1. 17 Oct, 2012 1 commit
  2. 15 Mar, 2012 1 commit
    • Leigh Stoller's avatar
      Add a new localize_mfs script (based on stuff that was in the mfs · e894ec36
      Leigh Stoller authored
      install script, but I pulled out to create an independent script).
      This works on both freebsd and linux based MFSs. The intent is to do
      all of the localization automcatically for site admins, so that they
      can import new MFSs more easily. This is also used from the new
      install code to bring in the initial MFSs and localize them.
      
      Here is what we localize:
      
      * The timezone is copied from boss:/etc/localtime to mfs:/etc. Ryan
        says the upcoming version of the linux MFS will actually use
        localtime. 
      
      * Copy boss:/usr/testbed/etc/{emulab.pem,client.pem} to mfs:/etc/emulab. 
        The former is for TPM, the later for the ssl version of tmcc.
      
      * Copy out boss root ssh keys (pub) to mfs:/root/.ssh/authorized_keys.
        In an ElabInElab we take care to combine with outer boss keys.
      
      * Copy out the image ssh host keys. These are the keys that we put on
        every image to avoid the ssh host key change sillyness. See notes
        below on how these keys are initialized on an existing emulab. The
        keys are copied from boss:/usr/testbed/etc/image_hostkeys to
        mfs:/etc/ssh directory.
        
      * Initialize the root and toor passwords from a new sitevar named
        images/root_password (which is the encryption hash, not plain
        text). See notes below on how this sitevar is initialized on an
        existing emulab.
      
      About initializing the host keys and the root password hash ... I
      added a new update script (27) that will go out to the current frisbee
      MFS and mount it, grab the current keys and password hash, and put
      them into place on boss. At the moment I only look for a FreeBSD
      frisbee MFS, since not too many people are running the linux mfs, and
      this was hard enough as it is!
      
      For a new installation, a new install phase script will build the them
      and install into /usr/testbed/etc/image_hostkeys. I have not dealt
      with the password yet.
      e894ec36