Re: tramp remote host mismatch problems

[Michael Albinus]

"Alex V. Koval" <address@hidden> writes:

> Hi Michael,

Hi Alex,

> I am happy to write to you again, and for a start I would like to tell
> you big BIG THANK YOU! For providing this excellent tramp module which I and
> thousands of emacs users are using worldwide!

For the records, Tramp was invented by Kai Grossjohann. I took over
maintainership years later.

> One problem is this (easy to reproduce)
> ---------------------------------------
>
> 1. As example I am taking remote server 'hosting' where 2 facts are
> true:
>  - I have address@hidden account
>  - There is *no* ubuntu@ account on that host
>
> 2. Assume I forget that I have to login to root@ directly, and trying to
> do it via 'ubuntu' account first:
>
>  Trying to open:
>  /ssh:address@hidden|sudo:address@hidden:
>
>  leads to:
>
>  Tramp: Opening connection for address@hidden using sudo...
>  Tramp: Sending command ‘exec ssh -l ubuntu   -e none hosting’
>  Tramp: Waiting for prompts from remote shell...
>  Tramp: Sending password
>
> 3. Now, I see this prompt for password, I realize that I should be
>    logging there directly. I try to do it, now directly:
>
>    /ssh:address@hidden:
>    Tramp: Waiting for prompts from remote shell...
>    Tramp: Sending password
>    Tramp: Waiting for prompts from remote shell...failed
>    Tramp: Opening connection for address@hidden using ssh...failed
>
>    .. so the problem is that despite the fact that now I am specifying
>    /ssh:address@hidden: directly, it still tries to invoke ssh:ubuntu@
>    first.

Well, `tramp-default-proxies-alist' does not care the method of the
final hop, only the user and host name. "/sudo:address@hidden:" and
"/ssh:address@hidden:" are equal in this sense.

>    tramp-cleanup-all-connections does not help.

Agreed, it should. I will fix it next days (not just now; I'm very short
in time).

> 2nd problem
> -----------
>
> I have 2nd problem, and I am not sure if this is reflection 1st or
> something else. Sometimes, I can have several paths to connect to remote
> host. For example:
>
> This paths allows me to use custom defined 'docker' tramp method
> which I use to connect to docker container in privileged mode on hosting
> server:
>
> /ssh:address@hidden|docker:some.site.name:
>
> But then, I might connect to the same site using direct 'ssh' when
> container has ssh access:
>
> /ssh:address@hidden:some.site.name#port:
>
> I am not sure if different #port here is causing this but it still tries
> to connect to previous host using root ->docker path.

Yep, this sounds wrong.

> Again, this does
> not help:
>
> M-x tramp-cleanup-all-buffers
> M-x tramp-cleanup-all-connections
>
> and so in such case I have to restart emacs completely to get to host
> correctly.
>
> Would be great if you advice me what to do or find out how to fix those
> issues.

As said, I will fix it next days.

> JFYI as a DevOps I find it very useful to be able to connect into
> Docker, Openshift and Kubernetes containers with a great tool which
> Emacs is (not only editor, but org-mode and other things makes it easy
> to execute/filter results etc).

Interestingly, one of my last projects @work was also about OpenShift
integration :-)

> Here are my custom connectors (up to you may me makes sense to include
> some of them into official support):
>
> ;; Problem with su: often many system accounts are hidden under /sbin/nologin 
> due to reasons explained here:
> ;; 
> https://unix.stackexchange.com/questions/155139/does-usr-sbin-nologin-as-a-login-shell-serve-a-security-purpose
> ;; ... as result 'su' won't work, but with lisp it is easy to define 'sush' 
> which will do -s /bin/sh
> (push
>  (cons
>   "sush"
>   '((tramp-login-program "su")
>   (tramp-login-args (("-") ("%u") ("-s" "/bin/sh")))
>   (tramp-remote-shell "/bin/sh")
>   (tramp-remote-shell-login
>    ("-l"))
>   (tramp-remote-shell-args
>    ("-c"))
>   (tramp-connection-timeout 10)))
>  tramp-methods)
> ;;

I believe this is not needed. You could teach the "su" method to apply
additional arguments by

--8<---------------cut here---------------start------------->8---
(add-to-list 'tramp-connection-properties
             (list (regexp-quote "/su:address@hidden:")
                   "login-args" '(("-") ("%u") ("-s" "/bin/sh"))))
--8<---------------cut here---------------end--------------->8---

"/su:address@hidden:" shall be a regexp which matches your
remote connection. See the Tramp manual about details.

> (push
>  (cons
>   "ocrsh"
>   '((tramp-login-program "oc")
>     (tramp-login-args (("rsh") ("%h") ("/bin/sh")))
>     (tramp-remote-shell "/bin/sh")
>     (tramp-remote-shell-args ("-i"))))
>  tramp-methods)
>
> (push
>  (cons
>   "kube"
>   '((tramp-login-program "kubectl")
>     (tramp-login-args (("exec") ("%h") ("-it") ("/bin/sh")))
>     (tramp-remote-shell "/bin/sh")
>     (tramp-remote-shell-args ("-i"))))
>  tramp-methods)

Nice.

Likely, you know the packages docker-tramp and kubernetes-tramp from
MELPA? You could install them. For OpenShift I don't know a respective
package. You could write your own and offer it via (M)ELPA.

> WBR, and again thank you!
> Alex V Koval

Best regards, Michael.