Let me know if there's a better way to submit patches to this project.


Attached is a small patch taken from managementnode/lib/. It fixes a bug in utils.pm::check_connection(). The netstat check was only recognizing ssh connections that showed up with ::ffff: in front of their IPs for lab machines and not for other linux images. This patch copies the fix for lab machines and uses it for all linux images.


In addition, this patch also removes some code that is now unused thanks to the OS modularization. While figuring out what happened when linux machines are deployed, I lost some time delving into this unused code, so I thought it best to submit a patch removing it so that no one else gets confused.
Index: VCL/reclaim.pm
===================================================================
--- VCL/reclaim.pm      (revision 827859)
+++ VCL/reclaim.pm      (working copy)
@@ -180,28 +180,6 @@
                                }
                        }
                        
-                       # TODO: The following section should be removed once 
sanitize() is implemented by Linux.pm
-                       elsif ($image_os_type =~ /linux/){
-                               # Loaded Linux image needs to be cleaned up
-                               notify($ERRORS{'OK'}, 0, "attempting steps to 
clean up loaded $image_os_name image");
-
-                               # Make sure user is not connected
-                               if (isconnected($computer_shortname, 
$computer_type, $reservation_remoteip, $image_os_name, $computer_ipaddress, 
$image_os_type)) {
-                                       notify($ERRORS{'WARNING'}, 0, "user 
$user_unityid is connected to $computer_shortname, computer will be reloaded");
-                                       $self->insert_reload_and_exit();
-                               } ## end if (isconnected($computer_shortname, 
$computer_type...
-
-                               # User is not connected, delete the user
-                               if (del_user($computer_shortname, 
$user_unityid, $computer_type, $image_os_name)) {
-                                       notify($ERRORS{'OK'}, 0, "user 
$user_unityid removed from $computer_shortname");
-                                       insertloadlog($reservation_id, 
$computer_id, "info", "reclaim: removed user");
-                               }
-                               else {
-                                       notify($ERRORS{'OK'}, 0, "user 
$user_unityid could not be removed from $computer_shortname, computer will be 
reloaded");
-                                       $self->insert_reload_and_exit();
-                               }
-                       }
-
                        else {
                                # Unknown image type
                                notify($ERRORS{'WARNING'}, 0, "unsupported 
image OS detected: $image_os_name, computer will be reloaded");
Index: VCL/reserved.pm
===================================================================
--- VCL/reserved.pm     (revision 827859)
+++ VCL/reserved.pm     (working copy)
@@ -203,112 +203,6 @@
                        }
                }
                
-               # Older style code, remove below once all OS's have been 
modularized
-               # Check if computer type is blade
-               elsif ($computer_type =~ /blade|virtualmachine/) {
-                       notify($ERRORS{'OK'}, 0, "blade or virtual machine 
detected: $computer_type");
-                       # different senerios
-                       # standard -- 1-1-1 with connection checks
-                       # group access M-N-K -- multiple users need access
-                       # standard with no connection checks
-                       
-                       # Check if linux image
-                       if ($image_os_type =~  /linux/){
-                               notify($ERRORS{'OK'}, 0, "Linux image detected: 
$image_os_name");
-
-                               # adduser ; this adds user and restarts sshd
-                               # check for group access
-
-                               my $grpflag = 0;
-                               my @group;
-
-                               if ($imagemeta_usergroupid ne '') {
-                                       notify($ERRORS{'OK'}, 0, "group access 
groupid $imagemeta_usergroupid");
-
-                                       # Check group membership count
-                                       if ($user_group_member_count > 0) {
-                                               # Good, at least something is 
listed
-                                               notify($ERRORS{'OK'}, 0, 
"imagemeta group acess membership is $user_group_member_count");
-                                               $grpflag = 
$user_group_member_count;
-                                               @group   = @user_group_members;
-                                       }
-                                       else {
-                                               notify($ERRORS{'OK'}, 0, "image 
claims group access but membership is 0, usergrouid: $imagemeta_usergroupid, 
only adding requester");
-                                       }
-
-                               }    # Close imagemeta user group defined and 
member count is > 0
-
-                               # Try to add the user account to the linux 
computer
-                               if (add_user($computer_short_name, 
$user_unityid, $user_uid, 0, $computer_hostname, $image_os_name, 
$image_os_type, $remote_ip, $grpflag, @group)) {
-                                       notify($ERRORS{'OK'}, 0, "user 
$user_unityid added to $computer_short_name");
-                                       insertloadlog($reservation_id, 
$computer_id, "info", "reserved: adding user and opening remote access port for 
$remote_ip");
-                               }
-                               else {
-                                       notify($ERRORS{'WARNING'}, 0, "could 
not add user $user_unityid to $computer_short_name");
-                                       insertloadlog($reservation_id, 
$computer_id, "failed", "reserved: could not add user to node");
-                                       $retval_conn = "failed";
-                                       goto RETVALCONN;
-                               }
-
-                               # Check if user was set to standalone
-                               # Occurs if affiliation is not specified in the 
NOT_STANDALONE property in vcld.conf
-                               # or if vcladmin is the user or if the user's 
UID is >= 1,000,000
-                               if ($user_standalone) {
-                                       if 
(changelinuxpassword($computer_short_name, $user_unityid, 
$reservation_password)) {
-                                               # Password successfully changed
-                                               notify($ERRORS{'OK'}, 0, 
"password changed on $computer_short_name for standalone user $user_unityid");
-                                       }
-                                       else {
-                                               notify($ERRORS{'WARNING'}, 0, 
"could not change linux password for $user_unityid on $computer_short_name");
-                                               insertloadlog($reservation_id, 
$computer_id, "failed", "reserved: could not change user password on node");
-                                               $retval_conn = "failed";
-                                               goto RETVALCONN;
-                                       }
-                               }    # Close if standalone
-                               else {
-                                       notify($ERRORS{'OK'}, 0, "password not 
changed on $computer_short_name for non-standalone user $user_unityid");
-                               }
-
-                               #if cluster reservation - populate parent node 
with child node information
-                               if ($request_data->{RESERVATIONCOUNT} > 1) {
-                                       notify($ERRORS{'OK'}, 0, "cluster 
reservation, attempting to populate nodes with cluster_info data");
-                                       if (update_cluster_info($request_data)) 
{
-                                               notify($ERRORS{'OK'}, 0, 
"updated cluster nodes with cluster infomation");
-                                       }
-                               }
-
-                       }    # Close elseif linux computer
-
-               }    # Close if computer type is blade
-
-               # Check if computer type is lab
-               elsif ($computer_type eq "lab") {
-                       notify($ERRORS{'OK'}, 0, "lab computer detected");
-
-                       # Check if Solaris or RHEL
-                       if ($image_os_name =~ /sun4x_|rhel/) {
-                               notify($ERRORS{'OK'}, 0, "Sun or RHEL lab 
computer detected");
-                               if (enablesshd($computer_ip_address, 
$user_unityid, $remote_ip, "new", $image_os_name)) {
-                                       notify($ERRORS{'OK'}, 0, "SSHD enabled 
on $computer_hostname $computer_ip_address");
-                               }
-                               else {
-                                       # Could not enable SSHD
-                                       # Add code to better handle this such 
as fetch another machine
-                                       notify($ERRORS{'WARNING'}, 0, "could 
not enable SSHD on $computer_hostname");
-
-                                       # Update the computer state to failed
-                                       if (update_computer_state($computer_id, 
"failed", "new")) {
-                                               notify($ERRORS{'OK'}, 0, 
"setting computer ID $computer_id into failed state");
-                                       }
-
-                                       insertloadlog($reservation_id, 
$computer_id, "failed", "reserved: could not enable access port on remote 
machine");
-                                       $retval_conn = "failed";
-                                       goto RETVALCONN;
-                               } ## end else [ if 
(enablesshd($computer_ip_address, $user_unityid...
-                       }    # Close if Solaris or RHEL
-
-               }    # Close elsif computer type is lab
-
        }    # close if defined remoteIP
 
        elsif ($acknowledge_attempts < 180) {
Index: VCL/utils.pm
===================================================================
--- VCL/utils.pm        (revision 827859)
+++ VCL/utils.pm        (working copy)
@@ -83,7 +83,6 @@
   _machine_os
   _pingnode
   _sshd_status
-  add_user
   changelinuxpassword
   check_blockrequest_time
   check_connection
@@ -102,7 +101,6 @@
   convert_to_epoch_seconds
   database_execute
   database_select
-  del_user
   delete_computerloadlog_reservation
   delete_request
   delete_block_request
@@ -1861,6 +1859,18 @@
                                                                return $ret_val;
                                                        }
                                                }    # tcp check
+                                               if ($line =~ 
/tcp\s+([0-9]*)\s+([0-9]*)\s::ffff:($ipaddress:22)\s+::ffff:([.0-9]*):([0-9]*)(.*)(ESTABLISHED)
 /) {
+                                                       if ($4 eq $remoteIP) {
+                                                               $break   = 1;
+                                                               $ret_val = 
"connected";
+                                                               return $ret_val;
+                                                       }
+                                                       else {
+                                                               #this isn't the 
remoteIP
+                                                               $ret_val = 
"conn_wrong_ip";
+                                                               return $ret_val;
+                                                       }
+                                               }    # tcp check
                                        }    #foreach
                                             #who; too make sure we didn't miss 
it through netstat
                                        undef @SSHCMD;
@@ -2863,269 +2873,6 @@
 
 #/////////////////////////////////////////////////////////////////////////////
 
-=head2 add_user
-
- Parameters  : $node, $user, $uid, $passwd, $hostname, $os, $remoteip, 
$grpflag, @group
- Returns     : 1 success, 0 failed
- Description : logs into remote node adds supplied user account
-
-=cut
-
-sub add_user {
-       my ($node, $user, $uid, $passwd, $hostname, $os, 
$image_os_type,$remoteip, $grpflag, @group) = @_;
-       my ($package, $filename, $line, $sub) = caller(0);
-       notify($ERRORS{'WARNING'}, 0, "node is not defined")     if 
(!(defined($node)));
-       notify($ERRORS{'WARNING'}, 0, "user is not defined")     if 
(!(defined($user)));
-       notify($ERRORS{'OK'},      0, "uid is not defined")      if 
(!(defined($uid)));
-       notify($ERRORS{'WARNING'}, 0, "passwd is not defined")   if 
(!(defined($passwd)));
-       notify($ERRORS{'WARNING'}, 0, "os is not defined")       if 
(!(defined($os)));
-       notify($ERRORS{'OK'},      0, "remoteip is not defined") if 
(!(defined($remoteip)));
-       notify($ERRORS{'OK'},      0, "grpflag is not defined")  if 
(!(defined($grpflag)));
-
-       if (!(defined($grpflag))) {
-               $grpflag = 0;
-       }
-       elsif ($grpflag > 0) {
-               notify($ERRORS{'OK'}, 0, "group access memberlist= @group ");
-       }
-
-       my $identity;
-
-       if ($image_os_type =~ /linux/i) {
-         $identity = $IDENTITY_bladerhel;
-   }
-   else {
-         $identity = $IDENTITY_bladerhel;
-   }
-
-       if ($image_os_type =~ /linux/i) {
-               # set common linux useradd string
-               my $useradd_string;
-               if (!(defined($uid))) {    # check for uid if not let OS set one
-                       $useradd_string = "/usr/sbin/useradd -d /home/$user -m 
$user";
-               }
-               else {
-                       $useradd_string = "/usr/sbin/useradd -u $uid -d 
/home/$user -m $user";
-               }
-
-               # two methods: single user or group of users
-               if ($grpflag) {
-                       #assumes owner is already member of group
-                       #ok group flag set proceed
-                       my $allowuserstring = "AllowUsers";
-                       foreach my $u (@group) {
-                               #$u in form of  unity:uid
-                               my ($user_unityid, $uid) = split(":", $u);
-                               my $cmd = "/usr/sbin/useradd -u $uid -d 
/home/$user_unityid -m $user_unityid";
-                               if (run_ssh_command($node, $identity, $cmd, 
"root")) {
-                                       notify($ERRORS{'OK'}, 0, "added user 
$user_unityid to $node");
-                               }
-                               else {
-                                       notify($ERRORS{'WARNING'}, 0, "failed 
to execute $cmd");
-                                       return 0;
-                               }
-
-                               #append to ssh string
-                               $allowuserstring .= " $user_unityid";
-                       } ## end foreach my $u (@group)
-
-                       # modify external_sshd config
-                       my $cmdstring = "echo \"$allowuserstring\" >> 
/etc/ssh/external_sshd_config";
-                       my @sshcmd;
-                       if (run_ssh_command($node, $identity, $cmdstring, 
"root")) {
-                               notify($ERRORS{'OK'}, 0, "adding user string to 
sshd conf $allowuserstring");
-                               undef @sshcmd;
-                               @sshcmd = run_ssh_command($node, $identity, 
"/etc/init.d/ext_sshd restart", "root");
-                               foreach my $l (@{$sshcmd[1]}) {
-                                       if ($l =~ /Stopping ext_sshd:/i) {
-                                               
#notify($ERRORS{'OK'},0,"stopping sshd on $node ");
-                                       }
-                                       if ($l =~ /Starting ext_sshd:[  OK  
]/i) {
-                                               notify($ERRORS{'OK'}, 0, 
"ext_sshd on $node started");
-                                       }
-                               }    #foreach
-                               notify($ERRORS{'OK'}, 0, "started ext_sshd on 
$node");
-                               return 1;
-                       } ## end if (run_ssh_command($node, 
$IDENTITY_bladerhel...
-                       else {
-                               notify($ERRORS{'CRITICAL'}, 0, "failed to add 
$allowuserstring to external_sshd_config on $node ");
-                               return 0;
-                       }
-
-               } ## end if ($grpflag)
-               else {
-                       #single user proceed
-                       my @sshcmd = run_ssh_command($node, $identity, 
$useradd_string, "root");
-                       foreach my $l (@{$sshcmd[1]}) {
-                               if ($l =~ /user $user exists/) {
-                                       notify($ERRORS{'OK'}, 0, "detected user 
already has account, deleting");
-                                       #FIXME - if type or project is not  HPC 
related.
-                                       if (del_user($node, $user, "blade", 
$os, $image_os_type)) {
-                                               notify($ERRORS{'OK'}, 0, "$user 
deleted");
-                                       }
-                                       if (run_ssh_command($node, $identity, 
$useradd_string, "root")) {
-                                               notify($ERRORS{'OK'}, 0, "user 
$user added");
-                                       }
-                               } ## end if ($l =~ /user $user exists/)
-
-                       } ## end foreach my $l (@{$sshcmd[1]})
-
-                       #SETUP sudoers file
-                       #clear user from sudoers file first
-                       my $clear_cmd = "sed -ie \"/^$user .*/d\" /etc/sudoers";
-                       if (run_ssh_command($node, $identity, $clear_cmd, 
"root")) {
-                               notify($ERRORS{'DEBUG'}, 0, "cleared $user from 
/etc/sudoers");
-                       }
-                       else {
-                               notify($ERRORS{'CRITICAL'}, 0, "failed to clear 
$user from /etc/sudoers");
-                       }
-                       my $sudoers_cmd = "echo \"$user ALL= NOPASSWD: ALL\" >> 
/etc/sudoers";
-                       if (run_ssh_command($node, $identity, $sudoers_cmd, 
"root")) {
-                               notify($ERRORS{'DEBUG'}, 0, "added $user to 
/etc/sudoers");
-                       }
-                       else {
-                               notify($ERRORS{'CRITICAL'}, 0, "failed to add 
$user to /etc/sudoers");
-                       }
-
-                       if (_is_user_added($node, $user, "blade", $os, 
$image_os_type)) {
-                               notify($ERRORS{'OK'}, 0, "added user account 
$user to $node");
-                               undef @sshcmd;
-                               my $cmd = "echo \"AllowUsers $user\" >> 
/etc/ssh/external_sshd_config";
-                               if (run_ssh_command($node, $identity, $cmd, 
"root")) {
-                                       notify($ERRORS{'DEBUG'}, 0, "added 
AllowUsers $user to external_sshd_config");
-                               }
-                               else {
-                                       notify($ERRORS{'CRITICAL'}, 0, "failed 
to add AllowUsers $user to external_sshd_config");
-                                       return 0;
-                               }
-
-                               undef @sshcmd;
-                               @sshcmd = run_ssh_command($node, $identity, 
"/etc/init.d/ext_sshd restart", "root");
-
-                               foreach my $l (@{$sshcmd[1]}) {
-                                       if ($l =~ /Stopping ext_sshd:/i) {
-                                               
#notify($ERRORS{'OK'},0,"stopping sshd on $node ");
-                                       }
-                                       if ($l =~ /Starting ext_sshd:[  OK  
]/i) {
-                                               notify($ERRORS{'OK'}, 0, 
"ext_sshd on $node started");
-                                       }
-                               }    #foreach
-                               notify($ERRORS{'OK'}, 0, "started ext_sshd on 
$node");
-                               return 1;
-                       } ## end if (_is_user_added($node, $user, "blade", ...
-                       else {
-                               notify($ERRORS{'CRITICAL'}, 0, "PROBLEM added 
user $user to $node @{ $sshcmd[1] }");
-                               return 0;
-                       }
-                       # add user to external_sshd config
-               }    # grpflag true
-
-
-       }    # rhel
-       else {
-               return 0;
-       }
-} ## end sub add_user
-
-#/////////////////////////////////////////////////////////////////////////////
-
-=head2 del_user
-
- Parameters  : $node, $user, $type, $osname
- Returns     : 1 success 0 failure
- Description : removes user account from specificed node
-
-=cut
-
-sub del_user {
-       my ($node, $user, $type, $osname, $image_os_type) = @_;
-       my ($package, $filename, $line, $sub)    = caller(0);
-       notify($ERRORS{'WARNING'}, 0, "node is not defined")   if 
(!(defined($node)));
-       notify($ERRORS{'WARNING'}, 0, "user is not defined")   if 
(!(defined($user)));
-       notify($ERRORS{'WARNING'}, 0, "type is not defined")   if 
(!(defined($type)));
-       notify($ERRORS{'WARNING'}, 0, "osname is not defined") if 
(!(defined($osname)));
-       notify($ERRORS{'WARNING'}, 0, "image_os_type is not defined") if 
(!(defined($image_os_type)));
-       #set variables to use
-       my $cmd;
-       my @sshcmd;
-       if ($type =~ /blade|virtualmachine/) {
-               #my $os = _machine_os($node);
-               if ($image_os_type =~ /linux/i) {
-                       #remove user from machine
-                       my @file;
-                       my $l;
-                       undef $cmd;
-                       undef @sshcmd;
-                       # do not currently use userdel -r  will affect HPC user 
storage for HPC installs
-                       $cmd = "/usr/sbin/userdel $user";
-                       @sshcmd = run_ssh_command($node, $IDENTITY_bladerhel, 
$cmd, "root");
-                       foreach my $l (@{$sshcmd[1]}) {
-                               if ($l =~ /currently logged in/) {
-                                       notify($ERRORS{'WARNING'}, 0, "$user 
currently logged in returning 0");
-                                       return 0;
-                               }
-                       }
-                       #user successfully deleted
-                       my $path1 = "$node:/etc/ssh/external_sshd_config";
-                       my $path2 = "/tmp/$node.sshd";
-                       if (run_scp_command($path1, $path2, 
$IDENTITY_bladerhel)) {
-                               notify($ERRORS{'DEBUG'}, 0, "scp success 
retrieved $path1");
-                       }
-                       else {
-                               notify($ERRORS{'WARNING'}, 0, "failed to 
retrieve $path1");
-                               return 0;
-                       }
-                       #remove from sshd
-                       if (open(SSHDCFG, "/tmp/$node.sshd")) {
-                               @file = <SSHDCFG>;
-                               close SSHDCFG;
-                               foreach $l (@file) {
-                                       $l = "" if ($l =~ /AllowUsers/);
-                               }
-                               if (open(SCP, ">/tmp/$node.sshd")) {
-                                       print SCP @file;
-                                       close SCP;
-                               }
-                               undef $path1;
-                               undef $path2;
-                               $path1 = "/tmp/$node.sshd";
-                               $path2 = "$node:/etc/ssh/external_sshd_config";
-                               if (run_scp_command($path1, $path2, 
$IDENTITY_bladerhel)) {
-                                       notify($ERRORS{'DEBUG'}, 0, "scp 
success copied $path1 to $path2");
-                                       unlink $path1;
-                                       #turn off external sshd
-                                       if (run_ssh_command($node, 
$IDENTITY_bladerhel, "/etc/init.d/ext_sshd stop")) {
-                                               notify($ERRORS{'DEBUG'}, 0, 
"turned off ext_sshd on $node");
-                                       }
-                                       return 1;
-                               }
-                               else {
-                                       notify($ERRORS{'WARNING'}, 0, "failed 
to copy $path1 to $path2");
-                                       return 0;
-                               }
-                       } ## end if (open(SSHDCFG, "/tmp/$node.sshd"))
-
-                       #CLEAR sudoers file
-                       my $clear_cmd = "sed -ie \"/^$user .*/d\" /etc/sudoers";
-                       if (run_ssh_command($node, $IDENTITY_bladerhel, 
$clear_cmd, "root")) {
-                               notify($ERRORS{'DEBUG'}, 0, "cleared $user from 
/etc/sudoers");
-                       }
-                       else {
-                               notify($ERRORS{'CRITICAL'}, 0, "failed to clear 
$user from /etc/sudoers");
-                       }
-
-
-               } ## end elsif 
-               else {
-                       notify($ERRORS{'WARNING'}, 0, "$osname does not exist 
");
-                       return 0;
-               }
-       } ## end if ($type =~ /blade|virtualmachine/)
-
-} ## end sub del_user
-
-#/////////////////////////////////////////////////////////////////////////////
-
 =head2 disablesshd
 
  Parameters  : $hostname, $unityname, $remoteIP, $state, $osname, $log

Reply via email to