8cc763fc72
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1519 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
797 lines
26 KiB
Perl
797 lines
26 KiB
Perl
#!/usr/bin/perl
|
|
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
|
|
#
|
|
#####################################################
|
|
#
|
|
# This is script is called during the initial installation of xCAT
|
|
# It can also be called directly to redo the xcat configuration
|
|
#
|
|
#####################################################
|
|
|
|
BEGIN
|
|
{
|
|
$::XCATROOT = $ENV{'XCATROOT'} ? $ENV{'XCATROOT'} : '/opt/xcat';
|
|
$::XCATDIR = $ENV{'XCATDIR'} ? $ENV{'XCATDIR'} : '/etc/xcat';
|
|
}
|
|
|
|
use lib "$::XCATROOT/lib/perl";
|
|
use xCAT::Utils;
|
|
use Getopt::Long;
|
|
use xCAT::MsgUtils;
|
|
use Socket;
|
|
|
|
$::progname = "xcatconfig";
|
|
|
|
Getopt::Long::Configure("bundling") ;
|
|
$Getopt::Long::ignorecase=0;
|
|
|
|
# parse the options
|
|
if(!GetOptions(
|
|
'f|force' => \$::FORCE,
|
|
'h|help' => \$::HELP,
|
|
'v|version' => \$::VERSION,))
|
|
{
|
|
&usage;
|
|
exit(1);
|
|
}
|
|
|
|
# display the usage if -h or --help is specified
|
|
if ($::HELP) {
|
|
&usage;
|
|
exit(0);
|
|
}
|
|
|
|
# display the version statement if -v or --verison is specified
|
|
if ($::VERSION)
|
|
{
|
|
xCAT::MsgUtils->message('I', "$::progname: version 1.0\n");
|
|
exit(0);
|
|
}
|
|
|
|
$::osname=`uname`;
|
|
chomp $::osname;
|
|
|
|
if ($::osname eq 'AIX') {
|
|
$::arch=`uname -p`;
|
|
$::root = "";
|
|
} else {
|
|
$::arch=`uname -m`;
|
|
$::root = "/root";
|
|
}
|
|
chomp $::arch;
|
|
chomp $::root;
|
|
# some Linux-only config
|
|
# (used to FTP postscripts to nodes)
|
|
if ($::osname eq 'Linux') {
|
|
# Locally mount /var/ftp/install over /install
|
|
if ( ! -d "/var/ftp/install" ) {
|
|
my $cmd = "/bin/mkdir -p /var/ftp/install";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /var/ftp/install directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /var/ftp/install directory.\n");
|
|
}
|
|
}
|
|
|
|
#
|
|
# add /var/ftp/install to /etc/fstab and mount - if needed
|
|
#
|
|
my $changed_fstab=0;
|
|
my $cmd = "/bin/cat /etc/fstab | grep '/var/ftp/install'";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", -1);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
# ok - then add this entry
|
|
my $cmd = "/bin/echo '/install /var/ftp/install none bind,defaults 0 0' >> /etc/fstab";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not update the /etc/fstab file.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Added /var/ftp/install to the /etc/fstab file.\n");
|
|
$changed_fstab++;
|
|
}
|
|
}
|
|
if ($changed_fstab) {
|
|
# mount /var/ftp/install
|
|
my $cmd = "mount /var/ftp/install";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not mount /var/ftp/install.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "/var/ftp/install has been mounted over /install.\n");
|
|
}
|
|
}
|
|
|
|
#
|
|
# add /var/ftp/tftpboot to /etc/fstab and mount - if needed
|
|
#
|
|
my $changed_fstab=0;
|
|
my $cmd = "/bin/cat /etc/fstab | grep '/var/ftp/tftpboot'";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", -1);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
# ok - then add this entry
|
|
my $cmd = "/bin/echo '/tftpboot /var/ftp/tftpboot none bind,defaults 0 0' >> /etc/fstab";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not update the /etc/fstab file.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Added /var/ftp/tftpboot to the /etc/fstab file.\n");
|
|
$changed_fstab++;
|
|
}
|
|
}
|
|
if ($changed_fstab) {
|
|
# mount /var/ftp/tftpboot
|
|
my $cmd = "mount /var/ftp/tftpboot";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not mount /var/ftp/tftpboot.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "/var/ftp/tftpboot has been mounted over /tftpboot.\n");
|
|
}
|
|
}
|
|
|
|
# start vsftpd
|
|
my $cmd = "/sbin/chkconfig vsftpd on";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
my $cmd = "/etc/rc.d/init.d/vsftpd restart";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not start VSFTPD.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "VSFTPD has been restarted.\n");
|
|
}
|
|
|
|
} # - some Linux-only config
|
|
|
|
#
|
|
# Generate ssh keys
|
|
#
|
|
if ( (! -f "/install/postscripts/hostkeys/ssh_host_key") || $::FORCE){
|
|
|
|
# create /install/postscripts/hostkeys if needed
|
|
if ( ! -d "/install/postscripts/hostkeys" ) {
|
|
my $cmd = "/bin/mkdir -p /install/postscripts/hostkeys";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /install/postscripts/hostkeys directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /install/postscripts/hostkeys directory.\n");
|
|
}
|
|
}
|
|
|
|
if ($::FORCE){
|
|
# remove the old keys
|
|
my $cmd = "/bin/rm /install/postscripts/hostkeys/ssh_host*";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not remove ssh keys from /install/postscripts/hostkeys directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Removed ssh keys from /install/postscripts/hostkeys directory.\n");
|
|
}
|
|
}
|
|
|
|
xCAT::MsgUtils->message('I', "Generating SSH1 RSA Key...\n");
|
|
my $cmd = "/usr/bin/ssh-keygen -t rsa1 -f /install/postscripts/hostkeys/ssh_host_key -C '' -N ''";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not generate SSH1 RSA key.\n");
|
|
}
|
|
|
|
xCAT::MsgUtils->message('I', "Generating SSH2 RSA Key...\n");
|
|
my $cmd = "/usr/bin/ssh-keygen -t rsa -f /install/postscripts/hostkeys/ssh_host_rsa_key -C '' -N ''";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not generate SSH2 RSA key.\n");
|
|
}
|
|
|
|
xCAT::MsgUtils->message('I', "Generating SSH2 DSA Key...\n");
|
|
my $cmd = "/usr/bin/ssh-keygen -t dsa -f /install/postscripts/hostkeys/ssh_host_dsa_key -C '' -N ''";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not generate SSH2 DSA key.\n");
|
|
}
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "/install/postscripts/hostkeys directory exists, no keys generated. Use --force option to generate new keys.\n");
|
|
}
|
|
|
|
#
|
|
# move old directories if they exist
|
|
if (-d "/install/postscripts/.ssh") {
|
|
my $cmd = "/bin/mv /install/postscripts/.ssh /install/postscripts/_ssh";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not move /install/postscripts/.ssh directory to /install/postscripts/_ssh.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Moved /install/postscripts/.ssh directory to /install/postscripts/_ssh.\n");
|
|
}
|
|
}
|
|
if (-d "/install/postscripts/.xcat") {
|
|
my $cmd = "/bin/mv /install/postscripts/.xcat /install/postscripts/_xcat";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not move /install/postscripts/.xcat directory to /install/postscripts/_xcat.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Moved /install/postscripts/.xcat directory to /install/postscripts/_xcat.\n");
|
|
}
|
|
}
|
|
|
|
#
|
|
# create /.ssh dir if needed
|
|
#
|
|
my $sshdir = "$::root/.ssh";
|
|
if ( ! -d $sshdir ) {
|
|
my $cmd = "/bin/mkdir -m 700 -p $sshdir";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create $sshdir directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created $sshdir directory.\n");
|
|
}
|
|
}
|
|
|
|
#
|
|
# create or modify the -/.ssh/config file
|
|
#
|
|
my $cfgfile = "$::root/.ssh/config";
|
|
if (( -f $cfgfile ) || $::FORCE) {
|
|
# it exists - so see if it needs to be updated - ???????? check!!!
|
|
# xCAT::MsgUtils->message('I', "Checking for \'StrictHostKeyChecking no\' in $cfgfile.\n");
|
|
my $cmd = "/bin/cat $cfgfile | grep 'StrictHostKeyChecking no'";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", -1);
|
|
if ($::RUNCMD_RC != 0) {
|
|
# ok - then add this entry
|
|
my $cmd = "/bin/echo StrictHostKeyChecking no >> $cfgfile; chmod 600 $cfgfile";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not update the $cfgfile file.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Added updates to the $cfgfile file.\n");
|
|
}
|
|
}
|
|
} else {
|
|
# file doesn't exist so just create it
|
|
my $cmd = "/bin/echo StrictHostKeyChecking no > $cfgfile; chmod 600 $cfgfile";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not update the $cfgfile file.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Added updates to the $cfgfile file.\n");
|
|
}
|
|
}
|
|
|
|
#
|
|
# create /install/postscripts/_ssh if needed
|
|
#
|
|
if ( ! -d "/install/postscripts/_ssh" ) {
|
|
my $cmd = "/bin/mkdir -p /install/postscripts/_ssh";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /install/postscripts/_ssh directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /install/postscripts/_ssh directory.\n");
|
|
}
|
|
}
|
|
|
|
#
|
|
# Generate id_rsa.pub
|
|
#
|
|
my $pubfile = "$::root/.ssh/id_rsa.pub";
|
|
my $rsafile = "$::root/.ssh/id_rsa";
|
|
if (( ! -r $pubfile ) || $::FORCE) {
|
|
|
|
if ($::FORCE){
|
|
# remove the old file
|
|
my $cmd = "/bin/rm $::root/.ssh/id_rsa*";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not remove id_rsa files from $::root/.ssh directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Removed id_rsa files from $::root/.ssh directory.\n");
|
|
}
|
|
}
|
|
|
|
my $cmd = "/usr/bin/ssh-keygen -t rsa -q -b 2048 -N '' -f $rsafile";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not generate $pubfile.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Generated $pubfile.\n");
|
|
# copy it
|
|
my $cmd = "/bin/cp $pubfile /install/postscripts/_ssh/authorized_keys";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not copy $pubfile to /install/postscripts/_ssh/authorized_keys.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Copied $pubfile to /install/postscripts/_ssh/authorized_keys.\n");
|
|
}
|
|
}
|
|
}
|
|
|
|
#
|
|
# create /var/log/consoles if needed
|
|
#
|
|
if ( ! -d "/var/log/consoles" ) {
|
|
my $cmd = "/bin/mkdir -p /var/log/consoles";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /var/log/consoles directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /var/log/consoles directory.\n");
|
|
}
|
|
}
|
|
|
|
# some Linux-only config
|
|
if ($::osname eq 'Linux') {
|
|
|
|
my $changed_exports=0;
|
|
|
|
#
|
|
# add tftpboot to /etc/exports - if needed
|
|
#
|
|
|
|
my $cmd = "/bin/cat /etc/exports | grep '/tftpboot'";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", -1);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
|
|
# ok - then add this entry
|
|
#SECURITY: this has potential for sharing private host/user keys
|
|
my $cmd = "/bin/echo '/tftpboot *(rw,root_squash,sync)' >> /etc/exports";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not update the /etc/exports file.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Added /tftpboot to the /etc/exports file.\n");
|
|
$changed_exports++;
|
|
}
|
|
}
|
|
|
|
#
|
|
# add /install to /etc/exports - if needed
|
|
#
|
|
|
|
my $cmd = "/bin/cat /etc/exports | grep '/install'";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", -1);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
# ok - then add this entry
|
|
#SECURITY: this has potential for sharing private host/user keys
|
|
my $cmd = "/bin/echo '/install *(ro,no_root_squash,sync)' >> /etc/exports";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not update the /etc/exports file.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Added /install to the /etc/exports file.\n");
|
|
$changed_exports++;
|
|
}
|
|
}
|
|
|
|
if ($changed_exports) {
|
|
# restart nfs
|
|
my $cmd = "/sbin/service nfs restart";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
|
|
my $cmd = "/sbin/chkconfig nfs on";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not enable NFS.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "NFS has been restarted.\n");
|
|
}
|
|
}
|
|
} # - some Linux-only config
|
|
|
|
#
|
|
# create basic site definition
|
|
#
|
|
my $hname = `hostname`;
|
|
chomp $hname;
|
|
|
|
# some values common to both AIX & Linux
|
|
my $xcatport = "3001";
|
|
my $xcatiport = "3002";
|
|
my $tftpdir = "/tftpboot";
|
|
my $installdir = "/install";
|
|
|
|
my ($name, $aliases, $addrtype, $length, @addrs) = gethostbyname($hname);
|
|
my $master = inet_ntoa($addrs[0]);
|
|
|
|
# set value based on OS
|
|
my ($domain, $timezone);
|
|
if ($::osname eq 'AIX') {
|
|
($domain = $hname) =~ s/^.*?\.//;
|
|
$timezone = $ENV{'TZ'};
|
|
} else {
|
|
$domain = `hostname -d`;
|
|
my $tz;
|
|
if ( -f "/etc/redhat-release") {
|
|
# on Redhat look for "ZONE"
|
|
$tz = `grep ^ZONE /etc/sysconfig/clock|cut -d= -f 2|sed -e 's/"//g'`;
|
|
} else {
|
|
# on SuSE look for "TIMEZONE"
|
|
$tz = `grep ^TIMEZONE /etc/sysconfig/clock|cut -d= -f 2|sed -e 's/"//g'`;
|
|
}
|
|
$timezone = $tz;
|
|
}
|
|
|
|
chomp $timezone;
|
|
chomp $master;
|
|
chomp $domain;
|
|
|
|
# create basic site definition
|
|
if (( ! -r "/etc/xcat/site.sqlite" ) || $::FORCE){
|
|
my $chtabcmds;
|
|
$chtabcmds = "$::XCATROOT/sbin/chtab key=xcatdport site.value=$xcatport;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab key=xcatiport site.value=$xcatiport;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab key=tftpdir site.value=$tftpdir;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab key=installdir site.value=$installdir;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab key=master site.value=$master;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab key=domain site.value=$domain;";
|
|
if ($::osname eq 'Linux') {
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab key=timezone site.value=$timezone";
|
|
}
|
|
if ($::osname eq 'AIX') {
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab key=remoteshell site.value=/bin/rsh;";
|
|
}
|
|
|
|
my $outref = xCAT::Utils->runcmd("$chtabcmds", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create site definition.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Updated cluster site definition.\n");
|
|
}
|
|
}
|
|
|
|
# create default postscript list in postscripts table
|
|
if (( ! -r "/etc/xcat/postscripts.sqlite" ) || $::FORCE) {
|
|
my $chtabcmds;
|
|
$chtabcmds = "$::XCATROOT/sbin/chtab node=xcatdefaults postscripts.postscripts='syslog,,remoteshell';";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab node=service postscripts.postscripts='servicenode';";
|
|
|
|
my $outref = xCAT::Utils->runcmd("$chtabcmds", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create postscripts definition.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created postscripts definition.\n");
|
|
}
|
|
}
|
|
|
|
# create basic policy definition.
|
|
if (( ! -r "/etc/xcat/policy.sqlite" ) || $::FORCE) {
|
|
my $chtabcmds;
|
|
if ($::osname eq 'AIX' ) {
|
|
$chtabcmds = "$::XCATROOT/sbin/chtab priority=1 policy.name=root policy.rule=allow;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab priority=4.4 policy.commands=getpostscript policy.rule=allow;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab priority=4.5 policy.commands=getcredentials policy.rule=allow";
|
|
} else {
|
|
$chtabcmds = "$::XCATROOT/sbin/chtab priority=1 policy.name=root policy.rule=allow;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab priority=2 policy.commands=getbmcconfig policy.rule=allow;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab priority=3 policy.commands=nextdestiny policy.rule=allow;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab priority=4 policy.commands=getdestiny policy.rule=allow;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab priority=4.4 policy.commands=getpostscript policy.rule=allow;";
|
|
$chtabcmds .= "$::XCATROOT/sbin/chtab priority=4.5 policy.commands=getcredentials policy.rule=allow";
|
|
}
|
|
my $outref = xCAT::Utils->runcmd("$chtabcmds", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create policy definition.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created policy definition.\n");
|
|
}
|
|
}
|
|
|
|
#
|
|
# set up syslog
|
|
#
|
|
# (use postscript to set up syslog -- leaving old code for now in case it
|
|
# did something differnt)
|
|
my $cmd = "/install/postscripts/syslog";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not set up syslog.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "syslog has been set up.\n");
|
|
}
|
|
# <old syslog setup code -- delete after new code is well verified>
|
|
# if backup file exists assume it's already set up
|
|
#if (( ! -r "/etc/syslog.conf.ORIG" ) || $::FORCE) {
|
|
# my $syslogcmds;
|
|
# $syslogcmds = "cp /etc/syslog.conf /etc/syslog.conf.ORIG;";
|
|
# $syslogcmds .= "echo '*.debug /var/log/localmessages' > /etc/test.tmp;";
|
|
# $syslogcmds .= "echo '*.crit /var/log/localmessages' >> /etc/test.tmp;";
|
|
# $syslogcmds .= "cat /etc/test.tmp >> /etc/syslog.conf;";
|
|
# $syslogcmds .= "rm /etc/test.tmp;";
|
|
# $syslogcmds .= "touch /var/log/localmessages;";
|
|
# if ($::osname eq 'AIX') {
|
|
# $syslogcmds .= "stopsrc -s syslogd;";
|
|
# $syslogcmds .= "startsrc -s syslogd;";
|
|
# } else {
|
|
# $syslogcmds .= "/etc/rc.d/init.d/syslog stop;";
|
|
# $syslogcmds .= "/etc/rc.d/init.d/syslog start;";
|
|
# }
|
|
#
|
|
# my $outref = xCAT::Utils->runcmd("$syslogcmds", 0);
|
|
# if ($::RUNCMD_RC != 0)
|
|
# {
|
|
# xCAT::MsgUtils->message('E', "Could not set up syslog.\n");
|
|
# } else {
|
|
# xCAT::MsgUtils->message('I', "Started syslog daemon.\n");
|
|
# }
|
|
#}
|
|
|
|
#
|
|
# set up the certificates for xcatd
|
|
#
|
|
if (( ! -d "/etc/xcat/ca" ) || $::FORCE) {
|
|
xCAT::MsgUtils->message('I', "\nSetting up basic certificates. Respond with a \'y\' when prompted.\n\n");
|
|
my $cmd = "echo 'y\ny\ny\ny' |$::XCATROOT/share/xcat/scripts/setup-xcat-ca.sh 'xCAT CA'";
|
|
xCAT::MsgUtils->message('I', "Running $cmd\n");
|
|
my $rc = system($cmd);
|
|
if ($rc >> 8)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create xCAT certificate in /etc/xcat/ca.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created xCAT certificate.\n");
|
|
}
|
|
}
|
|
# copy to postscript directory
|
|
my $cmd = "/bin/rm -rf /install/postscripts/ca &2>/dev/null";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
my $cmd = "/bin/mkdir -p /install/postscripts/ca";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /install/postscripts/ca directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /install/postscripts/ca directory.\n");
|
|
}
|
|
my $cmd = "/bin/cp -r /etc/xcat/ca/* /install/postscripts/ca";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not copy /etc/xcat/ca/* to /install/postscripts/ca directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Copied /etc/xcat/ca/* to /install/postscripts/ca directory.\n");
|
|
}
|
|
|
|
if (( ! -d "/etc/xcat/cert" ) || $::FORCE) {
|
|
my $cmd = "echo 'y\ny\ny\ny' |$::XCATROOT/share/xcat/scripts/setup-server-cert.sh $hname";
|
|
xCAT::MsgUtils->message('I', "Running $cmd\n");
|
|
my $rc = system($cmd);
|
|
if ($rc >> 8)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create xCAT certificate in /etc/xcat/cert.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created xCAT certificate.\n");
|
|
}
|
|
}
|
|
# copy to postscript directory
|
|
my $cmd = "/bin/rm -rf /install/postscripts/cert &2>/dev/null";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
my $cmd = "/bin/mkdir -p /install/postscripts/cert";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /install/postscripts/cert directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /install/postscripts/cert directory.\n");
|
|
}
|
|
my $cmd = "/bin/cp -r /etc/xcat/cert/* /install/postscripts/cert";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not copy /etc/xcat/cert/* to /install/postscripts/cert directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Copied /etc/xcat/cert/* to /install/postscripts/cert directory.\n");
|
|
}
|
|
|
|
|
|
if ( ( ! -r "$::root/.xcat/client-key.pem") || $::FORCE){
|
|
|
|
my $cmd = "echo 'y\ny\ny\ny' |$::XCATROOT/share/xcat/scripts/setup-local-client.sh root";
|
|
xCAT::MsgUtils->message('I', "Running $cmd\n");
|
|
my $rc = system($cmd);
|
|
if ($rc >> 8)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create xCAT certificate in /.xcat/client-key.pem.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created xCAT certificate.\n");
|
|
}
|
|
}
|
|
# copy to postscript directory
|
|
my $cmd = "/bin/rm -rf /install/postscripts/_xcat &2>/dev/null";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
my $cmd = "/bin/mkdir -p /install/postscripts/_xcat";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /install/postscripts/_xcat directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /install/postscripts/_xcat directory.\n");
|
|
}
|
|
my $cmd = "/bin/cp -r $::root/.xcat/* /install/postscripts/_xcat";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not copy $::root/.xcat/* to /install/postscripts/_xcat directory.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Copied $::root/.xcat/* to /install/postscripts/_xcat directory.\n");
|
|
}
|
|
|
|
# Make this system a management node
|
|
my $cmd = "/bin/touch /etc/xCATMN";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not create /etc/xCATMN file.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Created /etc/xCATMN file.\n");
|
|
}
|
|
|
|
#
|
|
# if there are xcatd processes then stop them
|
|
#
|
|
my @xpids = xCAT::Utils->runcmd("ps -ef\|grep \"xcatd\"", 0);
|
|
if ($#xpids >= 1) { # will have at least "0" for the grep
|
|
xCAT::MsgUtils->message('I', "Stopping xcatd processes....\n");
|
|
foreach $ps (@xpids)
|
|
{
|
|
|
|
$ps =~ s/^\s+//; # strip any leading spaces
|
|
my ($uid, $pid, $ppid, $desc) = split /\s+/, $ps;
|
|
# if $ps contains "grep" then it's not one of the daemon processes
|
|
if ( $ps !~/grep/)
|
|
{
|
|
# print "pid=$pid\n";
|
|
my $cmd = "/bin/kill -9 $pid";
|
|
xCAT::Utils->runcmd($cmd, 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not stop xcatd process $pid.\n");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
#
|
|
# start xcatd
|
|
#
|
|
xCAT::MsgUtils->message('I', "Starting xcatd.....\n");
|
|
my $xcmd;
|
|
if ($::osname eq 'AIX') {
|
|
$xcmd = "$::XCATROOT/sbin/xcatd &";
|
|
} else {
|
|
$xcmd = "/etc/init.d/xcatd start";
|
|
}
|
|
|
|
my $outref = xCAT::Utils->runcmd("$xcmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not start xcatd.\n");
|
|
}
|
|
|
|
# more - Linux-only config
|
|
if ($::osname eq 'Linux') {
|
|
|
|
#Zap the almost certainly wrong pxelinux.cfg file
|
|
if ( -f "/tftpboot/pxelinux.cfg/default") {
|
|
$cmd = "/bin/rm /tftpboot/pxelinux.cfg/default";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not remove /tftpboot/pxelinux.cfg/default\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Removed /tftpboot/pxelinux.cfg/default.\n");
|
|
}
|
|
}
|
|
|
|
# run mknb
|
|
if ($::arch eq "x86_64") {
|
|
my $cmd = "$::XCATROOT/sbin/mknb x86_64";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "The mknb x86_64 command returned error: $::RUNCMD_RC.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "The mknb x86_64 command was run with no error.\n");
|
|
}
|
|
}
|
|
if ($::arch eq "ppc64") {
|
|
my $cmd = "$::XCATROOT/sbin/mknb ppc64";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "The mknb ppc64 command returned error: $::RUNCMD_RC.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "The mknb ppc64 command was run with no error.\n");
|
|
}
|
|
}
|
|
|
|
# run makenetworks
|
|
my $cmd = "$::XCATROOT/sbin/makenetworks";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "The makenetworks command returned error: $::RUNCMD_RC.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "The makenetworks command was run with no error.\n")
|
|
}
|
|
|
|
# set the nameserver in the site table
|
|
my @names = xCAT::Utils->runcmd("/bin/grep nameserver /etc/resolv.conf | cut -d' ' -f 2", 0);
|
|
my $ns = join(',',@names);
|
|
my $cmd = "$::XCATROOT/sbin/chtab key=nameservers site.value=$ns";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "The chtab command returned error: $::RUNCMD_RC.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "Updated the site definition with the value of the nameserver.\n");
|
|
}
|
|
|
|
# restart httpd
|
|
my $cmd = "/etc/rc.d/init.d/httpd stop; /etc/rc.d/init.d/httpd start";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not restart httpd.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "httpd has been restarted.\n");
|
|
}
|
|
|
|
# enable httpd
|
|
my $cmd = "/sbin/chkconfig httpd on";
|
|
my $outref = xCAT::Utils->runcmd("$cmd", 0);
|
|
if ($::RUNCMD_RC != 0)
|
|
{
|
|
xCAT::MsgUtils->message('E', "Could not enable httpd.\n");
|
|
} else {
|
|
xCAT::MsgUtils->message('I', "httpd has been enabled.\n");
|
|
}
|
|
|
|
my $linux_note= "xCAT is now installed, it is recommended to tabedit networks \nand set a dynamic ip address range on any networks where nodes \nare to be discovered. Then, run makedhcp -n to create a new dhcpd \nconfiguration file, and \/etc\/init.d\/dhcpd restart. Either examine sample \nconfiguration templates, or write your own, or specify a value per \nnode with nodeadd or tabedit.\n";
|
|
xCAT::MsgUtils->message('I', $linux_note);
|
|
|
|
} #End - more - Linux-only config
|
|
|
|
exit;
|
|
|
|
#####################################
|
|
# subroutines
|
|
#####################################
|
|
|
|
sub usage {
|
|
xCAT::MsgUtils->message('I', "Usage:\n");
|
|
xCAT::MsgUtils->message('I', "xcatconfig - Performs basic xCAT configuration on an xCAT management node.\n\n");
|
|
xCAT::MsgUtils->message('I', " xcatconfig [-h|--help] [-f|--force]\n\n");
|
|
}
|