X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=config.planetlab%2Fbootstrapfs.post;h=79d54fe3c91fd058c058a799ae26009f02f1bd1b;hb=f2e5aa773fa8d6e82be23fbde7c12d3e12668731;hp=c2535bda7073789df42376e517171bed86c720cd;hpb=757828899a07795f119eace869ee39caf5ff96a3;p=build.git diff --git a/config.planetlab/bootstrapfs.post b/config.planetlab/bootstrapfs.post index c2535bda..79d54fe3 100644 --- a/config.planetlab/bootstrapfs.post +++ b/config.planetlab/bootstrapfs.post @@ -7,9 +7,37 @@ if [ -z "${vdir}" ] ; then exit fi -# Remove unneeded services -for service in util-vserver vprocunhide vservers-default; do - chroot ${vdir} /sbin/chkconfig $service off +# Cleanup yum config entirely, waiting for the config files to populate this +rm -rf ${vdir}/etc/yum.conf ${vdir}/etc/yum.repos.d + +# Tweaking services +# turn OFF firstboot if present, might cause the node to hang +chroot ${vdir} /sbin/chkconfig firstboot off || : +# NOTE: we're enabling util-vserver to allow it to help shutdown all slices +# before rebooting. This has been problematic in the past +chroot ${vdir} /sbin/chkconfig util-vserver on || : +# enabling network as it ends up turned off on systems that come with NetworkManager, starting with fedora9 +chroot ${vdir} /sbin/chkconfig network on || : +# and turn off NetworkManager if present, as it quite obviously messes with network +chroot ${vdir} /sbin/chkconfig NetworkManager off || : + +# turn OFF vservers-default ; this is to automatically restart vservers, let nm do that +chroot ${vdir} /sbin/chkconfig vservers-default off || : +# turn ON vprocunhide ; is required with kernels that have CONFIG_VSERVER_PROC_SECURE enabled +# which is the case for our k32 kernel +chroot ${vdir} /sbin/chkconfig vprocunhide on || : + +# turn OFF selinux if set +# this may happen accidentally if you mention too much stuff in bootstrapfs.pkgs +for file in /etc/sysconfig/selinux /sbin/load_policy; do + [ -f ${vdir}/${file} ] || { echo "$file not found in $vdir - fine" ; continue; } + selinuxrpm=$(chroot ${vdir} rpm -qf ${file}) + if [ -z "$selinuxrpm" ] ; then + echo "SElinux: warning : could not rpm for file $file" + else + echo "Force-removing package ${selinuxrpm}" + chroot ${vdir} rpm -e --nodeps ${selinuxrpm} + fi done # Disable splaying of cron. @@ -18,28 +46,31 @@ echo > ${vdir}/etc/sysconfig/crontab # Add site_admin account chroot ${vdir} /usr/sbin/useradd -p "" -u 502 -m site_admin -# NOTE: this is added to ensure that processes running within the slices that -# may have special permissions and other parts of the filesystem engated are -# killed before shutdown. We experienced hangs when rebooting without this -# step. -( cat < ${vdir}/etc/logrotate.d/btmp +/var/log/btmp { + weekly + minsize 1M + create 0600 root utmp + rotate 2 + compress + notifempty +} EOF # NOTE: This is added to relieve one site's Cisco router configuration that # fails to recognize the host once the arping is sent out. +# NOTE: this is pretty fragile, and fails on fedora 10 that as of today (oct. 20 2009) +# has initscripts-8.86.3-1.i386 which reads almost identical but with /sbin/arping instead +# NOTE: this might work with fedora8 and centos5 +# the other distros will probably just fail to add this patch cat <<\EOF | patch -d ${vdir}/etc/sysconfig/network-scripts/ --- ifup-eth 2008-07-08 13:19:49.000000000 -0400 +++ ifup-eth-orig 2008-07-08 13:20:02.000000000 -0400