- 25 Nov, 2014 1 commit
-
-
Mike Hibler authored
-
- 24 Nov, 2014 2 commits
-
-
Kirk Webb authored
This enhances the power_ipmi module in three ways: * Will now check for auth creds in the outets_remoteauth table. - Previously the module had credentials hard-wired. - Key role in table should be "ipmi-passwd". * Makes it run in parallel for the set of outlets provided - via emutil::ParRun(). * HP Moonshot chassis iLO support. - Device (node) type == "ipmi-ms". - Outlet to ipmi address resolution. - Additional required ipmitool parameters ("lanplus" protocol). * Supports KGKEY for session encryption. - KGKEYs can be placed in the DB ("ipmi-kgkey" role, key encoded in hex). Note that the "status" command doesn't really work presently, but that's OK since it wasn't ever hooked in.
-
Kirk Webb authored
-
- 23 Nov, 2014 4 commits
-
-
Mike Hibler authored
-
Mike Hibler authored
-
Mike Hibler authored
-
Mike Hibler authored
Apparently at some point in the past, wire info for new nodes moved into its own table rather than using the switch_* fields of new_interfaces. For Geniracks or if a certain feature is set, then this new style is used. However, newscript unconditionally assumed the new format and generated incomplete entries for non-Geniracks. Newscript now makes the same checks as newnode.
-
- 21 Nov, 2014 1 commit
-
-
Mike Hibler authored
-
- 19 Nov, 2014 2 commits
-
-
Kirk Webb authored
Move the taint clearing action so that it happens as the node exits the "reloading" experiment (vs. when it goes into reloading).
-
Kirk Webb authored
Also add utility function to allow the node to get the exact details of the image it is running ('imageinfo'). Some of the taint checks are rather heavy-handed presently. Pretty much any vector that could be used by the user to do something as root has been severed right at the top of the relevant tmcd calls. Calls affected: manifest ('blackbox' and 'useronly' taintstates) rpms ('blackbox' and 'useronly' taintstates) tarballs ('blackbox' and 'useronly' taintstates) blobs ('blackbox' and 'useronly' taintstates) startupcmd ('blackbox' taintstate) mounts ('blackbox' taintstate) programs ('blackbox' taintstate) Taint handling for the 'accounts' call was dealt with in a prior commit.
-
- 18 Nov, 2014 2 commits
-
-
Mike Hibler authored
-
Mike Hibler authored
Also fix incorrect check for a dictionary entry that doesn't exist.
-
- 17 Nov, 2014 2 commits
-
-
Mike Hibler authored
Conflicts: clientside/os/imagezip/ffs/disklabel.h config.h.in configure configure.ac
-
Mike Hibler authored
-
- 16 Nov, 2014 2 commits
-
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
- 15 Nov, 2014 1 commit
-
-
Leigh B Stoller authored
-
- 14 Nov, 2014 6 commits
-
-
Mike Hibler authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Mike Hibler authored
Just in case the default route is via a VLAN device.
-
Leigh B Stoller authored
value beyond reasonable size.
-
- 13 Nov, 2014 1 commit
-
-
Kirk Webb authored
Update some comments and rename GetAllowedLeases to AllowedLeases. Minor consistency updates.
-
- 12 Nov, 2014 16 commits
-
-
Kirk Webb authored
Two types of global permissions are supported: * Anonymous read-only (to support users without local accounts). * Read-only for users with local accounts. Global permissions are added to leases by way of entries of type "global" in the lease_permissions table. The lease mod tool still needs to be updated to make use of the updated library support here. The new GetAllowedLeases() method in Lease.pm was reworked - it became clear that this was needed as I did the global RO permissions stuff.
-
Kirk Webb authored
Also adjust some of the existing lease enumeration functions to take a lease type selector argument. Here is the comment above the new GetAllowedLeases() method: Return a list of leases for which a user OR entire project has access. Permissions are determined as follows: * The owner of a lease always has full (RW) access * Users in a project with group_root or above trust always have full (RW) access to leases associated with that project. * Explicitly granted per-user and per-project permissions are extracted from the lease_permissions tables. Arguments: * upid - User OR Project object to lookup lease access for. * type - Optional lease type selector. Restrict results to this type of lease. Returns: Array of lease objects the given principal (user or project) has access to. To each of these lease objects, an "allow_modify" boolean is set, accessible via $leaseobj->allow_modify().
-
Leigh B Stoller authored
-
Mike Hibler authored
-
Leigh B Stoller authored
Project leases are now per-group, so we build a sub authority certificate for a remote dataset so that on the remote side, it is created inside the group named by the project on the local side. Many bug fixes.
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
-
Leigh B Stoller authored
to.
-
Leigh B Stoller authored
-