1. 29 May, 2020 1 commit
    • Leigh B Stoller's avatar
      Mike asks "can I have consoles on the buses?". I say sure, no problem: · 555b3b2a
      Leigh B Stoller authored
      Didn't really give it much thought when I said that. Anyway, the browser
      consoles on the buses are tricky cause ops does not have a routable IP,
      and that is where shellinabox runs, using tiptunnel to connect to the
      capture on boss.
      I did not want to move shellinabox to boss, its a big pile of gross code
      that I treat as a black box.
      So ... I found my thimble full of mod_proxy and mod_rewrite skills,
      and managed to use apache on boss, to proxy over to the shellinaboxd
      on ops, which talks back to boss. Will this circle stay unbroken?
  2. 12 May, 2020 1 commit
  3. 15 Apr, 2020 1 commit
  4. 03 Feb, 2020 1 commit
    • chuck cranor's avatar
      add finer grain control over what features are presented in the aptui · 862417f1
      chuck cranor authored
      These variables allow for a finer grain control over how these newer
      experimental features are presented to users.  possible values for
      these variables:
              0: [the default]  include these features in the UI for all
              1: only show these features to admins in "red dot" mode
              2: never show these features in the UI (even for admins)
      sites that can't or aren't using these features can use this to
      remove them from the UI to help prevent their users from becoming
  5. 21 Oct, 2019 1 commit
  6. 20 Sep, 2019 1 commit
  7. 19 Sep, 2019 1 commit
  8. 12 Sep, 2019 1 commit
  9. 17 Jun, 2019 1 commit
    • chuck cranor's avatar
      add UI_EXTERNAL_ACCOUNTS to defs file for better UI config · b97bf0e9
      chuck cranor authored
      This patch adds the UI_EXTERNAL_ACCOUNTS configuration variable
      to the defs file.  The high-level goal is to allow Emulab to function
      in labs where user accounts and passwords changes/resets are managed
      externally from Emulab (e.g. in some other database or maybe even
      in an LDAP).  This variable impacts both the "request an account" and
      "password change" workflows:
      [1] "request an account" - If UI_EXTERNAL_ACCOUNTS is set to 1,
          it will remove/disable all "create a new account" functions from
          the UI.   as part of this, we restore "Allow for a site specific
          front page" to the portal frontpage so that frontpage.html can
          be edited to remove the "request an account" button on the
          default home page.
          impacts www/aptui/frontpage.php, www/aptui/quickvm_sup.php,
          www/aptui/signup.php, www/joinproject.php3, www/menu.php3,
          and www/newproject.php3
      [2] "password change"  - If UI_EXTERNAL_ACCOUNTS is set to 1,
          it will remove all "change password" and "forgot password" functions
          from the UI.
          impacts www/aptui/changepswd.php, www/aptui/forgotpswd.php,
          www/aptui/login.php, /www/aptui/quickvm_sup.php, www/login.php3,
          www/moduserinfo.php3, and www/password.php3
  10. 29 Oct, 2018 1 commit
  11. 18 Apr, 2018 1 commit
  12. 04 Oct, 2017 1 commit
  13. 08 Aug, 2017 1 commit
  14. 06 Jul, 2017 1 commit
  15. 06 May, 2016 1 commit
  16. 12 Apr, 2016 1 commit
  17. 28 Jan, 2016 1 commit
  18. 08 Jan, 2016 1 commit
  19. 04 Jan, 2016 1 commit
  20. 08 Dec, 2015 3 commits
  21. 06 Jul, 2015 1 commit
  22. 27 Jan, 2015 1 commit
    • Leigh B Stoller's avatar
      Two co-mingled sets of changes: · 85cb063b
      Leigh B Stoller authored
      1) Implement the latest dataset read/write access settings from frontend to
         backend. Also updates for simultaneous read-only usage.
         The first changes the way that projects and users are treated at the
         CM. When set, we create real accounts (marked as nonlocal) for users and
         also create real projects (also marked as nonlocal). Users are added to
         those projects according to their credentials. The underlying experiment
         is thus owned by the user and in the project, although all the work is
         still done by the geniuser pseudo user. The advantage of this approach
         is that we can use standard emulab access checks to control access to
         objects like datasets. Maybe images too at some point.
         NOTE: Users are not removed from projects once they are added; we are
         going to need to deal with this, perhaps by adding an expiration stamp
         to the groups_membership tables, and using the credential expiration to
         mark it.
         The second new configure option turns on the web login via the geni
         trusted signer. So, if I create a sliver on a backend cluster when both
         options are set, I can use the trusted signer to log into my newly
         created account on the cluster, and see it (via the emulab classic web
         All this is in flux, might end up being a bogus approach in the end.
  23. 07 Jan, 2015 1 commit
    • Leigh B Stoller's avatar
      ZFS change; when ZFS_NOEXPORTS is on, we have to call exports_setup · b9ec1a54
      Leigh B Stoller authored
      when a user logs in so that their home directory and projects are exported
      from ops. Otherwise things break.
      Since we really do not want to do this too often, exports_setup is
      exporting anyone who is logged in within the last week, and the web
      interface is calling out to exports_setup only once a day for each user.
      This can be "improved" but I am worried we are fighting a losing battle and
      will eventually yank this code anyway.
  24. 12 Sep, 2014 1 commit
  25. 26 Aug, 2014 2 commits
  26. 09 Jul, 2014 1 commit
  27. 13 May, 2014 1 commit
  28. 06 May, 2014 10 commits