SPY HILL Research Spy-Hill.net

Poughkeepsie, New York [DIR] [UP]

rdist on Mac OS X

The rdist program is a standard Unix tool for maintaining copies of files across clusters of machines. It can be configured to selectively "push" different sets of files to different classes of machines, or used to copy complete directory trees to one or more machines. This document describes how to configure a machine to be a client for rdist over ssh using public key authentication (no passwords required). It also describes how to configure an rdist master, and provides some notes on how to build rdist on Darwin 6.x.

The rdist program is a standard Unix tool for maintaining identical copies of files across multiple hosts. It preserves the owner, group, mode, and mtime of files if possible, and it can update programs while they are are executing. The transfer mechanism can be either rsh, ssh, or remsh. On Mac OS X the default is ssh. A client need only support ssh and have the rdist and rdistd binaries installed in order to be updated (see configuration notes below).

The actions taken by rdist are controlled by commands in a file called the distfile on the master. An example is given below. If you just want to configure a client machine to allow rdist access and you already have the binaries then follow the client configuration instructions below. To set up a master and create a distfile, follow the instructions in the master section below. Instructions for building the binaries are provided at the end of this document.

[Client] [Master] [Build/Install]

Configuring an rdist Client

Assuming you have the binaries compiled for Darwin 6.x, the following steps will make it possible for a client host to be updated via rdist over ssh (without requiring a password):

  1. Enable the root account, it that has not already been done (instructions here), and make sure remote access via ssh is allowed (ie., turn on "Remote Login" under the "Sharing" item in System Preferences).

  2. Create /usr/local/bin and put the rdist and rdistd binaries there. (Alternatively, you can put them in /usr/bin).

  3. Add /usr/local/bin (assuming that is where you installed rdist and rdistd) to root's path variable in the .tcshrc file.

  4. Add the master's public key to the file authorized_keys in root's .ssh subdirectory. (Instructions for generating a public/private key pair are given in the next section.)

  5. Connect once "by hand" from the master to the client via ssh to accept the client's host identification key. (If you copied files to the client from the master via scp then you've likely already done this.)

Configuring a Master

More than one machine can be a master for rdist, as long as the clients have been set up to allow ssh access via public key (as described in the previous section). In our teaching lab we have one machine ("klamath") which is the master for system files and a different machine ("drumlin") which is the master for physics lab applications. Separete keys for each master are listed in the authorized_keys file on the clients.
  1. Generate a public/private ssh key pair for the master, using the command ssh-keygen. When asked for a password/pass-phrase simply hit return twice. For example:
    #  ssh-keygen -t dsa
    Generating public/private dsa key pair.
    Enter file in which to save the key (/var/root/.ssh/id_dsa): 
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /var/root/.ssh/id_dsa.
    Your public key has been saved in /var/root/home/.ssh/id_dsa.pub.
    The key fingerprint is:
    7c:99:37:44:d7:48:19:05:01:17:8e:01:9d:6f:bd:7a root@drummlin.local. 
    The public key is called id_dsa.pub while the private key is just id_dsa. You can use the -t option to generate an 'rsa' key instead of a 'dsa' key. It doesn't really matter, though RSA keys are shorter and probably slightly more secure.

    The private key is kept in root's .ssh subdirectory on the master. Be sure that it is kept secure, because anybody in possession of the key can access the client hosts as the root user without giving a password.

  2. Add the public key to the file authorized_keys in the .ssh subdirectory for the root user on each client host.

  3. Create rdist file(s). Here is an example, (a composite from klamath and drumlin).

Bulding rdist on Darwin

When I learn how to make an Apple package then I will pack up the binaries that way for distribution, and all you will need to do are the configuration steps above. Meanwhile, you have to build the binaries yourself and install them by hand. This requires the Developer's Tools on the machine on which you are going to build the binaries.
  1. The rdist program is not part of the standard distribution of Mac OS X, at least not as of version 10.2 (Jaguar). You therefore need to build rdist from source code, which can be obtained from http://www.magnicomp.com/rdist/. Patches are required to compile on Darwin (below) and they are made against version 6.1.5, so get that version.

  2. A small set of patches are required to get rdist-6.5.1 to compile on Darwin. You can obtain them from
    Instructions for applying the patch and then building rdist are included in this file, but see below about installation.

    (You will need the Developer Tools to build the rdist binaries, but you only need to do that on one machine, not all the machines in the cluster.)

    If you have problems compiling the code, you may find it useful to consult the "Unix Porting Guide" in the Help system, under Help->Developer Help Center->Darwin.

  3. By default, the binaries for rdist and rdistd are installed on any system in /usr/bin, and the manual pages are installed in /usr/share/man{1,8}. I have found it useful to install these (and all locally build software) under /usr/local instead. I put the binaries under /usr/local/bin and the man pages in /usr/local/share/man.... To do this you need to edit the Makefile before you say `make install`. But then you also have to add /usr/local/bin to root's path (and you may have to create the directory in the first place).

Last modified: 02 October 2009 Copyright © 2009 by Spy Hill Research http://spy-hill.net /help/apple/rdist.html