\n";
print "Also who is the remote_user?:' $remote_user'\n";
print "What about the ENV{REMOTE_USER} '$ENV{REMOTE_USER}'\n";
print "Here is the ENV{HOME}: '$ENV{HOME}'\n";
if ($?) {
print "$lckobj is the lock object.\n";
print "#_ something else to look at.\n";
print "$? whatever this is suppose to be....\n";
print "Some variables:\n";
print "$mfg is the mfg.\n";
print "$cmd was the command passed in with $arg as the argument.\n";
print "$pingcmd $router\n";
print "$cloginrc - Is the cloginrc pointing correctly?\n";
print "$LG_SINGLE the next value to be tested.\n";
print "$router is unreachable. Try again later.\n";
return(-1);
}
if ($LG_SINGLE) {
if (! $lckobj->lock("$cache_dir/$router")) {
print "$router is busy. Try again later.\n";
return(-1);
}
}
$val = &DoCmd($router, $mfg, $cmd, $arg);
if ($LG_SINGLE) {
$lckobj->unlock("$cache_dir/$router");
}
return($val);
}
OUTPUT:
About to test the (512) branch.
Also who is the remote_user?:' '
What about the ENV{REMOTE_USER} ''
Here is the ENV{HOME}: '.'
LockFile::Simple=HASH(0x1a13650) is the lock object.
main cisco ping 8.8.8.8 something else to look at.
512 whatever this is suppose to be....
Some variables:
cisco is the mfg.
ping was the command passed in with 8.8.8.8 as the argument.
/bin/ping -c 1 main
./.cloginrc - Is the cloginrc pointing correctly?
1 the next value to be tested.
main is unreachable. Try again later.
I can provide the code for when DoRsh is called, if necessary, but it looks mostly like this:&DoRsh($router, $mfg, $cmd, $arg);.
From what I can tell the '$?' special variable (or at least according to
this reference it is a special var) is returning the 512 value, which is causing that fork to test true. The problem is I don't know what that 512 means, nor where it is coming from. Using the ref site's description ("The status returned by the last pipe close, backtick (``) command, or system operator.") and the formation of the conditional tree above, I can see that it is some error of some kind, but I don't know how else to proceed with this inspection. I'm wondering if maybe it is in response to some permission issue, since the remote_user variable is null, when I didn't expect it to be. Any guidance anyone may be able to provide would be helpful. Furthermore, if there is any information that I may have skipped over, that I didn't think to include, or that may prove helpful, please ask, and I will provide to the best of my ability
May be you put in something like
my $pingret=$pingcmd ...;
print 'Ping result was:'.$pingret;
And check the returned strings?

expect - ssh - two possible passwords - or how to jump of expect block and still use send clausule

first I need to say that I am avare of using public and private keys but this did not solve my problem. Also I am aware that I can use two scripts (one with password1 and second with password2) and run them two times but I am wondering why following did not works. I am trying to make expect script that will connect through ssh and check if one of two passwords are correct. For this I am checking exit codes of script:
0 - password1 was correct
1 - password2 was correct
2,3,4,5,6 - some other exit codes, insipred by this post: expect send weird
constructions
There can be more possible login prompt on remote machine and I would like to make this script as generic as possible, so I cannot rely on the login prompt string. So far I have this code:
#!/usr/local/bin/expect
set username "username";
set remote_server "machine";
set password1 "badpassword";
set password2 "goodpassword";
set timeout 5;
set pretype 0;
set retcode 0;
if { $pretype == 0 } {
spawn ssh -q ${username}#${remote_server}
expect {
"no)?" { send "yes\r"; }
"denied" {
puts "Can't login to $remote_server. Check username and password\n";
set retcode 2;
}
"telnet:" {
puts "Can't connect to $remote_server via SSH or Telnet. Something went definitely wrong\n";
set retcode 3;
}
"failed" {
puts "Host $remote_server exists. Check ssh_hosts file\n";
set retcode 4;
}
timeout {
puts "Timeout problem. Host $remote_server doesn't respond\n";
set retcode 5;
}
"refused" {
puts "Host $remote_server refused to SSH. That is insecure.\n";
set retcode 6;
}
"assword:" { set pretype 1; send "${password1}\r"; }
}
} else {
expect{
"assword:" { send "${password2}\r"; exit 1; }
timeout { exit 0; }
}
}
The idea behind this is following: if I type wrong password I will have second opportunity to type correct one. So If I type wrong password first time my script should continue in else branch (because I set pretype to 1). Here I will expecting prompt for entering password again. So I will send second password and exit with code 1 (password2 was OK). If the timeout in else branch expires (the "password:" string did not match), most probably I already have login prompt, so script will exit with code 0 (password1 was OK). But this did not working, and if I ran this inside debugger the last line I saw was:
send: sending "badpassword\r\r" to { exp4 }
I do not know why this happens, but seems that script never reaches the else branch. Thank you very much
set pretype 1 in the if block cannot make it go to the else block again. No programming languages would do this. You need something like a loop (using while or exp_continue) here.
Following is an example:
#!/usr/bin/expect
set passwords { bad1 bad2 bad3 good }
spawn ssh -o PreferredAuthentications=keyboard-interactive \
-o NumberOfPasswordPrompts=[llength $passwords] root#tree
set try 0
expect {
"Password: " {
if { $try >= [llength $passwords] } {
send_error ">>> wrong passwords\n"
exit 1
}
send [lindex $passwords $try]\r
incr try
exp_continue
}
"bash-4.2" {
interact
}
timeout {
send_error ">>> timed out\n"
exit 1
}
}

Defining Variables Prior to use in TCL

I'm brand new to TCL, and am trying to wrap my brain around all the usages of "", {}, and [] that it uses. Something I'm used to doing in other languages is defining my variables prior to use, at the beginning of the application. The below code works:
puts "Please enter an integer of choice to be added: "
flush stdout
gets stdin intAnswer
puts "Please enter a second integer of choice to be added: "
flush stdout
gets stdin intAnswerTwo
puts "Please enter a third integer of choice to be added: "
flush stdout
gets stdin intAnswerThree
puts "The total of the three integers is: [expr $intAnswer + $intAnswerTwo + $intAnswerThree]"
What I'm wanting to do is define the variables prior to use. As such:
set intAnswer 0
set intAnswerTwo 0
set intAnswerThree 0
set intTotal 0
This code, placed at the beginning, doesn't work with the rest of the code. What am I missing?
The code looks absolutely fine to me, though [expr {$intAnswer + $intAnswerTwo + $intAnswerThree}] would be better (as it stops potential reinterpretation of the variables' contents, which would be both a safety and performance issue).
However, if you really want to have integers from the user, you need to validate their input. This is most easily done by writing a procedure to do the job so you can reuse it (i.e., you refactor the code to get a value so you can use a more sophisticated version and get it right once):
proc getIntFromUser {message} {
# Loop forever (until we [exit] or [return $response])
while true {
puts $message
flush stdout
set response [gets stdin]
# Important to check for EOF...
if {[eof stdin]} {
exit
}
# The validator (-strict is needed for ugly historical reasons)
if {[string is integer -strict $response]} {
return $response
}
# Not an integer, so moan about it
puts "\"$response\" is not an integer!"
}
}
Now you have that procedure, the rest of your code can become:
set intAnswer [getIntFromUser "Please enter an integer of choice to be added: "]
set intAnswerTwo [getIntFromUser "Please enter a second integer of choice to be added: "]
set intAnswerThree [getIntFromUser "Please enter a third integer of choice to be added: "]
puts "The total of the three integers is: [expr {$intAnswer + $intAnswerTwo + $intAnswerThree}]"
The art of writing good Tcl code (or good code in pretty much any other language) is knowing what are the good points to refactor. A good starting point is “if you do it twice or more, do it once and share”. It's doubly good if you can give the procedure a good name and clear interface, a clear indication that you've got it right. Indeed, you could also go for:
set total [expr {
[getIntFromUser "Please enter an integer of choice to be added: "] +
[getIntFromUser "Please enter a second integer of choice to be added: "] +
[getIntFromUser "Please enter a third integer of choice to be added: "]
}]
puts "The total of the three integers is: $total"
The results observed by the user will be identical.