Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/changelog =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/changelog (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/changelog (revision 32) @@ -0,0 +1,5 @@ +sipb-xen-remctl-auto (1.0) unstable; urgency=low + + * Initial release. + + -- Tim Abbott Sun, 15 Jul 2007 19:37:05 -0400 Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/compat =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/compat (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/compat (revision 32) @@ -0,0 +1,1 @@ +4 Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/control =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/control (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/control (revision 32) @@ -0,0 +1,12 @@ +Source: sipb-xen-remctl-auto +Section: net +Priority: extra +Maintainer: SIPB Xen Project +Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.1.0) +Standards-Version: 3.7.2 + +Package: sipb-xen-remctl-auto +Architecture: all +Depends: ${misc:Depends}, remctl-server +Description: Installs the SIPB Xen automatic remctl management system + This is our automatic remctl configuration management system. Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/control.in =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/control.in (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/control.in (revision 32) @@ -0,0 +1,12 @@ +Source: sipb-xen-remctl-auto +Section: net +Priority: extra +Maintainer: SIPB Xen Project +Build-Depends: @cdbs@ +Standards-Version: 3.7.2 + +Package: sipb-xen-remctl-auto +Architecture: all +Depends: ${misc:Depends}, remctl-server +Description: Installs the SIPB Xen automatic remctl management system + This is our automatic remctl configuration management system. Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/copyright =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/copyright (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/copyright (revision 32) @@ -0,0 +1,3 @@ +This package was created for internal use of the SIPB Xen Project of +the MIT Student Information Processing Board. Ask tabbott@mit.edu if +you have questions about redistribution. Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/rules =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/rules (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/rules (revision 32) @@ -0,0 +1,4 @@ +#!/usr/bin/make -f + +DEB_AUTO_UPDATE_DEBIAN_CONTROL = 1 +include /usr/share/cdbs/1/rules/debhelper.mk Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/sipb-xen-remctl-auto.install =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/sipb-xen-remctl-auto.install (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/debian/sipb-xen-remctl-auto.install (revision 32) @@ -0,0 +1,1 @@ +files/* . Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/cron.d/sipb-xen-remctl-auto =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/cron.d/sipb-xen-remctl-auto (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/cron.d/sipb-xen-remctl-auto (revision 32) @@ -0,0 +1,9 @@ +# /etc/cron.d/sipb-xen-remctl-auto: crontab entries for the sipb-xen-remctl-auto package + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +MAILTO=root + +@reboot root if [ -x /etc/remctl/sipb-xen-auto/remctl-update.sh ]; then nice -n10 /etc/remctl/sipb-xen-auto/remctl-update.sh all; fi +* * * * */15 root if [ -x /etc/remctl/sipb-xen-auto/remctl-update.sh ]; then nice -n10 /etc/remctl/sipb-xen-auto/remctl-update.sh all; fi + +# EOF Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/conf.d/sipb-xen-auto =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/conf.d/sipb-xen-auto (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/conf.d/sipb-xen-auto (revision 32) @@ -0,0 +1,2 @@ +include /etc/remctl/sipb-xen-auto/machine.d +remctl-auto-update all /etc/remctl/sipb-xen-auto/remctl-update.sh ANYUSER Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/README =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/README (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/README (revision 32) @@ -0,0 +1,66 @@ +This is Tim Abbott's initial draft at our automatic remctl +configuration. + +/etc/remctl/sipb-xen-auto/remctl-update.sh is the magic script. Run +it with "all" as an argument, and it will update everything. + +The inputs to this system are as follows: + +/etc/remctl/sipb-xen-auto/acl/MACHINENAME + + This directory contains files named MACHINENAME for each machine. +These ACL files specify who is allowed to administer the machine. You +can use entries that are Kerberos principles, or entries of the form + +include /etc/remctl/sipb-xen-auto/moira-acl/sipb-xen + +to include AFS groups in ACLs. To add a new machine to the system, +you simply need to create /etc/remctl/sipb-xen-auto/acl/MACHINENAME +and then run + +/etc/remctl/sipb-xen-auto/remctl-update.sh all + +Everything else is autogenerated from that information. + + +Other files of interest: + +/etc/remctl/sipb-xen-auto/auto-machine-list + + The list of machines that should have their remctl configuration +files generated from the template. This is generated from +listing /etc/remctl/sipb-xen-auto/acl/*. + +/etc/remctl/sipb-xen-auto/auto-moira-list + + The list of Athena AFS groups from which acl files should be +generated. The ACL files are placed in +/etc/remctl/sipb-xen-auto/moira-acl/, and named GROUPNAME. Ths list +is generated by parsing the ACL files in /etc/remctl/sipb-xen-auto/acl/. + + +This package also includes a crontab to run + +/etc/remctl/sipb-xen-auto/remctl-update.sh all + +every 15 minutes or so to keep our Moira mapping up to date. One can +request an update of our Moira mapping for group X by running + +/etc/remctl/sipb-xen-auto/remctl-update.sh moiragroup X + +The web interface should probably run this when it adds a group. We +may want to make this also available to users, but I've been lame. + +This package includes a remctl interface available to anyone to invoke +the command: + +/etc/remctl/sipb-xen-auto/remctl-update.sh all + +using the following command from your favorite machine with remctl: + +remctl black-mesa.mit.edu remctl-auto-update all + +It requires no special permission to run; there is a potential DOS +issue here, but I don't think it is serious. + +Thought should be put into how to ensure that the servers stay in sync. Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.create.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.create.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.create.sh (revision 32) @@ -0,0 +1,1 @@ +link dispatch.sh Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.destroy.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.destroy.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.destroy.sh (revision 32) @@ -0,0 +1,1 @@ +link dispatch.sh Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.list.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.list.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.list.sh (revision 32) @@ -0,0 +1,1 @@ +link dispatch.sh Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.reboot.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.reboot.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.reboot.sh (revision 32) @@ -0,0 +1,1 @@ +link dispatch.sh Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.sh (revision 32) @@ -0,0 +1,25 @@ +#!/bin/sh +# dispatch-ACTION.sh MACHINE +# +# remctl should have already verified that the user is authorized to +# control the machine. So, we just need to execute the action requested. +# +# $0 and $1 come from the trusted remctl source. +# +# $2 and so on are user-provided, and thus sketchy. I don't think we +# need them for this script. + +ACTION=$(echo $0 | awk -F'.' '{print $2}') +MACHINE=$1 +echo $ACTION + +case "$ACTION" in + reboot|list|vcpu-list|destroy|create|uptime) + xm $ACTION $MACHINE + exit 0 + ;; + *) + echo "ERROR: Invalid Command" + exit 1 + ;; +esac Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.uptime.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.uptime.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.uptime.sh (revision 32) @@ -0,0 +1,1 @@ +link dispatch.sh Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.vcpu-list.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.vcpu-list.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/bin/dispatch.vcpu-list.sh (revision 32) @@ -0,0 +1,1 @@ +link dispatch.sh Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/conf.template =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/conf.template (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/conf.template (revision 32) @@ -0,0 +1,6 @@ +create #MACHINENAME# #BINDIR#/dispatch.create.sh /etc/remctl/sipb-xen-auto/acl/#MACHINENAME# +reboot #MACHINENAME# #BINDIR#/dispatch.reboot.sh /etc/remctl/sipb-xen-auto/acl/#MACHINENAME# +destroy #MACHINENAME# #BINDIR#/dispatch.destroy.sh /etc/remctl/sipb-xen-auto/acl/#MACHINENAME# +list #MACHINENAME# #BINDIR#/dispatch.list.sh /etc/remctl/sipb-xen-auto/acl/#MACHINENAME# +vcpu-list #MACHINENAME# #BINDIR#/dispatch.vcpu-list.sh /etc/remctl/sipb-xen-auto/acl/#MACHINENAME# +uptime #MACHINENAME# #BINDIR#/dispatch.uptime.sh /etc/remctl/sipb-xen-auto/acl/#MACHINENAME# Index: /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/remctl-update.sh =================================================================== --- /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/remctl-update.sh (revision 32) +++ /trunk/packages/sipb-xen-remctl-auto/sipb-xen-remctl-auto/files/etc/remctl/sipb-xen-auto/remctl-update.sh (revision 32) @@ -0,0 +1,85 @@ +#!/bin/sh +DIR=/etc/remctl/sipb-xen-auto +TEMPLATE=$DIR/conf.template +MACHINEDIR=$DIR/machine.d +MOIRADIR=$DIR/moira-acl +MOIRATMP=$DIR/moira-tmp +MACHINETMP=$DIR/machine-list-tmp +AUTOMACHINELIST=$DIR/auto-machine-list +AUTOMOIRALIST=$DIR/auto-moira-list +BINDIR=$DIR/bin +ACLDIR=$DIR/acl + +update_machine() +{ + machine=$1 + sed "s/#MACHINENAME#/$machine/g" $TEMPLATE | \ + sed "s,#BINDIR#,$BINDIR,g" >| $MACHINETMP + if ! cmp -s $MACHINEDIR/$machine $MACHINETMP; then + mv $MACHINETMP $MACHINEDIR/$machine + else + rm -f $MACHINETMP + fi +} + +update_moiragroup() +{ + group=$1 + # Should perhaps replace with LDAP, but fine for now. + + # We should do more careful error checking so we don't take away + # all bits and delete the moira-acl files whenever there's an AFS + # outage. + pts membership system:$group -noauth | tail -n+2 | \ + sed 's/\./\//' | \ + sed 's/^ //' | \ + sed 's/$/@ATHENA.MIT.EDU/g' >| $MOIRATMP + if test -s $MOIRATMP; then + if ! cmp -s $MOIRADIR/$group $MOIRATMP; then + mv $MOIRATMP $MOIRADIR/$group + fi + else + if test -e $MOIRADIR/$group; then + rm $MOIRADIR/$group + fi + fi + rm -f $MOIRATMP +} + +case "$1" in + moiragroup) + update_moiragroup "$2" + ;; + + all_machines) + # update the remctl.conf definitions + for machine in `cat $AUTOMACHINELIST`; do + update_machine $machine + done + ;; + all_moira) + # update our moira ACL lists + for group in `cat $AUTOMOIRALIST`; do + update_moiragroup $group + done + ;; + auto_machine_list) + # update the list of maintained machines + /bin/ls $ACLDIR >| $AUTOMACHINELIST + ;; + auto_moira_list) + # update the moira list-of-lists + # /bin/ls $MOIRADIR >| $AUTOMOIRALIST # BAD IDEA in case of outage + + # This extracts the list of all moira lists we care about, and updates those. + grep -R moira $ACLDIR/ /etc/remctl/acl/ | perl -pe 's/.*moira-acl\/(.*)/$1/g' >| $AUTOMOIRALIST + ;; + all) + "$0" auto_machine_list + "$0" all_machines + "$0" auto_moira_list + "$0" all_moira + ;; +esac + +exit 0