and which should not. Also filled in a few minor omissions in other sections.

*** Please comment ***

in the bootinfo packet.

thats a long time to be silent.

partition on paper.

This link is presented in the Project Information list, and only for
admin people (normal users do not see the link). Only "admin" types
can do this now, but eventually we may want to open it up to the
leaders of projects, but that presents some issues I don't want to get
into just yet. The project directory in /proj is not actually deleted,
but is renamed from <proj> to <proj>-`date/time` of the deletion.
Actual deletion should be done by hand. Seems Safer. Two levels of
confirmation are requested in separate pages to guard against
erroneous removal. Mail is sent to the Testbed control email list so
we all know what has happened.

still get the entire list, while normal users get a list of projects
for which they are leaders.

killed.  Okay, so I do not really remove it since its a bad idea to be
so destructive. Instead I rename $pid to $pid-`date+20%y%m%d-%H.%M.%S`
which we can remove by hand as needed.

project Affiliation in the project application page.

(via join or start), add when the user/project is approved. Also move the
lists from /usr/testbed/www/mailists/foo.txt to /usr/testbed/lists/foo.list.

who the user is instead of passing ?uid to every page all the way down.
Update login timeout with each useful operation (done in checklogin).
Put default user name in the login box when visiting the page.

Seems to work nicely.

problems

(Note: I didn't make Rob's ssh changes since jay is waiting on
this specifically.)

with the ifc and os setup scripts. Much more robust. Even works.

and so tit can be read by the tb scripts which are running as the
real user now.

except ifc_setup deals in node_ids and, where i make the call, i
am dealing with node IP addresses. also, we are  in the habit (i am
anyway) of playing fast and loose with scoping. specifically, i use
a global scope for my database queries, statement handles and ROWS.
turns out that while in the subroutines GetCurrentOS() and OSFeatureSupported(), i was overwriting a value i was setting before (before i had called
the subroutines) and using after the calls. I think the scripts are
getting sufficiently complicated that we should use better scoping --
we can think about that after the demo.

os_setup and ifc_setup read the features list from the database for
the currently assigned OS. os_setup will not enter a ping wait for the
node to come back alive if the node does not support ping! ifc_setup
will not try and and do ifconfig stuff if the OS does not support ifconfig.

Added calls to create paperbag shell account on paper as well as
add a group entry.

does a chown to the new user, and I was not thinking to pass in a
numeric uid, and this is easier to change than the script. So there.

not /root if we're setuid....

Also, set $< to 0 if $> is 0 - this seems to be necessary to stop sshtb
from dropping root permissions.

setuid root. Modified the Makefile so that it gets the setuid bit
when the post-install target is run.

via the create-os directive in the NS file.
tbsetup/ir/handle_os.tcl - Do a valid check for the image given with
	set-node-os in the NS file, and propogate that information through
        to the IR file. Nothing is added to the DB.
tbsetup/mkexpdir - Add a tftpboot to the list of experiment directories. The
	tftpd daemon now allows kernels from /proj.
tbsetup/os_setup - Very hacky changes to allow for multiboot kernels. Read
	local images table and cross check against that for nodeos spec.
        Hardwire in "mb" as a special partition tag that says to not try
	and do too much with it. This should be changed to a DB check of
	some kind. On reboot, do not wait for these nodes to come alive since
	there is no way to determine if an oskit kernel (or any foreign)
	kernel is running.

Two changes:

	- changed the uname ssh to accept ssh output in addition
	  to the uname output. Initially, i thought this was hackish
	  but, given ssh'es propensity to output messages for every
 	  conceivable occasion, now i think this is simply robust.

	- previously, i was using perl's grep() function to
	  detect duplicate IP addresses. testing with more complicated
       	  scenarios revealed that not only was i misusing the grep()
          function, but it wasn't sufficient even when used correctly.
          Many of the IP addresses aren't reachable from paper; the script
          would deal with this, but only after lengthy delays while
          waiting for input. i changed the script to only communicate
          with interfaces on the control net.

nodes and vlans.