Redo savelogs so that it works again. Rather then copying log files via

NFS, convert to using a proxy that runs on ops, which does the copying
locally.

configure

@@ -1431,6 +1431,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
 	tbsetup/checkpass/GNUmakefile tbsetup/assign_wrapper tbsetup/ptopgen \
 	tbsetup/frisbeelauncher tbsetup/node_update tbsetup/webnodeupdate \
 	tbsetup/savelogs tbsetup/setgroups tbsetup/websetgroups \
+	tbsetup/savelogs.proxy \
 	tbsetup/rmgroup tbsetup/webrmuser tbsetup/webrmgroup tbsetup/mkexpdir \
 	tbsetup/webnodecontrol tbsetup/node_control \
         tbsetup/webmkgroup tbsetup/mkgroup tbsetup/eventsys_start \

configure.in

@@ -476,6 +476,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
 	tbsetup/checkpass/GNUmakefile tbsetup/assign_wrapper tbsetup/ptopgen \
 	tbsetup/frisbeelauncher tbsetup/node_update tbsetup/webnodeupdate \
 	tbsetup/savelogs tbsetup/setgroups tbsetup/websetgroups \
+	tbsetup/savelogs.proxy \
 	tbsetup/rmgroup tbsetup/webrmuser tbsetup/webrmgroup tbsetup/mkexpdir \
 	tbsetup/webnodecontrol tbsetup/node_control \
         tbsetup/webmkgroup tbsetup/mkgroup tbsetup/eventsys_start \

tbsetup/GNUmakefile.in

@@ -32,7 +32,7 @@ SBIN_STUFF	= resetvlans console_setup.proxy sched_reload named_setup \
 		  rmgroup mkgroup setgroups mkproj \
 		  exports_setup.proxy vnode_setup eventsys_start \
 		  sfskey_update sfskey_update.proxy rmuser idleswap \
-		  newnode_reboot
+		  newnode_reboot savelogs.proxy
 
 LIBEXEC_STUFF	= rmproj wanlinksolve wanlinkinfo \
 		  os_setup mkexpdir console_setup webnscheck webreport \
@@ -157,6 +157,8 @@ post-install:
 	chmod u+s $(INSTALL_BINDIR)/eventsys_control
 	chown root $(INSTALL_BINDIR)/tarfiles_setup
 	chmod u+s $(INSTALL_BINDIR)/tarfiles_setup
+	chown root $(INSTALL_BINDIR)/savelogs
+	chmod u+s $(INSTALL_BINDIR)/savelogs
 
 #
 # Control node installation (okay, plastic)
@@ -171,6 +173,7 @@ endif
 control-install:	$(addprefix $(INSTALL_SBINDIR)/, console_setup.proxy) \
 			$(addprefix $(INSTALL_SBINDIR)/, exports_setup.proxy) \
 			$(addprefix $(INSTALL_SBINDIR)/, sfskey_update.proxy) \
+			$(addprefix $(INSTALL_SBINDIR)/, savelogs.proxy) \
 			$(addprefix $(INSTALL_BINDIR)/, fetchtar.proxy) \
 			$(addprefix $(INSTALL_LIBDIR)/, libtestbed.pm)
 	@$(MAKE) -C ns2ir control-install

tbsetup/savelogs.in

 #!/usr/bin/perl -wT
-
 #
 # EMULAB-COPYRIGHT
 # Copyright (c) 2000-2002, 2004 University of Utah and the Flux Group.
 # All rights reserved.
 #
-
 use English;
 
 # Save the tiplogs from an experiment
@@ -19,6 +17,8 @@ sub usage {
 # Configure variables
 #
 my $TB          = "@prefix@";
+my $CONTROL	= "@USERNODE@";
+my $sshtb	= "$TB/bin/sshtb";
 
 #
 # Testbed Support libraries
@@ -27,11 +27,31 @@ use lib "@prefix@/lib";
 use libdb;
 use libtestbed;
 
+# Locals
+my $SAVEUID = $UID;
+my $dbuid;
+
 #
 # Turn off line buffering on output
 #
 $| = 1;
 
+#
+# We don't want to run this script unless its the real version.
+#
+if ($EUID != 0) {
+    die("*** $0:\n".
+        "    Must be root! Maybe its a development version?\n");
+}
+
+#
+# Please run as yourself
+# 
+if ($UID == 0) {
+    die("*** $0:\n".
+        "    Please do not run this script as root!\n");
+}
+
 #
 # Untaint the path
 # 
@@ -39,7 +59,7 @@ $ENV{'PATH'} = "/bin:/sbin:/usr/bin:/usr/sbin";
 delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
 
 if (@ARGV != 2) {
-	&usage;
+    usage();
 }
 
 my ($pid,$eid) = @ARGV;
@@ -60,61 +80,56 @@ else {
     die("*** Bad data in eid: $eid.\n");
 }
 
-
-# XXX: This may need to be changed for use outside Utah
-my $logdir =	"/n/plastic/var/log/tiplogs";
-my $tiplogdir =	"/proj/$pid/tiplogs";
-my $savedir = 	"$tiplogdir/$eid";
-
-# Make sure the user is in the correct project
-if (! TBExptAccessCheck($UID, $pid, $eid, TB_EXPT_READINFO)) {
-    die "You do not have permission for $pid/$eid to use this script\n";
+# Must exist in the DB.
+if (! UNIX2DBUID($UID, \$dbuid)) {
+    die("*** $0:\n".
+	"    You do not exist in the Emulab Database!\n");
 }
 
-# Now, we get a list of all nodes...
-my $sth = DBQueryFatal("SELECT node_id, vname FROM reserved " .
-	"WHERE pid='$pid' AND eid='$eid'");
-if ($sth->numrows == 0) {
-	die "No nodes found for experiment $eid in project $pid!\n";
+#
+# Verify permission to muck with this experiment. This is to head off
+# permission problems early; the nodes are indvidually checked later
+# in the library.
+#
+if (!TBAdmin($UID) &&
+    !TBExptAccessCheck($UID, $pid, $eid, TB_EXPT_MODIFY)) {
+    die("*** $0:\n".
+	"    You do not have permission to save log files in $pid/$eid!\n");
 }
 
-print "Saving tiplogs for $pid/$eid to $savedir\n";
+#
+# Find the names of all physical nodes with tip lines. 
+#
+my $query_result =
+    DBQueryFatal("select r.node_id,r.vname,t.server from reserved as r ".
+		 "left join nodes as n on n.node_id=r.node_id ".
+		 "left join node_types as nt on nt.type=n.type ".
+		 "left join tiplines as t on t.node_id=r.node_id ".
+		 "where r.pid='$pid' and r.eid='$eid' and ".
+		 "      nt.isvirtnode=0 and nt.isremotenode=0 and ".
+		 "      t.server is not null");
+
+if ($query_result->numrows == 0) {
+    print "No console lines found for experiment $eid in project $pid!\n";
+    exit(0);
+}
 
-# We don't want directory creation to be modified by the user's umask, 
-# because the tiplogs directory needs to be kept group-writable.
-my $savemask = umask 000;
+my $savedir = PROJROOT() . "/$pid/tiplogs/$eid";
+my $cmdargs = "$TB/sbin/savelogs.proxy -u $dbuid -s $savedir ";
 
-# Create the directory (and its parent) if they don't exist
-foreach $dir ($tiplogdir, $savedir) {
-	if (! -d $dir) {
-		print "Making directory $dir ...\n";
-		if (!mkdir($dir,0770)) {
-			die "Unable to make directory $dir: $!\n";
-		}
-	}
+while (my ($nodeid, $vname) = $query_result->fetchrow_array()) {
+    $cmdargs .= " $nodeid $vname";
 }
 
-# Restore the saved umask
-umask $savemask;
+#
+# Now we call over to the ops node to deal with the rest of this. 
+#
+$EUID = $UID = 0;
+system("$sshtb -host $CONTROL $cmdargs");
+$EUID = $UID = $SAVEUID;
 
-# Make sure the user can write to it
-if (! -w $savedir) {
-	die "Unable to write to directory $savedir\n";
-}
+#
+# Nothing else to do ... output from proxy went to stdout/stderr.
+# 
+exit($? >> 8);
 
-while (@row = $sth->fetchrow) {
-	my ($node, $vname) = @row;
-	if (!$vname) { # In case they don't have a vname...
-		$vname = $node;
-	}
-	my $runfile = "$logdir/$node.run";
-	my $savefile = "$savedir/$vname.log";
-	print "Copying $runfile to $savefile ...\n";
-	# Test to make sure the .run file exists
-	if (! (-e $runfile && -r $runfile) ) {
-		warn "Warning: $runfile does not exist or is not " .
-			"readable, skipping.\n";
-		next;
-	}
-	system "cp $runfile $savefile";
-}

tbsetup/savelogs.proxy.in

+#!/usr/bin/perl -w
+
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2000-2004 University of Utah and the Flux Group.
+# All rights reserved.
+#
+
+use English;
+use Getopt::Std;
+use BSD::Resource;
+use POSIX qw(:signal_h);
+    
+#
+# Save off console log files.
+# 
+# The first argument option is the user to run this script as, since we
+# gets invoked by a root ssh from boss.
+#
+sub usage()
+{
+    print STDOUT
+	"Usage: savelogs.proxy -u user -s savedir nodeid vname [...]\n";
+    exit(-1);
+}
+
+#
+# Configure variables
+#
+my $TB       = "@prefix@";
+my $TBOPS    = "@TBOPSEMAIL@";
+my $logdir   = "/var/log/tiplogs";
+my $errors   = 0;
+
+#
+# Turn off line buffering on output
+#
+$| = 1;
+
+#
+# Untaint the path
+# 
+$ENV{'PATH'} = "/bin:/usr/bin:/sbin:/usr/sbin";
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Testbed Support libraries
+#
+use lib "@prefix@/lib";
+use libtestbed;
+
+#
+# First option has to be the -u option, the user to run this script as.
+#
+if ($UID != 0 || $EUID != 0) {
+    die("*** $0:\n".
+	"    Must be root to run this script!\n");
+}
+if ($ARGV[0] ne "-u" ||
+    $ARGV[2] ne "-s" ||
+    scalar(@ARGV) < 6 ||
+    scalar(@ARGV) & 0x1) {
+    usage();
+}
+
+my $user    = $ARGV[1];
+my $savedir = $ARGV[3];
+shift(@ARGV);
+shift(@ARGV);
+shift(@ARGV);
+shift(@ARGV);
+
+(undef,undef,$unix_uid) = getpwnam($user) or
+    die("*** $0:\n".
+	"    No such user $user\n");
+
+#
+# Need the entire group list for the user, cause of subgroups, and
+# cause thats the correct thing to do. Too bad perl does not have a
+# getgrouplist function like the C library.
+#
+my $glist = `/usr/bin/id -G $user`;
+if ($glist =~ /^([\d ]*)$/) {
+    $glist = $1;
+}
+else {
+    die("*** $0:\n".
+	"    Unexpected results from 'id -G $user': $glist\n");
+}
+
+# Need to split off the first group and create a proper list for $GUID.
+my @gglist   = split(" ", $glist);
+my $unix_gid = $gglist[0];
+$glist       = "$unix_gid $glist";
+
+# Flip to user and never go back!
+$GID            = $unix_gid;
+$EGID           = $glist;
+$EUID = $UID    = $unix_uid;
+$ENV{'USER'}    = $user;
+$ENV{'LOGNAME'} = $user;
+
+#
+# Okay, now we can save logs for each console.
+# 
+print "Saving tiplogs to $savedir\n";
+
+if (! -e $savedir) {
+    # We do not want directory creation to be modified by the user's umask, 
+    # because the tiplogs directory needs to be kept group-writable.
+    my $savemask = umask 000;
+    
+    print "Making directory $savedir ...\n";
+    system("/bin/mkdir -m 0770 -p $savedir") == 0
+	or die("*** $0:\n".
+	       "    Unable to make directory $savedir!\n");
+
+    # Restore the saved umask
+    umask $savemask;
+}
+
+# Make sure the user can write to it
+if (! -w $savedir) {
+    die("*** $0:\n".
+	"    Unable to write to directory $savedir\n");
+}
+
+while (@ARGV) {
+    my $nodeid   = shift(@ARGV);
+    my $vname    = shift(@ARGV);
+    my $runfile  = "$logdir/$nodeid.run";
+    my $savefile = "$savedir/$vname.log";
+    
+    print "Copying $runfile to $savefile ...\n";
+    # Test to make sure the .run file exists
+    if (! (-e $runfile && -r $runfile) ) {
+	print "*** WARNING:\n".
+	      "Console log for $nodeid does not exist or is not readable. ".
+	      "Skipping.\n";
+	$errors++;
+	next;
+    }
+    system("/bin/cp $runfile $savefile") == 0
+	or $errors++;
+}
+exit($errors);