Commit 589d4872 authored by Leigh Stoller's avatar Leigh Stoller

Rename exports_setup.proxy and console_setup.proxy to .in versions and

remove the originals, so that we can run the files through configure.

NOTE: I wanted to keep the RCS history intact so I went over to the
CVS directory on moab and copied the ,v file to the new names, and
then did a normal cvs remove the originals. This keeps the RCS history
going without screwing up anyone. Not a recommended approach, but what
the hell.
parent 3e0a4d6b
......@@ -1213,6 +1213,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/webmkacct tbsetup/mkacct tbsetup/eventsys_control \
tbsetup/webmkproj tbsetup/mkproj tbsetup/libtestbed.pm \
tbsetup/portstats \
tbsetup/console_setup.proxy tbsetup/exports_setup.proxy \
tip/GNUmakefile \
tmcd/GNUmakefile tmcd/freebsd/GNUmakefile tmcd/linux/GNUmakefile \
tmcd/netbsd/GNUmakefile \
......
......@@ -285,6 +285,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
tbsetup/webmkacct tbsetup/mkacct tbsetup/eventsys_control \
tbsetup/webmkproj tbsetup/mkproj tbsetup/libtestbed.pm \
tbsetup/portstats \
tbsetup/console_setup.proxy tbsetup/exports_setup.proxy \
tip/GNUmakefile \
tmcd/GNUmakefile tmcd/freebsd/GNUmakefile tmcd/linux/GNUmakefile \
tmcd/netbsd/GNUmakefile \
......
......@@ -22,7 +22,8 @@ USERBINS = os_load node_reboot nscheck node_update savelogs \
SBIN_STUFF = resetvlans console_setup.proxy sched_reload named_setup \
batch_daemon exports_setup reload_daemon sched_reserve \
console_reset db2ns bwconfig frisbeelauncher \
rmgroup mkgroup mkacct setgroups mkproj eventsys_control
rmgroup mkgroup mkacct setgroups mkproj eventsys_control \
exports_setup.proxy
LIBEXEC_STUFF = rmproj rmacct-ctrl \
os_setup mkexpdir console_setup webnscheck webreport \
......
#!/usr/bin/perl -wT
use English;
#
# usage: console_setup.proxy tipname group tipname group ...
#
# This script runs on the tip servers, which is where the capture processes
# are running. Since the tip servers do not have direct access to the DB
# this invoked from the boss node. For each tip device, specify the group
# the associated files should be in. This script will send the proper signal
# to the capture process, and then reset the files to the proper group.
#
#
my $TIPLOGDIR = "/var/log/tiplogs";
my $TIPDEVDIR = "/dev/tip";
my $dbg = 1;
my %tipgroup = ();
my $failures = 0;
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
sub usage {
die("Usage: console_setup.proxy tipname group [tipname group ...]\n");
}
if ( $#ARGV < 1) {
usage();
}
while ($#ARGV >= 0) {
if ($#ARGV < 1) {
usage();
}
$name = shift;
$grp = shift;
# untaint the args.
if ($name =~ /^([-\@\w.]+)$/) {
$name = $1;
}
if ($grp =~ /^([-\@\w.]+)$/) {
$grp = $1;
}
$tipgroup{$name} = $grp;
}
#
# This script must be run as root, typically from paper.
#
if ($UID != 0) {
die("Must be run as root.");
}
if (! chdir($TIPLOGDIR)) {
die("Could not chdir to $TIPLOGDIR: $!\n");
}
#
# Well, do it.
#
foreach my $tipname ( keys %tipgroup ) {
my $grp = $tipgroup{$tipname};
my $filename = "${tipname}.run";
my $tipdevname = "$TIPDEVDIR/$tipname";
my $aclname = "${tipname}.acl";
#
# Find out the current group setting for the file.
#
if (! -e $filename) {
print STDERR
"*** Console log for $tipname does not exist! Skipping ...\n";
$failures++;
next;
}
# This is silly! Is there a better way to do this?
(undef,undef,undef,undef,undef,$gid) = stat($filename);
#
# If the file is already in the correct group skip it since there no point
# in rolling the file. Inconvenient for the user to have the log keep
# rolling.
#
if (getgrgid($gid) eq $grp) {
goto setperms;
}
unlink($filename) or
die("Could not unlink run file $filename");
#
# Unlink this so current user gets old version not new one.
#
if (-e $aclname) {
unlink($aclname) or
die("Could not unlink run file $aclname");
}
#
# Remove group access from the tty device. This renders the device
# inaccessible to both old and new users while we revoke access from
# any current tip user.
#
if (-e $tipdevname) {
chmod(0600, $tipdevname) or
die("Could not chmod(0600) $tipdevname: $!");
}
#
# Now send a USR2 signal to the capture process. This will shutdown
# any attached tip, and reopen the run file.
#
$procid = `cat ${tipname}.pid`;
$procid =~ s/\n//;
# untaint
if ($procid =~ /^([-\@\w.]+)$/) {
$procid = $1;
}
kill('USR2', $procid) or
die("Could not signal(USR2) process $procid for log $filename");
# Give capture the chance to react.
# Don't use sleep cause 1 second too long wait when doing 25 devices!
select(undef, undef, undef, 0.2);
#
# If the file does not exist, touch it. We have this problem with
# capture getting blocked.
#
if (! -e $filename) {
system("touch $filename");
}
#
# The new log should exist now. Set its group, and just to be safe
# set its mode too.
#
$gid = getgrnam($grp);
chown(0, $gid, $filename) or
die("Could not chown(0, $gid) $filename: $!");
chmod(0640, $filename) or
die("Could not chmod(0640) $filename: $!");
#
# Set the mode and group on the tty that tip is going to use. This
# allows the new group to access the tip line using a non-setuid/gid
# program.
#
setperms:
if (-e $tipdevname) {
chown(0, $gid, $tipdevname) or
die("Could not chown(0, $gid) $tipdevname: $!");
chmod(0660, $tipdevname) or
die("Could not chmod(0660) $tipdevname: $!");
}
#
# Ditto for "acl" file, which new tip needs access to.
#
if (-e $aclname) {
chown(0, $gid, $aclname) or
die("Could not chown(0, $gid) $aclname: $!");
chmod(0640, $aclname) or
die("Could not chmod(0660) $aclname: $!");
}
}
# Don't worry about failures. Non-fatal.
exit 0;
#!/usr/bin/perl -wT
use English;
use Errno;
use Fcntl ':flock';
#
# Create and /etc/exports file based on current reserved table and project
# members.
#
# usage: exports_setup
#
#
# Configure variables
#
my $TBOPS = "testbed-ops\@fast.cs.utah.edu";
my $etcdir = "/etc";
my $exports = "$etcdir/exports";
my $exportsnew = "$etcdir/exports.new";
my $exportsback = "$etcdir/exports.backup";
my $exportshead = "$etcdir/exports.head";
my $exportstail = "$etcdir/exports.tail";
my $dbg = 0;
my @row;
#
# We don't want to run this script unless its the real version.
#
if ($UID != 0) {
die("Must be root!");
}
# un-taint path
$ENV{'PATH'} = '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
$| = 1; #Turn off line buffering on output
#
# Testbed Support libraries
#
use lib "@prefix@/lib";
use libtestbed;
#
# Take our input and write it to the tail file.
#
open(TAIL, ">$exportstail") || fatal("Couldn't open $exportstail\n");
while (<STDIN>) {
print TAIL $_;
}
close(TAIL);
chmod(0444, $exportstail);
#
# Generate a warning so that no one tries to edit the file by hand
#
open(MAP, ">$exportsnew") || fatal("Couldn't open $exportsnew\n");
print MAP
"#\n".
"# ******************************************************************\n".
"# DO NOT EDIT THIS FILE. IT IS A CREATION, A FIGMENT, A CONTRIVANCE!\n".
"#\n".
"# Edit $exportshead, then run exports_setup on paper.\n".
"# ******************************************************************\n".
"#\n";
close(MAP);
chmod(0644, $exportsnew);
#
# Now tack on the head part of the file.
#
system("cat $exportshead >> $exportsnew") == 0 or
fatal("Failed to concat $exportshead to $exportsnew\n");
#
# Now the tail of the file.
#
system("cat $exportstail >> $exportsnew") == 0 or
fatal("Failed to concat $exportstail to $exportsnew\n");
#
# Back up the existing exports, and then mv in the new one.
#
system("cp $exports $exportsback") == 0 or
fatal("Could not back up $exports to $exportsback\n");
system("mv $exportsnew $exports") == 0 or
fatal("Could not mv $exportsnew to $exports\n");
# Avoid accidental editing.
chmod(0444, $exports);
#
# I have little faith in HUPing mountd, but do it anyway.
#
$mpid = `cat /var/run/mountd.pid`;
$mpid =~ s/\n//;
# untaint
if ($mpid =~ /^([-\@\w.]+)$/) {
$mpid = $1;
}
if (kill('HUP', $mpid) == 0) {
fatal("Could not kill(HUP) process $mpid (mountd): $!");
}
#
# Allow time to react since HUP'ing mountd causes all mounts to briefly
# become invalid, and this causes problems for our scripts (and for users).
#
sleep(1);
exit(0);
sub fatal {
local($msg) = $_[0];
SENDMAIL($TBOPS, "Exports Setup Failed", $msg);
die($msg);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment