source: fedkit/prep_gateway.pl @ c261c0f

Last change on this file since c261c0f was 8f654de, checked in by Ted Faber <faber@…>, 12 years ago

More formatting tweaks for Linux

  • Property mode set to 100644
File size: 3.6 KB
Line 
1#!/usr/bin/perl
2
3use strict;
4
5use gateway_lib;
6
7use Getopt::Long;
8use File::Copy;
9use IO::File;
10
11my $ssh_pubkey;
12my $tunnelip;
13my $peer;
14my $use_file;
15my $fed_dir = "/usr/local/federation/";
16my %opts = (
17    'ssh_pubkey=s' => \$ssh_pubkey,
18    'tunnelip' => \$tunnelip,
19    'peer=s' => \$peer,
20    'use_file' => \$use_file,
21);
22
23exit(20) unless GetOptions(%opts);
24
25if ($use_file) {
26    gateway_lib::read_config(gateway_lib::config_filename(), \%opts)
27}
28
29my $uname = `uname`;
30chomp $uname;
31
32# on portals make sure client.conf is in the override position (in fed_dir).
33my $client_conf = gateway_lib::client_conf_filename();
34
35copy($client_conf, "$fed_dir/etc/client.conf") 
36    unless $client_conf =~ /^$fed_dir/;
37
38if ($uname =~ /Linux/) {
39    # Restart sshd with tunnel params
40    gateway_lib::set_sshd_params( 
41        { 'GatewayPorts' => 'yes', 'PermitTunnel' => 'yes' } );
42    if ( -x "/etc/init.d/sshd") {
43        system("/etc/init.d/sshd restart");
44    }
45    elsif (-x "/etc/init.d/ssh") {
46        # XXX should look for service
47        system("/etc/init.d/ssh restart");
48    }
49    else {
50        print "Cannot figure out how to restart sshd\n";
51    }
52    gateway_lib::import_key($ssh_pubkey,'/root/.ssh/authorized_keys')
53        if $ssh_pubkey;
54    # Make sure the tap interface is available
55    system('modprobe tun');
56    # Install bridging software if not present
57    if ( -x '/usr/bin/yum' ) {
58        system('/usr/bin/yum -y install bridge-utils');
59    }
60    elsif (-x '/usr/bin/apt-get') {
61        system('/usr/bin/apt-get -y update');
62        system('/usr/bin/apt-get -y install bridge-utils');
63    }
64    else {
65        print "Cannot install bridge utils, hope they're here.\n"
66    }
67}
68elsif ($uname =~ /FreeBSD/ ){
69    gateway_lib::set_sshd_params( 
70        { 'GatewayPorts' => 'yes', 'PermitTunnel' => 'yes' } );
71    system("/etc/rc.d/sshd restart");
72
73    gateway_lib::import_key($ssh_pubkey,'/root/.ssh/authorized_keys')
74        if $ssh_pubkey;
75
76    # Need these to make the Ethernet tap and bridge work.
77    system("kldload /boot/kernel/bridgestp.ko") 
78        if -r "/boot/kernel/bridgestp.ko"; 
79    system("kldload /boot/kernel/if_bridge.ko");
80    system("kldload /boot/kernel/if_tap.ko");
81}
82
83if ( $tunnelip ) {
84    my ($interface, $ip, $netmask, $mac, $router) = 
85        gateway_lib::deter_tunnelip();
86
87    gateway_lib::configure_outgoing_iface($interface, $ip, $netmask);
88    # Add the route to a peer.  Wait up to an hour for the peer's IP address to
89    # appear in the DNS.
90    foreach my $p (split(/\s*,\s*/, $peer)) {
91        gateway_lib::add_route($p, $router, 1, 60 *60) 
92            if $p && $router;
93    }
94}
95my $coord_fn = "$fed_dir/etc/prep_done";
96my $coord_file = new IO::File(">$coord_fn") || die "Cannot open $coord_fn";
97
98print $coord_file `date`;
99$coord_file->close();
100
101exit(0);
102
103=pod
104
105=head1 NAME
106
107B<prep_tunnel.pl> - Prepare a tunnel node for use as either a service or connectivity gateway.
108
109=head1 OPTIONS
110
111=over 8
112
113=item B<peer=>I<hostname>
114
115The other gateway providing forwarding.
116
117=item B<ssh_pubkey=>I<keyfile>
118
119A public to install as authorized.
120
121=item B<tunnelip>
122
123True if the testbed uses the DETER tunnelip extension to provide external
124connectivity information
125
126=item B<use_file>
127
128If given read additional parameters from the file in
129/proj/I<project>/exp/I<experiment>/tmp/I<hostname>.gw/conf where those are the
130current testbed project and experiment and the hostname is before the first
131dot.  The file is option: value.
132
133
134=back
135
136=head1 SYNOPSIS
137
138B<prep_gateway.pl> laods the necessary kernel modules for low-level bridging
139configures the local sshd to allow it, restarts that sshd, and installs the
140given key in root's authorized keys.
141
142If the gateway supports DETER gateway, it setablishes outside connectivity and
143adds a host rout to the given peer.
144
145=head1 AUTHORS
146
147Ted Faber <faber@isi.edu>
148
149=cut
Note: See TracBrowser for help on using the repository browser.