1. 27 Mar, 2003 1 commit
    • Leigh B. Stoller's avatar
      Changes to permission checks for nodes, experiments, and images. · 09bec812
      Leigh B. Stoller authored
      In addition to the usual checks, project_root and group_root (in the
      project) get the same permission as if they were in the subgroups with
      group_root permission. This means they can swap/terminate/reboot etc
      in subgroups even though they are not members of the subgroups.
      There is still some copy problems with files, but leaving that till
      later to deal with.
      09bec812
  2. 26 Mar, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add "gid" slot to the images table for changing permission scheme from · 4c56daf6
      Leigh B. Stoller authored
      only pid, to pid/gid like most other things in the testbed. Also add a
      "global" slot to denote images that are globally available to all
      projects (system images). The older "shared" attribute is now used to
      denote images that are shared within a project (available to all
      subgroups in the project). The migration path for existing DBs is
      given in the migrate file. Be sure to run those commands on an
      existing testbed or things will break!
      
      www/newimageid, www/newimageid_ez: A bunch of changes for
      shared/global attributes. Added a group menu to the form so users can
      create images in subgroups. Beefed up the Java code that constructs
      the path name to use the gid, shared, and global attributes of the
      form to give the user the best possible path that we can. Improved the
      pathname checking code so that we do not allow just any old path in
      case the user elects to disregard the path we carefully constructed
      for them. Also check the proj/group membership, and setup defaults for
      users that have permission in just one pid/gid to create images.
      
      libdb.in: Changed permission check in TBImageIDAccessCheck() to
      reflect shared/global attribute changes.
      
      os_load: Get rid of test that checked path of the image. The path
      checking is done in the web interface anyway, so why duplicate in 4
      places. Other minor changes reflecting shared->global name change.
      Also note that images can come from the group directory now.
      
      create_image: Get rid of test that checked path of the image. The path
      checking is done in the web interface anyway, so why duplicate in 4
      places. Also note that images can come from the group directory now.
      
      www/dbdefs: Changed permission check in TBImageIDAccessCheck() to
      reflect shared/global attribute changes.
      
      www/showimageid_list, www/showstuff: Minor global/shared attribute
      changes.
      
      www/menu: Change osids/imageids pointer to point to the image list,
      not the osid list. This is more reasonable for mere users who have
      access to the EZ form, and thus never really need to concern
      themselves with osids.
      
      www/editimageid: Add proper pathname checking. There were no checks at
      all before!
      4c56daf6
  3. 20 Mar, 2003 2 commits
    • Leigh B. Stoller's avatar
      A possible hack/fix to the concurrency problem. I have not learned · 75936b39
      Leigh B. Stoller authored
      anything conclusive, other than fork confuses mysqld, and our attempt
      to unconfuse it by closing/opening the DB connection in the child,
      confuses it even more! The parent connection is shutdown and then
      restarted as well. In node_reboot, this could happen 10 times in rapid
      succession as we fork as child for each node, and that appears to
      strain the server even more (with 20 rapid connects).
      
      So, I added a select(0.3) in TBdbfork() (in the child) to see if that
      slows things down enough. In my tests, the length of time between the
      parent and child operations makes a real difference. With a delay in
      the child, the parent connection is not closed/restarted.
      
      The astute reader will realize that I have no actual clue; just
      grasping at, uh, threads.
      75936b39
    • Leigh B. Stoller's avatar
  4. 19 Mar, 2003 1 commit
    • Mac Newbold's avatar
      New slothd change: · b73aee17
      Mac Newbold authored
      node_reboot reports node activity into the "last_ext_act" column of
      node_activity. (Ie activity that is external to the node.)
      
      This means that swapin, swapout, reload, etc etc, anything that reboots
      the node from boss/ops, will count as activity.
      b73aee17
  5. 13 Mar, 2003 1 commit
    • Chad Barb's avatar
      · 2a2c1542
      Chad Barb authored
      Added BESTOWGROUPROOT permission.
      2a2c1542
  6. 12 Mar, 2003 1 commit
    • Chad Barb's avatar
      · fa716ae9
      Chad Barb authored
      Added TB_PROJECT_GROUPGRABUSERS to Perl side, for consistency.
      fa716ae9
  7. 11 Mar, 2003 1 commit
    • Chad Barb's avatar
      · d333686c
      Chad Barb authored
      Fixed ALLOCSTATE consts.
      d333686c
  8. 07 Feb, 2003 1 commit
    • Chad Barb's avatar
      · 60563956
      Chad Barb authored
      Added Alloc State machine library calls.
      (NodeSetAllocState, NodeGetAllocState)
      60563956
  9. 02 Feb, 2003 1 commit
  10. 31 Jan, 2003 1 commit
  11. 29 Jan, 2003 4 commits
  12. 15 Jan, 2003 3 commits
  13. 18 Dec, 2002 1 commit
    • Leigh B. Stoller's avatar
      Two new routines. TBNodeBootReset() resets the startup state for a · b485a466
      Leigh B. Stoller authored
      node. Used in new tbrestart code for replaying experiments. It remains
      to be seen if this is a workable approach.
      
      TBNodeStateWait() is really WaitTillAlive, which I need in several new
      spots now. Its not as general purpose as it seems though, since there
      are only a couple of terminal states (isup) that you can actually wait
      for by querying the DB. But, I'm loathe to add any more event code to
      the system.
      b485a466
  14. 06 Dec, 2002 2 commits
  15. 14 Nov, 2002 1 commit
    • Leigh B. Stoller's avatar
      libdb: Add TBIPtoNodeID utility function. Also some minor jail related · bed7c3ee
      Leigh B. Stoller authored
      changes; add optinal jailflag argument to TBIsNodeVirtual, and add some
      constants for assigning port ranges to jailed nodes.
      
      newwanode: Allow reuse of existing node. So, if called with an IP that
      already exists in the DB, reuse those records (nodes, interfaces,
      reserved) rather than creating a new one. The web page makes sure that
      the calling node has a valid IP (REMOTE_ADDR equals IP it gives us),
      so it typically means an exiting node is being reinstalled (happening
      with RON nodes right now!).
      bed7c3ee
  16. 05 Nov, 2002 1 commit
  17. 18 Oct, 2002 1 commit
    • Mac Newbold's avatar
      Merge the newstated branch with the main tree. · 5c961517
      Mac Newbold authored
      Changes to watch out for:
      
      - db calls that change boot info in nodes table are now calls to os_select
      
      - whenever you want to change a node's pxe boot info, or def or next boot
      osids or paths, use os_select.
      
      - when you need to wait for a node to reach some point in the boot process
      (like ISUP), check the state in the database using the lib calls
      
      - Proxydhcp now sends a BOOTING state for each node that it talks to.
      
      - OSs that don't send ISUP will have one generated for them by stated
      either when they ping (if they support ping) or immediately after they get
      to BOOTING.
      
      - States now have timeouts. Actions aren't currently carried out, but they
      will be soon. If you notice problems here, let me know... we're still
      tuning it. (Before all timeouts were set to "none" in the db)
      
      One temporary change:
      
      - While I make our new free node manager daemon (freed), all nodes are
      forced into reloading when they're nfreed and the calls to reset the os
      are disabled (that will move into freed).
      5c961517
  18. 04 Oct, 2002 1 commit
  19. 17 Sep, 2002 1 commit
  20. 16 Sep, 2002 1 commit
    • Leigh B. Stoller's avatar
      Reorg of working directory and log file stuff for start/swap/end · 533dc18f
      Leigh B. Stoller authored
      experiment. Here is mail to tbops:
      
      * Moved the working directory for experiment setup/swap/end to a new
        directory located on boss instead of over NFS to /proj/$pid/$eid. This
        new location is /usr/testbed/expwork/$pid/$eid.
      
      * Changed the name of the directories we create in /usr/testbed/expinfo to
        $pid-$eid.$index where $index is a new autoincrement field in the DB
        table. I really hated the names that were created before.
      
      * Changed where logs are written from /tmp to the new location in
        /usr/testbed/expwork/$pid/$eid.
      
      Okay, why.
      
      * We no longer operate on NFS mounted directories that might hang. Its
        easier to catch the situation where a copy of the log file over at the
        end of experiment creation fails cause of an NFS problem.
      
      * We no longer have user writable files that are inputs to other parts of
        the system (like top and ptop files).  Not that a user would be bad, but
        it closes a hole.
      
      * We no longer copy user writable files from /proj to boss where we might
        fill up an important filesystem cause the user put a .ndz file in the the
        working directory. Not that a user would be bad, but it closes a hole.
      
      * Its easier to save all the log files this way, for each swap in and
        out.
      
      * Removing a directory over NFS is a royal irritant when someone is CD'ed
        into that directory or looking at a file on the other side (the astute
        observer will peg this as the reason I went down this idiotic path in the
        first place!).
      
      * About 6 other reasons that I can no longer remember. Seriously, I really
        had more reasons I can no longer remember! :-)
      533dc18f
  21. 20 Aug, 2002 2 commits
    • Leigh B. Stoller's avatar
      Get rid of that ANNOYING extra 1 second delay that all scripts were · a79c7d34
      Leigh B. Stoller authored
      exhibiting. Sheesh!
      a79c7d34
    • Leigh B. Stoller's avatar
      libdb: Add a couple of support routines to update the account_update · a9909c42
      Leigh B. Stoller authored
      flag in the nodes table when a user changes his info. Two routines,
      one to do it by type (as for widearea nodes) and another to do it by
      project (as for local) nodes. This last is kinda inefficient, but
      probably not too big a deal.
      
      mkacct: Two changes.
      1. Use the above changes in libdb when a user changes his info. With
         this change, no longer need to do an account update in the
         experiment page for the ron/wa nodes. The nodes are marked as
         needing the update in mkacct, based on the nodes the user has
         access to. Note, this change applies only to widearea nodes; still
         need to use the update option in the experiment menu for local
         nodes, although I plan to change that to at some point by adding a
         watchdog on the local nodes.
      
      2. ssh2 key support. The DB can now store both ssh1 and ssh2 keys,
         however those keys are handled differently when creating the auth
         keys files for users. There are actually two files created now, the
         second being the ssh2 key file call authorized_keys2. This change
         is mirrored in the client side code as well.
      a9909c42
  22. 11 Jul, 2002 1 commit
  23. 04 Jul, 2002 1 commit
  24. 16 Jun, 2002 1 commit
  25. 13 Jun, 2002 2 commits
  26. 11 Jun, 2002 3 commits
  27. 10 Jun, 2002 1 commit
  28. 04 Jun, 2002 1 commit
  29. 31 May, 2002 1 commit