1. 18 Nov, 2003 1 commit
  2. 05 Nov, 2003 1 commit
    • Leigh B. Stoller's avatar
      Middle part of the event system changes. The main part of this change · 54bc15c4
      Leigh B. Stoller authored
      is to add HMACs to events to ensure they that events cannot be
      injected into an experiment by an unauthorized client.
      
      * The frontend now generates a secret key for each experiment and
        stores that into a file and in the DB.
      
      * Each of the event clients, as well as the event producers
        (scheduler, tevc) have a new -k option to specify the name of the
        file. Two new event library functions were added for clients to give
        the key:
      
          event_handle_t
          event_register_withkeyfile(char *name, int threaded, char *keyfile);
      
          event_handle_t
          event_register_withkeydata(char *name, int threaded,
      	   		       unsigned char *keydata, int keylen);
      
      * When the library is in possesion of a key, it will generate an HMAC
        and attach it to outgoing notifications. A client receiving a
        notification will compute an HMAC and compare it against the HMAC in
        the notification. If they do not compare, the notification is
        dropped with a warning message printed (the client callback never
        gets the notification). If the client has not provided a key, then
        the HMAC in the incoming notification is ignored.
      
      * The scheduler also takes a -k option, and will compute HMACs for all
        of the static events ahead of time. That keeps it off the critical
        path.
      
      * The tevc client also takes a -k option. However, tevc will always
        try to find the keyfile (default path) so that it can attach the
        HMAC to dynamic events before sending them to the scheduler (which
        will check to make sure it matches). The scheduler will not accept
        dynamic events without unless the HMAC is present and matches.
      
      * I have rebuilt the elvin librarys, removing all of the X goop and
        the SSL goop. Smaller binaries. So, I had to add -lcrypto to all of
        the client makefiles to that programs link.
      
      * The program-agent got a few more changes. The command string is no
        longer passed inside the event; it comes in when the program agent
        is started, via a config file generated from tmcd data. This gets
        rid of our mostly insecure remote execution facility.
      54bc15c4
  3. 17 Oct, 2003 1 commit
  4. 07 Aug, 2003 1 commit
  5. 10 Jun, 2003 1 commit
  6. 30 May, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add code to write pidfile, and -i option to specify pid file. · 66f8949f
      Leigh B. Stoller authored
      Add -u option to specify the user. Do the uid flip here instead of in
      the perl wrapper, but only if root of course. Otherwise runs as the
      user that invoked the program-agent.
      Add mandatory -e option to speicfy the pid/eid to use in event tuple
      instead of the ipaddr, since in jails without their own IP address,
      using the ipaddr is broken (all jails see all program events).
      Add mandatory -a option to specify a list of object names, so that the
      agent will get just the events it should. There is a corresponding new
      tmcc command that specifies the list of program objects for the node
      (or vnode).
      66f8949f
  7. 18 Dec, 2002 1 commit
  8. 10 Jul, 2002 1 commit
  9. 03 Apr, 2002 1 commit
  10. 22 Mar, 2002 1 commit
    • Leigh B. Stoller's avatar
      New "program agent" that runs on the client nodes (freebsd and linux) · 187a3a18
      Leigh B. Stoller authored
      and reponds to PROGRAM events. Currently, just start and stop. Start
      takes a COMMAND= argument, and allows arbitrary command lines since I
      pass the whole thing off to the shell. Caveat; the agent runs as root
      and starts the program as root. You can has as many program objects in
      your NS file as you like, but each one can be started once; you have
      to either stop or wait for the old one to finish before trying to
      start again.
      187a3a18