Commit 4303838f authored by Leigh B. Stoller's avatar Leigh B. Stoller

Add new console_reset script to bulk reset all of the tip lines on

plastic. Useful for when plastic reboots, although it needs to be
run from paper of course. We should probably set up some kind of
reboot utility for when plastic reboots, since when capture fires up,
the "acl" files are all in the wrong group/mode. On the other hand,
this shared file based permission scheme is going to end up changing
anyway soon, since it won't work when the serial lines are on other
machines. Will need a tip permserver at that point.
parent 34499cb6
......@@ -1029,6 +1029,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
pxe/GNUmakefile pxe/proxydhcp.restart pxe/bootinfo.restart \
security/GNUmakefile security/paperbag \
tbsetup/GNUmakefile tbsetup/console_setup tbsetup/mkacct-ctrl \
tbsetup/console_reset \
tbsetup/os_load tbsetup/os_setup tbsetup/mkprojdir tbsetup/power \
tbsetup/node_reboot tbsetup/webnscheck tbsetup/nscheck \
tbsetup/resetvlans tbsetup/rmacct-ctrl tbsetup/rmproj \
......
......@@ -151,6 +151,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
pxe/GNUmakefile pxe/proxydhcp.restart pxe/bootinfo.restart \
security/GNUmakefile security/paperbag \
tbsetup/GNUmakefile tbsetup/console_setup tbsetup/mkacct-ctrl \
tbsetup/console_reset \
tbsetup/os_load tbsetup/os_setup tbsetup/mkprojdir tbsetup/power \
tbsetup/node_reboot tbsetup/webnscheck tbsetup/nscheck \
tbsetup/resetvlans tbsetup/rmacct-ctrl tbsetup/rmproj \
......
......@@ -18,7 +18,8 @@ BIN_STUFF = power snmpit tbend tbswapin tbswapout tbprerun tbreport \
USERBINS = os_load node_reboot nscheck
SBIN_STUFF = resetvlans console_setup.proxy sched_reload named_setup \
batch_daemon exports_setup reload_daemon sched_reserve
batch_daemon exports_setup reload_daemon sched_reserve \
console_reset
LIBEXEC_STUFF = mkprojdir rmproj mkacct-ctrl rmacct-ctrl \
os_setup mkexpdir console_setup webnscheck \
......
#!/usr/bin/perl -wT
use English;
#
# usage: console_reset
#
sub usage()
{
print STDOUT "Usage: console_reset\n";
exit(-1);
}
#
# Configure variables
#
my $TB = "@prefix@";
my $TESTMODE = "@TESTMODE@";
#
# Testbed Support libraries
#
use lib "@prefix@/lib";
use libdb;
use libtestbed;
# Turn off line buffering on output
$| = 1;
my $consetup = "$TB/libexec/console_setup";
my @row;
my @nodes = ();
my %shelves = ();
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
if (@ARGV) {
usage();
}
#
# Only root or admins should run this script.
#
if ($UID && !TBAdmin($UID)) {
die("Only root or TB admins can run this script.");
}
#
# Get a list of all of the experimental nodes.
#
my $query_result =
DBQueryFatal("select node_id from nodes where role='testnode'");
while (@row = $query_result->fetchrow_array()) {
my $node = $row[0];
push(@nodes, $node);
}
#
# Issue small batches of setup.
#
while (@nodes) {
my @batch = ();
my $i = 0;
while ($i < 10 && @nodes > 0) {
my $node = shift(@nodes);
#
# Another classic shark hack. Only add shelves to the list.
#
if ($node =~ /(sh\d+)-\d+/) {
if (defined($shelves{$1})) {
next;
}
$shelves{$1} = $1;
$node = $1;
}
push(@batch, $node);
$i++;
}
print "Issuing console_setup for @batch ...\n";
system("$consetup @batch");
}
exit 0;
......@@ -14,6 +14,7 @@ my $TIPDEVDIR = "/dev/tip";
my $TBPID = "flux";
my $dbg = 1;
my %nodepid = ();
my $failures = 0;
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
......@@ -63,14 +64,19 @@ if (! chdir($TIPLOGDIR)) {
# Well, do it.
#
foreach my $node ( keys %nodepid ) {
$pid = $nodepid{$node};
my $pid = $nodepid{$node};
my $filename = "${node}.run";
my $tipdevname = "$TIPDEVDIR/$node";
my $aclname = "$TIPDEVDIR/$node.acl";
#
# Find out the current group setting for the file.
#
$filename = "${node}.run";
if (! -e $filename) {
die("Console log $filename for $node does not exist!");
print STDERR
"*** Console log for $node does not exist! Skipping ...\n";
$failures++;
next;
}
# This is silly! Is there a better way to do this?
(undef,undef,undef,undef,undef,$gid) = stat($filename);
......@@ -81,7 +87,7 @@ foreach my $node ( keys %nodepid ) {
# rolling.
#
if (getgrgid($gid) eq $pid) {
next;
goto setperms;
}
unlink($filename) or
......@@ -126,7 +132,6 @@ foreach my $node ( keys %nodepid ) {
# inaccessible to both old and new users while we revoke access from
# any current tip user.
#
$tipdevname = "$TIPDEVDIR/$node";
chmod(0600, $tipdevname) or
die("Could not chmod(0600) $tipdevname: $!");
......@@ -134,7 +139,6 @@ foreach my $node ( keys %nodepid ) {
# Ditto for the "acl" file, which is how socket based tip/capture enforce
# protection of the console line.
#
$aclname = "$TIPDEVDIR/$node.acl";
if (-e $aclname) {
chmod(0600, $aclname) or
die("Could not chmod(0600) $aclname: $!");
......@@ -152,6 +156,7 @@ foreach my $node ( keys %nodepid ) {
# allows the new group to access the tip line using a non-setuid/gid
# program.
#
setperms:
chown(0, $gid, $tipdevname) or
die("Could not chown(0, $gid) $tipdevname: $!");
chmod(0660, $tipdevname) or
......@@ -168,4 +173,5 @@ foreach my $node ( keys %nodepid ) {
}
}
# Don't worry about failures. Non-fatal.
exit 0;
......@@ -14,6 +14,7 @@ my $TIPDEVDIR = "/dev/tip";
my $TBPID = "flux";
my $dbg = 1;
my %nodepid = ();
my $failures = 0;
# un-taint path
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
......@@ -63,14 +64,19 @@ if (! chdir($TIPLOGDIR)) {
# Well, do it.
#
foreach my $node ( keys %nodepid ) {
$pid = $nodepid{$node};
my $pid = $nodepid{$node};
my $filename = "${node}.run";
my $tipdevname = "$TIPDEVDIR/$node";
my $aclname = "$TIPDEVDIR/$node.acl";
#
# Find out the current group setting for the file.
#
$filename = "${node}.run";
if (! -e $filename) {
die("Console log $filename for $node does not exist!");
print STDERR
"*** Console log for $node does not exist! Skipping ...\n";
$failures++;
next;
}
# This is silly! Is there a better way to do this?
(undef,undef,undef,undef,undef,$gid) = stat($filename);
......@@ -81,7 +87,7 @@ foreach my $node ( keys %nodepid ) {
# rolling.
#
if (getgrgid($gid) eq $pid) {
next;
goto setperms;
}
unlink($filename) or
......@@ -126,7 +132,6 @@ foreach my $node ( keys %nodepid ) {
# inaccessible to both old and new users while we revoke access from
# any current tip user.
#
$tipdevname = "$TIPDEVDIR/$node";
chmod(0600, $tipdevname) or
die("Could not chmod(0600) $tipdevname: $!");
......@@ -134,7 +139,6 @@ foreach my $node ( keys %nodepid ) {
# Ditto for the "acl" file, which is how socket based tip/capture enforce
# protection of the console line.
#
$aclname = "$TIPDEVDIR/$node.acl";
if (-e $aclname) {
chmod(0600, $aclname) or
die("Could not chmod(0600) $aclname: $!");
......@@ -152,6 +156,7 @@ foreach my $node ( keys %nodepid ) {
# allows the new group to access the tip line using a non-setuid/gid
# program.
#
setperms:
chown(0, $gid, $tipdevname) or
die("Could not chown(0, $gid) $tipdevname: $!");
chmod(0660, $tipdevname) or
......@@ -168,4 +173,5 @@ foreach my $node ( keys %nodepid ) {
}
}
# Don't worry about failures. Non-fatal.
exit 0;
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment