1. 11 Nov, 2014 3 commits
    • Leigh B Stoller's avatar
      Add gid to project_leases, and allow creation in subgroups. · d859078e
      Leigh B Stoller authored
      This is not exposed to users, the main reason for this is so that the name
      space for leases (datasets) is per-group instead of per-project. We need
      this when creating datasets via the geni interface (backend to APT), since
      all leases are created in the holding project. Without a subgroup, we would
      run into name collisions on the backend. It also gives us finer access
      permission control for the same reason.
      Note that I yanked out the lease cache from Lease.pm (not worth the
      trouble), and I expanded Lookup to allow for the usual variety of
      possibilities that we allow in other Lookup methods.
    • Leigh B Stoller's avatar
      Oops, forgot to load Time::Local. · a9440d74
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
      Add gid to project_leases table. · 82d24c28
      Leigh B Stoller authored
  2. 10 Nov, 2014 2 commits
    • Leigh B Stoller's avatar
      Fix to previous revision. · 15d451ef
      Leigh B Stoller authored
    • Mike Hibler's avatar
      Fix Linux MFS issue. · 254d0d6d
      Mike Hibler authored
      When locating the root device, if a BSD disk partition fills the entire
      DOS partition, then Linux will not create a separate /dev entry for it.
      In that case, we use the DOS partition device.
      Also, a couple of changes to resync with BSD slicefix.
  3. 09 Nov, 2014 2 commits
    • Mike Hibler's avatar
      Change of strategy: don't pass realpath-ed path to client side. · 67039354
      Mike Hibler authored
      We still use realpath to validate the path up front, but we pass the
      original (DB) path on to the client-side. Passing the resolved path was
      wrong anyway for clients that write images across NFS, because the path
      the client uses could be different than that computed on the server
      (e.g., /proj/foo vs. /.amd_mnt/ops/proj/foo) due to the way mounts are
      done. Note that the server will again validate the client-provided path,
      so if someone were to mess with a symlink in the path between when
      create_image verifies it and when it gets used, there is still no danger.
      This will probably eliminate the need for the AMD hack, but I'll leave
      it just to be safe.
    • Mike Hibler's avatar
      Finish the AMD-related hack. · dd8bdbae
      Mike Hibler authored
  4. 08 Nov, 2014 1 commit
  5. 07 Nov, 2014 4 commits
  6. 06 Nov, 2014 2 commits
  7. 05 Nov, 2014 12 commits
  8. 04 Nov, 2014 9 commits
  9. 03 Nov, 2014 5 commits