jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-19 15:30:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

DEVEL15-test-updates-20080331

Browse Source 
LICENSE IPL10

update tests directory


(cherry picked from commit a26d7f1403)
This commit is contained in:
Mike Meffie 2008-03-31 16:54:02 +00:00 committed by Derrick Brashear
parent 3b16299f87
commit e92f91496a
7 changed files with 625 additions and 384 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
src/tests/Makefile.in
View File

@ -359,7 +359,7 @@ install:
uninstall: uninstall:
all: run-tests dirpath.conf OpenAFS/Dirpath.pm libxfiles.a libdumpscan.a $(TEST_PROGRAMS)\ all: run-tests OpenAFS/Dirpath.pm libxfiles.a libdumpscan.a $(TEST_PROGRAMS)\
afsdump_scan afsdump_dirlist afsdump_extract dumptool afsdump_scan afsdump_dirlist afsdump_extract dumptool
@chmod +x run-tests @chmod +x run-tests
@ -378,25 +378,9 @@ check: run-tests $(TEST_PROGRAMS)
check-fast: run-tests $(TEST_PROGRAMS) check-fast: run-tests $(TEST_PROGRAMS)
./run-tests -all -fast ./run-tests -all -fast
dirpath.conf: Makefile # Note: The autoconf variables are not fully expanded
@echo "creating $@" # until make is run so we resort to creating the
@echo "# auto-generated by src/tests/Makefile" >$@ # configuration at make time.
@echo "# DO NOT EDIT" >>$@
@echo "afsconfdir=@afsconfdir@" >>$@
@echo "viceetcdir=@viceetcdir@" >>$@
@echo "afssrvbindir=@afssrvbindir@" >>$@
@echo "afssrvsbindir=@afssrvsbindir@" >>$@
@echo "afssrvlibexecdir=@afssrvlibexecdir@" >>$@
@echo "afsdbdir=@afsdbdir@" >>$@
@echo "afslogsdir=@afslogsdir@" >>$@
@echo "afslocaldir=@afslocaldir@" >>$@
@echo "afsbackupdir=@afsbackupdir@" >>$@
@echo "afsbosconfigdir=@afsbosconfigdir@" >>$@
@echo "afskerneldir=@afskerneldir@" >>$@
@echo "initdir=@sysconfdir@" >>$@
@echo "localstatedir=@localstatedir@" >>$@
@echo "ostype=@MKAFS_OSTYPE@" >>$@
OpenAFS/Dirpath.pm: Makefile OpenAFS/Dirpath.pm: Makefile
@echo "Creating OpenAFS/Dirpath.pm" @echo "Creating OpenAFS/Dirpath.pm"
@echo "# This is -*- perl -*-" >$@ @echo "# This is -*- perl -*-" >$@
@ -420,12 +404,25 @@ OpenAFS/Dirpath.pm: Makefile
@echo " 'afslocaldir' => '@afslocaldir@'," >>$@ @echo " 'afslocaldir' => '@afslocaldir@'," >>$@
@echo " 'afsbackupdir' => '@afsbackupdir@'," >>$@ @echo " 'afsbackupdir' => '@afsbackupdir@'," >>$@
@echo " 'afsbosconfigdir' => '@afsbosconfigdir@'," >>$@ @echo " 'afsbosconfigdir' => '@afsbosconfigdir@'," >>$@
@echo " 'afskerneldir' => '@afskerneldir@'," >>$@
@echo " 'initdir' => '@sysconfdir@'," >>$@
@echo " 'localstatedir' => '@localstatedir@'," >>$@
@echo " 'ostype' => '@MKAFS_OSTYPE@'," >>$@ @echo " 'ostype' => '@MKAFS_OSTYPE@'," >>$@
@if test "@afsconfdir@" = "/usr/afs/etc" ; then \
echo " # transarc paths" ;\
echo " 'cachedir' => '/usr/vice/cache'," ;\
echo " 'afsddir' => '/usr/vice/etc'," ;\
echo " 'initdir' => '/usr/vice/etc'," ;\
echo " 'afskerneldir' => '/usr/vice/etc/modload'," ;\
echo " 'afswsbindir' => '/usr/afsws/bin'," ;\
else \
echo " # modern paths" ;\
echo " 'cachedir' => '@localstatedir@/openafs/cache'," ;\
echo " 'afsddir' => '@afssrvsbindir@'," ;\
echo " 'initdir' => '@sysconfdir@'," ;\
echo " 'afskerneldir' => '@afskerneldir@'," ;\
echo " 'afswsbindir' => '@afssrvbindir@'," ;\
fi >>$@
@echo "};" >>$@ @echo "};" >>$@
@echo "" >>$@ @echo "" >>$@
@echo "1;" >>$@ @echo "1;" >>$@
.PHONY: all install clean realclean distclean mostlyclean install uninstall check .PHONY: all install clean realclean distclean mostlyclean install uninstall check

179
src/tests/OpenAFS/Auth.pm
View File

@ -7,6 +7,18 @@ use OpenAFS::Dirpath;
use OpenAFS::ConfigUtils; use OpenAFS::ConfigUtils;
my $path = $OpenAFS::Dirpath::openafsdirpath; my $path = $OpenAFS::Dirpath::openafsdirpath;
my $classes = {
'mit' => 'OpenAFS::Auth::MIT',
#'heimdal' => 'OpenAFS::Auth::Heimdal',
'kaserver' => 'OpenAFS::Auth::Kaserver',
};
my $bos = "$path->{'afssrvbindir'}/bos";
my $aklog = "$path->{'afswsbindir'}/aklog";
my $tokens = "$path->{'afswsbindir'}/tokens";
my $asetkey = "$path->{'afssrvbindir'}/asetkey";
my $kas = "$path->{'afssrvsbindir'}/kas";
my $klog = "$path->{'afswsbindir'}/klog";
# #
# Create an auth type for the specified Kerberos implementation. # Create an auth type for the specified Kerberos implementation.
@ -27,24 +39,36 @@ my $path = $OpenAFS::Dirpath::openafsdirpath;
# $auth->authorize('admin'); # $auth->authorize('admin');
# #
sub create { sub create {
my $parms = {@_};
my $type = 'mit';
if (defined $parms->{'type'}) {
$type = $parms->{'type'};
}
$type =~ tr/A-Z/a-z/;
my $class = $classes->{$type};
unless($class) {
die "Unsupported kerberos type: $type\n";
}
return $class->new(@_);
}
#
# Create an auth instance.
#
sub new {
my $class = shift;
my $self = { my $self = {
# default values # default values
'type' => 'MIT', 'type' => 'MIT',
'keytab' => "$path->{'afsconfdir'}/krb5.keytab",
'cell' => '', 'cell' => '',
'realm' => '', 'realm' => '',
'admin' => 'admin',
'debug' => '0', 'debug' => '0',
# user specified values # user specified values
@_, @_,
}; };
# check for supported kerberos type.
my $type = $self->{'type'};
$self->{'type'} = _check_kerberos_type($type) or
die "Unsupported kerberos type: $type\n";
# create the sub-class for the kerberos type.
my $class = "OpenAFS::Auth::$self->{'type'}";
$self = bless($self, $class); $self = bless($self, $class);
# attempt get default values. # attempt get default values.
@ -75,19 +99,6 @@ sub create {
return $self; return $self;
} }
#
# Check for supported kerberos type, and allow for case insensitivity.
#
sub _check_kerberos_type {
my $type = shift;
foreach my $supported ('MIT', 'Heimdal', 'Kaserver') {
if ($type =~ /^$supported$/i) {
return $supported;
}
}
return undef;
}
# #
# Returns the cell name from the ThisCell configuration file. # Returns the cell name from the ThisCell configuration file.
# #
@ -149,6 +160,19 @@ sub debug {
return $self->{'debug'}; return $self->{'debug'};
} }
#
# check_program($prog) - verify the program is installed.
#
sub check_program {
my $self = shift;
my $program = shift;
unless ( -f $program ) {
die "error: Missing program: $program\n";
}
unless ( -x $program ) {
die "error: Not executable: $program\n";
}
}
#------------------------------------------------------------------------------------ #------------------------------------------------------------------------------------
# MIT Kerberos authorization commands. # MIT Kerberos authorization commands.
@ -159,20 +183,17 @@ use OpenAFS::Dirpath;
use OpenAFS::ConfigUtils; use OpenAFS::ConfigUtils;
our @ISA = ("OpenAFS::Auth"); our @ISA = ("OpenAFS::Auth");
# #
# Sanity checks before we get started. # Sanity checks before we get started.
# #
sub _sanity_check { sub _sanity_check {
my $self = shift; my $self = shift;
unless (defined $path->{'afssrvbindir'}) {
die "error: \$path->{'afssrvbindir'} is not defined.\n"; $self->check_program($aklog);
} $self->check_program($tokens);
unless (-f "$path->{'afssrvbindir'}/aklog") { $self->check_program($asetkey);
die "error: $path->{'afssrvbindir'}/aklog not found.\n";
}
unless (-x "$path->{'afssrvbindir'}/aklog") {
die "error: $path->{'afssrvbindir'}/aklog not executable.\n";
}
unless ($self->{'realm'}) { unless ($self->{'realm'}) {
die "error: Missing realm parameter Auth::create().\n"; die "error: Missing realm parameter Auth::create().\n";
} }
@ -182,44 +203,20 @@ sub _sanity_check {
unless ( -f $self->{'keytab'} ) { unless ( -f $self->{'keytab'} ) {
die "error: Kerberos keytab file not found: $self->{'keytab'}\n"; die "error: Kerberos keytab file not found: $self->{'keytab'}\n";
} }
unless ( -f $self->{'keytab'} ) {
die "error: Keytab file not found: $self->{'keytab'}\n"; print "debug: Verifying the keytab and admin name, $self->{'admin'}.\n" if $self->debug;
} run("kinit -k -t $self->{'keytab'} $self->{'admin'}");
print "debug: Getting the afs principal and kvno from the keytab.\n" if $self->debug;
$self->_prepare_make_keyfile();
} }
# #
# Create the KeyFile from the Kerberos keytab file. The keytab file # Read the keytab to find the kvno of the afs principal.
# should be created using the Kerberos kadmin command (or with the kadmin.local command
# as root on the KDC). See the OpenAFS asetkey man page for details.
# #
sub make_keyfile { sub _prepare_make_keyfile {
my $self = shift; my $self = shift;
# asetkey annoyance. The current asetkey implementation requires the ThisCell and CellServDB files
# to be present but they really are not needed to create the KeyFile. This check is done here
# rather than in the _sanity_checks() because the ThisCell/CellServerDB are created later in
# the process of creating the new cell.
unless ( -f "$path->{'afsconfdir'}/ThisCell" ) {
die "error: OpenAFS configuration file is required, $path->{'afsconfdir'}/ThisCell\n";
}
unless ( -f "$path->{'afsconfdir'}/CellServDB" ) {
die "error: OpenAFS configuration file is required, $path->{'afsconfdir'}/CellServDB\n";
}
unless ( -f "$path->{'afssrvbindir'}/asetkey" ) {
die "error: $path->{'afssrvbindir'}/asetkey is missing.\nWas OpenAFS built with Kerberos support?\n";
}
unless ( -x "$path->{'afssrvbindir'}/asetkey" ) {
die "error: Do not have execute permissions on $path->{'afssrvbindir'}/asetkey\n";
}
unless ( -d $path->{'afsconfdir'} ) {
die "error: OpenAFS configuration directory '$path->{'afsconfdir'}' is missing.\n";
}
unless ( -w $path->{'afsconfdir'} ) {
die "error: Write access to the OpenAFS configuration directory '$path->{'afsconfdir'}' is required.\n";
}
# Run klist to get the kvno of the afs key. Search for afs/cellname@REALM # Run klist to get the kvno of the afs key. Search for afs/cellname@REALM
# then afs@REALM. klist must be in the path. # then afs@REALM. klist must be in the path.
my %keys = (); my %keys = ();
@ -263,8 +260,36 @@ sub make_keyfile {
"'afs/$cell' in keytab $self->{'keytab'}\n"; "'afs/$cell' in keytab $self->{'keytab'}\n";
} }
# Run asetkey on the keytab to create the KeyFile. asetkey must be in the PATH. $self->{'afs_principal'} = $afs_principal;
run("$path->{'afssrvbindir'}/asetkey add $afs_kvno $self->{'keytab'} $afs_principal"); $self->{'afs_kvno'} = $afs_kvno;
}
#
# Create the KeyFile from the Kerberos keytab file. The keytab file
# should be created using the Kerberos kadmin command (or with the kadmin.local command
# as root on the KDC). See the OpenAFS asetkey man page for details.
#
sub make_keyfile {
my $self = shift;
# The current asetkey implementation requires the ThisCell and CellServDB files
# to be present but they really are not needed to create the KeyFile. A check is done here
# rather than in the _sanity_checks() because the ThisCell/CellServerDB are created later in
# the process of creating the new cell.
unless ( -d $path->{'afsconfdir'} ) {
die "error: OpenAFS configuration directory '$path->{'afsconfdir'}' is missing.\n";
}
unless ( -w $path->{'afsconfdir'} ) {
die "error: Write access to the OpenAFS configuration directory '$path->{'afsconfdir'}' is required.\n";
}
unless ( -f "$path->{'afsconfdir'}/ThisCell" ) {
die "error: OpenAFS configuration file is required, $path->{'afsconfdir'}/ThisCell\n";
}
unless ( -f "$path->{'afsconfdir'}/CellServDB" ) {
die "error: OpenAFS configuration file is required, $path->{'afsconfdir'}/CellServDB\n";
}
run("$asetkey add $self->{'afs_kvno'} $self->{'keytab'} $self->{'afs_principal'}");
} }
# #
@ -272,13 +297,13 @@ sub make_keyfile {
# #
sub authorize { sub authorize {
my $self = shift; my $self = shift;
my $principal = shift || 'admin'; my $principal = shift || $self->{'admin'};
my $opt_aklog = ""; my $opt_aklog = "";
$opt_aklog .= " -d" if $self->debug; $opt_aklog .= " -d" if $self->debug;
run("kinit -k -t $self->{'keytab'} $principal"); run("kinit -k -t $self->{'keytab'} $principal");
run("$path->{'afssrvbindir'}/aklog $opt_aklog"); run("$aklog $opt_aklog");
run("$path->{'afssrvbindir'}/tokens"); run("$tokens");
} }
@ -305,6 +330,11 @@ sub _sanity_check {
} }
} }
sub make_keyfile {
my $self = shift;
die "not implemented.";
}
# #
# Get kerberos ticket and AFS token for the user. # Get kerberos ticket and AFS token for the user.
# #
@ -321,23 +351,36 @@ use OpenAFS::Dirpath;
use OpenAFS::ConfigUtils; use OpenAFS::ConfigUtils;
our @ISA = ("OpenAFS::Auth"); our @ISA = ("OpenAFS::Auth");
# #
# Various checks during initialization. # Various checks during initialization.
# #
sub _sanity_check { sub _sanity_check {
my $self = shift; my $self = shift;
$self->check_program($kas);
$self->check_program($klog);
$self->check_program($tokens);
unless ($self->{'realm'}) { unless ($self->{'realm'}) {
die "Missing realm parameter Auth::create().\n"; die "Missing realm parameter Auth::create().\n";
} }
} }
sub make_keyfile {
my $self = shift;
run("$kas create afs -noauth");
run("$kas create admin -noauth");
run("$kas setfields admin -flags admin -noauth");
run("$bos addkey localhost -kvno 0 -noauth");
}
# #
# Get kerberos ticket and AFS token for the user. # Get kerberos ticket and AFS token for the user.
# #
sub authorize { sub authorize {
my $self = shift; my $self = shift;
my $principal = shift || 'admin'; my $principal = shift || 'admin';
run("echo \"Proceeding w/o authentication\"|klog -pipe ${principal}\@$self->{'realm'}"); #run("echo \"Proceeding w/o authentication\"|klog -pipe ${principal}\@$self->{'realm'}");
run("klog $principal\@$self->{'realm'}");
} }
1; 1;

62
src/tests/OpenAFS/OS.pm
View File

@ -13,30 +13,24 @@ my $path = $OpenAFS::Dirpath::openafsdirpath;
# and commands. # and commands.
# #
sub create { sub create {
my $class = _get_class($path->{'ostype'});
$class->new(@_);
}
#
# Create the OS object.
#
sub new {
my $class = shift;
my $self = { my $self = {
'debug'=>0, 'debug'=>0,
'ostype'=>$path->{'ostype'}, 'ostype'=>$path->{'ostype'},
@_, @_,
}; };
my $class = _get_class($self->{'ostype'});
$self = bless($self, $class); $self = bless($self, $class);
$self->{'syscnf'} = "$path->{'initdir'}/test-afs-rc.conf";
$self->{'commands'} = $self->get_commands(); $self->{'commands'} = $self->get_commands();
# Put the paths to the cache and afsd into the path
# table. Assume legacy paths if the the viceetcdir is set to
# the Transarc path.
if ($path->{'viceetcdir'} eq '/usr/vice/etc') {
# set in the makefile dest targets
$path->{'cachedir'} = "/usr/vice" unless $path->{'cachedir'};
$path->{'afsddir'} = "/usr/vice/etc" unless $path->{'afsddir'};
}
else {
# set in the makefile install targets
$path->{'cachedir'} = "$path->{'localstatedir'}/openafs" unless $path->{'cachedir'};
$path->{'afsddir'} = "$path->{'afssrvsbindir'}" unless $path->{'afsddir'};
}
return $self; return $self;
} }
@ -156,6 +150,16 @@ sub find_pids {
return @pids; return @pids;
} }
#
# Returns the number of pids found for a program name.
#
sub number_running {
my $self = shift;
my $program = shift;
my @pids = $self->find_pids($program);
return scalar @pids;
}
#-------------------------------------------------------------- #--------------------------------------------------------------
package OpenAFS::OS::Linux; package OpenAFS::OS::Linux;
use warnings; use warnings;
@ -169,12 +173,11 @@ our @ISA = qw(OpenAFS::OS::Unix);
# #
sub get_commands { sub get_commands {
my $self = shift; my $self = shift;
my $syscnf = "$path->{'initdir'}/testclient.conf";
my $commands = { my $commands = {
'client-start' => "SYSCNF=$syscnf $path->{'initdir'}/afs.rc start", 'client-start' => "SYSCNF=$self->{'syscnf'} $path->{'initdir'}/afs.rc start",
'client-stop' => "SYSCNF=$syscnf $path->{'initdir'}/afs.rc stop", 'client-stop' => "SYSCNF=$self->{'syscnf'} $path->{'initdir'}/afs.rc stop",
'client-restart' => "SYSCNF=$syscnf $path->{'initdir'}/afs.rc restart", 'client-restart' => "SYSCNF=$self->{'syscnf'} $path->{'initdir'}/afs.rc restart",
'client-forcestop' => sub { $self->client_forcestop() }, 'client-forcestop' => sub { $self->client_forcestop() },
'fileserver-start' => sub { $self->fileserver_start() }, 'fileserver-start' => sub { $self->fileserver_start() },
'fileserver-stop' => sub { $self->fileserver_stop() }, 'fileserver-stop' => sub { $self->fileserver_stop() },
@ -201,12 +204,11 @@ sub configure_client {
}; };
my $debug = $self->{'debug'}; my $debug = $self->{'debug'};
my $syscnf = "$path->{'initdir'}/testclient.conf";
open (SYSCNF, "> $syscnf") or open (SYSCNF, "> $self->{'syscnf'}") or
die "error: Cannot open afs.rc configuration file $syscnf, $!\n"; die "error: Cannot open afs.rc configuration file $self->{'syscnf'}, $!\n";
print "debug: creating afs.rc configuration file $syscnf\n" if $debug; print "debug: creating afs.rc configuration file $self->{'syscnf'}\n" if $debug;
print SYSCNF <<"_SYSCNF_"; print SYSCNF <<"_SYSCNF_";
AFS_CLIENT=on AFS_CLIENT=on
AFS_SERVER=off AFS_SERVER=off
@ -216,7 +218,7 @@ CACHESIZE=$config->{'cachesize'}
OPTIONS="-confdir $path->{'viceetcdir'}" OPTIONS="-confdir $path->{'viceetcdir'}"
WAIT_FOR_SALVAGE=no WAIT_FOR_SALVAGE=no
AFSDIR=/afs AFSDIR=/afs
CACHEDIR=$path->{'cachedir'}/cache CACHEDIR=$path->{'cachedir'}
CACHEINFO=$path->{'viceetcdir'}/cacheinfo CACHEINFO=$path->{'viceetcdir'}/cacheinfo
VERBOSE= VERBOSE=
AFS_POST_INIT= AFS_POST_INIT=
@ -228,7 +230,7 @@ MODLOADDIR=$path->{'afskerneldir'}
_SYSCNF_ _SYSCNF_
close SYSCNF; close SYSCNF;
if ($debug) { if ($debug) {
if (open(SYSCNF, "< $syscnf")) { if (open(SYSCNF, "< $self->{'syscnf'}")) {
while (<SYSCNF>) { while (<SYSCNF>) {
chomp; print "debug: $_\n"; chomp; print "debug: $_\n";
} }
@ -237,10 +239,10 @@ _SYSCNF_
} }
# Create a cache directory if none. # Create a cache directory if none.
unless ( -d "$path->{'cachedir'}/cache" ) { unless ( -d "$path->{'cachedir'}" ) {
print "debug: making cache directory: $path->{'cachedir'}/cache\n" if $debug; print "debug: making cache directory: $path->{'cachedir'}\n" if $debug;
system("mkdir -p $path->{'cachedir'}/cache"); system("mkdir -p $path->{'cachedir'}");
system("chmod 0700 $path->{'cachedir'}/cache"); system("chmod 0700 $path->{'cachedir'}");
} }
# Create the local /afs directory on which the afs filespace will be mounted. # Create the local /afs directory on which the afs filespace will be mounted.

8
src/tests/OpenAFS/config.pm
View File

@ -94,12 +94,10 @@ what you want...
=cut =cut
@CmdPath = (split(/:/, $ENV{PATH}), @CmdPath = (
$OpenAFS::Dirpath::openafsdirpath->{'afssrvbindir'}, # For servers $OpenAFS::Dirpath::openafsdirpath->{'afssrvbindir'}, # For servers
'/usr/local/bin', # Many sites put AFS in /usr/local $OpenAFS::Dirpath::openafsdirpath->{'afswsbindir'},
'/usr/local/etc', );
'/usr/afsws/bin', # For people who use Transarc's
'/usr/afsws/etc'); # silly reccommendations
=item $err_table_dir - Error table directory =item $err_table_dir - Error table directory

680
src/tests/afs-newcell.pl
View File

@ -12,38 +12,39 @@ use OpenAFS::OS;
use OpenAFS::Auth; use OpenAFS::Auth;
use Getopt::Long; use Getopt::Long;
use Pod::Usage; use Pod::Usage;
use Socket;
=head1 NAME =head1 NAME
afs-newcell - Set up initial database server for AFS cell. afs-newcell - Set up the initial database and file server for a new OpenAFS cell.
=head1 SYNOPSIS =head1 SYNOPSIS
B<afs-newcell> B<afs-newcell>
B<--batch> [ B<--batch> ]
B<--debug> [ B<--debug> ]
B<--dont-unwind> [ B<--unwind> ]
B<--help> [ B<--help> ]
B<--ostype>=os [ B<--server>=hostname ]
B<--server>=hostname [ B<--cellname>=cell ]
B<--cellname>=cell [ B<--partition>=partition ]
B<--partition>=partition [ B<--admin>=administrator ]
B<--admin>=administrator [ B<--kerberos-type>=authentication_type ]
B<--kerberos-type>=authentication_type [ B<--kerberos-realm>=realm_name ]
B<--kerberos-realm>=realm_name [ B<--kerberos-keytab>=keytab_file ]
B<--kerberos-keytab>=keytab_file [ B<--with-dafs> ]
B<--skip-make-keyfile> [ B<--options-ptserver>=options ]
B<--with-dafs> [ B<--options-vlserver>=options ]
B<--options-fileserver>=options [ B<--options-fileserver>=options ]
B<--options-volserver>=options [ B<--options-volserver>=options ]
B<--options-salvageserver>=options [ B<--options-salvageserver>=options ]
B<--options-salvager>=options [ B<--options-salvager>=options ]
=head1 DESCRIPTION =head1 DESCRIPTION
This script sets up the initial AFS database and configures the first This script sets up the initial AFS database and configures the first
database/file server. It also sets up an AFS cell's root volumes. It assumes database/file server. It also sets up an AFS cell's root volumes. The
that you already have a fileserver and database servers installed. The fileserver and database server binaries must already be installed. The
fileserver should have an empty root.afs. This script creates root.cell, user, fileserver should have an empty root.afs. This script creates root.cell, user,
service and populates root.afs. service and populates root.afs.
@ -88,7 +89,7 @@ The asetkey command requires a cell configuration.
You will need an administrative principal created in a Kerberos realm. This You will need an administrative principal created in a Kerberos realm. This
principal will be added to system:administrators and thus will be able to run principal will be added to system:administrators and thus will be able to run
administrative commands. Generally the user is a root instance of some administrative commands. Generally the user is a root instance of some
administravie user. For example if jruser is an administrator then it would be administrative user. For example if jruser is an administrator then it would be
reasonable to create jruser/root and specify jruser/root as the user to be reasonable to create jruser/root and specify jruser/root as the user to be
added in this script using the 'admin' command line option. You will also need added in this script using the 'admin' command line option. You will also need
to create a keyfile for this adminstrative user which is used by the script to to create a keyfile for this adminstrative user which is used by the script to
@ -125,17 +126,17 @@ sub prompt($$) {
# #
sub mkvol($$$$) { sub mkvol($$$$) {
my ($vol, $mnt, $srv, $part) = @_; my ($vol, $mnt, $srv, $part) = @_;
run("$path->{'afssrvsbindir'}/vos create $srv $part $vol -maxquota 0 -localauth"); run("$path->{'afssrvsbindir'}/vos create $srv $part $vol -maxquota 0");
unwind("$path->{'afssrvsbindir'}/vos remove $srv $part $vol -localauth"); unwind("$path->{'afssrvsbindir'}/vos remove $srv $part $vol");
run("$path->{'afssrvbindir'}/fs mkm $mnt $vol "); run("$path->{'afssrvbindir'}/fs mkmount $mnt $vol ");
run("$path->{'afssrvbindir'}/fs sa $mnt system:anyuser rl"); run("$path->{'afssrvbindir'}/fs setacl $mnt system:anyuser rl");
} }
#----------------------------------------------------------------------------------- #-----------------------------------------------------------------------------------
# check_program($prog) - verify the program is installed. # check_program($prog) - verify the program is installed.
# #
sub check_program($) { sub check_program($) {
my ($program) = @_; my ($program) = @_;
unless ( -f $program ) { unless ( -f $program ) {
die "error: Missing program: $program\n"; die "error: Missing program: $program\n";
} }
@ -150,32 +151,30 @@ sub check_program($) {
# options # options
my $batch = 0; my $batch = 0;
my $debug = 0; my $debug = 0;
my $dont_unwind = 0; my $unwind = 1;
my $help = 0; my $help = 0;
my $ostype = $path->{'ostype'};
my $server = 'localhost';
my $cellname = 'testcell'; my $cellname = 'testcell';
my $partition = '/vicepa'; my $partition = 'a';
my $admin = 'admin'; my $admin = 'admin';
my $kerberos_type = 'MIT'; my $kerberos_type = 'MIT';
my $kerberos_realm = 'TESTCELL'; my $kerberos_realm = 'TESTCELL';
my $kerberos_keytab = "$path->{'afsconfdir'}/krb5.keytab"; my $kerberos_keytab = "$path->{'afsconfdir'}/krb5.keytab";
my $skip_make_keyfile = 0;
my $with_dafs = 0; my $with_dafs = 0;
my $options_ptserver = '';
my $options_vlserver = '';
my $options_fileserver = ''; my $options_fileserver = '';
my $options_volserver = ''; my $options_volserver = '';
my $options_salvageserver = ''; my $options_salvageserver = '';
my $options_salvager = ''; my $options_salvager = '';
$server = `hostname`; my $server = `hostname -f`;
chomp $server; chomp $server;
GetOptions ( GetOptions (
"batch" => \$batch, "batch!" => \$batch,
"debug!" => \$debug, "debug!" => \$debug,
"dont-unwind!" => \$dont_unwind, "unwind!" => \$unwind,
"help" => \$help, "help" => \$help,
"ostype=s" => \$ostype,
"server=s" => \$server, "server=s" => \$server,
"cellname=s" => \$cellname, "cellname=s" => \$cellname,
"partition=s" => \$partition, "partition=s" => \$partition,
@ -183,8 +182,9 @@ GetOptions (
"kerberos-type=s" => \$kerberos_type, "kerberos-type=s" => \$kerberos_type,
"kerberos-realm=s" => \$kerberos_realm, "kerberos-realm=s" => \$kerberos_realm,
"kerberos-keytab=s" => \$kerberos_keytab, "kerberos-keytab=s" => \$kerberos_keytab,
"skip-make-keyfile" => \$skip_make_keyfile,
"with-dafs" => \$with_dafs, "with-dafs" => \$with_dafs,
"options-ptserver=s" => \$options_ptserver,
"options-vlserver=s" => \$options_vlserver,
"options-fileserver=s" => \$options_fileserver, "options-fileserver=s" => \$options_fileserver,
"options-volserver=s" => \$options_volserver, "options-volserver=s" => \$options_volserver,
"options-salvageserver=s" => \$options_salvageserver, "options-salvageserver=s" => \$options_salvageserver,
@ -196,17 +196,17 @@ if ($help) {
exit 0; exit 0;
} }
# print debug messages when running commands. # To print debug messages in the run() calls.
$OpenAFS::ConfigUtils::debug = $debug; $OpenAFS::ConfigUtils::debug = $debug;
# #-----------------------------------------------------------------------------
# Verify we have a clean slate before starting. # Prereq: Must be root and must not already have a cell configuration.
# #
my @problems = (); my @problems = ();
my $try_rm_cell = 0; my $try_rm_cell = 0;
if ($> != 0) { if ($> != 0) {
push(@problems, "This script should run as root."); push(@problems, "You must be root to run this script.");
} }
my @afsconfigfiles = ( my @afsconfigfiles = (
@ -215,6 +215,8 @@ my @afsconfigfiles = (
"$path->{'afsconfdir'}/UserList", "$path->{'afsconfdir'}/UserList",
"$path->{'afsdbdir'}/prdb.DB0", "$path->{'afsdbdir'}/prdb.DB0",
"$path->{'afsbosconfigdir'}/BosConfig", "$path->{'afsbosconfigdir'}/BosConfig",
"$path->{'afsddir'}/ThisCell",
"$path->{'afsddir'}/CellServDB",
); );
foreach my $configfile (@afsconfigfiles) { foreach my $configfile (@afsconfigfiles) {
if ( -f $configfile ) { if ( -f $configfile ) {
@ -231,8 +233,8 @@ if (@problems) {
exit 1; exit 1;
} }
# #-----------------------------------------------------------------------------
# Interactive mode # Prereq: System requirements notification.
# #
unless ($batch) { unless ($batch) {
@ -246,20 +248,16 @@ this script. See 'pod2text $0' for more details.
the --partition option for alternative mount points.) the --partition option for alternative mount points.)
2) The OpenAFS client and server binaries must be installed. 2) The OpenAFS client and server binaries must be installed.
The init scripts to start and stop the client and servers There should be no remnants from a previous cell.
must be installed and configured. OpenAFS/OS.pm must be Run afs-rmcell to remove any.
configured for your system. There should be no remants
from a previous cell. Run afs-rmcell to remove any.
3) A Kerberos realm with Kerberos4 support must be available. 3) A Kerberos realm with Kerberos 4 support must be available.
Supported Kerberos implementations are Heimdal with Supported Kerberos implementations are Heimdal with
Kth-kerberos compatibility, MIT Kerberos 5, and Kth-kerberos compatibility, MIT Kerberos 5, and
Kaserver (deprecated). OpenAFS/Auth.pm must be configured Kaserver (deprecated).
for your system.
4) A Kerberos keytab file containing the afs principal 4) A Kerberos keytab file containing the afs principal
and the administrator principal must be be present at and the administrator principal must be be present.
$path->{'afsconfdir'}/krb5.keytab.
See the asetkey man page for information about creating the See the asetkey man page for information about creating the
keytab file. The default name of the administrator keytab file. The default name of the administrator
principal is 'admin'. See the --admin option for principal is 'admin'. See the --admin option for
@ -270,87 +268,154 @@ eoreqs
my $answer = prompt("Does your system meet these requirements? (yes/no)", "no"); my $answer = prompt("Does your system meet these requirements? (yes/no)", "no");
unless ($answer=~/^y/i ) { unless ($answer=~/^y/i ) {
print "OK: Aborted.\n"; print "OK: Aborted.\n";
exit 0; exit 0;
} }
}
print "\nServer options:\n"; #-----------------------------------------------------------------------------
$ostype = prompt("Which OS?", $ostype); # Prereq: Verify required binaries, directories, and permissions.
$server = prompt("What server name should be used?", $server); #
$cellname = prompt("What cellname should be used?", $cellname); my $bosserver = "$path->{'afssrvsbindir'}/bosserver";
$partition = prompt("What vice partition?", $partition); my $bos = "$path->{'afssrvbindir'}/bos";
$admin = prompt("What administrator username?", $admin); my $fs = "$path->{'afssrvbindir'}/fs";
if($admin =~ /@/) { my $pts = "$path->{'afssrvbindir'}/pts";
die "error: Please specify the username without the realm name.\n"; my $vos = "$path->{'afssrvsbindir'}/vos";
} my $afsrc = "$path->{'initdir'}/afs.rc";
my $aklog = "$path->{'afswsbindir'}/aklog";
my $tokens = "$path->{'afswsbindir'}/tokens";
my $klog = "$path->{'afswsbindir'}/klog";
my $kas = "$path->{'afssrvsbindir'}/kas";
print "\nKerberos options:\n"; check_program($bosserver);
$kerberos_type = prompt("Which Kerberos is to be used?", $kerberos_type); check_program($bos);
check_program($fs);
check_program($pts);
check_program($vos);
check_program($afsrc);
check_program($tokens);
#-----------------------------------------------------------------------------
# Prereq: Cell configuration
#
if ($batch) {
if ($kerberos_type!~/kaserver/i) { if ($kerberos_type!~/kaserver/i) {
$kerberos_realm = prompt("What Kerberos realm?", $kerberos_realm); check_program($aklog);
$kerberos_keytab = prompt("What keytab file?", $kerberos_keytab); unless ( -f $kerberos_keytab ) {
$answer = prompt("Create OpenAFS KeyFile from a keytab? (yes/no)", "yes"); die "error: Missing keytab file: $kerberos_keytab\n";
$skip_make_keyfile = ($answer=~/^y/i) ? 0 : 1; }
}
}
else {
my $answer;
get_options: {
$answer = prompt("Print afs-newcell debugging messages? (yes/no)", $debug ? "yes" : "no");
$debug = ($answer=~/^y/i) ? 1 : 0;
print "\nServer options:\n";
$server = prompt("What server name should be used?", $server);
$cellname = prompt("What cellname should be used?", $cellname);
$partition = prompt("What vice partition?", $partition);
$admin = prompt("What administrator username?", $admin);
if($admin =~ /@/) {
die "error: Please specify the username without the realm name.\n";
}
print "\nKerberos options:\n";
$kerberos_type = prompt("Which Kerberos is to be used?", $kerberos_type);
if ($kerberos_type=~/kaserver/i) {
check_program($klog);
check_program($kas);
}
else {
check_program($aklog);
$kerberos_realm = $cellname;
$kerberos_realm =~ tr/a-z/A-Z/;
$kerberos_realm = prompt("What Kerberos realm?", $kerberos_realm);
get_keytab: {
$kerberos_keytab = prompt("What keytab file?", $kerberos_keytab);
unless ( -f $kerberos_keytab ) {
print "Cannot find keytab file $kerberos_keytab\n";
redo get_keytab;
}
}
}
print "\nDatabase Server options:\n";
$options_ptserver = prompt("ptserver options:", $options_ptserver);
$options_vlserver = prompt("vlserver options:", $options_vlserver);
print "\nFileserver options:\n";
$answer = prompt("Use DAFS fileserver (requires DAFS build option)? (yes/no)", "no");
$with_dafs = ($answer=~/^y/i) ? 1 : 0;
$options_fileserver = prompt("fileserver options:", $options_fileserver);
$options_volserver = prompt("volserver options:", $options_volserver);
$options_salvageserver = prompt("salvageserver options:", $options_salvageserver);
$options_salvager = prompt("salvager options:", $options_salvager);
print "\nConfirmation:\n";
print "Server name : $server\n";
print "Cell name : $cellname\n";
print "Partition : $partition\n";
print "Administrator : $admin\n";
print "Kerberos : $kerberos_type\n";
if ($kerberos_type!~/kaserver/i) {
print "Realm : $kerberos_realm\n";
print "Keytab file : $kerberos_keytab\n";
}
print "DAFS fileserver : ", $with_dafs ? "yes" : "no", "\n";
print "ptserver options : $options_ptserver\n";
print "vlserver options : $options_vlserver\n";
print "fileserver options : $options_fileserver\n";
print "volserver options : $options_volserver\n";
print "salvagerserver options : $options_salvageserver\n";
print "salvager options : $options_salvager\n";
print "\n";
$answer = prompt("Correct? (yes/no/quit)", "yes");
exit(0) if $answer=~/^q/i;
redo get_options if $answer!~/^y/i;
} }
print "\nFileserver options:\n"; # Save the options as a shell script for the next run.
$answer = prompt("Use DAFS fileserver (requires DAFS build option)? (yes/no)", "no"); $answer = prompt("Save these options? (yes/no)", "yes");
$with_dafs = ($answer=~/^y/i) ? 1 : 0;
$options_fileserver = prompt("fileserver options:", $options_fileserver);
$options_volserver = prompt("volserver options:", $options_volserver);
$options_salvageserver = prompt("salvageserver options:", $options_salvageserver);
$options_salvager = prompt("salvager options:", $options_salvager);
print "\nConfirmation:\n";
print "OS Type : $ostype\n";
print "Server name : $server\n";
print "Cell name : $cellname\n";
print "Partition : $partition\n";
print "Administrator : $admin\n";
print "Kerberos : $kerberos_type\n";
if ($kerberos_type!~/kaserver/i) {
print "Realm : $kerberos_realm\n";
print "Keytab file : $kerberos_keytab\n";
print "Make KeyFile : ", $skip_make_keyfile ? "yes" : "no", "\n";
}
print "DAFS fileserver : ", $with_dafs ? "yes" : "no", "\n";
print "fileserver options : $options_fileserver\n";
print "volserver options : $options_volserver\n";
print "salvagerserver options : $options_salvageserver\n";
print "salvager options : $options_salvager\n";
print "\n";
$answer = prompt("Continue? (yes/no)", "yes");
unless ($answer=~/^y/i ) {
print "OK: Aborted.\n";
exit 0;
}
# Save the options for the next time.
$answer = prompt("Save as command-line options? (yes/no)", "yes");
if ($answer=~/^y/i ) { if ($answer=~/^y/i ) {
my $switches = ""; my $script = '';
$switches .= "--batch"; get_script_name: {
$switches .= " --debug" if $debug; $script = prompt("File name for save?", "run-afs-newcell.sh");
$switches .= " --dont_unwind" if $dont_unwind; last get_script_name if ! -f $script;
$switches .= " --ostype='$ostype'" if $ostype;
$switches .= " --server='$server'" if $server;
$switches .= " --cellname='$cellname'" if $cellname;
$switches .= " --partition='$partition'" if $partition;
$switches .= " --admin='$admin'" if $admin;
$switches .= " --kerberos-type='$kerberos_type'" if $kerberos_type;
$switches .= " --kerberos-realm='$kerberos_realm'" if $kerberos_realm;
$switches .= " --kerberos-keytab='$kerberos_keytab'" if $kerberos_keytab;
$switches .= " --skip-make-keyfile" if $skip_make_keyfile;
$switches .= " --with-dafs" if $with_dafs;
$switches .= " --options-fileserver='$options_fileserver'" if $options_fileserver;
$switches .= " --options-volserver='$options_volserver'" if $options_volserver;;
$switches .= " --options-salvageserver='$options_salvageserver'" if $options_salvageserver;;
$switches .= " --options-salvager='$options_salvager'" if $options_salvager;
my $conf = prompt("Filename for save?", "afs-newcell.conf"); $answer = prompt("File $script already exists. Overwrite? (yes/no/quit)", "no");
open(CONF, "> $conf") or die "error: Cannot open file $conf: $!\n"; exit(0) if $answer=~/^q/i;
print CONF "$switches\n"; last get_script_name if $answer=~/^yes/i;
close CONF; redo get_script_name;
}
my @switches = ();
push(@switches, "--batch"); # automatically added to the script
push(@switches, "--debug") if $debug;
push(@switches, "--nounwind") unless $unwind;
push(@switches, "--server='$server'") if $server;
push(@switches, "--cellname='$cellname'") if $cellname;
push(@switches, "--partition='$partition'") if $partition;
push(@switches, "--admin='$admin'") if $admin;
push(@switches, "--kerberos-type='$kerberos_type'") if $kerberos_type;
push(@switches, "--kerberos-realm='$kerberos_realm'") if $kerberos_realm;
push(@switches, "--kerberos-keytab='$kerberos_keytab'") if $kerberos_keytab;
push(@switches, "--with-dafs") if $with_dafs;
push(@switches, "--options-ptserver='$options_ptserver'") if $options_ptserver;
push(@switches, "--options-vlserver='$options_vlserver'") if $options_vlserver;
push(@switches, "--options-fileserver='$options_fileserver'") if $options_fileserver;
push(@switches, "--options-volserver='$options_volserver'") if $options_volserver;;
push(@switches, "--options-salvageserver='$options_salvageserver'") if $options_salvageserver;;
push(@switches, "--options-salvager='$options_salvager'") if $options_salvager;
open(SCRIPT, "> $script") or die "error: Cannot open file $script: $!\n";
print SCRIPT "#!/bin/sh\n";
print SCRIPT "perl afs-newcell.pl \\\n";
print SCRIPT join(" \\\n", map(" $_", @switches));
print SCRIPT "\n\n";
close SCRIPT;
chmod(0755, $script);
} }
} }
@ -358,9 +423,8 @@ if ($debug) {
print "debug: afs-newcell options\n"; print "debug: afs-newcell options\n";
print "debug: \$batch = '$batch'\n"; print "debug: \$batch = '$batch'\n";
print "debug: \$debug = '$debug'\n"; print "debug: \$debug = '$debug'\n";
print "debug: \$dont_unwind = '$dont_unwind'\n"; print "debug: \$unwind = '$unwind'\n";
print "debug: \$help = '$help'\n"; print "debug: \$help = '$help'\n";
print "debug: \$ostype = '$ostype'\n";
print "debug: \$server = '$server'\n"; print "debug: \$server = '$server'\n";
print "debug: \$cellname = '$cellname'\n"; print "debug: \$cellname = '$cellname'\n";
print "debug: \$partition = '$partition'\n"; print "debug: \$partition = '$partition'\n";
@ -368,51 +432,77 @@ if ($debug) {
print "debug: \$kerberos_type = '$kerberos_type'\n"; print "debug: \$kerberos_type = '$kerberos_type'\n";
print "debug: \$kerberos_realm = '$kerberos_realm'\n"; print "debug: \$kerberos_realm = '$kerberos_realm'\n";
print "debug: \$kerberos_keytab = '$kerberos_keytab'\n"; print "debug: \$kerberos_keytab = '$kerberos_keytab'\n";
print "debug: \$skip_make_keyfile = '$skip_make_keyfile'\n";
print "debug: \$with_dafs = '$with_dafs'\n"; print "debug: \$with_dafs = '$with_dafs'\n";
print "debug: \$options_pteserver = '$options_ptserver'\n";
print "debug: \$options_pteserver = '$options_vlserver'\n";
print "debug: \$options_fileserver = '$options_fileserver'\n"; print "debug: \$options_fileserver = '$options_fileserver'\n";
print "debug: \$options_volserver = '$options_volserver'\n"; print "debug: \$options_volserver = '$options_volserver'\n";
print "debug: \$options_salvageserver = '$options_salvageserver'\n"; print "debug: \$options_salvageserver = '$options_salvageserver'\n";
print "debug: \$options_salvager = '$options_salvager'\n"; print "debug: \$options_salvager = '$options_salvager'\n";
} }
#-----------------------------------------------------------------------------
# Prereq: Sanity check the forward and reverse name resolution.
# #
# Create an auth object for the type of kerberos if ($server eq 'localhost') {
# to be used for authentication in our cell. die "error: localhost is not a valid --server parameter. Use the ip hostname of this machine.\n";
}
my $packed_ip = gethostbyname($server);
unless (defined $packed_ip) {
die "error: gethostbyname failed, $?\n";
}
my $ip_from_name = inet_ntoa($packed_ip);
print "debug: $server ip address is $ip_from_name\n" if $debug;
if ($ip_from_name=~/^127/) {
die "error: Loopback address $ip_from_name cannot not be used for server $server. Check your /etc/hosts file.\n";
}
my $name_from_ip = gethostbyaddr($packed_ip, AF_INET);
print "debug: hostname of $ip_from_name is $name_from_ip\n" if $debug;
if ($name_from_ip ne $server) {
die "error: Name from ip $name_from_ip does not match ip from name $ip_from_name for --server $server. ".
" Use the correct --server parameter and verify forward and reverse name resolution is working.\n";
}
#-----------------------------------------------------------------------------
# Prereq: The vice partition must be available and empty.
# #
unless ($partition=~/^(([a-z])|([a-h][a-z])|([i][a-v]))$/) {
die "error: Invalid partition id specified: $partition. Valid values are a..z and aa..iv\n";
}
unless ( -d "/vicep$partition" ) {
die "error: Missing fileserver partition, /vicep$partition\n";
}
if ( -d "/vicep$partition/AFSIDat" ) {
die "error: Fileserver partition is not empty. /vicep$partition/AFSIDat needs to be removed.\n";
}
open(LS, "ls /vicep$partition |") or
die "error: ls /vicep$partition failed, $!\n";
while (<LS>) {
chomp;
if (/^V\d+.vol$/) {
die "error: Fileserver partition, /vicep$partition, is not empty.\n";
}
}
close LS;
# Prereq: authorization and platform specific objects.
my $auth = OpenAFS::Auth::create( my $auth = OpenAFS::Auth::create(
'debug'=>$debug, 'debug'=>$debug,
'type'=>$kerberos_type, 'type'=>$kerberos_type,
'cell'=>$cellname, 'cell'=>$cellname,
'realm'=>$kerberos_realm, 'realm'=>$kerberos_realm,
'keytab'=>$kerberos_keytab, 'keytab'=>$kerberos_keytab,
'admin'=>$admin,
); );
my $os = OpenAFS::OS::create( my $os = OpenAFS::OS::create(
'debug'=>$debug, 'debug'=>$debug,
'ostype'=>$ostype,
); );
# #-----------------------------------------------------------------------------
# Sanity checks before we begin. Make sure we have correct # Prereq: Sanity check admin username and convert kerberos 5 notation to afs.
# binaries, directories, and permissions.
#
my $bosserver = "$path->{'afssrvsbindir'}/bosserver";
my $bos = "$path->{'afssrvbindir'}/bos";
my $fs = "$path->{'afssrvbindir'}/fs";
my $pts = "$path->{'afssrvbindir'}/pts";
my $vos = "$path->{'afssrvsbindir'}/vos";
check_program($bosserver);
check_program($bos);
check_program($fs);
check_program($pts);
check_program($vos);
#
# Sanity check admin username and convert kerberos 5 notation to afs.
# #
if ($admin =~ /@/) { if ($admin =~ /@/) {
die "error: Please specify the username without the realm name.\n"; die "error: Please specify the username without the realm name.\n";
@ -420,20 +510,51 @@ if ($admin =~ /@/) {
my $username = $admin; my $username = $admin;
$username=~s:/:.:g; # convert kerberos separators to afs separators. $username=~s:/:.:g; # convert kerberos separators to afs separators.
# Shutdown the client and server, if running. #-----------------------------------------------------------------------------
# Prereq: Save the paths and setup configuration in a form that is easily
# read by the shell scripts.
#
open(CONF, "> dirpath.conf") or die "error: Cannot open file dirpath.conf for writing: $!\n";
my ($n, $v);
while(($n,$v)=each(%{$path})) {
print CONF "$n=$v\n";
}
close CONF;
open(CONF, "> run-tests.conf") or die "error: Cannot open file run-tests.conf for writing: $!\n";
print CONF <<"__CONF__";
CELLNAME=$cellname
PARTITION=$partition
ADMIN=$admin
KERBEROS_TYPE=$kerberos_type
KERBEROS_REALM=$kerberos_realm
KERBEROS_KEYTAB=$kerberos_keytab
__CONF__
close CONF;
unless ($batch) {
my $answer = prompt("Last chance to cancel before setup begins. Continue? (yes/no)", "yes");
exit(0) unless $answer=~/^y/i;
}
#-----------------------------------------------------------------------------
# Prereq: Shutdown the client and server, if running.
#
run($os->command('client-stop')); run($os->command('client-stop'));
run($os->command('fileserver-stop')); run($os->command('fileserver-stop'));
#-----------------------------------------------------------------------------
# Prereq: Verify the server processes are not running.
# #
# Attempt the client setup for this system before we try to create the cell. foreach my $program ('bosserver', 'ptserver', 'vlserver', 'kaserver', 'fileserver') {
# die "error: program is already running, $program\n" if $os->number_running($program);
}
#-----------------------------------------------------------------------------
# Perform Platform-Specific Procedures
$os->configure_client(); $os->configure_client();
# #-----------------------------------------------------------------------------
# Create the initial server configuration and the server administrator, temporarily running # WORKAROUND:
# with -noauth.
#
# bosserver attempts to create the following directories with these limited # bosserver attempts to create the following directories with these limited
# permissions. However, bosserver does not create parent directories as needed, so # permissions. However, bosserver does not create parent directories as needed, so
# the directories are not successfully created when they are more than one level # the directories are not successfully created when they are more than one level
@ -451,158 +572,219 @@ run("chmod 0700 $path->{'afsdbdir'}");
run("chmod 0755 $path->{'afslogsdir'}"); run("chmod 0755 $path->{'afslogsdir'}");
run("chmod 0777 $path->{'viceetcdir'}"); run("chmod 0777 $path->{'viceetcdir'}");
#-----------------------------------------------------------------------------
# Starting the BOS Server
#
# Start the bosserver and create the initial server configuration.
# Authorization is disabled by the -noauth flag.
#
print "debug: Starting bosserver...\n" if $debug; print "debug: Starting bosserver...\n" if $debug;
run("$path->{'afssrvsbindir'}/bosserver -noauth"); run("$path->{'afssrvsbindir'}/bosserver -noauth");
if ($unwind) {
unwind($os->command('remove', "$path->{'afsconfdir'}/ThisCell")); unwind($os->command('remove', "$path->{'afsconfdir'}/ThisCell"));
unwind($os->command('remove', "$path->{'afsconfdir'}/CellServDB")); unwind($os->command('remove', "$path->{'afsconfdir'}/CellServDB"));
unwind($os->command('remove', "$path->{'afsconfdir'}/UserList")); unwind($os->command('remove', "$path->{'afsconfdir'}/UserList"));
unwind($os->command('remove', "$path->{'afsbosconfigdir'}/BosConfig")); unwind($os->command('remove', "$path->{'afsbosconfigdir'}/BosConfig"));
unwind($os->command('fileserver-stop')); unwind($os->command('fileserver-stop'));
run("$bos setcellname $server $cellname -localauth");
run("$bos addhost $server $server -localauth");
run("$bos adduser $server $username -localauth");
unwind("$bos removeuser $server $username -localauth");
#
# Create the AFS KeyFile. (This must be done after bosserver creates the configuration files.)
#
unless ($skip_make_keyfile) {
print "debug: Making the keyfile...\n" if $debug;
$auth->make_keyfile();
} }
unless ( -f "$path->{'afsconfdir'}/KeyFile") { sleep(10); # allow bosserver some time to start accepting connections...
die "You do not have an AFS keyfile. Please create this using asetkey or the bos addkey command.\n";
#-----------------------------------------------------------------------------
# Defining Cell Name and Membership for Server Processes
#
run("$bos setcellname $server $cellname -noauth");
run("$bos addhost $server $server -noauth");
run("$bos adduser $server $username -noauth");
if ($unwind) {
unwind("$bos removeuser $server $username -noauth");
} }
# make the krb.conf file if the realm name is different than the cell name. # WORKAROUND:
$auth->make_krb_config(); # The initial bosserver startup may create CellServDB entry which does
# not match the host name retured by gethostbyaddr(). This entry will
# cause ptserver/vlserver quorum errors and so is removed.
open(HOSTS, "$bos listhosts $server |") or
die "error: failed to run bos listhosts, $?\n";
my @hosts = <HOSTS>;
close HOSTS;
foreach (@hosts) {
chomp;
if (/^\s+Host \d+ is (.*)/) {
my $host = $1;
print "debug: bos listhosts: host=[$host]\n" if $debug;
if ($host ne $name_from_ip) {
print "debug: removing invalid host '$host' from CellServDB.\n" if $debug;
run("$bos removehost $server $host -noauth");
}
}
}
# #-----------------------------------------------------------------------------
# Start up the ptserver and vlserver. # Starting the Database Server Processes
# #
print "debug: Starting the ptserver and vlserver...\n" if $debug; print "debug: Starting the ptserver and vlserver...\n" if $debug;
run("$bos create $server ptserver simple $path->{'afssrvlibexecdir'}/ptserver -localauth"); run("$bos create $server ptserver simple -cmd \"$path->{'afssrvlibexecdir'}/ptserver $options_ptserver\" -noauth");
if ($unwind) {
unwind($os->command('remove', "$path->{'afsdbdir'}/prdb.DB0")); unwind($os->command('remove', "$path->{'afsdbdir'}/prdb.DB0"));
unwind($os->command('remove', "$path->{'afsdbdir'}/prdb.DBSYS1")); unwind($os->command('remove', "$path->{'afsdbdir'}/prdb.DBSYS1"));
unwind("$bos delete $server ptserver -localauth"); unwind("$bos delete $server ptserver -noauth");
unwind("$bos stop $server ptserver -localauth"); unwind("$bos stop $server ptserver -noauth");
}
run("$path->{'afssrvbindir'}/bos create $server vlserver simple $path->{'afssrvlibexecdir'}/vlserver -localauth"); run("$bos create $server vlserver simple -cmd \"$path->{'afssrvlibexecdir'}/vlserver $options_vlserver\" -noauth");
if ($unwind) {
unwind($os->command('remove', "$path->{'afsdbdir'}/vldb.DB0")); unwind($os->command('remove', "$path->{'afsdbdir'}/vldb.DB0"));
unwind($os->command('remove', "$path->{'afsdbdir'}/vldb.DBSYS1")); unwind($os->command('remove', "$path->{'afsdbdir'}/vldb.DBSYS1"));
unwind("$bos delete $server vlserver -localauth"); unwind("$bos delete $server vlserver -noauth");
unwind("$bos stop $server vlserver -localauth"); unwind("$bos stop $server vlserver -noauth");
#
# Start the file server.
#
print "debug: Starting the fileserver...\n" if $debug;
if ($with_dafs) {
run( "$bos create $server dafs dafs ".
"-cmd $path->{'afssrvlibexecdir'}/fileserver $options_fileserver ".
"-cmd $path->{'afssrvlibexecdir'}/volserver $options_volserver ".
"-cmd $path->{'afssrvlibexecdir'}/salvageserver $options_salvageserver".
"-cmd $path->{'afssrvlibexecdir'}/salvager $options_salvager".
"-localauth");
} }
else {
run( "$bos create $server fs fs ". if ($kerberos_type =~ /kaserver/i) {
"-cmd $path->{'afssrvlibexecdir'}/fileserver $options_fileserver ". print "warning: kaserver is deprecated!\n";
"-cmd $path->{'afssrvlibexecdir'}/volserver $options_volserver ". run("$bos create $server kaserver simple -cmd \"$path->{'afssrvlibexecdir'}/kaserver $options_vlserver\" -noauth");
"-cmd $path->{'afssrvlibexecdir'}/salvager $options_salvager ". if ($unwind) {
"-localauth"); unwind($os->command('remove', "$path->{'afsdbdir'}/kaserver.DB0"));
unwind($os->command('remove', "$path->{'afsdbdir'}/kaserver.DBSYS1"));
unwind("$bos delete $server kaserver -noauth");
unwind("$bos stop $server kaserver -noauth");
}
} }
unwind("$bos delete $server fs -localauth ");
unwind("$bos stop $server fs -localauth ");
# sleep(10); # to allow the database servers to start servicing requests.
# Create the AFS administrator (with the same name as the server administrator).
#
print "debug: Creating users...\n" if $debug;
sleep(10); # wait to avoid "no quorum elected" errors.
#-----------------------------------------------------------------------------
# Initializing Cell Security
#
# Create the AFS administrative account and the AFS server encryption key.
# Make the krb.conf file if the realm name is different than the cell name.
$auth->make_krb_config();
$auth->make_keyfile();
unless ( -f "$path->{'afsconfdir'}/KeyFile") {
die "Failed to create $path->{'afsconfdir'}/KeyFile. Please create this using asetkey or the bos addkey command.\n";
}
print "debug: Creating admin user...\n" if $debug;
run("$pts createuser -name $username -cell $cellname -noauth"); run("$pts createuser -name $username -cell $cellname -noauth");
run("$pts adduser $username system:administrators -cell $cellname -noauth"); run("$pts adduser $username system:administrators -cell $cellname -noauth");
run("$pts membership $username -cell $cellname -noauth"); run("$pts membership $username -cell $cellname -noauth");
print "debug: Restarting the database servers to use the new encryption key.\n" if $debug;
run("$bos restart $server -all -noauth");
sleep(10); # to allow the database servers to start servicing requests.
#-----------------------------------------------------------------------------
# Starting the File Server, Volume Server, and Salvager
# #
# Create the root afs volume. print "debug: Starting the fileserver...\n" if $debug;
# if ($with_dafs) {
run( "$bos create $server dafs dafs ".
"-cmd \"$path->{'afssrvlibexecdir'}/fileserver $options_fileserver\" ".
"-cmd \"$path->{'afssrvlibexecdir'}/volserver $options_volserver\"".
"-cmd \"$path->{'afssrvlibexecdir'}/salvageserver $options_salvageserver\" ".
"-cmd \"$path->{'afssrvlibexecdir'}/salvager $options_salvager\" ".
"-noauth");
if ($unwind) {
unwind("$bos delete $server dafs -noauth");
unwind("$bos stop $server dafs -noauth");
}
}
else {
run( "$bos create $server fs fs ".
"-cmd \"$path->{'afssrvlibexecdir'}/fileserver $options_fileserver\" ".
"-cmd \"$path->{'afssrvlibexecdir'}/volserver $options_volserver\" ".
"-cmd \"$path->{'afssrvlibexecdir'}/salvager $options_salvager\" ".
"-noauth");
if ($unwind) {
unwind("$bos delete $server fs -noauth");
unwind("$bos stop $server fs -noauth");
}
}
# Create the root.afs volume.
print "debug: Creating root.afs volume...\n" if $debug; print "debug: Creating root.afs volume...\n" if $debug;
run("$vos create $server $partition root.afs -cell $cellname -noauth"); run("$vos create $server $partition root.afs -cell $cellname -noauth");
if ($unwind) {
unwind($os->command('remove', "$partition/AFSIDat ")); unwind($os->command('remove', "$partition/AFSIDat "));
unwind($os->command('remove', "$partition/V*.vol")); unwind($os->command('remove', "$partition/V*.vol"));
unwind($os->command('remove', "$partition/Lock")); unwind($os->command('remove', "$partition/Lock"));
unwind("$vos remove $server $partition root.afs -cell $cellname -noauth"); unwind("$vos remove $server $partition root.afs -cell $cellname -localauth");
}
# The initial configuration is done, turn on authorization checking. #-----------------------------------------------------------------------------
#run("$bos setauth $server -authrequired on -cell $cellname -localauth"); # Installing Client Functionality
# unwind("$bos setauth $server -authrequired off -cell $cellname -localauth");
#
# Bring up the AFS client.
# #
print "debug: Starting the OpenAFS client...\n" if $debug; print "debug: Starting the OpenAFS client...\n" if $debug;
run($os->command('client-start')); run($os->command('client-start'));
if ($unwind) {
unwind($os->command('client-stop')); unwind($os->command('client-stop'));
}
#
# Run as the administrator. # Run as the administrator.
# $auth->authorize();
$auth->authorize($admin);
#-----------------------------------------------------------------------------
# Configuring the Top Levels of the AFS Filespace
# #
# Create the root cell volumes, read-only and read-write. print "debug: Creating the volumes...\n" if $debug;
#
print "debug: Creating the root volumes...\n" if $debug;
run("$fs setacl /afs system:anyuser rl"); run("$fs setacl /afs system:anyuser rl");
run("$vos create $server $partition root.cell -localauth"); run("$vos create $server $partition root.cell");
if ($unwind) {
unwind("$vos remove $server $partition root.cell -localauth"); unwind("$vos remove $server $partition root.cell -localauth");
}
run("$fs mkmount /afs/$cellname root.cell -cell $cellname -fast"); run("$fs mkmount /afs/$cellname root.cell -cell $cellname -fast");
if ($unwind) {
unwind("$fs rmmount /afs/$cellname"); unwind("$fs rmmount /afs/$cellname");
}
run("$fs setacl /afs/$cellname system:anyuser rl"); run("$fs setacl /afs/$cellname system:anyuser rl");
run("$fs mkmount /afs/.$cellname root.cell -cell $cellname -rw"); run("$fs mkmount /afs/.$cellname root.cell -cell $cellname -rw");
if ($unwind) {
unwind("$fs rmmount /afs/.$cellname"); unwind("$fs rmmount /afs/.$cellname");
}
#run("$fs mkmount /afs/.root.afs root.afs -rw"); run("$fs examine /afs");
# unwind("$fs rmmmount /afs/.root.afs"); run("$fs examine /afs/$cellname");
run("$vos addsite $server $partition root.afs");
run("$vos addsite $server $partition root.cell");
run("$vos release root.cell");
run("$vos release root.afs");
run("$fs checkvolumes"); # so client notices the releases
print "debug: the following should show root.afs.readonly\n" if $debug;
run("$fs examine /afs");
print "debug: the following should show root.cell.readonly\n" if $debug;
run("$fs examine /afs/$cellname");
print "debug: the following should show root.cell\n" if $debug;
run("$fs examine /afs/.$cellname");
#
# Create some volumes in our new cell. # Create some volumes in our new cell.
#
print "debug: Creating the test volumes...\n" if $debug; print "debug: Creating the test volumes...\n" if $debug;
mkvol("user", "/afs/$cellname/user", $server, $partition); mkvol("user", "/afs/.$cellname/user", $server, $partition);
mkvol("service", "/afs/$cellname/service", $server, $partition); mkvol("service", "/afs/.$cellname/service", $server, $partition);
mkvol("unrep", "/afs/$cellname/unreplicated", $server, $partition); mkvol("unrep", "/afs/.$cellname/unreplicated", $server, $partition);
mkvol("rep", "/afs/.$cellname/replicated", $server, $partition);
# make a read-only volume run("$vos addsite $server $partition rep");
mkvol("rep", "/afs/$cellname/.replicated", $server, $partition); if ($unwind) {
run("$fs mkmount /afs/$cellname/replicated rep.readonly"); unwind("$vos remsite $server $partition rep");
run("$vos addsite $server $partition rep -localauth"); }
run("$vos release rep -localauth"); run("$vos release rep");
unwind("$vos remove $server $partition rep.readonly -localauth"); run("$fs mkmount /afs/.$cellname/.replicated rep -rw");
run("$fs setacl /afs/.$cellname/.replicated system:anyuser rl");
# Show the new volumes in the read-only path.
# run("$vos release root.cell");
# Create readonly volumes of our roots.
#
run("$vos addsite $server $partition root.afs -localauth");
run("$vos addsite $server $partition root.cell -localauth");
run("$vos release root.afs -localauth");
run("$vos release root.cell -localauth");
unwind("$vos remove $server $partition root.cell.readonly -localauth");
unwind("$vos remove $server $partition root.afs.readonly -localauth");
# done. # done.
@unwinds = (); # clear unwinds @unwinds = (); # clear unwinds
print "info: DONE\n";
END { END {
if (!$dont_unwind && scalar @unwinds) { if ($unwind && scalar @unwinds) {
print "\ninfo: Error encountered, unwinding...\n"; print "\ninfo: Error encountered, unwinding...\n";
while (@unwinds) { while (@unwinds) {
eval { eval {

14
src/tests/afs-rmcell.pl
View File

@ -65,10 +65,12 @@ unless ($partition_id=~/^(([a-z])|([a-h][a-z])|([i][a-v]))$/) {
unless ($batch) { unless ($batch) {
my $rl = new Term::ReadLine('afs-rmcell'); my $rl = new Term::ReadLine('afs-rmcell');
print "\n*** WARNING!! WARNING!! WARNING!! *** \n"; print "\n*** WARNING !! WARNING !! WARNING !! *** \n\n";
print "You are about to permanently DESTROY the OpenAFS configuration, database, and volumes on this machine!\n\n"; print "You are about to permanently DESTROY the OpenAFS\n";
my $answer = $rl->readline("Do you really want to destroy the AFS cell data? (y/n) [n] "); print "configuration, databases, and volumes on this machine!\n";
unless ($answer=~/^y/i ) { my $answer = $rl->readline("Do you really want to destroy the AFS cell? (destroy/no) [no] ");
unless ($answer eq "destroy" ) {
print "info: must answer 'destroy' to continue.\n" if $answer!~/^n/i;
print "info: Aborted.\n"; print "info: Aborted.\n";
exit 0; exit 0;
} }
@ -87,6 +89,8 @@ $os->remove("$path->{'afsdbdir'}/prdb.DB0");
$os->remove("$path->{'afsdbdir'}/prdb.DBSYS1"); $os->remove("$path->{'afsdbdir'}/prdb.DBSYS1");
$os->remove("$path->{'afsdbdir'}/vldb.DB0"); $os->remove("$path->{'afsdbdir'}/vldb.DB0");
$os->remove("$path->{'afsdbdir'}/vldb.DBSYS1"); $os->remove("$path->{'afsdbdir'}/vldb.DBSYS1");
$os->remove("$path->{'afsdbdir'}/kaserver.DB0");
$os->remove("$path->{'afsdbdir'}/kaserver.DBSYS1");
$os->remove("$path->{'afsbosconfigdir'}/BosConfig"); $os->remove("$path->{'afsbosconfigdir'}/BosConfig");
$os->remove("$path->{'afslogsdir'}/*"); $os->remove("$path->{'afslogsdir'}/*");
$os->remove("$path->{'afslocaldir'}/*"); $os->remove("$path->{'afslocaldir'}/*");
@ -95,6 +99,8 @@ $os->remove("$path->{'afsconfdir'}/ThisCell");
$os->remove("$path->{'afsconfdir'}/CellServDB"); $os->remove("$path->{'afsconfdir'}/CellServDB");
$os->remove("$path->{'afsconfdir'}/KeyFile"); $os->remove("$path->{'afsconfdir'}/KeyFile");
$os->remove("$path->{'afsconfdir'}/krb.conf"); $os->remove("$path->{'afsconfdir'}/krb.conf");
$os->remove("$path->{'afsddir'}/ThisCell");
$os->remove("$path->{'afsddir'}/CellServDB");
$os->remove("/vicep$partition_id/AFSIDat "); $os->remove("/vicep$partition_id/AFSIDat ");
$os->remove("/vicep$partition_id/V*.vol"); $os->remove("/vicep$partition_id/V*.vol");
$os->remove("/vicep$partition_id/Lock"); $os->remove("/vicep$partition_id/Lock");

17
src/tests/run-tests.in
View File

@ -8,10 +8,13 @@ if test -f dirpath.conf; then
. dirpath.conf . dirpath.conf
else else
echo "error: Missing dirpath.conf file, try make dirpath.conf" echo "error: Missing dirpath.conf file, try make dirpath.conf"
exit 1
fi fi
if test -f run-test.conf; then if test -f run-tests.conf; then
. run-test.conf . run-tests.conf
else
echo "warning: Missing run-tests.conf, using default values."
fi fi
@ -372,6 +375,12 @@ objdir=`cd $objdir; pwd`
export srcdir export srcdir
export objdir export objdir
# login
if [ "$KERBEROS_TYPE" != "kaserver" ] ; then
kinit -k -t $KERBEROS_KEYTAB $ADMIN || exit 1;
$afswsbindir/aklog -d -c $CELLNAME || exit 1;
fi
echo "-------------------------------------------------" echo "-------------------------------------------------"
echo "$PACKAGE-$VERSION" echo "$PACKAGE-$VERSION"
echo "hosttype $host" echo "hosttype $host"
@ -401,6 +410,10 @@ for a in $RUNTESTS; do
else else
b="${objdir}/$a" b="${objdir}/$a"
fi fi
if test "`echo $a | cut -c1`" = "#" ; then # tests to skip
echo "Skipping $a"
continue
fi
echo "Running $a" echo "Running $a"
test "X$VERBOSE" != "X" && echo "Running test $a ($b)." test "X$VERBOSE" != "X" && echo "Running test $a ($b)."
if test "$a" = "setgroups" ; then if test "$a" = "setgroups" ; then