diff --git a/mkAIXsnap b/mkAIXsnap
index 06a115e94..815836fa0 100755
--- a/mkAIXsnap
+++ b/mkAIXsnap
@@ -42,7 +42,7 @@ fi
#
# do an update from the trunk directory level
#
-svn update | tee $BLDTOP/coresvnup
+#svn update | tee $BLDTOP/coresvnup
#svn update
# create a simple install script
diff --git a/xCAT-server/lib/xcat/plugins/aixinstall.pm b/xCAT-server/lib/xcat/plugins/aixinstall.pm
index 6810b2f26..295aab3e4 100644
--- a/xCAT-server/lib/xcat/plugins/aixinstall.pm
+++ b/xCAT-server/lib/xcat/plugins/aixinstall.pm
@@ -3662,15 +3662,68 @@ sub prenimnodeset
# create a NIM script resource using the xcataixpost script
#
if ($add_xcataixpost) { # if we have at least one standalone node
- my $resname = "xcataixpost";
- my $respath = "/install/postscripts/xcataixpost";
- if (&mkScriptRes($resname, $respath, $nimprime, $callback) != 0) {
- my $rsp;
- push @{$rsp->{data}}, "Could not create a NIM resource for xcataixpost.\n";
- xCAT::MsgUtils->message("E", $rsp, $callback);
- return (1);
- }
- $lochash{$resname} = "/install/postscripts/xcataixpost";
+
+ my $pre;
+ if (&is_me($nimprime)) {
+ $pre = "";
+ } else {
+ $pre = "xdsh $nimprime";
+ }
+
+ my $createscript=0;
+ # see if it already exists
+ my $scmd = qq~$pre /usr/sbin/lsnim -l 'xcataixpost' 2>/dev/null~;
+ xCAT::Utils->runcmd($scmd, 0);
+ if ($::RUNCMD_RC != 0) {
+ # doesn't exist so create it
+ $createscript=1;
+ } else {
+ # it exists so see if it's in the correct location
+ my $loc = &get_nim_attr_val('xcataixpost', 'location', $callback, $nimprime);
+
+ # see if it's in the wrong place
+ if ($loc eq "/install/postscripts/xcataixpost") {
+ # need to remove this def and create a new one
+ $createscript=1;
+
+ my $rcmd = qq~$pre /usr/sbin/nim -Fo remove 'xcataixpost' 2>/dev/null~;
+ xCAT::Utils->runcmd($rcmd, 0);
+ if ($::RUNCMD_RC != 0) {
+ # error - could not remove NIM xcataixpost script resource.
+ }
+
+ }
+
+ }
+
+ # create a new one if we need to
+ if ($createscript) {
+ # copy file to /install/nim/scripts
+ my $ccmd = qq~$pre mkdir -m 644 -p /install/nim/scripts; cp /install/postscripts/xcataixpost /install/nim/scripts 2>/dev/null; chmod +x /install/nim/scripts/xcataixpost~;
+ xCAT::Utils->runcmd($ccmd, 0);
+ if ($::RUNCMD_RC != 0) {
+ my $rsp;
+ push @{$rsp->{data}}, "Could not copy xcataixpost.";
+ xCAT::MsgUtils->message("E", $rsp, $callback);
+ return 1;
+ }
+
+ # define the new xcataixpost resource
+ my $dcmd = qq~$pre /usr/sbin/nim -o define -t script -a server=master -a location=/install/nim/scripts/xcataixpost xcataixpost 2>/dev/null~;
+ xCAT::Utils->runcmd($dcmd, 0);
+ if ($::RUNCMD_RC != 0) {
+ my $rsp;
+ push @{$rsp->{data}}, "Could not create a NIM resource for xcataixpost.\n";
+ xCAT::MsgUtils->message("E", $rsp, $callback);
+ return (1);
+ }
+ }
+
+ # make sure we clean up the /etc/exports file
+ my $ecmd = qq~$pre /usr/sbin/rmnfsexp -d /install/postscripts/xcataixpost -B 2>/dev/null~;
+ xCAT::Utils->runcmd($ecmd, 0);
+
+ $lochash{'xcataixpost'} = "/install/nim/scripts/xcataixpost";
}
#####################################################
diff --git a/xCAT/postscripts/aixremoteshell b/xCAT/postscripts/aixremoteshell
index 5d4989957..2268ae08d 100755
--- a/xCAT/postscripts/aixremoteshell
+++ b/xCAT/postscripts/aixremoteshell
@@ -8,8 +8,8 @@
=head1 aixremoteshell
- This sets up the remote shell for rooton the AIX node,such that root can
- login using with no password. The default is /bin/rsh and
+ This sets up the remote shell for root on the AIX node,such that root can
+ login with no password. The default is /bin/rsh and
/bin/rcp but can be overriden by setting the useSSHonAIX attribute in the
site table to yes, in which case we will use ssh/scp.
=cut
@@ -23,8 +23,17 @@
# setup the ssh keys on the node
# end
+BEGIN
+{
+ $::XCATROOT = $ENV{'XCATROOT'} ? $ENV{'XCATROOT'} : '/opt/xcat';
+}
+use lib "$::XCATROOT/lib/perl";
+
# MAIN
use strict;
+use IO::Socket;
+use IO::Socket::SSL;
+use xCAT::Utils;
my $rc = 0;
# Override from site table
@@ -48,31 +57,45 @@ if ($rc != 0)
{
exit 1;
}
-if ($home eq "\/")
-{
- $home = "";
-}
$usesshonaix =~ tr/a-z/A-Z/; # convert to upper
if ((!defined($usesshonaix)) || ($usesshonaix eq "0") || ($usesshonaix eq "NO"))
-{ # setting up rsh
- # setup .rhosts if not already setup
- $cmd = "/bin/grep \"^$master root\" $home/.rhosts";
+{ # setting up rsh
+ # setup .rhosts if not already setup
+ $cmd = "/bin/grep \"^$master root\" /.rhosts";
`$cmd 2>&1`;
my $rc = $? >> 8;
if ($rc)
- { # if not found, then add entry in .rhosts
- &runcmd("/bin/echo $master root >> $home/.rhosts");
- chmod 0600, "$home/.rhosts";
+ { # if not found, then add entry in .rhosts
+ &runcmd("/bin/echo $master root >> /.rhosts");
+ chmod 0600, "/.rhosts";
}
}
else
-{ # setting up ssh
+{
+ # setting up ssh
+ if (&setupSSH != 0) {
+ my $msg = "Failed to setup ssh on $node.\n";
+ `logger -t xcat $msg`;
+# print $msg;
+ exit 0;
+ }
+}
+
+exit 0;
+
+#
+# Subroutines
+#
+
+sub setupSSH
+{
my $sshdconfig = "/etc/ssh/sshd_config";
my $sshconfig = "/etc/ssh/ssh_config";
+
if (-e $sshdconfig)
- { # ssh installed
+ { # ssh installed
my $tmp="$sshdconfig.ORIG";
if (!(-e "$sshdconfig.ORIG"))
{
@@ -92,19 +115,19 @@ else
{ # ssh not installed
my $msg = "Failed to setup ssh on $node, ssh not installed. \n";
`logger -t xcat $msg`;
- exit 1;
+ exit 0;
}
+
if (-e "/xcatpost/_ssh")
{ # ssh public key available
- $rc = &runcmd("mkdir -p $home/.ssh");
+ $rc = &runcmd("mkdir -p /.ssh");
if ($rc == 0)
{
- $rc = &runcmd("cp -fp /xcatpost/_ssh/* $home/.ssh");
+ $rc = &runcmd("cp -fp /xcatpost/_ssh/* /.ssh");
if ($rc == 0)
{
- #$rc = &runcmd("scp -p $master:$home/.ssh/id_* $home/.ssh");
- $rc = &runcmd("chmod 0700 $home/.ssh");
- $rc = &runcmd("chmod 0600 $home/.ssh/*");
+ $rc = &runcmd("chmod 0700 /.ssh");
+ $rc = &runcmd("chmod 0600 /.ssh/*");
}
}
}
@@ -112,10 +135,203 @@ else
{ # ssh keys not available
my $msg = "Failed to setup ssh on $node, ssh keys not available. \n";
`logger -t xcat $msg`;
- exit 1;
+ exit 0;
}
+
+ # get the name of my service node/NIM master from /etc/xcatinfo
+ # ! use value of MASTER env variable instead
+ $::servnode = $master;
+
+ my $response=&getresponse("ssh_dsa_hostkey");
+ if (defined ($response) ) {
+ my $fd;
+ my $filename = "/etc/ssh/ssh_host_dsa_key";
+ &runcmd("mkdir -p /etc/ssh");
+ open($fd, '>',$filename);
+ print $fd $response;
+ close($fd);
+
+ # set the permissions
+ my $cmd = "chmod 600 $filename > /dev/null 2>&1";
+ &runcmd($cmd);
+ }
+ else {
+ $msg = "aixremoteshell: Could not get ssh_host_dsa_key file.\n";
+ `logger -t xcat $msg`;
+ }
+
+ my $response=&getresponse("ssh_rsa_hostkey");
+ if (defined ($response) ) {
+ my $fd;
+ my $filename = "/etc/ssh/ssh_host_rsa_key";
+ &runcmd("mkdir -p /etc/ssh");
+ open($fd, '>',$filename);
+ print $fd $response;
+ close($fd);
+
+ # set the permissions
+ my $cmd = "chmod 600 $filename > /dev/null 2>&1";
+ &runcmd($cmd);
+ }
+ else {
+ $msg = "aixremoteshell: Could not get ssh_host_rsa_key file.\n";
+ `logger -t xcat $msg`;
+ }
+
+ if ( -f "/etc/xCATSN") {
+ &runcmd("mkdir -p /etc/xcat/hostkeys; cp /etc/ssh/ssh* /etc/xcat/hostkeys/. > /dev/null 2>&1");
+ }
+
+ my $response=&getresponse("ssh_root_key");
+ if (defined ($response) ) {
+ my $fd;
+ my $filename = "/.ssh/id_rsa";
+ &runcmd("mkdir -p /.ssh");
+ open($fd, '>',$filename);
+ print $fd $response;
+ close($fd);
+
+ # set the permissions
+#TODO - what perms are needed???
+ my $cmd = "chmod 600 $filename > /dev/null 2>&1";
+ &runcmd($cmd);
+
+ if ( -f "/.ssh/id_rsa" ) {
+ &runcmd("ssh-keygen -y -f /.ssh/id_rsa > /.ssh/id_rsa.pub");
+ }
+ }
+ else {
+ $msg = "aixremoteshell: Could not get id_rsa file.\n";
+ `logger -t xcat $msg`;
+ }
+
+ return 0;
+}
+
+#####################################################
+#
+# getresponse
+# Request info from xcatd on the management node
+#
+# - uses SSL socket on port 3001 to connect to MN xcatd
+# to make the request for info
+#
+#####################################################
+sub getresponse
+{
+ my ($req) = @_;
+
+ my $port = "3001";
+
+ # open listener connection to wait for check from management node
+ my $lpid = &openlistener();
+
+ # open a socket to request credentials
+ my $sock = IO::Socket::SSL->new(
+ PeerAddr => $::servnode,
+ PeerPort => $port,
+ Proto => 'tcp',
+ );
+
+ unless ($sock) {
+ my $msg = "aixremoteshell: Cannot connect to host \'$::servnode\'\n";
+ `logger -t xcat $msg`;
+ #print $msg;
+ return undef;
+ }
+
+ # request must be in XML format
+ print $sock "\n";
+ print $sock " getcredentials\n";
+ print $sock " $req\n";
+ print $sock " 300\n";
+ print $sock "\n";
+
+#TODO - do we have to try again after waiting for a bit????
+ my $response='';
+ my $line;
+ while (defined ($line = <$sock>)) {
+ # skip xml tags
+ next if ($line =~ /^\s*);
+
+ # once we get to serverdone we have the whole response
+ if ($line =~ m/<\/serverdone>/) {
+ last:
+ }
+ $response .= $line;
+ }
+
+ close ($sock);
+#debug
+#print "resp = \'$response\'\n";
+
+ kill 2, $lpid;
+ if ($response) {
+ return $response;
+ }
+ return undef;
+}
+
+#####################################################
+#
+# openlistener
+# - fork a child process to respond to a check from the MN
+#
+#####################################################
+sub openlistener
+{
+ my $node = $ENV{'NODE'};
+
+ # fork a child process to open a socket to listen for communication
+ # from the server
+ my $pid = xCAT::Utils->xfork;
+ unless (defined $pid) {
+ # fork failed
+ $msg = "aixremoteshell: Could not fork process.\n";
+ `logger -t xcat $msg`;
+ print $msg;
+ return undef;
+ }
+
+ if ($pid != 0) {
+ # This is the parent process, just return
+ return $pid;
+ }
+
+ my $listener = IO::Socket::INET->new(
+ LocalPort => '300',
+ Proto => 'tcp',
+ Listen => '64',
+ Reuse => 1
+ );
+
+ unless ($listener) {
+ my $msg = "aixremoteshell: Cannot open socket on \'$node\'\n";
+ `logger -t xcat $msg`;
+ print $msg;
+ exit 1;
+ }
+
+ # xcatd sends a quick req to see if we are really asking
+ # for info - this listener checks for the req and says ok
+ my $client;
+ while ($client = $listener->accept()) {
+ # $client is the new connection
+ my $text=<$client>;
+
+ # see if we got "CREDOKBYYOU?"
+ if ($text =~ /CREDOKBYYOU?/) {
+ print $client "CREDOKBYME";
+ close($client);
+ close($listener);
+ exit 0;
+ }
+ close($client);
+ }
+ close($client);
+ close($listener);
+ exit 0;
}
-exit $rc;
#
# run the command
@@ -125,18 +341,17 @@ sub runcmd
my ($cmd) = @_;
my $rc = 0;
$cmd .= ' 2>&1';
- my $outref = [];
- @$outref = `$cmd`;
+ $::outref = `$cmd`;
if ($?)
{
$rc = $? >> 8;
if ($rc > 0)
{
- my $msg = "$cmd returned rc=$rc @$outref\n";
+ my $msg = "$cmd returned rc=$rc @$::outref\n";
`logger -t xcat $msg`;
- print $msg;
+# print $msg;
}
}
- return $rc;
+ return 0;
}
diff --git a/xCAT/postscripts/servicenode b/xCAT/postscripts/servicenode
index b79f33f62..2dc0357af 100755
--- a/xCAT/postscripts/servicenode
+++ b/xCAT/postscripts/servicenode
@@ -17,9 +17,22 @@
#-----------------------------------------------------------------------------
+BEGIN
+{
+ $::XCATROOT = $ENV{'XCATROOT'} ? $ENV{'XCATROOT'} : '/opt/xcat';
+}
+use lib "$::XCATROOT/lib/perl";
+
+# MAIN
+use strict;
+use IO::Socket;
+use IO::Socket::SSL;
+use xCAT::Utils;
+
# MAIN
my $rc=0;
+my $msg="";
$::osname = `uname`;
chomp $::osname;
@@ -36,7 +49,7 @@ if ($::osname eq 'AIX')
$rc = &setupAIXsn;
if ( $rc != 0) {
my $msg="$::sdate servicenode: One or more errors occurred when attempting to configure node $::hname as an xCAT service node.\n";
- print "$msg\n";
+# print "$msg\n";
`logger -t xcat $msg`;
}
}
@@ -83,185 +96,256 @@ sub runcmd
`logger -t xcat $msg`;
}
}
- return $rc;
+ return 0;
}
# do AIX service node setup
sub setupAIXsn
{
my $error=0;
- my $servnode;
- # get the name of my service node/NIM master from the /etc/xcatinfo file
- # file was created by xcataixpost when the node was first installed
- if (-f "/etc/xcatinfo") {
- my $cmd = "cat /etc/xcatinfo | grep 'XCATSERVER'";
- &runcmd($cmd);
- my $SNline = $::outref;
- my $junk;
- ($junk, $servnode) = split(/=/, $SNline);
- $servnode =~ s/^\s*//;
- chomp $servnode;
- } else {
- $msg = "$::sdate servicenode: Could not find /etc/xcatinfo file.\n";
- `logger -t xcat $msg`;
- $error++;
- }
+ # get the name of my service node/NIM master from the MASTER env var
+ $::servnode = $ENV{'MASTER'};
- my $rcpcmd = "rcp -r $servnode:/etc/hosts /etc";
- if (&runcmd($rcpcmd) != 0) {
- $msg = "$::sdate servicenode: Could not get /etc/hosts file.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
- # make sure we have enough space in /xcatpost ("/") fs
- my $dfcmd = "df -m / | grep '\/' |tr -s ' '| cut -f 3 -d ' '";
- if (&runcmd($dfcmd) != 0) {
- $msg = "$::sdate servicenode: Could not find file system free space.\n";
- `logger -t xcat $msg`;
- $error++;
- }
- my $freespace = $::outref;
- if ($freespace <= 220) {
- # add to "/" fs if needed
- my $chfscmd = "/usr/sbin/chfs -a size=+220M /";
- if (&runcmd($chfscmd) != 0) {
- $msg = "$::sdate servicenode: Could not increase file system size.\n";
- `logger -t xcat $msg`;
- $error++;
- }
- }
-
- # make sure we have enough space in /usr fs
- my $dfcmd = "df -m /usr | grep 'usr' |tr -s ' '| cut -f 3 -d ' '";
- if (&runcmd($dfcmd) != 0) {
- $msg = "$::sdate servicenode: Could not find file system free space.\n";
- `logger -t xcat $msg`;
- $error++;
- }
- my $freespace = $::outref;
- if ($freespace <= 2200) {
- # add to "/usr" fs if needed
- my $chfscmd = "/usr/sbin/chfs -a size=+2200M /usr";
- if (&runcmd($chfscmd) != 0) {
- $msg = "$::sdate servicenode: Could not increase file system size.\n
-";
- `logger -t xcat $msg`;
- $error++;
- }
- }
-
- # copy SN software to /xcatpost/AIX/xcatpkgs
- my $rcpcmd = "mkdir -p /xcatpost/AIX/xcatpkgs; rcp -r $servnode:/install/AIX/xcatpkgs/* /xcatpost/AIX/xcatpkgs";
- if (&runcmd($rcpcmd) != 0) {
- $msg = "$::sdate servicenode: Could not copy service node software from the management node.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
- # run inutoc
- my $inucmd = "inutoc /xcatpost/AIX/xcatpkgs";
- if (&runcmd($rcpcmd) != 0) {
- $msg = "$::sdate servicenode: Could not run inutoc.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
- # install openssl
- my $gencmd = "geninstall -IaXY -d /xcatpost/AIX/xcatpkgs -f /xcatpost/AIX/xcatpkgs/xCATinstpSN.bnd";
- if (&runcmd($gencmd) != 0) {
- $msg = "$::sdate servicenode: Could not install openssl.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
- # install openssh
- my $gencmd = "geninstall -IaXY -d /xcatpost/AIX/xcatpkgs -f /xcatpost/AIX/xcatpkgs/xCATaixSSH.bnd";
- if (&runcmd($gencmd) != 0) {
- $msg = "$::sdate servicenode: Could not install openssh.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
- #
- # run updatepkg to update RPM's reflection of the software
- # installed by installp - may already be done - but won't hurt!
- if (&runcmd("/usr/sbin/updtvpkg") != 0) {
- $msg = "$::sdate servicenode: Could not run updtvpkg.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
- # install rpms
- my $rpmcmd = "rpm -U /xcatpost/AIX/xcatpkgs/*.rpm";
- &runcmd($rpmcmd);
-
- # so conserver will start
- if (&runcmd("mkdir -p /var/log/consoles")!= 0) {
- $msg = "$::sdate servicenode: Could not make /var/log/consoles.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
- # makes it a service node
+ # makes it a service node
if (&runcmd("touch /etc/xCATSN") != 0 ) {
$msg = "$::sdate servicenode: Could not touch /etc/xCATSN\n";
`logger -t xcat $msg`;
- $error++;
}
- # call copycerts
- if (&runcmd("/opt/xcat/sbin/copycerts") != 0) {
- $msg = "$::sdate servicenode: Could not run copycerts.\n";
- `logger -t xcat $msg`;
- $error++;
- }
+ # make sure we don't have xCATMN file
+ if (-f "/etc/xCATMN") {
+ if (&runcmd("rm /etc/xCATMN") != 0 ) {
+ $msg = "$::sdate servicenode: Could not remove /etc/xCATMN\n";
+ `logger -t xcat $msg`;
+ }
+ }
- # copy the cfgloc file from /xcatpost
- if (&runcmd("mkdir -p /etc/xcat")!= 0) {
- $msg = "$::sdate servicenode: Could not make /etc/xcat directory.\n";
- `logger -t xcat $msg`;
- $error++;
- }
+ # get the xCAT credentials from the server
+ &getcreds;
- my $sedcmd = "sed -e 's/host=.*|xcatadmin/host=$servnode|xcatadmin/' /xcatpost/etc/xcat/cfgloc > /etc/xcat/cfgloc";
- if (&runcmd($sedcmd)!= 0) {
- $msg = "$::sdate servicenode: Could not copy cfgloc file.\n";
- `logger -t xcat $msg`;
- $error++;
- }
-
# start xcatd
if (&runcmd("/opt/xcat/sbin/xcatd &") != 0) {
$msg = "$::sdate servicenode: Could not start xcatd.\n";
`logger -t xcat $msg`;
- $error++;
}
- # TODO - add xcatd as system service???
- # mkssys -s xcatd -p /opt/xcat/sbin/xcatd -u 0 -K
-
# add xcatd to /etc/inittab???
- $mkitab_cmd = 'mkitab "xcatd:2:once:/opt/xcat/sbin/xcatd > /dev/console 2>&1"';
- # $mkitab_cmd = 'mkitab "xcatd:2:once:/usr/bin/startsrc -s xcatd > /dev/console 2>&1"';
+ my $mkitab_cmd = 'mkitab "xcatd:2:once:/opt/xcat/sbin/xcatd > /dev/console 2>&1"';
if (&runcmd($mkitab_cmd) != 0) {
- $msg = "$::sdate servicenode: Could not add xcatd to /etc/inittab.\n";
- `logger -t xcat $msg`;
- $error++;
+ # error might just mean that the entry is already there!
+
+ # $msg = "$::sdate servicenode: Could not add xcatd to /etc/inittab.\n";
+ # `logger -t xcat $msg`;
}
# do nim master setup - master fileset already installed
if (&runcmd("nim_master_setup -a mk_resource=no") != 0) {
$msg = "$::sdate servicenode: Could not run nim_master_setup.\n";
`logger -t xcat $msg`;
- $error++;
}
- if ($error > 0) {
- return $error;
- }
+ #
+ # TODO - can configure NIM to use SSL - "nimconfig -c"
+ # !!!!! can't do diskless nodes w/ nimsh & SSL enabled!!!!
+ #
return 0;
}
+
+#####################################################
+#
+# getcreds
+# Get xCAT credentials and DB cfgloc file
+#
+#####################################################
+sub getcreds
+{
+ my $response=&getresponse("xcat_client_cred");
+ if (defined ($response) ) {
+ my $fd;
+ my $filename = "/.xcat/client-cred.pem";
+ &runcmd("mkdir -p /.xcat");
+ &runcmd("chmod 700 /.xcat > /dev/null 2>&1");
+ open($fd, '>',$filename);
+ print $fd $response;
+ close($fd);
+
+ # set the permissions
+ my $cmd = "chmod 600 $filename > /dev/null 2>&1";
+ &runcmd($cmd);
+ }
+ else {
+ $msg = "$::sdate servicenode: Could not get client-cred.pem file.\n";
+ `logger -t xcat $msg`;
+ }
+
+ my $response=&getresponse("xcat_server_cred");
+ if (defined ($response) ) {
+ my $fd;
+ my $filename = "/etc/xcat/cert/server-cred.pem";
+ &runcmd("mkdir -p /etc/xcat/cert");
+ open($fd, '>',$filename);
+ print $fd $response;
+ close($fd);
+
+ # set the permissions
+ my $cmd = "chmod 600 /etc/xcat/cert/* > /dev/null 2>&1";
+ &runcmd($cmd);
+ }
+ else {
+ $msg = "$::sdate servicenode: Could not get server-cred.pem file.\n";
+ `logger -t xcat $msg`;
+ }
+
+ my $response=&getresponse("xcat_cfgloc");
+ if (defined ($response) ) {
+ # need to change entry to use the name of the server as
+ # know by this node
+ my ($begin, $tmp) = split(';', $response);
+ my ($tmp2, $end, $end2) = split('\|', $tmp);
+ my ($tmp3, $oldserv) = split('=', $tmp2);
+ my $newstr = "$begin;$tmp3=$::servnode|$end|$end2";
+ my $fd;
+ my $filename = "/etc/xcat/cfgloc";
+ &runcmd("mkdir -p /etc/xcat");
+ open($fd, '>',$filename);
+ print $fd $newstr;
+ close($fd);
+
+ # set the permissions
+ my $cmd = "chmod 600 $filename > /dev/null 2>&1";
+ &runcmd($cmd);
+ }
+ else {
+ $msg = "$::sdate servicenode: Could not get cfgloc file.\n";
+ `logger -t xcat $msg`;
+ }
+
+ return 0;
+}
+
+#####################################################
+#
+# getresponse
+# Request info from xcatd on the management node
+#
+# - uses SSL socket on port 3001 to connect to MN xcatd
+# to make the request for info
+#
+#####################################################
+sub getresponse
+{
+ my ($req) = @_;
+
+ my $port = "3001";
+
+ # open listener connection to wait for check from management node
+ my $lpid = &openlistener();
+
+ # open a socket to request credentials
+ my $sock = IO::Socket::SSL->new(
+ PeerAddr => $::servnode,
+ PeerPort => $port,
+ Proto => 'tcp',
+ );
+
+ unless ($sock) {
+ my $msg = "servicenode: Cannot connect to host \'$::servnode\'\n";
+ `logger -t xcat $msg`;
+ print $msg;
+ return undef;
+ }
+
+ # request must be in XML format
+ print $sock "\n";
+ print $sock " getcredentials\n";
+ print $sock " $req\n";
+ print $sock " 300\n";
+ print $sock "\n";
+
+#TODO - do we have to try again after waiting for a bit????
+ my $response='';
+ my $line;
+ while (defined ($line = <$sock>)) {
+ # skip xml tags
+ next if ($line =~ /^\s*);
+
+ # once we get to serverdone we have the whole response
+ if ($line =~ m/<\/serverdone>/) {
+ last:
+ }
+ $response .= $line;
+ }
+
+ close ($sock);
+#print "resp = \'$response\'\n";
+
+ kill 2, $lpid;
+ if ($response) {
+ return $response;
+ }
+ return undef;
+}
+
+#####################################################
+#
+# openlistener
+# - fork a child process to respond to a check from the MN
+#
+#####################################################
+sub openlistener
+{
+ my $node = $ENV{'NODE'};
+
+ # fork a child process to open a socket to listen for communication
+ # from the server
+ my $pid = xCAT::Utils->xfork;
+ unless (defined $pid) {
+ # fork failed
+ $msg = "servicenode: Could not fork process.\n";
+ `logger -t xcat $msg`;
+ #print $msg;
+ return undef;
+ }
+
+ if ($pid != 0) {
+ # This is the parent process, just return
+ return $pid;
+ }
+
+ my $listener = IO::Socket::INET->new(
+ LocalPort => '300',
+ Proto => 'tcp',
+ Listen => '64',
+ Reuse => 1
+ );
+
+ unless ($listener) {
+ my $msg = "servicenode: Cannot open socket on \'$node\'\n";
+ `logger -t xcat $msg`;
+ print $msg;
+ exit 1;
+ }
+
+ # xcatd sends a quick req to see if we are really asking
+ # for info - this listener checks for the req and says ok
+ my $client;
+ while ($client = $listener->accept()) {
+ # $client is the new connection
+ my $text=<$client>;
+
+ # see if we got "CREDOKBYYOU?"
+ if ($text =~ /CREDOKBYYOU?/) {
+ print $client "CREDOKBYME";
+ close($client);
+ close($listener);
+ exit 0;
+ }
+ close($client);
+ }
+ close($client);
+ close($listener);
+ exit 0;
+}
diff --git a/xCAT/postscripts/xcataixpost b/xCAT/postscripts/xcataixpost
index cdc9438f9..2910d0da8 100755
--- a/xCAT/postscripts/xcataixpost
+++ b/xCAT/postscripts/xcataixpost
@@ -20,7 +20,7 @@ if (!-d $logdir) {
}
$::sdate = `/bin/date`;
-chomp $sdate;
+chomp $::sdate;
my $logfile = $logdir . "/xcat.log";
# this log should not contain much so it might be ok to let it grow?
@@ -28,27 +28,41 @@ my $logfile = $logdir . "/xcat.log";
open(LOGFILE,">>",$logfile);
$::LOG_FILE = \*LOGFILE;
-
# get hostname
$::shorthost = `hostname -s`;
chomp $::shorthost;
-# get the name of my service node/NIM master from the /etc/niminfo file
-if (-f "/etc/niminfo") {
- $cmd = "cat /etc/niminfo | grep 'NIM_MASTER_HOSTNAME'";
- &runcmd($cmd);
- my $SNline = $::outref;
+my $servnode;
+if (-f "/etc/xcatinfo") {
+ # if this file exists assume it has the correct server name
+ my $cmd = "cat /etc/xcatinfo | grep 'XCATSERVER'";
+ &runcmd($cmd);
+ my $SNline = $::outref;
my $junk;
- ($junk, $servnode) = split(/=/, $SNline);
- $servnode =~ s/^\s*//;
- chomp $servnode;
-
+ ($junk, $servnode) = split(/=/, $SNline);
} else {
- print "$::sdate xcataixpost: Could not find /etc/niminfo file.\n";
- print $::LOG_FILE "$::sdate xcataixpost: Could not find /etc/niminfo file.\n";
- close($::LOG_FILE);
- exit 1;
+ # get the name of my service node/NIM master from the /etc/niminfo file
+ if (-f "/etc/niminfo") {
+ $cmd = "cat /etc/niminfo | grep 'NIM_MASTER_HOSTNAME'";
+ &runcmd($cmd);
+ my $SNline = $::outref;
+ my $junk;
+ ($junk, $servnode) = split(/=/, $SNline);
+
+ # save the servnode from niminfo in xcatinfo
+ my $xcatinfo="/etc/xcatinfo";
+ open(XCATINFO,">",$xcatinfo);
+ print XCATINFO "XCATSERVER=$servnode\n";
+ close(XCATINFO);
+ } else {
+ print "$::sdate xcataixpost: Could not find /etc/niminfo file.\n";
+ print $::LOG_FILE "$::sdate xcataixpost: Could not find /etc/niminfo file.\n";
+ close($::LOG_FILE);
+ exit 1;
+ }
}
+$servnode =~ s/^\s*//;
+chomp $servnode;
# create the xcatpost dir
my $cmd = "mkdir -p /xcatpost";
@@ -59,28 +73,37 @@ if (&runcmd($cmd) != 0) {
exit 1;
}
-# save the name of the xCAT server in case the /etc/niminfo file
-# gets overwritten
-my $xcatinfo="/etc/xcatinfo";
-open(XCATINFO,">",$xcatinfo);
-print XCATINFO "XCATSERVER=$servnode\n";
-close(XCATINFO);
-
-
# get the contents of the /install/postscripts dir on the server
-my $rcpcmd;
-if ((@ARGV==0) || ($ARGV[0] != 2)) {
- $rcpcmd= "rcp -r $servnode:/install/postscripts/* /xcatpost";
-} else {
- #when argv[1]=2, there is only one postscript file, user wants only download it to save time
- $rcpcmd= "rcp $servnode:/install/postscripts/$ARGV[1] /xcatpost";
+# - mount dir from server and copy files
+my $mcmd = "mkdir -p /xcatmnt; mount $servnode:/install/postscripts /xcatmnt";
+if (&runcmd($mcmd) != 0) {
+ print "$::sdate xcataixpost: Could not mount /install/postscripts from $servnode.\n";
+ print $::LOG_FILE "$::sdate xcataixpost: Could not mount /install/postscripts from $servnode.\n";
+ close($::LOG_FILE);
+ exit 1;
}
-if (&runcmd($rcpcmd) != 0) {
- print "$::sdate xcataixpost: Could not rcp file from $servnode.\n";
- print $::LOG_FILE "$::sdate xcataixpost: Could not rcp file from $servnode.\n";
- close($::LOG_FILE);
- exit 1;
+if ((@ARGV==0) || ($ARGV[0] != 2)) {
+ my $cpcmd = "cp -r /xcatmnt /xcatpost >/dev/null 2>&1";
+} else {
+ # when argv[1]=2, there is only one postscript file,
+ # user wants only download it to save time
+ $cpcmd= "cp /xcatmnt/postscripts/$ARGV[1] /xcatpost >/dev/null 2>&1";
+}
+
+if (&runcmd($cpcmd) != 0) {
+ print "$::sdate xcataixpost: Could not copy postscripts to /xcatpost.\n";
+ print $::LOG_FILE "$::sdate xcataixpost: Could not copy postscripts to /xcatpost.\n";
+ close($::LOG_FILE);
+ exit 1;
+}
+
+my $ucmd = "umount /xcatmnt; rmdir /xcatmnt";
+if (&runcmd($ucmd) != 0) {
+ print "$::sdate xcataixpost: Could not unmount /install.\n";
+ print $::LOG_FILE "$::sdate xcataixpost: Could not unmount /install/postscripts.\n";
+ close($::LOG_FILE);
+ exit 1;
}
# request the xCAT postscript for this particular node
@@ -129,7 +152,6 @@ if (-f $scriptname)
print $::LOG_FILE "$::sdate xcataixpost: Could not find post script for $::shorthost.\n";
}
-
if (@ARGV<1) {
if (&updateflag($nodesetstat) != 0) {
print "$::sdate xcataixpost: Failed to update the xCAT server.\n";
@@ -140,6 +162,15 @@ if (@ARGV<1) {
print "returned";
}
+# Set the local password - if provided
+my $rpd = $ENV{'ROOTPW'};
+if ($rpd) {
+ my $pwcmd = qq~echo "root:$rpd" | /bin/chpasswd -c >/dev/null 2>&1~;
+ if (&runcmd($pwcmd) != 0) {
+ $msg = "$::sdate xcataixpost: Could not set password.\n";
+ `logger -t xcat $msg`;
+ }
+}
close($::LOG_FILE);
@@ -170,6 +201,7 @@ sub getmypost {
if (!open(POSTSCRIPT, ">$scriptname") ) {
print "$::sdate xcataixpost: Could not open $scriptname.\n";
print $::LOG_FILE "$::sdate xcataixpost: Could not open $scriptname.\n";
+ close $remote;
return 1;
}
@@ -180,6 +212,7 @@ sub getmypost {
next;
}
print POSTSCRIPT "$line\n";
+#print "xcataixpost: line = \'$line\'\n";
}
close(POSTSCRIPT);
close $remote;
@@ -237,8 +270,8 @@ sub runcmd
$rc = $? >> 8;
if ($rc > 0)
{
- print "$::sdate xcataixpost: $::outref\n";
- print $::LOG_FILE "$::sdate xcataixpost: $::outref\n";
+ # print "$::sdate xcataixpost: $::outref\n";
+ # print $::LOG_FILE "$::sdate xcataixpost: $::outref\n";
}
}
return $rc;