A slew of changes for jails!

tmcd/common/GNUmakefile.in

@@ -19,7 +19,7 @@ SUBDIR		= tmcd/common
 
 include $(OBJDIR)/Makeconf
 
-all:
+all:	vnodesetup
 
 include $(TESTBED_SRCDIR)/GNUmakerules
 

tmcd/common/bootvnodes

@@ -18,10 +18,10 @@ use POSIX qw(strftime);
 #
 sub usage()
 {
-    print "Usage: bootvnodes [-d] [-f]\n";
+    print "Usage: bootvnodes [-d] [-f] [-k | -h]\n";
     exit(1);
 }
-my $optlist = "df";
+my $optlist = "kdfh";
 
 #
 # Turn off line buffering on output
@@ -42,6 +42,8 @@ my $logname = "$LOGDIR/bootvnodes.debug";
 my $vndir   = "/var/emulab/jails";
 my $debug   = 0;
 my $daemon  = 1;
+my $killit  = 0;
+my $haltit  = 0;
 
 #
 # Forward declarations for prototype checking
@@ -62,6 +64,12 @@ if (defined($options{"d"})) {
 if (defined($options{"f"})) {
     $daemon = 0;
 }
+if (defined($options{"k"})) {
+    $killit = 1;
+}
+if (defined($options{"h"})) {
+    $haltit = 1;
+}
 if (@ARGV) {
     usage();
 }
@@ -95,6 +103,28 @@ if ($daemon && TBBackGround($logname)) {
     exit(0);
 }
 
+if ($killit | $haltit) {
+    my $opt = ($haltit ? "-h" : "-k");
+    my $act = ($haltit ? "Halting" : "Killing");
+    
+    print "$act vnodes ... please be patient ...\n";
+
+    opendir(DIR, "/var/emulab/jails") or
+	die("Cannot opendir /var/emulab/jails: $!\n");
+    my @files = readdir(DIR);
+    closedir(DIR);
+
+    foreach my $file (@files) {
+	if ($file ne "." && $file ne ".." &&
+	    $file =~ /^([-\w]*)$/) {
+
+	    print "$act vnode $1 ...\n";
+	    system("vnodesetup $opt $1");
+	}
+    }
+    exit(0);
+}
+
 my %curvnodelist;
 my @vnodes;
 

tmcd/common/rc.progagent

@@ -91,7 +91,7 @@ while (<CMD>) {
     }
 }
 
-if (!defined(@agents) || !defined($login)) {
+if (! @agents || !defined($login)) {
     fatal(TMPROGAGENTS . " not in proper format!");
 }
 

tmcd/common/vnodesetup

@@ -23,15 +23,16 @@ BEGIN { require "/etc/emulab/paths.pm"; import emulabpaths; }
 #
 sub usage()
 {
-    print "Usage: vnodesetup [-j [-s]] [-b | -k | -r] [-d] <vnodeid>\n".
+    print "Usage: vnodesetup [-j [-s]] [-b | -k | -r | -h] [-d] <vnodeid>\n".
 	"Use the -k option to kill the virtual node.\n";
     exit(1);
 }
-my $optlist	= "kbdjsr";
+my $optlist	= "kbdjsrh";
 
 # Locals
 my $killit	= 0;
 my $rebootit	= 0;
+my $haltit	= 0;
 my $debug	= 0;
 my $fromboot	= 0;
 my $dojail	= 0;
@@ -92,6 +93,9 @@ if (! getopts($optlist, \%options)) {
 if (defined($options{"k"})) {
     $killit = 1;
 }
+if (defined($options{"h"})) {
+    $haltit = 1;
+}
 if (defined($options{"r"})) {
     $rebootit = 1;
 }
@@ -127,11 +131,9 @@ my $vnodedir = "/var/emulab/jails/$vnodeid";
 my $logname  = "$LOGDIR/tbvnode-${vnodeid}.log";
 
 #
-# If killing the virtual node, then kill the manager process. We use
-# the negative signal number to send to the process group so that all
-# stuff gets killed in one fell swoop.
+# If killing/halting the virtual node, then kill the manager process.
 #
-if ($killit) {
+if ($killit || $haltit) {
     if (! -e $pidfile) {
 	die("*** $0:\n".
 	    "    No pid for $vnodeid manager!\n");
@@ -183,9 +185,11 @@ if (!$debug && !$interactive && TBBackGround($logname)) {
 }
 
 #
-# Change our process group since we are a daemon. Not usually important,
-# but we get called from the watchdog, and we do not want to be in
-# its process group, or it will die when we get killed.
+# Change our process group since we are a daemon; we get called from
+# the watchdog, and we do not want to be in its process group, or it
+# will die when we get killed. In any event, by putting ourselves into
+# another process group, we can more easily kill off all our decendents.
+# when tearing down.
 #
 POSIX::setsid();
 
@@ -251,7 +255,7 @@ if (! -e $vnodedir) {
 # Inform the TMCD we are setting up. 
 #
 REBOOT:
-system("tmcc -n $vnodeid state REBOOTING");
+system("tmcc -n $vnodeid state BOOTING");
 system("tmcc -n $vnodeid state TBSETUP");
 
 #
@@ -274,15 +278,28 @@ if (!defined($pid)) {
 $UID = 0;
 
 #
-# Okay, now startup the scripts.
+# This stuff is done only when the node is not in a jail. The jail setup
+# code does all this, so we avoid duplication of effort.
 #
-if (-e TMTUNNELCONFIG) {
-    print "Starting Tunnels ...\n";
-    TBForkCmd(TMTUNNELCONFIG);
-    sleep(5);
-}
-
 if (!$dojail) {
+    print STDOUT "Checking Testbed tunnel configuration ... \n";
+    dotunnels();
+
+    print STDOUT "Checking Testbed routing configuration ... \n";
+    dorouterconfig();
+
+    print STDOUT "Checking Testbed traffic generation configuration ...\n";
+    dotrafficconfig();
+
+    #
+    # Okay, now run startup the scripts
+    #
+    if (-e TMTUNNELCONFIG) {
+	print "Starting Tunnels ...\n";
+	TBForkCmd(TMTUNNELCONFIG);
+	sleep(5);
+    }
+
     if (-e TMTRAFFICCONFIG) {
 	print "Starting Traffic Generators ...\n";
 	TBForkCmd(TMTRAFFICCONFIG);
@@ -359,8 +376,10 @@ sub killvnode() {
 	die("*** $0:\n".
 	    "    Bad data in pid: $mpid!\n");
     }
-    if (kill('USR1', $mpid) == 0) {
-	print"*** Could not kill(USR1) process $mpid: $!\n";
+    my $sigtosend = ($haltit ? 'TERM' : 'USR1');
+	
+    if (kill($sigtosend, $mpid) == 0) {
+	print"*** Could not kill($sigtosend) process $mpid: $!\n";
 	return -1;
     }
     
@@ -368,11 +387,11 @@ sub killvnode() {
     # Wait for the pidfile to be removed. Do not wait too long though. 
     # 
     for (my $i = 0; $i < 30;) {
-	sleep(5);
+	sleep(2);
 	if (! -e $pidfile) {
 	    return 0;
 	}
-	$i += 5;
+	$i += 2;
     }
     print "*** Not able to kill running vnode manager process $mpid!\n";
     return 0;

tmcd/freebsd/GNUmakefile.in

@@ -112,6 +112,7 @@ script-install:	dir-install
 	$(INSTALL) -m 755 $(SRCDIR)/cpuspeed.awk $(BINDIR)/cpuspeed.awk
 	$(INSTALL) -m 755 $(SRCDIR)/tbshutdown $(BINDIR)/tbshutdown
 	$(INSTALL) -m 755 $(SRCDIR)/delaysetup $(BINDIR)/delaysetup
+	$(INSTALL) -m 755 $(SRCDIR)/ifsetup $(BINDIR)/ifsetup
 	$(INSTALL) -m 755 $(SRCDIR)/control_interface \
 			$(BINDIR)/control_interface
 	$(INSTALL) -m 644 $(SRCDIR)/gated_fxp0.conf $(BINDIR)/gated_fxp0.conf
@@ -137,15 +138,18 @@ jail-install:	dir-install
 	$(INSTALL) -m 640 $(SRCDIR)/jail/master.passwd $(JAILDIR)/master.passwd
 	$(INSTALL) -m 755 $(SRCDIR)/jail/rc.conf $(JAILDIR)/rc.conf
 	$(INSTALL) -m 755 $(SRCDIR)/jail/rc.local $(JAILDIR)/rc.local
+	$(INSTALL) -m 755 $(SRCDIR)/jail/rc.injail $(BINDIR)/rc.injail
 	$(INSTALL) -m 755 $(SRCDIR)/jail/injail.pl $(JAILDIR)/injail.pl
 	$(INSTALL) -m 755 $(SRCDIR)/jail/crontab $(JAILDIR)/crontab
-	$(INSTALL) -m 755 $(SRCDIR)/jail/jaildog.pl $(BINDIR)/jaildog.pl
-	$(INSTALL) -m 755 $(SRCDIR)/jail/jailctl $(BINDIR)/jailctl
+	$(INSTALL) -m 755 $(SRCDIR)/jail/jailsetup $(BINDIR)/jailsetup
 	$(INSTALL) -m 755 $(SRCDIR)/jail/mkjail.pl $(BINDIR)/mkjail.pl
 
 # Invoked from ../ron
 remote-install:	jail-install
 	$(INSTALL) -m 755 $(SRCDIR)/rc.ipod $(BINDIR)/rc.ipod
+	# Does tunnel stuff.
+	$(INSTALL) -m 755 $(SRCDIR)/ifsetup $(BINDIR)/ifsetup
+	$(INSTALL) -m 755 $(SRCDIR)/delaysetup $(BINDIR)/delaysetup
 	$(INSTALL) -m 755 $(SRCDIR)/liblocsetup.pm $(BINDIR)/liblocsetup.pm
 
 # Invoked from ../ron

tmcd/freebsd/cvsup.auth

 paper.emulab.net:root@any.emulab.net:NoStinkingPassword:
+boss.mini.emulab.net:root@any.mini.emulab.net:NoStinkingPassword:

tmcd/freebsd/delaysetup

@@ -384,7 +384,7 @@ sub LinkDelaySetup()
     my @delays;
     my $kernel;
     my $checkreplace = 0;
-    my $gotjails = 0;
+    my $gotjails = (defined($vnodeid) ? 1 : 0); 
     my $upcmds   = "";
     my $downcmds = "";
 

tmcd/freebsd/ifsetup

@@ -83,7 +83,9 @@ if (@ARGV) {
 
 # Uninstall just looks for the file and runs it.
 if ($uninstall) {
-    system("delaysetup -u " . (defined($vnodeid) ? "-j $vnodeid" : "")); 
+    system("delaysetup -u " . (defined($vnodeid) ? "-j $vnodeid" : ""))
+	if (!REMOTE());
+	
     system(TMIFC . " disable")
 	if (-e TMIFC);
     if (defined($vnodeid) && defined($rtabid)) {
@@ -100,7 +102,8 @@ unlink TMIFC, TMROUTECONFIG, TMTUNNELCONFIG;
 # is run via the ifconfig, so just need to run that one.
 #
 dotunnels($rtabid);
-doifconfig($rtabid);
+doifconfig($rtabid)
+    if (!REMOTE());
 dorouterconfig($rtabid);
 
 if (-e TMTUNNELCONFIG && $install) {
@@ -118,6 +121,8 @@ if (-e TMIFC && $install) {
 # Do the delaysetup stuff.
 system("delaysetup ".
        ($install ? "-i " : "") .
-       (defined($vnodeid) ? "-j $vnodeid " : ""));
+       (defined($vnodeid) ? "-j $vnodeid " : ""))
+    if (!REMOTE());
+   
 exit(0);
 

tmcd/freebsd/jail/injail.pl

@@ -14,22 +14,32 @@ use Getopt::Std;
 # of /sbin/init, since killing the jail cleanly from outside the jail
 # turns out to be rather difficult, and doing it from inside is very easy!
 #
+# Note though, when the machine is shutdown we can cleanly send this
+# script a signal from mkjail. If reboot is used instead of shutdown,
+# the system broadcasts SIGTERM, and this script will catch that and
+# die. However, thats not good cause the caller (mkjail) wipes out the
+# jail when this script exits of its own accord. So, ignore TERM, and wait
+# for mkjail to send us a USR1, which means to exit.
+#
 my $DEFCONSIX = "/bin/sh /etc/rc";
 
 #
 # Catch TERM.
 # 
 sub handler () {
-    $SIG{TERM} = 'IGNORE';
+    $SIG{USR1} = 'IGNORE';
     system("kill -TERM -1");
     sleep(1);
     system("kill -KILL -1");
     exit(1);
 }
-$SIG{TERM} = \&handler;
+$SIG{TERM} = 'IGNORE';
+$SIG{USR1} = \&handler;
 
 my $childpid = fork();
 if (!$childpid) {
+    $SIG{TERM} = 'DEFAULT';
+    
     if (@ARGV) {
 	exec @ARGV;
     }

tmcd/freebsd/jail/mkjail.pl

@@ -241,9 +241,12 @@ else {
 
 #
 # If the jail has its own IP, must insert the control network alias.
+# We use a 255.255.255.255 netmask since there might be multiple
+# virtual nodes from the same subnet on this node. 
 #
 if (defined($IPALIAS)) {
-    mysystem("ifconfig `control_interface` alias $IPALIAS netmask $IPMASK");
+    mysystem("ifconfig `control_interface` alias $IPALIAS ".
+	     "netmask 255.255.255.255");
 }
 
 #
@@ -573,7 +576,6 @@ sub cleanmess($) {
     mysystem("rm -f  $path/root/$ETCDIR/cvsup.auth");
     mysystem("rm -rf $path/root/$ETCDIR/.cvsup");
     mysystem("rm -f  $path/root/$ETCDIR/master.passwd");
-    mysystem("rm -f  $path/root/$ETCDIR/bossnode");
 
     #
     # Copy in emulabman if it exists.
@@ -640,7 +642,7 @@ sub cleanup()
     }
 
     if (defined($jailpid)) {
-	kill('TERM', $jailpid);
+	kill('USR1', $jailpid);
 	waitpid($jailpid, 0);
     }
 
@@ -816,9 +818,6 @@ sub setjailoptions() {
 		    $routetabid   = getnextrtabid();
 		    $jailoptions .= " -r $routetabid";
 		}
-		else {
-		    $jailoptions .= " -o norouting";
-		}
 		last SWITCH;
 	    };
 	    /^DEVMEM$/ && do {
@@ -839,6 +838,10 @@ sub setjailoptions() {
  	    };
 	}
     }
+    #
+    # If there is no IP for the jail, must restrict the port range of
+    # it. Otherwise it has it own IP, and there is no need to.
+    # 
     if (! defined($IPALIAS)) {
 	if (defined($portrange)) {
 	    $jailoptions .= " -p $portrange";
@@ -878,9 +881,9 @@ sub addroutestorc($rc)
     open(RC, ">>$rc") or
 	fatal("Could not open $rc to append static routes");
 
-    my $routerip = `cat $BOOTDIR/routerip`;
+    my $routerip  = `cat $BOOTDIR/routerip`;
     chomp($routerip);
-    my $hostip   = `cat $BOOTDIR/myip`;
+    my $hostip    = `cat $BOOTDIR/myip`;
     chomp($hostip);
 
     #
@@ -891,8 +894,16 @@ sub addroutestorc($rc)
     print RC "route_lo0=\"localhost -interface lo0\"\n";
     print RC "route_host=\"$hostip localhost\"\n";
     if ($IP ne $hostip) {
-	print RC "static_routes=\"\$static_routes jailip\"\n";
-	print RC "route_jailip=\"$IP localhost\"\n";
+	# Setup a route for all jails on this node, to the loopback.
+	print RC "static_routes=\"\$static_routes jailnet\"\n";
+	print RC "route_jailnet=\"-net $IP -interface lo0 255.255.255.0\"\n";
+
+	# Need a route for the private network.
+	my $ctrliface = `control_interface`;
+	chomp($ctrliface);
+	
+	print RC "static_routes=\"\$static_routes privnet\"\n";
+	print RC "route_privnet=\"-net $IP -interface $ctrliface $IPMASK\"\n";
     }
 
     #

tmcd/freebsd/liblocsetup.pm

@@ -82,15 +82,12 @@ my $SHELLS	= "/etc/shells";
 my $DEFSHELL	= "/bin/tcsh";
 
 #
-# OS dependent part of cleanup node state.
+# OS dependent part of cleanup node state. On a remote node, this will
+# only be called from inside a JAIL, or from the prepare script. 
 # 
 sub os_cleanup_node ($) {
     my ($scrub) = @_;
 
-    if (REMOTE() && !JAILED()) {
-	return 0;
-    }
-
     if (! $scrub) {
 	return 0;
     }

tmcd/freebsd/supfile.in

 #
-# When the release is bumped, be sure to remove sup/sup/FBSD45-STD/checkouts
-# on the client.
+# Bump as needed.
 #
-FBSD47-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=current
+FBSD47-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=20030610

tmcd/freebsd/testbed.sh

 #!/bin/sh
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2002 University of Utah and the Flux Group.
+# Copyright (c) 2000-2003 University of Utah and the Flux Group.
 # All rights reserved.
 #
 . /etc/emulab/paths.sh
@@ -15,6 +15,8 @@ start)
 	$BINDIR/rc.testbed
 	;;
 stop)
+	# Foreground mode.
+	$BINDIR/bootvnodes -f -h
 	echo "Informing the testbed we're rebooting"
 	$BINDIR/tmcc state SHUTDOWN
 	;;

tmcd/linux/cvsup.auth

 paper.emulab.net:root@any.emulab.net:NoStinkingPassword:
+boss.mini.emulab.net:root@any.mini.emulab.net:NoStinkingPassword:

tmcd/linux/prepare

@@ -118,19 +118,21 @@ if ( -f "$LOGDIR/pacct" ) {
     unlink("$LOGDIR/pacct");
 }
 
-opendir(VARACCT,$VARACCTDIR) or
-    die("Could not open directory $VARACCTDIR: $!");
-
-while ($dirent = readdir(VARACCT)) {
-    my $file = $VARACCTDIR . "/" . $dirent;
-    if (-f $file) {
-	if ($file =~ /acct/) {
-	    unlink($file) or
-		die ("Could not unlink $file: $!");
+if (-d $VARACCTDIR) {
+    opendir(VARACCT,$VARACCTDIR) or
+	die("Could not open directory $VARACCTDIR: $!");
+
+    while ($dirent = readdir(VARACCT)) {
+	my $file = $VARACCTDIR . "/" . $dirent;
+	if (-f $file) {
+	    if ($file =~ /acct/) {
+		unlink($file) or
+		    die ("Could not unlink $file: $!");
+	    }
 	}
     }
+    closedir(VARACCT);
 }
-closedir(VARACCT);
 
 print "Removing root's history ...\n";
 if (-f $HISTORY) {

tmcd/linux/supfile.in

 #
-# When the release is bumped, be sure to remove sup/sup/RHL71-STD/checkouts
-# on the client.
+# Bump as needed
 #
-RHL71-STD  base=@CLIENT_VARDIR@ prefix=/ preserve release=newclient
+RHL73-STD  base=@CLIENT_VARDIR@ prefix=/ preserve release=current

tmcd/ron/emulab.sh

 #!/bin/sh
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2002 University of Utah and the Flux Group.
+# Copyright (c) 2000-2003 University of Utah and the Flux Group.
 # All rights reserved.
 #
 . /etc/emulab/paths.sh
@@ -23,6 +23,7 @@ stop)
 restart)
 	if [ -f $BINDIR/emulabctl ]; then
 	    $BINDIR/emulabctl stop
+	    echo 'Sleeping a bit before restarting ...'
 	    sleep 10
 	    $BINDIR/emulabctl start
 	fi

tmcd/ron/emulabctl

@@ -82,6 +82,7 @@ if ($action eq "stop") {
     if (! -e $pidfile) {
 	exit(0);
     }
+    system("bootvnodes -f -h");
     system("kill `cat $pidfile`");
     exit($? >> 8);
 }

tmcd/ron/prepare

@@ -30,6 +30,8 @@ my $MOUNTINFO	= "/var/db/mounttab";
 my @ETCFILES    = ("rc.conf.local", "resolv.conf", "namedb/localhost.rev",
 		   "emulab.pkey", "emulab-hard.txt", "emulab-soft.txt");
 my $USERS	= "/users";
+my $SSHDIR	= "/etc/ssh";
+my @SSHFILES	= ("ssh_host_dsa_key", "ssh_host_rsa_key", "ssh_host_key");
 
 #
 # Turn off line buffering on output
@@ -171,6 +173,13 @@ if (-f $SFSHOSTKEY) {
     system("rm -f $SFSHOSTKEY");
 }
 
+print "Clearing ssh key files $SSHDIR ...\n";
+foreach my $file (@SSHFILES) {
+    if (-f "${SSHDIR}/$file") {
+	system("rm -f ${SSHDIR}/${file}");
+	system("rm -f ${SSHDIR}/${file}.pub");
+    }
+}
 
 print "Clearing out directories in $VARDIR ...\n";
 foreach my $dir (@VARDIRS) {
@@ -194,4 +203,3 @@ system("$BINDIR/mkemuman.sh");
 
 print "Clearing out old SFS links ... \n";
 system("rm -f /netbed/*");
-