From 67bcd9e63f7a0d841edf80d71f7892a9c288b417 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Mon, 23 Apr 2018 17:26:14 +0200 Subject: [rfs-stage32] zram swap: Use only one device on newer kernels --- .../data/opt/openslx/scripts/systemd-zram_swap | 77 +++++++++++++++++----- 1 file changed, 59 insertions(+), 18 deletions(-) diff --git a/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap b/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap index f8bd5682..4a2cce6f 100755 --- a/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap +++ b/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap @@ -20,41 +20,82 @@ # So make sure you're up to date make_swap () { - [ $# -ne 2 ] && echo "make_swap: Wrong parameter count $#" && exit 1 + [ $# -ne 2 ] && echo "make_swap: Wrong parameter count $#" && return 1 local USE="$1" local DEV="$2" - echo "$USE" > "/sys/block/zram${DEV}/disksize" - mkswap "/dev/zram${DEV}" - swapon "/dev/zram${DEV}" -p 1000 # high priority (in case we have hdd swap 0x82, prefer zram) + local STREAMS="$3" + echo "$USE" > "/sys/block/zram${DEV}/disksize" || return 1 + [ -n "$STREAMS" ] && echo "$STREAMS" > "/sys/block/zram${DEV}/max_comp_streams" + ( + mkswap "/dev/zram${DEV}" + swapon "/dev/zram${DEV}" -p 1000 # high priority (in case we have hdd swap 0x82, prefer zram) + ) & } -CPUS=$(grep -c -E "^processor.*[0-9]+$" "/proc/cpuinfo") +# Count physical CPUs +CPUS=$(cat /sys/devices/system/cpu/cpu*/topology/thread_siblings_list | sort -u | wc -l) # cat for * if [ -z "$CPUS" ]; then echo "ERROR: Could not determine CPU core count" - exit 1 +else + CPUS=1 +fi + +KERN=$(uname -r) +if [ "${KERN%%.*}" -le 4 ]; then + DEVS=$CPUS + [ "$DEVS" -gt "16" ] && DEVS=16 # zram can only handle up to 32 devices, the system can apparently even just handle 29 swap partitions, so use a reasonable upper limit + STREAMS= +else + DEVS=1 + STREAMS=$CPUS fi -[ "$CPUS" -gt "16" ] && CPUS=16 # zram can only handle up to 32 devices, the system can apparently even just handle 29 swap partitions, so use a reasonable upper limit -if ! modprobe zram "num_devices=$CPUS"; then +if [ -e "/sys/class/zram-control/hot_add" ]; then + : # nothing to do, loaded and hot_add available +elif ! modprobe zram "num_devices=$DEVS"; then echo "ERROR: Could not load zram module" exit 1 fi TOTAL=$(grep ^MemTotal /proc/meminfo | awk '{print $2}') -USE=$(( $TOTAL / ( 2 * $CPUS ) )) -echo "Have $CPUS cores, $TOTAL kb mem, use $USE kb zram swap per core" -USE=$(( $USE * 1024 )) +USE=$(( TOTAL / ( 2 * DEVS ) )) +echo "Have $CPUS cores, $TOTAL kb mem, use $USE kb zram swap each for $DEVS devices." +USE=$(( USE * 1024 )) DEV=0 -while [ "$DEV" -lt "$CPUS" ]; do - make_swap "$USE" "$DEV" & - LAST=$! - DEV=$(( $DEV + 1 )) +NUM=0 +FAILS=0 +while [ "$NUM" -lt "$DEVS" ]; do + if [ -e "/sys/block/zram${DEV}" ]; then + if ! [ -e "/sys/block/zram${DEV}/initstate" ] || [ "$(cat "/sys/block/zram${DEV}/initstate")" = 0 ]; then + if make_swap "$USE" "$DEV" "$STREAMS"; then + NUM=$(( NUM + 1 )) + fi + fi + DEV=$(( DEV + 1 )) + elif [ -e "/sys/class/zram-control/hot_add" ]; then + DEV=$(cat /sys/class/zram-control/hot_add) + if [ -z "$DEV" ]; then + echo "ERROR: Cannot hot_add another zram device" + break + fi + if make_swap "$USE" "$DEV" "$STREAMS"; then + NUM=$(( NUM + 1 )) + else + FAILS=$(( FAILS + 1 )) + if [ "$FAILS" -gt 4 ]; then + echo "ERROR: Could not swap on hot added device -- giving up" + break + fi + fi + DEV=$(( DEV + 1 )) + else + echo "ERROR: Cannot add another zram device: No hot_add support" + break + fi done # Wait, so we don't trigger swap.target too early -while kill -0 "$LAST"; do - usleep 100000 -done +wait exit 0 -- cgit v1.2.3-55-g7522 From 89f7a9058dc1eb44d8387eaa98db9c74e1a06618 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 24 Apr 2018 11:40:37 +0200 Subject: [rfs-stage32] Increase min_free_kbytes for zram swap --- .../rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap b/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap index 4a2cce6f..3cc5fe22 100755 --- a/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap +++ b/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap @@ -94,6 +94,16 @@ while [ "$NUM" -lt "$DEVS" ]; do fi done +# Increase min free memory so we have enough mem available when trying to move +# something to zram swap. We want 1%, or at least 64MiB +CURRENT=$(cat "/proc/sys/vm/min_free_kbytes") +TOTAL=$(awk '{ if ($1 == "MemTotal:") { print $2; exit } }' /proc/meminfo) +WANT=$(( TOTAL / 100 )) +[ "$WANT" -gt 65535 ] || WANT=65535 # minimum 64M +if [ "$CURRENT" -lt "$WANT" ]; then + echo "$WANT" > "/proc/sys/vm/min_free_kbytes" +fi + # Wait, so we don't trigger swap.target too early wait -- cgit v1.2.3-55-g7522 From ed765face17dd82d65462a146fd34b70bd74bc13 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 25 Apr 2018 12:15:12 +0200 Subject: [pam-bwidm] Set proper Content-Type in request --- core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm b/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm index ae9cdf41..72cd961e 100755 --- a/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm +++ b/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm @@ -145,9 +145,7 @@ readonly SOAP_ENVELOPE="/opt/openslx/bwidm_soap.xml" # now the pam-type specific part starts if [ "x$PAM_TYPE" == "xauth" ]; then - HA='Accept: text/html; application/vnd.paos+xml' - HP='PAOS: ver="urn:liberty:paos:2003-08";"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"' - CT='Content-Type: application/vnd.paos+xml; charset=utf-8' + CT='Content-Type: text/xml; charset=utf-8' NOW=$(date -u '+%Y-%m-%dT%H:%M:%SZ') HOST=$(echo "${USER_ECP_URL}" | awk -F '/' '{print $3}') RID="_c${RANDOM}a${RANDOM}f${RANDOM}f${RANDOM}e${RANDOM}e${RANDOM}" @@ -161,19 +159,19 @@ if [ "x$PAM_TYPE" == "xauth" ]; then # to be sure everything is working as expected # we will first send a wrong password and expect a 401 echo "machine ${HOST} login ${USER_USERNAME} password ___invalid-INVALID++~" > "${NETRC}" - ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" -H "$HP" -H "$HA" --basic --netrc-file "$NETRC" "$USER_ECP_URL") + ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" --basic --netrc-file "$NETRC" "$USER_ECP_URL") if [ "x$ret" != "x401" ]; then # this means something else is bad, just exit echo "False authentication attempt did not return 401 as expected but: $ret" - rm -- "${NETRC}" + rm -f -- "${NETRC}" exit 7 fi - # the fake auth call behaved as expected, do the actualy login + # the fake auth call behaved as expected, do the actual login echo "machine ${HOST} login ${USER_USERNAME} password ${USER_PASSWORD}" > "${NETRC}" - ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" -H "$HP" -H "$HA" --basic --netrc-file "$NETRC" "$USER_ECP_URL") + ret=$(curl --connect-timeout 5 --max-time 15 -o /dev/null -w "%{http_code}" -d "${REQUEST}" -H "$CT" --basic --netrc-file "$NETRC" "$USER_ECP_URL") echo "machine ${HOST} login ${USER_USERNAME} password ********************" > "${NETRC}" # It should be a tmpfs but you never know - rm -- "${NETRC}" + rm -f -- "${NETRC}" if [ "x$ret" == "x200" ]; then # auth succeeded, lets create a local user representing the bwIDM user -- cgit v1.2.3-55-g7522 From 8cb0c4db5f55d60e6f0b7e75ebdb4f56cf274476 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 25 Apr 2018 14:32:50 +0200 Subject: [idleaction] Add kexec-reboot support --- .../idleaction/data/opt/openslx/scripts/idleaction-scheduled_action | 6 +++--- core/modules/kexec-reboot/data/opt/openslx/bin/kexec-reboot | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) create mode 100755 core/modules/kexec-reboot/data/opt/openslx/bin/kexec-reboot diff --git a/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action b/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action index 57ffcc04..7a1b2afd 100755 --- a/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action +++ b/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action @@ -12,7 +12,7 @@ if [ "$1" = "--detach" ]; then fi if [ $# -lt 1 ]; then - echo "$0 [--detach] [delay_minutes]" >&2 + echo "$0 [--detach] [delay_minutes]" >&2 exit 2 fi @@ -49,7 +49,7 @@ if [ -n "$TS" ]; then fi fi -if [ "$MODE" != "reboot" ] && [ "$MODE" != "poweroff" ]; then +if [ "$MODE" != "reboot" ] && [ "$MODE" != "poweroff" ] && [ "$MODE" != "kexec-reboot" ]; then slxlog --echo "idleaction-failed-call" "Invalid call to idleaction-scheduled_action. Mode '$MODE' unknown." >&2 exit 3 fi @@ -79,7 +79,7 @@ runaction () { [ "$NUM" = "0" ] && break if [ "$MINUTES" != "X" ]; then USERS=0 - if [ "$MODE" = "reboot" ]; then + if [ "${MODE#*-}" = "reboot" ]; then MESSAGE="Das System wird in $MINUTES Minute(n) neugestartet, bitte beenden Sie Ihre Sitzung. The system will reboot in $MINUTES minute(s). Please save your work and end the session." else diff --git a/core/modules/kexec-reboot/data/opt/openslx/bin/kexec-reboot b/core/modules/kexec-reboot/data/opt/openslx/bin/kexec-reboot new file mode 100755 index 00000000..60197f50 --- /dev/null +++ b/core/modules/kexec-reboot/data/opt/openslx/bin/kexec-reboot @@ -0,0 +1,4 @@ +#!/bin/ash + +exec systemctl start kexec.target + -- cgit v1.2.3-55-g7522 From 4d57760781b469020add1efdbb525e991fabd315 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Wed, 25 Apr 2018 18:54:30 +0200 Subject: [vbox] only add floppy controller if missing --- .../virtualbox/includes/finalize_machine_config.inc | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/finalize_machine_config.inc b/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/finalize_machine_config.inc index 07f7e170..9407116f 100755 --- a/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/finalize_machine_config.inc +++ b/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/finalize_machine_config.inc @@ -34,12 +34,14 @@ setup_disk_image() { setup_floppies() { # add storage controller and 2 floppies to it - add_node \ - "/VirtualBox/Machine/StorageControllers" "StorageController" \ - "name=Floppy" \ - "type=I82078" \ - "PortCount=1" \ - "useHostIOCache=true" + if ! node_exists '/VirtualBox/Machine/StorageControllers/StorageController[@name="Floppy"]'; then + add_node \ + "/VirtualBox/Machine/StorageControllers" "StorageController" \ + "name=Floppy" \ + "type=I82078" \ + "PortCount=1" \ + "useHostIOCache=true" + fi add_node \ '/VirtualBox/Machine/StorageControllers/StorageController[@name="Floppy"]' "AttachedDevice" \ "type=Floppy" \ -- cgit v1.2.3-55-g7522 From 9c9da17732ee9da8bcb18d2b2e6e4dba9cec3e5a Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 27 Apr 2018 15:18:00 +0200 Subject: [vmware12] Use pre-patched kmod sources from github/mkubecek/vmware-host-modules --- core/modules/vmware12/module.build | 52 +++++++++++++++++++++++++------------- 1 file changed, 34 insertions(+), 18 deletions(-) diff --git a/core/modules/vmware12/module.build b/core/modules/vmware12/module.build index 2160e5f7..342b7297 100644 --- a/core/modules/vmware12/module.build +++ b/core/modules/vmware12/module.build @@ -51,23 +51,30 @@ build() { # prepare the build directory with the files needed during the chroot cp "${MODULE_WORK_DIR}/src/$VMWARE_BUNDLE_FILE" "${MODULE_BUILD_DIR}/$VMWARE_BUNDLE_FILE" - # copy required patches - mkdir -p "${MODULE_BUILD_DIR}/patches" - for PATCH in $(find "${MODULE_DIR}/patches/" -name "*__*__*.patch"); do - parse_patch_name "$PATCH" - [ -z "${MIN_KERN}" -o -z "${MAX_KERN}" ] && perror "Could not parse patch filename" - if version_lt "$TARGET_KERNEL_SHORT" "$MIN_KERN" || version_gt "$TARGET_KERNEL_SHORT" "$MAX_KERN"; then - pinfo "*NOT* applying $PATCH (min=$MIN_KERN max=$MAX_KERN cmp=$TARGET_KERNEL_SHORT)" - continue # Not suitable for our kernel - fi - if version_lt "$OFFICIAL_VERSION" "$MIN_VMWARE" || version_gt "$OFFICIAL_VERSION" "$MAX_VMWARE"; then - pinfo "*NOT* applying $PATCH (min=$MIN_VMWARE max=$MAX_VMWARE cmp=$OFFICIAL_VERSION)" - continue # Not suitable for our kernel - fi - pinfo "Kernel: Applying $PATCH (min=$MIN_KERN max=$MAX_KERN cmp=$TARGET_KERNEL_SHORT)" - pinfo "VMware: Applying $PATCH (min=$MIN_VMWARE max=$MAX_VMWARE cmp=$OFFICIAL_VERSION)" - cp "$PATCH" "${MODULE_BUILD_DIR}/patches/" || perror "Could not copy patch $PATCH to $MODULE_BUILD_DIR/patches" - done + # checkout pre-patched sources + local KVER2=$TARGET_KERNEL_SHORT + [ ${#KVER2} -gt 4 ] && KVER2=${KVER2%.*} + git clone --depth 1 -b "w${OFFICIAL_VERSION}-k${KVER2}" "https://github.com/mkubecek/vmware-host-modules.git" "${MODULE_BUILD_DIR}/prepatched" \ + && pinfo "Have prepatched kernel modules" + if ! [ -d "${MODULE_BUILD_DIR}/prepatched" ]; then + # copy required patches + mkdir -p "${MODULE_BUILD_DIR}/patches" + for PATCH in $(find "${MODULE_DIR}/patches/" -name "*__*__*.patch"); do + parse_patch_name "$PATCH" + [ -z "${MIN_KERN}" -o -z "${MAX_KERN}" ] && perror "Could not parse patch filename" + if version_lt "$TARGET_KERNEL_SHORT" "$MIN_KERN" || version_gt "$TARGET_KERNEL_SHORT" "$MAX_KERN"; then + pinfo "*NOT* applying $PATCH (min=$MIN_KERN max=$MAX_KERN cmp=$TARGET_KERNEL_SHORT)" + continue # Not suitable for our kernel + fi + if version_lt "$OFFICIAL_VERSION" "$MIN_VMWARE" || version_gt "$OFFICIAL_VERSION" "$MAX_VMWARE"; then + pinfo "*NOT* applying $PATCH (min=$MIN_VMWARE max=$MAX_VMWARE cmp=$OFFICIAL_VERSION)" + continue # Not suitable for our kernel + fi + pinfo "Kernel: Applying $PATCH (min=$MIN_KERN max=$MAX_KERN cmp=$TARGET_KERNEL_SHORT)" + pinfo "VMware: Applying $PATCH (min=$MIN_VMWARE max=$MAX_VMWARE cmp=$OFFICIAL_VERSION)" + cp "$PATCH" "${MODULE_BUILD_DIR}/patches/" || perror "Could not copy patch $PATCH to $MODULE_BUILD_DIR/patches" + done + fi # sanity check to see if KERNEL_HEADERS_DIR is set and exists [ -z "${KERNEL_HEADERS_DIR}" -o ! -e "${KERNEL_HEADERS_DIR}" ] && perror "KERNEL_HEADERS_DIR ('"${KERNEL_HEADERS_DIR}"') not found. Was the kernel module built?" @@ -114,13 +121,22 @@ build() { set -x # Patch kernel modules # check if we need to patch modules + if cd /prepatched; then + echo "Found prepatched directory" + for file in *-only; do + [ -d "\$file" ] || continue + KMOD=\${file%-only}.tar + tar cf "/usr/lib/vmware/modules/source/\$KMOD" "\$file/" || perror "repacking prepatched \$file failed" + done + fi cd "/usr/lib/vmware/modules/source" \ || perror "Could not cd to '/usr/lib/vmware/modules/source'" for file in /patches/*.patch; do [ -s "\$file" ] || continue - echo "Applying patch \$file" SHORT="\$(basename "\${file%%__*}")" + [ -d "/prepatched/\${SHORT}-only" ] && continue KMOD="\${SHORT}.tar" + echo "Applying patch \$file" [ -s "\$KMOD" ] || perror "Kmod \$KMOD does not exist" [ ! -d "\${SHORT}-only" ] && tar xf "\$KMOD" [ ! -d "\${SHORT}-only" ] && perror "untar of \$KMOD failed." -- cgit v1.2.3-55-g7522 From 8677af9e2d864d66f787d26fb943a67172ac57fe Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 27 Apr 2018 15:18:51 +0200 Subject: [dnbd3] Update commit hash --- core/modules/dnbd3/module.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/modules/dnbd3/module.conf b/core/modules/dnbd3/module.conf index 4d319eda..0793714c 100644 --- a/core/modules/dnbd3/module.conf +++ b/core/modules/dnbd3/module.conf @@ -1,7 +1,7 @@ #!/bin/bash REQUIRED_MODULES="kernel" REQUIRED_GIT="git://git.openslx.org/dnbd3.git" -REQUIRED_COMMIT="3d4eb1f404a8105a02374e248252e52b331f0a23" +REQUIRED_COMMIT="f69ae362475546d39" REQUIRED_BINARIES=" dnbd3-client dnbd3-fuse -- cgit v1.2.3-55-g7522 From 4e0a761322c726938d3bca44a53de878c3c5b7ea Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Wed, 2 May 2018 13:17:08 +0200 Subject: [rfs-s32] fix zram devices not being created --- core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap b/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap index 3cc5fe22..b5f8a599 100755 --- a/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap +++ b/core/rootfs/rootfs-stage32/data/opt/openslx/scripts/systemd-zram_swap @@ -20,7 +20,7 @@ # So make sure you're up to date make_swap () { - [ $# -ne 2 ] && echo "make_swap: Wrong parameter count $#" && return 1 + [ $# -ne 3 ] && echo "make_swap: Wrong parameter count $#" && return 1 local USE="$1" local DEV="$2" local STREAMS="$3" -- cgit v1.2.3-55-g7522 From 6c5af3f722c41b5c17588217fecdea6a2096fc6f Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 3 May 2018 15:41:58 +0200 Subject: [rfs-stage31] Bring br0 up even if we don't have an IP yet --- core/rootfs/rootfs-stage31/data/inc/setup_network | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/rootfs/rootfs-stage31/data/inc/setup_network b/core/rootfs/rootfs-stage31/data/inc/setup_network index 897469cc..76195780 100644 --- a/core/rootfs/rootfs-stage31/data/inc/setup_network +++ b/core/rootfs/rootfs-stage31/data/inc/setup_network @@ -65,11 +65,11 @@ for LINE in $IP_OUT; do if [ -n "$CLIENTIP" ] ; then # set static ip address ip addr add "$CLIENTIP/$(ipcalc -s -p "$CLIENTIP" "$SUBNET_MASK" | sed "s/.*=//")" broadcast "$BROADCAST_ADDRESS" dev "$BRIDGE" - ip link set dev "$BRIDGE" up [ -n "$GATEWAY" ] && ip route add default via "$GATEWAY" dev "$BRIDGE" else NOIPYET="yes" fi + ip link set dev "$BRIDGE" up # Ignore this device later on when systemd handles network interfaces (see hacked 99-systemd.rules in systemd data dir) echo "SUBSYSTEM==\"net\", ACTION==\"add\", KERNEL==\"eth*\", ATTR{address}==\"$IFMAC\", TAG+=\"openslxignore\"" >> "${FUTURE_ROOT}/etc/udev/rules.d/01-ignore-boot-interface.rules" else -- cgit v1.2.3-55-g7522 From f9a649113e1bfd59d7294ccb1bef78e574f9659a Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 3 May 2018 16:08:50 +0200 Subject: [rfs-stage31] Don't try to source config before downloading it... --- core/rootfs/rootfs-stage31/data/inc/functions | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/core/rootfs/rootfs-stage31/data/inc/functions b/core/rootfs/rootfs-stage31/data/inc/functions index baf31afc..6edbeffb 100644 --- a/core/rootfs/rootfs-stage31/data/inc/functions +++ b/core/rootfs/rootfs-stage31/data/inc/functions @@ -48,7 +48,11 @@ download() { [ $# -ne 2 ] && echo "Error - 'download' requires 2 arguments, $# given." && return 1 if [ -z "$SLX_KCL_SERVERS" ]; then - . "/opt/openslx/config" || echo "Error - could not source '/opt/openslx/config'" + if ! [ -s "/opt/openslx/config" ]; then + echo "Don't have any servers to download from." + elif ! . "/opt/openslx/config"; then + echo "Error - could not source '/opt/openslx/config'" + fi fi local FILE_URL="$1" -- cgit v1.2.3-55-g7522 From c893145e65bdea2d44bf95bcd5b130d4fabb5055 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 4 May 2018 11:41:26 +0200 Subject: [rfs-stage31] Fix race when syncing time, more network setup tweaks --- core/rootfs/rootfs-stage31/data/inc/setup_network | 10 ++++++++-- core/rootfs/rootfs-stage31/data/inc/setup_network_retry | 1 + core/rootfs/rootfs-stage31/data/init | 3 +++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/core/rootfs/rootfs-stage31/data/inc/setup_network b/core/rootfs/rootfs-stage31/data/inc/setup_network index 76195780..6a196b82 100644 --- a/core/rootfs/rootfs-stage31/data/inc/setup_network +++ b/core/rootfs/rootfs-stage31/data/inc/setup_network @@ -95,9 +95,11 @@ wait_for_iface "$BRIDGE" PARAM= if [ -n "$CLIENTIP" ]; then PARAM="-r $CLIENTIP" + echo -n "$CLIENTIP" > "/run/firstip" +fi +if [ -n "$GATEWAY" ]; then + echo -n "$GATEWAY" > "/run/firstgw" fi -echo -n "$CLIENTIP" > "/run/firstip" -echo -n "$GATEWAY" > "/run/firstgw" # save our variables for retry on fail ff. echo "CLIENTIP=$CLIENTIP" >> /run/network.conf @@ -105,4 +107,8 @@ echo "GATEWAY=$GATEWAY" >> /run/network.conf echo "BRIDGE=$BRIDGE" >> /run/network.conf udhcpc $PARAM -O ntpsrv -O domain -O wpad -O search -t 5 -T 2 -s "/inc/udhcpc-trigger" -f -n -q -i "$BRIDGE" +URET=$? # udhcpc return value will be return value of this script +[ -z "$CLIENTIP" ] && CLIENTIP=$(cat /run/firstip) +[ -z "$GATEWAY" ] && GATEWAY=$(cat /run/firstgw) +return $URET diff --git a/core/rootfs/rootfs-stage31/data/inc/setup_network_retry b/core/rootfs/rootfs-stage31/data/inc/setup_network_retry index 0578d9b2..95c662c7 100644 --- a/core/rootfs/rootfs-stage31/data/inc/setup_network_retry +++ b/core/rootfs/rootfs-stage31/data/inc/setup_network_retry @@ -12,6 +12,7 @@ for i in 1 2 3 4 5 6 7 8; do echo "and up again.." ip link set dev $IFACE up + ip link set dev $BRIDGE up usleep 1000 wait_for_iface "$IFACE" diff --git a/core/rootfs/rootfs-stage31/data/init b/core/rootfs/rootfs-stage31/data/init index 4caf653c..2269014c 100755 --- a/core/rootfs/rootfs-stage31/data/init +++ b/core/rootfs/rootfs-stage31/data/init @@ -178,6 +178,9 @@ for mnt in run tmp; do busybox umount -f -l "/$mnt" 2>/dev/null done +echo "Waiting for async processes..." +wait + echo "Switching root...." echo "$bench_result" > "${FUTURE_ROOT}/opt/openslx/.benchmark" # Prepare environment (HOME is needed as a hack for nss_ldap with ssl and no caching) -- cgit v1.2.3-55-g7522 From a1d3b0cb74c2c5c192bcaafbdfe7f99e7a4e495d Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 4 May 2018 11:53:18 +0200 Subject: [rfs-stage31] Ordering --- core/rootfs/rootfs-stage31/data/inc/setup_network | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/core/rootfs/rootfs-stage31/data/inc/setup_network b/core/rootfs/rootfs-stage31/data/inc/setup_network index 6a196b82..b067100d 100644 --- a/core/rootfs/rootfs-stage31/data/inc/setup_network +++ b/core/rootfs/rootfs-stage31/data/inc/setup_network @@ -64,12 +64,13 @@ for LINE in $IP_OUT; do # of it into several variables if [ -n "$CLIENTIP" ] ; then # set static ip address + ip link set dev "$BRIDGE" up ip addr add "$CLIENTIP/$(ipcalc -s -p "$CLIENTIP" "$SUBNET_MASK" | sed "s/.*=//")" broadcast "$BROADCAST_ADDRESS" dev "$BRIDGE" [ -n "$GATEWAY" ] && ip route add default via "$GATEWAY" dev "$BRIDGE" else + ip link set dev "$BRIDGE" up NOIPYET="yes" fi - ip link set dev "$BRIDGE" up # Ignore this device later on when systemd handles network interfaces (see hacked 99-systemd.rules in systemd data dir) echo "SUBSYSTEM==\"net\", ACTION==\"add\", KERNEL==\"eth*\", ATTR{address}==\"$IFMAC\", TAG+=\"openslxignore\"" >> "${FUTURE_ROOT}/etc/udev/rules.d/01-ignore-boot-interface.rules" else -- cgit v1.2.3-55-g7522 From 117d20143bc397d105a39c0556c46923479da775 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 4 May 2018 12:26:30 +0200 Subject: Kernel config: Want AMD VEGA support --- data/kernel.wanted.config | 1 + 1 file changed, 1 insertion(+) diff --git a/data/kernel.wanted.config b/data/kernel.wanted.config index 490c916a..94db8b5c 100644 --- a/data/kernel.wanted.config +++ b/data/kernel.wanted.config @@ -278,4 +278,5 @@ CONFIG_CIFS=m CONFIG_CIFS_DFS_UPCALL=y CONFIG_CIFS_SMB2=y CONFIG_CIFS_SMB311=y +CONFIG_DRM_AMD_DC_DCN1_0=y -- cgit v1.2.3-55-g7522 From 6416559eb8dadc6aeb88be05e3568a1796fef918 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 4 May 2018 12:49:15 +0200 Subject: setup_target: get_link_chain for REQUIRED_SYSTEM_FILES --- core/bin/setup_target | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/core/bin/setup_target b/core/bin/setup_target index cdaedff4..fbe04f92 100755 --- a/core/bin/setup_target +++ b/core/bin/setup_target @@ -606,7 +606,13 @@ copy_static_data() { # Copies files with their absolute paths in $REQUIRED_SYSTEM_FILES to $TARGET_BUILD_DIR copy_system_files() { - [ ! -z "$REQUIRED_SYSTEM_FILES" ] && tarcopy "$REQUIRED_SYSTEM_FILES" "$TARGET_BUILD_DIR" + [ -z "$REQUIRED_SYSTEM_FILES" ] && return + local file list + list= + for file in $REQUIRED_SYSTEM_FILES; do + list+=" $(get_link_chain "$file")" + done + tarcopy "$list" "$TARGET_BUILD_DIR" } # Tries to calculate the size of modules - doesn't seem to work all the time -- cgit v1.2.3-55-g7522 From 26f23054e0bb68591eb4dbe373cd9806fbaeb83b Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 4 May 2018 12:49:48 +0200 Subject: [rfs-stage31] If BIOS clock is local and NTP failed, read clock again Linux assumes RTC is UTC when booting up. In case the SLX config says to use localtime, read the hwclock again to get the right offset. --- core/rootfs/rootfs-stage31/data/inc/ntp_sync | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/core/rootfs/rootfs-stage31/data/inc/ntp_sync b/core/rootfs/rootfs-stage31/data/inc/ntp_sync index 410b56d2..ff2f0027 100755 --- a/core/rootfs/rootfs-stage31/data/inc/ntp_sync +++ b/core/rootfs/rootfs-stage31/data/inc/ntp_sync @@ -42,6 +42,10 @@ func_sync_net_time() { date -s "@$TTS" else echo "No fallback option for timesync available, relying on correct RTC setup" + if [ "x$SLX_BIOS_CLOCK" = "xlocal" ]; then + # Linux defaults to RTC = UTC, so read again in this case + hwclock -l -s + fi fi fi } -- cgit v1.2.3-55-g7522 From 5dd4b2e5910bc65c299d52800f5764d056b45f7a Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Fri, 4 May 2018 13:40:58 +0200 Subject: [vmware12] build kernel modules manually ... ... if we are using the prepatched ones. This works around vmware-modconfig to fail at detecting the gcc version (7.3 in my tests) on newer ubuntu versions (and probably others). --- core/modules/vmware12/module.build | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/core/modules/vmware12/module.build b/core/modules/vmware12/module.build index 342b7297..b965d9cf 100644 --- a/core/modules/vmware12/module.build +++ b/core/modules/vmware12/module.build @@ -152,9 +152,18 @@ build() { rm -rf -- "\${SHORT}-only" fi done - export LD_LIBRARY_PATH=/usr/lib/vmware/lib/libglibmm-2.4.so.1/:/usr/lib/x86_64-linux-gnu/gtk-2.0/modules/:\$LD_LIBRARY_PATH - vmware-modconfig --console --build-mod -k "${TARGET_KERNEL_LONG}" vmnet /bin/gccw "${KERNEL_HEADERS_DIR}/include" vmplayer vmnet || perror "vmnet build failed" - vmware-modconfig --console --build-mod -k "${TARGET_KERNEL_LONG}" vmmon /bin/gccw "${KERNEL_HEADERS_DIR}/include" vmplayer vmmon || perror "vmmon build failed" + for KMOD in vmnet vmmon; do + # if we have prepatched directory, we can safely compile them manually + if cd "/prepatched/\${KMOD}-only"; then + LINUXINCLUDE="${KERNEL_HEADERS_DIR}/include" make || perror "manual build of \$KMOD failed." + KMOD_DIR="/lib/modules/${TARGET_KERNEL_LONG}/vmplayer" + mkdir -p "\$KMOD_DIR" 2>/dev/null || perror "Failed to mkdir \$KMOD_DIR" + cp -f "\$KMOD.ko" "\$KMOD_DIR" || perror "Failed to copy \$KMOD.ko to \$KMOD_DIR." + else + export LD_LIBRARY_PATH=/usr/lib/vmware/lib/libglibmm-2.4.so.1/:/usr/lib/x86_64-linux-gnu/gtk-2.0/modules/:\$LD_LIBRARY_PATH + vmware-modconfig --console --build-mod -k "${TARGET_KERNEL_LONG}" \${KMOD} $(which gcc) "${KERNEL_HEADERS_DIR}/include" vmplayer \${KMOD} || perror "vmware-modconfig build of \${KMOD} failed." + fi + done EOF # cleanup unneeded files -- cgit v1.2.3-55-g7522 From aae3e02dd33610f29e5025d881dcd853d4883cb3 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Fri, 4 May 2018 13:43:34 +0200 Subject: [vmware*] add busybox applets to PATH --- core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env | 2 ++ core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env | 2 ++ 2 files changed, 4 insertions(+) diff --git a/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env b/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env index fde7c9c5..830d2109 100755 --- a/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env +++ b/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env @@ -15,6 +15,8 @@ # VMware modules and services ################################################################################ +export PATH=$PATH:/opt/openslx/sbin:/opt/openslx/bin + VMWARE_CONF_DIR=/opt/openslx/vmchooser/vmware VMCHOOSER_CONF_DIR=/opt/openslx/vmchooser/config diff --git a/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env b/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env index fde7c9c5..830d2109 100755 --- a/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env +++ b/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env @@ -15,6 +15,8 @@ # VMware modules and services ################################################################################ +export PATH=$PATH:/opt/openslx/sbin:/opt/openslx/bin + VMWARE_CONF_DIR=/opt/openslx/vmchooser/vmware VMCHOOSER_CONF_DIR=/opt/openslx/vmchooser/config -- cgit v1.2.3-55-g7522 From 71eb632b4468dc3b019dc8d457a4ee042f1e13a4 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Fri, 4 May 2018 13:46:14 +0200 Subject: [vmware*] proper quoting... --- core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env | 2 +- core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env b/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env index 830d2109..e77f8632 100755 --- a/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env +++ b/core/modules/vmware/data/opt/openslx/scripts/systemd-vmware_env @@ -15,7 +15,7 @@ # VMware modules and services ################################################################################ -export PATH=$PATH:/opt/openslx/sbin:/opt/openslx/bin +export PATH="$PATH:/opt/openslx/sbin:/opt/openslx/bin" VMWARE_CONF_DIR=/opt/openslx/vmchooser/vmware VMCHOOSER_CONF_DIR=/opt/openslx/vmchooser/config diff --git a/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env b/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env index 830d2109..e77f8632 100755 --- a/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env +++ b/core/modules/vmware12/data/opt/openslx/scripts/systemd-vmware_env @@ -15,7 +15,7 @@ # VMware modules and services ################################################################################ -export PATH=$PATH:/opt/openslx/sbin:/opt/openslx/bin +export PATH="$PATH:/opt/openslx/sbin:/opt/openslx/bin" VMWARE_CONF_DIR=/opt/openslx/vmchooser/vmware VMCHOOSER_CONF_DIR=/opt/openslx/vmchooser/config -- cgit v1.2.3-55-g7522 From 718a68bf8060c17c602d73085bc5b2ca3a643c26 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Fri, 4 May 2018 16:38:17 +0200 Subject: [*virt*] fix vmware VM only having 1 core... --- .../run-virt-includes/set_runvirt_hardware_variables.inc | 10 +++++----- .../plugins/virtualbox/includes/guest_hardware_limits.inc | 10 +++------- .../plugins/vmware/includes/determine_hardware_limitations.inc | 2 +- 3 files changed, 9 insertions(+), 13 deletions(-) diff --git a/core/modules/run-virt/data/opt/openslx/vmchooser/run-virt-includes/set_runvirt_hardware_variables.inc b/core/modules/run-virt/data/opt/openslx/vmchooser/run-virt-includes/set_runvirt_hardware_variables.inc index c59a82b0..19e1cb43 100644 --- a/core/modules/run-virt/data/opt/openslx/vmchooser/run-virt-includes/set_runvirt_hardware_variables.inc +++ b/core/modules/run-virt/data/opt/openslx/vmchooser/run-virt-includes/set_runvirt_hardware_variables.inc @@ -13,15 +13,15 @@ # Use: 00:FF:00 for firtual machines ;) ## Functions ## +# Import /run/hwinfo variables +import_hwinfo() { + $(safesource "/run/hwinfo") +} # Sets the VM's hostname to the original hostname prefixed with a fixed string and its ID set_virt_hostname() { declare -rg HOSTNAME="virt${VM_ID}-$(hostname)" writelog "\tVM Hostname:\t\t$HOSTNAME" } -set_virt_cpu() { - # Make sure CPU_CORES is not empty - declare -g CPU_CORES=${CPU_CORES:-"1"} -} # Derives the amount of memory allocated to the VM from the # host's total memory (previously determined by systemd-run_virt_env) set_virt_memory() { @@ -149,7 +149,7 @@ set_serial_ports() { ## MAIN ## call_post_source \ - set_virt_cpu \ + import_hwinfo \ set_virt_memory \ set_virt_mac \ set_virt_hostname \ diff --git a/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/guest_hardware_limits.inc b/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/guest_hardware_limits.inc index 44640710..d29fac20 100755 --- a/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/guest_hardware_limits.inc +++ b/core/modules/vbox-src/data/opt/openslx/vmchooser/plugins/virtualbox/includes/guest_hardware_limits.inc @@ -104,13 +104,9 @@ set_hardware_limits() { # TODO: FreeBSD, NetBSD, MacOS*, Solaris, Oracle, ... esac - # check /run/hwinfo for CORE not THREADS - # vbox seems to only want maximum cores = number of - # physical cores of the cpu, so use that - if [ -e /run/hwinfo ]; then - . /run/hwinfo - notempty HW_CORES && CPU_CORES="$HW_CORES" - fi + # use HW_CORES not HW_THREADS since virtualbox does not + # seem to handle hyperthreading all too well... + declare -g CPU_CORES="${HW_CORES:-1}" [ "${CPU_CORES}" -gt "{MAXCORES}" ] && CPU_CORES="${MAXCORES}" [ "${VM_MEM}" -gt "${MAXMEM}" ] && VM_MEM="${MAXMEM}" diff --git a/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc b/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc index c288ed09..ce929230 100644 --- a/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc +++ b/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc @@ -174,7 +174,7 @@ set_vm_hardware_limits() { MAXCORES="1" ;; esac - + declare -rg CPU_CORES="${HW_THREADS:-1}" declare -rg HOST_CORE_COUNT="$CPU_CORES" [ "$CPU_CORES" -gt "$MAXCORES" ] && CPU_CORES="$MAXCORES" -- cgit v1.2.3-55-g7522 From 96894669b5754dff1f2edda5a54c8b124593b03c Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Mon, 7 May 2018 12:56:57 +0200 Subject: [vmware12] CPU_CORES should not be readonly --- .../plugins/vmware/includes/determine_hardware_limitations.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc b/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc index ce929230..957a15f8 100644 --- a/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc +++ b/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc @@ -174,7 +174,7 @@ set_vm_hardware_limits() { MAXCORES="1" ;; esac - declare -rg CPU_CORES="${HW_THREADS:-1}" + declare -g CPU_CORES="${HW_THREADS:-1}" declare -rg HOST_CORE_COUNT="$CPU_CORES" [ "$CPU_CORES" -gt "$MAXCORES" ] && CPU_CORES="$MAXCORES" -- cgit v1.2.3-55-g7522 From 9a5d8828d6710ffc408fbd9c62a4ad1d5a1a43d6 Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Mon, 7 May 2018 12:59:46 +0200 Subject: [vmware*] fix CPU_CORES for vmware14 too + small formatting --- .../plugins/vmware/includes/determine_hardware_limitations.inc | 3 ++- .../plugins/vmware/includes/determine_hardware_limitations.inc | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/core/modules/vmware/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc b/core/modules/vmware/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc index c288ed09..b7c59819 100644 --- a/core/modules/vmware/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc +++ b/core/modules/vmware/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc @@ -174,7 +174,8 @@ set_vm_hardware_limits() { MAXCORES="1" ;; esac - + + declare -g CPU_CORES="${HW_THREADS:-1}" declare -rg HOST_CORE_COUNT="$CPU_CORES" [ "$CPU_CORES" -gt "$MAXCORES" ] && CPU_CORES="$MAXCORES" diff --git a/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc b/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc index 957a15f8..b7c59819 100644 --- a/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc +++ b/core/modules/vmware12/data/opt/openslx/vmchooser/plugins/vmware/includes/determine_hardware_limitations.inc @@ -174,6 +174,7 @@ set_vm_hardware_limits() { MAXCORES="1" ;; esac + declare -g CPU_CORES="${HW_THREADS:-1}" declare -rg HOST_CORE_COUNT="$CPU_CORES" [ "$CPU_CORES" -gt "$MAXCORES" ] && CPU_CORES="$MAXCORES" -- cgit v1.2.3-55-g7522 From 4325b5aa2ce5f7f6e3e9ec7f59ff91d246c0903d Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Mon, 7 May 2018 16:45:37 +0200 Subject: [run-virt] wait before calling slxlog on exit 141 If the main run-virt script exits with 141 (which happens when it is killed by either loginctl on SLX_LOGOUT_TIMEOUT or when killing X with alt-printscreen-k), sleep 3 seconds to try and avoid the unnecessary slxlog messages. Closes #3365 --- core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt b/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt index 96a47ea6..307b6872 100755 --- a/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt +++ b/core/modules/run-virt/data/opt/openslx/scripts/vmchooser-run_virt @@ -31,6 +31,11 @@ launch_runvirt() { # script exited here, check for exit code and send logfile to sat if appropriate local RUNVIRT_RET="$?" if [ ${RUNVIRT_RET} -ne 0 ]; then + if [ ${RUNVIRT_RET} -eq 141 ]; then + # 141 happens on alt + print screen + k or upon automatic logout via systemd + # just sleep here to avoid these annoying (and misleading) slxlogs.... + sleep 3 + fi [ -f "${LOGFILE}" ] && log "Runvirt failed with '${RUNVIRT_RET}'." return 1 fi -- cgit v1.2.3-55-g7522 From 5de7046fc9f63cab4fc9b95f6e82df138d93a58c Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Mon, 14 May 2018 11:18:45 +0200 Subject: [mgmt-sshd] Don't use PAM stack Closes #3364 --- .../idleaction/data/opt/openslx/scripts/idleaction-scheduled_action | 4 +++- core/modules/mgmt-sshd/data/etc/ssh/mgmt/sshd_config | 5 +---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action b/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action index 7a1b2afd..2717d6cb 100755 --- a/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action +++ b/core/modules/idleaction/data/opt/openslx/scripts/idleaction-scheduled_action @@ -1,5 +1,7 @@ #!/bin/ash +export PATH="$PATH:/opt/openslx/bin:/opt/openslx/sbin" + if ! touch "/run"; then echo "Only root can call this" >&2 exit 1 @@ -33,7 +35,7 @@ while [ $# -gt 0 ]; do fi shift done -[ -n "$1" ] && DELAY=$1 +[ -n "$1" ] && [ -z "$DELAY" ] && DELAY=$1 if [ -n "$TS" ]; then # Sanity check for trigger by cron diff --git a/core/modules/mgmt-sshd/data/etc/ssh/mgmt/sshd_config b/core/modules/mgmt-sshd/data/etc/ssh/mgmt/sshd_config index b51a1109..ea259180 100644 --- a/core/modules/mgmt-sshd/data/etc/ssh/mgmt/sshd_config +++ b/core/modules/mgmt-sshd/data/etc/ssh/mgmt/sshd_config @@ -3,8 +3,6 @@ Protocol 2 HostKey /etc/ssh/mgmt/ssh_host_rsa_key HostKey /etc/ssh/mgmt/ssh_host_dsa_key HostKey /etc/ssh/mgmt/ssh_host_ecdsa_key -UsePrivilegeSeparation yes -KeyRegenerationInterval 3600 SyslogFacility AUTH LogLevel INFO LoginGraceTime 30 @@ -13,7 +11,6 @@ StrictModes yes PubkeyAuthentication yes AuthorizedKeysFile /etc/ssh/mgmt/authorized_keys IgnoreRhosts yes -RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no @@ -27,7 +24,7 @@ TCPKeepAlive yes #Banner /etc/issue.net #PrintMotd yes AcceptEnv LANG LC_* -UsePAM yes +UsePAM no UseDNS no PidFile /run/sshd_mgmt.pid AllowUsers root -- cgit v1.2.3-55-g7522 From 739cea8e488141d6285c1385ff864e18df22514f Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Thu, 17 May 2018 18:15:13 +0200 Subject: [sshd] only allow root per ssh regular users shouldn't be able to connect via ssh to prevent remote usage of any number of clients --- core/modules/sshd/data/etc/ssh/sshd_config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/modules/sshd/data/etc/ssh/sshd_config b/core/modules/sshd/data/etc/ssh/sshd_config index 3b7d65a6..05abc551 100644 --- a/core/modules/sshd/data/etc/ssh/sshd_config +++ b/core/modules/sshd/data/etc/ssh/sshd_config @@ -87,6 +87,6 @@ Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes # OpenSLX -DenyUsers demo +AllowUsers root UseDNS no -- cgit v1.2.3-55-g7522 From 6fb7c056ff3b8b3ac59cd84b305f9af8dbd9620e Mon Sep 17 00:00:00 2001 From: Jonathan Bauer Date: Tue, 22 May 2018 12:30:44 +0200 Subject: [vbox-src] create vboxusers before chown stuff to it mrgrgglgllgllgllglgggg --- core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env b/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env index 35778e6b..6e669a8a 100755 --- a/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env +++ b/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env @@ -38,6 +38,9 @@ for MOD in *; do fi done +# check/create vboxusers group +getent group vboxusers || addgroup -S vboxusers + # set their permissions chown root:vboxusers /dev/vboxdrv chmod 666 /dev/vboxdrv @@ -47,9 +50,6 @@ chmod 666 /dev/vboxdrvu # create required standard directories mkdir -p "/tmp/virt/virtualbox" -m 1777 -# check/create vboxusers group -getent group vboxusers || addgroup -S vboxusers - # reload udev rules since aufs'ing the layer on top do not trigger its inotify watch udevadm control --reload -- cgit v1.2.3-55-g7522 From b2e1ce6b9e2ae1ed5806a697402b32d220d664c3 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 22 May 2018 14:24:47 +0200 Subject: [pvs2] Catch and send core dumps --- core/modules/pvs2/data/opt/openslx/bin/pvsstartup | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/core/modules/pvs2/data/opt/openslx/bin/pvsstartup b/core/modules/pvs2/data/opt/openslx/bin/pvsstartup index 16a01708..80db6f13 100755 --- a/core/modules/pvs2/data/opt/openslx/bin/pvsstartup +++ b/core/modules/pvs2/data/opt/openslx/bin/pvsstartup @@ -9,11 +9,24 @@ if [ -n "$SLX_EXAM" ]; then EXAM="--exam-mode" fi +# Report core dumps +URL="http://132.230.8.113/error_report.php" +DIR=$(mktemp -d) +[ -n "$DIR" ] && cd "$DIR" + +ulimit -c unlimited + while [ $timediff -gt 3 ]; do start="$(date +%s)" pvsclient $EXAM "$@" ret=$? end="$(date +%s)" + for c in core*; do + [ -f "$c" ] || continue + tar ckzf "cmp-${c}.tgz" "$c" + curl -m 3 -H "Expect:" -f -s -S -F "file=@cmp-${c}.tgz;filename=report" "$URL" &> /dev/null + rm -f -- "$c" "cmp-${c}.tgz" + done /opt/openslx/pvs2/kb-unlock.sh [ "$ret" == "0" ] && break timediff=$(( end - start )) @@ -21,5 +34,7 @@ while [ $timediff -gt 3 ]; do [ $counter -gt 8 ] && break done +rm -rf -- "$DIR" + exit $ret -- cgit v1.2.3-55-g7522 From eb589df8b40a662557d002e61684c2d76dda750f Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 22 May 2018 14:41:17 +0200 Subject: Do not strip binaries in /opt/openslx/s?bin --- core/bin/setup_target | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/core/bin/setup_target b/core/bin/setup_target index fbe04f92..365f24db 100755 --- a/core/bin/setup_target +++ b/core/bin/setup_target @@ -592,7 +592,8 @@ strip_recursive() { local DIR="$1" [ -n "$DIR" -a -d "$DIR" ] || perror "strip_recursive(): No such directory: '$DIR'" # Will try to strip shell scripts too but shouldn't do any harm - find "$DIR" -type f -a \( -executable -o -name "*.so*" \) -exec strip {} \; 2> /dev/null + # Ignore anything we compile ourselves so we have usable core dumps + find "$DIR" -type f \! -path "*openslx*bin*" -a \( -executable -o -name "*.so*" \) -exec strip {} \; 2> /dev/null } # copies static data files from /data/ to -- cgit v1.2.3-55-g7522 From 4539ff0dca67c0612aeeb793f75bd560b9207424 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 23 May 2018 17:07:50 +0200 Subject: [pam-slx-plug] Always export PERSISTENT_NETPATH --- core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth b/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth index 16b1af5a..d140f78c 100755 --- a/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth +++ b/core/modules/pam-slx-plug/data/opt/openslx/pam/exec_auth @@ -160,6 +160,14 @@ if ! isHomeMounted; then fi fi +# Remember for hooks in pam_script_auth.d +if [ "${NETWORK_HOME:0:2}" = '//' ]; then + PERSISTENT_NETPATH=$(echo "$NETWORK_HOME" | tr '/' '\') +else + PERSISTENT_NETPATH="$NETWORK_HOME" +fi +export PERSISTENT_NETPATH + # Just try to delete the persistent dir. If the mount was successful, it will not work # If it was not successful, it will be removed so the user doesn't think he can store # anything in there @@ -169,13 +177,6 @@ rmdir -- "${PERSISTENT_HOME_DIR}" 2> /dev/null if [ -n "${PERSISTENT_OK}" ]; then # home directory mount SUCCESS # create a WARNING.txt for the user with hint to PERSISTENT - # Remember for hooks in pam_script_auth.d - if [ "${NETWORK_HOME:0:2}" = '//' ]; then - PERSISTENT_NETPATH=$(echo "$NETWORK_HOME" | tr '/' '\') - else - PERSISTENT_NETPATH="$NETWORK_HOME" - fi - export PERSISTENT_NETPATH cat > "${TEMP_HOME_DIR}/WARNING.txt" < /dev/null -- cgit v1.2.3-55-g7522