1. 10 Sep, 2004 1 commit
    • Leigh Stoller's avatar
      Small change to suexec code. This change has the potential for creating · 7e731fba
      Leigh Stoller authored
      unanticipated breakage. If that happens, just need to back out the
      changes under the "suexec-stuff" tag. However, the better solution will
      probably be to fix the PHP scripts that break by adding the proper
      groups in the call to suexec (in the web page, see below) or by fixing
      the backend Perl script that breaks.
      
      This fix is primarily to address the problem of some users being in more
      groups (cause of subgroups) then the max number of groups allowed
      (NGROUPS).  The groups that really mattered (say, for creating an
      experiment in a subgroup) could be left out cause they were at the end
      of the list.
      
      * suexec.c: Change how groups are handled. Instead of taking a single
        gid argument (the gid to setgid as), now takes a comma separated list
        of groups. Further, instead of doing a setgroups to the user's entire
        group list as specified in the groups file (getgroups), setgroups to
        just the groups listed on the command line, plus the user's primary
        group from the password file (this is to prevent potential breakage
        with accessing files from the users homedir, although might not really
        be necessary).
      
        This change is somewhat rational in the sense that in our case, suexec
        is not being used to run arbitrary user code (CGIs), but only to run
        specific scripts that we say should be run. The environment for
        running those scripts can be more tightly controlled then it would
        otherwise need to be if running some random CGI the user has in his
        public html directory.
      
      * www: Change the gid argument to SUEXEC() in a number of scripts so
        that the project and subgroup are explicitly given to suexec, as
        described above. For example, in beginexp:
      
      	SUEXEC(gid, "$pid,$unix_gid", ....);
      
        Aside: note that project names (pid) are always one to one with their
        unix group name, but subgroup names are not, and *always* have to be
        looked up in the DB, hence the "unix_gid" argument.
      
        Script breakage should require nothing more then adding the proper
        group to the list as above.
      7e731fba
  2. 13 Apr, 2004 1 commit
    • Leigh Stoller's avatar
      Do not allow images that are marked global to be created via the · 95b185bd
      Leigh Stoller authored
      create_image script. Also check path; filename must translate to a path
      on /proj, /users, or /groups since the image is actually written from
      the node, and those are the only places it makes sense to write them to.
      
      Minor change to web interface; email error messages to user *and* to
      tbops; was going only to tbops.
      95b185bd
  3. 25 Feb, 2004 1 commit
  4. 15 Apr, 2003 1 commit
  5. 08 Apr, 2003 1 commit
  6. 26 Mar, 2003 1 commit
    • Leigh Stoller's avatar
      Add "gid" slot to the images table for changing permission scheme from · 4c56daf6
      Leigh Stoller authored
      only pid, to pid/gid like most other things in the testbed. Also add a
      "global" slot to denote images that are globally available to all
      projects (system images). The older "shared" attribute is now used to
      denote images that are shared within a project (available to all
      subgroups in the project). The migration path for existing DBs is
      given in the migrate file. Be sure to run those commands on an
      existing testbed or things will break!
      
      www/newimageid, www/newimageid_ez: A bunch of changes for
      shared/global attributes. Added a group menu to the form so users can
      create images in subgroups. Beefed up the Java code that constructs
      the path name to use the gid, shared, and global attributes of the
      form to give the user the best possible path that we can. Improved the
      pathname checking code so that we do not allow just any old path in
      case the user elects to disregard the path we carefully constructed
      for them. Also check the proj/group membership, and setup defaults for
      users that have permission in just one pid/gid to create images.
      
      libdb.in: Changed permission check in TBImageIDAccessCheck() to
      reflect shared/global attribute changes.
      
      os_load: Get rid of test that checked path of the image. The path
      checking is done in the web interface anyway, so why duplicate in 4
      places. Other minor changes reflecting shared->global name change.
      Also note that images can come from the group directory now.
      
      create_image: Get rid of test that checked path of the image. The path
      checking is done in the web interface anyway, so why duplicate in 4
      places. Also note that images can come from the group directory now.
      
      www/dbdefs: Changed permission check in TBImageIDAccessCheck() to
      reflect shared/global attribute changes.
      
      www/showimageid_list, www/showstuff: Minor global/shared attribute
      changes.
      
      www/menu: Change osids/imageids pointer to point to the image list,
      not the osid list. This is more reasonable for mere users who have
      access to the EZ form, and thus never really need to concern
      themselves with osids.
      
      www/editimageid: Add proper pathname checking. There were no checks at
      all before!
      4c56daf6
  7. 25 Mar, 2003 1 commit
    • Leigh Stoller's avatar
      Address a Tim Stack nit, one thats bothered me for a bit. Get rid of · 6d771542
      Leigh Stoller authored
      the newimageid_explain front page, since I had actually moved most of
      that text into the tutorial a couple of months ago. I moved the rest
      of the text over, and changed the links to point to the short form.
      Added a link at the top of the short form pointing to the tutorial
      section, and for admin types, a link to the long form.
      6d771542
  8. 06 Dec, 2002 1 commit
  9. 10 Sep, 2002 1 commit
    • Chad Barb's avatar
      · 35a9c90c
      Chad Barb authored
      Improved error reporting style.. also added image for uky,
      though right now it is the same as the standard image
      (will edit it soon.)
      35a9c90c
  10. 17 Jul, 2002 1 commit
  11. 07 Jul, 2002 1 commit
  12. 17 Jun, 2002 1 commit
  13. 02 Mar, 2002 1 commit
  14. 14 Feb, 2002 1 commit
    • Leigh Stoller's avatar
      A morass of form changes. The main goals are to avoid the loss of info · 9ac3d870
      Leigh Stoller authored
      when backing up (cause of an error that needs to be fixed) since not
      all browsers handle this the same. Instead, redraw the form with all
      of the original info and a list of error messages at the top.
      Conceptually simple change, but it turns out to be a pain to implement
      since you need to combine the form and processing code in one page
      (well, its just a lot easier to do that), and then change all of the
      forms to deal with a "default" value. That is, each different kind of
      input tag (text, radio, select, checkbox, etc.) requires slightly
      different changes to do that. Lots of forms, lots of entries on the
      forms, and its a long slow tedious process. Much nicer though, although
      the code is a bit harder to grok. At the same time, I added a lot more
      sanity checks of the information being passed in.
      
      The other change is to deal with how browsers handle the back button
      on a form thats been properly submitted. Not all browsers use
      the cache directives the same, and I was often typing back, only to
      have some form get reposted. Thats a major pain in the butt. The way
      to deal with that is to have the processor send out a Location header,
      which modifies the browser history so that the post is no longer in
      the history. You back up straight to the unposted form (if its in the
      cache). I've done this to only some forms, since its a bit of a pain
      to rework things so that you can jump ahead to a page that spits out
      the requisite warm fuzzies for the specific operation just completed.
      
      I've done newproject, joinproject, update user info, newimageid, and
      newimaged_dz forms.
      9ac3d870
  15. 11 Feb, 2002 1 commit
  16. 08 Feb, 2002 1 commit
    • Leigh Stoller's avatar
      Big round of image/osid changes. This is the first cut (final cut?) at · a73e627e
      Leigh Stoller authored
      supporting autocreating and autoloading images. The imageid form now
      sports a field to specify a nodeid to create the image from; If set,
      the backend create_image script is invoked. Thats the easy part.
      Slightly harder is autoloading images based on the osid specified in
      the NS file. To support this, I have added a new DB table called
      osidtoimageid, which holds the mapping from osid/pctype to imageid.
      When users create images, they must specify what node types that image
      is good for. Obviously, the mappings have to be unique or it would be
      impossible to figure it out! Anyway, once that image mapping is
      in place and the image created, the user can specify that ID in the NS
      file. I've changed os_setup to to look for IDs that are not loaded,
      and to try and find one in the osidtoimageid. If found, it invokes
      os_load. To keep things running in parallel as much as possible,
      os_setup issues all the loads/reboots (could be more than a single set
      of loads is multiple IDs are in the NS file) at once, and waits for
      all the children to exit. I've hacked up os_load a bit to try and be
      more robust in the face of PXE failures, which still happen and are
      rather troublsesome. Need an event system!
      
      Contained in this revision are unrelated changed to make the OS and
      Image IDs per-project unique instead of globally unique, since thats a
      pain for the users. This turns out to be very messy, since underneath
      we do not want to pass around pid/ID in all the various places its
      used. Rather, I create a globally unique name and extened the OS and
      Image tables to include pid/name/ID. The user selects pid/name, and I
      create the globally unique ID. For the most part this is invisible
      throughout the system, except where we interface with the user, say in
      the web pages; the user should see his chosen name where possible, and
      the should invoke scripts (os_load, create_image, etc) using his/her
      name not the internal ID. Also, in the front end the NS file should
      use the user name not the ID. All in all, this accounted for a number
      of annoying changes and some special cases that are unavoidable.
      a73e627e
  17. 18 Oct, 2001 2 commits