X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=vserver-reference.init;h=52964c9a83bb518ef3774b8246478204faaa9fd3;hb=refs%2Fheads%2Fplanetlab-4_0-branch;hp=7befe410970bccb873dc1c539f93a3e0cce2998d;hpb=059371ba3e299be1bc682baa319a44394ec7e381;p=vserver-reference.git

diff --git a/vserver-reference.init b/vserver-reference.init
index 7befe41..52964c9 100755
--- a/vserver-reference.init
+++ b/vserver-reference.init
@@ -2,7 +2,7 @@
 #
 # vserver-reference	Updates VServer reference
 #
-# Load before pl_conf, pl_nm, vcached, and vservers
+# Load before nm, vcached, and vservers
 # chkconfig: 3 60 80
 # description: Builds VServer reference image
 #
@@ -30,6 +30,15 @@ esac
 # VServer definitions
 . /usr/lib/util-vserver/util-vserver-vars
 
+# Parse PLC configuration
+if [ -r /etc/planetlab/plc_config ] ; then
+    . /etc/planetlab/plc_config
+else
+    PLC_NAME="PlanetLab"
+    PLC_SLICE_PREFIX="pl"
+    PLC_BOOT_HOST="boot.planet-lab.org"
+fi
+
 # Save stdout and stderr
 exec 3>&1
 exec 4>&2
@@ -38,49 +47,100 @@ exec 4>&2
 exec 2>&1
 exec &>/var/log/vserver-reference.log
 
-echo -n $"Updating VServer reference: " >&3 2>&4
-
 shopt -s nullglob
 
-VROOTS="$__DEFAULT_VSERVERDIR/vserver-reference $__DEFAULT_VSERVERDIR/.vcache/*"
-
 # Make sure the barrier bit is set
-chmod 0000 /vservers
-setattr --barrier /vservers
+chmod 0000 "$__DEFAULT_VSERVERDIR"
+setattr --barrier "$__DEFAULT_VSERVERDIR"
+
+# Build reference images for system slices
+# XXX Use Stork?
+for lst in "$__DEFAULT_VSERVERDIR/system-packages/"*.lst ; do
+    NAME=$(basename $lst .lst)
+
+    # Copy base reference image
+    if [ ! -d "$__DEFAULT_VSERVERDIR/.vref/$NAME" ] ; then
+	echo -n $"Building VServer reference image for $NAME: " >&3 2>&4
+
+	# Build in temporary directory
+	mkdir -p "$__DEFAULT_VSERVERDIR/.vtmp"
+	TMP=$(mktemp -d "$__DEFAULT_VSERVERDIR/.vtmp/$NAME.XXXXXX")
+	mkdir -p "$__DEFAULT_VSERVERDIR/.vref"
+	"$__PKGLIBDIR/vbuild" "$__DEFAULT_VSERVERDIR/.vref/default" "$TMP"
+	RETVAL=$?
+
+	# Install/update additional packages
+ 	if [ $RETVAL -eq 0 ] ; then
+	    pushd "$__DEFAULT_VSERVERDIR/system-packages" >/dev/null
+	    xargs rpm --root "$TMP" --install < "$NAME.lst"
+	    RETVAL=$?
+	    popd >/dev/null
+	fi
+
+        # Clean RPM state
+	rm -f "$TMP/var/lib/rpm/__db"*
+
+	# Move it to its permanent location when complete
+ 	if [ $RETVAL -eq 0 ] ; then
+	    mv "$TMP" "$__DEFAULT_VSERVERDIR/.vref/$NAME"
+	    success >&3 2>&4
+	else
+	    failure >&3 2>&4
+	fi
+	echo >&3 2>&4
+    fi
+done
+
+echo -n $"Updating VServer reference images: " >&3 2>&4
+
+VROOTS="$__DEFAULT_VSERVERDIR/.vref/* $__DEFAULT_VSERVERDIR/.vcache/* $__DEFAULT_VSERVERDIR/${PLC_SLICE_PREFIX}_*"
 
 # Copy configuration files from host to slices
 for file in /etc/hosts /etc/resolv.conf /etc/yum.conf /etc/planetlab/node_id \
-            /etc/planetlab/plc_config* /etc/planetlab/php/* ; do
+            /etc/planetlab/plc_config* /etc/planetlab/php/* \
+            /etc/pki/rpm-gpg/* ; do
     if [ -r $file ] ; then
 	for vroot in $VROOTS ; do
-	    if [ -f $vroot/etc/AUTO_UPDATE_NET_FILES ] ; then
-		install -D -m 644 $file $vroot/$file
-	    fi
+	    install -D -m 644 $file $vroot/$file
 	done
     fi
 done
 
-# Parse PLC configuration
-if [ -r /etc/planetlab/plc_config ] ; then
-    . /etc/planetlab/plc_config
-else
-    PLC_NAME="PlanetLab"
-    PLC_BOOT_HOST="boot.planet-lab.org"
-    PLC_BOOT_SSL_CRT="/etc/planetlab/boot_ssl.crt"
-fi
+# Remove stale RPM locks
+rm -f $vroot/var/lib/rpm/__db*
 
-CACERT=/mnt/cdrom/bootme/cacert/$PLC_BOOT_HOST/cacert.pem
-if [ -r $CACERT ] ; then
+# (Re)install GPG signing keys
+if [ -d /etc/pki/rpm-gpg ] ; then
     for vroot in $VROOTS ; do
-	# Install boot server certificate
-	install -D -m 644 $CACERT $vroot/$PLC_BOOT_SSL_CRT
-
-	# Also install in /mnt/cdrom/bootme for backward compatibility
-	install -D -m 644 $CACERT $vroot/mnt/cdrom/bootme/cacert/$PLC_BOOT_HOST/cacert.pem
-	echo $PLC_BOOT_HOST > $vroot/mnt/cdrom/bootme/BOOTSERVER
+	chroot $vroot rpm --allmatches -e gpg-pubkey || :
+	chroot $vroot rpm --import /etc/pki/rpm-gpg/* || :
     done
 fi
 
+# Old versions of the Boot Manager copied portions of the Boot CD to
+# /mnt/cdrom/bootme, to support old scripts which assumed that the
+# Boot CD was mounted even in production mode. Now, it just copies it
+# to /usr/boot/cacert.pem. In any case, copy the boot server
+# certificate to the place(s) where BootServerRequest expects to find
+# it (/usr/boot/cacert.pem by default, /mnt/cdrom/bootme in old
+# versions).
+CACERT="/usr/boot/cacert.pem /mnt/cdrom/bootme/cacert/$PLC_BOOT_HOST/cacert.pem"
+for cacert in $CACERT ; do
+    if [ -r $cacert ] ; then
+	for vroot in $VROOTS ; do
+	    # Install boot server certificate
+	    install -D -m 644 $cacert $vroot/usr/boot/cacert.pem
+	    echo $PLC_BOOT_HOST > $vroot/usr/boot/boot_server
+
+	    # Also install in /mnt/cdrom/bootme for backward compatibility
+	    install -D -m 644 $cacert $vroot/mnt/cdrom/bootme/cacert/$PLC_BOOT_HOST/cacert.pem
+	    echo $PLC_BOOT_HOST > $vroot/mnt/cdrom/bootme/BOOTSERVER
+	done
+	break
+    fi
+done
+
 success >&3 2>&4
 echo >&3 2>&4
+
 exit 0