merge with latest dev version (tm-scripts commit f5a59daf8d70a9027118292cd40b18c221897408)

5 files changed, 100 insertions, 151 deletions

diff --git a/core/modules/run-virt/data/opt/openslx/scripts/pam_script_auth.d/99-run_virt_credentials b/core/modules/run-virt/data/opt/openslx/scripts/pam_script_auth.d/99-run_virt_credentials
new file mode 100644
index 00000000..a03d8886
--- /dev/null
+++ b/core/modules/run-virt/data/opt/openslx/scripts/pam_script_auth.d/99-run_virt_credentials
@@ -0,0 +1,41 @@
+#!/bin/ash
+# This is being sourced and running in ash
+
+if [ -n "$TEMP_HOME_DIR" ]; then
+	if [ -z "$PAM_TTY" ] || [ "x$PAM_TTY" = "x:0" ]; then
+		# Pass on network path to home directory
+		if [ -z "$PERSISTENT_NETPATH" ]; then
+			PERSISTENT_NETPATH=$(grep -m1 -F " ${PERSISTENT_HOME_DIR} " "/proc/mounts" | awk '{print $1}')
+		fi
+		if [ -n "$PERSISTENT_NETPATH" ]; then
+			[ "x${PERSISTENT_NETPATH:0:2}" = "x//" ] && PERSISTENT_NETPATH=$(echo "$PERSISTENT_NETPATH" | tr '/' '\')
+			echo "${PERSISTENT_NETPATH}" > "${TEMP_HOME_DIR}/.home"
+			chmod 0644 "${TEMP_HOME_DIR}/.home"
+		fi
+		# pwdaemon
+		# Figure out username
+		XUSER="${REAL_ACCOUNT}"
+		[ -z "$XUSER" ] && XUSER="${PAM_USER}"
+		# Guess domain
+		XDOMAIN=
+		if [ -n "$PERSISTENT_HOME_DIR" ]; then
+			XDOMAIN=$(grep -F " ${PERSISTENT_HOME_DIR} " "/proc/mounts" | grep -m1 -F 'domain=' | sed -r 's/^.*[ ,]domain=([^ ,]+)[ ,].*$/\1/g')
+		fi
+		if [ -z "$XDOMAIN" ]; then
+			XDOMAIN=$(grep -m1 -i '^BASE\s*DC=' "/etc/ldap.conf" | sed -r 's/^BASE\s*DC=([^,;]+).*$/\1/I')
+		fi
+		if [ -z "$XDOMAIN" ]; then
+			XDOMAIN=$(grep -m1 -i '^ldap_search_base\s*=\s*DC=' "/etc/sssd/sssd.conf" | sed -r 's/^ldap_search_base\s*=\s*DC=([^,;]+).*$/\1/I')
+		fi
+		if [ -n "$XDOMAIN" ]; then
+			XDOMAIN=$(echo "$XDOMAIN" | tr '[a-z]' '[A-Z]')
+		else
+			XDOMAIN="WORKGROUP"
+		fi
+		USERNAME="$XDOMAIN\\$XUSER" PASSWORD="$PAM_AUTHTOK" PWSOCKET="${TEMP_HOME_DIR}/.pwsocket" su -c 'pwdaemon --daemon &' "${PAM_USER}" &
+		unset XUSER XDOMAIN
+	fi
+fi
+
+true
+
diff --git a/core/modules/run-virt/data/opt/openslx/scripts/pam_script_ses_close.d/runvirt-firewall-clear b/core/modules/run-virt/data/opt/openslx/scripts/pam_script_ses_close.d/runvirt-firewall-clear
new file mode 100644
index 00000000..dab08190
--- /dev/null
+++ b/core/modules/run-virt/data/opt/openslx/scripts/pam_script_ses_close.d/runvirt-firewall-clear
@@ -0,0 +1,17 @@
+#!/bin/ash
+
+# Sourced by pam_script_ses_close
+
+runvirt_fw_clear () {
+	iptables -w -F runvirt-INPUT
+	ip6tables -w -F runvirt-INPUT
+	iptables -w -F runvirt-OUTPUT
+	ip6tables -w -F runvirt-OUTPUT
+}
+
+if [ "x$PAM_TTY" = "x:0" ]; then
+	runvirt_fw_clear > /dev/null 2>&1
+fi
+
+true
+
diff --git a/core/modules/run-virt/data/opt/openslx/scripts/systemd-mount_vm_store b/core/modules/run-virt/data/opt/openslx/scripts/systemd-mount_vm_store
index 9d478918..235cf4be 100755
--- a/core/modules/run-virt/data/opt/openslx/scripts/systemd-mount_vm_store
+++ b/core/modules/run-virt/data/opt/openslx/scripts/systemd-mount_vm_store
@@ -13,8 +13,12 @@ OUTFILE=$(mktemp)
 # no bash, so this is a bit ugly...
 if [ "${SLX_VM_NFS#//}" = "${SLX_VM_NFS}" ]; then
 	# doesn't start with '//' -> assume NFS
-	/opt/openslx/bin/timeout -t 10 -s 9 mount -v -t nfs -o ro,async,nolock "$SLX_VM_NFS" /mnt/vmstore
+	/opt/openslx/bin/timeout -t 6 -s 9 mount -v -t nfs -o ro,async,nolock "$SLX_VM_NFS" /mnt/vmstore
 	RET=$?
+	if [ "$RET" != "0" ]; then
+		/opt/openslx/bin/timeout -t 6 -s 9 mount -v -t nfs -o vers=3,ro,async,nolock "$SLX_VM_NFS" /mnt/vmstore
+		RET=$?
+	fi
 else
 	# starts with '//' -> assume CIFS
 	export USER="$SLX_VM_NFS_USER"
@@ -25,15 +29,14 @@ else
 	RET=$?
 fi > "$OUTFILE" 2>&1
 
-if [ $RET -ne 0 ]; then
+if [ "$RET" -ne "0" ]; then
 	if [ -s "$OUTFILE" ]; then
-		slxlog "mount-vmstore-fail" "Mounting '$SLX_VM_NFS' failed. VMs will not boot." "$OUTFILE"
-		sleep 1
+		slxlog --delete "mount-vmstore-fail" "Mounting '$SLX_VM_NFS' failed. VMs will not boot." "$OUTFILE"
 	else
 		slxlog "mount-vmstore-fail" "Mounting '$SLX_VM_NFS' failed. VMs will not boot."
+		rm -f -- "$OUTFILE"
 	fi
 fi
 
-rm -f -- "$OUTFILE"
 exit $RET
 
diff --git a/core/modules/run-virt/data/opt/openslx/scripts/systemd-run_virt_env b/core/modules/run-virt/data/opt/openslx/scripts/systemd-run_virt_env
index b8236600..a86b2d0b 100755
--- a/core/modules/run-virt/data/opt/openslx/scripts/systemd-run_virt_env
+++ b/core/modules/run-virt/data/opt/openslx/scripts/systemd-run_virt_env
@@ -28,27 +28,7 @@ export PATH=$PATH:/opt/openslx/bin:/opt/openslx/sbin
 # from plugins/vmchooser/XX_vmchooser.sh
 VMCHOOSER_DIR="/opt/openslx/vmchooser"
 VMCHOOSER_CONF_DIR="$VMCHOOSER_DIR/config"
-
-mkdir -p "${VMCHOOSER_DIR}/data/loopimg"
-mkdir -p "${VMCHOOSER_DIR}/fd-loop" -m 1777
-
-# mount a clean tempfs (bug in UnionFS prevents loopmount to work)
-grep -qE "unionfs |aufs " /proc/mounts && \
-	mount -n -o size=1500k -t tmpfs vm-loopimg "${VMCHOOSER_DIR}/data/loopimg"
-
-# create an empty floppy image of 1.44 MByte size
-dd "if=/dev/zero" "of=${VMCHOOSER_DIR}/data/loopimg/fd.img" count=2880 bs=512 2>/dev/null
-chmod 0777 "${VMCHOOSER_DIR}/data/loopimg/fd.img"
-
-# use dos formatter copied into stage3
-mkdosfs "${VMCHOOSER_DIR}/data/loopimg/fd.img"
-mount -n -t msdos -o loop,umask=000 "${VMCHOOSER_DIR}/data/loopimg/fd.img" "${VMCHOOSER_DIR}/fd-loop"
-
-#pvs integration    
-#if [ $vmchooser_pvs -ne 0 ]; then
-#	sed -i /usr/share/xsessions/default.desktop \
-#            -e "s,vmchooser$,vmchooser --pvs,"
-#fi
+DHCP_NAT_CONF="/opt/openslx/vmchooser/config/udhcpd-nat1.conf"
 
 # setup more scratch space for virtual machines, if configured
 mkdir -p /tmp/virt /var/log/samba /run/samba
@@ -110,10 +90,20 @@ fi
 
 # write mac
 if [ -n "$SLX_PXE_MAC" ]; then
-	echo "hostmacaddr=${SLX_PXE_MAC}" >> "${VMCHOOSER_CONF_DIR}/virtualization.conf"
+	hostmacaddr="${SLX_PXE_MAC}"
 else ## Fallback:
-	echo "hostmacaddr=$(ip a | grep ether | grep -o -E -i '([0-9a-f]{2}:){5}[0-9a-f]{2}' | head -n 1)" >> "${VMCHOOSER_CONF_DIR}/virtualization.conf"
+	hostmacaddr="$(ip a | grep ether | grep -o -E -i '([0-9a-f]{2}:){5}[0-9a-f]{2}' | head -n 1)"
 fi
+echo "hostmacaddr='$hostmacaddr'" >> "${VMCHOOSER_CONF_DIR}/virtualization.conf"
+# TODO: We should only generate the suffix here (last 3 octets) as the first 3 are
+# dependant on the virtualizer/emulator. Check if any run-virt.include still relies on
+# $macguestpart/$macaddr. If so, fix it to use its specific first 3 bytes
+# and append $macaddrssuffix
+macaddrprefix='00:50:56'
+macaddrsuffix="$(echo "$hostmacaddr" | awk -F ":" '{print "%VMID%:" $(NF-1) ":" $NF}' | tr '[a-z]' '[A-Z]')"
+echo "macaddrprefix='$macaddrprefix'" >> "${VMCHOOSER_CONF_DIR}/virtualization.conf"
+echo "macaddrsuffix='$macaddrsuffix'" >> "${VMCHOOSER_CONF_DIR}/virtualization.conf"
+
 # read in ip address
 echo "hostip=${SLX_PXE_CLIENT_IP}" >> "${VMCHOOSER_CONF_DIR}/virtualization.conf"
 # hostname
@@ -132,6 +122,11 @@ for floppy in $(dmesg|grep -i "Floppy drive"|sed "s,.*(s): ,,;s, is .*,,"); do
     j=$(expr $j + 1)
 done
 
+# Serial ports
+echo "serial_ports='$(dmesg | grep -Eo 'ttyS[0-9]+' | sed 's,^,/dev/,' | tr '\n' ' ')'" >> "${VMCHOOSER_CONF_DIR}/virtualization.conf"
+# Parallel ports
+modprobe parport_pc
+
 ################################################################################
 ### Setup VM networking
 ################################################################################
@@ -163,19 +158,27 @@ echo "1" >/proc/sys/net/ipv4/conf/br0/forwarding 2>/dev/null
 ### iptables -t nat -A POSTROUTING -o br0 -s 192.168.0.0/16 -j MASQUERADE
 
 for wait in 1 1 2 2 3 end; do
-	grep '^SLX_DNS' "/opt/openslx/config" > /dev/null && break
-	[ "$wait" == "end" ] && echo "No DNS config found, using google dns" && break
-	echo "Waiting for DNS config.."
+	[ -n "$SLX_DNS" ] && [ -n "$SLX_NET_SEARCH" ] && break
+	if [ "$wait" == "end" ]; then
+		echo "No DNS config found, using google dns"
+		break
+	fi
+	echo "Waiting for DNS & search-domain config.."
 	sleep "$wait"
+	. /opt/openslx/config
 done
 
 # read the DNS configuration and configure the udhcpd
-[ -z "${SLX_DNS}" ] && SLX_DNS="8.8.8.8"
-sed -i "s,DNSSERVER,${SLX_DNS},;s,DOMAIN,${SLX_NET_DOMAIN}," \
-  /opt/openslx/vmchooser/config/udhcpd-nat1.conf
+[ -z "${SLX_DNS}" ] && SLX_DNS="8.8.8.8 8.8.4.4"
+[ -z "${SLX_NET_DOMAIN}" ] && SLX_NET_DOMAIN="virtual.site"
+[ -z "${SLX_NET_SEARCH}" ] && SLX_NET_SEARCH="virtual.site"
+sed -i "s#%DNSSERVER%#${SLX_DNS}#;s#%DOMAIN%#${SLX_NET_DOMAIN}#;s#%SEARCH%#${SLX_NET_SEARCH}#" "${DHCP_NAT_CONF}"
+
+# Make sure the primary vm running (we most likely never run more than one at a time anyways) always gets the same ip
+echo "static_lease $(echo "$macaddrprefix:$macaddrsuffix" | sed 's/%VMID%/01/') 192.168.101.20" >> "${DHCP_NAT_CONF}"
 
 mkdir -p /var/lib/udhcpd
-udhcpd -S /opt/openslx/vmchooser/config/udhcpd-nat1.conf
+udhcpd -S "${DHCP_NAT_CONF}"
 
 # creating and configuring vsw2
 brctl addbr vsw2
diff --git a/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt b/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt
index 1e591389..447f98bc 100755..120000
--- a/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt
+++ b/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt
@@ -1,116 +1 @@
-#!/bin/bash
-# Full bash required
-# -----------------------------------------------------------------------------
-# Copyright (c) 2007..2010 - RZ Uni FR
-# Copyright (c) 2007..2013 - OpenSLX GmbH
-#
-# This program is free software distributed under the GPL version 2.
-# See http://openslx.org/COPYING
-#
-# If you have any feedback please consult http://openslx.org/feedback and
-# send your suggestions, praise, or complaints to feedback@openslx.org
-#
-# General information about OpenSLX can be found at http://openslx.org/
-# -----------------------------------------------------------------------------
-# run-virt.sh
-#    - This is the generic wrapper for the several virtualization solutions.
-#      The idea is to setup a set of variables used by at least two different
-#      tools and then include the specific plugin which configures the speci-
-#      fied virtualization tool.
-################################################################################
-
-RUNVIRTINCLUDEDIR=/opt/openslx/scripts/includes
-xmlfile="$1"
-
-# Functions needed by vmchooser-run_virt (writelog(), cleanexit(), rv_clean_string())
-source ${RUNVIRTINCLUDEDIR}/vmchooser_runvirt_functions.inc && trap 'trap "" SIGINT SIGTERM; cleanexit' SIGINT SIGTERM
-# Define default dirs / get configs
-source ${RUNVIRTINCLUDEDIR}/set_runvirt_variables.inc
-# Function to detect whether we can use the new way (vmx via http) or the old way (legacy):
-source ${RUNVIRTINCLUDEDIR}/detect_legacy.inc # This yields LEGACY, IMGUUID, IMGVMX
-# For scanning for certain usb classes
-source "${RUNVIRTINCLUDEDIR}/usb_detector.inc"
-
-if [ "$LEGACY" ]; then
-	# check for important files used (filecheck()) - vestigial?
-	source ${RUNVIRTINCLUDEDIR}/check_runvirt_needed_files.inc
-	# Get XML file and dir, legacy (old way)
-	source ${RUNVIRTINCLUDEDIR}/get_xml_file_dir_legacy.inc		# xmlfile=$1
-	# xml file sanity checks, legacy
-	source ${RUNVIRTINCLUDEDIR}/check_runvirt_xml_sanity_legacy.inc
-	# print console logo
-	source ${RUNVIRTINCLUDEDIR}/print_runvirt_console_logo.inc
-	# Read needed variables from XML file
-	source ${RUNVIRTINCLUDEDIR}/get_xml_file_variables_legacy.inc
-	# Declaration of hardware relatedt variables
-	source ${RUNVIRTINCLUDEDIR}/set_runvirt_hardware_variables_legacy.inc
-	# Sound setup the rest of the environment and run the configured vm
-	source ${RUNVIRTINCLUDEDIR}/setup_sound.inc
-	# Start printer daemon
-	source ${RUNVIRTINCLUDEDIR}/setup_printer_lpd.inc
-	# Setup virtual floppy b: for windows guests with config.xml, openslx.exe etc.
-	source ${RUNVIRTINCLUDEDIR}/setup_virtual_floppy.inc
-	# Try to use dnbd3 to access the image, nfs/cifs fallback
-	source ${RUNVIRTINCLUDEDIR}/setup_image_access.inc
-	# Get all virtual machine specific stuff from the respective include file
-	source ${RUNVIRTINCLUDEDIR}/setup_vm_hypervisor.inc
-	# start a windowmanager for easier handling
-	source ${RUNVIRTINCLUDEDIR}/start_windowmanager.inc
-	# Start poolvideoswitch if DO_PROFILE has been set (WARNING: fixed IP!)
-	source ${RUNVIRTINCLUDEDIR}/start_pvs.inc
-	# Check if tcpsvd is running. Do not check immediately after spawning,
-	# as this could result in success even if it's not really working.
-	source ${RUNVIRTINCLUDEDIR}/check_lpd.inc
-else
-	# check for important files used (filecheck()) - vestigial?
-	# This include does not currently work. TODO.
-	# source ${RUNVIRTINCLUDEDIR}/check_runvirt_needed_files.inc && filecheck
-
-	# Read needed variables from XML file
-	source ${RUNVIRTINCLUDEDIR}/get_xml_file_variables.inc
-
-	# Sound setup the rest of the environment and run the configured vm
-	source ${RUNVIRTINCLUDEDIR}/setup_sound.inc
-
-	# Declaration of hardware relatedt variables
-	source ${RUNVIRTINCLUDEDIR}/set_runvirt_hardware_variables.inc
-
-	# Start printer daemon
-	source ${RUNVIRTINCLUDEDIR}/setup_printer_lpd.inc
-
-	# Setup virtual floppy b: for windows guests with config.xml, openslx.exe etc.
-	source ${RUNVIRTINCLUDEDIR}/setup_virtual_floppy.inc
-
-	# Get all virtual machine specific stuff from the respective include file
-	source ${RUNVIRTINCLUDEDIR}/setup_image_access.inc
-
-	# start a windowmanager for easier handling	
-	source ${RUNVIRTINCLUDEDIR}/setup_vm_hypervisor.inc
-
-	# Try to use dnbd3 to access the image, nfs/cifs fallback
-	source ${RUNVIRTINCLUDEDIR}/start_windowmanager.inc
-
-	# Start poolvideoswitch if DO_PROFILE has been set (WARNING: fixed IP!)
-	source ${RUNVIRTINCLUDEDIR}/start_pvs.inc
-
-	# Check if tcpsvd is running. Do not check immediately after spawning,
-	# as this could result in success even if it's not really working.
-	source ${RUNVIRTINCLUDEDIR}/check_lpd.inc
-
-fi
-
-# This will start the VM
-writelog "VM command: eval ${VIRTCMD} ${VIRTCMDOPTS}"
-
-# Transported from vmware-runvirt include
-sync
-
-eval ${VIRTCMD} ${VIRTCMDOPTS}
-writelog "Bye."
-
-# Postrun for commands after virtualization finishes
-if [ -n "${POSTRUN}" ]; then
-	eval ${POSTRUN}  >/dev/null 2>&1
-fi
-
-cleanexit 0
+/opt/openslx/vmchooser/vmchooser-run_virt
\ No newline at end of file