From d61ad95c7690155a18b2abd39bf8df37e9a02908 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 14 Jun 2013 13:32:45 +0200
Subject: ldconfig: Include system's default paths

---
 remote/setup_target | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'remote/setup_target')

diff --git a/remote/setup_target b/remote/setup_target
index b0565550..54ed0cb0 100755
--- a/remote/setup_target
+++ b/remote/setup_target
@@ -314,7 +314,12 @@ post_process_target() {
 		rm -r "${TARGET_BUILD_DIR}/lib/systemd"
 	fi
 
-	ldconfig -r "${TARGET_BUILD_DIR}"
+	# figure out all relevant ld-paths
+	local LDTEMP="$TARGET_BUILD_DIR/ldconf-temp"
+	grep -h '^\s*/' /etc/ld.so.conf /etc/ld.so.conf.d/* > "$LDTEMP"
+	# TODO: Echo other stuff to $LDTEMP (but figure out if first or last match wins)
+	ldconfig -v -r "${TARGET_BUILD_DIR}" -f "/ldconf-temp"
+	unlink "$LDTEMP"
 
 }
 
-- 
cgit v1.2.3-55-g7522


From e2e77e7cb056f353a6189a53df6e10952d2036d4 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Thu, 20 Jun 2013 00:17:23 +0200
Subject: new option for remote mode '-n' to mount local builds
 (remote/builds/) to /export/builds

---
 mltk                | 22 +++++++++++++++-------
 remote/setup_target |  9 ++++++++-
 2 files changed, 23 insertions(+), 8 deletions(-)

(limited to 'remote/setup_target')

diff --git a/mltk b/mltk
index a42f46f0..b0243c8d 100755
--- a/mltk
+++ b/mltk
@@ -133,7 +133,7 @@ read_params() {
 	case "$1" in
 		server)
 			MODE="SERVER"
-			[ "$#" -lt "2" ] && perror "Missing argument to -s (expecting remote host)"
+			[ "$#" -lt "2" ] && perror "Missing argument to server-mode flag 'server' (expecting remote host)"
 			REMOTE_IP="$2"
 			shift
 			;;
@@ -149,11 +149,11 @@ read_params() {
 	shift
 
 	# A target represents a set of modules to be build for a specific stage.
-	# i.e. a very basic stage31 includes:
+	# i.e. a very basic stage31 target should includes:
 	#	- busybox
 	#	- kernel
 	#	- rootfs-stage31
-	# a basic stage32 would also contain these and additionally:
+	# a basic stage32 target could add:
 	#	- systemd
 	#	- dbus
 	#	- pam
@@ -165,7 +165,7 @@ read_params() {
 	if [[ $1 != "-"* ]]; then
 		TARGET=$1
 		shift
-	elif [[ $1 != "-s" ]]; then
+	elif [[ $1 != "-s" ]] && [[ $1 != "-n" ]]; then
 		perror "A target is required. None given."
 	fi
 
@@ -205,13 +205,20 @@ read_params() {
 					;;
 				-e)	
 					[ "$#" -lt "1" ] && perror "Missing argument to -e"
-					[ "$MODE" != "SERVER" ] && perror "-e can only be used in server mode"
 					[[ "stage31|stage32|addons" != *"$1"* ]] && perror "Wrong type specified. Muste be either 'stage31', 'stage32' or 'addons'" 
 					SERVER_EXPORT="1"
 					SERVER_EXPORT_TYPE="$1"
 					shift
 					continue
 					;;
+				-n)
+					if [ "$MODE" == "REMOTE" ]; then
+						[ "x" != "x$1" ] && perror "'-n' accepts no parameters. Given: $1"
+						REMOTE_EXPORT="1"
+					fi
+					shift
+					continue
+					;;
 				*)
 					pwarning "Unknown flag to target: $PARAM"
 					print_usage
@@ -230,15 +237,16 @@ read_params() {
 	
 	# exit if no command
 	
-	[[ $SERVER_CLEAN == 0 && $SERVER_EXPORT == 0 && $REMOTE_CLEAN == 0 && $REMOTE_BUILD == 0 && $SERVER_SYNC == 0 ]] && print_usage && exit 1
+	[[ $SERVER_CLEAN == 0 && $SERVER_EXPORT == 0 && $REMOTE_CLEAN == 0 && $REMOTE_BUILD == 0 && $SERVER_SYNC == 0 && $REMOTE_EXPORT == 0 ]] && print_usage && exit 1
 }
 
 run() {
-	if [[ $REMOTE_CLEAN == 1 || $REMOTE_BUILD == 1 ]]; then
+	if [[ $REMOTE_CLEAN == 1 || $REMOTE_BUILD == 1 || $REMOTE_EXPORT == 1 ]]; then
 		[[ $REMOTE_DEBUG == 1 ]] && unset_quiet || set_quiet
 		. "${REMOTE_SETUP_TARGET}" || perror "Cannot source ${REMOTE_SETUP_TARGET}"
 	        [[ $REMOTE_CLEAN == 1 ]] && clean_modules $TARGET $REMOTE_LIST_CLEAN
 	        [[ $REMOTE_BUILD == 1 ]] && generate_target $TARGET $REMOTE_LIST_BUILD
+		[[ $REMOTE_EXPORT == 1 ]] && export_builds
 	fi
 	if [[ $SERVER_CLEAN == 1 || $SERVER_EXPORT == 1 || $SERVER_SYNC == 1 ]]; then
 		[[ $SERVER_DEBUG == 1 ]] && unset_quiet || set_quiet
diff --git a/remote/setup_target b/remote/setup_target
index 54ed0cb0..d193638a 100755
--- a/remote/setup_target
+++ b/remote/setup_target
@@ -53,7 +53,7 @@
 #
 MODE_DIR="${ROOT_DIR}/remote"
 MODULES_DIR="${MODE_DIR}/modules"
-
+EXPORT_DIR="/export/build"
 # Keep track of processed modules
 PROCESSED_MODULES=""
 
@@ -93,6 +93,13 @@ read_build () {
 	. "${BUILD_SCRIPT}" || perror "Sourcing '${BUILD_SCRIPT}' failed."
 }
 
+export_builds() {
+	[ ! -d "${MODE_DIR}/builds" ] && perror "No ${MODE_DIR}/builds, nothing to export."
+	pinfo "Mounting ${MODE_DIR}/builds to ${EXPORT_DIR}. This will make the local builds syncable from another machine."
+        [ ! -d "${EXPORT_DIR}" ] && mkdir -p "${EXPORT_DIR}"
+        mount --bind ${MODE_DIR}/builds ${EXPORT_DIR} || perror "Failed to bind mount ${MODE_DIR}/builds to ${EXPORT_DIR}"
+}
+
 #
 # main function which copies all files, directories, binaries and external libraries to TARGET_BUILD_DIR
 #
-- 
cgit v1.2.3-55-g7522


From d1010614fea8d05a267a9fa188be0b54dc851447 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 20 Jun 2013 12:20:44 +0200
Subject: [pam] Add missing content packages [redsocks] fix path of redsocks
 binary, exclude proxy IP from redirection

---
 remote/modules/pam/pam.build                              | 15 ++++++++++-----
 remote/modules/pam/pam.conf                               |  9 +++++++++
 .../redsocks/data/etc/systemd/system/redsocks.service     |  2 +-
 remote/modules/redsocks/data/opt/openslx/bin/setup_proxy  |  1 +
 remote/setup_target                                       |  2 ++
 5 files changed, 23 insertions(+), 6 deletions(-)

(limited to 'remote/setup_target')

diff --git a/remote/modules/pam/pam.build b/remote/modules/pam/pam.build
index 60e18414..d3c0dd88 100644
--- a/remote/modules/pam/pam.build
+++ b/remote/modules/pam/pam.build
@@ -5,7 +5,9 @@ fetch_source() {
 build() {
 	mkdir -p "$MODULE_BUILD_DIR/opt/openslx/bin"
 	gcc -o "$MODULE_BUILD_DIR/opt/openslx/bin/sslconnect" "$MODULE_DIR/sslconnect.c" -lssl -lcrypto -O3 || perror "Could not compile sslconnect.c"
-	tarcopy "$(list_packet_files | sort -u)" "${MODULE_BUILD_DIR}"	
+	local COPYLIST="$MODULE_BUILD_DIR/list_packet_files"
+	list_packet_files | sort -u > "$COPYLIST"
+	tarcopy "$(cat "$COPYLIST")" "${MODULE_BUILD_DIR}"
 }
 
 post_copy() {	
@@ -14,10 +16,13 @@ post_copy() {
 	fi
 	
 	# find libnfsidmap run-time library directory
-	SEARCH=$(dirname "$(list_packet_files | sort -u | grep "/libsnfsidmap/"|head -1)")
-	if [ -d "${SEARCH}" ]; then
-		tarcopy "${SEARCH}" "${TARGET_BUILD_DIR}" || pinfo "Something went wrong copying $SEARCH"
-	fi
+	#local COPYLIST="$MODULE_BUILD_DIR/list_packet_files"
+	#local SEARCH=$(grep "/libsnfsidmap/" "$COPYLIST" | head -1)
+	#[ -z "$SEARCH" ] && perror "Hä"
+	#SEARCH=$(dirname "$SEARCH")
+	#if [ -d "${SEARCH}" ]; then
+	#	tarcopy "${SEARCH}" "${TARGET_BUILD_DIR}" || pinfo "Something went wrong copying $SEARCH"
+	#fi
 
 	
 }
diff --git a/remote/modules/pam/pam.conf b/remote/modules/pam/pam.conf
index f932749c..bbdd610f 100644
--- a/remote/modules/pam/pam.conf
+++ b/remote/modules/pam/pam.conf
@@ -8,6 +8,7 @@ REQUIRED_INSTALLED_PACKAGES="
 	libssl-dev
 	ldap-utils
 	libnfsidmap2
+	nfs-common
 "
 REQUIRED_CONTENT_PACKAGES="
 	libpam0g
@@ -22,7 +23,9 @@ REQUIRED_CONTENT_PACKAGES="
 	krb5-config
 	libpam-krb5
 	libpam-mount
+	ldap-utils
 	libnfsidmap2
+	nfs-common
 "
 REQUIRED_BINARIES="
 	rpc.gssd
@@ -36,6 +39,12 @@ REQUIRED_BINARIES="
 	umount.crypto_LUKS
 	ldapsearch
 "
+REQUIRED_LIBRARIES="
+	nsswitch
+	static
+	umich_ldap
+	libnfsidmap
+"
 REQUIRED_DIRECTORIES="
 	/lib
 	/usr/lib
diff --git a/remote/modules/redsocks/data/etc/systemd/system/redsocks.service b/remote/modules/redsocks/data/etc/systemd/system/redsocks.service
index 6f207586..4b30d09e 100644
--- a/remote/modules/redsocks/data/etc/systemd/system/redsocks.service
+++ b/remote/modules/redsocks/data/etc/systemd/system/redsocks.service
@@ -4,6 +4,6 @@ Description=Transparent redirector of any TCP connection to proxy using your fir
 [Service]
 Type=forking
 PIDFile=/run/redsocks.pid
-ExecStart=/bin/redsocks -c /etc/redsocks.conf -p /run/redsocks.pid
+ExecStart=/sbin/redsocks -c /etc/redsocks.conf -p /run/redsocks.pid
 ExecStopPost=/bin/rm /run/redsocks.pid
 Restart=on-abort
diff --git a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy b/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
index 8fa5721c..5dc22a14 100755
--- a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
+++ b/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
@@ -20,6 +20,7 @@ sed -i "s/%%PROXY_IP%%/$SLX_PROXY_IP/g;s/%%PROXY_PORT%%/$SLX_PROXY_PORT/g;s/%%PR
 systemctl start redsocks
 
 iptables -t nat -N REDSOCKS
+iptables -t nat -A REDSOCKS -d "$SLX_PROXY_IP" -j RETURN
 iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
 iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
 iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
diff --git a/remote/setup_target b/remote/setup_target
index d193638a..da4b7701 100755
--- a/remote/setup_target
+++ b/remote/setup_target
@@ -135,6 +135,8 @@ copy_files_with_deps () {
 			else
 				pdebug "\tFound ${FILENAME} at ${FILE}"
 			fi
+		elif [ "$(echo $FILE_CANDIDATES | wc -w)" -eq 0 ]; then
+			perror "Could not find required binary $FILENAME"
 		else
 			# one candidate
 			FINAL_LIST=${FILE_CANDIDATES}
-- 
cgit v1.2.3-55-g7522