1. 28 Apr, 2003 1 commit
  2. 23 Apr, 2003 2 commits
  3. 22 Apr, 2003 1 commit
  4. 21 Apr, 2003 1 commit
  5. 16 Apr, 2003 1 commit
    • Chad Barb's avatar
      · 85858667
      Chad Barb authored
      Script and datafile to ensure consistency of off-site sitevariable
      definitions-- A lot like schemadiff.
      
      database-fill was inappropriate, since you don't want sitevars
      from the main site to overwrite remote sitevars.
      
      Needs to be integrated into install process, probably in the
      same way as schemadiff.
      85858667
  6. 14 Apr, 2003 1 commit
  7. 01 Apr, 2003 1 commit
  8. 26 Mar, 2003 1 commit
    • Leigh B. Stoller's avatar
      Add "gid" slot to the images table for changing permission scheme from · 4c56daf6
      Leigh B. Stoller authored
      only pid, to pid/gid like most other things in the testbed. Also add a
      "global" slot to denote images that are globally available to all
      projects (system images). The older "shared" attribute is now used to
      denote images that are shared within a project (available to all
      subgroups in the project). The migration path for existing DBs is
      given in the migrate file. Be sure to run those commands on an
      existing testbed or things will break!
      
      www/newimageid, www/newimageid_ez: A bunch of changes for
      shared/global attributes. Added a group menu to the form so users can
      create images in subgroups. Beefed up the Java code that constructs
      the path name to use the gid, shared, and global attributes of the
      form to give the user the best possible path that we can. Improved the
      pathname checking code so that we do not allow just any old path in
      case the user elects to disregard the path we carefully constructed
      for them. Also check the proj/group membership, and setup defaults for
      users that have permission in just one pid/gid to create images.
      
      libdb.in: Changed permission check in TBImageIDAccessCheck() to
      reflect shared/global attribute changes.
      
      os_load: Get rid of test that checked path of the image. The path
      checking is done in the web interface anyway, so why duplicate in 4
      places. Other minor changes reflecting shared->global name change.
      Also note that images can come from the group directory now.
      
      create_image: Get rid of test that checked path of the image. The path
      checking is done in the web interface anyway, so why duplicate in 4
      places. Also note that images can come from the group directory now.
      
      www/dbdefs: Changed permission check in TBImageIDAccessCheck() to
      reflect shared/global attribute changes.
      
      www/showimageid_list, www/showstuff: Minor global/shared attribute
      changes.
      
      www/menu: Change osids/imageids pointer to point to the image list,
      not the osid list. This is more reasonable for mere users who have
      access to the EZ form, and thus never really need to concern
      themselves with osids.
      
      www/editimageid: Add proper pathname checking. There were no checks at
      all before!
      4c56daf6
  9. 14 Mar, 2003 1 commit
  10. 07 Mar, 2003 1 commit
    • Mac Newbold's avatar
      A few changes to stated: · 92fa4ae2
      Mac Newbold authored
       - fix bad indenting to a uniform 4 spaces (before was 2, 4 and 8 mixed)
       - Move ping-for-isup functionality into a separate script
       - Make sure every transition triggered by stated (directly or indirectly)
         sends an event, instead of taking shortcuts.
      
      This called for a new script, eventping, which just pings until the node
      is pingable, then sends an ISUP event. Stated runs this in the background
      where necessary, and nothing else should run it.
      
      Adding eventping meant modifying configure and the utils makefile, too.
      92fa4ae2
  11. 05 Mar, 2003 1 commit
  12. 13 Feb, 2003 2 commits
  13. 18 Dec, 2002 1 commit
    • Kirk Webb's avatar
      · 09c57e3b
      Kirk Webb authored
      When an image is created successfully, a message stating this fact is printed
      to the log.
      
      More importantly, I fixed a bug in the NFS slack factor logic which resulted
      in create_image waiting forever for progress to be made.
      09c57e3b
  14. 10 Dec, 2002 1 commit
    • Kirk Webb's avatar
      · fc985a64
      Kirk Webb authored
      Modified the timeout logic in create_image to track the image creation progress
      (size) rather than simply waiting a certain amount of time.  Also changed the
      code to report progress at regularly spaced intervals (adjustable), and
      to indicate when the timeout timer has been activated, or halted due to
      progress.  The changes also include an NFS cache slack factor, which makes
      the effective non-progress timeout equal to the sum of the slack time, plus
      the non-progress time (currently 3 + 5 = 8 minutes).
      
      Some changes were made to the error and cleanup logic to help revert the
      state of the DB and node as much as possible (node is not rebooted if the
      DB state cannot first be reverted) prior to exit.
      fc985a64
  15. 06 Dec, 2002 2 commits
  16. 22 Oct, 2002 1 commit
  17. 18 Oct, 2002 1 commit
    • Mac Newbold's avatar
      Merge the newstated branch with the main tree. · 5c961517
      Mac Newbold authored
      Changes to watch out for:
      
      - db calls that change boot info in nodes table are now calls to os_select
      
      - whenever you want to change a node's pxe boot info, or def or next boot
      osids or paths, use os_select.
      
      - when you need to wait for a node to reach some point in the boot process
      (like ISUP), check the state in the database using the lib calls
      
      - Proxydhcp now sends a BOOTING state for each node that it talks to.
      
      - OSs that don't send ISUP will have one generated for them by stated
      either when they ping (if they support ping) or immediately after they get
      to BOOTING.
      
      - States now have timeouts. Actions aren't currently carried out, but they
      will be soon. If you notice problems here, let me know... we're still
      tuning it. (Before all timeouts were set to "none" in the db)
      
      One temporary change:
      
      - While I make our new free node manager daemon (freed), all nodes are
      forced into reloading when they're nfreed and the calls to reset the os
      are disabled (that will move into freed).
      5c961517
  18. 17 Sep, 2002 1 commit
  19. 04 Sep, 2002 1 commit
  20. 26 Aug, 2002 2 commits
    • Leigh B. Stoller's avatar
      Rework all of the ssh key handling. Moved the parsing and verification · ae77bdb6
      Leigh B. Stoller authored
      to an external perl script, and use ssh-keygen to attempt conversion
      off SSH2/SECSH key formats. This is actually a simplification of the
      php code, which is not generally very good at this kind of thing (or
      maybe I mean perl is just better at it). The parsing and error
      handling it also much improved.
      ae77bdb6
    • Leigh B. Stoller's avatar
      Minor reorg of cvsupd startup. It now gets started by perl script that · 541a3586
      Leigh B. Stoller authored
      flips the uid/gid to nobody/nobody. It would be good to run this in a
      chroot shell, but that would be difficult given that we cannot easily
      rebuild cvsupd (modula-3). The right solution is to either run it in a
      jail or to move it to ops.
      
      Note, files in the sup tree obviously have to be world readable for
      cvsupd to send them off.
      541a3586
  21. 26 Jul, 2002 1 commit
  22. 22 Jul, 2002 1 commit
  23. 07 Jul, 2002 1 commit
  24. 01 Jul, 2002 1 commit
  25. 24 Jun, 2002 3 commits
  26. 19 Jun, 2002 1 commit
  27. 13 Jun, 2002 1 commit
  28. 05 Jun, 2002 1 commit
    • Leigh B. Stoller's avatar
      Changes to sshtb. Remove sshremote, and convert sshtb into a perl · 231fc2b1
      Leigh B. Stoller authored
      script that checks the database to see if local or remote. The problem
      with this is that the ssh syntax makes it hard to determine the host
      name by inspection. Would need to parse all the ssh args (bad idea),
      ot work backwards and try to figure out the difference between the
      command (which is not a string but a sequence of args) and the host
      and the preceeding ssh args. Hell with that! Changed sshtb to require
      a specific -host argument. Read the args and look for it. Error out of
      not found, to catch improper usage.
      
      The moral of this update: "sshtb [ssh args] -host <host> [more args ...]
      231fc2b1
  29. 23 May, 2002 2 commits
  30. 12 May, 2002 1 commit
  31. 17 Apr, 2002 1 commit
  32. 01 Apr, 2002 1 commit
    • Leigh B. Stoller's avatar
      First cut at supporting RON (or more generally, remote nodes). · bd587829
      Leigh B. Stoller authored
      * tmcd/ron: A new directory of client code, based on the freebsd
        client code, but scaled back to the bare minimum. Does only account
        and group file maintenance. I redid the account stuff so that only
        emulab accounts are operated on. Does not require a stub file, but
        instead keeps a couple of local dbm files recording what groups and
        accounts were added by Emulab. There is a ton of paranoia checking
        to make sure that local accounts are not touched.
      
        The update script that runs on the client node detaches so that the
        ssh from boss returns immediately. update can also be run from the
        node periodically and at boottime. The script is installed setuid
        root, but checks to make sure that *only* root or "emulabman" has
        invoked it.
      
      * utils/sshremote: New file. For remote nodes, instead of using sshtb,
        use sshremote, which ssh's in as "emulabman", which needs to be a
        local non-root user, but with an authorized_keys file containing
        boss' public key.
      
      * web interface changes: Allow user to specify his own public key in
        addition to the emulab key.
      
        Add option in showexp page to update accounts on nodes in the
        experiment. I was originally intending to do this from approveuser,
        but this was easier and faster. I will add an option to do it on the
        approveuser page later.
      
      * libdb.pm: Add a TBIsNodeRemote() query to see if a node is in the
        local testbed or a pcRemote node. Currently, this test is hardwired
        to a check for class=pcRemote, but this will need to change to a
        node_types property at some point.
      
      * node_update: Reorg so that there is a maximum number of children
        created. Previously, a child was forked for each node, but that
        could chew up too many processes, especially for remote nodes which
        might hang up. For the same reason, we need to "lock" the experiment
        so that it cannot be terminated while a node_update is in progress.
        Might be to relax that, but this was easy for now. Also add
        distinction between local and remote, since for remote we use
        sshremote insted of sshtb. Various cleanup stuff
      
      * mkacct; When generating a new account, include user supplied pub key
        in the authorized keys file, in addition to the eumlab generated
        key. Both keys are stored in the DB in the users table. Anytime we
        update an account, get a fresh copy of the emulab pub key, in case
        user changes it.
      bd587829
  33. 04 Mar, 2002 1 commit