Commit 375d6786 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Add a script to remove old authorities (sa,cm) from the DB.

parent 1e28149f
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2008 University of Utah and the Flux Group.
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
package GeniAuthority;
......@@ -154,6 +154,30 @@ sub type($) { return field($_[0], "type"); }
sub cert($) { return $_[0]->{'CERT'}->cert(); }
sub GetCertificate($) { return $_[0]->{'CERT'}; }
#
# Delete from the DB.
#
sub Delete($)
{
my ($self) = @_;
return -1
if (! ref($self));
if ($self->GetCertificate()->Delete() != 0) {
print STDERR "Could not delete certificate for $self\n";
return -1;
}
my $uuid = $self->uuid();
DBQueryWarn("delete from geni_authorities ".
"where uuid='$uuid'")
or return -1;
# Delete fromcache.
delete($authorities{$uuid});
return 0;
}
#
# Check to see if there is an existing authority with the same prefix.
#
......
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2008 University of Utah and the Flux Group.
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
package GeniComponent;
......@@ -158,6 +158,31 @@ sub cert($) { return $_[0]->{'CERT'}->cert(); }
sub GetCertificate($) { return $_[0]->{'CERT'}; }
sub GetManager($) { return $_[0]->{'MANAGER'}; }
#
# Delete a component from the DB.
#
sub Delete($)
{
my ($self) = @_;
return -1
if (! ref($self));
if ($self->GetCertificate()->Delete() != 0) {
print STDERR "Could not delete certificate for $self\n";
return -1;
}
my $uuid = $self->uuid();
DBQueryWarn("delete from geni_components ".
"where uuid='$uuid'")
or return -1;
# Delete from the cache.
delete($components{$uuid});
return 0;
}
#
# Compare two component refs.
#
......@@ -258,6 +283,38 @@ sub CreateFromCertificate($$;$)
return $component;
}
#
# Delete all components for a CM.
#
sub DeleteAll($$)
{
my ($class, $authority) = @_;
my $uuid = $authority->uuid();
my $query_result =
DBQueryWarn("select uuid from geni_components ".
"where manager_uuid='$uuid'");
return -1
if (! $query_result);
return 0
if (!$query_result->numrows);
while (my ($uuid) = $query_result->fetchrow_array()) {
my $component = GeniComponent->Lookup($uuid);
if (!defined($component)) {
print STDERR "Could not lookup component $uuid\n";
return -1;
}
if ($component->Delete() != 0) {
print STDERR "Could not delete $component\n";
return -1;
}
}
return 0;
}
# _Always_ make sure that this 1 is at the end of the file...
1;
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2008 University of Utah and the Flux Group.
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
package GeniSlice;
......@@ -598,5 +598,54 @@ sub SetShutdown($$)
return 0;
}
#
# Delete all slices for an authority.
#
sub DeleteAll($$)
{
my ($class, $authority) = @_;
my $uuid = $authority->uuid();
my $query_result =
DBQueryWarn("select uuid from geni_slices ".
"where sa_uuid='$uuid'");
return -1
if (! $query_result);
return 0
if (!$query_result->numrows);
while (my ($uuid) = $query_result->fetchrow_array()) {
my $slice = GeniSlice->Lookup($uuid);
if (!defined($slice)) {
print STDERR "Could not lookup slice $uuid\n";
return -1;
}
#
# Do not allow active slices to be deleted.
#
my $aggregate = GeniAggregate->SliceAggregate($slice);
if (defined($aggregate)) {
print STDERR "Cannot delete active slice $slice:\n";
return -1;
}
my @slivers;
if (GeniSliver->SliceSlivers($slice, \@slivers) != 0) {
print STDERR "Cannot lookup slivers for $slice:\n";
return -1;
}
if (@slivers) {
print STDERR "Cannot delete active slice $slice:\n";
return -1;
}
if ($slice->Delete() != 0) {
print STDERR "Could not delete $slice\n";
return -1;
}
}
return 0;
}
# _Always_ make sure that this 1 is at the end of the file...
1;
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2008 University of Utah and the Flux Group.
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
package GeniUser;
......@@ -494,6 +494,59 @@ sub IsLocal($)
return ref($self) eq "GeniUser::LocalUser";
}
#
# Delete all slices for an authority.
#
sub DeleteAll($$)
{
my ($class, $authority) = @_;
my $uuid = $authority->uuid();
my $query_result =
DBQueryWarn("select uuid from geni_users ".
"where sa_uuid='$uuid'");
return -1
if (! $query_result);
return 0
if (!$query_result->numrows);
while (my ($uuid) = $query_result->fetchrow_array()) {
my $user = GeniUser->Lookup($uuid);
if (!defined($user)) {
print STDERR "Could not lookup user $uuid\n";
return -1;
}
#
# Do not allow users with active slices to be deleted.
#
my $active_result =
DBQueryWarn("select uuid from geni_slices ".
"where creator_uuid='$uuid'");
return -1
if (!$active_result);
if ($active_result->numrows()) {
print STDERR "$user is heading up active slices\n";
}
$active_result =
DBQueryWarn("select uuid from geni_slivers ".
"where creator_uuid='$uuid'");
return -1
if (!$active_result);
if ($active_result->numrows()) {
print STDERR "$user is heading up active slivers\n";
}
if ($user->Delete() != 0) {
print STDERR "Could not delete $user\n";
return -1;
}
}
return 0;
}
############################################################################
#
# Wrapper for local users.
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2008 University of Utah and the Flux Group.
# Copyright (c) 2000-2009 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -14,7 +14,7 @@ include $(OBJDIR)/Makeconf
SBIN_STUFF = cleanupslice
PSBIN_STUFF = register_resources expire_daemon gencrl postcrl \
createcerts initsite addauthority getcacerts \
gencrlbundle shutdownslice
gencrlbundle shutdownslice remauthority
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
......
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
use strict;
use English;
use Data::Dumper;
use Getopt::Std;
#
# Remove an authority from the DB.
#
sub usage()
{
print "Usage: addauthority [-c] <uuid>\n";
exit(1);
}
my $optlist = "c";
my $asch = 0;
sub fatal($);
#
# Check args.
#
my %options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"c"})) {
$asch = 1;
}
usage()
if (@ARGV != 1);
my $uuid = $ARGV[0];
use vars qw($GENI_DBNAME);
if ($asch) {
$GENI_DBNAME = "geni-ch";
}
# Now we can load the libraries after setting the proper DB.
use lib '@prefix@/lib';
require GeniDB;
require GeniCertificate;
require GeniAuthority;
require GeniSlice;
require GeniUser;
my $authority = GeniAuthority->Lookup($uuid);
if (!defined($authority)) {
fatal("No such authority in DB");
}
if ($authority->type() eq "cm") {
if (GeniComponent->DeleteAll($authority) != 0) {
fatal("Could not delete components for $authority");
}
}
elsif ($authority->type() eq "sa") {
if (GeniSlice->DeleteAll($authority) != 0) {
fatal("Could not delete slices for $authority");
}
if (GeniUser->DeleteAll($authority) != 0) {
fatal("Could not delete users for $authority");
}
}
else {
fatal("Do not know how to delete $authority");
}
if ($authority->Delete() != 0) {
fatal("Could not delete components for $authority");
}
exit(0);
sub fatal($)
{
my ($msg) = @_;
die("*** $0:\n".
" $msg\n");
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment