# RootPrompt.org   Nothing but Unix.[Home] [Features] [Programming] [Mac OS X] [Search]

 Feature: Using expect for System Administration

Noel has written a short article introducing the Expect programming language and how it can be used to automate System tasks.

"The part you should pay attention to is "Expect really makes this stuff trivial." Expect is an easy way to automate those tasks you end up doing again and again because they span different machines or because it requires more interaction than you can get easily from a bash/c/korn shell script."

 (Submitted by Noel Wed Jul 12, 2000 )


Using expect for System Administration

Noel Davis

Shell scripting is a very common tool used for a system administrator. Automating every task we can is one of the things that sets us apart as Unix System Admins. It allows us the time to work on the important things without staying bogged down in the minutia of running a system. In this article I will introduce you the very powerful though unusual scripting language Expect.

The FAQ describes expect as:

Expect is a tool primarily for automating interactive applications such as telnet, FTP, passwd, fsck, rlogin, tip, etc. Expect really makes this stuff trivial. Expect is also useful for testing these same applications. Expect is described in many books, articles, papers, and FAQs. There is an entire book on it available from O'Reilly.
Expect is free and in the public domain. Download instructions can be found in the Expect homepage.
The part you should pay attention to is "Expect really makes this stuff trivial." Expect is an easy way to automate those tasks you end up doing again and again because they span different machines or because it requires more interaction than you can get easily from a bash/c/korn shell script. It was written by John Ousterhout and compiles on most if not all Unix machines.

Expect is based on tcl, but is very usable without knowing hardly anything about tcl. Tool Command Language (TCL) was written as a standard scripting language to be included with utilities so people would not have to hack together their own languages. As for myself I have always been amazed that tcl could come out of the mind of a c programmer and have been glad that I could use expect without becoming a tcl expert.

There is an excellent book on programming in expect from O'Reilly "Exploring Expect". It has some sort of monkey like creature on the cover and was written by Don Libes. If you want to get into anything complicated I would highly recommend it. Otherwise you should be able to figure expect out by looking at the examples that come with the source code.

For example the following program runs rlogin to the named machine and then sets your DISPLAY to whatever it was on the source machine.

#!/depot/path/expect --
# xrlogin - rlogin but with current DISPLAY
# You can extend this idea to save any arbitrary information across rlogin
# Don Libes -  Oct 17, 1991.

if {[llength $argv] != 1} {
        puts "usage: xrlogin remotehost"

set prompt "(%|#|\\$) $"                ;# default prompt
catch {set prompt $env(EXPECT_PROMPT)}

set timeout -1
eval spawn rlogin $argv
expect eof exit -re $prompt
if [string match "unix:0.0" $env(DISPLAY)] {
        set env(DISPLAY) "[exec hostname].[exec domainname]:0.0\r"
send "setenv DISPLAY $env(DISPLAY)\r"

This is not a very complex program and can be easily modified to do many other things. It could set your current working directory to the same as the source machine. (One of the other examples.) It could execute a series of tasks once you have connected. It can also execute a task and then act differently based on what happens.

One of the tasks I have ended up doing on a regular basis has been to generate and then distribute a password and shadow file to multiple machines. There are multiple steps involved on multiple machines and it took about a half hour of my time before I automated it with expect. The automated version of it takes about 15 seconds of my time. I am going to pull a couple of examples out of this script to illustrate some features of expect.

At a point in the script I am copying the passwd file to a backup copy and want to make sure that I always have a backup and never overwrite a backup file by mistake.

send "cp -i passwd passwd.$date\n"
    expect "overwrite" {interact "+" return}
send "\n"

In this I send the cp command and if expect sees the string "overwrite" it stops (thats what interact is) goes interactive and lets me decide manually what to do. When I have finished I start the script up again with the + key.

Also in this script I have to cp the new password and shadow files to multiple machines. To do this I use scp which requires a passphrase. Rather than enter the passphrase for each scp I am prompted for it once and the script enters it for each scp.

send "scp Shadow-New root@hostname:/etc\n"
expect "Enter passphrase for RSA key" {send "$PASSPHRASE\n"}
expect  "#"

The example scripts included with Expect include rftp - get and entire directory using ftp at the touch of one key, passmass - Change passwords on multiple machines and many more. If you would like to learn more about expect I would recommend that you download it and just take a look at the examples. There is more than enough there to get you started.

I am not making any claims that the way that these problems that I described were solved was the best way possible, but they were solved for me and this allowed me to move on to the next problem. They were also solved without making any changes to the system that would have to be explained to other people or documented for them. The scripts I described do nothing that I could not do by typing but do it more accurately than I could do the task and with much less effort.

The only claim I do make is that Expect has been a very useful tool in my tool belt.

Our content can be syndicated: Main page Mac Page

Copyright 1999-2005 Noel Davis. Noel also runs web sites about sailing and kayaking.
All trademarks are the property of their owners.
All articles are owned by their author