1. 15 Mar, 2012 1 commit
  2. 14 Mar, 2012 1 commit
    • Mike Hibler's avatar
      Pass through bootinfo flags on tmcc "bootwhat" command. · 3ca3abf6
      Mike Hibler authored
      bootwhat will now return a FLAGS=%d value corresponding to the flags
      field in the boot_what struct.
      
      NOTE: THIS REQUIRED A TMCD VERSION BUMP. We are now at version 35.
      The issue was backward compatibility with existing CD/dongle boot images
      which are overly strict in their parsing of the returned bootwhat values.
      
      Added a new boot_what flag (the whole point of this) to signify if the
      entity being returned is part of the "secure boot" path. This is used
      by the gPXE dongle to determine whether it needs to do a trusted boot
      path "sign-off" for the MFS it downloads. We used to use the name of
      the MFS as our heuristic for this.
      
      bootinfo uses the new tbdb.os_info osfeature "ontrustedboot" to determine
      whether to set the flag.
      3ca3abf6
  3. 13 Mar, 2012 1 commit
  4. 08 Mar, 2012 1 commit
  5. 06 Mar, 2012 2 commits
  6. 23 Feb, 2012 1 commit
  7. 10 Feb, 2012 1 commit
  8. 01 Feb, 2012 1 commit
    • Mike Hibler's avatar
      Add a VGAONLY attribute to the post-frisbee customization. · 53d43153
      Mike Hibler authored
      This is for BSD, so that we can tweak the default /boot/loader.conf file
      to turn off "comconsole" on machines that don't have a UART.
      In my experience, trying to probe the UART on newer machines that don't
      have one causes a kernel crash.
      
      Currently this attribute is just signalled by the existance of the
      /etc/testbed/isvgaonly file in the diskloader MFS. But this will be
      eventually sent over via "tmcc loadinfo" so that we can set the attribute
      on a per-node-type or per-node basis.
      53d43153
  9. 19 Jan, 2012 1 commit
  10. 17 Jan, 2012 1 commit
  11. 10 Jan, 2012 1 commit
  12. 06 Jan, 2012 1 commit
    • Mike Hibler's avatar
      Work around a side-effect of the GEOM gpart command. · 6000f0a3
      Mike Hibler authored
      If we are in the GEOM world (FBSD8+) and we do not find the 4th partition
      it may be because a previous gpart call noticed the unused partition
      and deleted it. This happens in elabinelab where we first repurpose
      the second (Linux) partition.
      
      If this happens, we just try re-creating the 4th partition. gpart
      will "do the right thing" in terms of offset and size.
      6000f0a3
  13. 13 Dec, 2011 1 commit
  14. 21 Nov, 2011 2 commits
  15. 15 Nov, 2011 1 commit
    • Mike Hibler's avatar
      Further overhaul of firewall code. NOTE: required bump of tmcd version to 34. · 6a26b246
      Mike Hibler authored
      Firewalls now work with nodes which require a subboss. Had to introduce new
      firewall rules which skipped around the checks that no packets to/from
      node control net IPs should pass through the firewall, if the IP in question
      belongs to a subboss (since subboss is on the node control network). It
      actually checks for all Emulab servers (boss, ops, fs or any subboss),
      so the code should work for an Emulab install which has a non-segmented
      control network in which all servers were in the same subnet as the nodes.
      
      In addition to the new rules, we also had to pass in additional information
      via "tmcc firewallinfo" giving the IP/MAC of those server nodes that are on
      the node control network. We use this to establish ARP entries on the
      inside network so that nodes can find the servers. Since the existing
      client-side firewall code in libsetup.pm would blow up if it got a line
      that it didn't recognize, I had to bump the tmcd version number and add
      some conditional code to tmcd.c:dofwinfo() to not return the extra info for
      old versions.
      
      Added a couple of new firewall variables EMULAB_BOSSES and EMULAB_SERVERS
      that are used in the new rules. Fixed the support scripts in firewall/
      to properly initialize these variables.
      
      IMPORTANT: tmcd looks up boss, ops, fs, and subbosses in the interfaces
      table to find their IPs and MAC addresses. By default, we do not create
      such interface table entries for boss/ops/fs. We have them at Utah for
      other reasons. These entries are only needed if you have a non-segmented
      control network (or a subboss) and you want to firewall such nodes.
      The script to initialize the firewall variables (initfwvars.pl) will
      print out a warning for configurations that are affected and don't have
      the entries.
      6a26b246
  16. 14 Nov, 2011 1 commit
    • Mike Hibler's avatar
      A couple of fixes for the FreeBSD 8.x-based MFSes. · c4a46533
      Mike Hibler authored
      We apparently were not setting GID/EGID quite right in runstartup, it was
      dropping a group. If that group happened to be "wheel", then any command
      requiring "sudo" would fail. Now we set GID and EGID according to the letter
      of the law.
      
      If mount of a Linux FS fails, run e2fsck and try again. BSD cannot mount
      a Linux FS if the ext3 journal requires recovery. e2fsck will handle that.
      c4a46533
  17. 04 Oct, 2011 1 commit
    • Mike Hibler's avatar
      Add node/node_type attribute "no_clflush". · fdfce71d
      Mike Hibler authored
      This is for FreeBSD to turn off use of the CLFLUSH instruction via the
      hw.clflush_disable loader var. We have encountered some opteron machines
      on which this causes problems.
      
      The attribute can be set for the node_type (via the web page for editing
      node types) or the node (via brute-force SQL hackary) to override whatever
      FreeBSD would do by default. This attribute is passed via tmcd to the
      diskloader MFS which will fixup the loader.conf file post-frisbee.
      fdfce71d
  18. 16 Aug, 2011 1 commit
  19. 10 Aug, 2011 1 commit
  20. 21 Jul, 2011 1 commit