elabinelab_bossinit.in 3.33 KB
Newer Older
1
#!/usr/bin/perl -wT
2 3
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2004, 2007 University of Utah and the Flux Group.
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
# All rights reserved.
#
use English;
use Getopt::Std;

#
# ElabInElab: This is run on the inner boss to construct a bunch stuff
# from the db (groups, projects, users, etc).
#
sub usage()
{
    print STDERR "Usage: $0 [-d] <pid>\n";
    exit(1);
}
my $optlist = "d";
my $debug   = 0;
21
sub mysystem($);
22 23 24 25 26 27 28

#
# Configure variables
#
my $TB		= "@prefix@";
my $TBOPS       = "@TBOPSEMAIL@";
my $ELABINELAB  = @ELABINELAB@;
29
my $SAVEUID     = $UID;
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/sbin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

# Turn off line buffering on output
$| = 1;

use lib "@prefix@/lib";
use libdb;
use libtestbed;

if (!$ELABINELAB) {
    die("*** $0:\n".
	"    This script can only run on an inner Emulab!\n");
}
# Only admin types!
if (!TBAdmin($UID)) {
    die("*** $0:\n".
	"    Only TB administrators can run this script!\n");
}
51 52 53 54 55 56 57
#
# We don't want to run this script unless its the real version.
#
if ($EUID != 0) {
    die("*** $0:\n".
	"    Must be root! Maybe its a development version?\n");
}
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75

#
# Parse command arguments. Once we return from getopts, all that should
# left are the required arguments.
#
%options = ();
if (! getopts($optlist, \%options)) {
    usage();
}
if (defined($options{"d"})) {
    $debug = 1;
}

usage()
    if (scalar(@ARGV) != 1);
my $pid = shift();

#
76
# Untaint the arguments.
77
#
78 79 80 81 82 83
if ($pid =~ /^([-\w]+)$/) {
    $pid = $1;
}
else {
    die("Tainted argument $pid!\n");
}
84 85

#
86
# Shift to real user for these scripts.
87
#
88 89 90 91 92
$EUID = $UID;

#
# Build the project.
#
Leigh Stoller's avatar
Leigh Stoller committed
93
mysystem("$TB/sbin/mkproj $pid");
94 95 96

#
# Get the list of users and admin status. Admin users get a real shell
97 98
# on boss. Create the users, and not that we have to do this before the
# groups are created (tbacct add does not do a setgroups).
99
#
100
my $users_result =
101
    DBQueryFatal("select distinct u.uid,u.admin from group_membership as m ".
102
		 "left join users as u on u.uid_idx=m.uid_idx ".
103
		 "where u.status='" . USERSTATUS_ACTIVE() . "'");
104 105 106 107
while (my ($uid,$admin) = $users_result->fetchrow_array()) {
    next
	if ($uid eq "elabman");
    
108
    mysystem("$TB/sbin/tbacct -b add $uid");
109 110
    if ($admin) {
	# Add admin users to group wheel for convenience.
111
	DBQueryFatal("replace into unixgroup_membership ".
112
		     "values ('$uid','wheel')");
113 114
    }
    if ($admin) {
115 116
	# Flip back to root for pw command.
	$EUID = 0;
117
	mysystem("pw usermod -n $uid -s /bin/tcsh");
118
	$EUID = $UID;
119 120 121
    }
}

122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141
#
# Get the list of subgroups in the project and create those groups.
#
my $query_result =
    DBQueryFatal("select gid from groups where pid='$pid' and pid!=gid");
while (my ($gid) = $query_result->fetchrow_array()) {
    mysystem("$TB/sbin/mkgroup $pid $gid");
}

#
# Now do a setgroups.
#
$users_result->dataseek(0);
while (my ($uid,$admin) = $users_result->fetchrow_array()) {
    next
	if ($uid eq "elabman");
    
    mysystem("$TB/sbin/setgroups $uid");
}

142 143 144 145 146 147 148
#
# Do the exports setup and the genelists all at once now that all the above
# stuff happened.
#
mysystem("$TB/sbin/genelists -a");
mysystem("$TB/sbin/exports_setup");

149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165
#
# Run a command string.
#
sub mysystem($)
{
    my ($command) = @_;

    if ($debug) {
	print "Command: '$command\'\n";
    }

    system($command);
    if ($?) {
	die("*** $0:\n".
	    "    Command failed: $? - $command\n");
    }
}