diff --git a/xCAT-genesis-scripts/bin/allowcred.awk b/xCAT-genesis-scripts/bin/allowcred.awk
new file mode 100755
index 000000000..341138d3e
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/allowcred.awk
@@ -0,0 +1,15 @@
+#!/usr/bin/awk -f
+BEGIN {
+ listener = "/inet/tcp/300/0/0"
+ quit = "no"
+
+
+ while (match(quit,"no")) {
+ while ((listener |& getline) > 0) {
+ if (match($0,"CREDOKBYYOU?")) {
+ print "CREDOKBYME" |& listener
+ }
+ }
+ close(listener)
+ }
+}
diff --git a/xCAT-genesis-scripts/bin/bmcsetup b/xCAT-genesis-scripts/bin/bmcsetup
new file mode 100755
index 000000000..cc293d3a5
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/bmcsetup
@@ -0,0 +1,348 @@
+# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
+#
+# Raw commands to set BMCs to defaults
+# dx320
+# 0x2e 0x10 0x4d 0x4f 0x00 0xff
+#
+# dx340
+# 0x30 0x13 0xff 0x00 0x00 0x00
+#
+# dx360/x3450
+# 0x30 0x02 0x43 0x4c 0x52 0xaa
+# 0x08 0x00 0x49 0x4e 0x54 0x45 0x4c
+# 0x08 0x04
+#
+allowcred.awk &
+CREDPID=$!
+sleep 5
+modprobe ipmi_si
+modprobe ipmi_devintf
+IPCFGMETHOD=static
+while [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; do
+ while ! getipmi
+ do
+ echo "Retrying retrieval of IPMI settings from server"
+ done
+ TIMEOUT=15
+ BMCIP=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ BMCVLAN=`grep taggedvlan /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ if [ -z "$BMCVLAN" ]; then BMCVLAN=off; fi
+ BMCGW=`grep gateway /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ BMCNM=`grep netmask /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ BMCUS=`grep username /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ BMCPW=`grep password /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ IPCFGMETHOD=`grep ipcfgmethod /tmp/ipmicfg.xml|awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ if [ -z "$IPCFGMETHOD" ]; then
+ IPCFGMETHOD="static"
+ fi
+ if [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; then
+ echo "FAILED TO RETRIEVE SETTINGS, RETRYING in 15 seconds"
+ sleep 15
+ fi
+done
+kill $CREDPID
+NUMBMCS=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'|wc -l`
+IPMIVER=`ipmitool mc info|grep ^IPMI|awk '{print $4}'`
+IPMIMFG=`ipmitool mc info|grep "^Manufacturer ID"|awk '{print $4}'`
+if [ "$IPMIMFG" == 2 ]; then #IBM
+ XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
+ if [ "$XPROD" == "220" ]; then
+ LOCKEDUSERS=1
+ BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ if [ ! -z "$BMCPORT" ]; then
+ let idev=NUMBMCS-1
+ for p in $BMCPORT; do
+ ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
+ ipmitool -d $idev raw 0x04 0x12 0x09 0x01 0x18 0x${p}1 0x00 > /dev/null
+ let idev=idev-1
+ done
+ fi
+ elif [ "$XPROD" == "291" ]; then
+ LOCKEDUSERS=1
+ else
+ IBMFAM=`ipmitool raw 0x3a 0x50 |head -n 1| awk '{print $1 $2 $3 $4}'`
+ if [ "$IBMFAM" == "59554f4f" ]; then
+ BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ if [ ! -z "$BMCPORT" ]; then
+ let idev=NUMBMCS-1
+ for p in $BMCPORT; do
+ ipmitool -d $idev raw 0xc 1 1 0xc0 $BMCPORT > /dev/null
+ let idev=idev-1
+ done
+ fi
+ fi
+ fi
+elif [ "$IPMIMFG" == 20301 ] ; then
+ XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
+ IBMVPDV=`ipmitool raw 0x3a 0xb 2 0 16 1`
+ if [ $IBMVPDV -eq 2 ]; then
+ ISITE=1;
+ fi
+ LOCKEDUSERS=1
+ BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
+ if [ ! -z "$BMCPORT" ]; then
+ let idev=NUMBMCS-1
+ for p in $BMCPORT; do
+ ipmitool -d $idev raw 0xc 1 1 0xc0 $BMCPORT > /dev/null
+ NEWPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0|awk '{print $2}'`
+ sleep 10
+
+ let idev=idev-1
+ done
+ fi
+fi
+echo -n "Auto detecting LAN channel..."
+
+for LANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do
+ if ipmitool channel info $LANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $LANCHAN 5 0 0 > /dev/null 2>&1;
+ then break;
+ fi;
+ echo -n "."
+done
+echo "Detected LAN channel $LANCHAN"
+
+let idev=NUMBMCS
+if [ $IPCFGMETHOD="static" ]; then
+ while [ $idev -gt 0 ]; do
+ let idev=idev-1
+ TRIES=0
+ while ! ipmitool -d $idev lan set $LANCHAN ipsrc static; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ done
+ let idev=NUMBMCS-1
+ for b in $BMCIP; do
+ TRIES=0
+ while ! ipmitool -d $idev lan set $LANCHAN ipaddr $b; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ let idev=idev-1
+ done
+ let idev=NUMBMCS-1
+ for m in $BMCNM; do
+ TRIES=0
+ while ! ipmitool -d $idev lan set $LANCHAN netmask $m; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ let idev=idev-1
+ done
+ TRIES=0
+ if [ ! -z "$BMCGW" ]; then
+ let idev=NUMBMCS-1
+ for g in $BMCGW; do
+ TRIES=0
+ while ! ipmitool -d $idev lan set $LANCHAN defgw ipaddr $g; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ let idev=idev-1
+ done
+ TRIES=0
+ fi
+else
+ let idev=NUMBMCS
+ while [ $idev -gt 0 ]; do
+ let idev=idev-1
+ TRIES=0
+ while ! ipmitool -d $idev lan set $LANCHAN ipsrc $IPCFGMETHOD; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ done
+fi
+
+let idev=NUMBMCS
+while [ $idev -gt 0 ]; do
+ let idev=idev-1
+ TRIES=0
+ ipmitool -d $idev lan set $LANCHAN vlan id $BMCVLAN
+done
+
+let idev=NUMBMCS-1
+for bmcu in $BMCUS; do
+ if [ "$bmcu" = "" ]; then continue; fi
+DISABLEUSERS="1 2 3 4"
+if [ ! -z "$LOCKEDUSERS" ]; then
+ USERSLOT=`ipmitool -d $idev user list $LANCHAN |grep -v ^ID|awk '{print $1 " " $2}'|grep " $BMCUS"|awk '{print $1}'`
+ if [ -z "$USERSLOT" ]; then
+ USERSLOT=4
+ fi
+else
+ USERSLOT=2
+fi
+if [ "$ISITE" = 1 ]; then
+ while ! remoteimmsetup
+ do
+ echo "Waiting for xCAT remote configuration of service processor via CMM.."
+ done
+fi
+CURRENTUSER=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $2}'`
+DISABLEUSERS=`echo 1 2 3 4|sed -e s/$USERSLOT//`
+for user in $DISABLEUSERS; do
+ while ! ipmitool -d $idev user disable $user; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ TRIES=0
+done
+TRIES=0
+while ! ipmitool -d $idev user enable $USERSLOT; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+done
+TRIES=0
+# Last param in ipmitool user priv is the channel to set it on.
+# Penguin boxes are all channel 2
+CURRPRIV=`ipmitool -d $idev user list 1|grep ^$USERSLOT|awk '{print $6}'`
+if [ "$CURRPRIV" != "ADMINISTRATOR" ]; then
+ while ! ipmitool -d $idev user priv $USERSLOT 4 $LANCHAN; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ TRIES=0
+fi
+TRIES=0
+while ! ipmitool -d $idev channel setaccess $LANCHAN $USERSLOT link=on; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+done
+TRIES=0
+if [ "$CURRENTUSER" != "$bmcu" ]; then
+ while ! ipmitool -d $idev user set name $USERSLOT $bmcu; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+fi
+let idev=idev-1
+done
+let idev=NUMBMCS-1
+for bmcp in $BMCPW; do
+ if [ "$bmcp" = "" ]; then continue; fi
+TRIES=0
+while ! ipmitool -d $idev user set password $USERSLOT $bmcp; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+done
+TRIES=0
+echo "Set up following user table: "
+ipmitool -d $idev user list $LANCHAN
+let idev=idev-1
+done
+
+let idev=NUMBMCS
+while [ $idev -gt 0 ]; do
+let idev=idev-1
+
+
+echo -n "Enabling Channel $LANCHAN: "
+while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x42 0x44 > /dev/null; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+done
+TRIES=0
+while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x82 0x84 > /dev/null; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+done
+if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
+TRIES=0
+
+echo -n "Enabling ARP responses: "
+while ! ipmitool -d $idev lan set $LANCHAN arp respond on > /dev/null; do
+ sleep 1
+ let TRIES=TRIES+1
+ echo -n .
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+done
+if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
+TRIES=0
+
+echo -n "Enabling IPMI v 1.5 MD5 LAN access:"
+while ! ipmitool -d $idev lan set $LANCHAN auth admin md5 > /dev/null; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+done
+if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
+TRIES=0
+if [ ! "$IPMIVER" == "1.5" ]; then
+ echo -n "Enabling IPMI v 2.0 LAN access: "
+ #two goals here, make sure cipher suite 0 does not work as it is insecure
+ #mae sure cipher suite 3 does work because we will use it
+ #leave every thing else alone.
+ ACCESS=`ipmitool raw 0xc 2 1 24 0 0 `
+ NEWACCESS=""
+ i=0
+ for elem in $ACCESS; do
+ if [ $i = 2 ]; then
+ NEWACCESS=`printf "$NEWACCESS 0x%02x" $((0x$elem&0xf0))`
+ elif [ $i = 3 ]; then
+ NEWACCESS=`printf "$NEWACCESS 0x%02x" $((0x$elem|0x44))`
+ elif [ $i != 0 ]; then
+ NEWACCESS="$NEWACCESS 0x$elem"
+ fi
+ i=$((i+1))
+ done
+ if ipmitool raw 0xc 1 1 24 $NEWACCESS > /dev/null; then
+ echo OK
+ else
+ echo ERROR
+ fi
+
+
+ TRIES=0
+
+ echo -n "Enabling SOL for channel $LANCHAN:"
+ while ! ipmitool -d $idev raw 0xc 0x21 $LANCHAN 0x1 0x1 > /dev/null; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
+ TRIES=0
+
+ echo -n "Enabling SOL for $BMCUS:"
+ while ! ipmitool -d $idev raw 6 0x4c $LANCHAN $USERSLOT 2 0 0 0 > /dev/null; do
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
+ echo -n "Putting SOL on channel $LANCHAN:"
+ while ! OUTPUT=`ipmitool -d $idev raw 0xc 0x21 $LANCHAN 7 $LANCHAN 2>&1 > /dev/null`; do
+ if echo $OUTPUT|grep "Unknown (0x80)" > /dev/null; then
+ echo "Not Needed"
+ break
+ fi
+ sleep 1
+ let TRIES=TRIES+1
+ if [ $TRIES -gt $TIMEOUT ]; then break; fi
+ done
+ if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
+fi
+
+#frume.awk
+
+echo "Lighting Identify Light"
+while :
+ do ipmitool -d $idev raw 0 4 10 > /dev/null
+ sleep 7
+done &
+done
+
diff --git a/xCAT-genesis-scripts/bin/dodiscovery b/xCAT-genesis-scripts/bin/dodiscovery
new file mode 100755
index 000000000..c0e18b8c0
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/dodiscovery
@@ -0,0 +1,127 @@
+#!/bin/sh
+minixcatd.awk &
+PUBKEY=`openssl rsa -in /etc/xcat/privkey.pem -pubout 2> /dev/null|grep -v "PUBLIC KEY"`
+PUBKEY=`echo $PUBKEY|sed -e 's/ //g'`
+export PUBKEY
+
+echo "Beginning node discovery process"
+waitforlink=100
+while [ ! -z "$NICSTOBRINGUP" -a $waitforlink -gt 0 ]; do
+ NICSTOBRINGUP=`ip link|grep mtu|grep -v LOOPBACK|grep -v usb|grep -v ,LOWER_UP|awk -F: '{print $2}'`
+ waitforlink=$((waitforlink - 1))
+ sleep 0.1
+ if [ $waitforlink = 1 ]; then
+ echo "No link detected on $NICSTOBRINGUP"
+ fi
+done
+NICSGETTINGADDR=`ip link|grep mtu|grep -v LOOPBACK|grep -v usb|grep ,LOWER_UP|awk -F: '{print $2}'`
+timewaiting=0
+echo "Waiting for nics to get addresses"
+while [ ! -z "$NICSGETTINGADDR" -a $timewaiting != 700 ]; do
+ NEWNICSGETTINGADDR=""
+ for nic in $NICSGETTINGADDR; do
+ if ! ip addr show dev $nic |grep -v inet6|grep inet >/dev/null; then
+ NEWNICSGETTINGADDR="$NEWNICSGETTINGADDR $nic"
+ else
+ echo -n "$nic|"
+ ip addr show dev $nic |grep -v inet6|grep inet|sed -e s/\\/.*//|awk '{print $2}'
+ fi
+ done
+ sleep 0.1
+ timewaiting=$((timewaiting+1))
+ if [ $timewaiting = 699 ]; then
+ echo "No DHCP answer for $nic, ignoring interface"
+ fi
+ NICSGETTINGADDR=$NEWNICSGETTINGADDR
+done
+if [ $timewaiting != 700 -a $timewaiting -gt 450 ]; then
+ echo "Got an address, but it took inordinately long, you may want to check spanning tree configuration"
+fi
+echo "Network configuration complete, commencing transmit of discovery packets"
+XCATPORT=3001
+export XCATPORT
+for parm in `cat /proc/cmdline`; do
+ key=`echo $parm|awk -F= '{print $1}'`
+ if [ "$key" = "xcatd" ]; then
+ XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
+ XCATPORT=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $2}'`
+ fi
+done
+
+
+#time to make our packet...
+MTM=unknown
+SERIAL=unknown
+ARCH=unknown
+ARCH=`uname -m` #32-bit only is old news
+if [ -r /sys/devices/virtual/dmi/id/product_name ]; then #x86
+ PRODNAME=`cat /sys/devices/virtual/dmi/id/product_name`
+ IAMAVM=0
+ if [ "$PRODNAME" = "KVM" ]; then
+ IAMAVM=1
+ MTM=KVM
+ elif [ "$PRODNAME" = "VMware Virtual Platform" ]; then
+ IAMAVM=1
+ MTM=VMware
+ else
+ MTM=`cat /sys/devices/virtual/dmi/id/product_name|awk -F'[' '{print $2}'|awk -F']' '{print $1}'`
+ SERIAL=`cat /sys/devices/virtual/dmi/id/product_serial`
+ fi
+elif [ -r /proc/device-tree/model ]; then #POWER
+ MTM=`cat /proc/device-tree/model |awk -F, '{print $2}'`
+fi
+CPUCOUNT=`cat /proc/cpuinfo |grep "model name"|wc -l`
+MEMORY=`cat /proc/meminfo |grep MemTotal|awk '{print $2}'`
+UUID=`sed -e 's/\(..\)\(..\)\(..\)\(..\)-\(..\)\(..\)-\(..\)\(..\)/\4\3\2\1-\6\5-\8\7/' /sys/devices/virtual/dmi/id/product_uuid`
+grep "model name" /proc/cpuinfo | while read line; do #to avoid pulling in tail, we do a goofy thing
+ echo $line > /tmp/cpumod
+done
+CPUTYPE=`cat /tmp/cpumod|awk -F':' '{print $2}'|sed -e 's/^ //'`
+echo '' > /tmp/discopacket
+echo "findme" >> /tmp/discopacket
+echo "$ARCH" >> /tmp/discopacket
+if [ "$IAMAVM" = 1 ]; then
+ echo "virtual" >> /tmp/discopacket
+fi
+echo "$CPUCOUNT" >> /tmp/discopacket
+echo "$CPUTYPE" >> /tmp/discopacket
+echo "$MEMORY" >> /tmp/discopacket
+echo "$UUID" >> /tmp/discopacket
+if [ "$MTM" != "unknown" ]; then
+ echo "$MTM" >> /tmp/discopacket
+fi
+if [ "$SERIAL" != "unknown" ]; then
+ echo "$SERIAL" >> /tmp/discopacket
+fi
+for dev in `ip link|grep -B1 ether|grep UP|awk '{print $2}'|sed -e s/://`; do
+ DRIVER=`grep DRIVER /sys/class/net/$dev/device/uevent|awk -F= '{print $2}'`
+ ADDRESS=`ip address show dev $dev|grep "inet "|grep global|awk '{print $2}'`
+ MAC=`ip link show dev $dev|grep ether|awk '{print $2}'| tr /a-f/ /A-F/`
+ echo "$DRIVER|$dev|$MAC|$ADDRESS" >> /tmp/discopacket
+done
+echo "$PUBKEY" >> /tmp/discopacket #this is not secure to use by itself, switch sourced pubkey for security
+echo "" >> /tmp/discopacket
+echo "" >> /tmp/discopacket
+echo "" >> /tmp/discopacket
+openssl dgst -sha512 -out /tmp/discopacket.sha512 -sign /etc/xcat/privkey.pem /tmp/discopacket
+openssl enc -e -a -in /tmp/discopacket.sha512 > /tmp/discopacket.b64sig
+cat /tmp/discopacket |while read line; do
+ if [ "$line" = "" ]; then
+ cat /tmp/discopacket.b64sig >> /tmp/discopacket.new
+ fi
+ echo $line >> /tmp/discopacket.new
+done
+mv /tmp/discopacket.new /tmp/discopacket
+
+
+while [ ! -r /restart ]; do
+ if [ ! -z "$XCATMASTER" ]; then
+ (cat /tmp/discopacket | udpcat.awk $XCATMASTER $XCATPORT ) &
+ fi
+ for dhcps in `grep dhcp-server /var/lib/dhclient/dhclient.leases|awk '{print $4}'|sed -s 's/;//'`; do
+ (cat /tmp/discopacket | udpcat.awk $dhcps $XCATPORT ) &
+ done
+ #cat /tmp/discopacket
+ sleep 5
+done
+/bin/restart
diff --git a/xCAT-genesis-scripts/bin/doxcat b/xCAT-genesis-scripts/bin/doxcat
new file mode 100755
index 000000000..9f682a20d
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/doxcat
@@ -0,0 +1,173 @@
+if [ ! -z "$BOOTIF" ]; then
+ BOOTIF=`echo $BOOTIF|sed -e s/01-// -e s/-/:/g`
+ echo -n "Waiting for device with address $BOOTIF to appear.."
+ gripeiter=6000
+ while [ -z "$bootnic" ]; do
+ bootnic=`ip link show|grep -B1 $BOOTIF|grep mtu|awk '{print $2}'|sed -e 's/:$//'`
+ sleep 0.1
+ if [ $gripeiter = 0 ]; then
+ echo "ERROR"
+ echo "Unable to find boot device (maybe the nbroot is missing the driver for your nic?)"
+ while :; do sleep 365d; done
+ fi
+ gripeiter=$((gripeiter-1))
+ done
+fi
+echo "Done"
+if [ -z "$bootnic" ]; then
+ echo "ERROR: BOOTIF missing, can't detect boot nic"
+fi
+
+if [ -r /sys/devices/virtual/dmi/id/product_uuid ]; then
+ duid='default-duid "\\000\\004';
+ #product_uuid in sysfs fails to cope with endianness of SMBIOS 2.6, unconditionnaly swap. Technically leads to incorrect DUID in 'older' systems but matches MS behavior
+ for i in `sed -e 's/\(..\)\(..\)\(..\)\(..\)-\(..\)\(..\)-\(..\)\(..\)/\4\3\2\1-\6\5-\8\7/;s/-//g;s/\(..\)/\1 /g' /sys/devices/virtual/dmi/id/product_uuid`; do
+ octnum="\\"`printf "\\%03o" 0x$i`
+ duid=$duid$octnum
+ done
+ duid=$duid'";'
+ echo $duid > /var/lib/dhclient/dhclient6.leases
+fi
+rpcbind
+rpc.statd
+ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C '' -N ''
+ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C '' -N ''
+echo 'Protocol 2' >> /etc/ssh/sshd_config
+/usr/sbin/sshd
+mkdir -p /etc/xcat
+mkdir -p /etc/pki/tls
+echo "[ req ]
+distinguished_name = nodedn
+
+[ nodedn ]" > /etc/pki/tls/openssl.cnf
+echo -n "Generating private key..."
+openssl genrsa -out /etc/xcat/privkey.pem 1024 >& /dev/null
+echo "Done"
+PUBKEY=`openssl rsa -in /etc/xcat/privkey.pem -pubout 2> /dev/null|grep -v "PUBLIC KEY"`
+PUBKEY=`echo $PUBKEY|sed -e 's/ //g'`
+export PUBKEY
+/sbin/rsyslogd -c4
+mkdir -p /var/lib/lldpad
+echo 'lldp :' >> /var/lib/lldpad/lldpad.conf
+echo '{' >> /var/lib/lldpad/lldpad.conf
+for iface in `ip link |grep -v '^ '|awk '{print $2}'|sed -e 's/:$//'|grep -v lo`; do
+echo "$iface :" >> /var/lib/lldpad/lldpad.conf
+echo "{" >> /var/lib/lldpad/lldpad.conf
+ echo "tlvid00000006 :" >> /var/lib/lldpad/lldpad.conf
+ echo "{" >> /var/lib/lldpad/lldpad.conf
+ echo info = '"'$PUBKEY'";' >> /var/lib/lldpad/lldpad.conf
+ echo 'enableTx = true;' >> /var/lib/lldpad/lldpad.conf
+ echo '};' >> /var/lib/lldpad/lldpad.conf
+ echo 'adminStatus = 3;' >> /var/lib/lldpad/lldpad.conf
+echo '};' >> /var/lib/lldpad/lldpad.conf
+done
+echo '};' >> /var/lib/lldpad/lldpad.conf
+lldpad -d
+dhclient -cf /etc/dhclient.conf -pf /var/run/dhclient.$bootnic.pid $bootnic &
+#we'll kick of IPv6 and IPv4 on all nics, but not wait for them to come up unless doing discovery, to reduce
+#chances that we'll perform a partial discovery
+#in other scenarios where downed non-bootnics cause issues, will rely on retries to fix things up
+dhclient -6 -pf /var/run/dhclient6.$bootnic.pid $bootnic -lf /var/lib/dhclient/dhclient6.leases &
+NICSTOBRINGUP=`ip link|grep mtu|grep -v LOOPBACK|grep -v $bootnic|grep -v usb|grep -v ,UP|awk -F: '{print $2}'`
+export NICSTOBRINGUP
+for nic in $NICSTOBRINGUP; do
+ dhclient -cf /etc/dhclient.conf -pf /var/run/dhclient.$nic.pid $nic &
+ dhclient -cf /etc/dhclient.conf -6 -pf /var/run/dhclient6.$nic.pid -lf var/lib/dhclient/dhclient6.leases $nic &
+done
+openssl genrsa -out /etc/xcat/certkey.pem 4096 > /dev/null 2>&1 &
+
+
+
+
+gripeiter=101
+echo -n "Acquiring network addresses.."
+while ! ip addr show dev $bootnic|grep -v 'scope link'|grep -v 'dynamic'|grep -v inet6|grep inet > /dev/null; do
+ sleep 0.1
+ if [ $gripeiter = 1 ]; then
+ echo
+ echo "It seems to be taking a while to acquire an IPv4 address, you may want to check spanning tree..."
+ fi
+ gripeiter=$((gripeiter-1))
+done
+echo -n "Acquired IPv4 address on $bootnic: "
+ip addr show dev $bootnic|grep -v 'scope link'|grep -v 'dynamic'|grep -v inet6|grep inet|awk '{print $2}'
+ntpd -g -x
+(while ! ntpq -c "rv 0 state"|grep 'state=4' > /dev/null; do sleep 1; done; hwclock --systohc) &
+if dmidecode|grep IPMI > /dev/null; then
+ modprobe ipmi_si
+ modprobe ipmi_devintf
+fi
+XCATPORT=3001
+export XCATPORT
+for parm in `cat /proc/cmdline`; do
+ key=`echo $parm|awk -F= '{print $1}'`
+ if [ "$key" = "xcatd" ]; then
+ XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
+ XCATPORT=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $2}'`
+ fi
+done
+if [ "$destiny" != "discover" ]; then #we aren't discoverying, we probably can and should get a cert
+ /bin/getcert $XCATMASTER:$XCATPORT
+fi
+while :; do
+ if [ -z "$destiny" ]; then
+ destiny=`getdestiny $XCATMASTER:$XCATPORT`
+ fi
+ destparameter=`echo $destiny|awk -F= '{print $2}'`
+ destiny=`echo $destiny|awk -F= '{print $1}'`
+ dest=`echo $destiny|awk '{print $1}'` #could probably use bash but oh well
+ if [ "$dest" = "discover" ]; then #skip a query to xCAT when /proc/cmdline will do
+ /bin/dodiscovery
+ /bin/getcert $XCATMASTER:$XCATPORT
+ destiny=''
+ dest=''
+ elif [ "$dest" = shell ]; then
+ echo "Dropping to debug shell, exit to check for further action"
+ destiny=''
+ dest=''
+ /bin/bash
+ elif [ "$dest" = runcmd ]; then
+ destiny=`/bin/nextdestiny $XCATMASTER:$XCATPORT`
+ dest=`echo $destiny|awk -F= '{print $1}'`
+ $destparameter
+ elif [ "$dest" = runimage ]; then
+ destiny=`/bin/nextdestiny $XCATMASTER:$XCATPORT`
+ dest=`echo $destiny|awk -F= '{print $1}'`
+ mkdir /tmp/`basename $destparameter`
+ cd /tmp/`basename $destparameter`
+ ERROR=`wget $destparameter 2>&1`
+ while [ $? == 1 ] && echo $ERROR|grep -v 416; do
+ sleep 10
+ ERROR=`wget -c $destparameter 2>&1`
+ done
+ tar xvf `basename $destparameter`
+ ./runme.sh
+ cd -
+ elif [ "$dest" = "reboot" -o "$dest" = "boot" ]; then
+ /bin/nextdestiny $XCATMASTER:$XCATPORT
+ reboot -f
+ elif [ "$dest" = "install" -o "$dest" = "netboot" ]; then
+ reboot -f
+ elif [ "$dest" = standby ]; then
+ destiny=''
+ dest=''
+ delay=$((30+$RANDOM%270))
+ while [ $delay -gt 0 ]; do
+ echo -en "Received request to retry in a bit, will call xCAT back in $delay seconds \r"
+ delay=$((delay-1))
+ sleep 1
+ done
+ echo "Retrying ";
+ else
+ echo "Unrecognized directive $dest"
+ destiny=''
+ dest=''
+ delay=$((30+$RANDOM%270))
+ while [ $delay -gt 0 ]; do
+ echo -en "Will retry in $delay seconds \r"
+ delay=$((delay-1))
+ sleep 1
+ done
+
+ fi
+done
diff --git a/xCAT-genesis-scripts/bin/getcert b/xCAT-genesis-scripts/bin/getcert
new file mode 100755
index 000000000..f00ffc5b9
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/getcert
@@ -0,0 +1,41 @@
+#!/bin/bash
+allowcred.awk &
+CREDPID=$!
+if [ -z "$XCATDEST" ]; then
+ XCATDEST=$1
+fi
+#retry in case certkey.pem is not right, yet
+while ! openssl req -new -key /etc/xcat/certkey.pem -out /tmp/tls.csr -subj "/CN=`hostname`" >& /dev/null; do
+ sleep 1
+done
+echo "
+getcredentials
+x509cert
+300
+" > /tmp/certreq.xml
+cat /tmp/tls.csr >> /tmp/certreq.xml
+echo "
+
+
+" >> /tmp/certreq.xml
+openssl dgst -sha512 -out /tmp/certreq.sha512 -sign /etc/xcat/privkey.pem /tmp/certreq.xml #chain off the switch published key
+openssl enc -e -a -in /tmp/certreq.sha512 > /tmp/certreq.b64sig
+cat /tmp/certreq.xml |while read line; do
+ if [ "$line" = "" ]; then
+ cat /tmp/certreq.b64sig >> /tmp/certreq.xml.new
+ fi
+ echo $line >> /tmp/certreq.xml.new
+done
+mv /tmp/certreq.xml.new /tmp/certreq.xml
+rm /tmp/certreq.b64sig /tmp/certreq.sha512
+cat /tmp/certreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/certresp.xml
+if grep 'BEGIN CERTIFICATE' /tmp/certresp.xml > /dev/null; then
+ awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/' < /tmp/certresp.xml > /etc/xcat/cert.pem
+ #stop transmitting sysDesc, allowing the public key to age out of validity
+ for iface in `grep '^ e' /var/lib/lldpad/lldpad.conf|awk '{print $1}' `; do
+ lldptool -T -i $iface -V sysDesc enableTx=no >& /dev/null
+ done
+fi
+rm /tmp/certreq.xml
+rm /tmp/certresp.xml
+kill $CREDPID
diff --git a/xCAT-genesis-scripts/bin/getdestiny b/xCAT-genesis-scripts/bin/getdestiny
new file mode 100755
index 000000000..15cfc1baa
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/getdestiny
@@ -0,0 +1,30 @@
+#!/bin/bash
+if [ -z "$XCATDEST" ]; then
+ XCATDEST=$1
+fi
+echo "
+getdestiny
+300
+" > /tmp/destreq.xml
+if [ -f /tmp/destiny.xml ]; then rm /tmp/destiny.xml; fi
+while [ ! -f /tmp/destiny.xml ] || grep error /tmp/destiny.xml; do
+ if [ -f /tmp/destiny.xml ]; then
+ timer=60
+ while [ $timer -gt 0 ]; do
+ echo -en "Retrying in $timer seconds \r" >&2
+ sleep 1
+ timer=$(($timer-1));
+ done
+ fi
+ echo " " >&2
+ if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
+ cat /tmp/destreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
+ else
+ cat /tmp/destreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
+ fi
+done
+rm /tmp/destreq.xml
+DESTINY=`grep '' /tmp/destiny.xml | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'`
+rm /tmp/destiny.xml
+echo $DESTINY
+
diff --git a/xCAT-genesis-scripts/bin/getipmi b/xCAT-genesis-scripts/bin/getipmi
new file mode 100755
index 000000000..5e9af2590
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/getipmi
@@ -0,0 +1,46 @@
+#!/bin/bash
+allowcred.awk &
+CREDPID=$!
+if [ -z "$XCATDEST" ]; then
+ XCATDEST=$1
+fi
+if [ -z "$XCATDEST" ]; then
+ for parm in `cat /proc/cmdline` ; do
+ if echo $parm |grep xcatd= > /dev/null; then
+ XCATDEST=`echo $parm |awk -F= '{print $2}'`
+ fi
+ done
+fi
+for LANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do
+ if ipmitool channel info $LANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $LANCHAN 5 0 0 > /dev/null 2>&1;
+ then break;
+ fi;
+done
+BMCMAC=`ipmitool lan print $LANCHAN|grep ^MAC|awk '{print $4}'` #bmcconfig may opt to use DHCP, if so we need to feed up the mac address
+#TODO: need a way to get the DUID the service processor may use, perhaps reserve that for 'ibmsetup' since spec doesn't touch ipv6?
+
+echo "
+getbmcconfig
+300
+$BMCMAC
+" > /tmp/bmcreq.xml
+rm /tmp/ipmicfg.xml
+while [ ! -f /tmp/ipmicfg.xml ] || grep error /tmp/ipmicfg.xml; do
+ if [ -f /tmp/ipmicfg.xml ]; then
+ timer=60
+ while [ $timer -gt 0 ]; do
+ sleep 1
+ echo -en "Retrying in $timer seconds \r"
+ timer=$(($timer-1));
+ done
+ fi
+ echo -en " \r";
+
+ if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
+ cat /tmp/bmcreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
+ else
+ cat /tmp/bmcreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
+ fi
+done
+rm /tmp/bmcreq.xml
+kill $CREDPID
diff --git a/xCAT-genesis-scripts/bin/minixcatd.awk b/xCAT-genesis-scripts/bin/minixcatd.awk
new file mode 100755
index 000000000..5f71623a2
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/minixcatd.awk
@@ -0,0 +1,18 @@
+#!/usr/bin/awk -f
+# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
+BEGIN {
+ port = 3001
+ listener = "/inet/tcp/" port "/0/0"
+ quit = "no"
+ while (match(quit,"no")) {
+ while (match(quit,"no") && (listener |& getline) > 0) {
+ if (match($0,"restart")) {
+ print "restarting bootstrap process" |& listener
+ quit="yes"
+ system("echo \"" $0 "\" > /restart")
+ close(listener)
+ }
+ }
+ close(listener)
+ }
+}
diff --git a/xCAT-genesis-scripts/bin/nextdestiny b/xCAT-genesis-scripts/bin/nextdestiny
new file mode 100755
index 000000000..193c811ef
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/nextdestiny
@@ -0,0 +1,29 @@
+#!/bin/bash
+if [ -z "$XCATDEST" ]; then
+ XCATDEST=$1
+fi
+echo "
+nextdestiny
+300
+" > /tmp/destreq.xml
+if [ -f /tmp/destiny.xml ]; then rm /tmp/destiny.xml; fi
+while [ ! -f /tmp/destiny.xml ] || grep error /tmp/destiny.xml; do
+ if [ -f /tmp/destiny.xml ]; then
+ timer=60
+ while [ $timer -gt 0 ]; do
+ echo -en "Retrying in $timer seconds \r" >&2
+ sleep 1
+ timer=$(($timer-1));
+ done
+ fi
+ echo " " >&2;
+ if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
+ cat /tmp/destreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
+ else
+ cat /tmp/destreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/destiny.xml
+ fi
+done
+rm /tmp/destreq.xml
+DESTINY=`grep destiny /tmp/destiny.xml | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'`
+rm /tmp/destiny.xml
+echo $DESTINY
diff --git a/xCAT-genesis-scripts/bin/remoteimmsetup b/xCAT-genesis-scripts/bin/remoteimmsetup
new file mode 100755
index 000000000..1b3c2d1f4
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/remoteimmsetup
@@ -0,0 +1,43 @@
+#!/bin/bash
+CREDPID=$!
+if [ -z "$XCATDEST" ]; then
+ XCATDEST=$1
+fi
+if [ -z "$XCATDEST" ]; then
+ for parm in `cat /proc/cmdline` ; do
+ if echo $parm |grep xcatd= > /dev/null; then
+ XCATDEST=`echo $parm |awk -F= '{print $2}'`
+ fi
+ done
+fi
+for LANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do
+ if ipmitool channel info $LANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $LANCHAN 5 0 0 > /dev/null 2>&1;
+ then break;
+ fi;
+done
+BMCMAC=`ipmitool lan print $LANCHAN|grep ^MAC|awk '{print $4}'` #bmcconfig may opt to use DHCP, if so we need to feed up the mac address
+#TODO: need a way to get the DUID the service processor may use, perhaps reserve that for 'ibmsetup' since spec doesn't touch ipv6?
+
+echo "
+remoteimmsetup
+$BMCMAC
+" > /tmp/bmcreq.xml
+rm /tmp/remsetup.xml
+while [ ! -f /tmp/remsetup.xml ] || grep error /tmp/ipmicfg.xml; do
+ if [ -f /tmp/remsetup.xml ]; then
+ timer=60
+ while [ $timer -gt 0 ]; do
+ sleep 1
+ echo -en "Retrying in $timer seconds \r"
+ timer=$(($timer-1));
+ done
+ fi
+ echo -en " \r";
+
+ if [ -f /etc/xcat/cert.pem -a -f /etc/xcat/certkey.pem ]; then #use client cert if available
+ cat /tmp/bmcreq.xml | openssl s_client -key /etc/xcat/certkey.pem -cert /etc/xcat/cert.pem -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
+ else
+ cat /tmp/bmcreq.xml | openssl s_client -connect $XCATDEST -quiet 2> /dev/null > /tmp/ipmicfg.xml
+ fi
+done
+rm /tmp/bmcreq.xml
diff --git a/xCAT-genesis-scripts/bin/udpcat.awk b/xCAT-genesis-scripts/bin/udpcat.awk
new file mode 100755
index 000000000..6a3c2c166
--- /dev/null
+++ b/xCAT-genesis-scripts/bin/udpcat.awk
@@ -0,0 +1,12 @@
+#!/usr/bin/awk -f
+# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
+BEGIN {
+ xcatdport = ARGV[2]
+ xcatdhost = ARGV[1]
+ delete ARGV[1]
+ delete ARGV[2]
+ RS=""
+}
+END {
+ print $0 |& "/inet/udp/301/"xcatdhost"/"xcatdport
+}
diff --git a/xCAT-genesis-scripts/xCAT-genesis-scripts.spec b/xCAT-genesis-scripts/xCAT-genesis-scripts.spec
new file mode 100644
index 000000000..2073bae6a
--- /dev/null
+++ b/xCAT-genesis-scripts/xCAT-genesis-scripts.spec
@@ -0,0 +1,63 @@
+%define version 2.8
+%ifarch i386 i586 i686 x86
+%define tarch x86
+%endif
+%ifarch x86_64
+%define tarch x86_64
+%endif
+%ifarch ppc ppc64
+%define tarch ppc64
+%endif
+BuildArch: noarch
+%define name xCAT-genesis-scripts-%{tarch}
+%define __spec_install_post :
+%define debug_package %{nil}
+%define __prelink_undo_cmd %{nil}
+Release: snap%(date +"%Y%m%d%H%M")
+Epoch: 1
+AutoReq: false
+Prefix: /opt/xcat
+AutoProv: false
+Obsoletes: xCAT-genesis-${tarch}
+
+
+
+Name: %{name}
+Version: %{version}
+Group: System/Utilities
+License: EPL
+Vendor: IBM Corp
+Summary: xCAT Genesis netboot image - Core content
+URL: http://xcat.org
+Source1: xCAT-genesis-scripts-%{tarch}.tar.bz2
+
+Buildroot: %{_localstatedir}/tmp/xCAT-genesis
+Packager: IBM Corp.
+
+%Description
+xCAT genesis (Genesis Enhanced Netboot Environment for System Information and Servicing) is a small, embedded-like environment for xCAT's use in discovery and management actions when interaction with an OS is infeasible.
+This package reperesents the EPL content that is more tightly bound to specific xcat-core versions
+%Prep
+
+
+%Build
+
+%Install
+rm -rf $RPM_BUILD_ROOT
+mkdir -p $RPM_BUILD_ROOT
+cd $RPM_BUILD_ROOT
+tar jxf %{SOURCE1}
+cd -
+
+
+%post
+if [ "$1" == "2" ]; then #only on upgrade, as on install it's probably not going to work...
+ if [ -f "/proc/cmdline" ]; then # prevent running it during install into chroot image
+ . /etc/profile.d/xcat.sh
+ mknb %{tarch}
+ fi
+fi
+
+%Files
+%defattr(-,root,root)
+/