Commit e468f885 authored by Leigh Stoller's avatar Leigh Stoller

Add image import utilities.

image_setup is run from tbprerun to verify and create image
descriptors, and then later from tbswap to actually download
and verify the image (ndz) file.

image_import does the actual work for a specific image (url).
parent 93f057a1
......@@ -46,7 +46,7 @@ SBIN_STUFF = resetvlans console_setup.proxy sched_reload named_setup \
elabinelab snmpit.proxy panic node_attributes \
nfstrace plabinelab smbpasswd_setup smbpasswd_setup.proxy \
rmproj snmpit.proxynew snmpit.proxyv2 pool_daemon \
checknodes_daemon snmpit.proxyv3
checknodes_daemon snmpit.proxyv3 image_setup
ifeq ($(ISMAINSITE),1)
SBIN_STUFF += repos_daemon
......
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2003-2012 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
use Getopt::Std;
use Socket;
#
# Fetch external image definitions and create local descriptors.
#
sub usage()
{
print "Usage: $0 [-d] [-v] [-g] eid\n";
print("Options:\n");
print(" -d - Turn on debugging\n");
print(" -v - Verify XML descriptions only\n");
print(" -g - Download image after creating descriptors\n");
exit(-1);
}
my $optlist = "dvg";
my $debug = 0;
my $verify = 0;
my $getimages= 0;
#
# Functions
#
sub verifyURL($);
#
# Configure variables
#
my $TB = "@prefix@";
my $TBOPS = "@TBOPSEMAIL@";
my $IMPORTER = "$TB/sbin/image_import";
#
# Turn off line buffering on output
#
$| = 1;
#
# Untaint the path
#
$ENV{'PATH'} = "$TB/bin:$TB/sbin:/bin:/usr/bin:/sbin:/usr/sbin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
#
# Testbed Support libraries
#
use lib "@prefix@/lib";
use libtestbed;
use libdb;
use libtblog;
use Experiment;
use Image;
use User;
my %options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"v"})) {
$verify = 1;
}
if (defined($options{"d"})) {
$debug = 1;
}
if (defined($options{"g"})) {
$getimages = 1;
}
if (@ARGV != 1) {
usage();
}
#
# Verify user and get his DB uid and other info for later.
#
my $this_user = User->ThisUser();
if (! defined($this_user)) {
tbdie("You ($UID) do not exist!");
}
my $user_uid = $this_user->uid();
#
# First, make sure the experiment exists
#
my $experiment = Experiment->Lookup($ARGV[0]);
if (! $experiment) {
tbdie("There is no such experiment");
}
my $pid = $experiment->pid();
my $eid = $experiment->eid();
#
# User must have at least MODIFY permissions to use this script
#
if (!$experiment->AccessCheck($this_user, TB_EXPT_MODIFY())) {
tbdie("You are not allowed to modify experiment $eid in project $pid");
}
#
# Look for any nodes that specify a url for the osname.
#
my $result = $experiment->TableLookUp("virt_nodes", "vname,osname");
while (my ($vname, $osname) = $result->fetchrow()) {
my $url;
next
if (! ($osname =~ /^(ftp|http|https):/));
# Verify entire URL and taint check.
if ($osname =~ /^((http|https|ftp)\:\/\/[-\w\.\/\@\:\~\?\=\&]*)$/) {
$url = $1;
}
else {
tbdie("Invalid URL $osname\n");
}
my $safe_url = User::escapeshellarg($url);
#
# See if we have already created this descriptor. If so, we
# do not do anything until later when the experiment is
# being swapped in. At this point, we just want to verify
# the information and create the descriptor. Later we will
# fetch the image file, or refetch if it is stale.
#
my $image = Image->LookupByURL($url);
if (!defined($image)) {
my $opts = "";
$opts .= " -d"
if ($debug);
$opts .= " -v"
if ($verify);
system("$IMPORTER $opts -p $pid $safe_url");
exit(-1)
if ($?);
}
next
if ($verify);
$image = Image->LookupByURL($url);
if (!defined($image)) {
tbdie("Could not look up image object for $url\n");
}
next
if (! $getimages);
my $opts = "";
$opts .= " -d"
if ($debug);
system("$IMPORTER $opts -g -p $pid $safe_url");
exit(-1)
if ($?);
}
exit(0);
......@@ -30,7 +30,7 @@ SBIN_SCRIPTS = vlandiff vlansync withadminprivs export_tables cvsupd.pl \
prereserve grantimage getimages localize_mfs \
management_iface sharevlan check-shared-bw \
addspecialdevice addspecialiface imagehash clone_image \
addvpubaddr imageinfo ctrladdr
addvpubaddr imageinfo ctrladdr image_import
WEB_SBIN_SCRIPTS= webnewnode webdeletenode webspewconlog webarchive_list \
webwanodecheckin webspewimage webdumpdescriptor
......@@ -44,7 +44,7 @@ CTRLSBIN_SCRIPTS= opsdb_control.proxy daemon_wrapper
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS = create_image
SETUID_SBIN_SCRIPTS = grabwebcams checkquota spewconlog opsdb_control suchown \
anonsendmail readblob
anonsendmail readblob image_import
SETUID_SUEXEC_SCRIPTS = xlogin
#
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment