Commit 7fc24a33 authored by Mike Hibler's avatar Mike Hibler

Compensate for AMD mountpoint on boss-side users/proj/groups checks.

parent bea653e8
...@@ -67,3 +67,4 @@ ...@@ -67,3 +67,4 @@
#undef NOVIRTNFSMOUNTS #undef NOVIRTNFSMOUNTS
#undef WITHZFS #undef WITHZFS
#undef WITHAMD
...@@ -665,6 +665,8 @@ ZFS_ROOT ...@@ -665,6 +665,8 @@ ZFS_ROOT
ZFS_QUOTA_USER ZFS_QUOTA_USER
ZFS_QUOTA_PROJECT ZFS_QUOTA_PROJECT
ZFS_QUOTA_GROUP ZFS_QUOTA_GROUP
WITHAMD
AMD_ROOT
NOVIRTNFSMOUNTS NOVIRTNFSMOUNTS
IMAGEDELTAS IMAGEDELTAS
PROFILEVERSIONS PROFILEVERSIONS
...@@ -5109,6 +5111,8 @@ ZFS_ROOT=z ...@@ -5109,6 +5111,8 @@ ZFS_ROOT=z
ZFS_QUOTA_USER="1G" ZFS_QUOTA_USER="1G"
ZFS_QUOTA_PROJECT="100G" ZFS_QUOTA_PROJECT="100G"
ZFS_QUOTA_GROUP="10G" ZFS_QUOTA_GROUP="10G"
WITHAMD=0
AMD_ROOT=/.amd_mnt
# #
# XXX You really don't want to change these! # XXX You really don't want to change these!
...@@ -5501,6 +5505,12 @@ if test $WITHZFS -eq 1; then ...@@ -5501,6 +5505,12 @@ if test $WITHZFS -eq 1; then
#define WITHZFS 1 #define WITHZFS 1
_ACEOF _ACEOF
fi
if test $WITHAMD -eq 1; then
cat >>confdefs.h <<_ACEOF
#define WITHAMD 1
_ACEOF
fi fi
cat >>confdefs.h <<_ACEOF cat >>confdefs.h <<_ACEOF
#define IMPORT_TMPDIR "$IMPORT_TMPDIR" #define IMPORT_TMPDIR "$IMPORT_TMPDIR"
......
...@@ -300,6 +300,8 @@ AC_SUBST(ZFS_ROOT) ...@@ -300,6 +300,8 @@ AC_SUBST(ZFS_ROOT)
AC_SUBST(ZFS_QUOTA_USER) AC_SUBST(ZFS_QUOTA_USER)
AC_SUBST(ZFS_QUOTA_PROJECT) AC_SUBST(ZFS_QUOTA_PROJECT)
AC_SUBST(ZFS_QUOTA_GROUP) AC_SUBST(ZFS_QUOTA_GROUP)
AC_SUBST(WITHAMD)
AC_SUBST(AMD_ROOT)
# #
# Offer both versions of the email addresses that have the @ escaped # Offer both versions of the email addresses that have the @ escaped
...@@ -451,6 +453,8 @@ ZFS_ROOT=z ...@@ -451,6 +453,8 @@ ZFS_ROOT=z
ZFS_QUOTA_USER="1G" ZFS_QUOTA_USER="1G"
ZFS_QUOTA_PROJECT="100G" ZFS_QUOTA_PROJECT="100G"
ZFS_QUOTA_GROUP="10G" ZFS_QUOTA_GROUP="10G"
WITHAMD=0
AMD_ROOT=/.amd_mnt
# #
# XXX You really don't want to change these! # XXX You really don't want to change these!
...@@ -657,6 +661,9 @@ fi ...@@ -657,6 +661,9 @@ fi
if test $WITHZFS -eq 1; then if test $WITHZFS -eq 1; then
AC_DEFINE_UNQUOTED(WITHZFS, 1) AC_DEFINE_UNQUOTED(WITHZFS, 1)
fi fi
if test $WITHAMD -eq 1; then
AC_DEFINE_UNQUOTED(WITHAMD, 1)
fi
AC_DEFINE_UNQUOTED(IMPORT_TMPDIR, "$IMPORT_TMPDIR") AC_DEFINE_UNQUOTED(IMPORT_TMPDIR, "$IMPORT_TMPDIR")
LOG_TESTBED=`echo "LOG_$TBLOGFACIL" | tr a-z A-Z` LOG_TESTBED=`echo "LOG_$TBLOGFACIL" | tr a-z A-Z`
......
...@@ -141,3 +141,4 @@ ZFS_ROOT=z ...@@ -141,3 +141,4 @@ ZFS_ROOT=z
ZFS_QUOTA_USER="1G" ZFS_QUOTA_USER="1G"
ZFS_QUOTA_PROJECT="100G" ZFS_QUOTA_PROJECT="100G"
ZFS_QUOTA_GROUP="10G" ZFS_QUOTA_GROUP="10G"
WITHAMD=1
...@@ -67,6 +67,15 @@ $MAILTAG = "@THISHOMEBASE@"; ...@@ -67,6 +67,15 @@ $MAILTAG = "@THISHOMEBASE@";
$SYSTEM_DEBUG = 0; $SYSTEM_DEBUG = 0;
@EXPORT_OK = qw($SYSTEM_DEBUG); @EXPORT_OK = qw($SYSTEM_DEBUG);
#
# If AMD is used on boss (currently, only if ZFS is used to
# provide per-user and per-project filesystems), then we have to
# account for the AMD mount point (e.g., "/.amd_mnt") when determining
# if a path is valid or not.
#
my $WITHAMD = "@WITHAMD@";
my $AMDROOT = "@AMD_ROOT@";
# #
# Real mount points (on the fileserver) for exported directories. # Real mount points (on the fileserver) for exported directories.
# At the moment, we have no reason to export these via functions. # At the moment, we have no reason to export these via functions.
...@@ -523,6 +532,13 @@ sub TBValidUserDir($$;$$$) ...@@ -523,6 +532,13 @@ sub TBValidUserDir($$;$$$)
if ($FSDIR_SCRATCH) { if ($FSDIR_SCRATCH) {
$sroot = $FSDIR_SCRATCH; $sroot = $FSDIR_SCRATCH;
} }
} elsif ($WITHAMD) {
$uroot = $AMDROOT/$USERROOT;
$proot = $AMDROOT/$PROJROOT;
$groot = $AMDROOT/$GROUPROOT;
if ($FSDIR_SCRATCH) {
$sroot = $AMDROOT/$SCRATCHROOT;
}
} else { } else {
$uroot = $USERROOT; $uroot = $USERROOT;
$proot = $PROJROOT; $proot = $PROJROOT;
......
...@@ -56,6 +56,7 @@ my $TB = "@prefix@"; ...@@ -56,6 +56,7 @@ my $TB = "@prefix@";
my $parser = "$TB/libexec/parse-ns"; my $parser = "$TB/libexec/parse-ns";
my $status = 0; my $status = 0;
my $dirname; my $dirname;
my $ISFS = ("@BOSSNODE_IP@" eq "@FSNODE_IP@") ? 1 : 0;
# #
# Testbed Support libraries # Testbed Support libraries
...@@ -123,7 +124,7 @@ else { ...@@ -123,7 +124,7 @@ else {
if (! ($tempfile =~ /^\/tmp\/[-\w]+-\d+\.nsfile/) && if (! ($tempfile =~ /^\/tmp\/[-\w]+-\d+\.nsfile/) &&
! ($tempfile =~ /^\/var\/tmp\/php\w+/) && ! ($tempfile =~ /^\/var\/tmp\/php\w+/) &&
! ($tempfile =~ /^\/tmp\/php\w+/) && ! ($tempfile =~ /^\/tmp\/php\w+/) &&
! TBValidUserDir($tempfile, 0)) { ! TBValidUserDir($tempfile, $ISFS)) {
fatal("$tempfile does not resolve to an appropriate directory!\n"); fatal("$tempfile does not resolve to an appropriate directory!\n");
} }
......
...@@ -136,6 +136,7 @@ my $CONTROL = "@USERNODE@"; ...@@ -136,6 +136,7 @@ my $CONTROL = "@USERNODE@";
my $NONFS = @NOSHAREDFS@; my $NONFS = @NOSHAREDFS@;
my $WITHPROVENANCE= @IMAGEPROVENANCE@; my $WITHPROVENANCE= @IMAGEPROVENANCE@;
my $WITHDELTAS = @IMAGEDELTAS@; my $WITHDELTAS = @IMAGEDELTAS@;
my $ISFS = ("@BOSSNODE_IP@" eq "@FSNODE_IP@") ? 1 : 0;
# #
# Testbed Support libraries # Testbed Support libraries
...@@ -688,7 +689,7 @@ if (-d $filename) { ...@@ -688,7 +689,7 @@ if (-d $filename) {
# runs as the caller, regular file permission checks ensure its a file # runs as the caller, regular file permission checks ensure its a file
# the user is allowed to use. # the user is allowed to use.
# #
if (! TBValidUserDir($filename, 0)) { if (! TBValidUserDir($filename, $ISFS)) {
die("*** $0:\n". die("*** $0:\n".
" $filename does not resolve to an allowed directory!\n"); " $filename does not resolve to an allowed directory!\n");
} }
......
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2005 University of Utah and the Flux Group. # Copyright (c) 2005, 2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -29,9 +29,12 @@ use Cwd qw(realpath); ...@@ -29,9 +29,12 @@ use Cwd qw(realpath);
# #
# Configure variables # Configure variables
# #
my $TB = "@prefix@"; my $TB = "@prefix@";
my $FSDIR_PROJ = "@FSDIR_PROJ@"; my $FSDIR_PROJ = "@FSDIR_PROJ@";
my $FSDIR_GROUPS = "@FSDIR_GROUPS@"; my $FSDIR_GROUPS = "@FSDIR_GROUPS@";
my $ISFS = ("@BOSSNODE_IP@" eq "@FSNODE_IP@") ? 1 : 0;
my $WITHAMD = "@WITHAMD@";
my $AMDROOT = "@AMD_ROOT@";
use lib "@prefix@/lib"; use lib "@prefix@/lib";
use libdb; use libdb;
...@@ -80,9 +83,19 @@ if ($src =~ /^($tmpdir\/php[\w]+)$/) { ...@@ -80,9 +83,19 @@ if ($src =~ /^($tmpdir\/php[\w]+)$/) {
die("*** Source isn't a php temp file.\n"); die("*** Source isn't a php temp file.\n");
} }
my $pr = PROJROOT(); my ($pr,$gr);
my $gr = GROUPROOT(); if ($ISFS) {
if ($dst =~ /^(($pr|$FSDIR_PROJ|$gr|$FSDIR_GROUPS)\/[-\w\/.]+)$/) { $pr = FSDIR_PROJ;
$gr = FSDIR_GROUPS;
} else {
$pr = PROJROOT();
$gr = GROUPROOT();
if ($AMDROOT) {
$pr = "$AMDROOT/$pr";
$gr = "$AMDROOT/$gr";
}
}
if ($dst =~ /^(($pr|$gr)\/[-\w\/.]+)$/) {
$dst = $1; $dst = $1;
} else { } else {
die("*** Destination must be in " die("*** Destination must be in "
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment