From e9c8e9cbfacff99eb3b895a0bfe7deefc8c53335 Mon Sep 17 00:00:00 2001 From: jbjohnso Date: Thu, 1 May 2008 14:45:30 +0000 Subject: [PATCH] -Fix remoteshell to not cause SELinux errors on RHEL5 installs -Fix SLES support of the new credentials/dynamic postscripts git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1240 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd --- xCAT-server-2.0/lib/xcat/plugins/sles.pm | 16 +++++----- .../share/xcat/install/scripts/post.sles | 30 +++++++++++++++++-- .../xcat/install/sles/compute.ppc64.tmpl | 1 + .../share/xcat/install/sles/compute.tmpl | 1 + xCAT/postscripts/remoteshell | 12 ++++---- 5 files changed, 44 insertions(+), 16 deletions(-) diff --git a/xCAT-server-2.0/lib/xcat/plugins/sles.pm b/xCAT-server-2.0/lib/xcat/plugins/sles.pm index 628c50f5c..b8a00afcf 100644 --- a/xCAT-server-2.0/lib/xcat/plugins/sles.pm +++ b/xCAT-server-2.0/lib/xcat/plugins/sles.pm @@ -132,9 +132,9 @@ sub mkinstall next; } - # create the node-specific post script - mkpath "/install/postscripts/"; - xCAT::Postage->writescript($node, "/install/postscripts/".$node, "install", $callback); + # create the node-specific post script DEPRECATED, don't do + #mkpath "/install/postscripts/"; + #xCAT::Postage->writescript($node, "/install/postscripts/".$node, "install", $callback); if ( ( @@ -282,11 +282,11 @@ sub mkinstall ); } } - my $rc = xCAT::Utils->create_postscripts_tar(); - if ($rc != 0) - { - xCAT::MsgUtils->message("S", "Error creating postscripts tar file."); - } + #my $rc = xCAT::Utils->create_postscripts_tar(); + #if ($rc != 0) + #{ + # xCAT::MsgUtils->message("S", "Error creating postscripts tar file."); + #} } sub copycd diff --git a/xCAT-server-2.0/share/xcat/install/scripts/post.sles b/xCAT-server-2.0/share/xcat/install/scripts/post.sles index fa56edb43..2ff355c7d 100644 --- a/xCAT-server-2.0/share/xcat/install/scripts/post.sles +++ b/xCAT-server-2.0/share/xcat/install/scripts/post.sles @@ -58,15 +58,34 @@ export MASTER="#XCATVAR:XCATMASTER#" # # This script has not yet been updated to work with service nodes # -mkdir -p /xcatpost for i in $(seq 1 20) do GOTIT=0 for i in $MASTER_IPS do - mount -r $i:/install/postscripts /xcatpost + #mount -r $i:/install/postscripts /xcatpost + wget -l inf -N -r --waitretry=10 --random-wait --retry-connrefused -t 0 -T 60 ftp://$i/install/postscripts if [ "$?" = "0" ] then + mkdir -p /var/stunnel + if [ -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit + echo client=yes > /etc/stunnel/stunnel.conf + echo foreground=no >> /etc/stunnel/stunnel.conf + echo output=/dev/null >> /etc/stunnel/stunnel.conf + echo verify=0 >> /etc/stunnel/stunnel.conf + echo '[xcatd]' >> /etc/stunnel/stunnel.conf + echo accept=400 >> /etc/stunnel/stunnel.conf + echo connect=$i:3001 >> /etc/stunnel/stunnel.conf + + stunnel + STUN_PID=$! + sleep 1 + fi + mv $i/install/postscripts /xcatpost + rm -rf $i + chmod +x /xcatpost/* + /xcatpost/getpostscript.awk |sed -e 's/<[^>]*>//g'|egrep -v '^ *$'|sed -e 's/^ *//' > /tmp/mypostscript + chmod +x /tmp/mypostscript GOTIT=1 break fi @@ -78,10 +97,15 @@ do RAND=$(perl -e 'print int(rand(5)). "\n"') sleep $RAND done +PATH=/xcatpost:$PATH +export PATH +/tmp/mypostscript updateflag.awk $MASTER 3002 cd / /xcatpost/#TABLE:nodelist:$NODE:node# -umount /xcatpost +rm -Rf /xcatpost +rm -f /tmp/mypostscript +rm -f /etc/stunnel/stunnel.conf rmdir /xcatpost ]]> diff --git a/xCAT-server-2.0/share/xcat/install/sles/compute.ppc64.tmpl b/xCAT-server-2.0/share/xcat/install/sles/compute.ppc64.tmpl index 324db3ae1..a4273fb06 100644 --- a/xCAT-server-2.0/share/xcat/install/sles/compute.ppc64.tmpl +++ b/xCAT-server-2.0/share/xcat/install/sles/compute.ppc64.tmpl @@ -43,6 +43,7 @@ x11 + stunnel xntp rsync diff --git a/xCAT-server-2.0/share/xcat/install/sles/compute.tmpl b/xCAT-server-2.0/share/xcat/install/sles/compute.tmpl index 0c236fd9d..deae32e38 100644 --- a/xCAT-server-2.0/share/xcat/install/sles/compute.tmpl +++ b/xCAT-server-2.0/share/xcat/install/sles/compute.tmpl @@ -42,6 +42,7 @@ x11 + stunnel xntp rsync diff --git a/xCAT/postscripts/remoteshell b/xCAT/postscripts/remoteshell index 5ad97988b..74aba3c31 100755 --- a/xCAT/postscripts/remoteshell +++ b/xCAT/postscripts/remoteshell @@ -30,14 +30,18 @@ then chmod 700 /root/.ssh chmod 600 /root/.ssh/* fi -allowcred.awk & -sleep 1 if [ -d /xcatpost/hostkeys ] then logger -t xcat "Install: using server provided host key for convenience." cp /xcatpost/hostkeys/*_key /etc/ssh/ fi +if [ ! -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit + exit 0 +fi +allowcred.awk & +CREDPID=$! +sleep 1 getcredentials.awk ssh_dsa_hostkey | grep -v '<'|sed -e 's/<//' -e 's/&/&/' -e 's/"/"/' -e "s/'/'/" > /etc/ssh/ssh_host_dsa_key chmod 600 /etc/ssh/ssh_host_dsa_key if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_dsa_key > /dev/null 2>&1 ; then @@ -50,9 +54,6 @@ if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_rsa_key > /dev/null 2>&1 ; then fi -if [ ! -x /usr/sbin/stunnel ]; then #Stop if no stunnel to help the next bit - exit 0 -fi umask 0077 @@ -63,3 +64,4 @@ getcredentials.awk ssh_root_key | grep -v '<'|sed -e 's/<//' if ! grep "PRIVATE KEY" /root/.ssh/id_rsa > /dev/null 2>&1 ; then rm /root/.ssh/id_rsa fi +kill -9 $CREDPID