1. 03 Sep, 2008 7 commits
  2. 02 Sep, 2008 2 commits
  3. 29 Aug, 2008 7 commits
    • Kevin Atkinson's avatar
      Fix dumperrorlog so it can recover from aborted precious runs. · cf1872fb
      Kevin Atkinson authored
      Don't update lastlog_seqnum until _all_ the data is copied, not
      just the data from the log data.
      Protect dumperrorlog with a lock to keep multiple instances form
      running at the same time.
    • Ryan Jackson's avatar
      Modified patch to not use the binary (system call) sysctl interface. As far... · 77552a32
      Ryan Jackson authored
      Modified patch to not use the binary (system call) sysctl interface.  As far as I can tell, we don't need it anyway as we only access the ipod settings via /proc/sys.  See Documentation/sysctl/ctl_unnumbered.txt in the kernel source for the current policy regarding binary sysctls.
    • Leigh B. Stoller's avatar
    • Leigh B. Stoller's avatar
    • Leigh B. Stoller's avatar
    • Leigh B. Stoller's avatar
    • Leigh B. Stoller's avatar
      A set up small changes for GENI. · f28bbfa6
      Leigh B. Stoller authored
      * Hacky tmcd redirection. If the reserved table slot tmcd_redirect is
        set, return redirect spec that tells the client tmcc to drop the
        connection and retry the server at the new location, using the vnode
        id that is part of the redirection string. Note that tmcd_redirect
        is set on the remote emulab by the Geni startsliver code.
      * Neuter the privkey stuff that we require of remote nodes. In fact,
        its already only required for RON nodes, and rather then yet another
        exception, just kill it. It offers us nothing.
      * Neuter the ssl client verification. This is where we verify the
        client certificate has a CN field with the type of the node equal to
        type the DB says it is. This is also a pointless check since is
        offers us nothing additional; the client certificate already had to
        be signed by us. Tired of adding special cases to the code for each
        new node type.
      * Temporary neutering of the requirement that all remote nodes use ssl
        to talk to tmcd. The problem here is that remote nodes on other
        testbeds will not have the proper certificate on their images, and
        so they will not be able to talk to our tmcd. Since we do not return
        anything sensitive via tmcd, I have relaxed this requirement for
        now, and changed the check so that functions with newly added flag
        F_REMREQSSL will not be allowed unless it is ssl. For the protogeni
        code this will do since I only need a few things.
      * For tmcd on the remote testbeds, there is new code in doaccounts
        that will return accounts and ssh keys from the nonlocal users
        table.  This table is set up by the Geni libraries during sliver
        creation (from the registry entry for the slice).
  4. 28 Aug, 2008 3 commits
  5. 27 Aug, 2008 4 commits
  6. 26 Aug, 2008 4 commits
  7. 25 Aug, 2008 3 commits
  8. 22 Aug, 2008 5 commits
  9. 21 Aug, 2008 5 commits
    • David Johnson's avatar
    • David Johnson's avatar
      Remove some debug info. · 6d6861bf
      David Johnson authored
    • David Johnson's avatar
    • David Johnson's avatar
    • David Johnson's avatar
      Add a new client side script, osconfig, that can update an MFS or a · dc10d326
      David Johnson authored
      frisbee-loaded slice based on a tarball downloaded from boss.  For now,
      the tarball is dynamically created by boss based on params sent to the
      osconfig_dump.php script; it is populated with files and a MANIFEST based
      on the files and constraints in the osconfig_* tables, which are pretty
      self-explanatory.  Transport is not secure, nor intended to be -- nodes on
      the control net or widearea nodes auth'd with a privkey can grab stuff
      destined to them based on their IP addr.  For the MFS case, the tarball is
      unpacked and the MANIFEST entries are executed/copied/extracted, and
      (nearly all of) the client side is re-run.  For the slicefix case, we just
      execute/copy/extract the MANIFEST entries in the mounted slice... there
      are some useful env vars set for scripts to use.
      If this mechanism ever becomes generally useful, or we're pushing big update
      tarballs, we'll have to add a caching mechanism (doh).  Right now, it's just
      for dongle-booted nodes or widearea nodes on which we cannot update the
      physical boot media without much pain; as well as for making major whacks
      to frisbee-loaded slices, which we need for the widearea case.
      Also, call this from rc.cdboot (to update a "read-only" (real media is
      mounted ro, but other parts of the fs are rw via unionfs or mfs) MFS),
      and from slicefix.
      NOTE: the client side osconfig script does not get installed from the
      makefile; this is intentional.  This script should not be placed in our
      local tftp'd MFSes, at least until there's some need for it!