1. 19 Jan, 2018 1 commit
  2. 26 Jul, 2017 1 commit
    • Mike Hibler's avatar
      Support for per-experiment root keypairs (Round 1). See issue #302. · c6150425
      Mike Hibler authored
      Provide automated setup of an ssh keypair enabling root to login without
      a password between nodes. The biggest challenge here is to get the private
      key onto nodes in such a way that a non-root user on those nodes cannot
      obtain it. Otherwise that user would be able to ssh as root to any node.
      This precludes simple distribution of the private key using tmcd/tmcc as
      any user can do a tmcc (tmcd authentication is based on the node, not the
      user).
      
      This version does a post-imaging "push" of the private key from boss using
      ssh. The key is pushed from tbswap after nodes are imaged but before the
      event system, and thus any user startup scripts, are started. We actually
      use "pssh" (really "pscp") to scale a bit better, so YOU MUST HAVE THE
      PSSH PACKAGE INSTALLED. So be sure to do a:
      
          pkg install -r Emulab pssh
      
      on your boss node. See the new utils/pushrootkeys.in script for more.
      
      The public key is distributed via the "tmcc localization" comma...
      c6150425
  3. 29 Jun, 2017 1 commit
  4. 05 Jun, 2017 1 commit
  5. 08 Feb, 2017 1 commit
  6. 27 Dec, 2016 1 commit
  7. 10 Mar, 2016 1 commit
  8. 09 Jul, 2015 1 commit
  9. 29 Jun, 2015 1 commit
    • Mike Hibler's avatar
      Minor mods. · d2147c40
      Mike Hibler authored
      Make sure git is in all packages due to the way our instructions
      work (i.e., checkout emulab repo, craft a defs-* file).
      
      No more DISABLE_VULNERABILITIES in extras package.
      d2147c40
  10. 26 Jun, 2015 1 commit
    • Mike Hibler's avatar
      More tweaks: · 096aeab2
      Mike Hibler authored
       * add www/p5-CGI package which is deprecated in CORE and will be removed
         in perl 5.22,
       * rename xerces-c2-devel port to xerces-c2 to avoid needing to fix our
         scripts that check for a particular package
      096aeab2
  11. 24 Jun, 2015 1 commit
    • Mike Hibler's avatar
      Updates for new FreeBSD 10.1 based servers. · 480fdc70
      Mike Hibler authored
      Big changes a comin' to try to get us back on the supported path.
      
       * perl 5.14 -> 5.20
       * mysql 5.1 -> 5.5
       * php 5.4   -> 5.6
       * tcl 8.4   -> 8.6
       * number of vim patches up to 683.
      
      Not everything tested yet, but getting there.
      
      Specific changes:
      
       * New install/ports directory. New packages for FreeBSD 10.1 are version
         6.1. Cleaned up the ports' Makefiles getting rid of conditionals for
         all older versions. Also got rid of ports we don't use. Old ports tree
         is now install/oports.
      
       * Install script changes. Make sure /usr/bin/perl and /usr/local/bin/python
         links exist. Ports no longer make these but we use them in '#!'. Changes
         to mysql install and startup script--mysql has changed a LOT since we did
         the support in 4.x. Create syslog entry for named.log. Make sure php.conf
         loads the legacy "mysql" module rather than using "mysqli".
      
       * Elabinelab support. reflect new packages, remove all old packages
         (except perl) before installing new...
      480fdc70
  12. 07 Oct, 2014 1 commit
  13. 29 May, 2014 1 commit
  14. 13 May, 2014 1 commit
  15. 09 May, 2014 1 commit
  16. 03 Apr, 2014 1 commit
    • Mike Hibler's avatar
      Support for FreeBSD 10.x boss/ops. · e81136ad
      Mike Hibler authored
      The biggest changes were related to 10.0's replacing gcc with clang
      and the switch to a new package system. The former required various
      fixes to Makefiles that hardwired "gcc" and also missing prototypes
      in source files that clang is particularly obnoxious about.
      
      There was also accomodating the normal evolution of the ports tree.
      New variables were needed in many of the Makefiles for this. Hopefully,
      all the changes I made are backward compatible, but I don't actually
      care that much since I hope to never, ever have to remake those older
      packages! A new emulab version of the m2crypto port was needed to
      reflect that m2crypto is no longer installed as an .egg file.
      
      Casualties:
      
        * Emulab assign. As of this commit, assign does not build with
          clang. It will build, but immediately core dumps if built with
          a gcc port (gcc46 below). THIS NEEDS TO BE FIXED!
      
        * Emulab nsverify. This requires building a pure ns-2.34, which
          is old and does not compile with clang. You will need to set
          NSVERIFY=0 in your defs file. I did this in defs-elabinelab
          (iff FBSD==10) but no where else right now.
      
        * Bind in the base distro. Bind is no longer part of FreeBSD
          (it has been replaced with something called "unbound"). So we
          install bind99 from a port and we make the /etc/namedb symlink
          to /usr/local/etc/namedb which is where it now lives.
      
        * Perl 5.12. It has been totally removed from the ports tree.
          We now install 5.14, the next-most obsolete version of Perl!
      
        * pkg_{add,delete,info}. As mentioned, the packages tools have
          changed. For the most part "pkg <cmd>" is the same as "pkg_<cmd>"
          but not always. This required considerable violence in the
          install/phases code. But it is actually cleaner now.
      
        * GCC in the base distro. I added installation of the gcc46 port
          to the boss and ops meta packages, just for old-times sake
          (we might wind up needing it, if still more stuff doesn't work
          with clang).
      e81136ad
  17. 12 Oct, 2013 1 commit
  18. 23 Jan, 2013 2 commits
  19. 27 Dec, 2012 2 commits
  20. 18 Dec, 2012 1 commit
  21. 17 Dec, 2012 1 commit
  22. 06 Dec, 2012 1 commit
    • Mike Hibler's avatar
      Support FreeBSD 8.3 for boss/ops install. · d6196ab5
      Mike Hibler authored
      Uses the "5.0" package set (like FBSD 9.0, but unlike FBSD 8.2) which
      includes perl 5.12, python 2.7 and apache 2.22. This is what will be
      installed on our boss and ops later this month.
      
      Some additional updates to the meta ports as well to make them "work better".
      d6196ab5
  23. 16 Nov, 2012 1 commit
  24. 01 Aug, 2012 1 commit
    • Mike Hibler's avatar
      Support 64-bit FreeBSD on the server side. · 9036d314
      Mike Hibler authored
      NOTE: currently only for FreeBSD 7.3 installs because that is the only
      set of boss/ops/fs packages I have built so far!
      
      This mostly involved minor changes to event agents. Too often we were
      passing a pointer to a "long" to *get_int32, which on a 64-bit x86 OS would
      fill the wrong half of a 64-bit variable. There was also one instance of
      TCL code that had to be tweaked to account for 32- vs 64-bit.
      
      These changes also required regeneration of SWIG stubs and an ugly change
      to the SWIG generated code to use va_copy rather than direct assignment in
      a couple of places.
      
      Also related to SWIG is ensuring that the components that go into the
      perl/python stub .so files are built with PIC. The amd64 linker requires
      this.
      
      The meta-ports had to be changed to reflect that linuxthreads and
      ulsshxmlrpcpp don't work on amd64. The former had little effect as we
      had mostly eliminated uses of linuxthreads already. The one thing that
      did change was that we do not build nfstrace on amd64 (and we don't
      currently use this anyway). Removing ulsshxmlrpcpp required switching
      to the new event scheduler (event/new_sched) that Ryan did awhile back.
      Note that it is only "new" in the sense that it uses a standard XMLRPC
      package, there should be no functional differences. However, to be safe
      we only use new_sched as the standard scheduler on 64-bit server installs.
      
      Finally, added support to elabinelab setup to do a 64-bit server install.
      Just specify FBSD73-64-STD as the boss/ops/fs osid and rc.mkelab should
      do the rest.
      
      That is pretty much it other than some random nits here and there.
      9036d314
  25. 30 May, 2012 1 commit
  26. 09 May, 2012 1 commit
  27. 30 Apr, 2012 1 commit
    • Mike Hibler's avatar
      First cut at FreeBSD 9.0 support. · 1f83c9c6
      Mike Hibler authored
      Upgrade to perl 5.12 means no more "suidperl" (setuid perl scripts).
      So we now have yet another little wrapper (security/runsuid.c) which
      runs suid and whose sole function is to exec the perl script of the
      same name in the /usr/testbed/suidbin directory. So a formerly setuid
      perl script install now goes like:
        create /usr/testbed/sbin/mkproj as a symlink to /usr/testbed/libexec/runsuid
        install real mkproj perl script in /usr/testbed/suidbin/mkproj
      When the setuid-wrapper is invoked under the name "mkproj" it execs
      /usr/testbed/suidbin/mkproj. We could almost use sudo for this purpose
      instead (see security/sudoers.in) but sudo loses one of the groups in
      the group list.
      
      /usr/include/utmp.h is gone in FreeBSD 9.0. In most places we nevered
      needed it, but in the one case that did (tg source), it just used a
      couple of the constants exposed (UT_*) and not the struct, so I just
      hardwired values for the constants.
      
      The usual tweakage to the install stuff to reflect yet another set of
      packages!
      1f83c9c6
  28. 06 Jan, 2012 1 commit
  29. 19 Jul, 2011 1 commit
  30. 22 Dec, 2010 1 commit
  31. 21 Dec, 2010 1 commit
  32. 23 Sep, 2010 1 commit
  33. 22 Sep, 2010 1 commit
    • Mike Hibler's avatar
      Support FreeBSD 7.3 server side. · 8487a057
      Mike Hibler authored
      Mostly this means a new package set emulab-*-3.1 and some corresponding
      tweaks to the install scripts and elabinelab scripts.
      
      PLEASE NOTE: a 7.3 install uses PHP5, Perl 5.10.1 and Python 2.6.
      8487a057
  34. 31 Aug, 2010 1 commit
  35. 07 Apr, 2010 1 commit
  36. 02 Apr, 2010 1 commit
    • Mike Hibler's avatar
      No longer install the emulab p5-GD-2.07 port. · 9214ef9e
      Mike Hibler authored
      We introduced this port or an older version of GD long ago to get around an
      incompatibility with perl.  Our perl has since moved on and we no longer
      need this.  To be safe, we still install this on 4.x-based installs (though
      I am sure many, many other things would break if someone tried to install
      Emulab on FreeBSD 4.x now!)
      9214ef9e
  37. 09 Feb, 2010 2 commits
    • Mike Hibler's avatar
      Add an Emulab-specific py-m2crypto port. · 798f95b1
      Mike Hibler authored
      All we really do is apply one non-standard patch to avoid SSL certificate
      mismatches due to "www.emulab.net" vs. "boss.emulab.net".  In older versions
      of m2crypto we just patched the installed library files, but the newer versions
      get installed as a .egg file, so it is easiest to just patch it while the
      port is being built.
      
      I really don't like creating a separate port for this, but the alternative
      was to modify the standard port, adding a new option.  That seemed even worse.
      798f95b1
    • Mike Hibler's avatar