X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-remote.git/blobdiff_plain/d4f6e8a2a7a14a2f655e5cfe4e02b4267d4f6b8e..ada151f201ec22a6c9289fb09193490dd674287c:/files/etc/remctl/sipb-xen-auto/README diff --git a/files/etc/remctl/sipb-xen-auto/README b/files/etc/remctl/sipb-xen-auto/README deleted file mode 100644 index 8a950c2..0000000 --- a/files/etc/remctl/sipb-xen-auto/README +++ /dev/null @@ -1,66 +0,0 @@ -This is Tim Abbott's initial draft at our automatic remctl -configuration. - -/usr/sbin/sipb-xen-remctl-update is the magic script. Run -it with "all" as an argument, and it will update everything. - -The inputs to this system are as follows: - -/etc/remctl/sipb-xen-auto/acl/MACHINENAME - - This directory contains files named MACHINENAME for each machine. -These ACL files specify who is allowed to administer the machine. You -can use entries that are Kerberos principles, or entries of the form - -include /etc/remctl/sipb-xen-auto/moira-acl/sipb-xen - -to include AFS groups in ACLs. To add a new machine to the system, -you simply need to create /etc/remctl/sipb-xen-auto/acl/MACHINENAME -and then run - -/usr/sbin/sipb-xen-remctl-update all - -Everything else is autogenerated from that information. - - -Other files of interest: - -/etc/remctl/sipb-xen-auto/auto-machine-list - - The list of machines that should have their remctl configuration -files generated from the template. This is generated from -listing /etc/remctl/sipb-xen-auto/acl/*. - -/etc/remctl/sipb-xen-auto/auto-moira-list - - The list of Athena AFS groups from which acl files should be -generated. The ACL files are placed in -/etc/remctl/sipb-xen-auto/moira-acl/, and named GROUPNAME. Ths list -is generated by parsing the ACL files in /etc/remctl/sipb-xen-auto/acl/. - - -This package also includes a crontab to run - -/usr/sbin/sipb-xen-remctl-update all - -every 15 minutes or so to keep our Moira mapping up to date. One can -request an update of our Moira mapping for group X by running - -/usr/sbin/sipb-xen-remctl-update moiragroup X - -The web interface should probably run this when it adds a group. We -may want to make this also available to users, but I've been lame. - -This package includes a remctl interface available to anyone to invoke -the command: - -/usr/sbin/sipb-xen-remctl-update all - -using the following command from your favorite machine with remctl: - -remctl black-mesa.mit.edu remctl-auto-update all - -It requires no special permission to run; there is a potential DOS -issue here, but I don't think it is serious. - -Thought should be put into how to ensure that the servers stay in sync.