From 85b512e70412319339b9a4c6d2760619d09224d4 Mon Sep 17 00:00:00 2001 From: "Leigh B. Stoller" Date: Mon, 15 Oct 2001 18:48:38 +0000 Subject: [PATCH] Add node_admin command for users. Simply switches between the normal testbed boot process and the freebsd pxeboot/MFS kernel. I'm hoping this will be useful enough for users to load their own disk images, but we shall see. Usage is simple: /usr/testbed/bin/node_admin on|off pcXXX The "on" state boots the MFS, and the "off" states sets it back to normal. --- configure | 2 +- configure.in | 2 +- security/paperbag.in | 1 + utils/GNUmakefile.in | 4 +- utils/node_admin.in | 128 +++++++++++++++++++++++++++++++++++++++++++ xmlrpc/xmlrpcbag.in | 1 + 6 files changed, 134 insertions(+), 4 deletions(-) create mode 100755 utils/node_admin.in diff --git a/configure b/configure index 880f994da..cdddd48d2 100755 --- a/configure +++ b/configure @@ -1053,7 +1053,7 @@ outfiles="$outfiles Makeconf GNUmakefile \ tmcd/netbsd/GNUmakefile \ tmcd/tmcd.restart \ utils/GNUmakefile utils/vlandiff utils/vlansync utils/delay_config \ - utils/sshtb utils/create_image \ + utils/sshtb utils/create_image utils/node_admin \ www/GNUmakefile www/defs.php3 www/dbdefs.php3 \ rc.d/GNUmakefile rc.d/2.mysql-server.sh rc.d/3.testbed.sh \ rc.d/cvsupd.sh" diff --git a/configure.in b/configure.in index 848092195..8bdf08c01 100755 --- a/configure.in +++ b/configure.in @@ -175,7 +175,7 @@ outfiles="$outfiles Makeconf GNUmakefile \ tmcd/netbsd/GNUmakefile \ tmcd/tmcd.restart \ utils/GNUmakefile utils/vlandiff utils/vlansync utils/delay_config \ - utils/sshtb utils/create_image \ + utils/sshtb utils/create_image utils/node_admin \ www/GNUmakefile www/defs.php3 www/dbdefs.php3 \ rc.d/GNUmakefile rc.d/2.mysql-server.sh rc.d/3.testbed.sh \ rc.d/cvsupd.sh" diff --git a/security/paperbag.in b/security/paperbag.in index 368655e71..f4158a466 100755 --- a/security/paperbag.in +++ b/security/paperbag.in @@ -24,6 +24,7 @@ my $TB = "@prefix@"; "node_update" => "$TB/bin/node_update", "os_load" => "$TB/bin/os_load", "create_image" => "$TB/bin/create_image", + "node_admin" => "$TB/bin/node_admin", "delay_config" => "$TB/bin/delay_config", "savelogs" => "$TB/bin/savelogs" ); diff --git a/utils/GNUmakefile.in b/utils/GNUmakefile.in index 0db171009..48cf94e4b 100644 --- a/utils/GNUmakefile.in +++ b/utils/GNUmakefile.in @@ -8,12 +8,12 @@ SUBDIR = utils include $(OBJDIR)/Makeconf -BIN_SCRIPTS = delay_config sshtb create_image +BIN_SCRIPTS = delay_config sshtb create_image node_admin SBIN_SCRIPTS = vlandiff vlansync # # These are the ones installed on plastic (users, control, etc). # -USERBINS = create_image delay_config +USERBINS = create_image delay_config node_admin # # Force dependencies on the scripts so that they will be rerun through diff --git a/utils/node_admin.in b/utils/node_admin.in new file mode 100755 index 000000000..d7dd2d7ae --- /dev/null +++ b/utils/node_admin.in @@ -0,0 +1,128 @@ +#!/usr/bin/perl -wT +use English; +use Getopt::Std; + +# +# Turn on/off admin mode for a node. +# +sub usage() +{ + print STDOUT "Usage: nodeadmin \n"; + exit(-1); +} +my $optlist = ""; + +# +# Configure variables +# +my $TB = "@prefix@"; +my $TBOPS = "@TBOPSEMAIL@"; +my $BOSSADDR = "@BOSSNODE@"; +my $TFTPDIR = "/tftpboot"; + +# +# Testbed Support libraries +# +use lib "@prefix@/lib"; +use libdb; +use libtestbed; + +# +# Turn off line buffering on output +# +$| = 1; + +# +# Untaint the path +# +$ENV{'PATH'} = "/bin:/sbin:/usr/bin:"; +delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; + +# +# +# +my $freebsd = "$BOSSADDR:$TFTPDIR/pxeboot.freebsd"; +my $nodereboot = "$TB/bin/node_reboot"; +my $pxebootpath; +my $dbuid; + +# +# Parse command arguments. Once we return from getopts, all that should be +# left are the required arguments. +# +%options = (); +if (! getopts($optlist, \%options)) { + usage(); +} +if (@ARGV != 2) { + usage(); +} + +my $onoff = $ARGV[0]; +my $node = $ARGV[1]; + +if ($onoff ne "on" && $onoff ne "off") { + usage(); +} + +# +# Untaint the arguments. +# +if ($node =~ /^([-\w]+)$/) { + $node = $1; +} +else { + die("Tainted node name: $node"); +} + +# +# Verify user and get his DB uid. +# +if (! UNIX2DBUID($UID, \$dbuid)) { + die("*** $0:\n". + " You do not exist in the Emulab Database.\n"); +} + +# +# Root and admin types can do whatever they want. Normal users can only +# run this on nodes in their own experiments. +# +if ($UID && !TBAdmin($UID)) { + if (! NodeAccessCheck(\$node)) { + die("*** You do not have permission to create an image from $node\n"); + } + if ($node =~ /^([-\w]+)$/) { + $node = $1; + } + else { + fatal("Tainted node name: $node"); + } +} + +if ($onoff eq "on") { + $pxebootpath = $freebsd; +} +else { + my $query_result = + DBQueryFatal("select node_types.pxe_boot_path from node_types " . + "left join nodes on nodes.type=node_types.type " . + "where node_id='$node'"); + + my @row = $query_result->fetchrow_array(); + $pxebootpath = $row[0]; +} + +DBQueryFatal("update nodes set pxe_boot_path='$pxebootpath', ". + "startupcmd='', startstatus='none' ". + "where node_id='$node'"); + +# +# Reboot node +# +if (system("$nodereboot", "$node")) { + die("*** $0:\n". + " WARNING: Could not reboot $node.\n"); +} +exit(0); + + diff --git a/xmlrpc/xmlrpcbag.in b/xmlrpc/xmlrpcbag.in index 368655e71..f4158a466 100755 --- a/xmlrpc/xmlrpcbag.in +++ b/xmlrpc/xmlrpcbag.in @@ -24,6 +24,7 @@ my $TB = "@prefix@"; "node_update" => "$TB/bin/node_update", "os_load" => "$TB/bin/os_load", "create_image" => "$TB/bin/create_image", + "node_admin" => "$TB/bin/node_admin", "delay_config" => "$TB/bin/delay_config", "savelogs" => "$TB/bin/savelogs" ); -- GitLab