From: Magnus Therning Date: Mon, 11 Oct 2010 22:02:24 +0000 (+0100) Subject: [CA-43971]: Adding the tool to generate the pool secret, including X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=77f8ed78677c1948841d1ce25efe845687d1ed61;p=xcp%2Fxen-api.git [CA-43971]: Adding the tool to generate the pool secret, including the init-script to fire it off on boot. Signed-off-by: Magnus Therning --- diff --git a/OMakefile b/OMakefile index 6bc2d683..6c9db009 100644 --- a/OMakefile +++ b/OMakefile @@ -121,6 +121,7 @@ OCAML_PHASE3_XEN = \ ocaml/license/v6d-reopen-logs OCAML_PHASE3_NOXEN = \ + ocaml/ptoken/genptoken \ ocaml/auth/testauthx \ ocaml/xe-cli/xe \ ocaml/xsh/xsh \ diff --git a/ocaml/OMakefile b/ocaml/OMakefile index ba842cb1..44a4594e 100644 --- a/ocaml/OMakefile +++ b/ocaml/OMakefile @@ -5,6 +5,7 @@ OCAML_LIBS = $(ROOT)/ocaml/util/version $(ROOT)/ocaml/util/stats OCAMLPACKS = stdext log .SUBDIRS: \ + ptoken \ autogen \ xe-cli \ xapimon \ diff --git a/ocaml/ptoken/OMakefile b/ocaml/ptoken/OMakefile new file mode 100644 index 00000000..788ef0ee --- /dev/null +++ b/ocaml/ptoken/OMakefile @@ -0,0 +1,20 @@ +OCAMLPACKS = uuid + +GENSECRET_SRC_FILES = genptoken.ml + +section + OCamlProgram(genptoken, genptoken) + +.PHONY: clean +clean: + rm -f $(CLEAN_OBJS) genptoken + +.PHONY: install +install: + mkdir -p $(LIBEXEC) + $(IPROG) genptoken $(LIBEXEC) + mkdir -p $(DIST)/genptoken-src + $(IDATA) $(GENSECRET_SRC_FILES) $(DIST)/genptoken-src + +.PHONY: sdk-install +sdk-install: install diff --git a/ocaml/ptoken/genptoken.ml b/ocaml/ptoken/genptoken.ml new file mode 100644 index 00000000..1053042e --- /dev/null +++ b/ocaml/ptoken/genptoken.ml @@ -0,0 +1,23 @@ +(* tool to generate pool secrets *) + +type options = { force : bool; tgtfile : string } + +let options = ref { force = false; tgtfile = "/etc/xensource/ptoken" } + +let set_force _ = options := { !options with force = true } +let set_target s = options := { !options with tgtfile = s } + +let opt_force = ("-f", Arg.Unit set_force, "force generation of pool token, overwriting any existing one") +let opt_target = ("-o", Arg.String set_target, "name of file to write to [ptoken]") +let opts = [opt_force; opt_target] + +let _ = + Arg.parse opts (fun _ -> ()) "Generate a pool token"; + if Sys.file_exists !options.tgtfile + then if !options.force + then Sys.remove !options.tgtfile + else begin print_endline "File exists, use -f to replace it."; exit 1 end; + let uuid _ = Uuid.to_string (Uuid.make_uuid ()) in + let uuids = String.concat "/" [uuid (); uuid (); uuid ()] in + let f = open_out_gen [Open_wronly; Open_creat; Open_excl; Open_binary] 0o640 !options.tgtfile in + output_string f uuids diff --git a/scripts/OMakefile b/scripts/OMakefile index b44a7887..78020b1c 100644 --- a/scripts/OMakefile +++ b/scripts/OMakefile @@ -32,6 +32,7 @@ install: $(IPROG) init.d-xapi-domains $(DESTDIR)/etc/rc.d/init.d/xapi-domains $(IPROG) init.d-squeezed $(DESTDIR)/etc/rc.d/init.d/squeezed $(IPROG) init.d-management-interface $(DESTDIR)/etc/rc.d/init.d/management-interface + $(IPROG) init.d-genptoken $(DESTDIR)/etc/rc.d/init.d/genptoken $(IDATA) squeezed-logrotate $(DESTDIR)/etc/logrotate.d/squeezed $(IPROG) init.d-v6d $(DESTDIR)/etc/rc.d/init.d/v6d $(IDATA) v6d-logrotate $(DESTDIR)/etc/logrotate.d/v6d diff --git a/scripts/init.d-genptoken b/scripts/init.d-genptoken new file mode 100644 index 00000000..a60e3853 --- /dev/null +++ b/scripts/init.d-genptoken @@ -0,0 +1,31 @@ +#! /bin/sh +# +# genptoken Generate a pool secret (ptoken) +# +# chkconfig: 2345 22 78 +# description: Generate pool secret + +. /etc/init.d/functions + +start() { + echo -n $"Creating pool secret (this may take some time)" + + if [ ! -f /etc/xensource/ptoken ]; then + /opt/xensource/libexec/genptoken -f -o /etc/xensource/ptoken + fi + + [ $? -eq 0 ] && success $"Done" || failure + echo +} + +case "$1" in + start) + start + ;; + stop|status) + ;; + *) + echo $"Usage: $0 {start|stop|status}" + exit 1 + ;; +esac diff --git a/xapi.spec b/xapi.spec index 861501c6..676f4357 100644 --- a/xapi.spec +++ b/xapi.spec @@ -106,6 +106,7 @@ rm -rf $RPM_BUILD_ROOT [ ! -x /sbin/chkconfig ] || chkconfig --add xapi-domains [ ! -x /sbin/chkconfig ] || chkconfig --add perfmon [ ! -x /sbin/chkconfig ] || chkconfig --add v6d +[ ! -x /sbin/chkconfig ] || chkconfig --add genptoken %post squeezed [ ! -x /sbin/chkconfig ] || chkconfig squeezed on @@ -125,6 +126,7 @@ rm -rf $RPM_BUILD_ROOT /etc/rc.d/init.d/xapissl /etc/rc.d/init.d/xenservices /etc/rc.d/init.d/sdkinit +/etc/rc.d/init.d/genptoken /etc/sysconfig/perfmon /etc/sysconfig/xapi /etc/udev/rules.d/xen-backend.rules @@ -220,6 +222,7 @@ rm -rf $RPM_BUILD_ROOT /opt/xensource/libexec/mail-alarm /opt/xensource/libexec/print-custom-templates /opt/xensource/libexec/probe-device-for-file +/opt/xensource/libexec/genptoken /opt/xensource/libexec/qemu-dm-wrapper /opt/xensource/libexec/restore-sr-metadata.py /opt/xensource/libexec/restore-sr-metadata.pyo