+sipb-xen-remctl-auto (1.0.13) unstable; urgency=low
+
+ * Switch to just using the remote server.
+
+ -- Greg Price <price@mit.edu> Sat, 10 May 2008 21:26:42 -0400
+
sipb-xen-remctl-auto (1.0.12) unstable; urgency=low
* Remove an obsolete line from the remctl config.
--- /dev/null
+host/remote.mit.edu@ATHENA.MIT.EDU
+++ /dev/null
-daemon/sipb-xen.mit.edu@ATHENA.MIT.EDU
+++ /dev/null
-include /etc/remctl/sipb-xen-auto/machine.d
--- /dev/null
+remote web /usr/sbin/sipb-xen-remote /etc/remctl/acl/remote
+remote control /usr/sbin/sipb-xen-remote /etc/remctl/acl/remote
+++ /dev/null
-web lvcreate /usr/sbin/sipb-xen-lvm /etc/remctl/acl/web
-web lvremove /usr/sbin/sipb-xen-lvm /etc/remctl/acl/web
-web lvrename /usr/sbin/sipb-xen-lvm /etc/remctl/acl/web
-web lvresize /usr/sbin/sipb-xen-lvm /etc/remctl/acl/web
-web lvcopy /usr/sbin/sipb-xen-lvcopy /etc/remctl/acl/web
-web register /usr/sbin/sipb-xen-remctl-update /etc/remctl/acl/web
-web moveregister /usr/sbin/sipb-xen-remctl-update /etc/remctl/acl/web
-web unregister /usr/sbin/sipb-xen-remctl-update /etc/remctl/acl/web
-web remctl-moira-update /usr/sbin/sipb-xen-remctl-update /etc/remctl/acl/web
-web listvms /usr/sbin/sipb-xen-listvms /etc/remctl/acl/web
+++ /dev/null
-This is Tim Abbott's initial draft at our automatic remctl
-configuration.
-
-/usr/sbin/sipb-xen-remctl-update is the magic script. Run
-it with "all" as an argument, and it will update everything.
-
-The inputs to this system are as follows:
-
-/etc/remctl/sipb-xen-auto/acl/MACHINENAME
-
- This directory contains files named MACHINENAME for each machine.
-These ACL files specify who is allowed to administer the machine. You
-can use entries that are Kerberos principles, or entries of the form
-
-include /etc/remctl/sipb-xen-auto/moira-acl/sipb-xen
-
-to include AFS groups in ACLs. To add a new machine to the system,
-you simply need to create /etc/remctl/sipb-xen-auto/acl/MACHINENAME
-and then run
-
-/usr/sbin/sipb-xen-remctl-update all
-
-Everything else is autogenerated from that information.
-
-
-Other files of interest:
-
-/etc/remctl/sipb-xen-auto/auto-machine-list
-
- The list of machines that should have their remctl configuration
-files generated from the template. This is generated from
-listing /etc/remctl/sipb-xen-auto/acl/*.
-
-/etc/remctl/sipb-xen-auto/auto-moira-list
-
- The list of Athena AFS groups from which acl files should be
-generated. The ACL files are placed in
-/etc/remctl/sipb-xen-auto/moira-acl/, and named GROUPNAME. Ths list
-is generated by parsing the ACL files in /etc/remctl/sipb-xen-auto/acl/.
-
-
-This package also includes a crontab to run
-
-/usr/sbin/sipb-xen-remctl-update all
-
-every 15 minutes or so to keep our Moira mapping up to date. One can
-request an update of our Moira mapping for group X by running
-
-/usr/sbin/sipb-xen-remctl-update moiragroup X
-
-The web interface should probably run this when it adds a group. We
-may want to make this also available to users, but I've been lame.
-
-This package includes a remctl interface available to anyone to invoke
-the command:
-
-/usr/sbin/sipb-xen-remctl-update all
-
-using the following command from your favorite machine with remctl:
-
-remctl black-mesa.mit.edu remctl-auto-update all
-
-It requires no special permission to run; there is a potential DOS
-issue here, but I don't think it is serious.
-
-Thought should be put into how to ensure that the servers stay in sync.
+++ /dev/null
-control #MACHINENAME# #BINDIR#/sipb-xen-vmcontrol /etc/remctl/sipb-xen-auto/acl/#MACHINENAME#
+++ /dev/null
-#!/bin/sh
-DIR=/etc/remctl/sipb-xen-auto
-TEMPLATE=$DIR/conf.template
-MACHINEDIR=$DIR/machine.d
-MOIRADIR=$DIR/moira-acl
-MOIRATMP=$DIR/moira-tmp
-MACHINETMP=$DIR/machine-list-tmp
-AUTOMACHINELIST=$DIR/auto-machine-list
-AUTOMOIRALIST=$DIR/auto-moira-list
-BINDIR=/usr/sbin
-ACLDIR=$DIR/acl
-
-update_machine()
-{
- machine="$1"
- sed "s/#MACHINENAME#/$machine/g" "$TEMPLATE" | \
- sed "s,#BINDIR#,$BINDIR,g" >| "$MACHINETMP"
- if ! cmp -s "$MACHINEDIR/$machine" "$MACHINETMP"; then
- mv "$MACHINETMP" "$MACHINEDIR/$machine"
- else
- rm -f "$MACHINETMP"
- fi
-}
-
-update_moiragroup()
-{
- group="$1"
- # Should perhaps replace with LDAP, but fine for now.
-
- # We should do more careful error checking so we don't take away
- # all bits and delete the moira-acl files whenever there's an AFS
- # outage.
- pts membership system:"$group" -noauth | tail -n+2 | \
- sed 's/\./\//' | \
- sed 's/^ //' | \
- sed 's/$/@ATHENA.MIT.EDU/g' >| "$MOIRATMP"
- if test -s "$MOIRATMP"; then
- if ! cmp -s "$MOIRADIR/$group" "$MOIRATMP"; then
- mv "$MOIRATMP" "$MOIRADIR/$group"
- fi
- else
- if test -e "$MOIRADIR/$group"; then
- rm "$MOIRADIR/$group"
- fi
- fi
- rm -f "$MOIRATMP"
-}
-
-check_machine_name()
-{
- machinename="$1"
- if ! perl -0e 'exit($ARGV[0] !~ /^[A-Za-z0-9][A-Za-z0-9._-]*$/)' -- "$machinename"; then
- echo "Bad machine name"
- exit 1
- fi
-}
-
-case "$1" in
- moiragroup)
- update_moiragroup "$2"
- ;;
-
- all_machines)
- # update the remctl.conf definitions
- for machine in `cat "$AUTOMACHINELIST"`; do
- update_machine "$machine"
- done
- ;;
- all_moira)
- # update our moira ACL lists
- for group in `cat "$AUTOMOIRALIST"`; do
- update_moiragroup "$group"
- done
- ;;
- auto_machine_list)
- # update the list of maintained machines
- /bin/ls "$ACLDIR" >| "$AUTOMACHINELIST"
- ;;
- auto_moira_list)
- # update the moira list-of-lists
- # /bin/ls "$MOIRADIR" >| "$AUTOMOIRALIST" # BAD IDEA in case of outage
-
- # This extracts the list of all moira lists we care about, and updates those.
- grep -R moira "$ACLDIR/" /etc/remctl/acl/ | perl -pe 's/.*moira-acl\/(.*)/$1/g' >| "$AUTOMOIRALIST"
- ;;
- unregister)
- machine="$2"
- check_machine_name "$machine"
- rm -f "$ACLDIR"/"$machine"
- rm -f "$MACHINEDIR"/"$machine"
- "$0" web
- ;;
- moveregister)
- oldmachine="$2"
- newmachine="$3"
- check_machine_name "$oldmachine"
- check_machine_name "$newmachine"
- mv "$ACLDIR"/"$oldmachine" "$ACLDIR"/"$newmachine"
- rm -f "$MACHINEDIR"/"$oldmachine"
- "$0" web
- ;;
- register)
- machine="$2"
- check_machine_name "$machine"
- if [ -e "$ACLDIR"/"$machine" ]; then
- echo "Machine already registered"
- exit 1
- fi
- echo "include /etc/remctl/acl/web" > "$ACLDIR/$machine"
- "$0" web
- ;;
- web)
- "$0" auto_machine_list
- "$0" all_machines
- ;;
- remctl-moira-update|all)
- "$0" auto_machine_list
- "$0" all_machines
- "$0" auto_moira_list
- "$0" all_moira
- ;;
-esac
-
-exit 0
projects / invirt/packages/invirt-remote.git / commitdiff
