Checkpoint initial flyspray support. More to come ... but wanted it in

the repo in case I decide to stay in Switzerland, eating chocolate and
cheeseballs.

bugdb/GNUmakefile.in

+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2000-2005 University of Utah and the Flux Group.
+# All rights reserved.
+#
+
+SRCDIR		= @srcdir@
+TESTBED_SRCDIR	= @top_srcdir@
+OBJDIR		= ..
+SUBDIR		= bugdb
+
+include $(OBJDIR)/Makeconf
+
+SBIN_SCRIPTS		= addbugdbproj addbugdbuser setbugdbgroups \
+			  bugdbsetup
+LIBEXEC_SCRIPTS		= 
+
+CTRL_SBIN_SCRIPTS	= bugdbproxy
+
+#
+# Force dependencies on the scripts so that they will be rerun through
+# configure if the .in file is changed.
+# 
+all:	$(SBIN_SCRIPTS) $(CTRL_SBIN_SCRIPTS) $(LIBEXEC_SCRIPTS)
+
+include $(TESTBED_SRCDIR)/GNUmakerules
+
+install: $(addprefix $(INSTALL_SBINDIR)/, $(SBIN_SCRIPTS)) \
+	 $(addprefix $(INSTALL_LIBEXECDIR)/, $(LIBEXEC_SCRIPTS)) \
+	 $(addprefix $(INSTALL_DIR)/opsdir/sbin/, $(CTRL_SBIN_SCRIPTS))
+
+boss-install: install
+
+post-install: 
+	chown root $(INSTALL_SBINDIR)/addbugdbproj
+	chmod u+s $(INSTALL_SBINDIR)/addbugdbproj
+	chown root $(INSTALL_SBINDIR)/addbugdbuser
+	chmod u+s $(INSTALL_SBINDIR)/addbugdbuser
+	chown root $(INSTALL_SBINDIR)/setbugdbgroups
+	chmod u+s $(INSTALL_SBINDIR)/setbugdbgroups
+
+#
+# Control node installation (okay, plastic)
+#
+control-install:	$(addprefix $(INSTALL_SBINDIR)/, $(CTRL_SBIN_SCRIPTS))
+
+clean:
+	rm -f *.o core
+
+$(INSTALL_DIR)/opsdir/sbin/%: %
+	@echo "Installing $<"
+	-mkdir -p $(INSTALL_DIR)/opsdir/sbin
+	$(INSTALL) $< $@

bugdb/addbugdbproj.in

+#!/usr/bin/perl -wT
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2005 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use English;
+use Getopt::Std;
+
+#
+# Add a project to the wiki on ops.
+#
+sub usage()
+{
+    print STDOUT "Usage: addbugdbproj <pid>\n";
+    exit(-1);
+}
+my $optlist = "d";
+my $debug   = 0;
+
+#
+# Configure variables
+#
+my $TB		= "@prefix@";
+my $TBOPS       = "@TBOPSEMAIL@";
+my $CONTROL     = "@USERNODE@";
+my $BOSSNODE	= "@BOSSNODE@";
+my $BUGDBSUPPORT= @BUGDBSUPPORT@;
+my $SSH         = "$TB/bin/sshtb";
+my $BUGDBPROXY  = "$TB/sbin/bugdbproxy";
+
+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/usr/bin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Turn off line buffering on output
+#
+$| = 1;
+
+#
+# Load the Testbed support stuff. 
+#
+use lib "@prefix@/lib";
+use libdb;
+use libtestbed;
+
+#
+# We don't want to run this script unless its the real version.
+#
+if ($EUID != 0) {
+    die("*** $0:\n".
+	"    Must be setuid! Maybe its a development version?\n");
+}
+
+#
+# This script is setuid, so please do not run it as root. Hard to track
+# what has happened.
+# 
+if ($UID == 0) {
+    die("*** $0:\n".
+	"    Please do not run this as root! Its already setuid!\n");
+}
+
+#
+# If no wiki support, just exit. 
+#
+if (! $BUGDBSUPPORT) {
+    print "Bug DB support is not enabled. Exit ...\n";
+    exit(0);
+}
+
+#
+# Parse command arguments. Once we return from getopts, all that should be
+# left are the required arguments.
+#
+%options = ();
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+if (defined($options{"d"})) {
+    $debug = 1;
+}
+if (@ARGV != 1) {
+    usage();
+}
+my $pid = $ARGV[0];
+
+#
+# Untaint args.
+#
+if ($pid =~ /^([-\w]+)$/) {
+    $pid = $1;
+}
+else {
+    die("Bad data in pid: $pid");
+}
+
+# Valid project?
+if (! ProjLeader($pid)) {
+    fatal("No such project $pid!");
+}
+
+#
+# This script always does the right thing, so no permission checks.
+# In fact, all it does it call over to ops to run a script over there.
+#
+# For ssh.
+#
+$UID = $EUID;
+
+if ($CONTROL ne $BOSSNODE) {
+    my $optarg = ($debug ? "-d" : "");
+	
+    print "Adding project $pid to the Bug DB on $CONTROL.\n";
+
+    if (system("$SSH -host $CONTROL $BUGDBPROXY ".
+	       "  $optarg addproject $pid")) {
+	fatal("$BUGDBPROXY failed on $CONTROL!");
+    }
+}
+exit(0);
+
+sub fatal($)
+{
+    my($mesg) = $_[0];
+
+    die("*** $0:\n".
+	"    $mesg\n");
+}

bugdb/addbugdbuser.in

+#!/usr/bin/perl -wT
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2005 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use English;
+use Getopt::Std;
+
+#
+# Add a user to the bugdb on ops.
+#
+sub usage()
+{
+    print STDOUT "Usage: addbugdbuser [-m] <uid>\n";
+    exit(-1);
+}
+my $optlist = "dm";
+my $debug   = 0;
+my $modify  = 0;
+
+#
+# Configure variables
+#
+my $TB		= "@prefix@";
+my $TBOPS       = "@TBOPSEMAIL@";
+my $CONTROL     = "@USERNODE@";
+my $BOSSNODE	= "@BOSSNODE@";
+my $BUGDBSUPPORT= @BUGDBSUPPORT@;
+my $SSH         = "$TB/bin/sshtb";
+my $BUGDBPROXY  = "$TB/sbin/bugdbproxy";
+
+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/usr/bin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Turn off line buffering on output
+#
+$| = 1;
+
+#
+# Load the Testbed support stuff. 
+#
+use lib "@prefix@/lib";
+use libdb;
+use libtestbed;
+
+#
+# We don't want to run this script unless its the real version.
+#
+if ($EUID != 0) {
+    die("*** $0:\n".
+	"    Must be setuid! Maybe its a development version?\n");
+}
+
+#
+# This script is setuid, so please do not run it as root. Hard to track
+# what has happened.
+# 
+if ($UID == 0) {
+    die("*** $0:\n".
+	"    Please do not run this as root! Its already setuid!\n");
+}
+
+#
+# If no wiki support, just exit. 
+#
+if (! $BUGDBSUPPORT) {
+    print "Bug DB support is not enabled. Exit ...\n";
+    exit(0);
+}
+
+#
+# Parse command arguments. Once we return from getopts, all that should be
+# left are the required arguments.
+#
+%options = ();
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+if (defined($options{"d"})) {
+    $debug = 1;
+}
+if (defined($options{"m"})) {
+    $modify = 1;
+}
+if (@ARGV != 1) {
+    usage();
+}
+my $uid = $ARGV[0];
+
+#
+# Untaint args.
+#
+if ($uid =~ /^([-\w]+)$/) {
+    $uid = $1;
+}
+else {
+    die("Bad data in uid: $uid");
+}
+
+# Need the password hash ...
+$query_result =
+    DBQueryFatal("select u.usr_pswd from users as u ".
+		 "where u.uid='$uid'");
+
+if ($query_result->numrows == 0) {
+    fatal("No such user $uid!");
+}
+my ($passhash) = $query_result->fetchrow_array();
+
+# shell escape.
+$passhash =~ s/\$/\\\$/g;
+$passhash =~ s/\*/\\\*/g;
+
+#
+# This script always does the right thing, so no permission checks.
+# In fact, all it does it call over to ops to run a script over there.
+#
+# For ssh.
+#
+$UID = $EUID;
+
+if ($CONTROL ne $BOSSNODE) {
+    my $optarg = ($debug ? "-d" : "");
+    my $addarg = "";
+
+    if ($modify) {
+	print "Changing user $uid info in the Bug DB on $CONTROL.\n";
+	$addarg = "-m";
+    }
+    else {
+	print "Adding user $uid to the Bug DB on $CONTROL.\n";
+    }
+
+    if (system("$SSH -host $CONTROL $BUGDBPROXY ".
+	       "  $optarg adduser $addarg $uid '$passhash'")) {
+	fatal("$BUGDBPROXY failed on $CONTROL!");
+    }
+}
+exit(0);
+
+sub fatal($)
+{
+    my($mesg) = $_[0];
+
+    die("*** $0:\n".
+	"    $mesg\n");
+}

bugdb/bugdbsetup.in

+#!/usr/bin/perl -w
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2005 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use English;
+use Getopt::Std;
+
+#
+# Initial bugdb setup. Create bugdn accounts for all users and projects.
+#
+sub usage()
+{
+    print STDOUT "Usage: bugdbsetup\n";
+    exit(-1);
+}
+my $optlist  = "d";
+my $debug    = 0;
+my $impotent = 0;
+
+#
+# Configure variables
+#
+my $TB		= "@prefix@";
+my $TBOPS       = "@TBOPSEMAIL@";
+my $CONTROL     = "@USERNODE@";
+my $BOSSNODE	= "@BOSSNODE@";
+my $BUGDBSUPPORT= @BUGDBSUPPORT@;
+my $SSH         = "$TB/bin/sshtb";
+my $BUGDBPROXY  = "$TB/sbin/bugdbproxy";
+my $ADDUSER     = "$TB/sbin/addbugdbuser";
+my $ADDPROJ     = "$TB/sbin/addbugdbproj";
+my $SETGROUPS   = "$TB/sbin/setbugdbgroups";
+
+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/usr/bin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Turn off line buffering on output
+#
+$| = 1;
+
+#
+# Load the Testbed support stuff. 
+#
+use lib "@prefix@/lib";
+use libdb;
+use libtestbed;
+
+#
+# If no bugdb support, just exit. 
+#
+if (! $BUGDBSUPPORT) {
+    print "BUGDB support is not enabled. Exit ...\n";
+    exit(0);
+}
+
+#
+# Only testbed admins.
+#
+if (!TBAdmin($UID)) {
+    die("*** $0:\n".
+	"    Must be a testbed admin to run this script\n");
+}
+
+#
+# Parse command arguments. Once we return from getopts, all that should be
+# left are the required arguments.
+#
+%options = ();
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+if (defined($options{"d"})) {
+    $debug = 1;
+}
+if (@ARGV) {
+    usage();
+}
+
+#
+# First the projects. Only main group, no subgroups!
+#
+$query_result =
+    DBQueryFatal("select pid from projects ".
+		 "where approved=1 ".
+		 " and (pid='testbed' or pid='emulab-ops' or pid='tbres' or ".
+		 "      pid='utahstud')" .
+		 "");
+
+while (my ($pid) = $query_result->fetchrow_array()) {
+    print "Creating bugdb for project $pid\n"
+	if ($debug);
+    
+    if (!$impotent) {
+	system("$ADDPROJ $pid") == 0
+	    or fatal("Could not add bugdb for $pid");
+    }
+}
+
+#
+# Now the users.
+# 
+$query_result =
+    DBQueryFatal("select distinct g.uid ".
+		 "  from group_membership as g ".
+		 "left join users as u on u.uid=g.uid ".
+		 "where u.status='active' and g.trust!='none' ".
+		 "  and (g.pid='testbed' or g.pid='emulab-ops' or ".
+		 "       g.pid='tbres' or g.pid='utahstud')" .
+		 "order by u.admin");
+
+while (my ($uid) = $query_result->fetchrow_array()) {
+    print "Adding user $uid to bugdb\n"
+	if ($debug);
+    
+    if (!$impotent) {
+	system("$ADDUSER $uid") == 0
+	    or fatal("Could not add bugdb account for $uid");
+
+	system("$SETGROUPS $uid") == 0
+	    or fatal("Could not set bugdb groups for $uid");
+    }
+}
+
+exit(0);
+
+sub fatal($)
+{
+    my($mesg) = $_[0];
+
+    die("*** $0:\n".
+	"    $mesg\n");
+}

bugdb/setbugdbgroups.in

+#!/usr/bin/perl -wT
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2005 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use English;
+use Getopt::Std;
+
+#
+# Set the bugdb groups for a user. Currently we just do the projects.
+#
+sub usage()
+{
+    print STDOUT "Usage: setbugdbgroups <uid>\n";
+    exit(-1);
+}
+my $optlist = "d";
+my $debug   = 0;
+my @glist   = ();
+
+#
+# Configure variables
+#
+my $TB		= "@prefix@";
+my $TBOPS       = "@TBOPSEMAIL@";
+my $CONTROL     = "@USERNODE@";
+my $BOSSNODE	= "@BOSSNODE@";
+my $BUGDBSUPPORT= @BUGDBSUPPORT@;
+my $SSH         = "$TB/bin/sshtb";
+my $BUGDBPROXY  = "$TB/sbin/bugdbproxy";
+
+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/usr/bin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Turn off line buffering on output
+#
+$| = 1;
+
+#
+# Load the Testbed support stuff. 
+#
+use lib "@prefix@/lib";
+use libdb;
+use libtestbed;
+
+#
+# We don't want to run this script unless its the real version.
+#
+if ($EUID != 0) {
+    die("*** $0:\n".
+	"    Must be setuid! Maybe its a development version?\n");
+}
+
+#
+# This script is setuid, so please do not run it as root. Hard to track
+# what has happened.
+# 
+if ($UID == 0) {
+    die("*** $0:\n".
+	"    Please do not run this as root! Its already setuid!\n");
+}
+
+#
+# If no wiki support, just exit. 
+#
+if (! $BUGDBSUPPORT) {
+    print "BUGDB support is not enabled. Exit ...\n";
+    exit(0);
+}
+
+#
+# Parse command arguments. Once we return from getopts, all that should be
+# left are the required arguments.
+#
+%options = ();
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+if (defined($options{"d"})) {
+    $debug = 1;
+}
+if (@ARGV != 1) {
+    usage();
+}
+my $user = $ARGV[0];
+
+#
+# Untaint args.
+#
+if ($user =~ /^([-\w]+)$/) {
+    $user = $1;
+}
+else {
+    die("Bad data in user: $user.");
+}
+
+#
+# This script always does the right thing, so no permission checks.
+# In fact, all it does is call over to ops to run a script over there.
+#
+# Flyspray groups are not really what I want yet. Each user can only be
+# in one group per project, which means users are either in the project
+# admin group or not. 
+#
+my $query_result =
+    DBQueryFatal("select p.pid,p.trust from group_membership as p ".
+		 "left join groups as g on g.pid=p.pid and g.gid=p.gid ".
+		 "where uid='$user' and p.pid=g.gid and trust!='none'");
+
+while (my ($pid,$trust) = $query_result->fetchrow_array()) {
+    #
+    # Add to the root group for the project if proj/group root.
+    # This root project name is hardwired in the wikiproxy. Sorry.
+    #
+    if ($trust eq "project_root" || $trust eq "group_root") {
+	push(@glist, "$pid/admin");
+    }
+    else {
+	push(@glist, "$pid/$pid");
+    }
+}
+# Not a member of any projects!
+exit(0)
+    if (! @glist);
+
+#
+# All users are part of the Emulab project. This is where they get to
+# report bugs about Emulab!
+#
+# Admin users ... TBAdmin() test does not work for this test ...
+$query_result =
+    DBQueryFatal("select admin from users where uid='$user'");
+my ($isadmin) = $query_result->fetchrow_array();
+if ($isadmin) {
+    push(@glist, "Emulab/admin");
+}
+else {
+    push(@glist, "Emulab/Emulab");
+}
+
+#
+# For ssh.
+#
+$UID = $EUID;
+
+if ($CONTROL ne $BOSSNODE) {
+    my $optarg = ($debug ? "-d" : "");
+	
+    print "Setting bugdbgroups for $user on $CONTROL to @glist.\n";
+
+    if (system("$SSH -host $CONTROL $BUGDBPROXY ".
+	       "  $optarg setgroups $user @glist")) {
+	fatal("$BUGDBPROXY failed on $CONTROL!");
+    }
+}
+exit(0);
+
+sub fatal($)
+{
+    my($mesg) = $_[0];
+
+    die("*** $0:\n".
+	"    $mesg\n");
+}

configure

@@ -1364,6 +1364,7 @@ done
 
 
 
+
 
 
 #
@@ -1413,6 +1414,7 @@ PLABSUPPORT=0
 PLAB_ROOTBALL="change.me"
 PLAB_SLICEPREFIX="utah_elab"
 WIKISUPPORT=0
+BUGDBSUPPORT=0
 WINSUPPORT=0
 CVSSUPPORT=0
 TBLOGFACIL="local5"
@@ -1921,17 +1923,17 @@ for ac_hdr in ulxmlrpcpp/ulxr_config.h
 do
 ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1925: checking for $ac_hdr" >&5
+echo "configure:1927: checking for $ac_hdr" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 1930 "configure"
+#line 1932 "configure"
 #include "confdefs.h"
 #include <$ac_hdr>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1935: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1937: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -1970,17 +1972,17 @@ for ac_hdr in linux/videodev.h
 do
 ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
 echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1974: checking for $ac_hdr" >&5
+echo "configure:1976: checking for $ac_hdr" >&5
 if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
   cat > conftest.$ac_ext <<EOF
-#line 1979 "configure"
+#line 1981 "configure"
 #include "confdefs.h"
 #include <$ac_hdr>
 EOF
 ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1984: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1986: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
 ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
 if test -z "$ac_err"; then
   rm -rf conftest*
@@ -2013,7 +2015,7 @@ done
 # Extract the first word of "gtk-config", so it can be a program name with args.
 set dummy gtk-config; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2017: checking for $ac_word" >&5
+echo "configure:2019: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_prog_GTK_CONFIG'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -2092,7 +2094,7 @@ fi
 # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
 # ./install, which can be erroneously created by make from ./install.sh.
 echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:2096: checking for a BSD compatible install" >&5
+echo "configure:2098: checking for a BSD compatible install" >&5
 if test -z "$INSTALL"; then
 if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
@@ -2153,7 +2155,7 @@ esac
 # Extract the first word of "rsync", so it can be a program name with args.
 set dummy rsync; ac_word=$2
 echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2157: checking for $ac_word" >&5
+echo "configure:2159: checking for $ac_word" >&5
 if eval "test \"`echo '$''{'ac_cv_path_RSYNC'+set}'`\" = set"; then
   echo $ac_n "(cached) $ac_c" 1>&6
 else
@@ -2342,6 +2344,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
         wiki/GNUmakefile wiki/addwikiuser wiki/wikiproxy \
 	wiki/usertemplate wiki/webhometemplate \
         wiki/delwikiuser wiki/setwikigroups wiki/addwikiproj \
+        bugdb/GNUmakefile bugdb/bugdbproxy \
 	daikon/GNUmakefile daikon/daikonize daikon/find_perl "
 
 #
@@ -2554,6 +2557,7 @@ s%@OUTERBOSS_XMLRPCPORT@%$OUTERBOSS_XMLRPCPORT%g
 s%@OUTERBOSS_SSLCERTNAME@%$OUTERBOSS_SSLCERTNAME%g
 s%@PLABSUPPORT@%$PLABSUPPORT%g
 s%@WIKISUPPORT@%$WIKISUPPORT%g
+s%@BUGDBSUPPORT@%$BUGDBSUPPORT%g
 s%@TBLOGFACIL@%$TBLOGFACIL%g
 s%@PLAB_ROOTBALL@%$PLAB_ROOTBALL%g
 s%@PLAB_SLICEPREFIX@%$PLAB_SLICEPREFIX%g

configure.in

@@ -112,6 +112,7 @@ AC_SUBST(OUTERBOSS_XMLRPCPORT)
 AC_SUBST(OUTERBOSS_SSLCERTNAME)
 AC_SUBST(PLABSUPPORT)
 AC_SUBST(WIKISUPPORT)
+AC_SUBST(BUGDBSUPPORT)
 AC_SUBST(TBLOGFACIL)
 AC_SUBST(PLAB_ROOTBALL)
 AC_SUBST(PLAB_SLICEPREFIX)
@@ -194,6 +195,7 @@ PLABSUPPORT=0
 PLAB_ROOTBALL="change.me"