diff --git a/xCAT-server/share/xcat/install/scripts/post.rh b/xCAT-server/share/xcat/install/scripts/post.rh index a1fcb2103..918787e9d 100644 --- a/xCAT-server/share/xcat/install/scripts/post.rh +++ b/xCAT-server/share/xcat/install/scripts/post.rh @@ -38,19 +38,11 @@ do #wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz if [ "$?" = "0" ] then - if [ -x /usr/sbin/stunnel -o -x /usr/bin/stunnel ]; then #Stop if no stunnel to help the next bit - echo client=yes > /etc/stunnel/stunnel.conf - echo foreground=yes >> /etc/stunnel/stunnel.conf - echo output=/dev/null >> /etc/stunnel/stunnel.conf - echo verify=0 >> /etc/stunnel/stunnel.conf - echo '[xcatd]' >> /etc/stunnel/stunnel.conf - echo accept=400 >> /etc/stunnel/stunnel.conf - echo connect=$i:3001 >> /etc/stunnel/stunnel.conf - - stunnel & - STUN_PID=$! - sleep 1 + if [ ! -x /usr/bin/openssl ]; then #Stop if no openssl to help the next bit + exit 1 fi + XCATSERVER=$i:3001 + export XCATSERVER mv $i/postscripts /xcatpost rm -rf $i chmod +x /xcatpost/* @@ -92,5 +84,4 @@ updateflag.awk $MASTER 3002 cd / rm -Rf /xcatpost rm -f /tmp/mypostscript -rm -f /etc/stunnel/stunnel.conf exit 0 diff --git a/xCAT-server/share/xcat/install/scripts/post.rh.iscsi b/xCAT-server/share/xcat/install/scripts/post.rh.iscsi index df89c0d5e..1f3141cd1 100644 --- a/xCAT-server/share/xcat/install/scripts/post.rh.iscsi +++ b/xCAT-server/share/xcat/install/scripts/post.rh.iscsi @@ -38,19 +38,11 @@ do #wget --wait=10 --random-wait --waitretry=10 --retry-connrefused -t 0 -T 60 http://$i/install/autoinst/xcatpost.tar.gz if [ "$?" = "0" ] then - if [ -x /usr/sbin/stunnel -o -x /usr/bin/stunnel ]; then #Stop if no stunnel to help the next bit - echo client=yes > /etc/stunnel/stunnel.conf - echo foreground=yes >> /etc/stunnel/stunnel.conf - echo output=/dev/null >> /etc/stunnel/stunnel.conf - echo verify=0 >> /etc/stunnel/stunnel.conf - echo '[xcatd]' >> /etc/stunnel/stunnel.conf - echo accept=400 >> /etc/stunnel/stunnel.conf - echo connect=$i:3001 >> /etc/stunnel/stunnel.conf - - stunnel & - STUN_PID=$! - sleep 1 + if [ ! -x /usr/bin/openssl ]; then #Stop if no openssl to help the next bit + exit 1; fi + XCATSERVER=$i:3001 + export XCATSERVER mv $i/postscripts /xcatpost rm -rf $i chmod +x /xcatpost/* @@ -91,5 +83,4 @@ uploadboot cd / rm -Rf /xcatpost rm -f /tmp/mypostscript -rm -f /etc/stunnel/stunnel.conf exit 0 diff --git a/xCAT-server/share/xcat/install/scripts/post.sles b/xCAT-server/share/xcat/install/scripts/post.sles index 773b0fcf0..ad9a89b04 100644 --- a/xCAT-server/share/xcat/install/scripts/post.sles +++ b/xCAT-server/share/xcat/install/scripts/post.sles @@ -67,20 +67,11 @@ do wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/postscripts if [ "$?" = "0" ] then - mkdir -p /var/stunnel - if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit - echo client=yes > /etc/stunnel/stunnel.conf - echo foreground=no >> /etc/stunnel/stunnel.conf - echo output=/dev/null >> /etc/stunnel/stunnel.conf - echo verify=0 >> /etc/stunnel/stunnel.conf - echo '[xcatd]' >> /etc/stunnel/stunnel.conf - echo accept=400 >> /etc/stunnel/stunnel.conf - echo connect=$i:3001 >> /etc/stunnel/stunnel.conf - - stunnel - STUN_PID=$! - sleep 1 + if [ ! -x /usr/bin/openssl ]; then #Stop if no openssl to help the next bit + exit 1 fi + XCATSERVER=$i:3001 + export XCATSERVER mv $i/postscripts /xcatpost rm -rf $i chmod +x /xcatpost/* @@ -112,7 +103,6 @@ cd / /xcatpost/#TABLE:nodelist:$NODE:node# rm -Rf /xcatpost rm -f /tmp/mypostscript -rm -f /etc/stunnel/stunnel.conf rmdir /xcatpost ]]> diff --git a/xCAT-server/share/xcat/install/scripts/post.sles.iscsi b/xCAT-server/share/xcat/install/scripts/post.sles.iscsi index 2a81e8e21..13dbf85d0 100644 --- a/xCAT-server/share/xcat/install/scripts/post.sles.iscsi +++ b/xCAT-server/share/xcat/install/scripts/post.sles.iscsi @@ -41,20 +41,11 @@ do wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/postscripts if [ "$?" = "0" ] then - mkdir -p /var/stunnel - if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit - echo client=yes > /etc/stunnel/stunnel.conf - echo foreground=no >> /etc/stunnel/stunnel.conf - echo output=/dev/null >> /etc/stunnel/stunnel.conf - echo verify=0 >> /etc/stunnel/stunnel.conf - echo '[xcatd]' >> /etc/stunnel/stunnel.conf - echo accept=400 >> /etc/stunnel/stunnel.conf - echo connect=$i:3001 >> /etc/stunnel/stunnel.conf - - stunnel - STUN_PID=$! - sleep 1 + if [ ! -x /usr/bin/openssl ]; then #Stop if no openssl to help the next bit + exit 1 fi + XCATSERVER=$i:3001 + export XCATSERVER mv $i/postscripts /xcatpost rm -rf $i chmod +x /xcatpost/* @@ -86,7 +77,6 @@ cd / /xcatpost/#TABLE:nodelist:$NODE:node# rm -Rf /xcatpost rm -f /tmp/mypostscript -rm -f /etc/stunnel/stunnel.conf rmdir /xcatpost ]]> diff --git a/xCAT-server/share/xcat/install/scripts/post.sles11 b/xCAT-server/share/xcat/install/scripts/post.sles11 index f8daa837a..96b639aed 100644 --- a/xCAT-server/share/xcat/install/scripts/post.sles11 +++ b/xCAT-server/share/xcat/install/scripts/post.sles11 @@ -69,29 +69,11 @@ do if [ "$?" = "0" ] then if [ -x /usr/bin/openssl ]; then - USEOPENSSLFORXCAT=1 - export USEOPENSSLFORXCAT XCATSERVER=$i:3001 export XCATSERVER else - NODE_ARCH=#TABLE:nodetype:$NODE:arch# - wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/post/otherpkgs/sles11/$NODE_ARCH - rpm -ivh $i/post/otherpkgs/sles11/$NODE_ARCH/stunnel*.rpm - mkdir -p /usr/var/run/stunnel - mkdir -p /var/stunnel - if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit - echo client=yes > /etc/stunnel/stunnel.conf - echo foreground=no >> /etc/stunnel/stunnel.conf - echo output=/dev/null >> /etc/stunnel/stunnel.conf - echo verify=0 >> /etc/stunnel/stunnel.conf - echo '[xcatd]' >> /etc/stunnel/stunnel.conf - echo accept=400 >> /etc/stunnel/stunnel.conf - echo connect=$i:3001 >> /etc/stunnel/stunnel.conf - - stunnel - STUN_PID=$! - sleep 1 - fi + exit 1 + fi fi mv $i/postscripts /xcatpost rm -rf $i @@ -124,9 +106,6 @@ cd / /xcatpost/#TABLE:nodelist:$NODE:node# rm -Rf /xcatpost rm -f /tmp/mypostscript -if [ ! -x /usr/bin/stunnel ]; then - rm -f /etc/stunnel/stunnel.conf -fi rmdir /xcatpost ]]> diff --git a/xCAT-server/share/xcat/install/scripts/post.sles11.iscsi b/xCAT-server/share/xcat/install/scripts/post.sles11.iscsi index 8514b907a..1e0bfe439 100644 --- a/xCAT-server/share/xcat/install/scripts/post.sles11.iscsi +++ b/xCAT-server/share/xcat/install/scripts/post.sles11.iscsi @@ -49,29 +49,8 @@ do if [ "$?" = "0" ] then - if [ -x /usr/bin/openssl ]; then - USEOPENSSLFORXCAT=1 - export USEOPENSSLFORXCAT - XCATSERVER=$i:3001 - export XCATSERVER - else - rpm -ivh $i/post/otherpkgs/sles11/$NODE_ARCH/stunnel*.rpm - mkdir -p /usr/var/run/stunnel - mkdir -p /var/stunnel - if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit - echo client=yes > /etc/stunnel/stunnel.conf - echo foreground=no >> /etc/stunnel/stunnel.conf - echo output=/dev/null >> /etc/stunnel/stunnel.conf - echo verify=0 >> /etc/stunnel/stunnel.conf - echo '[xcatd]' >> /etc/stunnel/stunnel.conf - echo accept=400 >> /etc/stunnel/stunnel.conf - echo connect=$i:3001 >> /etc/stunnel/stunnel.conf - - stunnel - STUN_PID=$! - sleep 1 - fi - fi + XCATSERVER=$i:3001 + export XCATSERVER mv $i/postscripts /xcatpost rm -rf $i chmod +x /xcatpost/* @@ -103,9 +82,6 @@ cd / /xcatpost/#TABLE:nodelist:$NODE:node# rm -Rf /xcatpost rm -f /tmp/mypostscript -if [ ! -x /usr/bin/stunnel ]; then - rm -f /etc/stunnel/stunnel.conf -fi rmdir /xcatpost ]]> diff --git a/xCAT-server/share/xcat/install/sles/compute.ppc64.tmpl b/xCAT-server/share/xcat/install/sles/compute.ppc64.tmpl index bf1a0a838..548846a23 100644 --- a/xCAT-server/share/xcat/install/sles/compute.ppc64.tmpl +++ b/xCAT-server/share/xcat/install/sles/compute.ppc64.tmpl @@ -43,7 +43,7 @@ x11 - stunnel + openssl xntp rsync diff --git a/xCAT-server/share/xcat/install/sles/compute.tmpl b/xCAT-server/share/xcat/install/sles/compute.tmpl index 0f5950bf3..261c49e3e 100644 --- a/xCAT-server/share/xcat/install/sles/compute.tmpl +++ b/xCAT-server/share/xcat/install/sles/compute.tmpl @@ -42,7 +42,7 @@ x11 - stunnel + openssl xntp rsync diff --git a/xCAT-server/share/xcat/install/sles/xen.tmpl b/xCAT-server/share/xcat/install/sles/xen.tmpl index 44cd570fa..c3e9e9998 100644 --- a/xCAT-server/share/xcat/install/sles/xen.tmpl +++ b/xCAT-server/share/xcat/install/sles/xen.tmpl @@ -89,7 +89,6 @@ 32bit - stunnel xntp rsync xen diff --git a/xCAT-server/share/xcat/netboot/centos/compute.pkglist b/xCAT-server/share/xcat/netboot/centos/compute.pkglist index 3e352bdbb..d6ccc612c 100644 --- a/xCAT-server/share/xcat/netboot/centos/compute.pkglist +++ b/xCAT-server/share/xcat/netboot/centos/compute.pkglist @@ -1,6 +1,6 @@ bash nfs-utils -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/fedora/compute.pkglist b/xCAT-server/share/xcat/netboot/fedora/compute.pkglist index d8d6b3796..332b191e0 100644 --- a/xCAT-server/share/xcat/netboot/fedora/compute.pkglist +++ b/xCAT-server/share/xcat/netboot/fedora/compute.pkglist @@ -1,6 +1,6 @@ bash nfs-utils -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/fedora/compute.ppc64.pkglist b/xCAT-server/share/xcat/netboot/fedora/compute.ppc64.pkglist index 918107706..c649fd6a1 100644 --- a/xCAT-server/share/xcat/netboot/fedora/compute.ppc64.pkglist +++ b/xCAT-server/share/xcat/netboot/fedora/compute.ppc64.pkglist @@ -1,6 +1,6 @@ bash nfs-utils -stunnel +openssl glibc.ppc64 dhclient kernel.ppc64 diff --git a/xCAT-server/share/xcat/netboot/fedora/service.pkglist b/xCAT-server/share/xcat/netboot/fedora/service.pkglist index f8d1fb6da..df38907b7 100644 --- a/xCAT-server/share/xcat/netboot/fedora/service.pkglist +++ b/xCAT-server/share/xcat/netboot/fedora/service.pkglist @@ -1,5 +1,5 @@ bash -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/rh/compute.pkglist b/xCAT-server/share/xcat/netboot/rh/compute.pkglist index 944c2874f..30d4e4feb 100644 --- a/xCAT-server/share/xcat/netboot/rh/compute.pkglist +++ b/xCAT-server/share/xcat/netboot/rh/compute.pkglist @@ -1,6 +1,6 @@ bash nfs-utils -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/rh/compute.rhels5.3.ppc64.pkglist b/xCAT-server/share/xcat/netboot/rh/compute.rhels5.3.ppc64.pkglist index 944c2874f..30d4e4feb 100644 --- a/xCAT-server/share/xcat/netboot/rh/compute.rhels5.3.ppc64.pkglist +++ b/xCAT-server/share/xcat/netboot/rh/compute.rhels5.3.ppc64.pkglist @@ -1,6 +1,6 @@ bash nfs-utils -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/rh/service.pkglist b/xCAT-server/share/xcat/netboot/rh/service.pkglist index 79cdc055d..d16bd0865 100644 --- a/xCAT-server/share/xcat/netboot/rh/service.pkglist +++ b/xCAT-server/share/xcat/netboot/rh/service.pkglist @@ -1,5 +1,5 @@ bash -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/rh/service.ppc64.pkglist b/xCAT-server/share/xcat/netboot/rh/service.ppc64.pkglist index 0cd92b92b..be705a829 100644 --- a/xCAT-server/share/xcat/netboot/rh/service.ppc64.pkglist +++ b/xCAT-server/share/xcat/netboot/rh/service.ppc64.pkglist @@ -1,5 +1,5 @@ bash -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/sles/compute.pkglist b/xCAT-server/share/xcat/netboot/sles/compute.pkglist index 56b476ab5..d6217e337 100644 --- a/xCAT-server/share/xcat/netboot/sles/compute.pkglist +++ b/xCAT-server/share/xcat/netboot/sles/compute.pkglist @@ -1,6 +1,6 @@ bash nfs-utils -stunnel +openssl dhcpcd kernel-smp openssh diff --git a/xCAT-server/share/xcat/netboot/sles/compute.sles10.ppc64.pkglist b/xCAT-server/share/xcat/netboot/sles/compute.sles10.ppc64.pkglist index c26dcebad..7a0481b88 100644 --- a/xCAT-server/share/xcat/netboot/sles/compute.sles10.ppc64.pkglist +++ b/xCAT-server/share/xcat/netboot/sles/compute.sles10.ppc64.pkglist @@ -1,7 +1,7 @@ aaa_base bash nfs-utils -stunnel +openssl dhcpcd kernel-ppc64 openssh diff --git a/xCAT-server/share/xcat/netboot/sles/compute.sles11.pkglist b/xCAT-server/share/xcat/netboot/sles/compute.sles11.pkglist index 522382582..a097d39d4 100644 --- a/xCAT-server/share/xcat/netboot/sles/compute.sles11.pkglist +++ b/xCAT-server/share/xcat/netboot/sles/compute.sles11.pkglist @@ -1,7 +1,7 @@ aaa_base bash nfs-utils -#stunnel +openssl dhcpcd kernel openssh diff --git a/xCAT-server/share/xcat/netboot/sles/service.pkglist b/xCAT-server/share/xcat/netboot/sles/service.pkglist index 4182a22f3..fe0d4d304 100644 --- a/xCAT-server/share/xcat/netboot/sles/service.pkglist +++ b/xCAT-server/share/xcat/netboot/sles/service.pkglist @@ -1,5 +1,5 @@ bash -stunnel +openssl dhclient kernel openssh-server diff --git a/xCAT-server/share/xcat/netboot/sles/service.sles10.ppc64.pkglist b/xCAT-server/share/xcat/netboot/sles/service.sles10.ppc64.pkglist index ac44efc8e..733ca89a6 100644 --- a/xCAT-server/share/xcat/netboot/sles/service.sles10.ppc64.pkglist +++ b/xCAT-server/share/xcat/netboot/sles/service.sles10.ppc64.pkglist @@ -6,7 +6,7 @@ syslogd klogd device-mapper bash -stunnel +openssl nfs-utils ksh syslog-ng diff --git a/xCAT-server/share/xcat/netboot/sles/service.sles11.pkglist b/xCAT-server/share/xcat/netboot/sles/service.sles11.pkglist index 8edd39e3f..2f0aec0a3 100644 --- a/xCAT-server/share/xcat/netboot/sles/service.sles11.pkglist +++ b/xCAT-server/share/xcat/netboot/sles/service.sles11.pkglist @@ -34,7 +34,7 @@ pam-modules timezone mysql-client perl-Expect -#stunnel +openssl xCATsn perl-DBD-mysql portmap diff --git a/xCAT/postscripts/getcredentials.awk b/xCAT/postscripts/getcredentials.awk index 83d180859..a8f394143 100755 --- a/xCAT/postscripts/getcredentials.awk +++ b/xCAT/postscripts/getcredentials.awk @@ -1,10 +1,6 @@ #!/usr/bin/awk -f BEGIN { - if (ENVIRON["USEOPENSSLFORXCAT"]) { - server = "openssl s_client -quiet -connect " ENVIRON["XCATSERVER"] - } else { - server = "/inet/tcp/0/127.0.0.1/400" - } + server = "openssl s_client -quiet -connect " ENVIRON["XCATSERVER"] quit = "no" diff --git a/xCAT/postscripts/getpostscript.awk b/xCAT/postscripts/getpostscript.awk index cb78a4c21..317e8a2f1 100755 --- a/xCAT/postscripts/getpostscript.awk +++ b/xCAT/postscripts/getpostscript.awk @@ -1,10 +1,6 @@ #!/usr/bin/awk -f BEGIN { - if (ENVIRON["USEOPENSSLFORXCAT"]) { - server = "openssl s_client -quiet -connect " ENVIRON["XCATSERVER"] - } else { - server = "/inet/tcp/0/127.0.0.1/400" - } + server = "openssl s_client -quiet -connect " ENVIRON["XCATSERVER"] quit = "no" diff --git a/xCAT/postscripts/remoteshell b/xCAT/postscripts/remoteshell index c04791199..babb49fdf 100755 --- a/xCAT/postscripts/remoteshell +++ b/xCAT/postscripts/remoteshell @@ -37,13 +37,8 @@ fi # logger -t xcat "Install: using server provided host key for convenience." # cp /xcatpost/hostkeys/*_key /etc/ssh/ #fi -if [ ! -x /usr/sbin/stunnel -a ! -x /usr/bin/stunnel ]; then #Stop if no stunnel to help the next bit - if [ -x /usr/bin/openssl ]; then - USEOPENSSLFORXCAT=1 - export USEOPENSSLFORXCAT - else - exit 0 - fi +if [ ! -x /usr/bin/openssl ]; then + exit 0 fi allowcred.awk & CREDPID=$! diff --git a/xCAT/postscripts/startsyncfiles.awk b/xCAT/postscripts/startsyncfiles.awk index e4e122473..a1492075f 100755 --- a/xCAT/postscripts/startsyncfiles.awk +++ b/xCAT/postscripts/startsyncfiles.awk @@ -1,10 +1,6 @@ #!/usr/bin/awk -f BEGIN { - if (ENVIRON["USEOPENSSLFORXCAT"]) { - server = "openssl s_client -quiet -connect " ENVIRON["XCATSERVER"] - } else { - server = "/inet/tcp/0/127.0.0.1/400" - } + server = "openssl s_client -quiet -connect " ENVIRON["XCATSERVER"] quit = "no" diff --git a/xCAT/postscripts/xcatclient b/xCAT/postscripts/xcatclient index 62453a8ac..8a0196567 100755 --- a/xCAT/postscripts/xcatclient +++ b/xCAT/postscripts/xcatclient @@ -4,13 +4,8 @@ #(C)IBM Corp # -if [ ! -x /usr/sbin/stunnel -a ! -x /usr/bin/stunnel ]; then #Stop if no stunnel to help the next bit - if [ -x /usr/bin/openssl ]; then #Unless we have openssl, then instruct awk scripts to do that instead of stunnel - USEOPENSSLFORXCAT=1 - export USEOPENSSLFORXCAT - else - exit 0 - fi +if [ ! -x /usr/bin/openssl ]; then #Unless we have openssl stup + exit 0 fi allowcred.awk & CREDPID=$! diff --git a/xCAT/postscripts/xcatdsklspost b/xCAT/postscripts/xcatdsklspost index 53c9aaa3f..d4c4b2507 100755 --- a/xCAT/postscripts/xcatdsklspost +++ b/xCAT/postscripts/xcatdsklspost @@ -38,28 +38,9 @@ if grep 'rw /rw tmpfs ' /proc/mounts >& /dev/null; then fi -if [ -x /usr/bin/stunnel -o -x /usr/sbin/stunnel ]; then - mkdir -p /etc/stunnel - mkdir -p /var/stunnel - mkdir -p /usr/var/run/stunnel #at least for SLES11 - -cat > /etc/stunnel/stunnel.conf << EOF -client=yes -foreground=no -output=/dev/null -#output=/var/log/stunnel.log -verify=0 -[xcatd] -accept=400 -EOF -echo "connect=$SIP:3001" >> /etc/stunnel/stunnel.conf -stunnel; -sleep 1; -elif [ -x /usr/bin/openssl ]; then +if [ -x /usr/bin/openssl ]; then XCATSERVER="$SIP:3001" export XCATSERVER - USEOPENSSLFORXCAT=1 - export USEOPENSSLFORXCAT fi mkdir -p /xcatpost; mkdir -p /tmp/postage @@ -124,11 +105,6 @@ if [ -x /tmp/mypostscript ];then fi rm -f /tmp/mypostscript -if [ -x /usr/bin/stunnel -o -x /usr/sbin/stunnel ]; then -killall stunnel -rm -rf /etc/stunnel -fi - #tell user it is done when this is called by updatenode command if [ $# -gt 0 ]; then echo "returned" diff --git a/xCAT/postscripts/xcatserver b/xCAT/postscripts/xcatserver index 3fa5c1558..0c4dbfa9e 100755 --- a/xCAT/postscripts/xcatserver +++ b/xCAT/postscripts/xcatserver @@ -4,13 +4,8 @@ #(C)IBM Corp # -if [ ! -x /usr/sbin/stunnel -a ! -x /usr/bin/stunnel ]; then #Stop if no stunnel to help the next bit - if [ -x /usr/bin/openssl ]; then - USEOPENSSLFORXCAT=1 - export USEOPENSSLFORXCAT - else - exit 0 - fi +if [ ! -x /usr/bin/openssl ]; then + exit 0 fi allowcred.awk & CREDPID=$!