1. 31 Mar, 2014 15 commits
  2. 27 Mar, 2014 20 commits
  3. 26 Mar, 2014 1 commit
    • Mike Hibler's avatar
      Create archive directory (expinfo) entry with unix gid of the project. · d123e03d
      Mike Hibler authored
      This is because at different times, users in different subgroups can
      create an experiment with the same name. If the directory has the
      unix group of the initial experiment with that name, then any other future
      experiment with that name but in a different subgroup will not be able
      to write the directory.
  4. 25 Mar, 2014 4 commits
    • Leigh B Stoller's avatar
      Minor fix to previous revision. · 46cc4ef7
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
      Minor fix to previous revision. · ac13f646
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
      Server side of firewall support for XEN containers. · 2faea2f3
      Leigh B Stoller authored
      This differs from the current firewall support, which assumes a single
      firewall for an entire experiment, hosted on a dedicated physical
      node. At some point, it would be better to host the dedicated firewall
      inside a XEN container, but that is a project for another day (year).
      Instead, I added two sets of firewall rules to the default_firewall_rules
      table, one for dom0 and another for domU. These follow the current
      style setup of open,basic,closed, while elabinelab is ignored since it
      does not make sense for this yet.
      These two rules sets are independent, the dom0 rules can be applied to
      the physical host, and domU rules can be applied to specific
      My goal is that all shared nodes will get the dom0 closed rules (ssh
      from local boss only) to avoid the ssh attacks that all of the racks
      are seeing.
      DomU rules can be applied on a per-container (node) basis. As
      mentioned above this is quite different, and needed minor additions to
      the virt_nodes table to allow it.