libsetup.pm 54.4 KB
Newer Older
1
2
#!/usr/bin/perl -wT

Leigh B. Stoller's avatar
Leigh B. Stoller committed
3
4
#
# EMULAB-COPYRIGHT
5
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
Leigh B. Stoller's avatar
Leigh B. Stoller committed
6
7
# All rights reserved.
#
8
# TODO: Signal handlers for protecting db files.
Leigh B. Stoller's avatar
Leigh B. Stoller committed
9

10
11
12
13
14
15
16
#
# Common routines and constants for the client bootime setup stuff.
#
package libsetup;
use Exporter;
@ISA = "Exporter";
@EXPORT =
17
    qw ( libsetup_init cleanup_node check_status
18
	 doifconfig dohostnames check_nickname
19
20
	 doaccounts dorpms dotarballs dostartupcmd install_deltas
	 bootsetup nodeupdate startcmdstatus whatsmynickname
21
	 TBBackGround TBForkCmd vnodesetup
22
	 jailedsetup dojailconfig JailedNFSMounts findiface
23
	 tmccdie tmcctimeout
24

25
	 OPENTMCC CLOSETMCC RUNTMCC MFS REMOTE JAILED 
26
27

	 TMCC TMIFC TMDELAY TMRPM TMTARBALLS TMHOSTS
28
	 TMNICKNAME HOSTSFILE TMSTARTUPCMD FINDIF TMTUNNELCONFIG
29
	 TMTRAFFICCONFIG TMROUTECONFIG TMLINKDELAY
30
31
32

	 TMCCCMD_REBOOT TMCCCMD_STATUS TMCCCMD_IFC TMCCCMD_ACCT TMCCCMD_DELAY
	 TMCCCMD_HOSTS TMCCCMD_RPM TMCCCMD_TARBALL TMCCCMD_STARTUP
33
	 TMCCCMD_DELTA TMCCCMD_STARTSTAT TMCCCMD_READY TMCCCMD_TRAFFIC
34
	 TMCCCMD_BOSSINFO TMCCCMD_VNODELIST TMCCCMD_ISALIVE TMCCCMD_LINKDELAYS
35
36
37
38
39
40
       );

# Must come after package declaration!
use English;

#
41
42
# For virtual (multiplexed nodes). If defined, tack onto tmcc command.
# and use in pathnames. Used in conjunction with jailed virtual nodes.
43
#
44
my $vnodeid;
45

46
#
47
# True if running inside a jail. Set just below. 
48
49
50
51
52
53
# 
my $injail;

# Load up the paths. Its conditionalized to be compatabile with older images.
# Note this file has probably already been loaded by the caller.
BEGIN
54
{
55
56
57
58
59
    if (! -e "/etc/emulab/paths.pm") {
	die("Yikes! Could not require /etc/emulab/paths.pm!\n");
    }
    require "/etc/emulab/paths.pm";
    import emulabpaths;
60

61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
    #
    # Determine if running inside a jail. This affects the paths below.
    #
    if (-e "$BOOTDIR/jailname") {
	open(VN, "$BOOTDIR/jailname");
	$vnodeid = <VN>;
	close(VN);

	if ($vnodeid =~ /^([-\w]+)$/) {
	    $vnodeid = $1;
	}
	else {
	    die("Bad data in vnodeid: $vnodeid");
	}
	$injail = 1;
    }

    # Make sure these exist!
    if (! -e "$VARDIR/logs") {
	mkdir("$VARDIR", 0775);
	mkdir("$VARDIR/jails", 0775);
	mkdir("$VARDIR/db", 0755);
	mkdir("$VARDIR/logs", 0775);
	mkdir("$VARDIR/boot", 0775);
    }
86
87
88
}

#
89
90
91
# The init routine. This is deprecated, but left behind in case an old
# liblocsetup is run against a new libsetup. Whenever a new libsetup
# is installed, better install the path module (see above) too!
92
#
93
94
95
96
97
98
99
100
101
sub libsetup_init($)
{
    my($path) = @_;

    $ETCDIR  = $path;
    $BINDIR  = $path;
    $VARDIR  = $path;
    $BOOTDIR = $path
}
102

103
#
104
# This "local" library provides the OS dependent part. 
105
#
106
use liblocsetup;
107

108
109
110
111
#
# These are the paths of various files and scripts that are part of the
# setup library.
#
112
113
114
115
sub TMCC()		{ "$BINDIR/tmcc"; }
sub TMHOSTS()		{ "$ETCDIR/hosts"; }
sub FINDIF()		{ "$BINDIR/findif"; }
sub LOCALROOTFS()	{ "/users/local"; }
116
sub HOSTSFILE()		{ "/etc/hosts"; }
117
#
118
# This path is valid only *outside* the jail when its setup.
119
# 
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
sub JAILDIR()		{ "$VARDIR/jails/$vnodeid"; }

#
# Okay, here is the path mess. There are three environments.
# 1. A local node where everything goes in one place ($VARDIR/boot).
# 2. A virtual node inside a jail ($VARDIR/boot).
# 3. A virtual node outside a jail (JAILDIR()).
#
# As for #3, whether setting up a old-style virtual node or a new style
# jailed node, the code that sets it up needs a different per-vnode path.
#
sub CONFDIR() {
    if ($injail) {
	return $BOOTDIR;
    }
    if ($vnodeid) {
	return JAILDIR();
    }
    return $BOOTDIR;
139
}
140

141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#
# These go in /var/emulab. Good for all environments!
# 
sub TMMOUNTDB()		{ $VARDIR . "/db/mountdb"; }
sub TMSFSMOUNTDB()	{ $VARDIR . "/db/sfsmountdb"; }
sub TMPASSDB()		{ $VARDIR . "/db/passdb"; }
sub TMGROUPDB()		{ $VARDIR . "/db/groupdb"; }
#
# The rest of these depend on the environment running in (inside/outside jail).
# 
sub TMNICKNAME()	{ CONFDIR() . "/nickname";}
sub TMJAILNAME()	{ CONFDIR() . "/jailname";}
sub TMJAILCONFIG()	{ CONFDIR() . "/jailconfig";}
sub TMSTARTUPCMD()	{ CONFDIR() . "/startupcmd";}
sub TMIFC()		{ CONFDIR() . "/rc.ifc"; }
sub TMRPM()		{ CONFDIR() . "/rc.rpm";}
sub TMTARBALLS()	{ CONFDIR() . "/rc.tarballs";}
sub TMROUTECONFIG()     { CONFDIR() . "/rc.route";}
sub TMTRAFFICCONFIG()	{ CONFDIR() . "/rc.traffic";}
sub TMTUNNELCONFIG()	{ CONFDIR() . "/rc.tunnel";}
sub TMVTUNDCONFIG()	{ CONFDIR() . "/vtund.conf";}
162
163
sub TMDELAY()		{ CONFDIR() . "/rc.delay";}
sub TMLINKDELAY()	{ CONFDIR() . "/rc.linkdelay";}
164

Austin Clements's avatar
Austin Clements committed
165
166
167
168
169
170
171
172
#
# Whether or not to use SFS (the self-certifying file system).  If this
# is 0, fall back to NFS.  Note that it doesn't hurt to set this to 1
# even if TMCD is not serving out SFS mounts, or if this node is not
# running SFS.  It'll deal and fall back to NFS.
#
my $USESFS		= 1;

173
#
174
175
176
177
178
# This is the VERSION. We send it through to tmcd so it knows what version
# responses this file is expecting.
#
# BE SURE TO BUMP THIS AS INCOMPATIBILE CHANGES TO TMCD ARE MADE!
#
179
sub TMCD_VERSION()	{ 9; };
180
181
182

#
# These are the TMCC commands. 
183
184
185
186
187
188
#
sub TMCCCMD_REBOOT()	{ "reboot"; }
sub TMCCCMD_STATUS()	{ "status"; }
sub TMCCCMD_IFC()	{ "ifconfig"; }
sub TMCCCMD_ACCT()	{ "accounts"; }
sub TMCCCMD_DELAY()	{ "delay"; }
189
sub TMCCCMD_HOSTS()	{ "hostnames"; }
190
191
192
193
194
195
196
sub TMCCCMD_RPM()	{ "rpms"; }
sub TMCCCMD_TARBALL()	{ "tarballs"; }
sub TMCCCMD_STARTUP()	{ "startupcmd"; }
sub TMCCCMD_DELTA()	{ "deltas"; }
sub TMCCCMD_STARTSTAT()	{ "startstatus"; }
sub TMCCCMD_READY()	{ "ready"; }
sub TMCCCMD_MOUNTS()	{ "mounts"; }
197
sub TMCCCMD_ROUTING()	{ "routing"; }
198
199
sub TMCCCMD_TRAFFIC()	{ "trafgens"; }
sub TMCCCMD_BOSSINFO()	{ "bossinfo"; }
200
sub TMCCCMD_TUNNEL()	{ "tunnels"; }
201
sub TMCCCMD_NSECONFIGS(){ "nseconfigs"; }
202
sub TMCCCMD_VNODELIST() { "vnodelist"; }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
203
sub TMCCCMD_ISALIVE()   { "isalive"; }
Austin Clements's avatar
Austin Clements committed
204
205
sub TMCCCMD_SFSHOSTID()	{ "sfshostid"; }
sub TMCCCMD_SFSMOUNTS() { "sfsmounts"; }
206
sub TMCCCMD_JAILCONFIG(){ "jailconfig"; }
207
sub TMCCCMD_LINKDELAYS(){ "linkdelays"; }
208
209
210
211

#
# Some things never change.
# 
212
my $TARINSTALL  = "/usr/local/bin/install-tarfile %s %s %s";
213
my $DELTAINSTALL= "/usr/local/bin/install-delta %s";
214
my $VTUND       = "/usr/local/sbin/vtund";
215
216
217
218

#
# This is a debugging thing for my home network.
# 
219
#my $NODE	= "-p 7778 REDIRECT=192.168.100.1";
220
my $NODE	= "-p 7778";
Austin Clements's avatar
Austin Clements committed
221
$NODE		= "";
222
223

# Locals
224
225
226
227
my $pid		= "";
my $eid		= "";
my $vname	= "";

Leigh B. Stoller's avatar
Leigh B. Stoller committed
228
229
230
# Control tmcc error condition and timeout. Dynamic, not lexical!
$tmccdie        = 1; 
$tmcctimeout    = 0;
231
my $TMCCTIMEO   = 30;	# Default timeout on remote nodes. 
Leigh B. Stoller's avatar
Leigh B. Stoller committed
232

233
234
235
# When on the MFS, we do a much smaller set of stuff.
# Cause of the way the packages are loaded (which I do not understand),
# this is computed on the fly instead of once.
236
sub MFS()	{ if (-e "$ETCDIR/ismfs") { return 1; } else { return 0; } }
237

238
239
240
#
# Same for a remote node.
#
241
242
sub REMOTE()	{ if (-e "$ETCDIR/isrem") { return 1; } else { return 0; } }

243
244
245
246
247
#
# Same for a control node.
#
sub CONTROL()	{ if (-e "$ETCDIR/isctrl") { return 1; } else { return 0; } }

248
249
250
251
#
# Are we jailed? See above.
#
sub JAILED()	{ if ($injail) { return $vnodeid; } else { return 0; } }
252

253
254
255
256
257
258
259
260
#
# Do not try this on the MFS since it has such a wimpy perl installation.
#
if (!MFS()) {
    require Socket;
    import Socket;
}

261
262
263
264
#
# Open a TMCC connection and return the "stream pointer". Caller is
# responsible for closing the stream and checking return value.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
265
# usage: OPENTMCC(char *command, char *args, char *options)
266
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
267
sub OPENTMCC($;$$)
268
{
Leigh B. Stoller's avatar
Leigh B. Stoller committed
269
    my($cmd, $args, $options) = @_;
270
    my $vn = "";
271
272
273
274
275
    local *TM;

    if (!defined($args)) {
	$args = "";
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
276
277
278
    if (!defined($options)) {
	$options = "";
    }
279
    if (defined($vnodeid)) {
280
281
	$vn = "-n $vnodeid";
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
282
283
284
    if ($tmcctimeout) {
	$options .= " -t $tmcctimeout";
    }
285

Leigh B. Stoller's avatar
Leigh B. Stoller committed
286
287
    my $foo = sprintf("%s -v %d $options $NODE $vn $cmd $args |",
		      TMCC, TMCD_VERSION);
288

Leigh B. Stoller's avatar
Leigh B. Stoller committed
289
290
291
292
293
    if (!open(TM, $foo)) {
	print STDERR "Cannot start TMCC: $!\n";
	die("\n") if $tmccdie;
	return undef;
    }
294
295
296
    return (*TM);
}

297
298
299
300
301
302
#
# Close connection. Die on error.
# 
sub CLOSETMCC($) {
    my($TM) = @_;
    
Leigh B. Stoller's avatar
Leigh B. Stoller committed
303
304
305
306
307
308
309
310
311
312
313
    if (! close($TM)) {
	if ($?) {
	    print STDERR "TMCC exited with status $?!\n";
	}
	else {
	    print STDERR "Error closing TMCC pipe: $!\n";
	}
	die("\n") if $tmccdie;
	return 0;
    }
    return 1;
314
315
}

316
317
318
#
# Run a TMCC command with the provided arguments.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
319
# usage: RUNTMCC(char *command, char *args, char *options)
320
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
321
sub RUNTMCC($;$$)
322
{
Leigh B. Stoller's avatar
Leigh B. Stoller committed
323
    my($cmd, $args, $options) = @_;
324
325
326
327
328
    my($TM);

    if (!defined($args)) {
	$args = "";
    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
329
330
331
    if (!defined($options)) {
	$options = "";
    }
332
    
Leigh B. Stoller's avatar
Leigh B. Stoller committed
333
    $TM = OPENTMCC($cmd, $args, $options);
334
335
336
337
338
339
340
341
342
343

    close($TM)
	or die $? ? "TMCC exited with status $?" : "Error closing pipe: $!";
    
    return 0;
}

#
# Reset to a moderately clean state.
#
344
345
346
sub cleanup_node ($) {
    my ($scrub) = @_;
    
347
348
    print STDOUT "Cleaning node; removing configuration files ...\n";
    unlink TMIFC, TMRPM, TMSTARTUPCMD, TMNICKNAME, TMTARBALLS;
349
    unlink TMROUTECONFIG, TMTRAFFICCONFIG, TMTUNNELCONFIG;
350
    unlink TMDELAY, TMLINKDELAY;
351
    unlink TMMOUNTDB . ".db";
352
    unlink TMSFSMOUNTDB . ".db";
353
    unlink "$VARDIR/db/rtabid";
354

355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
    #
    # If scrubbing, remove the password/group file DBs so that we revert
    # to base set.
    # 
    if ($scrub) {
	unlink TMPASSDB . ".db";
	unlink TMGROUPDB . ".db";
    }

    if (! REMOTE()) {
	printf STDOUT "Resetting %s file\n", HOSTSFILE;
	if (system($CP, "-f", TMHOSTS, HOSTSFILE) != 0) {
	    printf "Could not copy default %s into place: $!\n", HOSTSFILE;
	    exit(1);
	}
370
371
    }

372
    return os_cleanup_node($scrub);
373
374
375
}

#
376
377
# Check node allocation. If the nickname file has been created, use
# that to avoid load on tmcd.
378
379
380
381
382
#
# Returns 0 if node is free. Returns list (pid/eid/vname) if allocated.
#
sub check_status ()
{
383
    my $TM = OPENTMCC(TMCCCMD_STATUS);
384
    $_  = <$TM>;
385
    CLOSETMCC($TM);
386
387

    if ($_ =~ /^FREE/) {
388
	unlink TMNICKNAME;
389
390
391
	return 0;
    }
    
392
    if ($_ =~ /ALLOCATED=([-\@\w]*)\/([-\@\w]*) NICKNAME=([-\@\w]*)/) {
393
394
395
396
397
398
399
400
	$pid   = $1;
	$eid   = $2;
	$vname = $3;
    }
    else {
	warn "*** WARNING: Error getting reservation status\n";
	return 0;
    }
401
402
403
404
405
406
407
    
    #
    # Stick our nickname in a file in case someone wants it.
    #
    if (! -e TMNICKNAME) {
	system("echo '$vname.$eid.$pid' > " . TMNICKNAME());
    }
408
409
410
411
    return ($pid, $eid, $vname);
}

#
412
413
414
415
# Check cached nickname. Its okay if we have been deallocated and the info
# is stale. The node will notice that later.
# 
sub check_nickname()
416
{
417
418
419
    if (-e TMNICKNAME) {
	my $nickfile = TMNICKNAME;
	my $nickinfo = `cat $nickfile`;
420

421
422
423
424
425
426
427
428
429
	if ($nickinfo =~ /([-\@\w]*)\.([-\@\w]*)\.([-\@\w]*)/) {
	    $vname = $1;
	    $eid   = $2;
	    $pid   = $3;

	    return ($pid, $eid, $vname);
	}
    }
    return check_status();
430
431
432
433
}

#
# Process mount directives from TMCD. We keep track of all the mounts we
434
# have added in here so that we delete just the mounts we added, when
435
436
437
438
439
440
441
442
443
# project membership changes. Same goes for project directories on shared
# nodes. We use a simple perl DB for that.
#
sub domounts()
{
    my $TM;
    my %MDB;
    my %mounts;
    my %deletes;
Austin Clements's avatar
Austin Clements committed
444
445
446
    my %sfsmounts;
    my %sfsdeletes;

447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
    #
    # Update our SFS hostid first. If this fails, dosfshostid will
    # unset USESFS.
    # 
    if ($USESFS) {
	if (! MFS()) {
	    #
	    # Setup SFS hostid.
	    #
	    print STDOUT "Setting up for SFS ... \n";
	    dosfshostid();
	}
	else {
	    # No SFS on the MFS.
	    $USESFS = 0;
	}
    }

Austin Clements's avatar
Austin Clements committed
465
    $TM = OPENTMCC(TMCCCMD_MOUNTS, "USESFS=$USESFS");
466
467

    while (<$TM>) {
Austin Clements's avatar
Austin Clements committed
468
	if ($_ =~ /^REMOTE=([-:\@\w\.\/]+) LOCAL=([-\@\w\.\/]+)/) {
469
470
	    $mounts{$1} = $2;
	}
Austin Clements's avatar
Austin Clements committed
471
472
473
474
475
476
	elsif ($_ =~ /^SFS REMOTE=([-:\@\w\.\/]+) LOCAL=([-\@\w\.\/]+)/) {
	    $sfsmounts{$1} = $2;
	}
	else {
	    warn "*** WARNING: Malformed mount information: $_\n";
	}
477
    }
478
479
    CLOSETMCC($TM);
    
480
481
482
483
    #
    # The MFS version does not support (or need) this DB stuff. Just mount
    # them up.
    #
484
    if (MFS()) {
485
486
	while (($remote, $local) = each %mounts) {
	    if (! -e $local) {
487
		if (! os_mkdir($local, "0770")) {
488
489
490
491
492
493
494
495
496
497
498
499
500
501
		    warn "*** WARNING: Could not make directory $local: $!\n";
		    next;
		}
	    }
	
	    print STDOUT "  Mounting $remote on $local\n";
	    if (system("$MOUNT $remote $local")) {
		warn "*** WARNING: Could not $MOUNT $remote on $local: $!\n";
		next;
	    }
	}
	return 0;
    }

502
503
504
505
506
507
508
    dbmopen(%MDB, TMMOUNTDB, 0660);
    
    #
    # First mount all the mounts we are told to. For each one that is not
    # currently mounted, and can be mounted, add it to the DB.
    # 
    while (($remote, $local) = each %mounts) {
509
	if (defined($MDB{$remote})) {
510
511
512
	    next;
	}

513
514
515
516
517
518
	if (! -d $local) {
	    # Leftover SFS link.
	    if (-l $local) {
		unlink($local) or
		    warn "*** WARNING: Could not unlink $local: $!\n";
	    }
519
	    if (! os_mkdir($local, "0770")) {
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
		warn "*** WARNING: Could not make directory $local: $!\n";
		next;
	    }
	}
	
	print STDOUT "  Mounting $remote on $local\n";
	if (system("$MOUNT $remote $local")) {
	    warn "*** WARNING: Could not $MOUNT $remote on $local: $!\n";
	    next;
	}

	$MDB{$remote} = $local;
    }

    #
    # Now unmount the ones that we mounted previously, but are now no longer
    # in the mount set (as told to us by the TMCD). Note, we cannot delete 
    # them directly from MDB since that would mess up the foreach loop, so
    # just stick them in temp and postpass it.
    #
    while (($remote, $local) = each %MDB) {
	if (defined($mounts{$remote})) {
	    next;
	}

	print STDOUT "  Unmounting $local\n";
	if (system("$UMOUNT $local")) {
	    warn "*** WARNING: Could not unmount $local\n";
	    next;
	}
	
	#
	# Only delete from set if we can actually unmount it. This way
	# we can retry it later (or next time).
	# 
	$deletes{$remote} = $local;
    }
    while (($remote, $local) = each %deletes) {
	delete($MDB{$remote});
    }

    # Write the DB back out!
    dbmclose(%MDB);

Austin Clements's avatar
Austin Clements committed
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
    #
    # Now, do basically the same thing over again, but this time for
    # SFS mounted stuff
    #

    if (scalar(%sfsmounts)) {
	dbmopen(%MDB, TMSFSMOUNTDB, 0660);
	
	#
	# First symlink all the mounts we are told to. For each one
	# that is not currently symlinked, and can be, add it to the
	# DB.
	#
	while (($remote, $local) = each %sfsmounts) {
	    if (-l $local) {
		if (readlink($local) eq ("/sfs/" . $remote)) {
		    $MDB{$remote} = $local;
		    next;
		}
		if (readlink($local) ne ("/sfs/" . $remote)) {
		    print STDOUT "  Unlinking incorrect symlink $local\n";
585
		    if (! unlink($local)) {
Austin Clements's avatar
Austin Clements committed
586
587
588
589
590
			warn "*** WARNING: Could not unlink $local: $!\n";
			next;
		    }
		}
	    }
591
592
593
594
595
596
	    elsif (-d $local) {
		if (! rmdir($local)) {
		    warn "*** WARNING: Could not rmdir $local: $!\n";
		    next;
		}
	    }
Austin Clements's avatar
Austin Clements committed
597
598
599
	    
	    $dir = $local;
	    $dir =~ s/(.*)\/[^\/]*$/$1/;
Leigh B. Stoller's avatar
Leigh B. Stoller committed
600
	    if ($dir ne "" && ! -e $dir) {
Austin Clements's avatar
Austin Clements committed
601
		print STDOUT "  Making directory $dir\n";
602
		if (! os_mkdir($dir, "0755")) {
Austin Clements's avatar
Austin Clements committed
603
604
605
606
607
		    warn "*** WARNING: Could not make directory $local: $!\n";
		    next;
		}
	    }
	    print STDOUT "  Symlinking $remote on $local\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
608
	    if (! symlink("/sfs/" . $remote, $local)) {
Austin Clements's avatar
Austin Clements committed
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
		warn "*** WARNING: Could not make symlink $local: $!\n";
		next;
	    }
	    
	    $MDB{$remote} = $local;
	}

	#
	# Now delete the ones that we symlinked previously, but are
	# now no longer in the mount set (as told to us by the TMCD).
	# Note, we cannot delete them directly from MDB since that
	# would mess up the foreach loop, so just stick them in temp
	# and postpass it.
	#
	while (($remote, $local) = each %MDB) {
	    if (defined($sfsmounts{$remote})) {
		next;
	    }
	    
	    if (! -e $local) {
		$sfsdeletes{$remote} = $local;
		next;
	    }
	    
	    print STDOUT "  Deleting symlink $local\n";
	    if (! unlink($local)) {
		warn "*** WARNING: Could not delete $local: $!\n";
		next;
	    }
	    
	    #
	    # Only delete from set if we can actually unlink it.  This way
	    # we can retry it later (or next time).
	    #
	    $sfsdeletes{$remote} = $local;
	}
	while (($remote, $local) = each %sfsdeletes) {
	    delete($MDB{$remote});
	}

	# Write the DB back out!
	dbmclose(%MDB);	
    }
    else {
	# There were no SFS mounts reported, so disable SFS
654
	$USESFS = 0;
Austin Clements's avatar
Austin Clements committed
655
656
657
658
659
    }

    return 0;
}

660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
#
# Aux function called from the mkjail code to do the NFS mounts outside
# of a jail, and return the list of mounts that were created. This
# will hopefully go away some point with better SFS support inside of
# jails. Local only.
# 
sub JailedNFSMounts($$)
{
    my ($vid, $rootpath) = @_;
    my $TM;
    my %mounts;
    my @mountlist = ();

    #
    # Set global vnodeid for tmcc commands.
    #
    $vnodeid  = $vid;

    #
    # No NFS mounts on remote nodes.
    # 
    if (REMOTE()) {
	return ();
    }

    $TM = OPENTMCC(TMCCCMD_MOUNTS, "USESFS=0");

    while (<$TM>) {
	if ($_ =~ /^REMOTE=([-:\@\w\.\/]+) LOCAL=([-\@\w\.\/]+)/) {
	    $mounts{$1} = $2;
	}
    }
    CLOSETMCC($TM);
    
    while (my ($remote, $path) = each %mounts) {
	$local = "$rootpath/$path";
	    
	if (! -e $local) {
	    if (! os_mkdir($local, "0770")) {
		warn "*** WARNING: Could not make directory $local: $!\n";
		next;
	    }
	}
	
	print STDOUT "  Mounting $remote on $local\n";
	if (system("$MOUNT $remote $local")) {
	    warn "*** WARNING: Could not $MOUNT $remote on $local: $!\n";
	    next;
	}
	push(@mountlist, $path);
    }
    return @mountlist;
}

Austin Clements's avatar
Austin Clements committed
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
#
# Do SFS hostid setup.
# Creates an SFS host key for this node, if it doesn't already exist,
# and sends it to TMCD
#
sub dosfshostid ()
{
    my $TM;
    my $myhostid;

    # Do I already have a host key?
    if (! -e "/etc/sfs/sfs_host_key") {
	warn "*** This node does not have a host key, skipping SFS stuff\n";
	$USESFS = 0;
	return 1;
    }

    # Give hostid to TMCD
732
733
734
735
736
737
    if (-d "/usr/local/lib/sfs-0.6") {
	$myhostid = `sfskey hostid - 2>/dev/null`;
    }
    else {
	$myhostid = `sfskey hostid -s authserv - 2>/dev/null`;
    }
738
    if (! $?) {
Austin Clements's avatar
Austin Clements committed
739
740
741
742
743
	if ( $myhostid =~ /^([-\.\w_]*:[a-z0-9]*)$/ ) {
	    $myhostid = $1;
	    print STDOUT "  Hostid: $myhostid\n";
	    RUNTMCC(TMCCCMD_SFSHOSTID, "$myhostid");
	}
744
745
746
747
748
	elsif ( $myhostid =~ /^(@[-\.\w_]*,[a-z0-9]*)$/ ) {
	    $myhostid = $1;
	    print STDOUT "  Hostid: $myhostid\n";
	    RUNTMCC(TMCCCMD_SFSHOSTID, "$myhostid");
	}
Austin Clements's avatar
Austin Clements committed
749
750
751
752
753
	else {
	    warn "*** WARNING: Invalid hostid\n";
	}
    }
    else {
754
	warn "*** WARNING: Could not retrieve this node's SFShostid!\n";
Austin Clements's avatar
Austin Clements committed
755
756
757
758
759
760
	$USESFS = 0;
    }

    return 0;
}

761
762
763
764
765
766
767
768
#
# Do interface configuration.    
# Write a file of ifconfig lines, which will get executed.
#
sub doifconfig ()
{
    my $TM;
    
769
770
771
772
773
774
775
776
    #
    # Kinda ugly, but there is too much perl goo included by Socket to put it
    # on the MFS. 
    # 
    if (MFS()) {
	return 1;
    }
    
777
778
779
780
781
782
783
784
785
786
787
    $TM = OPENTMCC(TMCCCMD_IFC);

    #
    # Open a connection to the TMCD, and then open a local file into which
    # we write ifconfig commands (as a shell script).
    # 
    open(IFC, ">" . TMIFC)
	or die("Could not open " . TMIFC . ": $!");
    print IFC "#!/bin/sh\n";
    
    while (<$TM>) {
788
789
790
791
792
793
	my $pat;

	#
	# Note that speed has a units spec: (K|M)bps
	# 
	$pat  = q(INTERFACE=(\d*) INET=([0-9.]*) MASK=([0-9.]*) MAC=(\w*) );
794
	$pat .= q(SPEED=(\w*) DUPLEX=(\w*) IPALIASES="(.*)");
795
796
	
	if ($_ =~ /$pat/) {
797
798
	    my $iface;

799
800
801
802
803
	    my $inet     = $2;
	    my $mask     = $3;
	    my $mac      = $4;
	    my $speed    = $5; 
	    my $duplex   = $6;
804
	    my $aliases  = $7;
805
	    my $routearg = inet_ntoa(inet_aton($inet) & inet_aton($mask));
806
807
808

	    if ($iface = findiface($mac)) {
		my $ifline =
809
810
		    os_ifconfig_line($iface, $inet,
				     $mask, $speed, $duplex, $aliases);
811
		    
812
		print STDOUT "  $iface $inet $aliases\n";
813
		print IFC "$ifline\n";
814
		print IFC TMROUTECONFIG . " $routearg up\n";
815
816
	    }
	    else {
817
		warn "*** WARNING: Bad MAC: $mac\n";
818
819
820
821
822
823
	    }
	}
	else {
	    warn "*** WARNING: Bad ifconfig line: $_";
	}
    }
824
    CLOSETMCC($TM);
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
    close(IFC);
    chmod(0755, TMIFC);

    return 0;
}

#
# Convert from MAC to iface name (eth0/fxp0/etc) using little helper program.
# 
sub findiface($)
{
    my($mac) = @_;
    my($iface);

    open(FIF, FINDIF . " $mac |")
	or die "Cannot start " . FINDIF . ": $!";

    $iface = <FIF>;
    
    if (! close(FIF)) {
	return 0;
    }
    
    $iface =~ s/\n//g;
    return $iface;
}

852
853
854
855
856
857
858
859
#
# Do router configuration stuff. This just writes a file for someone else
# to deal with.
#
sub dorouterconfig ()
{
    my @stuff   = ();
    my $routing = 0;
860
861
    my %upmap   = ();
    my %downmap = ();
862
863
864
865
866
867
    my $TM;

    $TM = OPENTMCC(TMCCCMD_ROUTING);
    while (<$TM>) {
	push(@stuff, $_);
    }
868
    CLOSETMCC($TM);
869
870
871
872
873
874

    if (! @stuff) {
	return 0;
    }

    #
875
876
    # Look for router type. If none, we still write the file since other
    # scripts expect this to exist.
877
878
879
880
881
882
883
884
885
886
887
    # 
    foreach my $line (@stuff) {
	if (($line =~ /ROUTERTYPE=(.+)/) && ($1 ne "none")) {
	    $routing = 1;
	    last;
	}
    }
    
    open(RC, ">" . TMROUTECONFIG)
	or die("Could not open " . TMROUTECONFIG . ": $!");

888
889
890
    print RC "#!/bin/sh\n";
    print RC "# auto-generated by libsetup.pm, DO NOT EDIT\n";

891
892
893
894
895
896
897
    if (! $routing) {
	print RC "true\n";
	close(RC);
	chmod(0755, TMROUTECONFIG);
	return 0;
    }

898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
    #
    # Now convert static route info into OS route commands
    # Also check for use of gated and remember it.
    #
    my $usegated = 0;
    my $pat;

    #
    # ROUTERTYPE=manual
    # ROUTE DEST=192.168.2.3 DESTTYPE=host DESTMASK=255.255.255.0 \
    #	NEXTHOP=192.168.1.3 COST=0
    #
    $pat = q(ROUTE DEST=([0-9\.]*) DESTTYPE=(\w*) DESTMASK=([0-9\.]*) );
    $pat .= q(NEXTHOP=([0-9\.]*) COST=([0-9]*));

    my $usemanual = 0;
914
    foreach my $line (@stuff) {
915
916
917
918
919
	if ($line =~ /ROUTERTYPE=(gated|ospf)/) {
	    $usegated = 1;
	} elsif ($line =~ /ROUTERTYPE=(manual|static)/) {
	    $usemanual = 1;
	} elsif ($usemanual && $line =~ /$pat/) {
920
	    my $dip   = $1;
921
922
	    my $rtype = $2;
	    my $dmask = $3;
923
924
925
	    my $gate  = $4;
	    my $cost  = $5;
	    my $routearg = inet_ntoa(inet_aton($gate) & inet_aton($dmask));
926

927
928
929
930
931
932
933
934
	    if (! defined($upmap{$routearg})) {
		$upmap{$routearg} = [];
		$downmap{$routearg} = [];
	    }
	    $rcline = os_routing_add_manual($rtype, $dip, $dmask, $gate,$cost);
	    push(@{$upmap{$routearg}}, $rcline);
	    $rcline = os_routing_del_manual($rtype, $dip, $dmask, $gate,$cost);
	    push(@{$downmap{$routearg}}, $rcline);
935
936
937
938
939
	} else {
	    warn "*** WARNING: Bad routing line: $line\n";
	}
    }

940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
    print RC "case \"\$1\" in\n";
    foreach my $arg (keys(%upmap)) {
	print RC "  $arg)\n";
	print RC "    case \"\$2\" in\n";
	print RC "      up)\n";
	foreach my $rcline (@{$upmap{$arg}}) {
	    print RC "        $rcline\n";
	}
	print RC "      ;;\n";
	print RC "      down)\n";
	foreach my $rcline (@{$downmap{$arg}}) {
	    print RC "        $rcline\n";
	}
	print RC "      ;;\n";
	print RC "    esac\n";
	print RC "  ;;\n";
    }
    print RC "  enable)\n";

    #
    # Turn on IP forwarding
    #
    my $rcline = os_routing_enable_forward();
    print RC "    $rcline\n";

965
966
967
968
969
970
971
972
973
    #
    # Finally, enable gated if desired.
    #
    # Note that we allow both manually-specified static routes and gated
    # though more work may be needed on the gated config files to make
    # this work (i.e., to import existing kernel routes).
    #
    if ($usegated) {
	$rcline = os_routing_enable_gated();
974
	print RC "    $rcline\n";
975
    }
976
977
978
    print RC "  ;;\n";
    print RC "esac\n";
    print RC "exit 0\n";
979

980
    close(RC);
981
    chmod(0755, TMROUTECONFIG);
982
983
984
985

    return 0;
}

986
987
988
989
990
991
992
993
#
# Host names configuration (/etc/hosts). 
#
sub dohostnames ()
{
    my $TM;

    #
994
995
996
997
    # Note, we no longer start with the 'prototype' file here, because we have
    # to make up a localhost line that's properly qualified.
    #

998
999
    $TM = OPENTMCC(TMCCCMD_HOSTS);

1000
    open(HOSTS, ">" . HOSTSFILE)
1001
1002
	or die("Could not open $HOSTSFILE: $!");

1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
    my $localaliases = "loghost";

    #
    # Find out our domain name, so that we can qualify the localhost entry
    #
    my $hostname = `hostname`;
    if ($hostname =~ /[^.]+\.(.+)/) {
	$localaliases .= " localhost.$1";
    }
    
    #
    # First, write a localhost line into the hosts file - we have to know the
    # domain to use here
    #
    print HOSTS os_etchosts_line("localhost", "127.0.0.1", $localaliases), "\n";

1019
1020
    #
    # Now convert each hostname into hosts file representation and write
1021
1022
1023
1024
1025
    # it to the hosts file. Note that ALIASES is for backwards compat.
    # Should go away at some point.
    #
    my $pat  = q(NAME=([-\w\.]+) IP=([0-9\.]*) ALIASES=\'([-\w\. ]*)\');
    
1026
    while (<$TM>) {
1027
1028
1029
1030
1031
1032
	if ($_ =~ /$pat/) {
	    my $name    = $1;
	    my $ip      = $2;
	    my $aliases = $3;
	    
	    my $hostline = os_etchosts_line($name, $ip, $aliases);
1033
1034
1035
1036
1037
1038
1039
1040
	    
	    print STDOUT "  $hostline\n";
	    print HOSTS  "$hostline\n";
	}
	else {
	    warn "*** WARNING: Bad hosts line: $_";
	}
    }
1041
    CLOSETMCC($TM);
1042
1043
1044
1045
1046
    close(HOSTS);

    return 0;
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
1047
sub doaccounts()
1048
1049
{
    my %newaccounts = ();
1050
    my %newgroups   = ();
1051
1052
    my %pubkeys1    = ();
    my %pubkeys2    = ();
Austin Clements's avatar
Austin Clements committed
1053
    my @sfskeys     = ();
1054
    my %deletes     = ();
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1055
    my %lastmod     = ();
1056
1057
    my %PWDDB;
    my %GRPDB;
1058
1059
1060
1061

    my $TM = OPENTMCC(TMCCCMD_ACCT);

    #
1062
1063
1064
1065
1066
1067
    # The strategy is to keep a record of all the groups and accounts
    # added by the testbed system so that we know what to remove. We
    # use a vanilla perl dbm for that, one for the groups and one for
    # accounts. 
    #
    # First just get the current set of groups/accounts from tmcd.
1068
1069
1070
    #
    while (<$TM>) {
	if ($_ =~ /^ADDGROUP NAME=([-\@\w.]+) GID=([0-9]+)/) {
1071
1072
1073
	    #
	    # Group info goes in the hash table.
	    #
1074
1075
	    my $gname = "$1";
	    
1076
	    if (REMOTE() && !JAILED()) {
1077
		$gname = "emu-${gname}";
1078
	    }
1079
	    $newgroups{"$gname"} = $2
1080
	}
1081
	elsif ($_ =~ /^ADDUSER LOGIN=([0-9A-Za-z]+)/) {
1082
1083
1084
1085
1086
1087
	    #
	    # Account info goes in the hash table.
	    # 
	    $newaccounts{$1} = $_;
	    next;
	}
1088
	elsif ($_ =~ /^PUBKEY LOGIN=([0-9A-Za-z]+) KEY="(.*)"/) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1089
1090
1091
	    #
	    # Keys go into hash as a list of keys.
	    #
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
	    my $login = $1;
	    my $key   = $2;

	    #
	    # P1 or P2 key. Must be treated differently below.
	    #
	    if ($key =~ /^\d+\s+.*$/) {
		if (! defined($pubkeys1{$login})) {
		    $pubkeys1{$login} = [];
		}
		push(@{$pubkeys1{$login}}, $key);
	    }
	    else {
		if (! defined($pubkeys2{$login})) {
		    $pubkeys2{$login} = [];
		}
		push(@{$pubkeys2{$login}}, $key);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1109
1110
1111
	    }
	    next;
	}
Austin Clements's avatar
Austin Clements committed
1112
1113
1114
1115
1116
1117
1118
	elsif ($_ =~ /^SFSKEY KEY="(.*)"/) {
	    #
	    # SFS key goes into the array.
	    #
	    push(@sfskeys, $1);
	    next;
	}
1119
	else {
1120
	    warn "*** WARNING: Bad accounts line: $_\n";
1121
1122
	}
    }
1123
    CLOSETMCC($TM);
1124

1125
1126
1127
1128
1129
1130
    if (! MFS()) {
	#
	# One the MFS, these will just start out as empty hashes.
	# 
	dbmopen(%PWDDB, TMPASSDB, 0660) or
	    die("Cannot open " . TMPASSDB . ": $!\n");
1131
	
1132
1133
1134
	dbmopen(%GRPDB, TMGROUPDB, 0660) or
	    die("Cannot open " . TMGROUPDB . ": $!\n");
    }
1135

1136
    #
1137
1138
    # Create any groups that do not currently exist. Add each to the
    # DB as we create it.
1139
    #
1140
1141
1142
1143
1144
1145
    while (($group, $gid) = each %newgroups) {
	my ($exists,undef,$curgid) = getgrnam($group);
	
	if ($exists) {
	    if ($gid != $curgid) {
		warn "*** WARNING: $group/$gid mismatch with existing group\n";
1146
	    }
1147
	    next;
1148
	}
1149
1150
1151
1152
1153
1154
1155
1156
1157

	print "Adding group: $group/$gid\n";
	    
	if (os_groupadd($group, $gid)) {
	    warn "*** WARNING: Error adding new group $group/$gid\n";
	    next;
	}
	# Add to DB only if successful. 
	$GRPDB{$group} = $gid;
1158
1159
1160
    }

    #
1161
1162
1163
1164
    # Now remove the ones that we created previously, but are now no longer
    # in the group set (as told to us by the TMCD). Note, we cannot delete 
    # them directly from the hash since that would mess up the foreach loop,
    # so just stick them in temp and postpass it.
1165
    #
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
    while (($group, $gid) = each %GRPDB) {
	if (defined($newgroups{$group})) {
	    next;
	}

	print "Removing group: $group/$gid\n";
	
	if (os_groupdel($group)) {
	    warn "*** WARNING: Error removing group $group/$gid\n";
	    next;
	}
	# Delete from DB only if successful. 
	$deletes{$group} = $gid;
    }
    while (($group, $gid) = each %deletes) {
	delete($GRPDB{$group});
1182
    }
1183
1184
1185
    %deletes = ();

    # Write the DB back out!
1186
1187
1188
    if (! MFS()) {
	dbmclose(%GRPDB);
    }
1189
1190

    #
1191
1192
1193
    # Repeat the same sequence for accounts, except we remove old accounts
    # first. 
    # 
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
    while (($login, $info) = each %PWDDB) {
	my $uid = $info;
	
	#
	# Split out the uid from the serial. Note that this was added later
	# so existing DBs might not have a serial yet. We save the serial
	# for later. 
	#
	if ($info =~ /(\d*):(\d*)/) {
	    $uid = $1;
	    $lastmod{$login} = $2;
	}
	
1207
1208
1209
	if (defined($newaccounts{$login})) {
	    next;
	}
1210

1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
	my ($exists,undef,$curuid,undef,
	    undef,undef,undef,$homedir) = getpwnam($login);

	#
	# If the account is gone, someone removed it by hand. Remove it
	# from the DB so we do not keep trying.
	#
	if (! defined($exists)) {
	    warn "*** WARNING: Account for $login was already removed!\n";
	    $deletes{$login} = $login;
	    next;
	}

	#
	# Check for mismatch, just in case. If there is a mismatch remove it
	# from the DB so we do not keep trying.
	#
	if ($uid != $curuid) {
	    warn "*** WARNING: ".
		 "Account uid for $login has changed ($uid/$curuid)!\n";
	    $deletes{$login} = $login;
	    next;
	}
	
	print "Removing user: $login\n";
	
	if (os_userdel($login) != 0) {
	    warn "*** WARNING: Error removing user $login\n";
	    next;
	}

	#
	# Remove the home dir. 
	#
	# Must ask for the current home dir in case it came from pw.conf.
	#
	if (defined($homedir) &&
	    index($homedir, "/${login}")) {
	    if (os_homedirdel($login, $homedir) != 0) {
	        warn "*** WARNING: Could not remove homedir $homedir.\n";
1251
1252
	    }
	}
1253
1254
1255
1256
1257
1258
1259
	
	# Delete from DB only if successful. 
	$deletes{$login} = $login;
    }
    
    while (($login, $foo) = each %deletes) {
	delete($PWDDB{$login});
1260
1261
    }

1262
    my $pat = q(ADDUSER LOGIN=([0-9A-Za-z]+) PSWD=([^:]+) UID=(\d+) GID=(.*) );
1263
    $pat   .= q(ROOT=(\d) NAME="(.*)" HOMEDIR=(.*) GLIST="(.*)" );
1264
    $pat   .= q(SERIAL=(\d+) EMAIL="([-\w\@\.\+]+)");
1265
1266

    while (($login, $info) = each %newaccounts) {
1267
	if ($info =~ /$pat/) {
1268
1269
1270
1271
1272
1273
1274
	    $pswd  = $2;
	    $uid   = $3;
	    $gid   = $4;
	    $root  = $5;
	    $name  = $6;
	    $hdir  = $7;
	    $glist = $8;
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1275
	    $serial= $9;
1276
	    $email = $10;
1277
1278
1279
	    if ( $name =~ /^(([^:]+$|^))$/ ) {
		$name = $1;
	    }
1280

Leigh B. Stoller's avatar
Leigh B. Stoller committed
1281
1282
1283
1284
1285
1286
1287
1288
1289
	    #
	    # See if update needed, based on the serial number we get.
	    # If its different, the account info has changed.
	    # 
	    my $doupdate = 0;
	    if (!defined($lastmod{$login}) || $lastmod{$login} != $serial) {
		$doupdate = 1;
	    }
	    
1290
	    my ($exists,undef,$curuid) = getpwnam($login);
1291
1292

	    if ($exists) {
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
		if (!defined($PWDDB{$login})) {
		    warn "*** WARNING: ".
			 "Skipping since $login existed before EmulabMan!\n";
		    next;
		}
		if ($curuid != $uid) {
		    warn "*** WARNING: ".
			 "$login/$uid uid mismatch with existing login.\n";
		    next;
		}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
		if ($doupdate) {
		    print "Updating: ".
			"$login/$uid/$gid/$root/$name/$hdir/$glist\n";
		    
		    os_usermod($login, $gid, "$glist", $pswd, $root);

		    #
		    # Note that we changed the info for next time.
		    # 
		    $PWDDB{$login} = "$uid:$serial";
		}
1314
	    }
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1315
1316
	    else {
		print "Adding: $login/$uid/$gid/$root/$name/$hdir/$glist\n";
1317

Leigh B. Stoller's avatar
Leigh B. Stoller committed
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
		if (os_useradd($login, $uid, $gid, $pswd, 
			       "$glist", $hdir, $name, $root)) {
		    warn "*** WARNING: Error adding new user $login\n";
		    next;
		}
		# Add to DB only if successful. 
		$PWDDB{$login} = "$uid:$serial";
	    }

	    #
1328
	    # Remote nodes and local control nodes get this. 
Leigh B. Stoller's avatar
Leigh B. Stoller committed
1329
	    # 
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
	    if ((REMOTE() || CONTROL()) && $doupdate) {
		#
		# Must ask for the current home dir since we rely on pw.conf.
		#
		my (undef,undef,undef,undef,
		    undef,undef,undef,$homedir) = getpwuid($uid);
		my $sshdir  = "$homedir/.ssh";
		my $forward = "$homedir/.forward";

		#
		# Create .ssh dir and populate it with an authkeys file.
		#
		TBNewsshKeyfile($sshdir, $uid, $gid, 1, @{$pubkeys1{$login}});
		TBNewsshKeyfile($sshdir, $uid, $gid, 2, @{$pubkeys2{$login}});

		#
		# Give user a .forward back to emulab.
		#
		if (! -e $forward) {
		    system("echo '$email' > $forward");
1350
		
1351
1352
		    chown($uid, $gid, $forward) 
			or warn("*** Could not chown $forward: $!\n");
1353
		
1354
1355
1356
		    chmod(0644, $forward) 
			or warn("*** Could not chmod $forward: $!\n");
		}
1357
	    }
1358
1359
1360
	}
	else {
	    warn("*** Bad accounts line: $info\n");
1361
1362
	}
    }
1363
    # Write the DB back out!
1364
1365
1366
    if (! MFS()) {
	dbmclose(%PWDDB);
    }
1367

Austin Clements's avatar
Austin Clements committed
1368
1369
1370
    #
    # Create sfs_users file and populate it with public SFS keys
    #
1371
    if ($USESFS) {
1372
1373
1374
1375
1376
1377
	my $sfsusers = "/etc/sfs/sfs_users";
	
	if (!open(SFSKEYS, "> ${sfsusers}.new")) {
	    warn("*** WARNING: Could not open ${sfsusers}.new: $!\n");
	    goto bad;
	}
1378
	    
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
	print SFSKEYS "#\n";
	print SFSKEYS "# DO NOT EDIT! This file auto generated by ".
	    "Emulab.Net account software.\n";
	print SFSKEYS "#\n";
	print SFSKEYS "# Please use the web interface to edit your ".
	    "SFS public key list.\n";
	print SFSKEYS "#\n";
	foreach my $key (@sfskeys) {
	    print SFSKEYS "$key\n";
	}
	close(SFSKEYS);
1390

1391
1392
1393
1394
1395
1396
1397
1398
	if (!chown(0, 0, "${sfsusers}.new")) {
	    warn("*** WARNING: Could not chown ${sfsusers}.new: $!\n");
	    goto bad;
	}
	if (!chmod(0600, "${sfsusers}.new")) {
	    warn("*** WARNING: Could not chmod ${sfsusers}.new: $!\n");
	    goto bad;
	}
1399
	    
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
	#
	# If there is an update script, its the new version of SFS.
	# Run that script to convert the keys over. At some point ops
	# and the DB will be converted too, and this can go away.
	#
	if (-x "/usr/local/lib/sfs/upgradedb.pl") {
	    system("/usr/local/lib/sfs/upgradedb.pl ${sfsusers}.new");
	    system("rm -f ${sfsusers}.new.v1-saved-1");
	}

	# Because sfs_users only contains public keys, sfs_users.pub is
	# exactly the same
	if (system("cp -p -f ${sfsusers}.new ${sfsusers}.pub.new")) {
	    warn("*** WARNING Could not copy ${sfsusers}.new to ".
		 "${sfsusers}.pub.new: $!\n");
1415
1416
	    goto bad;
	}
1417
	    
1418
1419
1420
1421
	if (!chmod(0644, "${sfsusers}.pub.new")) {
	    warn("*** WARNING: Could not chmod ${sfsusers}.pub.new: $!\n");
	    goto bad;
	}
1422

1423
1424
1425
1426
1427
1428
1429
1430
1431
	# Save off old key files and move in new ones
	foreach my $keyfile ("${sfsusers}", "${sfsusers}.pub") {
	    if (-e $keyfile) {
		if (system("cp -p -f $keyfile $keyfile.old")) {
		    warn("*** Could not save off $keyfile: $!\n");
		    next;
		}
		if (!chown(0, 0, "$keyfile.old")) {
		    warn("*** Could not chown $keyfile.old: $!\n");
Austin Clements's avatar
Austin Clements committed
1432
		}
1433
1434
		if (!chmod(0600, "$keyfile.old")) {
		    warn("*** Could not chmod $keyfile.old: $!\n");