From a9b9c89c28fa9c914aee3423edd264476bcf10ca Mon Sep 17 00:00:00 2001 From: ertaozh Date: Thu, 25 Aug 2016 01:14:13 -0400 Subject: [PATCH] Remove the hardcoded password for FSP --- .../references/man1/rspconfig.1.rst | 26 +---- perl-xCAT/xCAT/PPCcfg.pm | 45 +------- perl-xCAT/xCAT/PPCfsp.pm | 102 +----------------- perl-xCAT/xCAT/Usage.pm | 4 - xCAT-client/pods/man1/rspconfig.1.pod | 22 +--- xCAT-server/lib/perl/xCAT/PPC.pm | 2 - 6 files changed, 9 insertions(+), 192 deletions(-) diff --git a/docs/source/guides/admin-guides/references/man1/rspconfig.1.rst b/docs/source/guides/admin-guides/references/man1/rspconfig.1.rst index 911a80222..e737ef070 100644 --- a/docs/source/guides/admin-guides/references/man1/rspconfig.1.rst +++ b/docs/source/guides/admin-guides/references/man1/rspconfig.1.rst @@ -80,16 +80,12 @@ FSP/CEC specific: ================= -\ **rspconfig**\ \ *noderange*\ {\ **autopower | iocap | dev | celogin1 | decfg | memdecfg | procdecfg | time | date | spdump | sysdump | network**\ } +\ **rspconfig**\ \ *noderange*\ {\ **autopower | iocap | decfg | memdecfg | procdecfg | time | date | spdump | sysdump | network**\ } \ **rspconfig**\ \ *noderange*\ \ **autopower**\ ={\ **enable | disable**\ } \ **rspconfig**\ \ *noderange*\ \ **iocap**\ ={\ **enable | disable**\ } -\ **rspconfig**\ \ *noderange*\ \ **dev**\ ={\ **enable | disable**\ } - -\ **rspconfig**\ \ *noderange*\ \ **celogin1**\ ={\ **enable | disable**\ } - \ **rspconfig**\ \ *noderange*\ \ **time**\ =\ *hh:mm:ss*\ \ **rspconfig**\ \ *noderange*\ \ **date**\ =\ *mm:dd:yyyy*\ @@ -142,7 +138,7 @@ BPA/Frame Specific: =================== -\ **rspconfig**\ \ *noderange*\ {\ **network | dev | celogin1**\ } +\ **rspconfig**\ \ *noderange*\ {\ **network**\ } \ **rspconfig**\ \ *noderange*\ \ **network**\ ={\ **nic,**\ \*} @@ -150,10 +146,6 @@ BPA/Frame Specific: \ **rspconfig**\ \ *noderange*\ \ **network**\ ={\ **nic,0.0.0.0**\ } -\ **rspconfig**\ \ *noderange*\ \ **dev**\ ={\ **enable | disable**\ } - -\ **rspconfig**\ \ *noderange*\ \ **celogin1**\ ={\ **enable | disable**\ } - \ **rspconfig**\ \ *noderange*\ \ **HMC_passwd**\ ={\ *currentpasswd,newpasswd*\ } \ **rspconfig**\ \ *noderange*\ \ **admin_passwd**\ ={\ *currentpasswd,newpasswd*\ } @@ -255,7 +247,7 @@ DESCRIPTION \ **rspconfig**\ configures various settings in the nodes' service processors. If only a keyword is specified, without the \ **=**\ , it displays the current value. -For options \ **autopower | iocap | dev | celogin1 | decfg | memdecfg | procdecfg | time | date | spdump | sysdump | network**\ , user need to use \ *chdef -t site enableASMI=yes*\ to enable ASMI first. For options \ **dev | celogin1**\ , user also need to contact IBM service to get the dynamic password for 'celogin' and put it in passwd table. After completed the command, user should use \ *chdef -t site enableASMI=no*\ to disable ASMI. +For options \ **autopower | iocap | decfg | memdecfg | procdecfg | time | date | spdump | sysdump | network**\ , user need to use \ *chdef -t site enableASMI=yes*\ to enable ASMI first. ******* @@ -396,18 +388,6 @@ OPTIONS -\ **dev**\ ={\ **enable**\ | \ **disable**\ } - - Enable or disable the CEC|Frame 'dev' account or display account status if no value specified. - - - -\ **celogin1**\ ={\ **enable**\ | \ **disable**\ } - - Enable or disable the CEC|Frame 'celogin1' account or display account status if no value specified. - - - \ **ip**\ The ip address. diff --git a/perl-xCAT/xCAT/PPCcfg.pm b/perl-xCAT/xCAT/PPCcfg.pm index 9c0f1c2af..cae3b7907 100644 --- a/perl-xCAT/xCAT/PPCcfg.pm +++ b/perl-xCAT/xCAT/PPCcfg.pm @@ -50,9 +50,7 @@ sub parse_args { "general_passwd", "*_passwd", "hostname", - "resetnet", - "dev", - "celogin1" + "resetnet" ); my @bpa = ( "frame", @@ -63,9 +61,7 @@ sub parse_args { "general_passwd", "*_passwd", "hostname", - "resetnet", - "dev", - "celogin1" + "resetnet" ); my @ppc = ( "sshcfg" @@ -169,16 +165,6 @@ sub parse_args { return (usage("No argument specified for '$_'")); } } - { - if ($request->{dev} eq '1' && $request->{other} eq '1') { - return (usage("Invalid command arrays")); - } - - # my $result = parse_dev_option( $request, \%cmds); - # if ($result) { - # return ( usage($result)); - # } - } #################################### # Return method to invoke #################################### @@ -216,25 +202,6 @@ sub parse_args { return (\%opt); } - -sub parse_dev_option { - my $req = shift; - my $cmds = shift; - foreach my $cmd (keys %$cmds) { - if ($cmd =~ /^(dev|celogin1)$/) { - if ($cmds->{$cmd} and ($cmds->{$cmd} !~ /^(enable|disable)$/i)) { - return ("Invalid argument " . $cmds->{$cmd} . " for " . $cmd); - } - $req->{dev} = 1; - } else { - $req->{other} = 1; - } - } - if ($req->{dev} eq '1' && $req->{other} eq '1') { - return ("Invalid command arrays"); - } - return undef; -} ########################################################################## # Parse the command line optional arguments ########################################################################## @@ -324,14 +291,6 @@ sub parse_option { } } - if ($command eq 'dev' or $command eq 'celogin1') { - if ($value !~ /^(enable|disable)$/i) { - return ("Invalid argument '$value'"); - } - $request->{dev} = 1; - } else { - $request->{other} = 1; - } return undef; } diff --git a/perl-xCAT/xCAT/PPCfsp.pm b/perl-xCAT/xCAT/PPCfsp.pm index 081ac4217..be754ee57 100644 --- a/perl-xCAT/xCAT/PPCfsp.pm +++ b/perl-xCAT/xCAT/PPCfsp.pm @@ -38,9 +38,7 @@ my %cmds = ( autopower => [ "Auto Power Restart", \&autopower ], sysdump => [ "System Dump", \&sysdump ], spdump => [ "Service Processor Dump", \&spdump ], - network => [ "Network Configuration", \&netcfg ], - dev => [ "Service Processor Command Line", \&devenable ], - celogin1 => [ "Service Processor Command Line", \&ce1enable ] }, + network => [ "Network Configuration", \&netcfg ]}, ); @@ -216,55 +214,6 @@ sub connect { } -sub ce1enable { - return &loginenable($_[0], $_[1], $_[2], "celogin1"); -} - -sub devenable { - return &loginenable($_[0], $_[1], $_[2], "dev"); -} -my %cmdline_for_log = ( - dev => { - enable => "registry -Hw nets/DevEnabled 1", - disable => "registry -Hw nets/DevEnabled 0", - check_pwd => "registry -l DevPwdFile", - create_pwd => "netsDynPwdTool --create dev FipSdev", - password => "FipSdev" - }, - celogin1 => { - enable => "registry -Hw nets/CE1Enabled 1", - disable => "registry -Hw nets/CE1Enabled 0", - check_pwd => "registry -l Ce1PwdFile", - create_pwd => "netsDynPwdTool --create celogin1 FipSce1", - password => "FipSce1" - }, -); - -sub send_command { - my $ua = shift; - my $server = shift; - my $id = shift; - my $log_name = shift; - my $cmd = shift; - my $cmd_line = $cmdline_for_log{$log_name}{$cmd}; - if (!defined($cmd_line)) { - return undef; - } - my $res = $ua->post("https://$server/cgi-bin/cgi", - [ form => $id, - cmd => $cmd_line, - submit => "Execute" ] - ); - - if (!$res->is_success()) { - return undef; - } - if ($res->content =~ /(not allowed.*\.|Invalid entry)/) { - return undef; - } - return $res->content; -} - sub loginstate { my $ua = shift; my $server = shift; @@ -282,55 +231,6 @@ sub loginstate { } } -sub loginenable { - my $exp = shift; - my $request = shift; - my $id = shift; - my $log_name = shift; - my $ua = @$exp[0]; - my $server = @$exp[1]; - - my $value = $request->{method}{$log_name}; - if (!defined($value)) { - return &loginstate($ua, $server, $log_name); - } - my $url = "https://$server/cgi-bin/cgi?form=$id"; - my $res = $ua->get($url); - if (!$res->is_success()) { - return ([ RC_ERROR, $res->status_line ]); - } - - $res = &send_command($ua, $server, $id, $log_name, $value); - if (!defined($res)) { - return ([ RC_ERROR, "Send command Failed" ]); - } - if ($value =~ m/^disable$/) { - my $out = sprintf("%9s: Disabled", $log_name); - return ([ SUCCESS, $out ]); - } - - #check password# - $res = &send_command($ua, $server, $id, $log_name, "check_pwd"); - if (!defined($res)) { - return ([ RC_ERROR, "Send command Failed" ]); - } - my $password = undef; - if ($res =~ m/\[\d+([a-zA-Z]+)\d+\]/) { - $password = $1; - } else { - - # create password # - $res = &send_command($ua, $server, $id, $log_name, "create_pwd"); - if (!defined($res)) { - return ([ RC_ERROR, "Send command Failed" ]); - } - $password = $cmdline_for_log{$log_name}{password}; - print "create password for $log_name is '$cmdline_for_log{$log_name}{password}'\n"; - } - my $out = sprintf("%9s: Enabled, password: $password", $log_name); - return ([ SUCCESS, $out ]); -} - sub disconnect { my $exp = shift; diff --git a/perl-xCAT/xCAT/Usage.pm b/perl-xCAT/xCAT/Usage.pm index 523ba6acb..b978a03d1 100755 --- a/perl-xCAT/xCAT/Usage.pm +++ b/perl-xCAT/xCAT/Usage.pm @@ -187,10 +187,6 @@ my %usage = ( HMC specific: rspconfig [sshcfg] rspconfig [sshcfg=] - CEC|Frame(using ASM)Specific: - rspconfig [dev|celogin1] - rspconfig [dev=]| - rspconfig [celogin1=] ", "getmacs" => "Usage: diff --git a/xCAT-client/pods/man1/rspconfig.1.pod b/xCAT-client/pods/man1/rspconfig.1.pod index e2f89c4b1..eabf3cb61 100644 --- a/xCAT-client/pods/man1/rspconfig.1.pod +++ b/xCAT-client/pods/man1/rspconfig.1.pod @@ -54,16 +54,12 @@ B I B={[B],[B],[B],[ =head2 FSP/CEC specific: -B I {B|B|B|B|B|B|B|B