1. 29 Aug, 2018 1 commit
  2. 30 Jul, 2018 3 commits
  3. 17 Apr, 2018 1 commit
  4. 16 Apr, 2018 2 commits
  5. 06 Jul, 2017 2 commits
  6. 14 Jun, 2017 1 commit
  7. 03 Jun, 2017 1 commit
  8. 29 Dec, 2016 1 commit
    • Mike Hibler's avatar
      Modernize elabinelab and Emulab install support a bit. · f7e53243
      Mike Hibler authored
      Support FreeBSD 10.3. We will need to be moving to this before long
      as 10.2 EOLs in two days.
      
      Support setup of "Emulab-aware" ZFS use in install scripts. Note that
      the core support code was already done (WITHZFS, WITHAMD). Mostly this
      involves changes to setup either amd (WITHAMD==1) or autofs (WITHAMD==0)
      on the boss node and to NOT add mounts of /{users,groups,proj} to
      /etc/fstab. We still need to add a section to the install documentation
      about setting up a zpool for Emulab to use. There was also a fix to the
      firstuser script which did not do the account setup correctly.
      
      Support setup of ZFS in elabinelab. The elabinelab attributes CONFIG_ZFS
      and CONFIG_AUTOFS are used to convey intent here. Currently they can only
      be used in an "ops+fs" config (e.g., the standard boss and ops config,
      NOT the seperate fs node config). It should work with either the physical
      or virtual node setups:
      
      * For the physical node setup, we actually use local blockstores in the
        ops node config: a SYSVOL blockstore for /usr/testbed and a tiny 1Mib
        NONSYSVOL blockstore. The latter blockstore is not actually used, we
        just make it to force setup of a ZFS zpool which we then use for the
        inner elab.
      
      * For the virtual node setup, we just identify the virtual EXTRADISK
        intended for "/q" and create a zpool on that device.
      
      I would like to change all physical elabinelab setups to use blockstors
      rather than the current hacky mkextrafs usage. But that is a task for
      another day.
      
      Finally, a couple of random changes in elabinelab code: change the
      CentOS image downloaded to CENTOS7-64-STD, increased the default sizes
      of the EXTRADISKS used in the VM config.
      f7e53243
  9. 11 Feb, 2016 1 commit
  10. 07 Dec, 2015 1 commit
  11. 14 Sep, 2015 1 commit
  12. 17 Aug, 2015 2 commits
  13. 30 Jun, 2015 1 commit
  14. 24 Jun, 2015 1 commit
    • Mike Hibler's avatar
      Updates for new FreeBSD 10.1 based servers. · 480fdc70
      Mike Hibler authored
      Big changes a comin' to try to get us back on the supported path.
      
       * perl 5.14 -> 5.20
       * mysql 5.1 -> 5.5
       * php 5.4   -> 5.6
       * tcl 8.4   -> 8.6
       * number of vim patches up to 683.
      
      Not everything tested yet, but getting there.
      
      Specific changes:
      
       * New install/ports directory. New packages for FreeBSD 10.1 are version
         6.1. Cleaned up the ports' Makefiles getting rid of conditionals for
         all older versions. Also got rid of ports we don't use. Old ports tree
         is now install/oports.
      
       * Install script changes. Make sure /usr/bin/perl and /usr/local/bin/python
         links exist. Ports no longer make these but we use them in '#!'. Changes
         to mysql install and startup script--mysql has changed a LOT since we did
         the support in 4.x. Create syslog entry for named.log. Make sure php.conf
         loads the legacy "mysql" module rather than using "mysqli".
      
       * Elabinelab support. reflect new packages, remove all old packages
         (except perl) before installing new versions, install "extras" package,
         make sure sendmail cert get regenerated, make sure /usr/bin/perl link
         exists, make sure /usr/local/bin/python link exists.
      
       * Custom ports. otcl and xerces-c2 have both been removed from the ports
         tree as of Q2 2015. ipmitool-devel is a port for the latest version of
         ipmitool. The FreeBSD port is still a rev behind here. We need the
         newer version as it appears to make our SOL consoles more stable.
      
       * Random. Fixed prerender as neato output has changed again. Tweak to
         sslxmlrpc_server to reflect change in an underlying library. Tweak to
         db/libdb.py.in to turn on autocommit which matters now as mysql 5.5 will
         hang on a metadata lock otherwise. Remade eventsys perl/python stubs
         with SWIG 2.0. SWIG 1.3 did not produce working stubs for perl 5.20.
      
      Specific un-changes:
      
       * Apache is still at 2.2. I lack the guts and skilz to upgrade to 2.4.
      
       * Xerces library is still at (now unsupported) 2.8. Assign will need
         changes before we can move to 3.x.
      
       * Python is still 2.7.
      
      Thanks to Keith Sklower for all the work he did converting ports!
      480fdc70
  15. 03 Feb, 2015 1 commit
  16. 30 Jan, 2015 1 commit
  17. 13 May, 2014 1 commit
    • Mike Hibler's avatar
      More FreeBSD 10 fixes. · dbda9cfa
      Mike Hibler authored
      Apparently I never tried to install an optional package. GetPackage and
      AddPackage did not play nice. Also, you must specify --posix in the new
      version of patch to get it to work with (some of) our patch files.
      dbda9cfa
  18. 03 Apr, 2014 1 commit
    • Mike Hibler's avatar
      Support for FreeBSD 10.x boss/ops. · e81136ad
      Mike Hibler authored
      The biggest changes were related to 10.0's replacing gcc with clang
      and the switch to a new package system. The former required various
      fixes to Makefiles that hardwired "gcc" and also missing prototypes
      in source files that clang is particularly obnoxious about.
      
      There was also accomodating the normal evolution of the ports tree.
      New variables were needed in many of the Makefiles for this. Hopefully,
      all the changes I made are backward compatible, but I don't actually
      care that much since I hope to never, ever have to remake those older
      packages! A new emulab version of the m2crypto port was needed to
      reflect that m2crypto is no longer installed as an .egg file.
      
      Casualties:
      
        * Emulab assign. As of this commit, assign does not build with
          clang. It will build, but immediately core dumps if built with
          a gcc port (gcc46 below). THIS NEEDS TO BE FIXED!
      
        * Emulab nsverify. This requires building a pure ns-2.34, which
          is old and does not compile with clang. You will need to set
          NSVERIFY=0 in your defs file. I did this in defs-elabinelab
          (iff FBSD==10) but no where else right now.
      
        * Bind in the base distro. Bind is no longer part of FreeBSD
          (it has been replaced with something called "unbound"). So we
          install bind99 from a port and we make the /etc/namedb symlink
          to /usr/local/etc/namedb which is where it now lives.
      
        * Perl 5.12. It has been totally removed from the ports tree.
          We now install 5.14, the next-most obsolete version of Perl!
      
        * pkg_{add,delete,info}. As mentioned, the packages tools have
          changed. For the most part "pkg <cmd>" is the same as "pkg_<cmd>"
          but not always. This required considerable violence in the
          install/phases code. But it is actually cleaner now.
      
        * GCC in the base distro. I added installation of the gcc46 port
          to the boss and ops meta packages, just for old-times sake
          (we might wind up needing it, if still more stuff doesn't work
          with clang).
      e81136ad
  19. 07 Mar, 2014 1 commit
  20. 02 Jan, 2014 1 commit
    • Mike Hibler's avatar
      Attempt to auto-configure NTP for server machines at install time. · cd4a03a5
      Mike Hibler authored
      The template configurations in the new ntpd subdir also address the
      recent NTP amplification attacks that have been going on recently.
      
      NTP configuration is controlled by a few defs-* variables:
      
      NTPSERVER: boss|ops|fs|<external-server-name-or-IP>
        Default: "ops"
        Normally, one of boss, ops, or fs is designated as a local NTP server
        but this can be set to a fully qualified name of some other machine.
        If NTPSERVER is set to an external server, then boss/ops/fs are made
        clients of that server just as any testbed node is.
      
      EXTERNAL_NTPSERVER[1-4]: <external-server-name-or-IP>
        Default: "[0-3].pool.ntp.org"
        If NTPSERVER is one of boss/ops/fs, then these values are used as the
        upstream servers for the local server. These can be changed to four of
        your favorite NTP servers.
      
      NTPDRIFTFILE: <path>
        Default: "/var/db/ntp.drift"
        If NTPSERVER is one of boss/ops/fs, then this is the name of the drift
        file for the local server.
      cd4a03a5
  21. 12 Oct, 2013 1 commit
  22. 20 Dec, 2012 1 commit
  23. 06 Dec, 2012 1 commit
    • Mike Hibler's avatar
      Support FreeBSD 8.3 for boss/ops install. · d6196ab5
      Mike Hibler authored
      Uses the "5.0" package set (like FBSD 9.0, but unlike FBSD 8.2) which
      includes perl 5.12, python 2.7 and apache 2.22. This is what will be
      installed on our boss and ops later this month.
      
      Some additional updates to the meta ports as well to make them "work better".
      d6196ab5
  24. 30 Nov, 2012 1 commit
    • Mike Hibler's avatar
      More ARP lockdown related changes. · f4871f4a
      Mike Hibler authored
      Make sure sitevars get initialized on initial installation of an Emulab.
      Fixes to the update_sitevars script, mostly in case we someday want to
      run it on every testbed software install (which we do not do right now).
      
      For ops and fs there is a race with boss that prevents us from locking
      down ARP entries early. For now, we do the lock down later in the boot.
      If someone spoofs boss or the gateway before then, we will detect it
      when we request the ARP info via SSL-enabled tmcc.
      f4871f4a
  25. 28 Nov, 2012 1 commit
    • Leigh Stoller's avatar
      Another checkpoint of the firewall code. At this point, you can swapin · bd01da19
      Leigh Stoller authored
      a XEN based ElabInElab with boss and ops running firewall rules based
      on the ruleset we use on Utah's firewall. To turn this on, add this to
      your NS file:
      
      tb-set-elabinelab-attribute CONFIG_FIREWALL_BOSS "yep"
      tb-set-elabinelab-attribute CONFIG_FIREWALL_OPS  "yep"
      
      You do not have define both.
      bd01da19
  26. 24 Sep, 2012 1 commit
    • Eric Eide's avatar
      Replace license symbols with {{{ }}}-enclosed license blocks. · 6df609a9
      Eric Eide authored
      This commit is intended to makes the license status of Emulab and
      ProtoGENI source files more clear.  It replaces license symbols like
      "EMULAB-COPYRIGHT" and "GENIPUBLIC-COPYRIGHT" with {{{ }}}-delimited
      blocks that contain actual license statements.
      
      This change was driven by the fact that today, most people acquire and
      track Emulab and ProtoGENI sources via git.
      
      Before the Emulab source code was kept in git, the Flux Research Group
      at the University of Utah would roll distributions by making tar
      files.  As part of that process, the Flux Group would replace the
      license symbols in the source files with actual license statements.
      
      When the Flux Group moved to git, people outside of the group started
      to see the source files with the "unexpanded" symbols.  This meant
      that people acquired source files without actual license statements in
      them.  All the relevant files had Utah *copyright* statements in them,
      but without the expanded *license* statements, the licensing status of
      the source files was unclear.
      
      This commit is intended to clear up that confusion.
      
      Most Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the Affero GNU General Public License, version 3
      (AGPLv3).
      
      Most Utah-copyrighted files related to ProtoGENI are distributed under
      the terms of the GENI Public License, which is a BSD-like open-source
      license.
      
      Some Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the GNU Lesser General Public License, version 2.1
      (LGPL).
      6df609a9
  27. 01 Aug, 2012 1 commit
    • Mike Hibler's avatar
      Support 64-bit FreeBSD on the server side. · 9036d314
      Mike Hibler authored
      NOTE: currently only for FreeBSD 7.3 installs because that is the only
      set of boss/ops/fs packages I have built so far!
      
      This mostly involved minor changes to event agents. Too often we were
      passing a pointer to a "long" to *get_int32, which on a 64-bit x86 OS would
      fill the wrong half of a 64-bit variable. There was also one instance of
      TCL code that had to be tweaked to account for 32- vs 64-bit.
      
      These changes also required regeneration of SWIG stubs and an ugly change
      to the SWIG generated code to use va_copy rather than direct assignment in
      a couple of places.
      
      Also related to SWIG is ensuring that the components that go into the
      perl/python stub .so files are built with PIC. The amd64 linker requires
      this.
      
      The meta-ports had to be changed to reflect that linuxthreads and
      ulsshxmlrpcpp don't work on amd64. The former had little effect as we
      had mostly eliminated uses of linuxthreads already. The one thing that
      did change was that we do not build nfstrace on amd64 (and we don't
      currently use this anyway). Removing ulsshxmlrpcpp required switching
      to the new event scheduler (event/new_sched) that Ryan did awhile back.
      Note that it is only "new" in the sense that it uses a standard XMLRPC
      package, there should be no functional differences. However, to be safe
      we only use new_sched as the standard scheduler on 64-bit server installs.
      
      Finally, added support to elabinelab setup to do a 64-bit server install.
      Just specify FBSD73-64-STD as the boss/ops/fs osid and rc.mkelab should
      do the rest.
      
      That is pretty much it other than some random nits here and there.
      9036d314
  28. 19 Jun, 2012 1 commit
    • Mike Hibler's avatar
      Make frisbee more directly IGMP (v2) aware. · 66e07584
      Mike Hibler authored
      Add "-Q <interval>" option to the master server to allow it to act as an
      IGMP V2 querier in environment where there is otherwise not one. It does
      essentially what the perl-based querier (code.google.com/p/perl-igmp-querier/)
      does, sending out a v2 membership query at the specified interval.
      
      This eliminates the need to run mrouted in some environments (e.g., elabinelab)
      just to issue IGMP queries. As a result, all the boss-install and elabinelab
      setup related to using mrouted to perform this function has been removed.
      The elabinelab CONFIG_MROUTED option has been changed to CONFIG_QUERIER
      (the former is still recognized and mapped to the latter). The undocumented
      defs-* variable NEEDMROUTED has been changed to NEEDMCQUERIER (the former
      still exists in install/installvars.pm.in but is always set to 0) to more
      accurately reflect the variable's purpose. If NEEDMCQUERIER is set, then
      the mfrisbeed startup script is modified to add the "-Q 30" option.
      
      The implementation of the client and server "-K <interval>" keep-alive option
      has been changed to directly send IGMP v2 membership reports containing the
      associated MC address.
      
      Note that the -K options have always been a hack to work-around assorted
      IGMP-related misconfigurations and incompatibilities, and really should
      only be used as a last resort. As implemented, they could cause the host
      machine to be pruned out of other MC groups at the nearest switch since
      they only report membership in the frisbee MC group. With the master server
      acting as an IGMP querier, instances of the frisbee server on that host
      should no longer need to do keep alives. We still have one case where it
      is needed on the client-side: a FreeBSD 8.x or later host connected to an
      IGMPv2-only switch. It appears that the IGMPv3 implementation added in
      FreeBSD 8.x always sends v3 reports, even when the default is configured
      (via sysctl or even recompiling the kernel) as v2.
      66e07584
  29. 01 Jun, 2012 1 commit
  30. 30 Apr, 2012 1 commit
    • Mike Hibler's avatar
      First cut at FreeBSD 9.0 support. · 1f83c9c6
      Mike Hibler authored
      Upgrade to perl 5.12 means no more "suidperl" (setuid perl scripts).
      So we now have yet another little wrapper (security/runsuid.c) which
      runs suid and whose sole function is to exec the perl script of the
      same name in the /usr/testbed/suidbin directory. So a formerly setuid
      perl script install now goes like:
        create /usr/testbed/sbin/mkproj as a symlink to /usr/testbed/libexec/runsuid
        install real mkproj perl script in /usr/testbed/suidbin/mkproj
      When the setuid-wrapper is invoked under the name "mkproj" it execs
      /usr/testbed/suidbin/mkproj. We could almost use sudo for this purpose
      instead (see security/sudoers.in) but sudo loses one of the groups in
      the group list.
      
      /usr/include/utmp.h is gone in FreeBSD 9.0. In most places we nevered
      needed it, but in the one case that did (tg source), it just used a
      couple of the constants exposed (UT_*) and not the struct, so I just
      hardwired values for the constants.
      
      The usual tweakage to the install stuff to reflect yet another set of
      packages!
      1f83c9c6
  31. 02 Apr, 2012 1 commit
  32. 27 Mar, 2012 1 commit
  33. 16 Mar, 2012 1 commit
  34. 15 Mar, 2012 2 commits