Author: arkurth
Date: Wed Jul 23 17:04:47 2014
New Revision: 1612875
URL: http://svn.apache.org/r1612875
Log:
VCL-770
Added pre_capture and prepare_post_load subroutines to 8.pm. These configure
the image to run a scheduled task to configure sshd when the image loads
instead of having root log in and run the script via the Startup folder. This
is necessary to allow the script to run with Administrator privileges with UAC
enabled. A scheduled task can run as Administrator fairly easily. Startup
folder scripts cannot.
Other
Rearranged Windows.pm::pre_capture. It was not locking down RDP and setting the
Administrator password as the first steps. This was allowing an image creator
to log back in during the capture process.
Modified:
vcl/trunk/managementnode/lib/VCL/Module/OS/Windows.pm
vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6/8.pm
Modified: vcl/trunk/managementnode/lib/VCL/Module/OS/Windows.pm
URL:
http://svn.apache.org/viewvc/vcl/trunk/managementnode/lib/VCL/Module/OS/Windows.pm?rev=1612875&r1=1612874&r2=1612875&view=diff
==============================================================================
--- vcl/trunk/managementnode/lib/VCL/Module/OS/Windows.pm (original)
+++ vcl/trunk/managementnode/lib/VCL/Module/OS/Windows.pm Wed Jul 23 17:04:47
2014
@@ -277,6 +277,17 @@ sub pre_capture {
=item 1
+ Disable RDP access from any IP address
+
+=cut
+
+ if (!$self->firewall_disable_rdp()) {
+ notify($ERRORS{'WARNING'}, 0, "unable to disable RDP from all
addresses");
+ return 0;
+ }
+
+=item *
+
Log off all currently logged in users
=cut
@@ -288,6 +299,17 @@ sub pre_capture {
=item *
+ Set Administrator account password to known value
+
+=cut
+
+ if (!$self->set_password('Administrator', $WINDOWS_ROOT_PASSWORD)) {
+ notify($ERRORS{'WARNING'}, 0, "unable to set Administrator
password");
+ return 0;
+ }
+
+=item *
+
Set root account password to known value
=cut
@@ -305,7 +327,7 @@ sub pre_capture {
my $deleted_user = $self->delete_user();
if (!$deleted_user) {
- notify($ERRORS{'WARNING'}, 0, "unable to delete user, will try
again after reboot");
+ notify($ERRORS{'DEBUG'}, 0, "unable to delete user, will try
again after reboot");
}
=item *
@@ -455,16 +477,6 @@ sub pre_capture {
notify($ERRORS{'WARNING'}, 0, "unable to disable IE
configuration");
}
-#=item *
-#
-# Disable Windows Defender
-#
-#=cut
-#
-# if (!$self->disable_windows_defender()) {
-# notify($ERRORS{'WARNING'}, 0, "unable to disable Windows
Defender");
-# }
-
=item *
Disable Automatic Updates
@@ -565,17 +577,6 @@ sub pre_capture {
=item *
- Disable RDP access from any IP address
-
-=cut
-
- if (!$self->firewall_disable_rdp()) {
- notify($ERRORS{'WARNING'}, 0, "unable to disable RDP from all
addresses");
- return 0;
- }
-
-=item *
-
Enable SSH access from any IP address
=cut
@@ -656,7 +657,7 @@ sub post_load {
my $computer_node_name = $self->data->get_computer_node_name();
notify($ERRORS{'OK'}, 0, "beginning Windows post-load tasks on
$computer_node_name");
-
+
=item 1
Wait for computer to respond to SSH
@@ -4275,7 +4276,7 @@ sub get_scheduled_task_info {
}
$self->{scheduled_task_info} = $scheduled_task_info;
- notify($ERRORS{'DEBUG'}, 0, "found " . scalar(keys
%$scheduled_task_info) . " scheduled tasks:\n" . join("\n", sort
keys(%$scheduled_task_info)));
+ notify($ERRORS{'DEBUG'}, 0, "found " . scalar(keys
%$scheduled_task_info) . " scheduled tasks");
return $scheduled_task_info;
}
@@ -7124,7 +7125,7 @@ EOF
my $total_wait_seconds = 120;
notify($ERRORS{'OK'}, 0, "started cleanmgr.exe, waiting up to
$total_wait_seconds seconds for it to finish");
- if
($self->code_loop_timeout(sub{!$self->is_process_running(@_)},
['cleanmgr.exe'], $message, $total_wait_seconds, 5)) {
+ if
($self->code_loop_timeout(sub{!$self->is_process_running(@_)},
['cleanmgr.exe'], $message, $total_wait_seconds, 15)) {
notify($ERRORS{'DEBUG'}, 0, "cleanmgr.exe has
finished");
}
else {
Modified: vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6/8.pm
URL:
http://svn.apache.org/viewvc/vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6/8.pm?rev=1612875&r1=1612874&r2=1612875&view=diff
==============================================================================
--- vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6/8.pm (original)
+++ vcl/trunk/managementnode/lib/VCL/Module/OS/Windows/Version_6/8.pm Wed Jul
23 17:04:47 2014
@@ -20,15 +20,11 @@
=head1 NAME
-VCL::Module::OS::Windows::Version_6::8.pm - VCL module to support Windows 8.x
operating system
-
-=head1 SYNOPSIS
-
- Needs to be written
+VCL::Module::OS::Windows::Version_6::8.pm - VCL module to support deployment
of Windows 8.x operating systems
=head1 DESCRIPTION
- This module provides VCL support for Windows 8.x.
+ This module provides support for the deployment of Windows 8.x operating
systems.
=cut
@@ -65,12 +61,150 @@ use VCL::utils;
Data type : Scalar
Description : Location on management node of script/utilty/configuration
files needed to configure the OS. This is normally the
- directory under the 'tools' directory
specific to this OS.
+ directory under the 'tools' directory specific to this OS. For
+ Windows 8, the directory is:
+ tools/Windows_8
=cut
our $SOURCE_CONFIGURATION_DIRECTORY = "$TOOLS/Windows_8";
+##############################################################################
+
+=head1 OBJECT METHODS
+
+=cut
+
+#/////////////////////////////////////////////////////////////////////////////
+
+=head2 pre_capture
+
+ Parameters : Hash containing 'end_state' key (optional)
+ Returns : boolean
+ Description : Performs the steps necessary before a Windows 8.x image is
+ captured.
+
+=over 3
+
+=cut
+
+sub pre_capture {
+ my $self = shift;
+ my $args = shift;
+ if (ref($self) !~ /windows/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a
function, it must be called as a class method");
+ return;
+ }
+
+=item 1
+
+Call parent class's pre_capture subroutine
+
+=cut
+
+ # Call parent class's pre_capture() subroutine
+ notify($ERRORS{'OK'}, 0, "calling parent class pre_capture()
subroutine");
+ if (!$self->SUPER::pre_capture($args)) {
+ notify($ERRORS{'WARNING'}, 0, "failed to execute parent class
pre_capture() subroutine");
+ return;
+ }
+
+ notify($ERRORS{'OK'}, 0, "beginning Windows 8 image capture preparation
tasks");
+
+=item *
+
+Prepare the computer for Sysprep or prepare the non-Sysprep post_load steps
+
+=cut
+
+ if ($self->data->get_imagemeta_sysprep()) {
+ if (!$self->run_sysprep()) {
+ notify($ERRORS{'WARNING'}, 0, "capture preparation
failed, failed to run Sysprep");
+ return;
+ }
+ }
+ else {
+ if (!$self->prepare_post_load()) {
+ notify($ERRORS{'WARNING'}, 0, "capture preparation
failed, failed to run prepare post_load");
+ return;
+ }
+ }
+
+=back
+
+=cut
+
+ notify($ERRORS{'OK'}, 0, "returning 1");
+ return 1;
+} ## end sub pre_capture
+
+#/////////////////////////////////////////////////////////////////////////////
+
+=head2 prepare_post_load
+
+ Parameters : none
+ Returns : boolean
+ Description : This subroutine should be called as the last step before an
image
+ is captured if Sysprep is not is used. It prepares the computer
+ to perform the necessary tasks after the image is loaded and the
+ computer boots.
+
+=cut
+
+sub prepare_post_load {
+ my $self = shift;
+ if (ref($self) !~ /windows/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a
function, it must be called as a class method");
+ return;
+ }
+
+ my $computer_node_name = $self->data->get_computer_node_name();
+ my $end_state = $self->{end_state} || 'off';
+
+ # Set the DevicePath registry key
+ # This is used to locate device drivers
+ if (!$self->set_device_path_key()) {
+ notify($ERRORS{'WARNING'}, 0, "failed to set the DevicePath
registry key");
+ return;
+ }
+
+ # Get the node configuration directory
+ my $node_configuration_directory =
$self->get_node_configuration_directory();
+ if (!$node_configuration_directory) {
+ notify($ERRORS{'WARNING'}, 0, "node configuration directory
could not be determined");
+ return;
+ }
+
+ # Set the sshd service startup mode to disabled so that it does not
start up until properly configured
+ if (!$self->set_service_startup_mode('sshd', 'disabled')) {
+ notify($ERRORS{'WARNING'}, 0, "sshd service could not be
disabled before shutting down computer");
+ return;
+ }
+
+ # Make sure any old log files are deleted
+ $self->delete_file("$node_configuration_directory/Logs/*");
+
+ # Create a scheduled task to run post_load.cmd when the image boots
+ my $task_name = 'VCL Post Load';
+ my $task_command =
"$node_configuration_directory/Scripts/post_load.cmd >
$node_configuration_directory/Logs/post_load.log";
+ my $task_user = 'root';
+ my $task_password = $WINDOWS_ROOT_PASSWORD;
+ if (!$self->create_startup_scheduled_task($task_name, $task_command,
$task_user, $task_password)) {
+ notify($ERRORS{'WARNING'}, 0, "failed to create '$task_name'
scheduled task");
+ return;
+ }
+
+ # Shut down computer unless end_state argument was passed with a value
other than 'off'
+ if ($end_state eq 'off') {
+ if (!$self->shutdown(1)) {
+ notify($ERRORS{'WARNING'}, 0, "failed to shut down
computer");
+ return;
+ }
+ }
+
+ return 1;
+}
+
#/////////////////////////////////////////////////////////////////////////////
1;
