1. 29 Aug, 2016 1 commit
    • Leigh Stoller's avatar
      Rework for two goals: · 413043ef
      Leigh Stoller authored
      1. Wrap in a timeout to prevent runway looping that burns up all
         CPUs. Clearly a bug in medusa.
      
      2. Support for multiple runs using different modules, specifically the
         VNC module.
      413043ef
  2. 27 Jul, 2016 1 commit
  3. 20 Jul, 2016 1 commit
  4. 16 May, 2016 1 commit
  5. 02 Feb, 2016 1 commit
    • Leigh Stoller's avatar
      Add a wrapper script to run Medusa (which does ssh scans looking for bogus · ebe8baab
      Leigh Stoller authored
      accounts/passwords). Thanks to Mike Blodgett for cluing us in to this and
      providing the configuration he was using. This will run from cron a couple
      of times a day. The setup is not quite fully automated yet, need to create
      /usr/local/etc/medusa/{wordlist.txt,userlist.txt} by hand, as well as the
      crontab entry.
      
      We are scanning all local nodes (including VMs) as well as any allocated IP
      addresses in address pools.
      ebe8baab
  6. 11 Dec, 2015 1 commit
    • Kirk Webb's avatar
      Bump timeout for genlastlog from 15 to 30 seconds. · b36c576c
      Kirk Webb authored
      APT seems to have weird lag related to reading the 'logins'
      log file across NFS. This appears to be correlated to times
      when someone/something is trying to break into apt ops
      using brute force login trials.
      b36c576c
  7. 21 Dec, 2014 1 commit
  8. 09 Sep, 2014 1 commit
  9. 03 Apr, 2014 1 commit
    • Mike Hibler's avatar
      Support for FreeBSD 10.x boss/ops. · e81136ad
      Mike Hibler authored
      The biggest changes were related to 10.0's replacing gcc with clang
      and the switch to a new package system. The former required various
      fixes to Makefiles that hardwired "gcc" and also missing prototypes
      in source files that clang is particularly obnoxious about.
      
      There was also accomodating the normal evolution of the ports tree.
      New variables were needed in many of the Makefiles for this. Hopefully,
      all the changes I made are backward compatible, but I don't actually
      care that much since I hope to never, ever have to remake those older
      packages! A new emulab version of the m2crypto port was needed to
      reflect that m2crypto is no longer installed as an .egg file.
      
      Casualties:
      
        * Emulab assign. As of this commit, assign does not build with
          clang. It will build, but immediately core dumps if built with
          a gcc port (gcc46 below). THIS NEEDS TO BE FIXED!
      
        * Emulab nsverify. This requires building a pure ns-2.34, which
          is old and does not compile with clang. You will need to set
          NSVERIFY=0 in your defs file. I did this in defs-elabinelab
          (iff FBSD==10) but no where else right now.
      
        * Bind in the base distro. Bind is no longer part of FreeBSD
          (it has been replaced with something called "unbound"). So we
          install bind99 from a port and we make the /etc/namedb symlink
          to /usr/local/etc/namedb which is where it now lives.
      
        * Perl 5.12. It has been totally removed from the ports tree.
          We now install 5.14, the next-most obsolete version of Perl!
      
        * pkg_{add,delete,info}. As mentioned, the packages tools have
          changed. For the most part "pkg <cmd>" is the same as "pkg_<cmd>"
          but not always. This required considerable violence in the
          install/phases code. But it is actually cleaner now.
      
        * GCC in the base distro. I added installation of the gcc46 port
          to the boss and ops meta packages, just for old-times sake
          (we might wind up needing it, if still more stuff doesn't work
          with clang).
      e81136ad
  10. 14 Nov, 2012 2 commits
  11. 13 Nov, 2012 1 commit
  12. 24 Sep, 2012 1 commit
    • Eric Eide's avatar
      Replace license symbols with {{{ }}}-enclosed license blocks. · 6df609a9
      Eric Eide authored
      This commit is intended to makes the license status of Emulab and
      ProtoGENI source files more clear.  It replaces license symbols like
      "EMULAB-COPYRIGHT" and "GENIPUBLIC-COPYRIGHT" with {{{ }}}-delimited
      blocks that contain actual license statements.
      
      This change was driven by the fact that today, most people acquire and
      track Emulab and ProtoGENI sources via git.
      
      Before the Emulab source code was kept in git, the Flux Research Group
      at the University of Utah would roll distributions by making tar
      files.  As part of that process, the Flux Group would replace the
      license symbols in the source files with actual license statements.
      
      When the Flux Group moved to git, people outside of the group started
      to see the source files with the "unexpanded" symbols.  This meant
      that people acquired source files without actual license statements in
      them.  All the relevant files had Utah *copyright* statements in them,
      but without the expanded *license* statements, the licensing status of
      the source files was unclear.
      
      This commit is intended to clear up that confusion.
      
      Most Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the Affero GNU General Public License, version 3
      (AGPLv3).
      
      Most Utah-copyrighted files related to ProtoGENI are distributed under
      the terms of the GENI Public License, which is a BSD-like open-source
      license.
      
      Some Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the GNU Lesser General Public License, version 2.1
      (LGPL).
      6df609a9
  13. 30 Apr, 2012 4 commits
    • Mike Hibler's avatar
      Older FreeBSD requires an allocated buffer for realpath. · b7ad8d3b
      Mike Hibler authored
      Also fixup clean target.
      b7ad8d3b
    • Mike Hibler's avatar
      A little more scrutiny of the target directory in runsuid. · c30f3d9d
      Mike Hibler authored
      Also, get rid of message about "you must run post-install".
      c30f3d9d
    • Mike Hibler's avatar
      Fix a couple of nits. · 84572430
      Mike Hibler authored
      Perl 5.12.4 needs the same self-loader patch as 5.10.1.
      
      Doh! Forgot to turn off the debugging in runsuid.c. Hence it wasn't
      actually exec'ing anything!
      84572430
    • Mike Hibler's avatar
      First cut at FreeBSD 9.0 support. · 1f83c9c6
      Mike Hibler authored
      Upgrade to perl 5.12 means no more "suidperl" (setuid perl scripts).
      So we now have yet another little wrapper (security/runsuid.c) which
      runs suid and whose sole function is to exec the perl script of the
      same name in the /usr/testbed/suidbin directory. So a formerly setuid
      perl script install now goes like:
        create /usr/testbed/sbin/mkproj as a symlink to /usr/testbed/libexec/runsuid
        install real mkproj perl script in /usr/testbed/suidbin/mkproj
      When the setuid-wrapper is invoked under the name "mkproj" it execs
      /usr/testbed/suidbin/mkproj. We could almost use sudo for this purpose
      instead (see security/sudoers.in) but sudo loses one of the groups in
      the group list.
      
      /usr/include/utmp.h is gone in FreeBSD 9.0. In most places we nevered
      needed it, but in the one case that did (tg source), it just used a
      couple of the constants exposed (UT_*) and not the struct, so I just
      hardwired values for the constants.
      
      The usual tweakage to the install stuff to reflect yet another set of
      packages!
      1f83c9c6
  14. 30 Aug, 2011 1 commit
  15. 27 Jul, 2011 1 commit
  16. 23 Dec, 2010 1 commit
  17. 22 Mar, 2010 1 commit
    • Leigh Stoller's avatar
      Finish up user deletion. The big visible change is that when a user is · 2965922b
      Leigh Stoller authored
      deleted, they still remain in the user table with a status of
      "archived", but since all the queries in the system now use uid_idx
      instead of uid, it is safe to reuse a uid since they are no longer
      ambiguous. 
      
      The reason for not deleting users from the users table is so that the
      stats records can refer to the original record (who was that person
      named "mike"). This is very handy and worth the additional effort it
      has taken.
      
      There is no way to ressurect a user, but it would not be hard to add.
      2965922b
  18. 20 Oct, 2008 1 commit
  19. 22 Feb, 2007 1 commit
  20. 01 Dec, 2006 1 commit
  21. 25 Oct, 2006 1 commit
    • Leigh Stoller's avatar
      Makefile Whacking! Try to deal with the problem caused by the delay · 7590f9c5
      Leigh Stoller authored
      between when something is installed and when post-install runs. Short
      of a global lock (which we probably need anyway someday), my solution
      is this. In your makefiles, add these variables before the line that
      has the include of $(TESTBED_SRCDIR)/GNUmakerules:
      
      	SETUID_BIN_SCRIPTS   =
      	SETUID_SBIN_SCRIPTS  =
      
      I have added three new rules to GNUmakerules that look like this:
      
      	$(addprefix $(SBINDIR)/, $(SETUID_SBIN_SCRIPTS)): $(SBINDIR)/%: %
      		echo "Installing (setuid) $<"
      		-mkdir -p $(INSTALL_SBINDIR)
      		$(SUDO) $(INSTALL) -o root -m 4755 $< $@
      
      Yep, your eyes ain't lying to you; use sudo to run the target so that
      install does the right thing (which is that the old file is not
      replaced until the new one has the proper attributes on it).
      
      Note that post-install is still needed for the initial install, but
      should no longer be needed for day to day installs since all that other
      stuff post-install does is mkdir/chmod on directories.
      7590f9c5
  22. 27 Apr, 2006 1 commit
  23. 06 Feb, 2006 1 commit
  24. 23 Dec, 2004 1 commit
  25. 10 Sep, 2004 1 commit
    • Leigh Stoller's avatar
      Small change to suexec code. This change has the potential for creating · 7e731fba
      Leigh Stoller authored
      unanticipated breakage. If that happens, just need to back out the
      changes under the "suexec-stuff" tag. However, the better solution will
      probably be to fix the PHP scripts that break by adding the proper
      groups in the call to suexec (in the web page, see below) or by fixing
      the backend Perl script that breaks.
      
      This fix is primarily to address the problem of some users being in more
      groups (cause of subgroups) then the max number of groups allowed
      (NGROUPS).  The groups that really mattered (say, for creating an
      experiment in a subgroup) could be left out cause they were at the end
      of the list.
      
      * suexec.c: Change how groups are handled. Instead of taking a single
        gid argument (the gid to setgid as), now takes a comma separated list
        of groups. Further, instead of doing a setgroups to the user's entire
        group list as specified in the groups file (getgroups), setgroups to
        just the groups listed on the command line, plus the user's primary
        group from the password file (this is to prevent potential breakage
        with accessing files from the users homedir, although might not really
        be necessary).
      
        This change is somewhat rational in the sense that in our case, suexec
        is not being used to run arbitrary user code (CGIs), but only to run
        specific scripts that we say should be run. The environment for
        running those scripts can be more tightly controlled then it would
        otherwise need to be if running some random CGI the user has in his
        public html directory.
      
      * www: Change the gid argument to SUEXEC() in a number of scripts so
        that the project and subgroup are explicitly given to suexec, as
        described above. For example, in beginexp:
      
      	SUEXEC(gid, "$pid,$unix_gid", ....);
      
        Aside: note that project names (pid) are always one to one with their
        unix group name, but subgroup names are not, and *always* have to be
        looked up in the DB, hence the "unix_gid" argument.
      
        Script breakage should require nothing more then adding the proper
        group to the list as above.
      7e731fba
  26. 09 Aug, 2004 1 commit
    • Leigh Stoller's avatar
      Major rework of the script interface to Emulab. Up to now we have been · 5ef8f70a
      Leigh Stoller authored
      supporting both a shell script driven interface, plus the newer XMLRPC
      interface. This change removes the script driven interface from boss,
      replacing it with just the XMLRPC interface. Since we like to maintain
      backwards compatability with interfaces we have advertised to users (and
      which we know are being used), I have implemented a script wrapper that
      exports the same interface, but which converts the operations into XMLRPC
      requests to the server. This wrapper is written in python and uses our
      locally grown xmlrpc-over-ssh library. Like the current "demonstation"
      client, you can take this wrapper to your machine that has python and ssh
      installed, and use it there; you do not need to use these services from
      just users.emulab.net. Other things to note:
      
      * The wrapper is a single python script that has a "class" for each wrapped
        script. Running the wrapper without any arguments will list all of the
        operations it supports. You can invoke the wrapper with the operation as
        its argument:
      
          {987} stoller$ script_wrapper.py swapexp --help
          swapexp -e pid,eid in|out
          swapexp pid eid in|out
          where:
               -w   - Wait for experiment to finish swapping
               -e   - Project and Experiment ID
               in   - Swap experiment in  (must currently be swapped out)
              out   - Swap experiment out (must currently be swapped in)
      
          Wrapper Options:
              --help      Display this help message
              --server    Set the server hostname
              --login     Set the login id (defaults to $USER)
              --debug     Turn on semi-useful debugging
      
         But more convenient is to create a set of symlinks so that you can just
         invoke the operation by its familiar scriptname. This is what I have
         done on users.emulab.net.
      
          {987} stoller$ /usr/tesbed/bin/swapexp --help
          swapexp -e pid,eid in|out
          swapexp pid eid in|out
      
      
      * For those of you talking directly to the RPC server from python, I have
        added a wrapper class so that you can issue requests to any of the
        modules from a single connection. Instead using /xmlrpc/modulename, you
        can use just /xmlrpc, and use method names of the form experiment.swapexp,
        node.reboot, etc.
      
        Tim this should be useful for the netlab client which I think opens up
        multiple ssh connections?
      
      * I have replaced the paperbag shell with a stripped down xmlrpcbag shell
        that is quite a bit simpler since we no longer allow access to anything
        but the RPC server. No interactive mode, no argument processing, no
        directory changing, etc. My main reason for reworking the bag is to make
        it easier to understand, maintain, and verify that it is secure. The new
        bag also logs all connections to syslog (something we should have done in
        the orginal). I also added some setrlimit calls (core, maxcpu). I also
        thought about niceing the server down, but that would put RPC users at a
        disadvantage relative to web interface users. When we switch the web
        interface to use the XMLRPC backend, we can add this (reniceing from the
        web server would be a pain cause of its scattered implementation).
      5ef8f70a
  27. 03 Aug, 2004 1 commit
    • Leigh Stoller's avatar
      A couple more minor changes before I turn the new stuff loose. · 8fddf3ce
      Leigh Stoller authored
      * Added a wrapper class so that you can invoke methods as
        experiment.swapexp or node.reboot. So instead of invoking as
        /XMLRPC/experiment can calling swapexp, you can call the server as
        /XMLRPC and call experiment.swapexp. This allows you to use a single
        connection to talk to different parts of the API. Note this is standard
        (or is it defacto) syntax in XMLRPC.
      
      * Changed the demonstration client to talk the server this way.
      
      * Changed paperbag to allow this as well; the xmlrpc server is invoked with
        no args, which tells it to export the wrapper interface instead of a
        specific module interface.
      
      * A few more cleanups in the server, more permission checks, etc.
      8fddf3ce
  28. 13 May, 2004 1 commit
  29. 29 Apr, 2004 1 commit
  30. 26 Apr, 2004 1 commit
    • Mike Hibler's avatar
      Cleanup Makefiles: · 297019fb
      Mike Hibler authored
      1. "make clean" will just remove stuff built in the process of a regular build
      2. "make distclean" will also clean out configure generated files.
      
      This is how it was always supposed to be, there was just some bitrot.
      297019fb
  31. 19 Mar, 2004 1 commit
  32. 17 Mar, 2004 1 commit
  33. 16 Mar, 2004 1 commit
  34. 25 Feb, 2004 1 commit
  35. 16 Feb, 2004 1 commit
  36. 10 Feb, 2004 1 commit