[CA-43971]: Adding the tool to generate the pool secret, including

the init-script to fire it off on boot.

Signed-off-by: Magnus Therning <magnus.therning@citrix.com>

diff --git a/OMakefile b/OMakefile
index 6bc2d683b3156c86def45da03e40638487cd944b..6c9db009bb7c844347d1fa077927d6054c3d01d8 100644 (file)
--- a/OMakefile
+++ b/OMakefile
@@ -121,6 +121,7 @@ OCAML_PHASE3_XEN = \
        ocaml/license/v6d-reopen-logs
 
 OCAML_PHASE3_NOXEN = \
+                    ocaml/ptoken/genptoken \
        ocaml/auth/testauthx \
        ocaml/xe-cli/xe \
        ocaml/xsh/xsh \

diff --git a/ocaml/OMakefile b/ocaml/OMakefile
index ba842cb114794ce67270aab598b1551854da89b2..44a4594e69fe0214395e0c5d8c894289536030fc 100644 (file)
--- a/ocaml/OMakefile
+++ b/ocaml/OMakefile
@@ -5,6 +5,7 @@ OCAML_LIBS    = $(ROOT)/ocaml/util/version $(ROOT)/ocaml/util/stats
 OCAMLPACKS    = stdext log
 
 .SUBDIRS: \
+    ptoken \
        autogen \
        xe-cli \
        xapimon \

diff --git a/ocaml/ptoken/OMakefile b/ocaml/ptoken/OMakefile
new file mode 100644 (file)
index 0000000..788ef0e
--- /dev/null
+++ b/ocaml/ptoken/OMakefile
@@ -0,0 +1,20 @@
+OCAMLPACKS = uuid
+
+GENSECRET_SRC_FILES = genptoken.ml
+
+section
+       OCamlProgram(genptoken, genptoken)
+
+.PHONY: clean
+clean:
+       rm -f $(CLEAN_OBJS) genptoken
+
+.PHONY: install
+install:
+       mkdir -p $(LIBEXEC)
+       $(IPROG) genptoken $(LIBEXEC)
+       mkdir -p $(DIST)/genptoken-src
+       $(IDATA) $(GENSECRET_SRC_FILES) $(DIST)/genptoken-src
+
+.PHONY: sdk-install
+sdk-install: install

diff --git a/ocaml/ptoken/genptoken.ml b/ocaml/ptoken/genptoken.ml
new file mode 100644 (file)
index 0000000..1053042
--- /dev/null
+++ b/ocaml/ptoken/genptoken.ml
@@ -0,0 +1,23 @@
+(* tool to generate pool secrets *)
+
+type options = { force : bool; tgtfile : string }
+
+let options = ref { force = false; tgtfile = "/etc/xensource/ptoken" }
+
+let set_force _ = options := { !options with force = true }
+let set_target s = options := { !options with tgtfile = s }
+
+let opt_force = ("-f", Arg.Unit set_force, "force generation of pool token, overwriting any existing one")
+let opt_target = ("-o", Arg.String set_target, "name of file to write to [ptoken]")
+let opts = [opt_force; opt_target]
+
+let _ =
+       Arg.parse opts (fun _ -> ()) "Generate a pool token";
+       if Sys.file_exists !options.tgtfile
+               then if !options.force
+                       then Sys.remove !options.tgtfile
+                       else begin print_endline "File exists, use -f to replace it."; exit 1 end;
+       let uuid _ = Uuid.to_string (Uuid.make_uuid ()) in
+       let uuids = String.concat "/" [uuid (); uuid (); uuid ()] in
+       let f = open_out_gen [Open_wronly; Open_creat; Open_excl; Open_binary] 0o640 !options.tgtfile in
+       output_string f uuids

diff --git a/scripts/OMakefile b/scripts/OMakefile
index b44a7887c5f688fbf5fa5af2798cce7b54255d51..78020b1ca4a3bed4d9bbe320090a6b83c363b78c 100644 (file)
--- a/scripts/OMakefile
+++ b/scripts/OMakefile
@@ -32,6 +32,7 @@ install:
        $(IPROG) init.d-xapi-domains $(DESTDIR)/etc/rc.d/init.d/xapi-domains
        $(IPROG) init.d-squeezed $(DESTDIR)/etc/rc.d/init.d/squeezed
        $(IPROG) init.d-management-interface $(DESTDIR)/etc/rc.d/init.d/management-interface
+       $(IPROG) init.d-genptoken $(DESTDIR)/etc/rc.d/init.d/genptoken
        $(IDATA) squeezed-logrotate $(DESTDIR)/etc/logrotate.d/squeezed
        $(IPROG) init.d-v6d $(DESTDIR)/etc/rc.d/init.d/v6d
        $(IDATA) v6d-logrotate $(DESTDIR)/etc/logrotate.d/v6d

diff --git a/scripts/init.d-genptoken b/scripts/init.d-genptoken
new file mode 100644 (file)
index 0000000..a60e385
--- /dev/null
+++ b/scripts/init.d-genptoken
@@ -0,0 +1,31 @@
+#! /bin/sh
+#
+# genptoken    Generate a pool secret (ptoken)
+#
+# chkconfig: 2345 22 78
+# description: Generate pool secret
+
+. /etc/init.d/functions
+
+start() {
+    echo -n $"Creating pool secret (this may take some time)"
+
+    if [ ! -f /etc/xensource/ptoken ]; then
+        /opt/xensource/libexec/genptoken -f -o /etc/xensource/ptoken
+    fi
+
+    [ $? -eq 0 ] && success $"Done" || failure
+    echo
+}
+
+case "$1" in
+    start)
+        start
+       ;;
+    stop|status)
+       ;;
+    *)
+       echo $"Usage: $0 {start|stop|status}"
+       exit 1
+        ;;
+esac

diff --git a/xapi.spec b/xapi.spec
index 861501c6beb2ed473e55e403c9662517c06e4da7..676f435766319b50e3f6c5c683a93763a682f81f 100644 (file)
--- a/xapi.spec
+++ b/xapi.spec
@@ -106,6 +106,7 @@ rm -rf $RPM_BUILD_ROOT
 [ ! -x /sbin/chkconfig ] || chkconfig --add xapi-domains
 [ ! -x /sbin/chkconfig ] || chkconfig --add perfmon
 [ ! -x /sbin/chkconfig ] || chkconfig --add v6d
+[ ! -x /sbin/chkconfig ] || chkconfig --add genptoken
 
 %post squeezed
 [ ! -x /sbin/chkconfig ] || chkconfig squeezed on
@@ -125,6 +126,7 @@ rm -rf $RPM_BUILD_ROOT
 /etc/rc.d/init.d/xapissl
 /etc/rc.d/init.d/xenservices
 /etc/rc.d/init.d/sdkinit
+/etc/rc.d/init.d/genptoken
 /etc/sysconfig/perfmon
 /etc/sysconfig/xapi
 /etc/udev/rules.d/xen-backend.rules
@@ -220,6 +222,7 @@ rm -rf $RPM_BUILD_ROOT
 /opt/xensource/libexec/mail-alarm
 /opt/xensource/libexec/print-custom-templates
 /opt/xensource/libexec/probe-device-for-file
+/opt/xensource/libexec/genptoken
 /opt/xensource/libexec/qemu-dm-wrapper
 /opt/xensource/libexec/restore-sr-metadata.py
 /opt/xensource/libexec/restore-sr-metadata.pyo