1. 30 Aug, 2017 3 commits
  2. 23 Aug, 2017 5 commits
  3. 18 Aug, 2017 5 commits
  4. 08 Aug, 2017 3 commits
    • Leigh Stoller's avatar
      Minor fixes to previous revision. · 4cfd34f6
      Leigh Stoller authored
      4cfd34f6
    • Leigh Stoller's avatar
    • Leigh Stoller's avatar
      Two sets of changes: · 3721db31
      Leigh Stoller authored
      1. Implement most of issue #258: Add a start and end time for
         announcements. Also add a target uid for announcements.  Also add a
         purge option to fully remove announcements from the database, rather
         then retiring them. Add priorities for ordering announcements.
         Add update mode to modify an existing announcement.
      
         In other news, announcements now have a uuid and can be specified on
         the command line using their index or their uuid. For the web
         interface we now use uuids only instead of database indexes.
      
      2. The web interface now polls for announcements so that users see new
         announcements without reloading. I noticed that a lot people stay
         parked on the status page and might not see them. Cleaned up DB
         queries and formatting to make is easier to use in an ajax call.
      3721db31
  5. 07 Aug, 2017 1 commit
  6. 04 Aug, 2017 1 commit
  7. 27 Jul, 2017 1 commit
  8. 26 Jul, 2017 3 commits
    • Mike Hibler's avatar
      Include the experiment name in all outputs. · 66781988
      Mike Hibler authored
      66781988
    • Mike Hibler's avatar
      Deep six the "dd" command stderr output. · f2381b07
      Mike Hibler authored
      f2381b07
    • Mike Hibler's avatar
      Support for per-experiment root keypairs (Round 1). See issue #302. · c6150425
      Mike Hibler authored
      Provide automated setup of an ssh keypair enabling root to login without
      a password between nodes. The biggest challenge here is to get the private
      key onto nodes in such a way that a non-root user on those nodes cannot
      obtain it. Otherwise that user would be able to ssh as root to any node.
      This precludes simple distribution of the private key using tmcd/tmcc as
      any user can do a tmcc (tmcd authentication is based on the node, not the
      user).
      
      This version does a post-imaging "push" of the private key from boss using
      ssh. The key is pushed from tbswap after nodes are imaged but before the
      event system, and thus any user startup scripts, are started. We actually
      use "pssh" (really "pscp") to scale a bit better, so YOU MUST HAVE THE
      PSSH PACKAGE INSTALLED. So be sure to do a:
      
          pkg install -r Emulab pssh
      
      on your boss node. See the new utils/pushrootkeys.in script for more.
      
      The public key is distributed via the "tmcc localization" command which
      was already designed to handle adding multiple public keys to root's
      authorized_keys file on a node.
      
      This approach should be backward compatible with old images. I BUMPED THE
      VERSION NUMBER OF TMCD so that newer clients can also get back (via
      rc.localize) a list of keys and the names of the files they should be stashed
      in. This is used to allow us to pass along the SSL and SSH versions of the
      public key so that they can be placed in /root/.ssl/<node>.pub and
      /root/.ssh/id_rsa.pub respectively. Note that this step is not necessary for
      inter-node ssh to work.
      
      Also passed along is an indication of whether the returned key is encrypted.
      This might be used in Round 2 if we securely implant a shared secret on every
      node at imaging time and then use that to encrypt the ssh private key such
      that we can return it via rc.localize. But the client side script currently
      does not implement any decryption, so the client side would need to be changed
      again in this future.
      
      The per experiment root keypair mechanism has been exposed to the user via
      old school NS experiments right now by adding a node "rootkey" method. To
      export the private key to "nodeA" and the public key to "nodeB" do:
      
          $nodeA rootkey private 1
          $nodeB rootkey public 1
      
      This enables an asymmetric relationship such that "nodeA" can ssh into
      "nodeB" as root but not vice-versa. For a symmetric relationship you would do:
      
          $nodeA rootkey private 1
          $nodeB rootkey private 1
          $nodeA rootkey public 1
          $nodeB rootkey public 1
      
      These user specifications will be overridden by hardwired Emulab restrictions.
      The current restrictions are that we do *not* distribute a root pubkey to
      tainted nodes (as it opens a path to root on a node where no one should be
      root) or any keys to firewall nodes, virtnode hosts, delay nodes, subbosses,
      storagehosts, etc. which are not really part of the user topology.
      
      For more on how we got here and what might happen in Round 2, see:
      
          #302
      c6150425
  9. 24 Jul, 2017 1 commit
  10. 12 Jul, 2017 1 commit
  11. 06 Jul, 2017 1 commit
  12. 26 Jun, 2017 1 commit
  13. 21 Jun, 2017 1 commit
    • Mike Hibler's avatar
      New strategy for deciding what root keys go in MFS: · a4ecb249
      Mike Hibler authored
        #
        # Figure out what root pubkey(s) to use. Originally, we just copied over
        # *.pub, but that gets a whole lot of weird crap on the mothership. So now
        # we try to be more selective:
        #
        # To keep up with the cool kids, we want to use an Ed25519 key
        # (id_ed25519.pub) if possible.
        #
        # However since ed25519 is not supported by older sshds, we better have
        # an RSA alternative (id_rsa.pub) as well.
        #
        # But that key may be really old and less than 2048 bits, so we may have
        # a bigger one as well (id_rsa_new.pub, note: requires changing the default
        # ssh_config on your boss since this is not a default key file name to try).
        #
        # We really don't want to use a DSA key (id_dsa.pub) anymore unless there
        # is no alternative.
        #
        # Finally, if we are an Elabinelab setup, include the outer boss root key.
        #
      a4ecb249
  14. 19 Jun, 2017 1 commit
    • Mike Hibler's avatar
      More changes to get our root pubkey ducks in a row. · 9bbccab5
      Mike Hibler authored
      See emulab/emulab-devel issue #303. Ensure we have a controlled set of
      pubkeys in root's .ssh/authorized_keys file when we create and load new
      images. But allow for a user added key to survive node reboots if they
      customize it within an experiment.
      9bbccab5
  15. 06 Jun, 2017 1 commit
  16. 05 Jun, 2017 1 commit
    • Leigh Stoller's avatar
      Working on issue #269 ... · ad2a3e70
      Leigh Stoller authored
      Add new script to "deprecate" images:
      
      	boss> wap deprecate_image
      	Usage: deprecate_image [-e|-w] <image> [warning message to users]
      	Options:
      	       -e     Use of image is an error; default is warning
      	       -w     Use of image is a warning
      
      When an image is deprecated with just warnings, new classic experiments
      generate warnings in the output. Swapping in an experiment also
      generates warnings in the output, but also sends email to the user.
      When the image set for error, both new experiment and swapin will fail
      with prejudice.
      
      Same deal on the Geni path; we generate warnings/errors and send email.
      Errors are reflected back in the Portal interface.
      
      At the moment the image server knows nothing about deprecated images, so
      the Portal constraint checker will not be bothered nor tell the user
      until later when the cluster throws an error. As a result, when we
      deprecate an image, we need to do it on all clusters. Needs to think
      about this a bit more.
      ad2a3e70
  17. 02 Jun, 2017 2 commits
  18. 31 May, 2017 1 commit
  19. 30 May, 2017 1 commit
    • Mike Hibler's avatar
      Sort out ZFS refquota/quota settings, part 2. · 2202163e
      Mike Hibler authored
      Add setzfsquotas script to handle fixup of existing quotas, add update
      script to do a one-time invocation of this script at boss-install time,
      and fix accountsetup so it will properly set both quotas going forward.
      2202163e
  20. 23 May, 2017 1 commit
  21. 19 May, 2017 1 commit
  22. 15 May, 2017 1 commit
  23. 11 May, 2017 1 commit
  24. 05 May, 2017 1 commit
  25. 04 May, 2017 1 commit