xcat-core/xCAT-server/sbin/xcatconfig

1295 lines
36 KiB
Perl

#!/usr/bin/perl
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#
#####################################################
#
# This is script is called during the initial installation of xCAT
# It can also be called directly to redo the xcat configuration
#
#####################################################
BEGIN
{
$::XCATROOT = $ENV{'XCATROOT'} ? $ENV{'XCATROOT'} : '/opt/xcat';
$::XCATDIR = $ENV{'XCATDIR'} ? $ENV{'XCATDIR'} : '/etc/xcat';
}
use lib "$::XCATROOT/lib/perl";
use xCAT::Utils;
use Getopt::Long;
use xCAT::MsgUtils;
use Socket;
$::progname = "xcatconfig";
Getopt::Long::Configure("bundling");
$Getopt::Long::ignorecase = 0;
# parse the options
if (
!GetOptions(
'f|force' => \$::FORCE,
'h|help' => \$::HELP,
'v|version' => \$::VERSION,
)
)
{
&usage;
exit(1);
}
# display the usage if -h or --help is specified
if ($::HELP)
{
&usage;
exit(0);
}
# display the version statement if -v or --verison is specified
if ($::VERSION)
{
xCAT::MsgUtils->message('I', "$::progname: version 1.0\n");
exit(0);
}
$::osname = `uname`;
chomp $::osname;
if ($::osname eq 'AIX')
{
$::arch = `uname -p`;
$::root = "";
}
else
{
$::arch = `uname -m`;
$::root = "/root";
}
chomp $::arch;
chomp $::root;
# Make this system a management node
my $cmd = "/bin/touch /etc/xCATMN";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not create /etc/xCATMN file.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created /etc/xCATMN file.\n");
}
# Make sure service node file is not there
if (-f "/etc/xCATSN")
{
my $cmd = "/bin/rm /etc/xCATSN";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
}
# some Linux-only config
# (used to FTP postscripts to nodes)
if ($::osname eq 'Linux')
{
# Locally mount /var/ftp/install over /install
if (!-d "/var/ftp/install")
{
my $cmd = "/bin/mkdir -p /var/ftp/install";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /var/ftp/install directory.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Created /var/ftp/install directory.\n");
}
}
#
# add /var/ftp/install to /etc/fstab and mount - if needed
#
my $changed_fstab = 0;
my $cmd = "/bin/cat /etc/fstab | grep '/var/ftp/install'";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
if ($::RUNCMD_RC != 0)
{
# ok - then add this entry
my $cmd =
"/bin/echo '/install /var/ftp/install none bind,defaults 0 0' >> /etc/fstab";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not update the /etc/fstab file.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Added /var/ftp/install to the /etc/fstab file.\n");
$changed_fstab++;
}
}
if ($changed_fstab)
{
# mount /var/ftp/install
my $cmd = "mount /var/ftp/install";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not mount /var/ftp/install.\n");
}
else
{
xCAT::MsgUtils->message('I',
"/var/ftp/install has been mounted over /install.\n");
}
}
#
# add /var/ftp/tftpboot to /etc/fstab and mount - if needed
#
my $changed_fstab = 0;
my $cmd = "/bin/cat /etc/fstab | grep '/var/ftp/tftpboot'";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
if ($::RUNCMD_RC != 0)
{
# ok - then add this entry
my $cmd =
"/bin/echo '/tftpboot /var/ftp/tftpboot none bind,defaults 0 0' >> /etc/fstab";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not update the /etc/fstab file.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Added /var/ftp/tftpboot to the /etc/fstab file.\n");
$changed_fstab++;
}
}
if ($changed_fstab)
{
# mount /var/ftp/tftpboot
my $cmd = "mount /var/ftp/tftpboot";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not mount /var/ftp/tftpboot.\n");
}
else
{
xCAT::MsgUtils->message('I',
"/var/ftp/tftpboot has been mounted over /tftpboot.\n");
}
}
# start vsftpd
my $cmd = "/sbin/chkconfig vsftpd on";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
my $cmd = "/etc/init.d/vsftpd restart";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not start VSFTPD.\n");
}
else
{
xCAT::MsgUtils->message('I', "VSFTPD has been restarted.\n");
}
} # - some Linux-only config
#
# Generate ssh host keys
#
# create /etc/xcat/hostkeys and /install/postscripts/hostkeys
if (!-d "/install/postscripts/hostkeys") # directory for public keys
{
my $cmd = "/bin/mkdir -p /install/postscripts/hostkeys";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /install/postscripts/hostkeys directory.\n");
}
}
if (!-d "/etc/xcat/hostkeys") # directory for public/private keys
{
my $cmd = "/bin/mkdir -p /etc/xcat/hostkeys";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /etc/xcat/hostkeys directory.\n");
}
}
#
# move old hostkeys keys if they exist in /install, to the
# new directory /etc/xcat/hostkeys and remove private keys
if (-f "/install/postscripts/hostkeys/ssh_host_key")
{
# copy all keys to /etc/xcat/hostkeys directory
my $cmd = "/bin/cp -p /install/postscripts/hostkeys/* /etc/xcat/hostkeys/.";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "$cmd not successful.\n");
}
# remove private keys from install dir, leave the public keys
if (-f "/install/postscripts/hostkeys/ssh_host_dsa_key")
{
my $cmd = "/bin/rm /install/postscripts/hostkeys/ssh_host_dsa_key";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "$cmd not successful.\n");
}
}
if (-f "/install/postscripts/hostkeys/ssh_host_key")
{
my $cmd = "/bin/rm /install/postscripts/hostkeys/ssh_host_key";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "$cmd not successful.\n");
}
}
if (-f "/install/postscripts/hostkeys/ssh_host_rsa_key")
{
my $cmd = "/bin/rm /install/postscripts/hostkeys/ssh_host_rsa_key";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "$cmd not successful.\n");
}
}
}
# if hostkey does not exist or force option, regenerate
my $hostkey = "/install/postscripts/hostkeys/ssh_host_rsa_key.pub";
if ((!-r $hostkey) || $::FORCE)
{
# remove the old keys
my $cmd = "/bin/rm /install/postscripts/hostkeys/ssh_host*";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'I',
"Could not remove ssh keys from /install/postscripts/hostkeys directory. They may not exist.\n"
);
}
# remove the old keys
my $cmd = "/bin/rm /etc/xcat/hostkeys/ssh_host*";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'I',
"Could not remove ssh keys from /etc/xcat/hostkeys directory. They may not exist.\n"
);
}
#
# generate new hostkeys
#
xCAT::MsgUtils->message('I', "Generating SSH1 RSA Key...\n");
my $cmd =
"/usr/bin/ssh-keygen -t rsa1 -f /etc/xcat/hostkeys/ssh_host_key -C '' -N ''";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not generate SSH1 RSA key.\n");
}
xCAT::MsgUtils->message('I', "Generating SSH2 RSA Key...\n");
my $cmd =
"/usr/bin/ssh-keygen -t rsa -f /etc/xcat/hostkeys/ssh_host_rsa_key -C '' -N ''";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not generate SSH2 RSA key.\n");
}
xCAT::MsgUtils->message('I', "Generating SSH2 DSA Key...\n");
my $cmd =
"/usr/bin/ssh-keygen -t dsa -f /etc/xcat/hostkeys/ssh_host_dsa_key -C '' -N ''";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not generate SSH2 DSA key.\n");
}
# copy the public keys to install directory
my $cmd =
"/bin/cp /etc/xcat/hostkeys/*.pub /install/postscripts/hostkeys/.";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "$cmd not successful.\n");
}
else
{
xCAT::MsgUtils->message('I', "$cmd is successful\n");
}
}
#
# move old directories if they exist
if (-d "/install/postscripts/.ssh")
{
my $cmd = "/bin/mv /install/postscripts/.ssh/* /install/postscripts/_ssh/.";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
my $cmd = "/bin/rmdir /install/postscripts/.ssh";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
# if ($::RUNCMD_RC != 0)
# {
# xCAT::MsgUtils->message(
# 'E',
# "Could not move /install/postscripts/.ssh directory to /install/postscripts/_ssh.\n"
# );
# }
# else
# {
# xCAT::MsgUtils->message(
# 'I',
# "Moved /install/postscripts/.ssh directory to /install/postscripts/_ssh.\n"
# );
# }
}
if (-d "/install/postscripts/.xcat")
{
my $cmd =
"/bin/mv /install/postscripts/.xcat/* /install/postscripts/_xcat/.";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not move /install/postscripts/.xcat directory to /install/postscripts/_xcat.\n"
);
}
my $cmd = "/bin/rmdir /install/postscripts/.xcat";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
}
#
# create /.ssh dir if needed
#
my $sshdir = "$::root/.ssh";
if (!-d $sshdir)
{
my $cmd = "/bin/mkdir -m 700 -p $sshdir";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not create $sshdir directory.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created $sshdir directory.\n");
}
}
#
# create or modify the -/.ssh/config file
#
my $cfgfile = "$::root/.ssh/config";
if ((-f $cfgfile) || $::FORCE)
{
# it exists - so see if it needs to be updated - ???????? check!!!
# xCAT::MsgUtils->message('I', "Checking for \'StrictHostKeyChecking no\' in $cfgfile.\n");
my $cmd = "/bin/cat $cfgfile | grep 'StrictHostKeyChecking no'";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
if ($::RUNCMD_RC != 0)
{
# ok - then add this entry
my $cmd =
"/bin/echo StrictHostKeyChecking no >> $cfgfile; chmod 600 $cfgfile";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not update the $cfgfile file.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Added updates to the $cfgfile file.\n");
}
}
}
else
{
# file doesn't exist so just create it
my $cmd =
"/bin/echo StrictHostKeyChecking no > $cfgfile; chmod 600 $cfgfile";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not update the $cfgfile file.\n");
}
else
{
xCAT::MsgUtils->message('I', "Added updates to the $cfgfile file.\n");
}
}
#
# create /install/postscripts/_ssh if needed
#
if (!-d "/install/postscripts/_ssh")
{
my $cmd = "/bin/mkdir -p /install/postscripts/_ssh";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /install/postscripts/_ssh directory.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Created /install/postscripts/_ssh directory.\n");
}
}
#
# Generate id_rsa.pub, if it does not exist or the force option
#
my $pubfile = "$::root/.ssh/id_rsa.pub";
my $rsafile = "$::root/.ssh/id_rsa";
if ((!-r $pubfile) || $::FORCE)
{
if ($::FORCE)
{
# remove the old file
my $cmd = "/bin/rm $::root/.ssh/id_rsa*";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not remove id_rsa files from $::root/.ssh directory.\n"
);
}
else
{
xCAT::MsgUtils->message('I',
"Removed id_rsa files from $::root/.ssh directory.\n");
}
}
my $cmd = "/usr/bin/ssh-keygen -t rsa -q -b 2048 -N '' -f $rsafile";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not generate $pubfile.\n");
}
else
{
xCAT::MsgUtils->message('I', "Generated $pubfile.\n");
if ($::osname eq 'AIX')
{
# allows node be able to scp to the MN only for AIX
my $cmd = "/bin/cat $pubfile >> /.ssh/authorized_keys";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not cat $pubfile to /.ssh/authorized_keys.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Added $pubfile to /.ssh/authorized_keys.\n");
chmod 0600, "/.ssh/authorized_keys";
}
}
}
}
# copy authorized_keys for install on node
if (-r $pubfile)
{
my $cmd = "/bin/cp $pubfile /install/postscripts/_ssh/authorized_keys";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy $pubfile to /install/postscripts/_ssh/authorized_keys.\n"
);
}
else
{
xCAT::MsgUtils->message('I',
"Copied $pubfile to /install/postscripts/_ssh/authorized_keys.\n");
}
}
else
{
xCAT::MsgUtils->message(
'E',
"Could not copy $pubfile to /install/postscripts/_ssh/authorized_keys,because $pubfile does not exist.\n"
);
}
#
# create /var/log/consoles if needed
#
if (!-d "/var/log/consoles")
{
my $cmd = "/bin/mkdir -p /var/log/consoles";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /var/log/consoles directory.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created /var/log/consoles directory.\n");
}
}
if ($::osname eq 'AIX')
{
if (!-f "/usr/sbin/conserver")
{
my $cmd = "ln -sf /opt/freeware/sbin/conserver /usr/sbin/conserver";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not ln -sf /opt/freeware/sbin/conserver /usr/sbin/conserver.\n"
);
}
else
{
xCAT::MsgUtils->message('I',
"ln -sf /opt/freeware/sbin/conserver /usr/sbin/conserver.\n");
}
}
if (!-f "/usr/bin/console")
{
$cmd = "ln -sf /opt/freeware/bin/console /usr/bin/console";
$outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not ln -sf /opt/freeware/bin/console /usr/bin/console.\n"
);
}
else
{
xCAT::MsgUtils->message('I',
"ln -sf /opt/freeware/bin/console /usr/bin/console.\n");
}
}
$cmd = "lssrc -a | grep conserver";
$outref = xCAT::Utils->runcmd("$cmd", 0);
unless ($outref =~ /conserver/)
{
$cmd =
"mkssys -p /opt/freeware/sbin/conserver -s conserver -u 0 -S -n 15 -f 15 -a \"-o -O1 -C /etc/conserver.cf\"";
$outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not add subsystem conserver.\n");
}
else
{
xCAT::MsgUtils->message('I', "Add subsystem conserver.\n");
}
}
}
# some Linux-only config
if ($::osname eq 'Linux')
{
my $changed_exports = 0;
#
# add tftpboot to /etc/exports - if needed
#
my $cmd = "/bin/cat /etc/exports | grep '/tftpboot'";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
if ($::RUNCMD_RC != 0)
{
# ok - then add this entry
#SECURITY: this has potential for sharing private host/user keys
my $cmd =
"/bin/echo '/tftpboot *(rw,root_squash,sync)' >> /etc/exports";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not update the /etc/exports file.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Added /tftpboot to the /etc/exports file.\n");
$changed_exports++;
}
}
#
# add /install to /etc/exports - if needed
#
my $cmd = "/bin/cat /etc/exports | grep '/install'";
my $outref = xCAT::Utils->runcmd("$cmd", -1);
if ($::RUNCMD_RC != 0)
{
# ok - then add this entry
#SECURITY: this has potential for sharing private host/user keys
my $cmd =
"/bin/echo '/install *(ro,no_root_squash,sync)' >> /etc/exports";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not update the /etc/exports file.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Added /install to the /etc/exports file.\n");
$changed_exports++;
}
}
if ($changed_exports)
{
# restart nfs
my $cmd = "/sbin/service nfs restart";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
my $cmd = "/sbin/chkconfig nfs on";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not enable NFS.\n");
}
else
{
xCAT::MsgUtils->message('I', "NFS has been restarted.\n");
}
}
} # - some Linux-only config
#
# create basic site definition
#
my $hname = `hostname`;
chomp $hname;
# some values common to both AIX & Linux
my $xcatport = "3001";
my $xcatiport = "3002";
my $tftpdir = "/tftpboot";
my $installdir = "/install";
my ($name, $aliases, $addrtype, $length, @addrs) = gethostbyname($hname);
my $master = inet_ntoa($addrs[0]);
# set value based on OS
my ($domain, $timezone);
if ($::osname eq 'AIX')
{
my ($name, $rest) = split('\.', $hname);
if ($rest)
{
($domain = $hname) =~ s/^.*?\.//;
}
else
{
$domain = "";
}
$timezone = $ENV{'TZ'};
}
else
{
$domain = `hostname -d`;
my $tz;
if (-f "/etc/redhat-release")
{
# on Redhat look for "ZONE"
$tz = `grep ^ZONE /etc/sysconfig/clock|cut -d= -f 2|sed -e 's/"//g'`;
}
else
{
# on SuSE look for "TIMEZONE"
$tz =
`grep ^TIMEZONE /etc/sysconfig/clock|cut -d= -f 2|sed -e 's/"//g'`;
}
$timezone = $tz;
}
chomp $timezone;
chomp $master;
chomp $domain;
# create basic site definition
if ((!-r "/etc/xcat/site.sqlite") || $::FORCE)
{
my $chtabcmds;
$chtabcmds = "$::XCATROOT/sbin/chtab key=xcatdport site.value=$xcatport;";
$chtabcmds .= "$::XCATROOT/sbin/chtab key=xcatiport site.value=$xcatiport;";
$chtabcmds .= "$::XCATROOT/sbin/chtab key=tftpdir site.value=$tftpdir;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab key=installdir site.value=$installdir;";
$chtabcmds .= "$::XCATROOT/sbin/chtab key=master site.value=$master;";
$chtabcmds .= "$::XCATROOT/sbin/chtab key=domain site.value=$domain;";
if ($::osname eq 'Linux')
{
$chtabcmds .=
"$::XCATROOT/sbin/chtab key=timezone site.value=$timezone";
}
if ($::osname eq 'AIX')
{
$chtabcmds .= "$::XCATROOT/sbin/chtab key=useSSHonAIX site.value=no;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab key=consoleondemand site.value=yes;";
}
my $outref = xCAT::Utils->runcmd("$chtabcmds", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not create site definition.\n");
}
else
{
xCAT::MsgUtils->message('I', "Updated cluster site definition.\n");
}
}
# create default postscript list in postscripts table
if ((!-r "/etc/xcat/postscripts.sqlite") || $::FORCE)
{
my $chtabcmds;
if ($::osname eq 'AIX')
{
$chtabcmds =
"$::XCATROOT/sbin/chtab node=xcatdefaults postscripts.postscripts='syslog,aixremoteshell';";
}
else
{
$chtabcmds =
"$::XCATROOT/sbin/chtab node=xcatdefaults postscripts.postscripts='syslog,remoteshell';";
}
$chtabcmds .=
"$::XCATROOT/sbin/chtab node=service postscripts.postscripts='servicenode';";
my $outref = xCAT::Utils->runcmd("$chtabcmds", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create postscripts definition.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created postscripts definition.\n");
}
}
# create basic policy definition.
if ((!-r "/etc/xcat/policy.sqlite") || $::FORCE)
{
my $chtabcmds;
if ($::osname eq 'AIX')
{
$chtabcmds =
"$::XCATROOT/sbin/chtab priority=1 policy.name=root policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=1.2 policy.name=$hname policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=4.4 policy.commands=getpostscript policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=4.5 policy.commands=getcredentials policy.rule=allow";
}
else
{
$chtabcmds =
"$::XCATROOT/sbin/chtab priority=1 policy.name=root policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=2 policy.commands=getbmcconfig policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=3 policy.commands=nextdestiny policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=4 policy.commands=getdestiny policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=4.4 policy.commands=getpostscript policy.rule=allow;";
$chtabcmds .=
"$::XCATROOT/sbin/chtab priority=4.5 policy.commands=getcredentials policy.rule=allow";
}
my $outref = xCAT::Utils->runcmd("$chtabcmds", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not create policy definition.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created policy definition.\n");
}
}
#
# set up syslog
#
# (use postscript to set up syslog -- leaving old code for now in case it
# did something differnt)
my $cmd = "/install/postscripts/syslog";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not set up syslog.\n");
}
else
{
xCAT::MsgUtils->message('I', "syslog has been set up.\n");
}
# <old syslog setup code -- delete after new code is well verified>
# if backup file exists assume it's already set up
#if (( ! -r "/etc/syslog.conf.ORIG" ) || $::FORCE) {
# my $syslogcmds;
# $syslogcmds = "cp /etc/syslog.conf /etc/syslog.conf.ORIG;";
# $syslogcmds .= "echo '*.debug /var/log/localmessages' > /etc/test.tmp;";
# $syslogcmds .= "echo '*.crit /var/log/localmessages' >> /etc/test.tmp;";
# $syslogcmds .= "cat /etc/test.tmp >> /etc/syslog.conf;";
# $syslogcmds .= "rm /etc/test.tmp;";
# $syslogcmds .= "touch /var/log/localmessages;";
# if ($::osname eq 'AIX') {
# $syslogcmds .= "stopsrc -s syslogd;";
# $syslogcmds .= "startsrc -s syslogd;";
# } else {
# $syslogcmds .= "/etc/init.d/syslog stop;";
# $syslogcmds .= "/etc/init.d/syslog start;";
# }
#
# my $outref = xCAT::Utils->runcmd("$syslogcmds", 0);
# if ($::RUNCMD_RC != 0)
# {
# xCAT::MsgUtils->message('E', "Could not set up syslog.\n");
# } else {
# xCAT::MsgUtils->message('I', "Started syslog daemon.\n");
# }
#}
#
# set up the certificates for xcatd
#
if ((!-d "/etc/xcat/ca") || $::FORCE)
{
xCAT::MsgUtils->message(
'I',
"\nSetting up basic certificates. Respond with a \'y\' when prompted.\n\n"
);
my $cmd =
"echo 'y\ny\ny\ny' |$::XCATROOT/share/xcat/scripts/setup-xcat-ca.sh 'xCAT CA'";
xCAT::MsgUtils->message('I', "Running $cmd\n");
my $rc = system($cmd);
if ($rc >> 8)
{
xCAT::MsgUtils->message('E',
"Could not create xCAT certificate in /etc/xcat/ca.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created xCAT certificate.\n");
}
}
# copy to postscript directory
my $cmd = "/bin/rm -rf /install/postscripts/ca >/dev/null 2>&1";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
my $cmd = "/bin/mkdir -p /install/postscripts/ca/certs";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /install/postscripts/ca/certs directory.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Created /install/postscripts/ca/certs directory.\n");
}
my $cmd = "/bin/cp -r /etc/xcat/ca/* /install/postscripts/ca";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy /etc/xcat/ca/* to /install/postscripts/ca directory.\n"
);
}
else
{
xCAT::MsgUtils->message('I',
"Copied /etc/xcat/ca/* to /install/postscripts/ca directory.\n");
}
if ((!-d "/etc/xcat/cert") || $::FORCE)
{
my $cmd =
"echo 'y\ny\ny\ny' |$::XCATROOT/share/xcat/scripts/setup-server-cert.sh $hname";
xCAT::MsgUtils->message('I', "Running $cmd\n");
my $rc = system($cmd);
if ($rc >> 8)
{
xCAT::MsgUtils->message('E',
"Could not create xCAT certificate in /etc/xcat/cert.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created xCAT certificate.\n");
}
}
# copy to postscript directory
my $cmd = "/bin/rm -rf /install/postscripts/cert >/dev/null 2>&1";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
my $cmd = "/bin/mkdir -p /install/postscripts/cert";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /install/postscripts/cert directory.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Created /install/postscripts/cert directory.\n");
}
my $cmd = "/bin/cp -r /etc/xcat/cert/* /install/postscripts/cert";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy /etc/xcat/cert/* to /install/postscripts/cert directory.\n"
);
}
else
{
xCAT::MsgUtils->message('I',
"Copied /etc/xcat/cert/* to /install/postscripts/cert directory.\n");
}
if ((!-r "$::root/.xcat/client-key.pem") || $::FORCE)
{
my $cmd =
"echo 'y\ny\ny\ny' |$::XCATROOT/share/xcat/scripts/setup-local-client.sh root";
xCAT::MsgUtils->message('I', "Running $cmd\n");
my $rc = system($cmd);
if ($rc >> 8)
{
xCAT::MsgUtils->message('E',
"Could not create xCAT certificate in /.xcat/client-key.pem.\n");
}
else
{
xCAT::MsgUtils->message('I', "Created xCAT certificate.\n");
}
}
# copy to postscript directory
my $cmd = "/bin/rm -rf /install/postscripts/_xcat >/dev/null 2>&1";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
my $cmd = "/bin/mkdir -p /install/postscripts/_xcat";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create /install/postscripts/_xcat directory.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Created /install/postscripts/_xcat directory.\n");
}
my $cmd = "/bin/cp -r $::root/.xcat/* /install/postscripts/_xcat";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy $::root/.xcat/* to /install/postscripts/_xcat directory.\n"
);
}
else
{
xCAT::MsgUtils->message('I',
"Copied $::root/.xcat/* to /install/postscripts/_xcat directory.\n");
}
my $cmd = "/bin/cp -r /etc/xcat/ca/certs/* /install/postscripts/ca/certs";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy /etc/xcat/ca/certs/* to /install/postscripts/ca/certs directory.\n"
);
}
else
{
xCAT::MsgUtils->message(
'I',
"Copied /etc/xcat/ca/certs* to /install/postscripts/ca/certs directory.\n"
);
}
#
# if there are xcatd processes then stop them
#
my @xpids = xCAT::Utils->runcmd("ps -ef\|grep \"xcatd\"", 0);
if ($#xpids >= 1)
{ # will have at least "0" for the grep
xCAT::MsgUtils->message('I', "Stopping xcatd processes....\n");
foreach $ps (@xpids)
{
$ps =~ s/^\s+//; # strip any leading spaces
my ($uid, $pid, $ppid, $desc) = split /\s+/, $ps;
# if $ps contains "grep" then it's not one of the daemon processes
if ($ps !~ /grep/)
{
# print "pid=$pid\n";
my $cmd = "/bin/kill -9 $pid";
xCAT::Utils->runcmd($cmd, 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not stop xcatd process $pid.\n");
}
}
}
}
#
# start xcatd
#
xCAT::MsgUtils->message('I', "Starting xcatd.....\n");
my $xcmd;
if ($::osname eq 'AIX')
{
$xcmd = "$::XCATROOT/sbin/xcatd &";
}
else
{
$xcmd = "/etc/init.d/xcatd start";
}
my $outref = xCAT::Utils->runcmd("$xcmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not start xcatd.\n");
}
# for AIX systems add xcatd to the /etc/inittab file
# and add /install/postscripts to /etc/exports
if ($::osname eq 'AIX')
{
my $mkitab_cmd =
'mkitab "xcatd:2:once:/opt/xcat/sbin/xcatd > /dev/console 2>&1" > /dev/null 2>&1';
my $rc = system($mkitab_cmd);
# check if /install/postscripts is in /etc/exports
my $catcmd =
"/bin/cat /etc/exports | grep '/install/postscripts ' >/dev/null 2>&1";
my $outref = xCAT::Utils->runcmd("$catcmd", -1);
if ($::RUNCMD_RC != 0)
{
# if not add it and make sure it is exported
my $ecmd =
"echo '/install/postscripts -ro' >> /etc/exports; exportfs -a";
my $outref2 = xCAT::Utils->runcmd("$ecmd", -1);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not update the /etc/exports file.\n");
}
}
}
# more - Linux-only config
if ($::osname eq 'Linux')
{
#Zap the almost certainly wrong pxelinux.cfg file
if (-f "/tftpboot/pxelinux.cfg/default")
{
$cmd = "/bin/rm /tftpboot/pxelinux.cfg/default";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not remove /tftpboot/pxelinux.cfg/default\n");
}
else
{
xCAT::MsgUtils->message('I',
"Removed /tftpboot/pxelinux.cfg/default.\n");
}
}
# run mknb - only needed for Intel platforms for now
if ($::arch eq "x86_64" || $::arch eq "x86")
{
foreach my $ar (qw(x86 x86_64 ppc64))
{
my $cmd = "$::XCATROOT/sbin/mknb $ar";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"The mknb $ar command returned error: $::RUNCMD_RC.\n");
}
else
{
xCAT::MsgUtils->message('I',
"The mknb $ar command was run with no error.\n");
}
}
}
# run makenetworks
my $cmd = "$::XCATROOT/sbin/makenetworks";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"The makenetworks command returned error: $::RUNCMD_RC.\n");
}
else
{
xCAT::MsgUtils->message('I',
"The makenetworks command was run with no error.\n");
}
# set the nameserver in the site table
my @names =
xCAT::Utils->runcmd(
"/bin/grep nameserver /etc/resolv.conf | cut -d' ' -f 2",
0);
my $ns = join(',', @names);
my $cmd = "$::XCATROOT/sbin/chtab key=nameservers site.value=$ns";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"The chtab command returned error: $::RUNCMD_RC.\n");
}
else
{
xCAT::MsgUtils->message('I',
"Updated the site definition with the value of the nameserver.\n");
}
# restart httpd
my $cmd;
if (-e "/etc/init.d/apache2")
{ #for sles
$cmd = "/etc/init.d/apache2 stop; /etc/init.d/apache2 start";
}
else
{
$cmd = "/etc/init.d/httpd stop; /etc/init.d/httpd start";
}
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not restart httpd.\n");
}
else
{
xCAT::MsgUtils->message('I', "httpd has been restarted.\n");
}
# enable httpd
if (-e "/etc/init.d/apache2")
{ #for sles
$cmd = "/sbin/chkconfig apache2 on";
}
else
{
$cmd = "/sbin/chkconfig httpd on";
}
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E', "Could not enable httpd.\n");
}
else
{
xCAT::MsgUtils->message('I', "httpd has been enabled.\n");
}
my $linux_note =
"xCAT is now installed, it is recommended to tabedit networks \nand set a dynamic ip address range on any networks where nodes \nare to be discovered. Then, run makedhcp -n to create a new dhcpd \nconfiguration file, and \/etc\/init.d\/dhcpd restart. Either examine sample \nconfiguration templates, or write your own, or specify a value per \nnode with nodeadd or tabedit.\n";
xCAT::MsgUtils->message('I', $linux_note);
} #End - more - Linux-only config
exit;
#####################################
# subroutines
#####################################
sub usage
{
xCAT::MsgUtils->message('I', "Usage:\n");
xCAT::MsgUtils->message(
'I',
"xcatconfig - Performs basic xCAT configuration on an xCAT management node.\n\n"
);
xCAT::MsgUtils->message('I', " xcatconfig [-h|--help] [-f|--force]\n\n");
}