Add a cvs proxy to run CVS commands on ops on behalf of a user. Use this

from template_exprun so that we are not reading and writing files across NFS (via cvs import).

Add a cvs proxy to run CVS commands on ops on behalf of a user. Use this
from template_exprun so that we are not reading and writing files across NFS (via cvs import).
7958c854 · Leigh B. Stoller · a92cef72 · 7958c854 · 7958c854 · 7958c854
Commit 7958c854 authored Sep 19, 2007 by Leigh B. Stoller
--- a/collab/cvstools/GNUmakefile.in
+++ b/collab/cvstools/GNUmakefile.in
@@ -11,14 +11,14 @@ SUBDIR		= collab/cvstools

 include $(OBJDIR)/Makeconf

-SBIN_SCRIPTS		= cvsrepo_ctrl
+SBIN_SCRIPTS		= cvsrepo_ctrl cvs_ctrl
 LIBEXEC_SCRIPTS		= webcvsrepo_ctrl
 CTRL_LIBEXEC_SCRIPTS	= 
 CTRL_LIB_FILES		= cvsd.conf.head
-CTRL_SBIN_SCRIPTS	= cvsrepo_ctrl.proxy
+CTRL_SBIN_SCRIPTS	= cvsrepo_ctrl.proxy cvs.proxy

 # These scripts installed setuid, with sudo. 
-SETUID_SBIN_SCRIPTS     = cvsrepo_ctrl
+SETUID_SBIN_SCRIPTS     = cvsrepo_ctrl cvs_ctrl

 #
 # Force dependencies on the scripts so that they will be rerun through

--- a/collab/cvstools/cvs.proxy.in
+++ b/collab/cvstools/cvs.proxy.in
+#!/usr/bin/perl -w
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2000-2007 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use English;
+use Getopt::Std;
+use BSD::Resource;
+use POSIX qw(:signal_h);
+    
+#
+# Simply a wrapper for the cvs.
+#
+# The first argument option is the user to run this script as, since we
+# gets invoked by a root ssh from boss. 
+#
+sub usage()
+{
+    print STDOUT
+	"Usage: cvs.proxy -u user [args ...]\n".
+        "Where options and arguments are those required by cvs\n";
+    exit(-1);
+}
+
+#
+# Configure variables
+#
+my $TB       = "@prefix@";
+my $TBOPS    = "@TBOPSEMAIL@";
+my $CVSBIN   = "/usr/bin/cvs";
+
+# Locals
+my $optlist  = "u:w:";
+my $user;
+
+#
+# Turn off line buffering on output
+#
+$| = 1;
+
+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/usr/bin:/sbin:/usr/sbin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Testbed Support libraries
+#
+use lib "@prefix@/lib";
+use libtestbed;
+
+#
+# Parse command arguments. Once we return from getopts, all that should be
+# left are the required arguments.
+#
+my $options;
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+if (defined($options{"w"})) {
+    my $workdir = $options{"w"};
+    
+    if (! chdir("$workdir")) {
+	die("*** $0:\n".
+	    "    Could not chdir to $workdir\n");
+    }
+}
+usage()
+    if (!exists($options{"u"}));
+$user = $options{"u"};
+
+#
+# First option has to be the -u option, the user to run this script as.
+#
+if ($UID != 0) {
+    die("*** $0:\n".
+	"    Must be root to run this script!");
+}
+(undef,undef,$unix_uid) = getpwnam($user) or
+    die("*** $0:\n".
+	"    No such user $user\n");
+
+#
+# Need the entire group list for the user, cause of subgroups, and
+# cause thats the correct thing to do. Too bad perl does not have a
+# getgrouplist function like the C library.
+#
+my $glist = `id -G $user`;
+if ($glist =~ /^([\d ]*)$/) {
+    $glist = $1;
+}
+else {
+    die("*** $0:\n".
+	"    Unexpected results from 'id -G $user': $glist\n");
+}
+
+# Need to split off the first group and create a proper list for $GUID.
+my @gglist   = split(" ", $glist);
+my $unix_gid = $gglist[0];
+$glist       = "$unix_gid $glist";
+
+# Flip to user and never go back!
+$GID            = $unix_gid;
+$EGID           = $glist;
+$EUID = $UID    = $unix_uid;
+$ENV{'USER'}    = $user;
+$ENV{'LOGNAME'} = $user;
+
+#
+# Fork a child process to run cvs in.
+#
+my $pid = fork();
+
+if (!defined($pid)) {
+    die("*** $0:\n".
+	"    Could not fork a new process!");
+}
+
+#
+# Child runs the cvs program niced down, and then exits.
+#
+if (! $pid) {
+    # Set the CPU limit for us.
+    setrlimit(RLIMIT_CPU, 1200, 1200);
+    
+    # Give parent a chance to react.
+    sleep(1);
+
+    exec("nice -2 $CVSBIN @ARGV");
+    die("Could not exec $CVSBIN!\n");
+}
+
+#
+# Parent waits.
+#
+waitpid($pid, 0);
+my $exit_status = $?;
+
+#
+# If the child was KILLed, then it overran its time limit.
+# Send email. Otherwise, exit with result of child.
+#
+if (($exit_status & 0xff) == SIGKILL) {
+    my $msg = "$CVSBIN Exceeded CPU Limit";
+
+    SENDMAIL($TBOPS, "CVS Exceeded CPU Limit", $msg);
+    
+    print STDERR "$msg\n";
+    exit(15);
+}
+exit($exit_status >> 8);
+
--- a/collab/cvstools/cvs_ctrl.in
+++ b/collab/cvstools/cvs_ctrl.in
+#!/usr/bin/perl -w
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2005, 2006, 2007 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use English;
+use Getopt::Std;
+use Errno qw(EEXIST);
+
+#
+# Add a mailman list, say for a project or other reason. If for a project
+# the admin password comes from the groups table. Otherwise it comes from
+# the sitevars table cause its assumed to be an admins list of some kind.
+#
+sub usage()
+{
+    print STDOUT "Usage: cvs_ctrl ...\n";
+    exit(-1);
+}
+my $optlist   = "dw:";
+my $debug     = 0;
+my $workdir;
+
+#
+# Configure variables
+#
+my $TB		= "@prefix@";
+my $CONTROL     = "@USERNODE@";
+my $BOSSNODE	= "@BOSSNODE@";
+my $SSH         = "$TB/bin/sshtb";
+my $CVSPROXY    = "$TB/sbin/cvs.proxy";
+
+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/usr/bin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Turn off line buffering on output
+#
+$| = 1;
+
+#
+# Load the Testbed support stuff. 
+#
+use lib "@prefix@/lib";
+use libdb;
+use libtestbed;
+use User;
+
+#
+# We don't want to run this script unless its the real version.
+#
+if ($EUID != 0) {
+    die("*** $0:\n".
+	"    Must be setuid! Maybe its a development version?\n");
+}
+
+#
+# This script is setuid, so please do not run it as root. Hard to track
+# what has happened.
+# 
+if ($UID == 0) {
+    die("*** $0:\n".
+	"    Please do not run this as root! Its already setuid!\n");
+}
+
+#
+# Verify user and get his DB uid and other info for later.
+#
+my $this_user = User->ThisUser();
+if (! defined($this_user)) {
+    tbdie("You ($UID) do not exist!");
+}
+my $user_uid   = $this_user->uid();
+
+#
+# Parse command arguments. Once we return from getopts, all that should be
+# left are the required arguments.
+#
+%options = ();
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+if (defined($options{"d"})) {
+    $debug = 1;
+}
+if (defined($options{"w"})) {
+    $workdir = $options{"w"};
+
+    # Note different taint check (allow /).
+    if ($workdir =~ /^([-\w\.\/]+)$/) {
+	$workdir = $1;
+    }
+    else {
+	tbdie("Bad data in workdir: $workdir");
+    }
+}
+
+my @args = ("-host", $CONTROL, $CVSPROXY, "-u", $user_uid);
+if (defined($workdir)) {
+    push(@args, "-w");
+    push(@args, $workdir);
+}
+push(@args, "--");
+foreach my $arg (@ARGV) {
+    push(@args, "\\\"$1\\\"")
+	if ($arg =~ /^(.*)$/);
+}
+
+#
+# For ssh.
+#
+$UID = $EUID;
+
+#print "$SSH @args\n";
+
+exec($SSH, @args);
--- a/tbsetup/template_exprun.in
+++ b/tbsetup/template_exprun.in
@@ -101,8 +101,10 @@ my $archcontrol = "$TB/bin/archive_control";
 my $eventcontrol= "$TB/bin/eventsys_control";
 my $tevc        = "$TB/bin/tevc";
 my $CVSBIN      = "/usr/bin/cvs";
+my $CVSCTRL     = "/usr/testbed/sbin/cvs_ctrl";
 my $FIND        = "/usr/bin/find";
 my $RCS         = "/usr/bin/rcs";
+my $SSH		= "$TB/bin/sshtb";

 # Protos
 sub ParseArgs();
@@ -159,6 +161,8 @@ my $user_name  = $this_user->name();
 my $user_email = $this_user->email();
 my $user_uid   = $this_user->uid();

+$libtestbed::SYSTEM_DEBUG = 1;
+
 #
 # Before doing anything else, check for overquota ... lets not waste
 # our time. Make sure user sees the error by exiting with 1.
@@ -554,9 +558,9 @@ if (defined($instance->runidx())) {
 	}

 	# This imports the experiment directory into the records subdir.
-	System("cd $instance_dir; ".
-	       "$CVSBIN -d $cvsdir import -I 'datastore' ".
-	       "  -m 'Import record for run $this_runid' ".
+	System("$CVSCTRL -w $instance_dir -- ".
+	       "  -d $cvsdir import -kb -I \"datastore\" ".
+	       "  -m \"Import record for run $this_runid\" ".
 	       "  $cvssubdir ${tag}_branch $tag")
 	    == 0 or fatal(-1, "Could not import new record into $cvsdir");

@@ -569,15 +573,11 @@ if (defined($instance->runidx())) {
 	    symlink($linkvalue, "$instance_dir/$pathname");
 	}

-	# No keyword subst.
-	System("$FIND $cvsdir/$cvssubdir ".
-	       "  -name '*,v' -print -exec $RCS -q -kb '{}' \\;")
-	    == 0 or fatal(-1, "Could not set -kb in $cvsdir");
-
 	# Now tag it with the same tag that was applied for the instance.
 	# Apply to the branch tag directly instead of symbolically since that
-	# does not work properly for some reason. 
-	System("$CVSBIN -d $cvsdir rtag -n -r 1.1.1 $instance_tag $cvssubdir")
+	# does not work properly for some reason.
+	System("$CVSCTRL -- ".
+	       " -d $cvsdir rtag -n -r 1.1.1 $instance_tag $cvssubdir")
 	    == 0 or fatal(-1, "Could not rtag new record in $cvsdir");

 	if ($STAMPS) {
@@ -816,7 +816,7 @@ sub ParseArgs()
    if (! getopts($optlist, \%options)) {
 	usage();
    }
-
+    
    #
    # Allow pid to be used instead of GUID.
    #