Author: fapeeler
Date: Mon May 7 17:31:44 2012
New Revision: 1335145
URL: http://svn.apache.org/viewvc?rev=1335145&view=rev
Log:
VCL-570
added routines to at least process a end-user request
- fixed reserve script to use changepassword routine
Modified:
incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux/Ubuntu.pm
Modified: incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux/Ubuntu.pm
URL:
http://svn.apache.org/viewvc/incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux/Ubuntu.pm?rev=1335145&r1=1335144&r2=1335145&view=diff
==============================================================================
--- incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux/Ubuntu.pm
(original)
+++ incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux/Ubuntu.pm Mon
May 7 17:31:44 2012
@@ -179,19 +179,24 @@ sub reserve {
}
- my $encrypted_pass;
- undef @sshcmd;
- @sshcmd = run_ssh_command($computer_node_name, $image_identity,
"/usr/bin/mkpasswd $reservation_password", "root");
- foreach my $l (@{$sshcmd[1]}) {
- $encrypted_pass = $l;
- notify($ERRORS{'DEBUG'}, 0, "Found the encrypted password as
$encrypted_pass");
+ if(!$self->changepasswd($user_name, $reservation_password) ) {
+ notify($ERRORS{'WARNING'}, 0, "Unable to change or set the
password for $user_name" );
+ return 0;
}
- undef @sshcmd;
- @sshcmd = run_ssh_command($computer_node_name, $image_identity,
"usermod -p $encrypted_pass $user_name", "root");
- foreach my $l (@{$sshcmd[1]}) {
- notify($ERRORS{'DEBUG'}, 0, "Updated the user password .... L
is $l");
- }
+ #my $encrypted_pass;
+ #undef @sshcmd;
+ #@sshcmd = run_ssh_command($computer_node_name, $image_identity,
"/usr/bin/mkpasswd $reservation_password", "root");
+ #foreach my $l (@{$sshcmd[1]}) {
+ # $encrypted_pass = $l;
+ # notify($ERRORS{'DEBUG'}, 0, "Found the encrypted password as
$encrypted_pass");
+ #}
+
+ #undef @sshcmd;
+ #@sshcmd = run_ssh_command($computer_node_name, $image_identity,
"usermod -p $encrypted_pass $user_name", "root");
+ #foreach my $l (@{$sshcmd[1]}) {
+ # notify($ERRORS{'DEBUG'}, 0, "Updated the user password .... L
is $l");
+ #}
#Check image profile for allowed root access
if ($imagemeta_rootaccess) {
@@ -416,13 +421,14 @@ sub changepasswd {
my $computer_short_name = $self->data->get_computer_short_name();
# change the privileged account passwords on the blade images
- my $node = shift;
my $account = shift;
my $passwd = shift;
- notify($ERRORS{'WARNING'}, 0, "node is not defined") if
(!(defined($node)));
- notify($ERRORS{'WARNING'}, 0, "account is not defined") if
(!(defined($account)));
-
+ if(!defined($account)) {
+ $account = $self->data->get_user_login_id();
+ }
+
+
$passwd = getpw(15) if (!(defined($passwd)));
my $command = "echo $account:$passwd | chpasswd";
@@ -522,9 +528,9 @@ sub generate_rc_local {
push(@array2print, 'echo "ListenAddress $IP0" >> /etc/ssh/sshd_config' .
"\n");
push(@array2print, 'echo "ListenAddress $IP1" >>
/etc/ssh/external_sshd_config' . "\n");
push(@array2print, 'service ext_sshd stop' . "\n");
- push(@array2print, 'service ssh reload' . "\n");
+ push(@array2print, 'service ssh stop' . "\n");
push(@array2print, 'sleep 2' . "\n");
- #push(@array2print, 'service sshd start' . "\n");
+ push(@array2print, 'service ssh start' . "\n");
push(@array2print, 'service ext_sshd start' . "\n");
#write to tmpfile
@@ -745,11 +751,198 @@ sub generate_ext_sshd_sysVinit {
#delete local tmpfile
unlink($tmpfile);
-exit;
return 1;
}
+#/////////////////////////////////////////////////////////////////////////////
+
+=head2 get_network_configuration
+
+ Parameters :
+ Returns : hash reference
+ Description : Retrieves the network configuration on the Linux computer and
+ constructs a hash. The hash reference returned is formatted as
+ follows:
+ |--%{eth0}
+ |--%{eth0}{default_gateway} '10.10.4.1'
+ |--%{eth0}{ip_address}
+ |--{eth0}{ip_address}{10.10.4.3} = '255.255.240.0'
+ |--{eth0}{name} = 'eth0'
+ |--{eth0}{physical_address} = '00:50:56:08:00:f8'
+
+=cut
+
+sub get_network_configuration {
+ my $self = shift;
+ if (ref($self) !~ /VCL::Module/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a function, it
must be called as a class method");
+ return;
+ }
+
+ # Check if the network configuration has already been retrieved and saved
in this object
+ return $self->{network_configuration} if ($self->{network_configuration});
+
+ # Run ipconfig
+ my $ifconfig_command = "/sbin/ifconfig -a";
+ my ($ifconfig_exit_status, $ifconfig_output) =
$self->execute($ifconfig_command);
+ if (!defined($ifconfig_output)) {
+ notify($ERRORS{'WARNING'}, 0, "failed to run command to retrieve network
configuration: $ifconfig_command");
+ return;
+ }
+
+ # Loop through the ifconfig output lines
+ my $network_configuration;
+ my $interface_name;
+ for my $ifconfig_line (@$ifconfig_output) {
+ # Extract the interface name from the Link line:
+ # eth2 Link encap:Ethernet HWaddr 00:0C:29:78:77:AB
+ if ($ifconfig_line =~ /^([^\s]+).*Link/) {
+ $interface_name = $1;
+ $network_configuration->{$interface_name}{name} = $interface_name;
+ }
+
+ # Skip to the next line if the interface name has not been determined yet
+ next if !$interface_name;
+
+ # Parse the HWaddr line:
+ # eth2 Link encap:Ethernet HWaddr 00:0C:29:78:77:AB
+ if ($ifconfig_line =~ /HWaddr\s+([\w:]+)/) {
+ $network_configuration->{$interface_name}{physical_address} = lc($1);
+ }
+
+ # Parse the IP address line:
+ # inet addr:10.10.4.35 Bcast:10.10.15.255 Mask:255.255.240.0
+ if ($ifconfig_line =~ /inet
addr:([\d\.]+)\s+Bcast:([\d\.]+)\s+Mask:([\d\.]+)/) {
+ $network_configuration->{$interface_name}{ip_address}{$1} = $3;
+ $network_configuration->{$interface_name}{broadcast_address} = $2;
+ }
+ }
+
+ # Run route
+ my $route_command = "/sbin/route -n";
+ my ($route_exit_status, $route_output) = $self->execute($route_command);
+ if (!defined($route_output)) {
+ notify($ERRORS{'WARNING'}, 0, "failed to run command to retrieve routing
configuration: $route_command");
+ return;
+ }
+
+ # Loop through the route output lines
+ for my $route_line (@$route_output) {
+ my ($default_gateway, $interface_name) = $route_line =~
/^0\.0\.0\.0\s+([\d\.]+).*\s([^\s]+)$/g;
+
+ if (!defined($interface_name) || !defined($default_gateway)) {
+ notify($ERRORS{'DEBUG'}, 0, "route output line does not contain a
default gateway: '$route_line'");
+ }
+ elsif (!defined($network_configuration->{$interface_name})) {
+ notify($ERRORS{'WARNING'}, 0, "found default gateway for
'$interface_name' interface but the network configuration for '$interface_name'
was not previously retrieved, route output:\n" . join("\n", @$route_output) .
"\nnetwork configuation:\n" . format_data($network_configuration));
+ }
+ elsif
(defined($network_configuration->{$interface_name}{default_gateway})) {
+ notify($ERRORS{'WARNING'}, 0, "multiple default gateway are
configured for '$interface_name' interface, route output:\n" . join("\n",
@$route_output));
+ }
+ else {
+ $network_configuration->{$interface_name}{default_gateway} =
$default_gateway;
+ notify($ERRORS{'DEBUG'}, 0, "found default route configured for
'$interface_name' interface: $default_gateway");
+ }
+ }
+
+ $self->{network_configuration} = $network_configuration;
+ notify($ERRORS{'DEBUG'}, 0, "retrieved network configuration:\n" .
format_data($self->{network_configuration}));
+ return $self->{network_configuration};
+
+}
+
+
+#/////////////////////////////////////////////////////////////////////////////
+
+=head2 enable_firewall_port
+
+ Parameters : $protocol, $port, $scope (optional), $overwrite_existing
(optional), $name (optional), $description (optional)
+ Returns : boolean
+ Description : Updates iptables for given port for collect IPaddress range
and mode
+
+=cut
+
+sub enable_firewall_port {
+ my $self = shift;
+ if (ref($self) !~ /VCL::Module/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a function, it
must be called as a class method");
+ return;
+ }
+
+ # If not return 1 so it does not fail
+ if (!($self->service_exists("ufw"))) {
+ notify($ERRORS{'WARNING'}, 0, "iptables does not exist on this OS");
+ return 1;
+ }
+
+ my ($protocol, $port, $scope_argument, $overwrite_existing, $name,
$description) = @_;
+ if (!defined($protocol) || !defined($port)) {
+ notify($ERRORS{'WARNING'}, 0, "protocol and port arguments were not
supplied");
+ return;
+ }
+
+ my $computer_node_name = $self->data->get_computer_node_name();
+ my $mn_private_ip = $self->mn_os->get_private_ip_address();
+
+ $protocol = lc($protocol);
+
+ $scope_argument = '' if (!defined($scope_argument));
+
+ my $scope;
+
+ return 1;
+
+}
+
+
+#/////////////////////////////////////////////////////////////////////////////
+
+=head2 disable_firewall_port
+
+ Parameters : none
+ Returns : 1 successful, 0 failed
+ Description : updates iptables for given port for collect IPaddress range
and mode
+
+=cut
+
+sub disable_firewall_port {
+ my $self = shift;
+ if (ref($self) !~ /VCL::Module/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a function, it
must be called as a class method");
+ return;
+ }
+
+ # Check to see if this distro has iptables
+ # If not return 1 so it does not fail
+ if (!($self->service_exists("ufw"))) {
+ notify($ERRORS{'WARNING'}, 0, "iptables does not exist on this OS");
+ return 1;
+ }
+
+ my ($protocol, $port, $scope_argument, $overwrite_existing, $name,
$description) = @_;
+ if (!defined($protocol) || !defined($port)) {
+ notify($ERRORS{'WARNING'}, 0, "protocol and port arguments were not
supplied");
+ return;
+ }
+
+ my $computer_node_name = $self->data->get_computer_node_name();
+ my $mn_private_ip = $self->mn_os->get_private_ip_address();
+
+ $protocol = lc($protocol);
+
+ $scope_argument = '' if (!defined($scope_argument));
+
+ $name = '' if !$name;
+ $description = '' if !$description;
+
+ my $scope;
+
+ return 1;
+
+}
+
+
1;
__END__
