Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-stable
Commits
0cea3c39
Commit
0cea3c39
authored
Nov 04, 2008
by
Leigh B. Stoller
Browse files
Checkpoint fixes made while getting initialization scripts to work
parent
359bc3a4
Changes
5
Hide whitespace changes
Inline
Side-by-side
protogeni/lib/GeniAggregate.pm.in
View file @
0cea3c39
...
...
@@ -36,6 +36,7 @@ my $TBAPPROVAL = "@TBAPPROVALEMAIL@";
my
$
TBAUDIT
=
"@TBAUDITEMAIL@"
;
my
$
BOSSNODE
=
"@BOSSNODE@"
;
my
$
OURDOMAIN
=
"@OURDOMAIN@"
;
my
$
PGENIDOMAIN
=
"@PROTOGENI_DOMAIN@"
;
my
$
SIGNCRED
=
"$TB/sbin/signgenicred"
;
my
$
VERIFYCRED
=
"$TB/sbin/verifygenicred"
;
...
...
@@ -237,7 +238,7 @@ sub hrn($)
if
(
defined
($
hrn
)
&&
$
hrn
ne
""
)
{
return
$
hrn
;
}
return
"
emulab
.aggregate_"
.
$
self
->
idx
();
return
"
${PGENIDOMAIN}
.aggregate_"
.
$
self
->
idx
();
}
#
...
...
@@ -596,7 +597,7 @@ sub Create($$$)
#
#
Form
an
hrn
using
the
slicename
and
linkname
#
my
$
hrn
=
"
emulab
."
.
$
slice
->
slicename
()
.
"."
.
$
linkname
;
my
$
hrn
=
"
${PGENIDOMAIN}
."
.
$
slice
->
slicename
()
.
"."
.
$
linkname
;
return
GeniAggregate
->
Create
($
slice
,
$
owner
,
"Link"
,
$
hrn
,
$
linkname
);
}
...
...
@@ -755,7 +756,7 @@ sub Create($$$$$$)
#
#
Form
an
hrn
using
the
slicename
and
linkname
#
my
$
hrn
=
"
emulab
."
.
$
slice
->
slicename
()
.
"."
.
$
linkname
;
my
$
hrn
=
"
${PGENIDOMAIN}
."
.
$
slice
->
slicename
()
.
"."
.
$
linkname
;
my
$
aggregate
=
GeniAggregate
->
Create
($
slice
,
$
owner
,
"Tunnel"
,
$
hrn
,
$
linkname
);
...
...
protogeni/lib/GeniSA.pm.in
View file @
0cea3c39
...
...
@@ -35,6 +35,7 @@ use Data::Dumper;
#
Configure
variables
my
$
TB
=
"@prefix@"
;
my
$
OURDOMAIN
=
"@OURDOMAIN@"
;
my
$
PGENIDOMAIN
=
"@PROTOGENI_DOMAIN@"
;
#
#
Get
a
credential
for
an
object
.
Ignoring
the
type
for
now
.
If
no
credential
...
...
@@ -48,10 +49,6 @@ sub GetCredential($)
my
$
cred
=
$
argref
->{
'credential'
};
my
$
type
=
$
argref
->{
'type'
};
if
(
! (defined($uuid) && ($uuid =~ /^[-\w]*$/))) {
return
GeniResponse
->
MalformedArgsResponse
();
}
#
#
No
credential
,
then
return
a
generic
credential
giving
user
permission
#
to
do
other
things
.
...
...
@@ -89,6 +86,9 @@ sub GetCredential($)
return
GeniResponse
->
Create
(
GENIRESPONSE_SUCCESS
,
$
credential
->
asString
());
}
if
(
! (defined($uuid) && ($uuid =~ /^[-\w]*$/))) {
return
GeniResponse
->
MalformedArgsResponse
();
}
my
$
credential
=
GeniCredential
->
CreateFromSigned
($
cred
);
if
(
!defined($credential)) {
...
...
@@ -231,7 +231,7 @@ sub Resolve($)
#
XXX
Form
hrn
from
the
uid
and
domain
.
This
is
backwards
.
#
if
(
! ($hrn =~ /\./)) {
$
hrn
=
"
emulab
.${hrn}"
;
$
hrn
=
"
${PGENIDOMAIN}
.${hrn}"
;
}
$
geniuser
=
GeniUser
->
Lookup
($
hrn
,
1
);
}
...
...
@@ -269,7 +269,7 @@ sub Resolve($)
#
XXX
Form
hrn
from
the
uid
and
domain
.
This
is
backwards
.
#
if
(
! ($hrn =~ /\./)) {
$
hrn
=
"
emulab
.${hrn}"
;
$
hrn
=
"
${PGENIDOMAIN}
.${hrn}"
;
}
$
slice
=
GeniSlice
->
Lookup
($
hrn
);
}
...
...
@@ -394,7 +394,7 @@ sub Register($)
#
#
XXX
Form
hrn
from
the
uid
and
domain
.
This
is
backwards
.
#
my
$
hrn
=
"
emulab
.${hrn}"
;
my
$
hrn
=
"
${PGENIDOMAIN}
.${hrn}"
;
#
#
Generate
a
certificate
(
and
uuid
)
for
this
new
slice
.
...
...
@@ -543,7 +543,7 @@ sub Remove($)
#
XXX
Form
hrn
from
the
uid
and
domain
.
This
is
backwards
.
#
if
(
! ($hrn =~ /\./)) {
$
hrn
=
"
emulab
.${hrn}"
;
$
hrn
=
"
${PGENIDOMAIN}
.${hrn}"
;
}
$
slice
=
GeniSlice
->
Lookup
($
hrn
);
}
...
...
protogeni/lib/GeniSliver.pm.in
View file @
0cea3c39
...
...
@@ -40,6 +40,7 @@ my $TBAPPROVAL = "@TBAPPROVALEMAIL@";
my
$
TBAUDIT
=
"@TBAUDITEMAIL@"
;
my
$
BOSSNODE
=
"@BOSSNODE@"
;
my
$
OURDOMAIN
=
"@OURDOMAIN@"
;
my
$
PGENIDOMAIN
=
"@PROTOGENI_DOMAIN@"
;
my
$
SIGNCRED
=
"$TB/sbin/signgenicred"
;
my
$
AVAIL
=
"$TB/sbin/avail"
;
my
$
NALLOC
=
"$TB/bin/nalloc"
;
...
...
@@ -707,7 +708,7 @@ sub Create($$$$$)
return
undef
;
}
}
my
$
hrn
=
"
emulab
."
.
$
node
->
node_id
();
my
$
hrn
=
"
${PGENIDOMAIN}
."
.
$
node
->
node_id
();
my
$
nickname
=
$
rspec
->{
'nickname'
};
#
...
...
@@ -743,7 +744,7 @@ sub Create($$$$$)
}
my
$
vnode
=
Node
->
Lookup
($
vnodes
[
0
]);
$
uuid
=
$
vnode
->
uuid
();
$
hrn
=
"
emulab
."
.
$
vnode
->
node_id
()
$
hrn
=
"
${PGENIDOMAIN}
."
.
$
vnode
->
node_id
()
}
return
GeniSliver
->
Create
($
slice
,
$
user_uuid
,
$
uuid
,
$
resource_uuid
,
"Node"
,
$
hrn
,
$
nickname
,
$
rspec
);
...
...
@@ -1009,7 +1010,8 @@ sub Create()
$
interface_uuid
,
$
node
,
$
rspec
)
=
@
_
;
my
$
nickname
=
$
rspec
->{
'nickname'
};
my
$
hrn
=
"emulab."
.
$
node
->
node_id
()
.
"."
.
$
rspec
->{
'iface_name'
};
my
$
hrn
=
"${PGENIDOMAIN}."
.
$
node
->
node_id
()
.
"."
.
$
rspec
->{
'iface_name'
};
return
GeniSliver
->
Create
($
slice
,
$
user_uuid
,
$
interface_uuid
,
$
node
->
uuid
(),
"Interface"
,
...
...
protogeni/lib/GeniUser.pm.in
View file @
0cea3c39
...
...
@@ -498,6 +498,8 @@ use GeniUser;
use
GeniCertificate
;
use
overload
(
'""'
=>
'Stringify'
);
my
$
PGENIDOMAIN
=
"@PROTOGENI_DOMAIN@"
;
#
#
Create
a
wrapper
,
with
the
same
access
names
.
#
...
...
@@ -529,7 +531,7 @@ sub email($) { return $_[0]->{'USER'}->email(); }
sub
GetSSHKeys
($$)
{
return
$
_
[
0
]->{
'USER'
}->
GetSSHKeys
($
_
[
1
]);
}
#
Need
to
construct
this
since
not
in
User
structure
.
sub
hrn
($)
{
return
"
emulab
."
.
$
_
[
0
]->
uid
();
}
sub
hrn
($)
{
return
"
${PGENIDOMAIN}
."
.
$
_
[
0
]->
uid
();
}
#
And
this
is
in
another
structure
.
sub
cert
($)
{
return
$
_
[
0
]->{
'CERT'
}->
cert
();
}
...
...
protogeni/scripts/initsite.in
View file @
0cea3c39
...
...
@@ -41,6 +41,7 @@ my $MKCERTS = "$TB/sbin/protogeni/createcerts";
my
$ADDAUTHORITY
=
"
$TB
/sbin/protogeni/addauthority
";
my
$GETCACERTS
=
"
$TB
/sbin/protogeni/getcacerts
";
my
$MKSYSCERT
=
"
$TB
/sbin/mksyscert
";
my
$MKUSERCERT
=
"
$TB
/sbin/mkusercert
";
my
$WAP
=
"
$TB
/sbin/withadminprivs
";
my
$SACERT
=
"
$TB
/etc/genisa.pem
";
my
$CMCERT
=
"
$TB
/etc/genicm.pem
";
...
...
@@ -67,6 +68,7 @@ $| = 1;
# Load the Testbed support stuff.
use
lib
"
@prefix
@/lib
";
use
libtestbed
;
use
User
;
use
Project
;
...
...
@@ -176,6 +178,7 @@ if (!defined($geniuser)) {
fatal
("
Need to do an install
")
if
(
!
-
e
"
$TB
/etc/protogeni/geniuser.xml
");
print
"
Creating Geni pseudo user ...
\n
";
system
("
$SUDO
-u
$PROTOUSER
$WAP
$NEWUSER
$TB
/etc/protogeni/geniuser.xml
");
fatal
("
Could not create geni user
")
if
(
$?
);
...
...
@@ -184,6 +187,12 @@ if (!defined($geniuser)) {
fatal
("
Could not verify geni user
")
if
(
$?
);
# Create an encrypted certificate for the test scripts.
my
$passwd
=
substr
(
TBGenSecretKey
(),
0
,
10
);
system
("
$SUDO
-u
$PROTOUSER
$WAP
$MKUSERCERT
-p '
$passwd
'
$geniuserid
");
fatal
("
Could not create encrypted certificate for geni user
")
if
(
$?
);
$geniuser
=
User
->
Lookup
(
$geniuserid
);
fatal
("
Could not lookup
$geniuserid
")
if
(
!
defined
(
$geniuser
));
...
...
@@ -193,6 +202,7 @@ if (!defined($geniproj)) {
fatal
("
Need to do an install
")
if
(
!
-
e
"
$TB
/etc/protogeni/geniproj.xml
");
print
"
Creating Geni slices project ...
\n
";
system
("
$SUDO
-u
$PROTOUSER
$WAP
$NEWPROJ
$TB
/etc/protogeni/geniproj.xml
");
fatal
("
Could not create geni project
")
if
(
$?
);
...
...
@@ -211,6 +221,7 @@ $geniproj->Refresh();
#
# Databases.
#
print
"
Creating Databases ...
\n
";
foreach
my
$dbname
("
geni
",
"
geni-ch
",
"
geni-cm
")
{
if
(
system
("
$MYSQLSHOW
$dbname
>/dev/null 2>/dev/null
"))
{
system
("
$MYSQLADMIN
create
$dbname
")
==
0
...
...
@@ -238,17 +249,20 @@ if (! -e "$TB/lib/ssl/syscert.cnf") {
exit
(
1
);
}
if
(
!
-
e
$CMCERT
)
{
print
"
Creating CM certificate ...
\n
";
system
("
$SUDO
-u
$PROTOUSER
$MKSYSCERT
-o
$CMCERT
"
.
"
-u
$TBBASE
/protogeni/xmlrpc/cm
$PGENIDOMAIN
.cm
")
==
0
or
fatal
("
Could not generate
$CMCERT
");
}
if
(
!
-
e
$SACERT
)
{
print
"
Creating SA certificate ...
\n
";
system
("
$SUDO
-u
$PROTOUSER
$MKSYSCERT
-o
$SACERT
"
.
"
-u
$TBBASE
/protogeni/xmlrpc/sa
$PGENIDOMAIN
.sa
")
==
0
or
fatal
("
Could not generate
$SACERT
");
}
if
(
$asch
)
{
if
(
!
-
e
$CHCERT
)
{
print
"
Creating CH certificate ...
\n
";
system
("
$SUDO
-u
$PROTOUSER
$MKSYSCERT
-o
$CHCERT
"
.
"
-u
$TBBASE
/protogeni/xmlrpc/ch
$PGENIDOMAIN
.ch
")
==
0
or
fatal
("
Could not generate
$CHCERT
");
...
...
@@ -277,6 +291,7 @@ else {
#
# Grab the CH certificate from Utah. Only one for now.
#
print
"
Fetching clearinghouse certificate from Utah ...
\n
";
system
("
$FETCH
-q -o
$CHCERT
http://boss.emulab.net/genich.pem
")
==
0
or
fatal
("
Could not fetch clearinghouse certificate from Utah
");
}
...
...
@@ -297,6 +312,7 @@ if (!defined($context)) {
# Note that we had to send the clearinghouse $TB/etc/emulab.pem so they
# know about this new site. That is sent out of band (email).
#
print
"
Getting credential to talk to clearinghouse ...
\n
";
my
$credential
=
GeniRegistry::
ClearingHouse
->
GetCredential
(
$context
);
if
(
!
defined
(
$credential
))
{
fatal
("
Could not get credential to talk to clearinghouse
");
...
...
@@ -308,7 +324,15 @@ if (!defined($clearinghouse)) {
}
#
# Register our certs.
# Add certs to the local SA database.
#
system
("
$ADDAUTHORITY
$SACERT
sa
")
==
0
or
fatal
("
Could not add SA certificate
");
system
("
$ADDAUTHORITY
$CMCERT
cm
")
==
0
or
fatal
("
Could not add CM certificate
");
#
# Register our certs at the clearinghouse.
#
print
"
Registering SA cert at the clearinghouse.
\n
";
if
(
$clearinghouse
->
Register
("
SA
",
$certificate
->
cert
()))
{
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment