xCAT/xcat-core
2
0
Fork 0
mirror of https://github.com/xcat2/xcat-core.git synced 2025-10-24 16:05:41 +00:00
Code Issues Releases Wiki Activity
Files
e43e18ba9bfd36e399078fd3a9ca056e20010af6
xcat-core/xCAT-genesis-scripts/bin/bmcsetup
Jarrod Johnson e2a3db7844 Fix mistakes in bmcsetup
2014-04-25 13:18:39 -04:00

403 lines
13 KiB
Plaintext
Executable File
Raw Blame History

# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#
# Raw commands to set BMCs to defaults
# dx320
# 0x2e 0x10 0x4d 0x4f 0x00 0xff
#
# dx340
# 0x30 0x13 0xff 0x00 0x00 0x00
#
# dx360/x3450
# 0x30 0x02 0x43 0x4c 0x52 0xaa
# 0x08 0x00 0x49 0x4e 0x54 0x45 0x4c
# 0x08 0x04
#
allowcred.awk &
CREDPID=$!
sleep 5
modprobe ipmi_si
modprobe ipmi_devintf
IPCFGMETHOD=static
while [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; do
while ! getipmi
do
echo "Retrying retrieval of IPMI settings from server"
done
TIMEOUT=15
BMCIP=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCVLAN=`grep taggedvlan /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ -z "$BMCVLAN" ]; then BMCVLAN=off; fi
BMCGW=`grep gateway /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCNM=`grep netmask /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCUS=`grep username /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
BMCPW=`grep password /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
IPCFGMETHOD=`grep ipcfgmethod /tmp/ipmicfg.xml|awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ -z "$IPCFGMETHOD" ]; then
IPCFGMETHOD="static"
fi
if [ -z "$BMCIP" -a $IPCFGMETHOD="static" ]; then
echo "FAILED TO RETRIEVE SETTINGS, RETRYING in 15 seconds"
sleep 15
fi
done
kill $CREDPID
NUMBMCS=`grep bmcip /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'|wc -l`
IPMIVER=`ipmitool mc info|grep ^IPMI|awk '{print $4}'`
IPMIMFG=`ipmitool mc info|grep "^Manufacturer ID"|awk '{print $4}'`
if [ "$IPMIMFG" == 2 ]; then #IBM
XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
if [ "$XPROD" == "220" ]; then
LOCKEDUSERS=1
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ ! -z "$BMCPORT" ]; then
let idev=0
for p in $BMCPORT; do
ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
ipmitool -d $idev raw 0x04 0x12 0x09 0x01 0x18 0x${p}1 0x00 > /dev/null
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
sleep 1
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
done
let idev=idev+1
done
fi
elif [ "$XPROD" == "291" ]; then
LOCKEDUSERS=1
else
IBMFAM=`ipmitool raw 0x3a 0x50 |head -n 1| awk '{print $1 $2 $3 $4}'`
if [ "$IBMFAM" == "59554f4f" ]; then
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ ! -z "$BMCPORT" ]; then
let idev=0
for p in $BMCPORT; do
ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
while [ "$CURBMCPORT" -ne "$BMCPORT" ]; do
sleep 1
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
done
let idev=idev+1
done
fi
fi
fi
elif [ "$IPMIMFG" == 20301 ] ; then
XPROD=`ipmitool mc info|grep "^Product ID"|awk '{print $4}'`
IBMVPDV=`ipmitool raw 0x3a 0xb 2 0 16 1`
if [ $IBMVPDV -eq 2 ]; then
ISITE=1;
fi
LOCKEDUSERS=1
BMCPORT=`grep bmcport /tmp/ipmicfg.xml |awk -F\> '{print $2}'|awk -F\< '{print $1}'`
if [ ! -z "$BMCPORT" ]; then
let idev=0
for p in $BMCPORT; do
ipmitool -d $idev raw 0xc 1 1 0xc0 $p > /dev/null
# after this change, we need to watch and wait to see that it
# actually takes effect. On port change, the service processor
# does not migrate the network configuration over
# so we might be halfway through setting up when the net config
# reverts to dhcp then static, which setting a static ip for is
# considered invalid
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
while [ -z "$CURBMCPORT" -o 0"$CURBMCPORT" -ne "$BMCPORT" ]; do
sleep 1
CURBMCPORT=`ipmitool -d $idev raw 0xc 2 1 0xc0 0 0 | awk '{print $2}'`
done
let idev=idev+1
done
fi
elif [ "$IPMIMFG" == "47488" ]; then
LOCKEDUSERS=1
fi
echo -n "Auto detecting LAN channel..."
while [ -z "$LANCHAN" ]; do
for TLANCHAN in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do
if ipmitool channel info $TLANCHAN 2> /dev/null | grep 802.3 > /dev/null 2>&1 && ipmitool raw 0xc 2 $TLANCHAN 5 0 0 > /dev/null 2>&1;
then
LANCHAN=$TLANCHAN
break;
fi;
echo -n "."
done
if [ -z "$LANCHAN" ]; then
echo "Unable to detect lan channel, retrying in 10 seconds";
sleep 10
fi
done
echo "Detected LAN channel $LANCHAN"
let idev=NUMBMCS
if [ $IPCFGMETHOD="static" ]; then
while [ $idev -gt 0 ]; do
let idev=idev-1
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN ipsrc static; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
done
let idev=0
for b in $BMCIP; do
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN ipaddr $b; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
let idev=idev+1
done
let idev=0
for m in $BMCNM; do
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN netmask $m; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
let idev=idev+1
done
TRIES=0
if [ ! -z "$BMCGW" ]; then
let idev=0
for g in $BMCGW; do
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN defgw ipaddr $g; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
let idev=idev+1
done
TRIES=0
fi
else
let idev=NUMBMCS
while [ $idev -gt 0 ]; do
let idev=idev-1
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN ipsrc $IPCFGMETHOD; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
done
fi
let idev=0
for b in $BMCVLAN; do
TRIES=0
while ! ipmitool -d $idev lan set $LANCHAN vlan id $b; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
let idev=idev+1
done
let idev=NUMBMCS-1
for bmcu in $BMCUS; do
if [ "$bmcu" = "" ]; then continue; fi
DISABLEUSERS="1 2 3 4"
if [ ! -z "$LOCKEDUSERS" ]; then
USERSLOT=`ipmitool -d $idev user list $LANCHAN |grep -v ^ID|awk '{print $1 " " $2}'|grep -w "$BMCUS"|awk '{print $1}'`
if [ -z "$USERSLOT" ]; then
USERSLOT=4
fi
else
USERSLOT=2
fi
if [ "$ISITE" = 1 ]; then
allowcred.awk &
CREDPID=$!
while ! remoteimmsetup
do
echo "Waiting for xCAT remote configuration of service processor via CMM.."
done
kill $CREDPID
fi
CURRENTUSER=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $2}'`
DISABLEUSERS=`echo 1 2 3 4|sed -e s/$USERSLOT//`
for user in $DISABLEUSERS; do
while ! ipmitool -d $idev user disable $user; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
done
TRIES=0
while ! ipmitool -d $idev user enable $USERSLOT; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
# Last param in ipmitool user priv is the channel to set it on.
# Penguin boxes are all channel 2
CURRPRIV=`ipmitool -d $idev user list $LANCHAN|grep ^$USERSLOT|awk '{print $6}'`
if [ "$CURRPRIV" != "ADMINISTRATOR" ]; then
while ! ipmitool -d $idev user priv $USERSLOT 4 $LANCHAN; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
fi
TRIES=0
while ! ipmitool -d $idev channel setaccess $LANCHAN $USERSLOT link=on; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
if [ "$CURRENTUSER" != "$bmcu" ]; then
while ! ipmitool -d $idev user set name $USERSLOT $bmcu; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
fi
let idev=idev-1
done
let idev=NUMBMCS-1
for bmcp in $BMCPW; do
if [ "$bmcp" = "" ]; then continue; fi
TRIES=0
while ! ipmitool -d $idev user set password $USERSLOT $bmcp; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
echo "Set up following user table: "
ipmitool -d $idev user list $LANCHAN
let idev=idev-1
done
let idev=NUMBMCS
while [ $idev -gt 0 ]; do
let idev=idev-1
echo -n "Enabling Channel $LANCHAN: "
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x42 0x44 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
TRIES=0
while ! ipmitool -d $idev raw 0x6 0x40 $LANCHAN 0x82 0x84 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
echo -n "Enabling ARP responses: "
while ! ipmitool -d $idev lan set $LANCHAN arp respond on > /dev/null; do
sleep 1
let TRIES=TRIES+1
echo -n .
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
echo -n "Enabling IPMI v 1.5 MD5 LAN access:"
while ! ipmitool -d $idev lan set $LANCHAN auth admin md5 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
if [ ! "$IPMIVER" == "1.5" ]; then
echo -n "Enabling IPMI v 2.0 LAN access: "
#the following goals:
#disable cipher suite 0 (if present, avoid password bypass)
#disable cipher suite 1 (if present, to avoid weaking Kg if used)
#enable cipher suite 2 (scenarios without perl Rijndael)
#enable cipher suite 3
#ignore the rest
ZEROIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '%0$'|sed -e 's/:.*//')
ONEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^1$'|sed -e 's/:.*//')
TWOIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^2$'|sed -e 's/:.*//')
THREEIDX=$(ipmitool lan print $LANCHAN|grep ^RMCP+|cut -d: -f 2|sed -e 's/ //' -e 's/,/\n/g'|grep -n '^3$'|sed -e 's/:.*//')
ACCESS=$(ipmitool lan print $LANCHAN|grep 'Cipher Suite Priv Max'|cut -d: -f 2|sed -e 's/ //g' -e 's/\(.\)/\1\n/g'|grep -v '^$')
NEWACCESS=""
i=1
for elem in $ACCESS; do
if [ $i = "$ZEROIDX" -o $i = "$ONEIDX" ]; then
NEWACCESS="$NEWACCESS"X
elif [ $i = "$TWOIDX" -o $i = "$THREEIDX" ]; then
#do not *downgrade* from OEM priv
if [ "$elem" != "O" ]; then NEWACCESS="$NEWACCESS"a; else NEWACCESS="$NEWACCESS"$elem; fi
else
NEWACCESS="$NEWACCESS"$elem
fi
i=$((i+1))
done
if ipmitool lan set $LANCHAN cipher_privs $NEWACCESS > /dev/null; then
echo OK
else
echo ERROR
fi
TRIES=0
echo -n "Enabling SOL for channel $LANCHAN:"
while ! ipmitool -d $idev raw 0xc 0x21 $LANCHAN 0x1 0x1 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
TRIES=0
echo -n "Enabling SOL for $BMCUS:"
while ! ipmitool -d $idev raw 6 0x4c $LANCHAN $USERSLOT 2 0 0 0 > /dev/null; do
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
echo -n "Putting SOL on channel $LANCHAN:"
while ! OUTPUT=`ipmitool -d $idev raw 0xc 0x21 $LANCHAN 7 $LANCHAN 2>&1 > /dev/null`; do
if echo $OUTPUT|grep "Unknown (0x80)" > /dev/null; then
echo "Not Needed"
break
fi
sleep 1
let TRIES=TRIES+1
if [ $TRIES -gt $TIMEOUT ]; then break; fi
done
if [ $TRIES -gt $TIMEOUT ]; then echo "ERROR"; else echo "OK"; fi
fi
# update the node status to 'bmcready'
for parm in `cat /proc/cmdline`; do
key=`echo $parm|awk -F= '{print $1}'`
if [ "$key" = "xcatd" ]; then
XCATMASTER=`echo $parm|awk -F= '{print $2}'|awk -F: '{print $1}'`
fi
done
if [ ! -z "$XCATMASTER" ]; then
updateflag.awk $XCATMASTER 3002 "installstatus bmcready"
fi
#frume.awk
echo "Lighting Identify Light"
while :
do ipmitool -d $idev raw 0 4 10 > /dev/null
sleep 7
done &
done
Reference in New Issue View Git Blame Copy Permalink