1. 09 Jan, 2012 1 commit
  2. 06 Jan, 2012 4 commits
  3. 13 Dec, 2011 1 commit
  4. 08 Nov, 2011 1 commit
  5. 07 Nov, 2011 1 commit
  6. 07 Oct, 2011 1 commit
  7. 06 Oct, 2011 1 commit
  8. 05 Oct, 2011 2 commits
  9. 30 Sep, 2011 1 commit
    • Leigh B Stoller's avatar
      Start on the move from Apache 1.3 to 2.2 ... · 6cd688f9
      Leigh B Stoller authored
      * The httpd.conf file I started with came from Dave's linux-port branch,
        and subsequently whacked for FreeBSD installation. Sorry for not using
        git to bring the base version in.
      
      * Configure changes to determine what version of apache is installed, and
        modify behaviour in makefiles accordingly.
      
      * Along with Apache 2.2 comes the latest version of PHP5, and that requires
        a bogus timezone directive in php.ini to prevent endless warnings. So I
        moved the entire php,ini install from ops/boss-install to here.
      
      Note that I had to use the 8.2 ports tree to build this stuff, and it the
      usual headache cause options and directives have changed.
      6cd688f9
  10. 28 Sep, 2011 1 commit
  11. 13 Sep, 2011 1 commit
  12. 17 Aug, 2011 1 commit
  13. 10 Aug, 2011 2 commits
  14. 19 Jul, 2011 1 commit
  15. 27 May, 2011 1 commit
  16. 18 May, 2011 1 commit
  17. 17 May, 2011 1 commit
    • Mike Hibler's avatar
      Add machinery to automatically setup mrouted on the control network. · 3ba294d9
      Mike Hibler authored
      This is specifically intended for elabinelab right now where configurations
      with an "inner control network" need a multicast router for inner frisbee
      to work. There is (an undocumented) NEEDMROUTED defs variable that controls
      whether the machinery is triggered or not. It is not documented because, though
      in theory this would work for a real boss setup, it has not been tested and
      each install would probably need a custom mrouted.conf file.
      
      For an inner elab, this variable is automatically set in defs-elabinelab
      if there is an inner control network. The result is that the mrouted port
      will be installed, it will be enabled in rc.conf, and a stub mrouted.conf
      file is created (to force mrouted to ignore the real control network).
      3ba294d9
  18. 11 May, 2011 1 commit
  19. 20 Apr, 2011 1 commit
    • Leigh B Stoller's avatar
      Changes our ssh key/account handling in RedeemTicket() and · 03c2107c
      Leigh B Stoller authored
      CreateSliver(), to handle multiple accounts.  This somewhat reflects
      the Geni AM API for keys, which allows the client to specify multiple
      users, each with a set of ssh keys.
      
      The keys argument to the CM now looks like the following (note that
      the old format is still accepted and will be for a while).
      
      [{'urn'   => 'urn:blabla'
        'login' => 'dopey',
        'keys'  => [ list of keys like before ]},
       {'login' => "leebee",
        'keys'  => [ list of keys ... ]}];
      
      Key Points:
      
      1. You can supply a urn or a login or both. Typically, it is going to
         be the result of getkeys() at the PG SA, and so it will include
         both.
      
      2. If a login is provided, use that. Otherwise use the id from the urn.
      
      3. No matter what, verify that the token is valid for Emulab an uid
         (standard 8 char unix login that is good on just about any unix
         variant), and transform it if not.
      
      4. For now, getkeys() at the SA will continue to return the old format
         (unless you supply version=2 argument) since we do not want to
         default to a keylist that most CMs will barf on.
      
      5. I have modified the AM code to transform the Geni AM version of the
         "users" argument into the above structure. Bottom line here, is
         that users of the AM interface will not actually need to do
         anything, although now multiple users are actually supported
         instead of ignored.
      
      Still to be done are the changes to the login services structure in
      the manifest. We have yet to settle on what these changes will look
      like, but since people generally supply valid login ids, you probably
      will not need this, since no transformation will take place.
      03c2107c
  20. 05 Apr, 2011 1 commit
  21. 04 Apr, 2011 1 commit
  22. 10 Mar, 2011 1 commit
  23. 07 Mar, 2011 1 commit
  24. 10 Feb, 2011 3 commits
  25. 08 Feb, 2011 2 commits
  26. 07 Feb, 2011 1 commit
  27. 03 Feb, 2011 2 commits
  28. 02 Feb, 2011 1 commit
  29. 18 Jan, 2011 1 commit
  30. 11 Jan, 2011 2 commits
    • Mike Hibler's avatar
      Found a patch that will make the SelfLoader work with perl 5.10.1. · f0ea7d23
      Mike Hibler authored
      Repeating myself since not everything got committed last time...
      
      In the lastest version of SelfLoader they fixed the taint problem.  It is
      literally one line of code (plus updating version string) so I just made
      a patch.  Also, fixup boss/ops-install to apply the patch and change the
       default to use the SelfLoader again.
      f0ea7d23
    • Mike Hibler's avatar
      More work toward getting this working on subboss. · 8d80301e
      Mike Hibler authored
      More work on the hierarchical configuration for subboss. When doing host-based
      authentication, allow client to pass an explicit host (IP) to the mserver.
      If the mserver is configured to allow it, that IP is used for authenticating
      the request instead of the caller's IP. Add a default ("null") configuration
      so the mserver can operate out-of-the-box with no config file. The goal of
      these two changes is for an mserver instance with the default config and a
      proxy option to serve the needs of a subboss node (i.e., so no explicit
      configuration will be needed).
      8d80301e