1. 26 Jan, 2009 1 commit
  2. 08 Jan, 2009 1 commit
  3. 27 Jun, 2008 1 commit
  4. 20 Jun, 2007 1 commit
  5. 11 May, 2007 1 commit
  6. 08 May, 2007 2 commits
  7. 14 Dec, 2006 1 commit
  8. 01 Dec, 2006 1 commit
  9. 30 Nov, 2006 1 commit
  10. 21 Nov, 2006 1 commit
  11. 06 Jul, 2006 1 commit
  12. 05 Jul, 2006 1 commit
    • Leigh Stoller's avatar
      Deal with an odd interaction bewteen mysql 5.0 and FreeBSD 6.1 ... · ce260a1d
      Leigh Stoller authored
      mysqld does not properly detach, and the funky shell script startup
      that is uses causes mysqld to not detach properly, and when the parent
      exits, the process group gets a SIGHUP. Well, in mysql 5.0 a HUP
      causes the mysqld to reload its grant tables, even though it was
      started with --skip-grant-tables, which causes everything on boss to
      completely break.
      
      So, on FreeBSD6, start mysqld with "daemon" utility program, which
      does the proper detach.
      ce260a1d
  13. 22 Jun, 2006 1 commit
  14. 12 Jun, 2006 1 commit
  15. 09 Jun, 2006 1 commit
  16. 07 Jun, 2006 1 commit
  17. 08 May, 2006 1 commit
  18. 25 Apr, 2006 1 commit
  19. 24 Mar, 2006 1 commit
    • Kirk Webb's avatar
      · fe964dd5
      Kirk Webb authored
      Don't start the plab renew daemon anymore.
      fe964dd5
  20. 23 Feb, 2006 2 commits
  21. 17 Feb, 2006 1 commit
  22. 07 Feb, 2006 2 commits
  23. 02 Feb, 2006 1 commit
  24. 02 Jan, 2006 1 commit
    • Timothy Stack's avatar
      · bd20dd17
      Timothy Stack authored
      First cut at a daemon that does regular checkups of the testbed
      hardware/software.
      
      	* configure, configure.in: Add tbsetup/checkup directory.
      
      	* db/audit.in: Add a listing of stuck checkups.
      
      	* install/boss-install.in: Add 'elabckup' user.
      
      	* rc.d/3.testbed.sh.in: Startup the checkup_daemon.
      
      	* sql/database-create.sql, sql/database-migrate.txt: Add the
      	checkups tables.
      
      	* tbsetup/GNUmakefile.in: Descend into the checkup directory.
      
      	* tbsetup/checkup: The checkup daemon, man page, and
      	  associated scripts.
      
      	* tbsetup/ptopgen.in: Add a feature with a value of 0.9 to
      	  prereserved nodes to keep them from being allocated unless
      	  they're really wanted.
      
      	* utils/firstuser.in: Add some other options so the script can be
      	  used to create other pseudo users.
      bd20dd17
  25. 14 Jun, 2005 1 commit
  26. 03 Jun, 2005 1 commit
  27. 26 Apr, 2005 1 commit
    • Leigh Stoller's avatar
      A watchdog daemon to try and catch (and recover from) the periodic · c47cefa1
      Leigh Stoller authored
      mysqld hangs that cause the entire system to grind to a halt. The
      basic theory of operation is like this:
      
      * Once a minute fork a child (protected by a 60 second timeout) to
        connect to the DB and issue a simple query. If the child can access
        the DB okay, it exits with a zero status.
      
      * If the alarm fires, the child is killed. This indicates that mysqld
        is no longer responding in a reasonable amount of time (60 seconds).
        We shift into trying to restart mysqld:
      
           * Send mysqld a TERM. Wait for 30 seconds.
      
           * Try query again; typically, the situation will not have changed one
             bit, but I do it anyway.
      
           * If mysqld was running, send it a kill -9. Wait for 15 seconds.
      
           * Start mysqld. Wait for 5 seconds.
      
           * Try query again. If query succeeds, we are done, and no one
             will have to deal with it Sunday morning at 6am (thanks Tim).
      
           * If query still fails, send email and give up trying to do fix
             anything. The daemon continues to query the DB once a minute;
             once the query succeeds (cause a human fixed things up), the
             daemon goes back into its normal mode (attempt to fix things
             next time it fails).
      
      So, the problem is what happens when someone kills off mysqld for some
      other reason. It may be that this daemon should only try to restart
      mysqld if and only if, it actually killed a running mysqld. Comments?
      c47cefa1
  28. 25 Apr, 2005 1 commit
  29. 16 Feb, 2005 1 commit
    • Leigh Stoller's avatar
      New web cameras are a lot easier to deal with! I've removed the · e3bde0ea
      Leigh Stoller authored
      grabwebcams startup since it is no longer needed.
      
      The new version of the webcam page connects directly to the cameras
      using a URL stored in the DB (webcams table). The URL includes the
      user (elabman) and the password, which is fine; not likely to leak
      out the password and even if we did, no biggie since its on the private
      network and no one can get to it anyway.
      
      I have reduced the frame rate to 5fps (compression 50%) as specified
      in the URL, and even thats a lot of bandwidth.
      
      I will work on providing mpeg feeds later!
      e3bde0ea
  30. 27 Jan, 2005 1 commit
  31. 26 Jan, 2005 1 commit
    • Leigh Stoller's avatar
      The Robot Lab Monitor Daemon. A very silly script that looks at some · 4963660a
      Leigh Stoller authored
      sitevars to determine if the Robot Lab is open or closed. The sitevars:
      
      * 'robotlab/override' - Override other settings and forcibly turn the lab
        "on" or "off" (open or close). When the lab is turned off, new
        experiments cannot swap in and the current experiment is immediately
        swapped out.
      
      * 'robotlab/exclusive' - The robot lab is exclusive use. Best to not mess
        with this sitevar :-)
      
      * 'robotlab/opentime' - The time that the robot lab opens in the
        morning. The default is 07:00, but feel free to change this as you like.
      
      * 'robotlab/closetime' - The time that the robot lab closes in the
        evening. The default is 18:00, but feel free to change this as you like.
      
      * 'robotlab/open' - The robot lab is open or closed. DO NOT MESS WITH THIS!
        It is updated by the robomonitord script and intended to be used by
        admission control (not done yet).
      
      The robomonitord script runs and periodically (every 2 minutes) wakes up
      and looks at the various sitevars above. The lab is open during the day,
      Monday through Friday, and closed on weekends. It is also supposed to be
      closed on holidays, but I have not added that yet.
      
      15 minutes before the lab is to be closed, a warning message is sent to the
      swapper of the experiment running on the robot testbed, that their
      experiment is going to be swapped soon. When the Robot lab is closed
      (either cause the close time was reached, or because the lab was forcibly
      closed with the override), the current experiment is immediately swapped
      out.
      
      I know, this is hopelessly bogus, but it will do until we feel like adding
      a "Lab" datatype to the system.
      4963660a
  32. 16 Nov, 2004 1 commit
  33. 30 Sep, 2004 2 commits
  34. 01 Sep, 2004 1 commit
    • Leigh Stoller's avatar
      SSL version of the XMLRPC server. · a9c1045e
      Leigh Stoller authored
      * SSL based server (sslxmlrpc_server.py) that wraps the existing Python
        classes (what we export via the existing ssh XMLRPC server). I also have a
        demo client that is analogous the ssh demo client (sslxmlrpc_client.py).
        This client looks for an ssl cert in the user's .ssl directory, or you can
        specify one on the command line. The demo client is installed on ops, and
        is in the downloads directory with the rest of the xmlrpc stuff we export
        to users. The server runs as root, forking a child for each connection and
        logs connections to /usr/testbed/log/sslxmlrpc.log via syslog.
      
      * New script (mkusercert) generates SSL certs for users. Two modes of
        operation; when called from the account creation path, generates a
        unencrypted private key and certificate for use on Emulab nodes (this is
        analagous to the unencrypted SSH key we generate for users). The other mode
        of operation is used to generate an encrypted private key so that the user
        can drag a certificate to their home/desktop machine.
      
      * New webpage (gensslcert.php3) linked in from the My Emulab page that
        allows users to create a certificate. The user is prompted for a pass
        phrase to encrypt the private key, as well as the user's current Emulab
        login password. mkusercert is called to generate the certificate, and the
        result is stored in the user's ~/.ssl directory, and spit back to the user
        as a text file that can be downloaded and placed in the users homedir on
        their local machine.
      
      * The server needs to associate a certificate with a user so that it can
        flip to that user in the child after it forks. To do that, I have stored
        the uid of the user in the certificate. When a connection comes in, I grab
        the uid out of the certificate and check it against the DB. If there is a
        match (see below) the child does the usual setgid,setgroups,setuid to the
        user, instantiates the Emulab server class, and dispatches the method. At
        the moment, only one request per connection is dispatched. I'm not sure
        how to do a persistant connection on the SSL path, but probably not a big
        deal right now.
      
      * New DB table user_sslcerts that stores the PEM formatted certificates and
        private keys, as well as the serial number of the certificate, for each
        user. I also mark if the private key is encrypted or not, although not
        making any use of this data. At the moment, each user is allowed to get
        one unencrypted cert/key pair and one encrypted cert/key pair. No real
        reason except that I do not want to spend too much time on this until we
        see how/if it gets used. Anyway, the serial number is used as a crude form
        of certificate revocation. When the connection is made, I suck the serial
        number and uid out of the certificate, and look for a match in the table.
        If cert serial number does not match, the connection is rejected. In other
        words, revoking a certificate just means removing its entry from the DB
        for that user. I could also compare the certificate itself, but I am not
        sure what purpose that would serve since that is what the SSL handshake is
        supposed to take of, right?
      
      * Updated the documentation for the XMLRPC server to mention the existence
        of the SSL server and client, with a pointer into the downloads directory
        where users can pick up the client.
      a9c1045e
  35. 30 Aug, 2004 1 commit
  36. 18 Aug, 2004 1 commit