tools.ipmi_tools module

IPMI / BMC control via the system ipmitool binary.

Uses -I lanplus over the network. Requires ipmitool installed on the bot host.

Security: requires UNSANDBOXED_EXEC — bare-metal power and sensor access.

Commands are built as argv lists (no shell) to avoid injection.

async tools.ipmi_tools.run(host, user, password, action, ctx=None, *, credential_profile='')[source]

Execute an IPMI power or sensor action against a BMC and return its result.

Handler for the ipmi_control tool — the main entry point of this module. It performs the privileged, real-world side effect of talking to bare-metal hardware: querying or changing a host’s power state, or reading its full sensor list, over the network via the system ipmitool binary.

The flow gates on _check_priv() (UNSANDBOXED_EXEC required), then — when credential_profile is given — loads a saved encrypted bundle with _cred_load and overlays explicit args via _cred_merge so stored host/user/password can fill in the blanks. It confirms ipmitool is installed (_ipmitool_available()), validates the action against _VALID_ACTIONS, and validates the host/user/password with _host_ok() / _user_ok(). It then builds the argv with _build_cmd() and runs it through _run_ipmitool() (no shell). For sensor_read it additionally parses the pipe-delimited sensor table into structured rows. Dispatched by the tool runtime as the ipmi_control handler (registered in TOOLS); no direct internal callers were found.

Parameters:

  • host (str) – BMC IP address or hostname (may be supplied by the profile).

  • user (str) – IPMI username (may be supplied by the profile).

  • password (str) – IPMI password (may be supplied by the profile).

  • action (str) – One of _VALID_ACTIONS — a power verb or sensor_read.

  • ctx (Any) – The ToolContext for the privilege check and credential store; None fails the call.

  • credential_profile (str) – Optional saved profile name whose host/user/password are merged in (explicit args take precedence).

Returns:

A JSON string with success, action, exit_code, stdout and stderr (plus parsed sensors/sensor_count for a successful sensor_read), or {"success": False, "error": ...} on a privilege, validation, or environment failure.

Return type:

str