Monday, June 9, 2008

Remote log viewing made easy

I recently had a situation where several contractors working for me needed access to the log files on the test servers. Our test servers are at a remote location, access is limited, and adding a new user for access could take a month. These contractors didn't really need a login on the test machines, they just needed to read the log files. The solution was pretty easy: sshfs.

sshfs lets you mount a remote directory on your local machine so it looks like a local directory. As long as you have ssh access to the remote machine, you can mount any directory you can get to on the remote machine as a local directory, which is handy for a number of things.

To install sshfs in Ubuntu, just use synaptic or apt-get or aptitude, whichever is your favorite. There is nothing to install on the remote machine, as long as it has an ssh server running, you're good.

Mounting a remote directory is straightforward:

1. create the mount point on your local box. I set up a machine just for this purpose, but you could use any Linux box. Just make a directory somewhere, for example /home/logs.
2. mount the remote directory, for example, /jboss/logs with this command:

sshfs username@remoteserver:/jboss/logs /home/logs

You'll be prompted for your password on remoteserver. That's it. cd to /home/logs, and browse the directory, tail files, or whatever. The permissions to do things with the files depends on the permissions on the remote server of the user that did the mount. There might be some apparently weirdness if you do an ls -l, the owner will probably be listed incorrectly. This is because the user ids between the machines aren't the same. The local box is looking up the username of the user associated with the user id from the remote server, which isn't necessarily the same as the user id of the user on the local box. Confusing? :) Not to worry, the OS will handle permissions correctly, even if the name of the file owner appears to be incorrect.

To get those contractors access, though, take just a little more work:

3. mount the remote directory like this:

sshfs -o allow_other username@remoteserver:/jboss/logs /home/logs

4. create user accounts on your local machine:

useradd contractor_username

This creates a login for the user, but does not create a home directory or add them to any groups. Such a user can't do much other than look at things. Now the contractors can log into our "log server", change to the /home/logs directory, and have real-time access to remote server logs. I've set up several remote servers this way. There is one other step -- sshfs will close the connection if it is inactive for a few minutes. You can change that by:

5. Edit /etc/ssh/ssh_config, add this line:

ServerAliveInterval 120

This lets the remote ssh server know you are still there and will keep the sshfs mount alive as well.

To unmount, use fusermount -u /home/log.

For most of the commands above, you'll need to use sudo.

No comments: