1. 10 Sep, 2004 1 commit
    • Leigh B. Stoller's avatar
      Small change to suexec code. This change has the potential for creating · 7e731fba
      Leigh B. Stoller authored
      unanticipated breakage. If that happens, just need to back out the
      changes under the "suexec-stuff" tag. However, the better solution will
      probably be to fix the PHP scripts that break by adding the proper
      groups in the call to suexec (in the web page, see below) or by fixing
      the backend Perl script that breaks.
      This fix is primarily to address the problem of some users being in more
      groups (cause of subgroups) then the max number of groups allowed
      (NGROUPS).  The groups that really mattered (say, for creating an
      experiment in a subgroup) could be left out cause they were at the end
      of the list.
      * suexec.c: Change how groups are handled. Instead of taking a single
        gid argument (the gid to setgid as), now takes a comma separated list
        of groups. Further, instead of doing a setgroups to the user's entire
        group list as specified in the groups file (getgroups), setgroups to
        just the groups listed on the command line, plus the user's primary
        group from the password file (this is to prevent potential breakage
        with accessing files from the users homedir, although might not really
        be necessary).
        This change is somewhat rational in the sense that in our case, suexec
        is not being used to run arbitrary user code (CGIs), but only to run
        specific scripts that we say should be run. The environment for
        running those scripts can be more tightly controlled then it would
        otherwise need to be if running some random CGI the user has in his
        public html directory.
      * www: Change the gid argument to SUEXEC() in a number of scripts so
        that the project and subgroup are explicitly given to suexec, as
        described above. For example, in beginexp:
      	SUEXEC(gid, "$pid,$unix_gid", ....);
        Aside: note that project names (pid) are always one to one with their
        unix group name, but subgroup names are not, and *always* have to be
        looked up in the DB, hence the "unix_gid" argument.
        Script breakage should require nothing more then adding the proper
        group to the list as above.
  2. 09 Sep, 2004 1 commit
  3. 08 Sep, 2004 4 commits
  4. 07 Sep, 2004 1 commit
  5. 04 Sep, 2004 2 commits
  6. 02 Sep, 2004 1 commit
  7. 01 Sep, 2004 1 commit
    • Leigh B. Stoller's avatar
      SSL version of the XMLRPC server. · a9c1045e
      Leigh B. Stoller authored
      * SSL based server (sslxmlrpc_server.py) that wraps the existing Python
        classes (what we export via the existing ssh XMLRPC server). I also have a
        demo client that is analogous the ssh demo client (sslxmlrpc_client.py).
        This client looks for an ssl cert in the user's .ssl directory, or you can
        specify one on the command line. The demo client is installed on ops, and
        is in the downloads directory with the rest of the xmlrpc stuff we export
        to users. The server runs as root, forking a child for each connection and
        logs connections to /usr/testbed/log/sslxmlrpc.log via syslog.
      * New script (mkusercert) generates SSL certs for users. Two modes of
        operation; when called from the account creation path, generates a
        unencrypted private key and certificate for use on Emulab nodes (this is
        analagous to the unencrypted SSH key we generate for users). The other mode
        of operation is used to generate an encrypted private key so that the user
        can drag a certificate to their home/desktop machine.
      * New webpage (gensslcert.php3) linked in from the My Emulab page that
        allows users to create a certificate. The user is prompted for a pass
        phrase to encrypt the private key, as well as the user's current Emulab
        login password. mkusercert is called to generate the certificate, and the
        result is stored in the user's ~/.ssl directory, and spit back to the user
        as a text file that can be downloaded and placed in the users homedir on
        their local machine.
      * The server needs to associate a certificate with a user so that it can
        flip to that user in the child after it forks. To do that, I have stored
        the uid of the user in the certificate. When a connection comes in, I grab
        the uid out of the certificate and check it against the DB. If there is a
        match (see below) the child does the usual setgid,setgroups,setuid to the
        user, instantiates the Emulab server class, and dispatches the method. At
        the moment, only one request per connection is dispatched. I'm not sure
        how to do a persistant connection on the SSL path, but probably not a big
        deal right now.
      * New DB table user_sslcerts that stores the PEM formatted certificates and
        private keys, as well as the serial number of the certificate, for each
        user. I also mark if the private key is encrypted or not, although not
        making any use of this data. At the moment, each user is allowed to get
        one unencrypted cert/key pair and one encrypted cert/key pair. No real
        reason except that I do not want to spend too much time on this until we
        see how/if it gets used. Anyway, the serial number is used as a crude form
        of certificate revocation. When the connection is made, I suck the serial
        number and uid out of the certificate, and look for a match in the table.
        If cert serial number does not match, the connection is rejected. In other
        words, revoking a certificate just means removing its entry from the DB
        for that user. I could also compare the certificate itself, but I am not
        sure what purpose that would serve since that is what the SSL handshake is
        supposed to take of, right?
      * Updated the documentation for the XMLRPC server to mention the existence
        of the SSL server and client, with a pointer into the downloads directory
        where users can pick up the client.
  8. 27 Aug, 2004 1 commit
    • Robert Ricci's avatar
      Make it possible to have ops check in with newnode. · 2a8a8f74
      Robert Ricci authored
      This starts with a new option to newnode, -o, that tells it it's
      running on ops. This reports some slightly different information
      to the checkin page.
      The checkin page and the backend newnode script then take this extra
      information into account, and deal with ops nodes slightly
  9. 26 Aug, 2004 1 commit
  10. 20 Aug, 2004 2 commits
  11. 18 Aug, 2004 1 commit
  12. 11 Aug, 2004 1 commit
  13. 09 Aug, 2004 2 commits
    • Russ Fish's avatar
      Remove outdated bug notes. · 3905bfe2
      Russ Fish authored
      Add more description of "non-tree links" and the "show"/"hide" controls.
      Add some more cross-linking and improve readability.
    • Leigh B. Stoller's avatar
      Clean up the DirectoryIndex mess. · 30c0cff3
      Leigh B. Stoller authored
      * Remove DirectoryIndex from the .htaccess file. This file set the
        index for every directory to start.php3, which was wrong.
      * Change index.html to redirect to index.php3.
      * Change start.php3 to redirect to index.php3. I left the start.php3
        script in place (one line script) so that existing bookmarks work.
      * Move the code that used to be in start.php3 to the top of
        index.php3; this is the code that would zap to the My Emulab page
        when the user was logged in (and in https mode). Much simpler now.
  14. 05 Aug, 2004 1 commit
  15. 28 Jul, 2004 1 commit
  16. 27 Jul, 2004 1 commit
  17. 26 Jul, 2004 3 commits
  18. 21 Jul, 2004 2 commits
  19. 20 Jul, 2004 2 commits
  20. 19 Jul, 2004 1 commit
  21. 16 Jul, 2004 1 commit
  22. 15 Jul, 2004 1 commit
    • Leigh B. Stoller's avatar
      Overview: Add Event Groups: · ed964507
      Leigh B. Stoller authored
      	set g1 [new EventGroup $ns]
      	$g1 add  $link0 $link1
      	$ns at 60.0 "$g1 down"
      See the new advanced tutorial section on event groups for a better
      Changed tbreport to dump the event groups table when in summary mode.
      At the same time, I changed tbreport to use the recently added
      virt_lans:vnode and ip slots, decprecating virt_nodes:ips in one more
      place. I also changed the web interface to always dump the event and
      event group summaries.
      The parser gets a new file (event.tcl), and the "at" method deals with
      event group events by expanding them inline into individual events
      sent to each member. For some agents, this is unavoidable; traffic
      generators get the initial params in the event, so it is not possible
      to send a single event to all members of the group. Same goes for
      program objects, although program objects do default to the initial
      command now, at least on new images.
      Changed the event scheduler to load the event groups table. The
      current operation is that the scheduler expands events sent to a
      group, into a set of distinct events sent to each member of the
      group. At some point we proably want to optimize this by telling the
      agents (running on the nodes) what groups they are members of.
      Other News: Added a "mustdelay" slot to the virt_lans table so the
      parser can tell assign_wrapper that a link needs to be delayed, say if
      there are events or if the link is red/gred. Previously,
      assign_wrapper tried to figure this out by looking at the event list,
      etc. I have removed that code; see database-migrate for instructions
      on how to initialize this slot in existing experiments. assign_wrapper
      is free to ignore or insert delays anyway, but having the parser do
      this makes more sense.
      I also made some "rename" changes to the parser wrt queues and lans
      and links. Not really necessary, but I got sidetracked (for several
      hours!) trying to understand that rename stuff a little better, and
      now I do.
  23. 12 Jul, 2004 3 commits
  24. 07 Jul, 2004 2 commits
  25. 01 Jul, 2004 1 commit
  26. 30 Jun, 2004 2 commits