named_setup.in

#!/usr/bin/perl -wT

#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#

use English;
use Fcntl ':flock';

#
# Suck out virtual names and create CNAME map entries.
#
# This script always does the right thing, so it does not matter who calls it. 
#
# usage: named_setup
#

#
# Configure variables
#
my $TB		= "@prefix@";
my $TBOPS       = "@TBOPSEMAIL@";
my $USERS	= "@USERNODE@";
my $DISABLED    = "@DISABLE_NAMED_SETUP@";
my $OURDOMAIN   = "@OURDOMAIN@";

my $mapdir			= "/etc/namedb";
my $mapfile			= "$mapdir/${OURDOMAIN}.db";
my $mapfiletail			= "$mapfile.tail";
my $mapfile_internal		= "$mapdir/${OURDOMAIN}.internal.db";
my $mapfile_internal_head	= "$mapfile_internal.head";
my $vnodesfile			= "$mapdir/vnodes.${OURDOMAIN}.db";
my $vnodesback 			= "$mapdir/vnodes.${OURDOMAIN}.db.backup";
my $reversedir			= "$mapdir/reverse";
my $lockfile			= "/var/tmp/testbed_named_lockfile";
my $dbg	= 0;
my @row;

use strict;

# If we're disabled, just quietly exit
if ($DISABLED) {
    exit 0;
}

# We don't want to run this script unless its the real version.
if ($EUID != 0) {
    die("*** $0:\n".
	"    Must be root! Maybe its a development version?\n");
}
# XXX Hacky!
if (0 && $TB ne "/usr/testbed") {
    die("*** $0:\n".
	"    Wrong version. Maybe its a development version?\n");
}

# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/sbin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

# Turn off line buffering on output
$| = 1;

# Testbed Support libraries
use lib "@prefix@/lib";
use libtestbed;
use libdb;

#
# We need to serialize this script to avoid a trashed map file. Use
# a dummy file in /var/tmp, opened for writing and flock'ed. 
#
open(LOCK, ">>$lockfile") || fatal("Couldn't open $lockfile\n");
my $count = 0;
if (flock(LOCK, LOCK_EX|LOCK_NB) == 0) {
    #
    # If we don't get it the first time, we wait for:
    # 1) The lock to become free, in which case we do our thing
    # 2) The time on the lock to change, in which case we wait for that process
    #    to finish
    #
    my $oldlocktime = (stat(LOCK))[9];
    my $gotlock = 0;
    while (1) {
	print "Another named map update in progress, waiting for it to finish\n";
	if (flock(LOCK, LOCK_EX|LOCK_NB) != 0) {
	    # OK, got the lock, we can do what we're supposed to
	    $gotlock = 1;
	    last;
	}
	my $locktime = (stat(LOCK))[9];
	if ($locktime != $oldlocktime) {
	    $oldlocktime = $locktime;
	    last;
	}
	if ($count++ > 20)  {
	    fatal("Could not get the lock after a long time!\n");
	}
	sleep(1);
    }

    $count = 0;
    #
    # If we didn't get the lock, wait for the processes that did to finish
    #
    if (!$gotlock) {
	while (1) {
	    if ((stat(LOCK))[9] != $oldlocktime) {
		exit(0);
	    }
	    if (flock(LOCK, LOCK_EX|LOCK_NB) != 0) {
		close(LOCK);
		exit(0);
	    }
	    if ($count++ > 20)  {
		fatal("Process with the lock didn't finish after a long time!\n");
	    }
	    sleep(1); 
	}

    }
}


#
# Perl-style touch(1)
#
my $now = time;
utime $now, $now, $lockfile;

#
# We stick the new map entries into the tail file. First zero it out.
#
open(MAP, ">$mapfiletail") || fatal("Couldn't open $mapfiletail\n");
print MAP "\n";
print MAP ";\n";
print MAP "; DO NOT EDIT below this point. Auto generated map entries!\n";
print MAP ";\n";
print MAP "\n";

#
# First create the IA records for those nodes that have a named_root
# defined. We glean the IP for the node from the interfaces table.
#
my $db_result =
    DBQueryFatal("select nt.type,nt.isremotenode,n.node_id,i.IP ".
		 "  from nodes as n ".
		 "left join node_types as nt on n.type=nt.type ".
		 "left join interfaces as i on n.node_id=i.node_id and ".
		 "     nt.control_iface=i.iface ".
		 "where nt.isvirtnode=0 and nt.issubnode=0 and ".
		 "      n.role='testnode' and i.IP is not null ".
		 "order by nt.type,n.node_id");

my %reverse;
if ($db_result->numrows > 0) {
    #
    # Create an IN record for each node. 
    #
    my $oldtype = "";
    
    while (@row = $db_result->fetchrow_array) {
	my $type    = $row[0];
	my $isremote= $row[1];
	my $node_id = $row[2];
	my $IP      = $row[3];

	if ($oldtype ne $type) {
	    print MAP ";\n";
	    print MAP "; $type nodes.\n";
	    print MAP ";\n";
	    
	    $oldtype = $type;
	}

	print MAP "$node_id\tIN\tA\t$IP\n";
	print MAP "\tIN\tMX 10\t$USERS.\n";

	#
	# Put it into a map so we can generate the reverse zone file later
	#
	$IP =~ /(\d+\.\d+\.\d+)\.(\d+)/;
	if ($1 && $2) {
	    my $subnet = $1;
	    my $host = $2;
	    push @{$reverse{$subnet}}, [$host, $node_id];
	} else {
	    warn "Poorly formed IP address $IP\n";
	}
    }
}
print MAP "\n";
print MAP "\$TTL\t1\n\n";

#
# Figure out the set of experiment nodes we are working on. These are the 
# nodes that have a vname in the reserved table. 
#
$db_result =
    DBQueryFatal("select r.node_id,pid,eid,vname,n.phys_nodeid,n.jailip ".
		 " from reserved as r ".
		 "left join nodes as n on n.node_id=r.node_id ".
		 "left join node_types as nt on nt.type=n.type ".
		 "where nt.issubnode=0");

if ($db_result->numrows > 0) {
    #
    # Create a CNAME for each reserved node.
    #
    while (my %row = $db_result->fetchhash) {
	my $node_id = $row{"node_id"};
	my $pid     = $row{"pid"};
	my $eid     = $row{"eid"};
	my $physid  = $row{"phys_nodeid"};
	my $jailip  = $row{"jailip"};
	my $vname   = $node_id;
	my $cname;

	if (defined($row{"vname"})) {
	    $vname = $row{"vname"};
	}

        #
        # VIRTNODE HACK: Map cname to underlying physnode, but first
	# spit out a vname for the virtnode name (no point in polluting
	# the map with a zillion cnames for nodes that do not actually
	# exist until they are allocated).
        #
	if (defined($physid) && $physid ne $node_id) {
	    if (defined($jailip)) {
		#
		# If the vnode has its own jailip, then skip this completely
		# since both the name and the cname will be entered into
		# the "private" vnodes map below. 
		# 
		next;
	    }
	    $cname   = sprintf("%-40s", "$node_id");
	    printf MAP "$cname IN\tCNAME\t$physid\n";
	    
	    $node_id = $physid;
	}
	    
	$cname = sprintf("%-40s", "$vname.$eid.$pid");
	printf MAP "$cname IN\tCNAME\t$node_id\n";
    }
}

print MAP "\n";
close(MAP);

#
# Make this map!
#
make_zonefile($mapfile);

#
# If they have an 'internal' zone file (ie. with some internal IPs for boss and
# ops), make that too
#
if (-e $mapfile_internal_head) {
    make_zonefile($mapfile_internal,$mapfile_internal_head,$mapfiletail);
}

#
# Now we tack on the virtual node, but that has to go onto the end
# of a *copy* of the file we just created.
#
if (-e $vnodesfile) {
    system("mv -f $vnodesfile $vnodesback") == 0 or
	fatal("Could not back up $vnodesfile to $vnodesback\n");
}

system("cp $mapfile $vnodesfile") == 0 or
    fatal("Could not copy $mapfile to $vnodesfile\n");

#
# Open up the file and append the jail ips.
# 
open(MAP, ">>$vnodesfile") || fatal("Couldn't open $vnodesfile\n");
print MAP
    ";\n".
    "; Jail IPs (allocated nodes only).\n" .
    ";\n";
    
$db_result =
    DBQueryFatal("select r.*,n.jailip from reserved as r ".
		 "left join nodes as n on n.node_id=r.node_id ".
		 "left join node_types as nt on nt.type=n.type ".
		 "where nt.isvirtnode=1 and nt.isremotenode=0 and ".
		 "      nt.issubnode=0 and n.jailip is not null");

if ($db_result->numrows > 0) {
    #
    # Create a CNAME for each reserved node.
    #
    while (my %row = $db_result->fetchhash) {
	my $node_id = $row{"node_id"};
	my $pid     = $row{"pid"};
	my $eid     = $row{"eid"};
	my $IP      = $row{"jailip"};
	my $vname   = $node_id;

	if (defined($row{"vname"})) {
	    $vname = $row{"vname"};
	}

	# Spit an A record for the node.
	print MAP "$node_id\tIN\tA\t$IP\n";

	# Then a CNAME.
	my $cname = sprintf("%-40s", "$vname.$eid.$pid");
	printf MAP "$cname IN\tCNAME\t$node_id\n";
    }
}

#
# Other unroutable addresses.
# 
print MAP
    ";\n".
    "; Other unroutable IPs (allocated subnodes only).\n" .
    ";\n";
    
$db_result =
    DBQueryFatal("select r.node_id,r.pid,r.eid,r.vname,i.IP ".
		 "  from reserved as r ".
		 "left join nodes as n on r.node_id=n.node_id ".
		 "left join node_types as nt on n.type=nt.type ".
		 "left join interfaces as i on n.node_id=i.node_id and ".
		 "     nt.control_iface=i.iface ".
		 "where nt.issubnode=1 and ".
		 "      n.role='testnode' and i.IP is not null ".
		 "order by nt.type,n.node_id");

if ($db_result->numrows > 0) {
    #
    # Create a CNAME for each reserved node.
    #
    while (my %row = $db_result->fetchhash) {
	my $node_id = $row{"node_id"};
	my $pid     = $row{"pid"};
	my $eid     = $row{"eid"};
	my $IP      = $row{"IP"};
	my $vname   = $node_id;

	if (defined($row{"vname"})) {
	    $vname = $row{"vname"};
	}

	# Spit an A record for the node.
	print MAP "$node_id\tIN\tA\t$IP\n";

	# Then a CNAME.
	my $cname = sprintf("%-40s", "$vname.$eid.$pid");
	printf MAP "$cname IN\tCNAME\t$node_id\n";
    }
}
close(MAP);

#
# Look for reverse zone files that we may need to make
#
opendir(DIR,$reversedir) or fatal("Unable to open directory $reversedir\n");
while (my $dirent = readdir(DIR)) {
    if ($dirent !~ /((\d+\.\d+\.\d+)\.db)\.head/) {
	next;
    }
    my $subnet = $2;
    my $basename = $1;

    my $filename = "$reversedir/$basename.tail";
    open MAP, ">$filename" || fatal("Couldn't open $filename: $!\n");
    if ($reverse{$subnet}) {
	foreach my $aref (sort {$$a[0] <=> $$b[0]} @{$reverse{$subnet}}) {
	    my ($host, $name) = @$aref;
	    printf MAP "$host\tIN\tPTR\t$name.$OURDOMAIN.\n";
	}
    }
    close MAP;

    make_zonefile("$reversedir/$basename");
    
}
closedir DIR;

#
# This is better than HUPing the nameserver directly. Notet that we look
# for a local port of named first.
#
if (-x "/usr/local/sbin/rndc") {
    system("/usr/local/sbin/rndc reload > /dev/null") == 0 or
	fatal("/usr/local/sbin/rndc reload failed!\n");
}
else {
    system("named.reload > /dev/null") == 0 or
	fatal("named.reload failed!\n");
}

exit(0);

sub fatal {
    my $msg = $_[0];

    SENDMAIL($TBOPS, "Named Setup Failed", $msg);
    die($msg);
}

#
# Make a zone file from the 
#
sub make_zonefile($;$$) {
    my ($mapfile,$mapfilehead,$mapfiletail) = @_;

    my $mapfileback = "$mapfile.backup";
    if (!defined $mapfilehead) {
	$mapfilehead = "$mapfile.head";
    }
    if (!defined $mapfiletail) {
	$mapfiletail = "$mapfile.tail";
    }

    #
    # Concat the head and tail files to create the new map.
    #
    if (-e $mapfile) {
	system("mv -f $mapfile $mapfileback") == 0 or
	fatal("Could not back up $mapfile to $mapfileback\n");
    }

    #
    # Generate a warning so that no one tries to edit the file by hand
    #
    open(MAP, ">$mapfile") || fatal("Couldn't open $mapfile\n");
    print MAP
    ";\n".
    "; ******************************************************************\n".
    "; DO NOT EDIT THIS FILE. IT IS A CREATION, A FIGMENT, A CONTRIVANCE!\n".
    ";\n".
    "; Edit the \"head\" file, then run ${TB}bin/named_setup.\n".
    "; ******************************************************************\n".
    ";\n";

    #
    # Now copy in the head part of the map, looking for the serial
    # number so it can be bumped up.
    #
    open(MAPHEAD, "<$mapfilehead") || fatal("Couldn't open $mapfilehead\n");
    while (<MAPHEAD>) {
	if ( /;\s*Serial\s+/i ) {
	    my $serial = `date +%s`;
	    chop $serial;

	    print MAP "\t\t\t$serial\t; Serial Number -- DO NOT EDIT\n";
	}
	else {
	    print MAP "$_";
	}
    }
    close(MAPHEAD);
    close(MAP);

    #
    # Now the tail of the map.
    # 
    system("cat $mapfiletail >> $mapfile") == 0 or
    fatal("Failed to concat $mapfiletail to $mapfile\n");
}