mirror of
				https://github.com/xcat2/xcat-core.git
				synced 2025-10-26 08:55:24 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			620 lines
		
	
	
		
			23 KiB
		
	
	
	
		
			Plaintext
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			620 lines
		
	
	
		
			23 KiB
		
	
	
	
		
			Plaintext
		
	
	
		
			Executable File
		
	
	
	
	
| # IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
 | |
| # Lenovo (c) 2016
 | |
| #
 | |
| # Raw commands to set BMCs to defaults
 | |
| #   dx320
 | |
| #     0x2e 0x10 0x4d 0x4f 0x00 0xff
 | |
| #
 | |
| #   dx340 
 | |
| #     0x30 0x13 0xff 0x00 0x00 0x00
 | |
| #
 | |
| #   dx360/x3450
 | |
| #     0x30 0x02 0x43 0x4c 0x52 0xaa
 | |
| #     0x08 0x00 0x49 0x4e 0x54 0x45 0x4c
 | |
| #     0x08 0x04
 | |
| #
 | |
| log_label="xcat.genesis.bmcsetup"
 | |
| 
 | |
| TIMEOUT=15
 | |
| 
 | |
| #
 | |
| # Function: cold_reset_bmc
 | |
| #
 | |
| # Cold reset the BMC for certain servers
 | |
| #    Product ID: 309                          - x3755 M4 (8722)
 | |
| #    Product ID: 43707 and Manufacturer ID: 0 - IBM Power S822LC and S812LC
 | |
| #
 | |
| # Otherwise the BMC will not respond to ping after running the ipmitool commands in this script
 | |
| # It is found that Dell PowerEdge M605 server have the same product ID '43707', but its 'Manufacturer ID' is '674'
 | |
| function cold_reset_bmc() { 
 | |
|     if [ -z $XPROD ]; then 
 | |
|         logger -s -t $log_label -p local4.crit "CRITICAL ERROR - XPROD must be set before calling ${FUNCNAME[0]}"
 | |
|         rm -f /tmp/ipmicfg.xml
 | |
|         exit 1
 | |
|     fi
 | |
|     if [ "$XPROD" = "43707" -a "$IPMIMFG" != '0' ]; then
 | |
|         return
 | |
|     fi
 | |
|     if [ "$XPROD" = "309" -o "$XPROD" = "43707" ] ; then
 | |
|         if [ "$XPROD" = "43707" ]; then
 | |
|             # OpenPower SPECIFIC, the OpenPower machines with AMI BMC should NOT need a 
 | |
|             # reset after applying ipmitool commands.  However, it seems there is a problem with 
 | |
|             # the BMC where after 15 seconds, it stops responding.  To work around, sleep 30
 | |
|             # seconds before issuing the reset of the BMC.
 | |
|             snooze
 | |
|         else
 | |
|             logger -s -t $log_label -p local4.info "Resetting BMC ..."
 | |
|             ipmitool mc reset cold
 | |
|             logger -s -t $log_label -p local4.info "Waiting for the BMC to appear ..."
 | |
|         fi
 | |
| 
 | |
|         if [ "$XPROD" = "43707" ]; then
 | |
|             # OpenPower SPECIFIC, check the BMC with the following raw command to
 | |
|             # make sure that the bmc is really in a "ready" state before continuing 
 | |
|             SLEEP_INTERVAL=3
 | |
|             MAX_ITERATION=100
 | |
|             tries=0
 | |
|             while [ $tries -lt ${MAX_ITERATION} ] ; do
 | |
|                 sleep ${SLEEP_INTERVAL}
 | |
|                 ret=`ipmitool raw 0x3a 0x0a 2> /dev/null`
 | |
|                 if [ "$ret" == " 00" ]; then
 | |
|                     return
 | |
|                 fi
 | |
|                 tries=$(($tries+1))
 | |
|             done
 | |
|             TOTAL_SEC=$((${SLEEP_INTERVAL} * ${MAX_ITERATION}))
 | |
|             logger -s -t $log_label -p local4.error "ERROR, After waiting ${TOTAL_SEC} seconds, the BMC is not in a ready state."
 | |
|         else
 | |
|             # for Non OpenPower servers, just sleep for some set time.
 | |
|             sleep 15 
 | |
| 
 | |
|             TRIES=0
 | |
|             # Get the LAN information
 | |
|             while ! ipmitool lan print $LANCHAN > /dev/null; do
 | |
|                 sleep 3
 | |
|                 let TRIES=TRIES+1
 | |
|                 if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|             done
 | |
|         fi 
 | |
|     fi
 | |
| }
 | |
| 
 | |
| #
 | |
| # Function snooze()
 | |
| #
 | |
| # The purpose of this is to work around the issue with OpenPower BMCs after 
 | |
| # making a change to network configuration, sleep 30 to be sure the changes apply.
 | |
| #
 | |
| function snooze() { 
 | |
|     if [ -z $XPROD ]; then 
 | |
|         logger -s -t $log_label -p local4.crit "CRITICAL ERROR - XPROD must be set before calling ${FUNCNAME[0]}"
 | |
|         rm -f /tmp/ipmicfg.xml
 | |
|         exit 1
 | |
|     fi
 | |
|     if [ "$XPROD" = "43707" -a "$IPMIMFG" != '0' ]; then
 | |
|         return
 | |
|     fi
 | |
|     if [ "$XPROD" = "43707" ]; then
 | |
|         # For OpenPower Machines 
 | |
|         logger -s -t $log_label -p local4.debug "OpenPower, snooze for 30 seconds..."
 | |
|         sleep 30
 | |
|     else
 | |
|         logger -s -t $log_label -p local4.debug "snooze for 1 second..."
 | |
|         sleep 1
 | |
|     fi
 | |
| } 
 | |
| 
 | |
| if which ipmitool 2>&1 | grep no; then 
 | |
|     echo "No ipmitool find, please install it first"; 
 | |
|     exit 1;
 | |
| fi
 | |
| 
 | |
| # Add ipmi_devintf module to allow the ipmitool operation in-band
 | |
| modprobe ipmi_devintf
 | |
| 
 | |
| allowcred.awk &
 | |
| CREDPID=$!
 | |
| sleep 5
 | |
| IPCFGMETHOD=static
 | |
| while [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; do
 | |
|     while ! getipmi
 | |
|     do
 | |
|         logger -s -t $log_label -p local4.info "Retrying retrieval of IPMI settings from server"
 | |
|     done
 | |
|     BMCIP=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     BMCVLAN=`grep taggedvlan /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     if [ -z "$BMCVLAN" ]; then 
 | |
|         BMCVLAN=off;
 | |
|     fi
 | |
|     BMCGW=`grep gateway /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     BMCNM=`grep netmask /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     BMCUS=`grep username /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     BMCPW=`grep password /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     IPCFGMETHOD=`grep ipcfgmethod /tmp/ipmicfg.xml|awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     if [ -z "$IPCFGMETHOD" ]; then
 | |
|         IPCFGMETHOD="static"
 | |
|     fi
 | |
|     if [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; then
 | |
|         logger -s -t $log_label -p local4.err "FAILED TO RETRIEVE SETTINGS, RETRYING in 15 seconds"
 | |
|         sleep 15
 | |
|     fi
 | |
| done
 | |
| kill $CREDPID
 | |
| NUMBMCS=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'|wc -l`
 | |
| logger -s -t $log_label -p local4.debug "BMC Information obtained from xCAT"
 | |
| logger -s -t $log_label -p local4.debug "NUMBMCS=$NUMBMCS ==> BMC IP=$BMCIP/$BMCNM, GW=$BMCGW, VLAN=$BMCVLAN"
 | |
| 
 | |
| #
 | |
| # Get the BMC Version and Manufacturer ID
 | |
| #
 | |
| MC_INFO=/tmp/xcat.ipmitool.mcinfo
 | |
| 
 | |
| ipmitool mc info > ${MC_INFO}
 | |
| IPMIVER=`cat ${MC_INFO} |grep ^IPMI|awk  '{print $4}'`
 | |
| IPMIMFG=`cat ${MC_INFO} |grep "^Manufacturer ID"|awk  '{print $4}'`
 | |
| 
 | |
| # Get the BMC Product ID
 | |
| XPROD=`cat ${MC_INFO} |grep "^Product ID"|awk '{print $4}'`
 | |
| 
 | |
| logger -s -t $log_label -p local4.info "IPMIVER=$IPMIVER, IPMIMFG=$IPMIMFG, XPROD=$XPROD"
 | |
| 
 | |
| #
 | |
| # IPMIMFG=2 = IBM
 | |
| # IPMIMFG=0 = OpenPower 
 | |
| #
 | |
| if [ "$IPMIMFG" == 2 ]; then #IBM
 | |
|     if [ "$XPROD" == "220" ]; then
 | |
|         LOCKEDUSERS=1
 | |
|         BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|         logger -s -t $log_label -p local4.info "BMCPORT is $BMCPORT"
 | |
|         if [ ! -z "$BMCPORT" ]; then
 | |
|             let idev=0
 | |
|             IFS=','
 | |
|             for p in $BMCPORT; do
 | |
|                 # Set the LAN Configuration Parameters (OEM)
 | |
|                 ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
 | |
|                 # Set the PEF Configuration Parameters (Platform Event Filtering)
 | |
|                 ipmitool -d $idev raw 0x04 0x12 0x09 0x01 0x18 0x${p}1 0x00 > /dev/null
 | |
|                 CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
 | |
|                 logger -s -t $log_label -p local4.info "CURBMCPORT is $CURBMCPORT"
 | |
|                 while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
 | |
|                     sleep 1
 | |
|                     # Get the LAN Configuration Parameters (OEM)
 | |
|                     CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
 | |
|                 done
 | |
|                 let idev=idev+1
 | |
|             done
 | |
|             unset IFS
 | |
|         fi
 | |
|     elif [ "$XPROD" == "291" ]; then
 | |
|         LOCKEDUSERS=1
 | |
|     else
 | |
|         # Get a ID for the server
 | |
|         IBMFAM=`ipmitool raw 0x3a 0x50 |head -n 1| awk '{print $1 $2 $3 $4}'`
 | |
|         logger -s -t $log_label -p local4.info "IBMFAM is $IBMFAM"
 | |
|         if [ "$IBMFAM" == "59554f4f" ]; then
 | |
|             BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|             if [ ! -z "$BMCPORT" ]; then
 | |
|                 let idev=0
 | |
|                 IFS=','
 | |
|                 for p in $BMCPORT; do
 | |
|                     ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
 | |
|                     CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
 | |
|                     logger -s -t $log_label -p local4.info "CURBMCPORT is $CURBMCPORT"
 | |
|                     while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
 | |
|                         sleep 1
 | |
|                         CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
 | |
|                     done
 | |
|                     let idev=idev+1
 | |
|                 done
 | |
|                 unset IFS
 | |
|             fi
 | |
|         fi
 | |
|     fi
 | |
| elif [ "$IPMIMFG" == 19046 -a "$XPROD" == 13616 ] ; then
 | |
|    LOCKEDUSERS=1
 | |
| elif [ "$IPMIMFG" == 20301 -o "$IPMIMFG" == 19046 ] ; then
 | |
|     IBMVPDV=`ipmitool raw 0x3a 0xb 2 0 16 1`
 | |
|     logger -s -t $log_label -p local4.info "XPROD is $XPROD, IBMVPDV is $IBMVPDV"
 | |
|     if [ $IBMVPDV -eq 2 ]; then
 | |
|         ISITE=1;
 | |
|     fi
 | |
|         LOCKEDUSERS=1
 | |
|         BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|         logger -s -t $log_label -p local4.info "BMCPORT is $BMCPORT"
 | |
|         if [ ! -z "$BMCPORT" ]; then
 | |
|             let idev=0
 | |
|             IFS=','
 | |
|             for p in $BMCPORT; do
 | |
|                 unset IFS
 | |
|                 ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
 | |
|                 IFS=','
 | |
|                 # after this change, we need to watch and wait to see that it
 | |
|                 # actually takes effect.  On port change, the service processor
 | |
|                 # does not migrate the network configuration over
 | |
|                 # so we might be halfway through setting up when the net config 
 | |
|                 # reverts to dhcp then static, which setting a static ip for is
 | |
|                 # considered invalid
 | |
|                 CHECKBMCPORT=$(echo $p|awk '{print $1}')
 | |
|                 CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
 | |
|                 logger -s -t $log_label -p local4.info "CURBMCPORT is $CURBMCPORT"
 | |
|                 while [ -z "$CURBMCPORT" -o 0"$CURBMCPORT" -ne 0"$CHECKBMCPORT" ]; do
 | |
|                     sleep 1
 | |
|                     CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
 | |
|                 done
 | |
|                 let idev=idev+1
 | |
|             done
 | |
|             unset IFS
 | |
|         fi
 | |
| elif [ "$IPMIMFG" == "47488" ]; then
 | |
|     LOCKEDUSERS=1
 | |
| elif [ "$IPMIMFG" == "674" ]; then # DELL
 | |
|     BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
 | |
|     logger -s -t $log_label -p local4.info "BMCPORT is $BMCPORT"
 | |
|     if [ "$BMCPORT" == "0" ]; then # dedicated
 | |
|         ipmitool delloem lan set dedicated &>/dev/null
 | |
|     elif [ "$BMCPORT" == "1" -o "$BMCPORT" == "2" -o "$BMCPORT" == "3" -o "$BMCPORT" == "4"]; then # shared
 | |
|         ipmitool delloem lan set shared &>/dev/null
 | |
|         ipmitool delloem lan set shared with lom$BMCPORT &>/dev/null
 | |
|         ipmitool delloem lan set shared with failover all loms &>dev/null
 | |
|     fi
 | |
| fi
 | |
| 
 | |
| while [ -z "$LANCHAN" ]; do 
 | |
|     logger -s -t $log_label -p local4.info "Auto detecting LAN channel..."
 | |
|     for TLANCHAN in {1..16}; do
 | |
|         # Try to get the channel information; then get the MAC which is used for the channel
 | |
|         if ipmitool channel info $TLANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $TLANCHAN 5 0 0 > /dev/null 2>&1; then
 | |
|             LANCHAN=$TLANCHAN
 | |
|             break; 
 | |
|         fi; 
 | |
|         echo -n "."
 | |
|     done
 | |
|     if [ -z "$LANCHAN" ]; then
 | |
|         logger -s -t $log_label -p local4.info "Unable to detect lan channel, retrying in 10 seconds"
 | |
|         sleep 10
 | |
|     fi
 | |
| done
 | |
| logger -s -t $log_label -p local4.info "Detected LAN channel $LANCHAN"
 | |
|         
 | |
| let idev=NUMBMCS
 | |
| if [ $IPCFGMETHOD="static" ]; then
 | |
|     while [ $idev -gt 0 ]; do
 | |
|         let idev=idev-1
 | |
|         TRIES=0
 | |
|         # Set the channel to use STATIC IP address 
 | |
|         while ! ipmitool -d $idev lan set $LANCHAN ipsrc static; do
 | |
|             snooze
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then
 | |
|                 break;
 | |
|             fi
 | |
|         done
 | |
|     done
 | |
|     let idev=0
 | |
|     for b in $BMCIP; do
 | |
|         TRIES=0
 | |
|         # Set the IP for the current channel
 | |
|         while ! ipmitool -d $idev lan set $LANCHAN ipaddr $b; do
 | |
|             snooze
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then
 | |
|                 break;
 | |
|             fi
 | |
|         done
 | |
|         let idev=idev+1
 | |
|     done
 | |
|     let idev=0
 | |
|     for m in $BMCNM; do
 | |
|         TRIES=0
 | |
|         # Set the NETMASK for the current channel 
 | |
|         while ! ipmitool -d $idev lan set $LANCHAN netmask $m; do
 | |
|             snooze
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then
 | |
|                 break;
 | |
|             fi
 | |
|         done
 | |
|         let idev=idev+1
 | |
|     done
 | |
| 
 | |
|     if [ ! -z "$BMCGW" ]; then
 | |
|         let idev=0
 | |
|         for g in $BMCGW; do
 | |
|             TRIES=0
 | |
|             # Set the GATEWAY for the current channel 
 | |
|             while ! ipmitool -d $idev lan set $LANCHAN defgw ipaddr $g; do
 | |
|                 snooze
 | |
|                 let TRIES=TRIES+1
 | |
|                 if [ $TRIES -gt $TIMEOUT ]; then
 | |
|                     break;
 | |
|                 fi
 | |
|             done
 | |
|             let idev=idev+1
 | |
|         done
 | |
|     fi
 | |
| else
 | |
|     let idev=NUMBMCS
 | |
|     while [ $idev -gt 0 ]; do
 | |
|         let idev=idev-1
 | |
|         TRIES=0
 | |
|         # Set the method to get IP for the current channel, if required.
 | |
|         while ! ipmitool -d $idev lan set $LANCHAN ipsrc $IPCFGMETHOD; do
 | |
|             snooze
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then 
 | |
|                 break;
 | |
|             fi
 | |
|         done
 | |
|     done
 | |
| fi
 | |
| 
 | |
| let idev=0
 | |
| for b in $BMCVLAN; do
 | |
|     TRIES=0
 | |
|     # Set VLAN for the current channel 
 | |
|     while ! ipmitool -d $idev lan set $LANCHAN vlan id $b; do
 | |
|         snooze
 | |
|         let TRIES=TRIES+1
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then 
 | |
|             break;
 | |
|         fi
 | |
|     done
 | |
|     let idev=idev+1
 | |
| done
 | |
| 
 | |
| # After network commands are issued, pause to allow the BMC to apply (OpenPower)
 | |
| snooze 
 | |
| 
 | |
| let idev=NUMBMCS-1
 | |
| for user in $BMCUS; do
 | |
|     if [ "$user" = "" ]; then 
 | |
|         continue
 | |
|     fi
 | |
|     DISABLEUSERS=$(ipmitool user list $LANCHAN|awk '{print $1}'|grep -v ID)
 | |
|     # Get the User Slots
 | |
|     USERSLOT=`ipmitool -d $idev user list $LANCHAN |grep -v ^ID|awk '{print $1 " " $2}'|grep -w "$BMCUS"|awk '{print $1}'`
 | |
|     if [ -z "$USERSLOT" ]; then
 | |
|         USERSLOT=$((`ipmitool raw 6 0x44 1 1|awk '{print $3}'` + 1))
 | |
|     fi
 | |
|     if [ "$USERSLOT" == 0 ]; then USERSLOT=2; fi
 | |
|     if [ "$ISITE" = 1 ]; then
 | |
|         allowcred.awk &
 | |
|         CREDPID=$!
 | |
|         while ! remoteimmsetup
 | |
|         do
 | |
|             logger -s -t $log_label -p local4.info "Waiting for xCAT remote configuration of service processor via CMM.."
 | |
|         done
 | |
|         kill $CREDPID
 | |
|     fi
 | |
| 
 | |
|     # Get the specified user
 | |
|     CURRENTUSER=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $2}'`
 | |
|     DISABLEUSERS=`echo $DISABLEUSERS|sed -e s/$USERSLOT//`
 | |
|     logger -s -t $log_label -p local4.info "CURRENTUSER=$CURRENTUSER, DISABLEUSERS=$DISABLEUSERS"
 | |
|     for userid in $DISABLEUSERS; do
 | |
|         TRIES=0
 | |
|         # Disable the non-specified user 
 | |
|         while ! ipmitool -d $idev user disable $userid; do
 | |
|             sleep 1
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|         done
 | |
|     done
 | |
| 
 | |
|     TRIES=0
 | |
|     # Enable the specified user
 | |
|     while ! ipmitool -d $idev user enable $USERSLOT; do
 | |
|         sleep 1
 | |
|         let TRIES=TRIES+1
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|     done
 | |
|     ipmitool raw 6 0x43 $(($LANCHAN|176))  $USERSLOT 4
 | |
|     
 | |
| 
 | |
|     TRIES=0
 | |
|     # Last param in ipmitool user priv is the channel to set it on.
 | |
|     # Penguin boxes are all channel 2
 | |
|     #
 | |
|     # Get privilege for the specified user
 | |
|     #
 | |
|     CURRPRIV=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $6}'`
 | |
|     logger -s -t $log_label -p local4.info "CURRPRIV=$CURRPRIV"
 | |
|     if [ "$CURRPRIV" != "ADMINISTRATOR" ]; then 
 | |
|         # Set the ADMIN privilege for the specified user
 | |
|         while ! ipmitool -d $idev user priv $USERSLOT 4 $LANCHAN; do
 | |
|             sleep 1
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|         done
 | |
|     fi
 | |
| 
 | |
|     TRIES=0
 | |
|     # Enable the channel link for the specified user
 | |
|     while ! ipmitool -d $idev channel setaccess $LANCHAN $USERSLOT link=on; do
 | |
|         sleep 1
 | |
|         let TRIES=TRIES+1
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|     done
 | |
| 
 | |
|     TRIES=0
 | |
|     if [ "$CURRENTUSER" != "$user" ]; then
 | |
|         # Change the user name, if necessary
 | |
|         while ! ipmitool -d $idev user set name $USERSLOT $user; do
 | |
|             sleep 1
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|         done
 | |
|     fi
 | |
|     let idev=idev-1
 | |
| done
 | |
| 
 | |
| let idev=NUMBMCS-1
 | |
| for bmcp in $BMCPW; do
 | |
|     if [ "$bmcp" = "" ]; then continue; fi
 | |
| 
 | |
|     TRIES=0
 | |
|     # Set the password for the specified user 
 | |
|     while ! ipmitool -d $idev user set password $USERSLOT $bmcp; do
 | |
|         sleep 1
 | |
|         let TRIES=TRIES+1
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|     done
 | |
| 
 | |
|     logger -s -t $log_label -p local4.info "Set up following user table: "
 | |
|     TRIES=0
 | |
|     # Display the user list 
 | |
|     ipmitool -d $idev user list $LANCHAN
 | |
|     let idev=idev-1
 | |
| done
 | |
| 
 | |
| let idev=NUMBMCS
 | |
| while [ $idev -gt 0 ]; do
 | |
|     let idev=idev-1
 | |
| 
 | |
|     MSG="Enabling the non-volatile channel access ($LANCHAN)"
 | |
|     logger -s -t $log_label -p local4.info "$MSG"
 | |
|     TRIES=0
 | |
|     # Set the non-volatile channel access: enable and privilege
 | |
|     while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x42 0x44 > /dev/null; do
 | |
|         sleep 1
 | |
|         let TRIES=TRIES+1
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|     done
 | |
|     if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
 | |
| 
 | |
|     MSG="Enabling the volatile channel access ($LANCHAN)"
 | |
|     logger -s -t $log_label -p local4.info "$MSG"
 | |
|     TRIES=0
 | |
|     # Set the volatile channel access: enable and privilege
 | |
|     while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x82 0x84 > /dev/null; do
 | |
|         sleep 1
 | |
|         let TRIES=TRIES+1
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|     done
 | |
|     if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
 | |
| 
 | |
|     MSG="Enabling ARP responses"
 | |
|     logger -s -t $log_label -p local4.info "$MSG"
 | |
|     TRIES=0
 | |
|     # enable the ARP response on the channel
 | |
|     while ! ipmitool -d $idev lan set $LANCHAN arp respond on > /dev/null; do
 | |
|         sleep 1
 | |
|         let TRIES=TRIES+1
 | |
|         echo -n .
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|     done
 | |
|     if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
 | |
|     
 | |
|     MSG="Enabling IPMI MD5 LAN access"
 | |
|     logger -s -t $log_label -p local4.info "$MSG"
 | |
|     TRIES=0
 | |
|     # Set the auth level to md5 for the channel
 | |
|     while ! ipmitool -d $idev lan set $LANCHAN auth admin md5 > /dev/null; do
 | |
|         sleep 1
 | |
|         let TRIES=TRIES+1
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|     done
 | |
|     if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
 | |
| 
 | |
|     if [ ! "$IPMIVER" == "1.5"  ]; then 
 | |
|         MSG="Enabling IPMI v 2.0 LAN access"
 | |
|         logger -s -t $log_label -p local4.info "$MSG"
 | |
|         # the following goals:
 | |
|         #   - disable cipher suite 0 (if present, avoid password bypass)
 | |
|         #   - disable cipher suite 1 (if present, to avoid weaking Kg if used)
 | |
|         #   - enable cipher suite 2 (scenarios without perl Rijndael)
 | |
|         #   - enable cipher suite 3
 | |
|         #   - ignore the rest
 | |
|         #
 | |
|         # Read the LAN info
 | |
|         #
 | |
|         ZEROIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '%0$'|sed -e 's/:.*//')
 | |
|         ONEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^1$'|sed -e 's/:.*//')
 | |
|         TWOIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^2$'|sed -e 's/:.*//')
 | |
|         THREEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^3$'|sed -e 's/:.*//')
 | |
|         ACCESS=$(ipmitool lan print $LANCHAN|grep 'Cipher Suite Priv Max'|cut -d: -f 2|sed -e 's/ //g' -e 's/\(.\)/\1\n/g'|grep -v '^$')
 | |
|         # logger -s -t $log_label -p local4.info "ZEROIDX is $ZEROIDX, ONEIDX is $ONEIDX, TWOIDX is $TWOIDX, THREEIDX is $THREEIDX, ACCESS is $ACCESS"
 | |
|         NEWACCESS=""
 | |
|         i=1
 | |
|         for elem in $ACCESS; do
 | |
|             if [ $i = "$ZEROIDX" -o $i = "$ONEIDX" ]; then
 | |
|                 NEWACCESS="$NEWACCESS"X
 | |
|             elif [ $i = "$TWOIDX" -o $i = "$THREEIDX" ]; then
 | |
|                 #do not *downgrade* from OEM priv
 | |
|                 if [ "$elem" != "O" ]; then NEWACCESS="$NEWACCESS"a; else NEWACCESS="$NEWACCESS"$elem; fi
 | |
|             else
 | |
|                 NEWACCESS="$NEWACCESS"$elem
 | |
|             fi
 | |
|             i=$((i+1))
 | |
|         done
 | |
| 
 | |
|         # logger -s -t $log_label -p local4.info "ACCESS=$NEWACCESS"
 | |
| 
 | |
|         MSG="Set the cipher_privileges for the channel"
 | |
|         logger -s -t $log_label -p local4.info "$MSG"
 | |
|         # Set the cipher_privileges for the channel
 | |
|         if ipmitool lan set $LANCHAN cipher_privs $NEWACCESS > /dev/null; then
 | |
|             logger -s -t $log_label -p local4.info "$MSG: OK"
 | |
|         else
 | |
|             logger -s -t $log_label -p local4.info "$MSG: ERROR"
 | |
|         fi
 | |
| 
 | |
|         MSG="Enabling SOL for channel $LANCHAN"
 | |
|         logger -s -t $log_label -p local4.info "$MSG"
 | |
|         TRIES=0
 | |
|         # Enable the SOL for the channel 
 | |
|         while ! ipmitool -d $idev raw 0xc 0x21 $LANCHAN 0x1 0x1 > /dev/null; do
 | |
|             sleep 1
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|         done
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
 | |
| 
 | |
|         MSG="Enabling SOL for $BMCUS"
 | |
|         logger -s -t $log_label -p local4.info "$MSG"
 | |
|         TRIES=0
 | |
|         # Enable the SOL for the USER and set the payload 1
 | |
|         while ! ipmitool -d $idev raw 6 0x4c $LANCHAN $USERSLOT 2 0 0 0 > /dev/null; do
 | |
|             sleep 1
 | |
|             let TRIES=TRIES+1
 | |
|             if [ $TRIES -gt $TIMEOUT ]; then break; fi
 | |
|         done
 | |
|         if [ $TRIES -gt $TIMEOUT ]; then logger -s -t $log_label -p local4.err "$MSG: ERROR"; else logger -s -t $log_label -p local4.info "$MSG: OK"; fi
 | |
|     fi
 | |
| 
 | |
|     # Cold reset the BMC
 | |
|     cold_reset_bmc
 | |
| 
 | |
|     # update the node status to 'bmcready'
 | |
|     for parm in `cat /proc/cmdline`; do
 | |
|         key=`echo $parm|awk -F= '{print $1}'`
 | |
|         if [ "$key" = "xcatd" ]; then
 | |
|             XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
 | |
|         fi
 | |
|     done
 | |
|     if [ ! -z "$XCATMASTER" ]; then
 | |
|         updateflag.awk $XCATMASTER 3002 "installstatus bmcready"
 | |
|     fi
 | |
| 
 | |
|     logger -s -t $log_label -p local4.info "Lighting Identify Light"
 | |
|     if [ "$XPROD" = "43707" -a "$IPMIMFG" = '0' ]; then
 | |
|         # OpenPower BMC specific, turn on the LED beacon light.  
 | |
|         #   - default interval, # ipmitool chassis identify
 | |
|         #                         Chassis identify interval: default (15 seconds)
 | |
|         #   - 275 is too large, # ipmitool chassis identify 275
 | |
|         #                         Given interval is too big.
 | |
|         ipmitool chassis identify 250
 | |
|     else
 | |
|         # All other BMCs
 | |
|         while :
 | |
|             # Identify the server by turning on the LED light
 | |
|             do ipmitool -d $idev raw 0 4 10 > /dev/null
 | |
|             sleep 7
 | |
|         done &
 | |
|     fi
 | |
| done
 | |
| 
 | |
| # remove the bmc configuration information before exit
 | |
| rm -f /tmp/ipmicfg.xml
 |