1. 05 Dec, 2003 1 commit
  2. 03 Dec, 2003 1 commit
    • Leigh B. Stoller's avatar
      Fix up all of the sprintf calls to watch for output buffer overflow. I · 3aaf74e9
      Leigh B. Stoller authored
      did this with a simple macro called OUTPUT() that does the check and
      bails from the current function. This was as boring and tedious as
      life gets, but we should be protected from stack smashing now.
      
      Also fixed up a couple cases where we take data from the client;
      make sure that the sscanf calls are bounded.
      3aaf74e9
  3. 05 Nov, 2003 1 commit
    • Leigh B. Stoller's avatar
      Client side of the event system changes. · 70246c91
      Leigh B. Stoller authored
      * Download the eventkey with new tmcd call.
      
      * Pass -k option to various agents so that they can verify the HMACs
        in the incoming notifications.
      
      * Change program agent; The list of agents from tmcd now includes the
        command, which is written to a config file for the program-agent to
        read in. The command string in the event is now ignored.
      
      * Build the local proxy for linux, and add the goo to start the local
        elvind and use the proxy. It has been this way on FreeBSD for a
        while, but I never got it installed for Linux before now.
      70246c91
  4. 27 Oct, 2003 1 commit
  5. 17 Oct, 2003 1 commit
  6. 16 Oct, 2003 1 commit
    • Leigh B. Stoller's avatar
      Brave new world of tmcc client side caching. The goal is to reduce the · 2b72f2c9
      Leigh B. Stoller authored
      number of connections to tmcd, and the resulting number of DB queries.
      Currently thats about 24 per node when it boots. Each vnode adds
      another 24 or so. The new approach is to use the "fullconfig" command,
      which dumps the entire config in one shot, saving about 20 of those
      connections. We still need to do the status/state commands for real of
      course. When a node boots, it requests the fullconfig; the client side
      takes this fullconfig, and dumps the individual sections to
      /var/emulab/boot/tmcc/section_name. Subsequent requests first look for
      it locally in the above named files, falling back to real tmcc if none
      exists. The update command also refreshes the cache.
      
      Tested for jails and plab node vservers as well.
      2b72f2c9
  7. 15 Oct, 2003 1 commit
  8. 14 Oct, 2003 1 commit
  9. 06 Oct, 2003 1 commit
  10. 02 Oct, 2003 1 commit
  11. 23 Sep, 2003 1 commit
  12. 17 Sep, 2003 1 commit
  13. 11 Sep, 2003 1 commit
  14. 04 Sep, 2003 1 commit
    • Leigh B. Stoller's avatar
      Bring back variable netmask code from revision 1.180, with some minor · 88a1d534
      Leigh B. Stoller authored
      changes; Print a warning when the DB slots are null, and return
      standard 255.255.255.0. This is for the transition phase.
      
      Also add version 12 modification to routerconfig; return the "src"
      from the virt_routes table, so that the client side can figure out
      what interface the route is associated with. There are associated
      changes in libsetup to ifconfig,routerconfig,tunnelconfig.
      88a1d534
  15. 02 Sep, 2003 2 commits
  16. 26 Aug, 2003 1 commit
    • Leigh B. Stoller's avatar
      Checkpoint IXP support so I can install it: Added subnodelist command · 64400c2c
      Leigh B. Stoller authored
      to return the name/type of subnodes. Added a subconfig command that
      returns a type-specific configuration that the client will know what
      to do with. At the moment, just ixp is known as a subnode. The subnode
      support mostly works off the vnode stuff since otherwise it would be
      lot of code duplication. Eventually subnode should replace vnode, and
      vnode will become a type of subnode (like ixp).
      
      Also changed usage of control_net to control_iface, and made use of
      the "role" slot in ifconfig to determine what interfaces to return
      info for.
      64400c2c
  17. 12 Aug, 2003 1 commit
    • Austin Clements's avatar
      Plab node setup now basically works. There are just a few bugs to · f3beec6e
      Austin Clements authored
      iron out.  TMCD/libsetup now has a plabconfig commands that parallels
      the jailconfig command.  The Plab boot process has been added to
      libsetup and a -p option has been added to vnodesetup to parallel the
      -j option.  Parts of the code that were Jail-specific, but labeled
      just as vnode stuff have been renamed.  $vnodedir in vnodesetup has
      been removed, since it was redunant with libsetup's CONFDIR, and
      CONFDIR is much more intelligent.
      f3beec6e
  18. 04 Aug, 2003 1 commit
  19. 01 Aug, 2003 1 commit
  20. 31 Jul, 2003 1 commit
    • Leigh B. Stoller's avatar
      Some minor perf tweaks requested by Mr Zippy: Reduce the amount of · 9f6fbfb1
      Leigh B. Stoller authored
      syslogging to a fraction of its former self. Actually, its mostly been
      moved under if (verbose) tests. Instead, just syslog the number of
      bytes returned for each request.
      
      Added a signal handler to change the verbosity of a running tmcd.
      To turn on verbosity:
      
      	kill -USR1 `cat /var/run/tmcd.pid`
      
      To turn off verbosity:
      
      	kill -USR2 `cat /var/run/tmcd.pid`
      
      You can send the signal to individual children, but that would be
      silly and pointless.
      9f6fbfb1
  21. 30 Jun, 2003 1 commit
  22. 24 Jun, 2003 1 commit
  23. 12 Jun, 2003 1 commit
  24. 10 Jun, 2003 1 commit
    • Leigh B. Stoller's avatar
      Minor changes to ifconfig and linkdelay to allow a veth interface to · d639bd53
      Leigh B. Stoller authored
      stand alone (no underlying phys interface) so that both ends of a
      virtual link can be on the same node.
      
      Change "startcmd" to return the uid of the swapper, not the creator,
      as the UID to run the startup command.
      
      Get creator/swapper uid in the initial query for the node, instead of
      as separate queries later. Saves some queries ...
      
      Remove old code.
      
      Add progagents command to return the list of program object names, and
      the UID to run those objects as (again, the swapper not the creator).
      This allows the program-agent startup code on the node to be more
      selective in its elvin subscription, as well as running the programs
      as the proper UID.
      
      Changes to jailconfig. If the node has its own IP in the nodes table
      (jailip), return that as JAILIP in the configuration for mkjail.
      d639bd53
  25. 23 May, 2003 1 commit
  26. 22 May, 2003 1 commit
  27. 19 May, 2003 1 commit
    • Leigh B. Stoller's avatar
      Minor changes. · ef27ae3c
      Leigh B. Stoller authored
      dojailconfig: Do not return a jail config unless the node is really
      jailed.
      
      doifconfig: Look at the node name, and return ifconfig info specific
      to the name instead of always returning all info for the machine. Upon
      boot, virtual interfaces will not be setup, but instead will be setup
      when the jail is setup. When the jail requests ifconfig info, it gets
      only its list of interfaces to setup.
      
      dolinkdelays: Ditto, since linkdelays will be setup after per-jail
      interfaces are setup.
      ef27ae3c
  28. 13 May, 2003 1 commit
    • Leigh B. Stoller's avatar
      Minor change to linkdelays to join with veth_interfaces (in addition · ff7a781f
      Leigh B. Stoller authored
      to interfaces) so that we return the MAC of the virtual interface not
      the physical interface.  I do not much like this arrangement.  We
      store veth interfaces in another dynamic table, so must join with both
      interfaces and veth_interfaces to see which iface each linkdelay
      corresponds to. If there is a veth entry use that, else use the normal
      interfaces entry. Maybe we should use the regular interfaces table,
      with type veth, entries added/deleted on the fly. I avoided that cause
      I view the interfaces table as static and pertaining to physical
      interfaces only, but the current arrangement does not scale well
      (although if it only ever has to scale to veth_interfaces, so be it).
      ff7a781f
  29. 05 May, 2003 1 commit
  30. 18 Apr, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add widearearoot and wideareajailroot to the users table, to control · 97b206ba
      Leigh B. Stoller authored
      who gets root on widearea nodes, inside and outside of jail. Kinda
      brute force; might need to make this more flexible at some point,
      perhaps with a node/user mapping table for widearearoot (root outside
      the jail), and a widearea_trust slot to the group_membership table
      (root inside a jail), but this will do for now since its handled
      entirely inside of tmcd.
      
      I was originally using local_root to determine root access inside the
      jail, but we need to more finely control who gets root on widearea
      nodes. Outside the jail, only tbadmin got jail, and thats definitely
      too restrictive!
      97b206ba
  31. 11 Apr, 2003 1 commit
  32. 03 Apr, 2003 1 commit
    • Leigh B. Stoller's avatar
      Two unrelated changes. 1) Return the email address to version 9 · ce0676ad
      Leigh B. Stoller authored
      clients so they can create a proper .forward file. 2) Add some
      test code for seeing how feasible it is to do accounts on ops/tips
      using tmcd instead of direct ssh. Initial results are not good; too
      many accounts; does not scale well. Going to need a smarter protocol
      for doing hundreds of accounts, but I will leave this code in place
      for now. Note, unlike testbed nodes, control nodes must connect with
      ssl.
      ce0676ad
  33. 25 Mar, 2003 1 commit
  34. 19 Mar, 2003 1 commit
  35. 18 Mar, 2003 1 commit
  36. 12 Mar, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add a few more permission bits to jailconfig: · 53e95db5
      Leigh B. Stoller authored
      INADDRANY: When 1, jail is allowed to bind to INADDR_ANY. When packet
                 comes in, the pchlookup checks the prison IPs.
      
      ROUTING:   Jail gets access to its routing table. This presently implies
                 that the jail gets its own private routing table via new
      	   jail options.
      
      DEVMEM:    Jail gets a real /dev/mem and /dev/kmem instead of a
                 symlink to /dev/null. This pretty much bypasses security so
                 its not something to do on widearea nodes, but on local
                 nodes that fine.
      53e95db5
  37. 10 Mar, 2003 1 commit
  38. 05 Mar, 2003 1 commit
  39. 27 Feb, 2003 1 commit