From e9b522b95acd8712285078e91f2d5a79cfc7c913 Mon Sep 17 00:00:00 2001
From: Mark Huang <mlhuang@cs.princeton.edu>
Date: Tue, 9 May 2006 22:26:31 +0000
Subject: [PATCH] - add a fixit script to fill the gap between the current
 situation and   the desired situation. Ideally, nodes' configuration files
 and GPG   keys would be initially installed by the Boot Manager, then pushed
 to   the reference images and system slices by vserver-reference   init/cron.
 However, we don't want to re-install nodes, and we don't   want to upgrade
 vserver-reference, so between PlanetLabConf,   NodeUpdate, and this script,
 we should be able to get to a point where   we can enable GPG checking of
 RPMs.

---
 pl_mop.sh | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 51 insertions(+), 1 deletion(-)

diff --git a/pl_mop.sh b/pl_mop.sh
index edc8222..61b7a63 100755
--- a/pl_mop.sh
+++ b/pl_mop.sh
@@ -5,11 +5,18 @@
 # Mark Huang <mlhuang@cs.princeton.edu>
 # Copyright (C) 2005 The Trustees of Princeton University
 #
-# $Id: pl_mop.sh,v 1.5 2006/03/06 20:40:33 mlhuang Exp $
+# $Id: pl_mop.sh,v 1.6 2006/04/28 19:28:59 mlhuang Exp $
 #
 
 PATH=/sbin:/usr/sbin:$PATH
 
+# Parse PLC configuration
+if [ -r /etc/planetlab/plc_config ] ; then
+    . /etc/planetlab/plc_config
+else
+    PLC_SLICE_PREFIX="pl"
+fi
+
 PIDFILE=/var/run/pl_mop.pid
 
 # Record PID
@@ -79,6 +86,47 @@ restart_pl_conf() {
     fi
 }
 
+# GPG keys are installed in /etc/pki/rpm-gpg by both the Boot Manager
+# during initial installation, and by PlanetLabConf during daily
+# updates. NodeUpdate imports the keys into the RPM database before
+# running yum daily. vserver-reference copies and imports the keys
+# into the reference images and system slices daily. The only parts of
+# this process that are actually necessary, are the Boot Manager and
+# vserver-reference. However, we do not want to force a re-install of
+# all nodes, and we do not want to force an update of
+# vserver-reference, so in the meantime, PlanetLabConf and NodeUpdate
+# take care of getting the keys installed and imported in /, and this
+# script takes care of getting them installed in the reference images
+# and system slices, until we can get a new vserver-reference image
+# pushed out.
+update_vserver_reference() {
+    echo "* Updating VServer reference"
+
+    shopt -s nullglob
+
+    VROOTS="/vservers/vserver-reference /vservers/.vcache/* /vservers/${PLC_SLICE_PREFIX}_*"
+
+    # Copy configuration files from host to slices
+    for file in \
+	/etc/hosts /etc/resolv.conf /etc/yum.conf /etc/planetlab/node_id \
+	/etc/planetlab/plc_config* /etc/planetlab/php/* \
+	/etc/pki/rpm-gpg/* ; do
+      if [ -r $file ] ; then
+	  for vroot in $VROOTS ; do
+	      install -D -m 644 $file $vroot/$file
+	  done
+      fi
+    done
+
+    # (Re)install GPG signing keys
+    if [ -d /etc/pki/rpm-gpg ] ; then
+	for vroot in $VROOTS ; do
+	    chroot $vroot rpm --allmatches -e gpg-pubkey || :
+	    chroot $vroot rpm --import /etc/pki/rpm-gpg/* || :
+	done
+    fi
+}    
+
 # kill all the processes running in slice contexts
 vkillall() {
     vps -A | awk '(int($2) > 1) { system("vkill -c " $2 " -s 9 " $1); }'
@@ -181,3 +229,5 @@ run restart_pl_conf
 run restart_netflow
 
 run kill_duplicate_ssh
+
+run update_vserver_reference
-- 
2.43.0