diff --git a/tools/systemvm/debian/config/etc/default/cloud b/tools/systemvm/debian/config/etc/default/cloud new file mode 100644 index 00000000000..6da9d9466df --- /dev/null +++ b/tools/systemvm/debian/config/etc/default/cloud @@ -0,0 +1,2 @@ +#set ENABLED to 1 if you want the init script to start the password server +ENABLED=0 diff --git a/tools/systemvm/debian/config/etc/default/cloud-passwd-srvr b/tools/systemvm/debian/config/etc/default/cloud-passwd-srvr new file mode 100644 index 00000000000..6da9d9466df --- /dev/null +++ b/tools/systemvm/debian/config/etc/default/cloud-passwd-srvr @@ -0,0 +1,2 @@ +#set ENABLED to 1 if you want the init script to start the password server +ENABLED=0 diff --git a/tools/systemvm/debian/config/etc/init.d/cloud b/tools/systemvm/debian/config/etc/init.d/cloud index 09d189a6a0a..c437f77350f 100755 --- a/tools/systemvm/debian/config/etc/init.d/cloud +++ b/tools/systemvm/debian/config/etc/init.d/cloud @@ -1,4 +1,4 @@ -#!/bin/bash -e +#!/bin/bash ### BEGIN INIT INFO # Provides: cloud # Required-Start: mountkernfs $local_fs cloud-early-config @@ -12,12 +12,16 @@ #set -x +ENABLED=0 +[ -e /etc/default/cloud ] && . /etc/default/cloud + if [ -f /mnt/cmdline ] then CMDLINE=$(cat /mnt/cmdline) else CMDLINE=$(cat /proc/cmdline) fi + TYPE="router" for i in $CMDLINE do @@ -111,6 +115,8 @@ status() { return 0 } +[ "$ENABLED" != 0 ] || exit 0 + case "$1" in start) start ;; diff --git a/tools/systemvm/debian/config/etc/init.d/cloud-early-config b/tools/systemvm/debian/config/etc/init.d/cloud-early-config index ff283804151..c90297821b9 100755 --- a/tools/systemvm/debian/config/etc/init.d/cloud-early-config +++ b/tools/systemvm/debian/config/etc/init.d/cloud-early-config @@ -1,4 +1,4 @@ -#!/bin/bash -e +#!/bin/bash ### BEGIN INIT INFO # Provides: cloud-early-config # Required-Start: mountkernfs $local_fs @@ -58,6 +58,7 @@ patch() { if [ -f /mnt/cmdline ]; then cat /mnt/cmdline > /var/cache/cloud/cmdline fi + return 0 } setup_interface() { @@ -80,8 +81,11 @@ setup_interface() { if [ "$ip" != "0.0.0.0" -a "$ip" != "" ] then echo "iface $intf inet $bootproto" >> /etc/network/interfaces - echo " address $ip " >> /etc/network/interfaces - echo " netmask $mask" >> /etc/network/interfaces + if [ "$bootproto" == "static" ] + then + echo " address $ip " >> /etc/network/interfaces + echo " netmask $mask" >> /etc/network/interfaces + fi fi ifdown $intf @@ -89,7 +93,7 @@ setup_interface() { } enable_fwding() { - echo "enable_fwding = $1" + logger -t cloud "enable_fwding = $1" echo "$1" > /proc/sys/net/ipv4/ip_forward } @@ -97,6 +101,7 @@ enable_svc() { local svc=$1 local enabled=$2 + logger -t cloud "Enable service ${svc} = $enabled" local cfg=/etc/default/${svc} sed -i "s/ENABLED=.*$/ENABLED=$enabled/" $cfg } @@ -137,34 +142,7 @@ setup_common() { ip route add default via $GW } -setup_router() { - setup_common eth0 eth1 eth2 - [ -z $DHCP_RANGE ] && DHCP_RANGE=$ETH0_IP - if [ -n "$DOMAIN" ] - then - #send domain name to dhcp clients - sed -i s/[#]*dhcp-option=15.*$/dhcp-option=15,\"$DOMAIN\"/ /etc/dnsmasq.conf - #DNS server will append $DOMAIN to local queries - sed -r -i s/^[#]?domain=.*$/domain=$DOMAIN/ /etc/dnsmasq.conf - #answer all local domain queries - sed -i -e "s/^[#]*local=.*$/local=\/$DOMAIN\//" /etc/dnsmasq.conf - fi - sed -i -e "s/^dhcp-range=.*$/dhcp-range=$DHCP_RANGE,static/" /etc/dnsmasq.conf - sed -i -e "s/^[#]*listen-address=.*$/listen-address=$ETH0_IP/" /etc/dnsmasq.conf - sed -i /gateway/d /etc/hosts - echo "$ETH0_IP $NAME" >> /etc/hosts - [ -f /etc/httpd/conf/httpd.conf ] && sed -i -e "s/^Listen.*$/Listen $ETH0_IP:80/" /etc/httpd/conf/httpd.conf - [ -f /etc/httpd/conf.d/ssl.conf ] && mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.bak - [ -f /etc/ssh/sshd_config ] && sed -i -e "s/^[#]*ListenAddress.*$/ListenAddress $ETH1_IP/" /etc/ssh/sshd_config - - enable_svc dnsmasq 1 - enable_svc haproxy 1 - enable_fwding 1 - cp /etc/iptables/iptables-router /etc/iptables/rules -} - -setup_dhcpsrvr() { - setup_common eth0 eth1 +setup_dnsmasq() { [ -z $DHCP_RANGE ] && DHCP_RANGE=$ETH0_IP [ -z $DOMAIN ] && DOMAIN="cloudnine.internal" if [ -n "$DOMAIN" ] @@ -177,15 +155,44 @@ setup_dhcpsrvr() { sed -i -e "s/^[#]*local=.*$/local=\/$DOMAIN\//" /etc/dnsmasq.conf fi sed -i -e "s/^dhcp-range=.*$/dhcp-range=$DHCP_RANGE,static/" /etc/dnsmasq.conf - sed -i -e "s/^[#]*dhcp-option=option:router.*$/dhcp-option=option:router,$GW/" /etc/dnsmasq.conf - #for now set up ourself as the dns server as well - #echo "dhcp-option=6,$NS1,$NS2" >> /etc/dnsmasq.conf + sed -i -e "s/^[#]*listen-address=.*$/listen-address=$ETH0_IP/" /etc/dnsmasq.conf + +} + +setup_sshd(){ + [ -f /etc/ssh/sshd_config ] && sed -i -e "s/^[#]*ListenAddress.*$/ListenAddress $ETH1_IP/" /etc/ssh/sshd_config +} + +setup_router() { + setup_common eth0 eth1 eth2 + setup_dnsmasq + sed -i /gateway/d /etc/hosts echo "$ETH0_IP $NAME" >> /etc/hosts - [ -f /etc/httpd/conf/httpd.conf ] && sed -i -e "s/^Listen.*$/Listen $ETH0_IP:80/" /etc/httpd/conf/httpd.conf - [ -f /etc/httpd/conf.d/ssl.conf ] && mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.bak + setup_sshd + + enable_svc dnsmasq 1 + enable_svc haproxy 1 + enable_svc cloud-passwd-srvr 1 + enable_svc cloud 0 + enable_fwding 1 + cp /etc/iptables/iptables-router /etc/iptables/rules +} + +setup_dhcpsrvr() { + setup_common eth0 eth1 + setup_dnsmasq + + sed -i /gateway/d /etc/hosts + echo "$ETH0_IP $NAME" >> /etc/hosts + + setup_sshd + + enable_svc dnsmasq 1 enable_svc haproxy 0 + enable_svc cloud-passwd-srvr 1 + enable_svc cloud 0 enable_fwding 0 cp /etc/iptables/iptables-router /etc/iptables/rules } @@ -196,14 +203,13 @@ setup_secstorage() { public_ip=$ETH2_IP [ "$ETH2_IP" == "0.0.0.0" ] && public_ip=$ETH1_IP echo "$public_ip $NAME" >> /etc/hosts - [ -f /etc/httpd/conf/httpd.conf ] && sed -i -e "s/^Listen.*:80$/Listen $public_ip:80/" /etc/httpd/conf/httpd.conf - [ -f /etc/httpd/conf/httpd.conf ] && sed -i -e "s/^Listen.*:443$/Listen $public_ip:443/" /etc/httpd/conf/httpd.conf - sed 's/ENABLED=.*$/ENABLED=0/g' /etc/default/haproxy cp /etc/iptables/iptables-secstorage /etc/iptables/rules enable_fwding 0 enable_svc haproxy 0 enable_svc dnsmasq 0 + enable_svc cloud-passwd-srvr 0 + enable_svc cloud 1 } setup_console_proxy() { @@ -212,12 +218,23 @@ setup_console_proxy() { [ "$ETH2_IP" == "0.0.0.0" ] && public_ip=$ETH1_IP sed -i /gateway/d /etc/hosts echo "$public_ip $NAME" >> /etc/hosts - sed 's/ENABLED=.*$/ENABLED=0/g' /etc/default/haproxy cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules + enable_fwding 0 enable_svc haproxy 0 enable_svc dnsmasq 0 - chkconfig apache2 off + enable_svc cloud-passwd-srvr 0 + enable_svc cloud 1 +} + +setup_default() { + cat > /etc/network/interfaces << EOF +auto lo eth0 +iface lo inet loopback + +iface eth0 inet dhcp + +EOF } start() { @@ -239,10 +256,15 @@ start() { [ "$NAME" == "" ] && NAME=consoleproxy setup_console_proxy; ;; + unknown) + [ "$NAME" == "" ] && NAME=systemvm + setup_default; + ;; esac return 0 } +disable_hvc if [ -f /mnt/cmdline ] then CMDLINE=$(cat /mnt/cmdline) @@ -335,7 +357,7 @@ stop) force-reload|restart) log_warning_msg "Running $0 is deprecated because it may not enable again some interfaces" - log_action_begin_msg "Reconfiguring network interfaces" + log_action_begin_msg "Executing cloud-early-config" if start; then log_action_end_msg $? else diff --git a/tools/systemvm/debian/config/etc/init.d/cloud-passwd-srvr b/tools/systemvm/debian/config/etc/init.d/cloud-passwd-srvr index 52715938ec4..f990e232a41 100755 --- a/tools/systemvm/debian/config/etc/init.d/cloud-passwd-srvr +++ b/tools/systemvm/debian/config/etc/init.d/cloud-passwd-srvr @@ -1,4 +1,4 @@ -#!/bin/sh -e +#!/bin/bash ### BEGIN INIT INFO # Provides: cloud-passwd-srvr # Required-Start: mountkernfs $local_fs cloud-early-config @@ -10,4 +10,52 @@ # Short-Description: Web server that sends passwords to User VMs ### END INIT INFO -bash /opt/cloud/bin/passwd_server& + +ENABLED=0 +[ -e /etc/default/cloud-passwd-srvr ] && . /etc/default/cloud-passwd-srvr + +start() { + [ "$ENABLED" != 0 ] || exit 0 + nohup bash /opt/cloud/bin/passwd_server& +} + +getpid() { + pid=$(ps -ef | grep passwd_server | grep -v grep | awk '{print $2}') + echo $pid +} + +stop_socat() { + spid=$(pidof socat) + [ "$spid" != "" ] && kill -9 $spid && echo "Killed socat (pid=$spid)" + return 0 +} + +stop () { + stop_socat + pid=$(getpid) + [ "$pid" != "" ] && kill -9 $pid && echo "Stopped password server (pid=$pid)" && stop_socat && return 0 + echo "Password server is not running" && return 0 +} + +status () { + pid=$(getpid) + [ "$pid" != "" ] && echo "Password server is running (pid=$pid)" && return 0 + echo "Password server is not running" && return 0 +} + +case "$1" in + start) start + ;; + stop) stop + ;; + status) status + ;; + restart) stop + start + ;; + *) echo "Usage: $0 {start|stop|status|restart}" + exit 1 + ;; +esac + +exit 0 diff --git a/tools/systemvm/debian/config/etc/init.d/postinit b/tools/systemvm/debian/config/etc/init.d/postinit index d063f077daf..f9502408978 100755 --- a/tools/systemvm/debian/config/etc/init.d/postinit +++ b/tools/systemvm/debian/config/etc/init.d/postinit @@ -47,11 +47,11 @@ start() { } stop() { - + echo "" } status() { - + echo "" } CMDLINE=$(cat /proc/cmdline) diff --git a/tools/systemvm/debian/config/etc/rc.local b/tools/systemvm/debian/config/etc/rc.local new file mode 100755 index 00000000000..cb434a23526 --- /dev/null +++ b/tools/systemvm/debian/config/etc/rc.local @@ -0,0 +1,15 @@ +#/bin/bash + +[ ! -f /var/cache/cloud/enabled_svcs ] && touch /var/cache/cloud/enabled_svcs +for svc in $(cat /var/cache/cloud/enabled_svcs) +do + logger -t cloud "Starting $svc" + service $svc start +done + +[ ! -f /var/cache/cloud/disabled_svcs ] && touch /var/cache/cloud/disabled_svcs +for svc in $(cat /var/cache/cloud/disabled_svcs) +do + logger -t cloud "Stopping $svc" + service $svc stop +done diff --git a/tools/systemvm/debian/config/opt/cloud/bin/passwd_server b/tools/systemvm/debian/config/opt/cloud/bin/passwd_server index c0326485f70..ee9e531d72e 100755 --- a/tools/systemvm/debian/config/opt/cloud/bin/passwd_server +++ b/tools/systemvm/debian/config/opt/cloud/bin/passwd_server @@ -1,16 +1,18 @@ #!/bin/bash +. /etc/default/cloud-passwd-srvr guestIp=$(ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}') -while true +while [ "$ENABLED" == "1" ] do socat TCP4-LISTEN:8080,reuseaddr,crnl,bind=$guestIp SYSTEM:"/opt/cloud/bin/serve_password.sh \"\$SOCAT_PEERADDR\"" rc=$? if [ $rc -ne 0 ] then - logger "Socat failed with error code $rc. Restarting socat..." + logger -t cloud "Password server failed with error code $rc. Restarting socat..." sleep 3 fi + . /etc/default/cloud-passwd-srvr done diff --git a/tools/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh b/tools/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh index 30104ebf379..51f0bf1fbe6 100755 --- a/tools/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh +++ b/tools/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh @@ -25,6 +25,8 @@ consoleproxy_svcs() { chkconfig apache2 off chkconfig nfs-common off chkconfig portmap off + echo "cloud postinit ssh" > /var/cache/cloud/enabled_svcs + echo "cloud-passwd-srvr haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs mkdir -p /var/log/cloud } @@ -36,6 +38,8 @@ secstorage_svcs() { chkconfig dnsmasq off chkconfig ssh on chkconfig apache2 off + echo "cloud postinit ssh nfs-common portmap" > /var/cache/cloud/enabled_svcs + echo "cloud-passwd-srvr haproxy dnsmasq" > /var/cache/cloud/disabled_svcs mkdir -p /var/log/cloud } @@ -47,6 +51,8 @@ routing_svcs() { chkconfig ssh on chkconfig nfs-common off chkconfig portmap off + echo "cloud-passwd-srvr ssh dnsmasq haproxy apache2" > /var/cache/cloud/enabled_svcs + echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs } CMDLINE=$(cat /var/cache/cloud/cmdline) diff --git a/tools/systemvm/debian/config/opt/cloud/bin/serve_password.sh b/tools/systemvm/debian/config/opt/cloud/bin/serve_password.sh index d66f6553745..398a5591266 100755 --- a/tools/systemvm/debian/config/opt/cloud/bin/serve_password.sh +++ b/tools/systemvm/debian/config/opt/cloud/bin/serve_password.sh @@ -1,6 +1,8 @@ #!/bin/bash -# set -x +# set -x + +PASSWD_FILE=/var/cache/cloud/passwords #replace a line in a file of the form key=value # $1 filename @@ -26,7 +28,7 @@ get_value() { ip=$1 -logger "serve_password called to service a request for $ip." +logger -t cloud "serve_password called to service a request for $ip." while read input do @@ -47,23 +49,23 @@ done if [ "$request" == "send_my_password" ] then - password=$(get_value /root/passwords $ip) + password=$(get_value $PASSWD_FILE $ip) if [ "$password" == "" ] then - logger "send_password_to_domu sent bad_request to $ip." + logger -t cloud "serve_password sent bad_request to $ip." echo "bad_request" else - logger "send_password_to_domu sent a password to $ip." + logger -t cloud "serve_password sent a password to $ip." echo $password fi else if [ "$request" == "saved_password" ] then - replace_in_file /root/passwords $ip "saved_password" - logger "send_password_to_domu sent saved_password to $ip." + replace_in_file $PASSWD_FILE $ip "saved_password" + logger -t cloud "serve_password sent saved_password to $ip." echo "saved_password" else - logger "send_password_to_domu sent bad_request to $ip." + logger -t cloud "serve_password sent bad_request to $ip." echo "bad_request" fi fi