Commit c81e7d91 authored by Antoine Catton's avatar Antoine Catton

Merge branch 'shellinabox'

This merge introduce a shellinabox service on every test node.

This merge also switches testnode to generic recipes way.
It changes a bit the syntax of requesting a test node, but I
updated documentation about testnode.
parents 01314c95 c7ed3233
[buildout]
parts = busybox
[busybox]
recipe = slapos.recipe.build
url = http://busybox.net/downloads/busybox-1.19.3.tar.bz2
md5sum = c3938e1ac59602387009bbf1dd1af7f6
script =
extract_dir = self.extract(self.download(%(url)r, %(md5sum)r))
workdir = guessworkdir(extract_dir)
self.logger.info("Creating default configuration")
call(['make', 'defconfig'], cwd=workdir, env=env)
self.logger.info("Building")
call(['make'], cwd=workdir, env=env)
self.logger.info("Installing")
call(['make', 'CONFIG_PREFIX=%(location)s', 'install'], cwd=workdir, env=env)
self.logger.info("Installation finished")
[buildout]
parts =
pwgen
[pwgen]
recipe = hexagonit.recipe.cmmi
url = http://downloads.sourceforge.net/project/pwgen/pwgen/2.06/pwgen-2.06.tar.gz
md5sum = 935aebcbe610fbc9de8125e7b7d71297
From 50ec7439e80bd6a77346dc6482895e481d8cd43a Mon Sep 17 00:00:00 2001
From: Antoine Catton <acatton@tiolive.com>
Date: Tue, 10 Jan 2012 18:30:20 +0100
Subject: [PATCH] Switch to IPv6
---
libhttp/http.h | 4 ++--
libhttp/httpconnection.c | 11 ++++++++++-
libhttp/server.c | 33 +++++++++++++++++++--------------
libhttp/server.h | 6 +++---
shellinabox/shellinaboxd.c | 14 +++++++-------
5 files changed, 41 insertions(+), 27 deletions(-)
diff --git a/libhttp/http.h b/libhttp/http.h
index e7840fa..5cd61e3 100644
--- a/libhttp/http.h
+++ b/libhttp/http.h
@@ -66,8 +66,8 @@ typedef struct ServerConnection ServerConnection;
typedef struct Server Server;
typedef struct URL URL;
-Server *newCGIServer(int localhostOnly, int portMin, int portMax, int timeout);
-Server *newServer(int localhostOnly, int port);
+Server *newCGIServer(char *ipv6, int portMin, int portMax, int timeout);
+Server *newServer(char *ipv6, int port);
void deleteServer(Server *server);
int serverGetListeningPort(Server *server);
int serverGetFd(Server *server);
diff --git a/libhttp/httpconnection.c b/libhttp/httpconnection.c
index c8e69f6..cae467f 100644
--- a/libhttp/httpconnection.c
+++ b/libhttp/httpconnection.c
@@ -823,8 +823,17 @@ static int httpHandleCommand(struct HttpConnection *http,
const char *host = getFromHashMap(&http->header,
"host");
if (host) {
+ int brackets = 0; // For IPv6 hosts
for (char ch; (ch = *host) != '\000'; host++) {
- if (ch == ':') {
+ if (ch == '[') {
+ brackets = 1;
+ break;
+ }
+ if (ch == ']') {
+ brackets = 0;
+ break;
+ }
+ if (!brackets && ch == ':') {
*(char *)host = '\000';
break;
}
diff --git a/libhttp/server.c b/libhttp/server.c
index f52a269..2c30bd8 100644
--- a/libhttp/server.c
+++ b/libhttp/server.c
@@ -170,19 +170,19 @@ static int serverQuitHandler(struct HttpConnection *http, void *arg) {
return HTTP_DONE;
}
-struct Server *newCGIServer(int localhostOnly, int portMin, int portMax,
+struct Server *newCGIServer(char *ipv6, int portMin, int portMax,
int timeout) {
struct Server *server;
check(server = malloc(sizeof(struct Server)));
- initServer(server, localhostOnly, portMin, portMax, timeout);
+ initServer(server, ipv6, portMin, portMax, timeout);
return server;
}
-struct Server *newServer(int localhostOnly, int port) {
- return newCGIServer(localhostOnly, port, port, -1);
+struct Server *newServer(char *ipv6, int port) {
+ return newCGIServer(ipv6, port, port, -1);
}
-void initServer(struct Server *server, int localhostOnly, int portMin,
+void initServer(struct Server *server, char *ipv6, int portMin,
int portMax, int timeout) {
server->looping = 0;
server->exitAll = 0;
@@ -192,14 +192,19 @@ void initServer(struct Server *server, int localhostOnly, int portMin,
server->numConnections = 0;
int true = 1;
- server->serverFd = socket(PF_INET, SOCK_STREAM, 0);
+ server->serverFd = socket(PF_INET6, SOCK_STREAM, 0);
check(server->serverFd >= 0);
check(!setsockopt(server->serverFd, SOL_SOCKET, SO_REUSEADDR,
&true, sizeof(true)));
- struct sockaddr_in serverAddr = { 0 };
- serverAddr.sin_family = AF_INET;
- serverAddr.sin_addr.s_addr = htonl(localhostOnly
- ? INADDR_LOOPBACK : INADDR_ANY);
+ struct sockaddr_in6 serverAddr = { 0 };
+ serverAddr.sin6_family = AF_INET6;
+ if (ipv6 != NULL) {
+ if (!inet_pton(AF_INET6, ipv6, serverAddr.sin6_addr.s6_addr)) {
+ fatal("Bad ipv6 address");
+ }
+ } else {
+ serverAddr.sin6_addr = in6addr_any;
+ }
// Linux unlike BSD does not have support for picking a local port range.
// So, we have to randomly pick a port from our allowed port range, and then
@@ -214,14 +219,14 @@ void initServer(struct Server *server, int localhostOnly, int portMin,
int portStart = rand() % (portMax - portMin + 1) + portMin;
for (int p = 0; p <= portMax-portMin; p++) {
int port = (p+portStart)%(portMax-portMin+1)+ portMin;
- serverAddr.sin_port = htons(port);
+ serverAddr.sin6_port = htons(port);
if (!bind(server->serverFd, (struct sockaddr *)&serverAddr,
sizeof(serverAddr))) {
break;
}
- serverAddr.sin_port = 0;
+ serverAddr.sin6_port = 0;
}
- if (!serverAddr.sin_port) {
+ if (!serverAddr.sin6_port) {
fatal("Failed to find any available port");
}
}
@@ -231,7 +236,7 @@ void initServer(struct Server *server, int localhostOnly, int portMin,
check(!getsockname(server->serverFd, (struct sockaddr *)&serverAddr,
&socklen));
check(socklen == sizeof(serverAddr));
- server->port = ntohs(serverAddr.sin_port);
+ server->port = ntohs(serverAddr.sin6_port);
info("Listening on port %d", server->port);
check(server->pollFds = malloc(sizeof(struct pollfd)));
diff --git a/libhttp/server.h b/libhttp/server.h
index bb879fb..5ffb698 100644
--- a/libhttp/server.h
+++ b/libhttp/server.h
@@ -78,10 +78,10 @@ struct Server {
struct SSLSupport ssl;
};
-struct Server *newCGIServer(int localhostOnly, int portMin, int portMax,
+struct Server *newCGIServer(char *ipv6, int portMin, int portMax,
int timeout);
-struct Server *newServer(int localhostOnly, int port);
-void initServer(struct Server *server, int localhostOnly, int portMin,
+struct Server *newServer(char *ipv6, int port);
+void initServer(struct Server *server, char *ipv6, int portMin,
int portMax, int timeout);
void destroyServer(struct Server *server);
void deleteServer(struct Server *server);
diff --git a/shellinabox/shellinaboxd.c b/shellinabox/shellinaboxd.c
index dcf05ff..2d1d758 100644
--- a/shellinabox/shellinaboxd.c
+++ b/shellinabox/shellinaboxd.c
@@ -80,7 +80,7 @@
static int port;
static int portMin;
static int portMax;
-static int localhostOnly = 0;
+static char *ipv6 = NULL;
static int noBeep = 0;
static int numericHosts = 0;
static int enableSSL = 1;
@@ -747,7 +747,7 @@ static void usage(void) {
" -g, --group=GID switch to this group (default: %s)\n"
" -h, --help print this message\n"
" --linkify=[none|normal|agressive] default is \"normal\"\n"
- " --localhost-only only listen on 127.0.0.1\n"
+ " --ipv6 listen on a specific ipv6\n"
" --no-beep suppress all audio output\n"
" -n, --numeric do not resolve hostnames\n"
" -p, --port=PORT select a port (default: %d)\n"
@@ -839,7 +839,7 @@ static void parseArgs(int argc, char * const argv[]) {
{ "static-file", 1, 0, 'f' },
{ "group", 1, 0, 'g' },
{ "linkify", 1, 0, 0 },
- { "localhost-only", 0, 0, 0 },
+ { "ipv6", 1, 0, 0 },
{ "no-beep", 0, 0, 0 },
{ "numeric", 0, 0, 'n' },
{ "port", 1, 0, 'p' },
@@ -1001,8 +1001,8 @@ static void parseArgs(int argc, char * const argv[]) {
"\"none\", \"normal\", or \"aggressive\".");
}
} else if (!idx--) {
- // Localhost Only
- localhostOnly = 1;
+ // IPv6
+ ipv6 = optarg;
} else if (!idx--) {
// No Beep
noBeep = 1;
@@ -1197,7 +1197,7 @@ int main(int argc, char * const argv[]) {
// Create a new web server
Server *server;
if (port) {
- check(server = newServer(localhostOnly, port));
+ check(server = newServer(ipv6, port));
dropPrivileges();
setUpSSL(server);
} else {
@@ -1217,7 +1217,7 @@ int main(int argc, char * const argv[]) {
_exit(0);
}
check(!NOINTR(close(fds[0])));
- check(server = newCGIServer(localhostOnly, portMin, portMax,
+ check(server = newCGIServer(ipv6, portMin, portMax,
AJAX_TIMEOUT));
cgiServer = server;
setUpSSL(server);
--
1.7.6.5
From eee6f7180dc5dd4523264e7ce0721945ab2b78a1 Mon Sep 17 00:00:00 2001
From: Antoine Catton <acatton@tiolive.com>
Date: Wed, 11 Jan 2012 17:32:15 +0100
Subject: [PATCH 2/2] Allow to run entire command path.
---
shellinabox/launcher.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/shellinabox/launcher.c b/shellinabox/launcher.c
index fb8a133..e116a75 100644
--- a/shellinabox/launcher.c
+++ b/shellinabox/launcher.c
@@ -1226,8 +1226,7 @@ static void execService(int width, int height, struct Service *service,
extern char **environ;
environ = environment;
- char *cmd = strrchr(argv[0], '/');
- execvp(cmd ? cmd + 1: argv[0], argv);
+ execvp(argv[0], argv);
}
void setWindowSize(int pty, int width, int height) {
--
1.7.6.5
[buildout]
extends =
../zlib/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg
parts = shellinabox
[shellinabox-full-path-patch]
recipe = hexagonit.recipe.download
filename = 0002-Allow-to-run-entire-command-path.patch
url = ${:_profile_base_location_}/${:filename}
download-only = true
[shellinabox-ipv6-patch]
recipe = hexagonit.recipe.download
filename = 0001-Switch-to-IPv6.patch
url = ${:_profile_base_location_}/${:filename}
download-only = true
[shellinabox]
recipe = hexagonit.recipe.cmmi
url = http://shellinabox.googlecode.com/files/shellinabox-2.10.tar.gz
md5sum = 0e144910d85d92edc54702ab9c46f032
environment =
CFLAGS = -I${zlib:location}/include -I${openssl:location}/include
LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib
PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/
patch-binary = ${patch:location}/bin/patch
patch-options = -p1
patches =
${shellinabox-ipv6-patch:location}/${shellinabox-ipv6-patch:filename}
${shellinabox-full-path-patch:location}/${shellinabox-full-path-patch:filename}
...@@ -86,9 +86,12 @@ setup(name=name, ...@@ -86,9 +86,12 @@ setup(name=name,
'pbs = slapos.recipe.pbs:Recipe', 'pbs = slapos.recipe.pbs:Recipe',
'publish = slapos.recipe.publish:Recipe', 'publish = slapos.recipe.publish:Recipe',
'publishurl = slapos.recipe.publishurl:Recipe', 'publishurl = slapos.recipe.publishurl:Recipe',
'pwgen = slapos.recipe.pwgen:Recipe',
'proactive = slapos.recipe.proactive:Recipe', 'proactive = slapos.recipe.proactive:Recipe',
'request = slapos.recipe.request:Recipe', 'request = slapos.recipe.request:Recipe',
'sheepdogtestbed = slapos.recipe.sheepdogtestbed:SheepDogTestBed', 'sheepdogtestbed = slapos.recipe.sheepdogtestbed:SheepDogTestBed',
'shell = slapos.recipe.shell:Recipe',
'shellinabox = slapos.recipe.shellinabox:Recipe',
'symbolic.link = slapos.recipe.symbolic_link:Recipe', 'symbolic.link = slapos.recipe.symbolic_link:Recipe',
'softwaretype = slapos.recipe.softwaretype:Recipe', 'softwaretype = slapos.recipe.softwaretype:Recipe',
'siptester = slapos.recipe.siptester:SipTesterRecipe', 'siptester = slapos.recipe.siptester:SipTesterRecipe',
......
...@@ -24,86 +24,80 @@ ...@@ -24,86 +24,80 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# #
############################################################################## ##############################################################################
from slapos.recipe.librecipe import BaseSlapRecipe import ConfigParser
import json
import os import os
import pkg_resources import StringIO
import zc.buildout
import zc.recipe.egg
import sys
class Recipe(BaseSlapRecipe): from slapos.recipe.librecipe import GenericBaseRecipe
def __init__(self, buildout, name, options):
self.egg = zc.recipe.egg.Egg(buildout, options['recipe'], options)
BaseSlapRecipe.__init__(self, buildout, name, options)
def _install(self): class Recipe(GenericBaseRecipe):
self.requirements, self.ws = self.egg.working_set() def install(self):
path_list = [] path_list = []
CONFIG = dict() options = self.options.copy()
CONFIG['slapos_directory'] = self.createDataDirectory('slapos') del options['recipe']
CONFIG['working_directory'] = self.createDataDirectory('testnode') CONFIG = {k.replace('-', '_'): v for k, v in options.iteritems()}
CONFIG['test_suite_directory'] = self.createDataDirectory('test_suite')
CONFIG['proxy_host'] = self.getLocalIPv4Address()
CONFIG['proxy_port'] = '5000'
CONFIG['log_directory'] = self.createDataDirectory('testnodelog')
CONFIG['run_directory'] = self.createDataDirectory('testnoderun')
CONFIG['test_suite_title'] = self.parameter_dict.get('test_suite_title')
CONFIG['test_node_title'] = self.parameter_dict.get('test_node_title')
CONFIG['test_suite'] = self.parameter_dict.get('test_suite')
CONFIG['node_quantity'] = self.parameter_dict.get('node_quantity', '1')
CONFIG['project_title'] = self.parameter_dict.get('project_title')
CONFIG['ipv4_address'] = self.getLocalIPv4Address()
CONFIG['ipv6_address'] = self.getGlobalIPv6Address()
CONFIG['test_suite_master_url'] = self.parameter_dict.get(
'test_suite_master_url', None)
CONFIG['git_binary'] = self.options['git_binary']
CONFIG['slapgrid_partition_binary'] = self.options[
'slapgrid_partition_binary']
CONFIG['slapgrid_software_binary'] = self.options[
'slapgrid_software_binary']
CONFIG['slapproxy_binary'] = self.options['slapproxy_binary']
CONFIG['zip_binary'] = self.options['zip_binary']
CONFIG['PATH'] = os.environ['PATH'] CONFIG['PATH'] = os.environ['PATH']
additional_bt5_repository_id = \
self.parameter_dict.get('additional_bt5_repository_id')
CONFIG['bt5_path'] = None if CONFIG['bt5_path']:
if additional_bt5_repository_id is not None: additional_bt5_repository_id_list = CONFIG['bt5_path'].split(",")
CONFIG['bt5_path'] = "" CONFIG['bt5_path'] = ''
additional_bt5_repository_id_list = additional_bt5_repository_id.split(",") for bt5_repository_id in additional_bt5_repository_id_list:
for id in additional_bt5_repository_id_list: id_path = os.path.join(CONFIG['slapos_directory'], bt5_repository_id)
id_path = os.path.join(CONFIG['slapos_directory'], id)
bt_path = os.path.join(id_path, "bt5") bt_path = os.path.join(id_path, "bt5")
CONFIG['bt5_path'] += "%s,%s," % (id_path, bt_path) CONFIG['bt5_path'] += "%s,%s," % (id_path, bt_path)
CONFIG['instance_dict'] = ''
if 'instance_dict' in self.parameter_dict:
CONFIG['instance_dict'] = '[instance_dict]\n'
for k,v in eval(self.parameter_dict['instance_dict']).iteritems():
CONFIG['instance_dict'] += '%s = %s\n' % (k,v)
CONFIG['repository_list'] = '' if self.options['instance-dict']:
config_instance_dict = ConfigParser.ConfigParser()
config_instance_dict.add_section('instance_dict')
instance_dict = json.loads(self.options['instance-dict'])
for k ,v in instance_dict.iteritems():
config_instance_dict.set('instance_dict', k, v)
value = StringIO.StringIO()
config_instance_dict.write(value)
CONFIG['instance_dict'] = value.getvalue()
vcs_repository_list = json.loads(self.options['repository-list'])
config_repository_list = ConfigParser.ConfigParser()
i = 0 i = 0
for repository in eval(self.parameter_dict['vcs_repository_list']): for repository in vcs_repository_list:
CONFIG['repository_list'] += '[vcs_repository_%s]\n' % i section_name = 'vcs_repository_%d' % i
CONFIG['repository_list'] += 'url = %s\n' % repository['url'] config_repository_list.add_section(section_name)
config_repository_list.set(section_name, 'url', repository['url'])
if 'branch' in repository: if 'branch' in repository:
CONFIG['repository_list'] += 'branch = %s\n' % repository['branch'] config_repository_list.set(section_name, 'branch', repository['branch'])
if 'profile_path' in repository: if 'profile_path' in repository:
CONFIG['repository_list'] += 'profile_path = %s\n' % repository[ config_repository_list.set(section_name, 'profile_path',
'profile_path'] repository['profile_path'])
if 'buildout_section_id' in repository: if 'buildout_section_id' in repository:
CONFIG['repository_list'] += 'buildout_section_id = %s\n' % repository[ config_repository_list.set(section_name, 'buildout_section_id',
'buildout_section_id'] repository['buildout_section_id'])
CONFIG['repository_list'] += '\n'
i += 1 i += 1
testnode_config = self.createConfigurationFile('erp5testnode.cfg', value = StringIO.StringIO()
self.substituteTemplate(pkg_resources.resource_filename(__name__, config_repository_list.write(value)
'template/erp5testnode.cfg.in'), CONFIG)) CONFIG['repository_list'] = value.getvalue()
testnode_log = os.path.join(self.log_directory, 'erp5testnode.log')
wrapper = zc.buildout.easy_install.scripts([('erp5testnode', configuration_file = self.createFile(
'slapos.recipe.librecipe.execute', 'executee')], self.ws, sys.executable, self.options['configuration-file'],
self.wrapper_directory, arguments=[[self.options['testnode'], '-l', self.substituteTemplate(
testnode_log, testnode_config], {'GIT_SSL_NO_VERIFY': '1'}])[0] self.getTemplateFilename('erp5testnode.cfg.in'),
path_list.append(testnode_config) CONFIG
path_list.append(wrapper) ),
)
path_list.append(configuration_file)
path_list.append(
self.createPythonScript(
self.options['wrapper'],
'slapos.recipe.librecipe.execute.executee',
[ # Executable
[ self.options['testnode'], '-l', self.options['log-file'],
configuration_file],
# Environment
{
'GIT_SSL_NO_VERIFY': '1',
}
],
)
)
return path_list return path_list
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import subprocess
import os
from slapos.recipe.librecipe import GenericBaseRecipe
class Recipe(GenericBaseRecipe):
def _options(self, options):
if not os.path.exists(self.options['file']):
password = subprocess.check_output([self.options['pwgen-binary'], '-1']).strip()
with open(self.options['file'], 'w') as password_file:
password_file.write(password)
else:
with open(self.options['file'], 'r') as password_file:
password = password_file.read()
options['password'] = password
def install(self):
return []
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import os
import json
from slapos.recipe.librecipe import GenericBaseRecipe
class Recipe(GenericBaseRecipe):
def install(self):
env = os.environ.copy()
path_list = self.options['path'].split('\n')
env.update(PATH=':'.join(path_list))
env.update(SHELL=self.options['shell'])
env.update(HOME=self.options['home'])
ps1 = self.options.get('ps1')
if ps1 is not None:
env.update(PS1=str(json.loads(ps1)))
else:
env.update(PS1=env.get('PS1', '> '))
wrapper = self.createPythonScript(
self.options['wrapper'],
'slapos.recipe.librecipe.execute.executee',
[ # Executable
[self.options['shell']],
# Environment
env
]
)
return [wrapper]
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from getpass import getpass
import pwd
import grp
import os
from slapos.recipe.librecipe import GenericBaseRecipe
def login_shell(args):
password = args['password']
entered_password = getpass()
if entered_password != password:
return 1
else:
os.execl(args['shell'], args['shell'])
def shellinabox(args):
certificate_dir = args['certificate_dir']
certificate_path = os.path.join(certificate_dir, 'certificate.pem')
with open(certificate_path, 'w') as certificate_file:
with open(args['ssl_key'], 'r') as key_file:
# XXX: Dirty hack in order to make shellinabox work
print >> certificate_file, key_file.read().replace(' PRIVATE ',
' RSA PRIVATE ')
with open(args['ssl_certificate']) as public_key_file:
print >> certificate_file, public_key_file.read()
user = pwd.getpwuid(os.getuid()).pw_name
group = grp.getgrgid(os.getgid()).gr_name
service = '/:%(user)s:%(group)s:%(directory)s:%(command)s' % {
'user': group,
'group': user,
'directory': args['directory'],
'command': args['login_shell'],
}
command_line = [
args['shellinabox'],
'-d',
'-c', certificate_dir,
'-s', service,
'--ipv6', args['ipv6'],
'-p', args['port'],
]
os.execv(command_line[0], command_line)
class Recipe(GenericBaseRecipe):
def install(self):
path_list = []
login_shell = self.createPythonScript(
self.options['login-shell'],
'%s.login_shell' % __name__,
{
'password': self.options['password'],
'shell': self.options['shell']
}
)
path_list.append(login_shell)
wrapper = self.createPythonScript(
self.options['wrapper'],
'%s.shellinabox' % __name__,
dict(
certificate_dir=self.options['certificate-directory'],
ssl_key=self.options['key-file'],
ssl_certificate=self.options['cert-file'],
shellinabox=self.options['shellinabox-binary'],
directory=self.options['directory'],
ipv6=self.options['ipv6'],
port=self.options['port'],
login_shell=login_shell,
)
)
path_list.append(wrapper)
return [wrapper]
[buildout]
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
parts =
connection-dict
testnode
pwgen
shell
shellinabox
certificate-authority
ca-shellinabox
[connection-dict]
recipe = slapos.cookbook:publish
url = http://[$${shellinabox:ipv6}]:$${shellinabox:port}/
password = $${pwgen:password}
[pwgen]
recipe = slapos.cookbook:pwgen
file = $${buildout:directory}/.password
pwgen-binary = ${pwgen:location}/bin/pwgen
[testnode]
recipe = slapos.cookbook:erp5testnode
slapos-directory = $${directory:slapos}
working-directory = $${directory:testnode}
test-suite-directory = $${directory:test-suite}
proxy-host = $${slap-network-information:global-ipv6}
proxy-port = 5000
log-directory = $${directory:log}
run-directory = $${directory:run}
test-suite-title = $${slap-parameter:test-suite-title}
test-node-title = $${slap-parameter:test-node-title}
test-suite = $${slap-parameter:test-suite}
node-quantity = $${slap-parameter:node-quantity}
project-title = $${slap-parameter:project-title}
ipv4-address = $${slap-network-information:local-ipv4}
ipv6-address = $${slap-network-information:global-ipv6}
test-suite-master-url = $${slap-parameter:test-suite-master-url}
bt5-path = $${slap-parameter:additional-bt5-repository-id}
instance-dict = $${slap-parameter:instance-dict}
repository-list = $${slap-parameter:vcs-repository-list}
git-binary = ${git:location}/bin/git
slapgrid-partition-binary = ${buildout:bin-directory}/slapgrid-cp
slapgrid-software-binary = ${buildout:bin-directory}/slapgrid-sr
slapproxy-binary = ${buildout:bin-directory}/slapproxy
svn-binary = ${subversion:location}/bin/svn
svnversion-binary = ${subversion:location}/bin/svnversion
testnode = ${buildout:bin-directory}/testnode
zip-binary = ${zip:location}/bin/zip
configuration-file = $${rootdirectory:etc}/erp5testnode.cfg
log-file = $${basedirectory:log}/erp5testnode.log
wrapper = $${basedirectory:services}/erp5testnode
[shell]
recipe = slapos.cookbook:shell
wrapper = $${rootdirectory:bin}/sh
shell = ${busybox:location}/bin/sh
home = $${buildout:directory}
ps1 = "\\w> "
path =
${busybox:location}/bin/
${busybox:location}/usr/bin/
${git:location}/bin/
${subversion:location}/bin/
${perl:location}/bin/
${python2.7:location}/bin/
${buildout:bin-directory}/
${busybox:location}/sbin/
${busybox:location}/usr/sbin/
[shellinabox]
recipe = slapos.cookbook:shellinabox
ipv6 = $${slap-network-information:global-ipv6}
port = 8080
shell = $${shell:wrapper}
wrapper = $${rootdirectory:bin}/shellinaboxd
shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd
password = $${pwgen:password}
directory = $${buildout:directory}/
login-shell = $${rootdirectory:bin}/login
certificate-directory = $${directory:shellinabox}
cert-file = $${directory:shellinabox}/public.crt
key-file = $${directory:shellinabox}/private.key
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${basedirectory:services}/ca
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
[ca-shellinabox]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${shellinabox:wrapper}
wrapper = $${basedirectory:services}/shellinaboxd
key-file = $${shellinabox:key-file}
cert-file = $${shellinabox:cert-file}
[rootdirectory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc/
var = $${buildout:directory}/var/
srv = $${buildout:directory}/srv/
bin = $${buildout:directory}/bin/
tmp = $${buildout:directory}/tmp/
[basedirectory]
recipe = slapos.cookbook:mkdirectory
log = $${rootdirectory:var}/log/
services = $${rootdirectory:etc}/run/
run = $${rootdirectory:var}/run/
promises = $${rootdirectory:etc}/promise/
[directory]
recipe = slapos.cookbook:mkdirectory
slapos = $${rootdirectory:srv}/slapos/
testnode = $${rootdirectory:srv}/testnode/
test-suite = $${rootdirectory:srv}/test_suite/
log = $${basedirectory:log}/testnode/
run = $${basedirectory:run}/testnode/
shellinabox = $${rootdirectory:srv}/shellinabox/
ca-dir = $${rootdirectory:srv}/ca/
[slap-parameter]
node-quantity = 1
test-suite-master-url =
additional-bt5-repository-id =
instance-dict =
vcs-repository-list = []
test-suite-title = ${:test-suite}
[buildout] [buildout]
parts = parts =
testnode switch_softwaretype
eggs-directory = ${buildout:eggs-directory} eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[testnode] [switch_softwaretype]
recipe = slapos.cookbook:erp5testnode recipe = slapos.cookbook:softwaretype
default = ${template-default:output}
git_binary = ${git:location}/bin/git
slapgrid_partition_binary = ${buildout:bin-directory}/slapgrid-cp
slapgrid_software_binary = ${buildout:bin-directory}/slapgrid-sr
slapproxy_binary = ${buildout:bin-directory}/slapproxy
svn_binary = ${subversion:location}/bin/svn
svnversion_binary = ${subversion:location}/bin/svnversion
testnode = ${buildout:bin-directory}/testnode
zip_binary = ${zip:location}/bin/zip
...@@ -18,6 +18,9 @@ extends = ...@@ -18,6 +18,9 @@ extends =
../../component/git/buildout.cfg ../../component/git/buildout.cfg
../../component/lxml-python/buildout.cfg ../../component/lxml-python/buildout.cfg
../../component/zip/buildout.cfg ../../component/zip/buildout.cfg
../../component/busybox/buildout.cfg
../../component/shellinabox/buildout.cfg
../../component/pwgen/buildout.cfg
parts = parts =
template template
...@@ -43,6 +46,8 @@ allow-hosts = ...@@ -43,6 +46,8 @@ allow-hosts =
peak.telecommunity.com peak.telecommunity.com
psutil.googlecode.com psutil.googlecode.com
www.dabeaz.com www.dabeaz.com
launchpad.net
# XXX: Workaround of SlapOS limitation # XXX: Workaround of SlapOS limitation
# Unzippig of eggs is required, as SlapOS do not yet provide nicely working # Unzippig of eggs is required, as SlapOS do not yet provide nicely working
...@@ -75,10 +80,17 @@ recipe = slapos.recipe.template ...@@ -75,10 +80,17 @@ recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
md5sum = 08e3f92bce41efc5bfe044bb9d354786 md5sum = 307663d73ef3ef94b02567ecd322252e
[template-default]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-default.cfg
output = ${buildout:directory}/template-default.cfg
mode = 0644
md5sum = 4ecb172f6ea23f110aa57591d1dbd81d
[networkcache] [networkcache]
# Romain Courteaud + Sebastien Robin signature certificate # Romain Courteaud + Sebastien Robin + Antoine Catton signature certificate
signature-certificate-list = signature-certificate-list =
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
...@@ -106,6 +118,19 @@ signature-certificate-list = ...@@ -106,6 +118,19 @@ signature-certificate-list =
R/KCo6D0sw0ZgeQv1aUXbl/xJ9k4jlTxmWbPeiiPZEqU1W9wN5lkGuLxV4CEGTKU R/KCo6D0sw0ZgeQv1aUXbl/xJ9k4jlTxmWbPeiiPZEqU1W9wN5lkGuLxV4CEGTKU
hJA/yXa1wbwIPGvX3tVKdOEWPRXZLg== hJA/yXa1wbwIPGvX3tVKdOEWPRXZLg==
-----END CERTIFICATE----- -----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB8DCCAVmgAwIBAgIJAJ5iKK7w6AQVMA0GCSqGSIb3DQEBBQUAMBExDzANBgNV
BAMMBkNPTVAtMTAeFw0xMTExMjkxNjU1NDZaFw0xMjExMjgxNjU1NDZaMBExDzAN
BgNVBAMMBkNPTVAtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6IBOEnQP
qT1KPBT8xQnYe6ECxXkfV9zhuVwolB/2wHM1Qk0TRoOPRRHfOvzkLQUVkD9on6Dj
mJsYhrukqaidv0Y9n7c5JKM8DfFh41UP3wG6rJpPJ9VZ0ZzFjk+yzCSYrI6rf3Yd
vRhNbKHfBO+23DJJqeEiobxsOQc6eE9Gt78CAwEAAaNQME4wHQYDVR0OBBYEFDLf
TAc8fEZjGWNA62Tld7iSrgKgMB8GA1UdIwQYMBaAFDLfTAc8fEZjGWNA62Tld7iS
rgKgMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA28CQAN/jC3X+5lOh
wYO0+HvXSa6TNy6k+xAXQHEezOSgA7QMjXGVPHNzZRxhI4k6mdGImmPlKfV/GgcA
T3XATu8g033m2pCtNXW6Awp4V2Mft+w5Hx4Y3iT0Uccxc/699PU/MGroBKVCphwB
/SvdKJ6l9YsKUKhJlMRQxc9QHdU=
-----END CERTIFICATE-----
[versions] [versions]
# Use SlapOS patched zc.buildout # Use SlapOS patched zc.buildout
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment