1. 25 Nov, 2014 3 commits
  2. 24 Nov, 2014 2 commits
    • Kirk Webb's avatar
      Add power support for moonshot. · 1d87bf24
      Kirk Webb authored
      This enhances the power_ipmi module in three ways:
      
      * Will now check for auth creds in the outets_remoteauth table.
        - Previously the module had credentials hard-wired.
        - Key role in table should be "ipmi-passwd".
      
      * Makes it run in parallel for the set of outlets provided
        - via emutil::ParRun().
      
      * HP Moonshot chassis iLO support.
        - Device (node) type == "ipmi-ms".
        - Outlet to ipmi address resolution.
        - Additional required ipmitool parameters ("lanplus" protocol).
      
      * Supports KGKEY for session encryption.
        - KGKEYs can be placed in the DB ("ipmi-kgkey" role, key encoded in hex).
      
      Note that the "status" command doesn't really work presently, but that's
      OK since it wasn't ever hooked in.
      1d87bf24
    • Kirk Webb's avatar
      cloudlab defs file for kwebb · d82ed018
      Kirk Webb authored
      d82ed018
  3. 23 Nov, 2014 4 commits
  4. 21 Nov, 2014 1 commit
  5. 19 Nov, 2014 2 commits
    • Kirk Webb's avatar
      Clear taint states from nodes in the proper place (on 'reloading' exit). · 721bb6bc
      Kirk Webb authored
      Move the taint clearing action so that it happens as the node exits
      the "reloading" experiment (vs. when it goes into reloading).
      721bb6bc
    • Kirk Webb's avatar
      Sprinkle taint checks throughout tmcd to avert privilege escalation. · d9c27fac
      Kirk Webb authored
      Also add utility function to allow the node to get the exact details of
      the image it is running ('imageinfo').
      
      Some of the taint checks are rather heavy-handed presently.  Pretty much
      any vector that could be used by the user to do something as root has
      been severed right at the top of the relevant tmcd calls.
      
      Calls affected:
      
      manifest ('blackbox' and 'useronly' taintstates)
      rpms ('blackbox' and 'useronly' taintstates)
      tarballs ('blackbox' and 'useronly' taintstates)
      blobs ('blackbox' and 'useronly' taintstates)
      startupcmd ('blackbox' taintstate)
      mounts ('blackbox' taintstate)
      programs ('blackbox' taintstate)
      
      Taint handling for the 'accounts' call was dealt with in a prior commit.
      d9c27fac
  6. 18 Nov, 2014 2 commits
  7. 17 Nov, 2014 2 commits
  8. 16 Nov, 2014 2 commits
  9. 15 Nov, 2014 1 commit
  10. 14 Nov, 2014 6 commits
  11. 13 Nov, 2014 1 commit
  12. 12 Nov, 2014 14 commits