In the situation where the SSH key has invalid permissions/owner, the reconnect-loop keeps failing repeatedly yet stays silent about the reasons. A message must be reported from the default exception handler (added). In addition, the situations where the SSH key owner or permissions are wrong must lead to a proper failure (added). Ideally, though, the owner/permissions check must happen before launching the VM, hence this is not a perfect fix.
With this change, any caller of machine.ssh_info is assured that best
efforts will be done to fix possible wrong permissions on the private
key files.
Fix#4652
When the winrm communicator executes a command in an elevated shell,
this patch causes it to escape double quotes.
This is necessary as the first line in the file that it produces and
then executes it puts the command into a variable called command that
is delimited by double quotes.
Command failures include the stdout and stderr in the error message just like the SSH communicator.
Its now possible to specify only an error_class and have that use the correct error_key by default.
Running Windows guest commands through a scheduled task were not returning the correct exit codes, they were only returning 1 or 0. This has negative consequences especially for Puppet which can return an exit code of 2 for partial success.
Since we're running an executable from inside a powershell encoded command we need to ensure we explicitly propagate the exit code to the original caller just like a regular PowerShell script - in this case cmd /c which in return is called from a scheduled task.
Elevated command line is now rendered to a script which is uploaded to the guest and executed. This allows the command line itself to be less than 100 chars to start the script and any user commands are puts into the script which has unlimited* length.
The logic used to read the file contents sometimes would leave lines behind unread. It now defaults to reading all lines and counts each line it has actually read.
This script creates an immediately run scheduled task using fresh credentials. This is a generic implementation used by the Chef provisioners. The script gets around several limitations in WinRM.
1. Credential hopping
2. The non-default Administrator account sometimes doesn't have true Administrator access when run through WinRM even with UAC disabled.
In short, this script allows commands to run through WinRM just as if they were run directly on the box.
*nix commands are now filtered out instead of being sent to the guest. This means the command_alias PowerShell script is no longer needed.
Moved the PowerShell exit code helper to the WinRM shell and changed it to always return an exit code.
These will be used to replace the guest side command_alias script that is sent with every communicator execute call. This avoids some uncessary remote calls to the guest, makes it unit testable, and allows larger PowerShell commands to be invoked.