...
 
Commits (5542)

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.

...@@ -10,6 +10,7 @@ clientside/os/imagezip/fat ...@@ -10,6 +10,7 @@ clientside/os/imagezip/fat
clientside/os/imagezip/ntfs/liblocale clientside/os/imagezip/ntfs/liblocale
clientside/lib/event/event_wrap* clientside/lib/event/event_wrap*
clientside/tmcc/cygwinxp/site-lisp clientside/tmcc/cygwinxp/site-lisp
clientside/tmcc/freebsd/init
clientside/tmcc/plab clientside/tmcc/plab
os/shd os/shd
www/cvsweb www/cvsweb
...@@ -49,3 +50,8 @@ LGPL-COPYING ...@@ -49,3 +50,8 @@ LGPL-COPYING
AGPL-COPYING AGPL-COPYING
TODO.plab TODO.plab
MOVED-TO-WIKI MOVED-TO-WIKI
VERSION
protogeni/flack/js/forge
protogeni/flack/src/com/hurlant
protogeni/flack/src/com/mattism
protogeni/protogeniflash/src/com/mattism
# #
# Copyright (c) 2000-2014 University of Utah and the Flux Group. # Copyright (c) 2000-2017 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -32,6 +32,7 @@ PELABSUPPORT = @PELABSUPPORT@ ...@@ -32,6 +32,7 @@ PELABSUPPORT = @PELABSUPPORT@
PGENISUPPORT = @PROTOGENI_SUPPORT@ PGENISUPPORT = @PROTOGENI_SUPPORT@
ISMAINSITE = @TBMAINSITE@ ISMAINSITE = @TBMAINSITE@
SPEWFROMOPS = @SPEWFROMOPS@ SPEWFROMOPS = @SPEWFROMOPS@
MOBILESUPPORT = @MOBILESUPPORT@
SYSTEM := $(shell uname -s) SYSTEM := $(shell uname -s)
include Makeconf include Makeconf
...@@ -52,10 +53,10 @@ SUBDIRS = \ ...@@ -52,10 +53,10 @@ SUBDIRS = \
clientside/lib \ clientside/lib \
db assign www @optional_subdirs@ clientside ipod security sensors \ db assign www @optional_subdirs@ clientside ipod security sensors \
pxe tbsetup account tmcd utils backend tip ipod vis \ pxe tbsetup account tmcd utils backend tip ipod vis \
sensors os xmlrpc install/newnode_sshkeys mote tools/whol \ sensors os xmlrpc autofs install/newnode_sshkeys \
tools/svn wiki bugdb collab node_usage install tools/svn collab/exp-vis node_usage install
ifeq ($(ISMAINSITE),1) ifeq ($(ISMAINSITE),1)
SUBDIRS += tools/rmanage SUBDIRS += tools/rmanage tools/whol
endif endif
ifeq ($(PGENISUPPORT),1) ifeq ($(PGENISUPPORT),1)
SUBDIRS += protogeni apt SUBDIRS += protogeni apt
...@@ -107,7 +108,8 @@ boss-install-noupdatecheck: install-schemacheck \ ...@@ -107,7 +108,8 @@ boss-install-noupdatecheck: install-schemacheck \
install-setbuildinfo install-setbuildinfo
# Only the checks: # Only the checks:
install-checks: install-updatecheck \ install-checks: \
install-updatecheck \
install-schemacheck \ install-schemacheck \
install-sitevarscheck \ install-sitevarscheck \
install-dbfillcheck install-genischemacheck install-dbfillcheck install-genischemacheck
...@@ -127,10 +129,10 @@ post-install: ...@@ -127,10 +129,10 @@ post-install:
ifeq ($(EVENTSYS),1) ifeq ($(EVENTSYS),1)
@$(MAKE) -C event post-install @$(MAKE) -C event post-install
endif endif
@$(MAKE) -C mote post-install ifeq ($(MOBILESUPPORT),1)
@$(MAKE) -C mobile
endif
@$(MAKE) -C tools post-install @$(MAKE) -C tools post-install
@$(MAKE) -C wiki post-install
@$(MAKE) -C bugdb post-install
@$(MAKE) -C collab post-install @$(MAKE) -C collab post-install
@$(MAKE) -C utils post-install @$(MAKE) -C utils post-install
ifeq ($(NODE_USAGE_SUPPORT),1) ifeq ($(NODE_USAGE_SUPPORT),1)
...@@ -174,6 +176,7 @@ opsfs-install: ops-install fs-install ...@@ -174,6 +176,7 @@ opsfs-install: ops-install fs-install
@echo "Combined ops/fs install done." @echo "Combined ops/fs install done."
install-mkdirs: install-mkdirs:
-mkdir -p $(INSTALL_TOPDIR)/db
-mkdir -p $(INSTALL_TOPDIR)/locks -mkdir -p $(INSTALL_TOPDIR)/locks
-mkdir -p $(INSTALL_TOPDIR)/log -mkdir -p $(INSTALL_TOPDIR)/log
-mkdir -p $(INSTALL_TOPDIR)/log/mysql -mkdir -p $(INSTALL_TOPDIR)/log/mysql
...@@ -232,6 +235,8 @@ endif ...@@ -232,6 +235,8 @@ endif
subboss: subboss:
@$(MAKE) -C clientside subboss @$(MAKE) -C clientside subboss
@$(MAKE) -C tbsetup subboss
@$(MAKE) -C db subboss
@$(MAKE) -C os subboss @$(MAKE) -C os subboss
ifneq ($(SYSTEM),CYGWIN_NT-5.1) ifneq ($(SYSTEM),CYGWIN_NT-5.1)
@$(MAKE) -C tip client @$(MAKE) -C tip client
...@@ -240,6 +245,7 @@ endif ...@@ -240,6 +245,7 @@ endif
subboss-install: subboss subboss-install: subboss
@$(MAKE) -C clientside subboss-install @$(MAKE) -C clientside subboss-install
@$(MAKE) -C tbsetup subboss-install
@$(MAKE) -C os subboss-install @$(MAKE) -C os subboss-install
ifneq ($(SYSTEM),CYGWIN_NT-5.1) ifneq ($(SYSTEM),CYGWIN_NT-5.1)
@$(MAKE) -C tip client-install @$(MAKE) -C tip client-install
...@@ -286,39 +292,27 @@ mfsoscheck: ...@@ -286,39 +292,27 @@ mfsoscheck:
fi fi
mfs: mfsoscheck mfs: mfsoscheck
@$(MAKE) -C os mfs
@$(MAKE) -C clientside mfs @$(MAKE) -C clientside mfs
mfs-nostatic: mfsoscheck mfs-nostatic: mfsoscheck
@NOSTATIC=1 $(MAKE) -C os mfs
@NOSTATIC=1 $(MAKE) -C clientside mfs @NOSTATIC=1 $(MAKE) -C clientside mfs
mfs-install: destdircheck mfs client-mkdirs mfs-install: destdircheck mfs client-mkdirs
@$(MAKE) -C os mfs-install
@$(MAKE) -C clientside mfs-install @$(MAKE) -C clientside mfs-install
mfs-nostatic-install: destdircheck mfs-nostatic client-mkdirs mfs-nostatic-install: destdircheck mfs-nostatic client-mkdirs
@$(MAKE) -C os mfs-install
@$(MAKE) -C clientside mfs-install @$(MAKE) -C clientside mfs-install
frisbee-mfs: mfsoscheck frisbee-mfs: mfsoscheck
@$(MAKE) -C cdrom/groklilo client
@$(MAKE) -C os frisbee-mfs
@$(MAKE) -C clientside frisbee-mfs @$(MAKE) -C clientside frisbee-mfs
frisbee-mfs-nostatic: mfsoscheck frisbee-mfs-nostatic: mfsoscheck
@NOSTATIC=1 $(MAKE) -C cdrom/groklilo client
@NOSTATIC=1 $(MAKE) -C os frisbee-mfs
@NOSTATIC=1 $(MAKE) -C clientside frisbee-mfs @NOSTATIC=1 $(MAKE) -C clientside frisbee-mfs
frisbee-mfs-install: destdircheck frisbee-mfs frisbee-mfs-install: destdircheck frisbee-mfs
@CLIENT_BINDIR=/etc/testbed $(MAKE) -e -C cdrom/groklilo client-install
@$(MAKE) -C os frisbee-mfs-install
@$(MAKE) -C clientside frisbee-mfs-install @$(MAKE) -C clientside frisbee-mfs-install
frisbee-mfs-nostatic-install: destdircheck frisbee-mfs-nostatic frisbee-mfs-nostatic-install: destdircheck frisbee-mfs-nostatic
@CLIENT_BINDIR=/etc/testbed $(MAKE) -e -C cdrom/groklilo client-install
@$(MAKE) -C os frisbee-mfs-install
@$(MAKE) -C clientside frisbee-mfs-install @$(MAKE) -C clientside frisbee-mfs-install
newnode-mfs: mfsoscheck newnode-mfs: mfsoscheck
...@@ -431,6 +425,19 @@ ifeq ($(PGENISUPPORT),1) ...@@ -431,6 +425,19 @@ ifeq ($(PGENISUPPORT),1)
endif endif
@echo "Done" @echo "Done"
BRANCHCHECK=
BRANCHECHO= @echo "Skipping branch check since not the Mothership"
ifeq ($(ISMAINSITE),1)
ifeq ($(TBROOT),/usr/testbed)
BRANCHCHECK= cd $(SRCDIR) && \
git status --porcelain -s -b | head -1 | grep -q -s current
BRANCHECHO= @echo "Checking to make sure you are on the mothership branch"
endif
endif
install-branchcheck:
$(BRANCHECHO)
$(BRANCHCHECK)
# We use separate src and obj trees in Emulab, so the traditional distclean to # We use separate src and obj trees in Emulab, so the traditional distclean to
# clean "made" files from a mingled source-and-obj tree is unnecessary. # clean "made" files from a mingled source-and-obj tree is unnecessary.
# However, this may be useful if you mistakenly configure and make a src tree. # However, this may be useful if you mistakenly configure and make a src tree.
......
# #
# Copyright (c) 2000-2012 University of Utah and the Flux Group. # Copyright (c) 2000-2012, 2016 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -108,6 +108,21 @@ distclean: default-clean ...@@ -108,6 +108,21 @@ distclean: default-clean
default-clean: default-clean:
rm -f GNUmakefile rm -f GNUmakefile
# This is to avoid warnings about duplicate targets.
default-install-notusing:
ifeq ($(ISMAINSITE),1)
ifeq ($(TBROOT),/usr/testbed)
(cd $(SRCDIR) ; \
git status --porcelain -s -b | head -1 | grep -q -s current)
else
/usr/bin/true
endif
else
/usr/bin/true
endif
#install: default-install
# #
# Where to find source files. # Where to find source files.
# Using specific patterns instead of the catch-all VPATH variable # Using specific patterns instead of the catch-all VPATH variable
......
# #
# Copyright (c) 2000-2012 University of Utah and the Flux Group. # Copyright (c) 2000-2016 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -44,6 +44,7 @@ export JAR = @JAR@ ...@@ -44,6 +44,7 @@ export JAR = @JAR@
prefix = @prefix@ prefix = @prefix@
exec_prefix = @exec_prefix@ exec_prefix = @exec_prefix@
ISMAINSITE = @TBMAINSITE@
TBROOT = @prefix@ TBROOT = @prefix@
TBDEFS = @TBDEFS@ TBDEFS = @TBDEFS@
TBDBNAME = @TBDBNAME@ TBDBNAME = @TBDBNAME@
...@@ -120,4 +121,4 @@ MERGE_BUILD_SANDBOX = @MERGE_BUILD_SANDBOX@ ...@@ -120,4 +121,4 @@ MERGE_BUILD_SANDBOX = @MERGE_BUILD_SANDBOX@
EXP_VIS_SUPPORT = @EXP_VIS_SUPPORT@ EXP_VIS_SUPPORT = @EXP_VIS_SUPPORT@
TESTBED_LIBSRCDIR = ${TESTBED_SRCDIR}/clientside/lib TESTBED_LIBSRCDIR = ${TESTBED_SRCDIR}/clientside/lib
TESTBED_LIBOBJDIR = ${OBJDIR}/clientside/lib TESTBED_LIBOBJDIR = ${OBJDIR}/clientside/lib
TESTBED_IMAGEZIPSRCDIR = ${OBJDIR}/clientside/os/imagezip TESTBED_IMAGEZIPSRCDIR = ${TESTBED_SRCDIR}/clientside/os/imagezip
This diff is collapsed.
This diff is collapsed.
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2010-2011, 2013 University of Utah and the Flux Group. # Copyright (c) 2010-2016 University of Utah and the Flux Group.
# #
# {{{GENIPUBLIC-LICENSE # {{{GENIPUBLIC-LICENSE
# #
...@@ -340,6 +340,7 @@ sub AddUser(;$) ...@@ -340,6 +340,7 @@ sub AddUser(;$)
my $xmlgoo = emutil::ExecQuiet("$DUMPUSER $uid"); my $xmlgoo = emutil::ExecQuiet("$DUMPUSER $uid");
if ($?) { if ($?) {
print STDERR "$xmlgoo";
fatal("$DUMPUSER failed"); fatal("$DUMPUSER failed");
} }
my $args = {"xmlstring" => $xmlgoo, my $args = {"xmlstring" => $xmlgoo,
......
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2000-2014 University of Utah and the Flux Group. # Copyright (c) 2000-2018 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -25,6 +25,7 @@ use strict; ...@@ -25,6 +25,7 @@ use strict;
use English; use English;
use Getopt::Long qw(:config no_ignore_case); use Getopt::Long qw(:config no_ignore_case);
use POSIX qw(strftime); use POSIX qw(strftime);
use Date::Parse;
# #
# Load the Testbed support stuff. # Load the Testbed support stuff.
...@@ -54,6 +55,7 @@ my $urn; ...@@ -54,6 +55,7 @@ my $urn;
my $oldkeyfile; my $oldkeyfile;
my $authority; my $authority;
my $notca = 0; my $notca = 0;
my $days = 2000;
my $include_uuid = 0; my $include_uuid = 0;
my %optlist = ( "debug" => \$debug, my %optlist = ( "debug" => \$debug,
"password=s" => \$password, "password=s" => \$password,
...@@ -312,8 +314,45 @@ if( defined( $oldkeyfile ) ) { ...@@ -312,8 +314,45 @@ if( defined( $oldkeyfile ) ) {
# #
my $startdate = POSIX::strftime("%y%m%d%H%M%SZ", gmtime(time() - 3600)); my $startdate = POSIX::strftime("%y%m%d%H%M%SZ", gmtime(time() - 3600));
#
# Check the expiration on the CA cert, we do not want the new
# certificate to expire after the CA (signer) cert expires.
#
$UID = 0; $UID = 0;
my $expires = `$OPENSSL x509 -enddate -noout -in $certfile`;
if ($?) {
fatal("Could not get expiration from $certfile");
}
if ($expires =~ /^notAfter=(.*)$/i) {
my $tmp = str2time($1);
if (!defined($tmp)) {
fatal("Could not convert $certfile expiration to time: $1");
}
$expires = $tmp;
}
else {
fatal("Could not parse $certfile expiration: $expires");
}
if ($expires < time()) {
fatal("$certfile certificate has expired!");
}
# If the CA expires in less then 30 days, grind to a halt.
my $daystoexpire = int(($expires - time()) / (3600 * 24));
if ($daystoexpire <= 30) {
fatal("Refusing to sign new certificate; the $certfile expires in less ".
"then 30 days!");
}
if ($debug) {
print "CA certificate expires in $daystoexpire days.\n";
}
if ($days > $daystoexpire) {
$days = $daystoexpire - 1;
print "Shortening certificate expiration to $days\n";
}
system("$OPENSSL ca -batch -policy policy_sslxmlrpc -startdate $startdate ". system("$OPENSSL ca -batch -policy policy_sslxmlrpc -startdate $startdate ".
" -days $days ".
" -name CA_syscerts -config $CACONFIG ". " -name CA_syscerts -config $CACONFIG ".
" -out syscert_cert.pem -cert $certfile -keyfile $keyfile ". " -out syscert_cert.pem -cert $certfile -keyfile $keyfile ".
" -infiles syscert_req.pem $outline") == 0 " -infiles syscert_req.pem $outline") == 0
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# Copyright (c) 2000-2014 University of Utah and the Flux Group. # Copyright (c) 2000-2018 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -24,6 +24,7 @@ ...@@ -24,6 +24,7 @@
use strict; use strict;
use English; use English;
use Getopt::Std; use Getopt::Std;
use Date::Parse;
# #
# Load the Testbed support stuff. # Load the Testbed support stuff.
...@@ -43,7 +44,7 @@ sub usage() ...@@ -43,7 +44,7 @@ sub usage()
print("Usage: mkusercert [-d] [-o] [-r] [-g] [-p password] <user>\n"); print("Usage: mkusercert [-d] [-o] [-r] [-g] [-p password] <user>\n");
exit(-1); exit(-1);
} }
my $optlist = "dp:ogrc:"; my $optlist = "dp:ogrc:CPG";
my $debug = 0; my $debug = 0;
my $output = 0; my $output = 0;
my $password = ""; my $password = "";
...@@ -74,6 +75,8 @@ my $EMULAB_KEY = "$TB/etc/emulab.key"; ...@@ -74,6 +75,8 @@ my $EMULAB_KEY = "$TB/etc/emulab.key";
my $OPENSSL = "/usr/bin/openssl"; my $OPENSSL = "/usr/bin/openssl";
my $KEYGEN = "/usr/bin/ssh-keygen"; my $KEYGEN = "/usr/bin/ssh-keygen";
my $ADDKEY = "$TB/sbin/addpubkey"; my $ADDKEY = "$TB/sbin/addpubkey";
my $SSH = "$TB/bin/sshtb";
my $ACCOUNTPROXY= "$TB/sbin/accountsetup";
my $WORKDIR = "$TB/ssl"; my $WORKDIR = "$TB/ssl";
my $SAVEUID = $UID; my $SAVEUID = $UID;
...@@ -148,38 +151,8 @@ if (defined($options{"r"})) { ...@@ -148,38 +151,8 @@ if (defined($options{"r"})) {
if (defined($options{"g"})) { if (defined($options{"g"})) {
$geniflag = 1; $geniflag = 1;
} }
if (defined($options{"p"})) { if (defined($options{"p"}) || defined($options{"P"})) {
$password = $options{"p"};
#
# Make sure its all escaped since any printable char is allowed.
#
if ($password =~ /^([\040-\176]*)$/) {
$password = $1;
}
else {
die("Tainted argument: $password\n");
}
$db_password = DBQuoteSpecial($password);
$sh_password = $password;
$sh_password =~ s/\'/\'\\\'\'/g;
$sh_password = "$sh_password";
$encrypted = 1; $encrypted = 1;
$days = 365;
}
if (defined($options{"c"})) {
$old_password = $options{"c"};
#
# Make sure its all escaped since any printable char is allowed.
#
if ($old_password =~ /^([\040-\176]*)$/) {
$old_password = $1;
}
else {
die("Tainted argument: $old_password\n");
}
$old_password =~ s/\'/\'\\\'\'/g;
} }
if (@ARGV != 1) { if (@ARGV != 1) {
usage(); usage();
...@@ -214,6 +187,61 @@ if (! defined($this_user)) { ...@@ -214,6 +187,61 @@ if (! defined($this_user)) {
fatal("You ($UID) do not exist!"); fatal("You ($UID) do not exist!");
} }
if (defined($options{"p"}) || defined($options{"P"})) {
if (defined($options{"p"})) {
$password = $options{"p"};
}
elsif ($target_user->SSLPassPhrase(1, \$password)) {
if (defined($options{"G"})) {
$password = substr(TBGenSecretKey(), 0, 12);
if (!defined($password) || $password eq "") {
fatal("Could not generate a random passphrase for -P -G");
}
}
else {
fatal("No stored passphrase for -P option");
}
}
#
# Make sure its all escaped since any printable char is allowed.
#
if ($password =~ /^([\040-\176]*)$/) {
$password = $1;
}
else {
die("Tainted argument: $password\n");
}
$db_password = DBQuoteSpecial($password);
$sh_password = $password;
$sh_password =~ s/\'/\'\\\'\'/g;
$sh_password = "$sh_password";
}