All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit d92a0489 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Redo savelogs so that it works again. Rather then copying log files via

NFS, convert to using a proxy that runs on ops, which does the copying
locally.
parent 4c68e20f
......@@ -1431,6 +1431,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/checkpass/GNUmakefile tbsetup/assign_wrapper tbsetup/ptopgen \
tbsetup/frisbeelauncher tbsetup/node_update tbsetup/webnodeupdate \
tbsetup/savelogs tbsetup/setgroups tbsetup/websetgroups \
tbsetup/savelogs.proxy \
tbsetup/rmgroup tbsetup/webrmuser tbsetup/webrmgroup tbsetup/mkexpdir \
tbsetup/webnodecontrol tbsetup/node_control \
tbsetup/webmkgroup tbsetup/mkgroup tbsetup/eventsys_start \
......
......@@ -476,6 +476,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/checkpass/GNUmakefile tbsetup/assign_wrapper tbsetup/ptopgen \
tbsetup/frisbeelauncher tbsetup/node_update tbsetup/webnodeupdate \
tbsetup/savelogs tbsetup/setgroups tbsetup/websetgroups \
tbsetup/savelogs.proxy \
tbsetup/rmgroup tbsetup/webrmuser tbsetup/webrmgroup tbsetup/mkexpdir \
tbsetup/webnodecontrol tbsetup/node_control \
tbsetup/webmkgroup tbsetup/mkgroup tbsetup/eventsys_start \
......
......@@ -32,7 +32,7 @@ SBIN_STUFF = resetvlans console_setup.proxy sched_reload named_setup \
rmgroup mkgroup setgroups mkproj \
exports_setup.proxy vnode_setup eventsys_start \
sfskey_update sfskey_update.proxy rmuser idleswap \
newnode_reboot
newnode_reboot savelogs.proxy
LIBEXEC_STUFF = rmproj wanlinksolve wanlinkinfo \
os_setup mkexpdir console_setup webnscheck webreport \
......@@ -157,6 +157,8 @@ post-install:
chmod u+s $(INSTALL_BINDIR)/eventsys_control
chown root $(INSTALL_BINDIR)/tarfiles_setup
chmod u+s $(INSTALL_BINDIR)/tarfiles_setup
chown root $(INSTALL_BINDIR)/savelogs
chmod u+s $(INSTALL_BINDIR)/savelogs
#
# Control node installation (okay, plastic)
......@@ -171,6 +173,7 @@ endif
control-install: $(addprefix $(INSTALL_SBINDIR)/, console_setup.proxy) \
$(addprefix $(INSTALL_SBINDIR)/, exports_setup.proxy) \
$(addprefix $(INSTALL_SBINDIR)/, sfskey_update.proxy) \
$(addprefix $(INSTALL_SBINDIR)/, savelogs.proxy) \
$(addprefix $(INSTALL_BINDIR)/, fetchtar.proxy) \
$(addprefix $(INSTALL_LIBDIR)/, libtestbed.pm)
@$(MAKE) -C ns2ir control-install
......
#!/usr/bin/perl -wT
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002, 2004 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
# Save the tiplogs from an experiment
......@@ -19,6 +17,8 @@ sub usage {
# Configure variables
#
my $TB = "@prefix@";
my $CONTROL = "@USERNODE@";
my $sshtb = "$TB/bin/sshtb";
#
# Testbed Support libraries
......@@ -27,11 +27,31 @@ use lib "@prefix@/lib";
use libdb;
use libtestbed;
# Locals
my $SAVEUID = $UID;
my $dbuid;
#
# Turn off line buffering on output
#
$| = 1;
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
die("*** $0:\n".
" Must be root! Maybe its a development version?\n");
}
#
# Please run as yourself
#
if ($UID == 0) {
die("*** $0:\n".
" Please do not run this script as root!\n");
}
#
# Untaint the path
#
......@@ -39,7 +59,7 @@ $ENV{'PATH'} = "/bin:/sbin:/usr/bin:/usr/sbin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
if (@ARGV != 2) {
&usage;
usage();
}
my ($pid,$eid) = @ARGV;
......@@ -60,61 +80,56 @@ else {
die("*** Bad data in eid: $eid.\n");
}
# XXX: This may need to be changed for use outside Utah
my $logdir = "/n/plastic/var/log/tiplogs";
my $tiplogdir = "/proj/$pid/tiplogs";
my $savedir = "$tiplogdir/$eid";
# Make sure the user is in the correct project
if (! TBExptAccessCheck($UID, $pid, $eid, TB_EXPT_READINFO)) {
die "You do not have permission for $pid/$eid to use this script\n";
# Must exist in the DB.
if (! UNIX2DBUID($UID, \$dbuid)) {
die("*** $0:\n".
" You do not exist in the Emulab Database!\n");
}
# Now, we get a list of all nodes...
my $sth = DBQueryFatal("SELECT node_id, vname FROM reserved " .
"WHERE pid='$pid' AND eid='$eid'");
if ($sth->numrows == 0) {
die "No nodes found for experiment $eid in project $pid!\n";
#
# Verify permission to muck with this experiment. This is to head off
# permission problems early; the nodes are indvidually checked later
# in the library.
#
if (!TBAdmin($UID) &&
!TBExptAccessCheck($UID, $pid, $eid, TB_EXPT_MODIFY)) {
die("*** $0:\n".
" You do not have permission to save log files in $pid/$eid!\n");
}
print "Saving tiplogs for $pid/$eid to $savedir\n";
#
# Find the names of all physical nodes with tip lines.
#
my $query_result =
DBQueryFatal("select r.node_id,r.vname,t.server from reserved as r ".
"left join nodes as n on n.node_id=r.node_id ".
"left join node_types as nt on nt.type=n.type ".
"left join tiplines as t on t.node_id=r.node_id ".
"where r.pid='$pid' and r.eid='$eid' and ".
" nt.isvirtnode=0 and nt.isremotenode=0 and ".
" t.server is not null");
if ($query_result->numrows == 0) {
print "No console lines found for experiment $eid in project $pid!\n";
exit(0);
}
# We don't want directory creation to be modified by the user's umask,
# because the tiplogs directory needs to be kept group-writable.
my $savemask = umask 000;
my $savedir = PROJROOT() . "/$pid/tiplogs/$eid";
my $cmdargs = "$TB/sbin/savelogs.proxy -u $dbuid -s $savedir ";
# Create the directory (and its parent) if they don't exist
foreach $dir ($tiplogdir, $savedir) {
if (! -d $dir) {
print "Making directory $dir ...\n";
if (!mkdir($dir,0770)) {
die "Unable to make directory $dir: $!\n";
}
}
while (my ($nodeid, $vname) = $query_result->fetchrow_array()) {
$cmdargs .= " $nodeid $vname";
}
# Restore the saved umask
umask $savemask;
#
# Now we call over to the ops node to deal with the rest of this.
#
$EUID = $UID = 0;
system("$sshtb -host $CONTROL $cmdargs");
$EUID = $UID = $SAVEUID;
# Make sure the user can write to it
if (! -w $savedir) {
die "Unable to write to directory $savedir\n";
}
#
# Nothing else to do ... output from proxy went to stdout/stderr.
#
exit($? >> 8);
while (@row = $sth->fetchrow) {
my ($node, $vname) = @row;
if (!$vname) { # In case they don't have a vname...
$vname = $node;
}
my $runfile = "$logdir/$node.run";
my $savefile = "$savedir/$vname.log";
print "Copying $runfile to $savefile ...\n";
# Test to make sure the .run file exists
if (! (-e $runfile && -r $runfile) ) {
warn "Warning: $runfile does not exist or is not " .
"readable, skipping.\n";
next;
}
system "cp $runfile $savefile";
}
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use BSD::Resource;
use POSIX qw(:signal_h);
#
# Save off console log files.
#
# The first argument option is the user to run this script as, since we
# gets invoked by a root ssh from boss.
#
sub usage()
{
print STDOUT
"Usage: savelogs.proxy -u user -s savedir nodeid vname [...]\n";
exit(-1);
}
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $logdir = "/var/log/tiplogs";
my $errors = 0;
#
# Turn off line buffering on output
#
$| = 1;
#
# Untaint the path
#
$ENV{'PATH'} = "/bin:/usr/bin:/sbin:/usr/sbin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Testbed Support libraries
#
use lib "@prefix@/lib";
use libtestbed;
#
# First option has to be the -u option, the user to run this script as.
#
if ($UID != 0 || $EUID != 0) {
die("*** $0:\n".
" Must be root to run this script!\n");
}
if ($ARGV[0] ne "-u" ||
$ARGV[2] ne "-s" ||
scalar(@ARGV) < 6 ||
scalar(@ARGV) & 0x1) {
usage();
}
my $user = $ARGV[1];
my $savedir = $ARGV[3];
shift(@ARGV);
shift(@ARGV);
shift(@ARGV);
shift(@ARGV);
(undef,undef,$unix_uid) = getpwnam($user) or
die("*** $0:\n".
" No such user $user\n");
#
# Need the entire group list for the user, cause of subgroups, and
# cause thats the correct thing to do. Too bad perl does not have a
# getgrouplist function like the C library.
#
my $glist = `/usr/bin/id -G $user`;
if ($glist =~ /^([\d ]*)$/) {
$glist = $1;
}
else {
die("*** $0:\n".
" Unexpected results from 'id -G $user': $glist\n");
}
# Need to split off the first group and create a proper list for $GUID.
my @gglist = split(" ", $glist);
my $unix_gid = $gglist[0];
$glist = "$unix_gid $glist";
# Flip to user and never go back!
$GID = $unix_gid;
$EGID = $glist;
$EUID = $UID = $unix_uid;
$ENV{'USER'} = $user;
$ENV{'LOGNAME'} = $user;
#
# Okay, now we can save logs for each console.
#
print "Saving tiplogs to $savedir\n";
if (! -e $savedir) {
# We do not want directory creation to be modified by the user's umask,
# because the tiplogs directory needs to be kept group-writable.
my $savemask = umask 000;
print "Making directory $savedir ...\n";
system("/bin/mkdir -m 0770 -p $savedir") == 0
or die("*** $0:\n".
" Unable to make directory $savedir!\n");
# Restore the saved umask
umask $savemask;
}
# Make sure the user can write to it
if (! -w $savedir) {
die("*** $0:\n".
" Unable to write to directory $savedir\n");
}
while (@ARGV) {
my $nodeid = shift(@ARGV);
my $vname = shift(@ARGV);
my $runfile = "$logdir/$nodeid.run";
my $savefile = "$savedir/$vname.log";
print "Copying $runfile to $savefile ...\n";
# Test to make sure the .run file exists
if (! (-e $runfile && -r $runfile) ) {
print "*** WARNING:\n".
"Console log for $nodeid does not exist or is not readable. ".
"Skipping.\n";
$errors++;
next;
}
system("/bin/cp $runfile $savefile") == 0
or $errors++;
}
exit($errors);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment