From cbe081b7bc4f83c650db6fee504b0f1ce38edf81 Mon Sep 17 00:00:00 2001 From: Jason Mehring Date: Sun, 2 Nov 2014 16:20:41 -0500 Subject: [PATCH] Removed portions of qubes setup that are now handled within core-agent-linux --- scripts_debian/04_install_qubes.sh | 102 ++-- scripts_debian/proxy/files/.facl | 231 --------- .../files/etc/udev/rules.d/98-kexec.rules | 4 - .../proxy/files/etc/xen/scripts/blktap | 94 ---- .../proxy/files/etc/xen/scripts/block | 354 -------------- .../files/etc/xen/scripts/block-common.sh | 125 ----- .../proxy/files/etc/xen/scripts/block-enbd | 27 -- .../proxy/files/etc/xen/scripts/block-nbd | 27 -- .../etc/xen/scripts/external-device-migrate | 98 ---- .../files/etc/xen/scripts/hotplugpath.sh | 10 - .../proxy/files/etc/xen/scripts/locking.sh | 110 ----- .../proxy/files/etc/xen/scripts/logging.sh | 22 - .../files/etc/xen/scripts/network-bridge | 337 ------------- .../proxy/files/etc/xen/scripts/network-nat | 124 ----- .../proxy/files/etc/xen/scripts/network-route | 28 -- .../proxy/files/etc/xen/scripts/vif-bridge | 108 ----- .../proxy/files/etc/xen/scripts/vif-common.sh | 190 -------- .../proxy/files/etc/xen/scripts/vif-nat | 192 -------- .../proxy/files/etc/xen/scripts/vif-route | 56 --- .../files/etc/xen/scripts/vif-route-qubes | 65 --- .../proxy/files/etc/xen/scripts/vif-setup | 9 - .../proxy/files/etc/xen/scripts/vif2 | 46 -- .../proxy/files/etc/xen/scripts/vscsi | 22 - .../proxy/files/etc/xen/scripts/vtpm | 22 - .../files/etc/xen/scripts/vtpm-common.sh | 448 ------------------ .../proxy/files/etc/xen/scripts/vtpm-delete | 18 - .../etc/xen/scripts/vtpm-hotplug-common.sh | 35 -- .../proxy/files/etc/xen/scripts/vtpm-impl | 208 -------- .../files/etc/xen/scripts/vtpm-migration.sh | 19 - .../files/etc/xen/scripts/xen-hotplug-cleanup | 45 -- .../etc/xen/scripts/xen-hotplug-common.sh | 102 ---- .../etc/xen/scripts/xen-network-common.sh | 141 ------ .../etc/xen/scripts/xen-script-common.sh | 44 -- 33 files changed, 51 insertions(+), 3412 deletions(-) delete mode 100644 scripts_debian/proxy/files/etc/udev/rules.d/98-kexec.rules delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/blktap delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/block delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/block-common.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/block-enbd delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/block-nbd delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/external-device-migrate delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/hotplugpath.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/locking.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/logging.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/network-bridge delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/network-nat delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/network-route delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vif-bridge delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vif-common.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vif-nat delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vif-route delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vif-route-qubes delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vif-setup delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vif2 delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vscsi delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vtpm delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vtpm-common.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vtpm-delete delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vtpm-hotplug-common.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vtpm-impl delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/vtpm-migration.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-cleanup delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-common.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/xen-network-common.sh delete mode 100755 scripts_debian/proxy/files/etc/xen/scripts/xen-script-common.sh diff --git a/scripts_debian/04_install_qubes.sh b/scripts_debian/04_install_qubes.sh index 2afd7e0..adeab12 100755 --- a/scripts_debian/04_install_qubes.sh +++ b/scripts_debian/04_install_qubes.sh @@ -58,26 +58,26 @@ EOF chroot "${INSTALLDIR}" locale-gen chroot "${INSTALLDIR}" update-locale LANG=en_US.UTF-8 - # -------------------------------------------------------------------------- - # Update /etc/fstab - # -------------------------------------------------------------------------- - debug "Updating template fstab file..." - cat >> "${INSTALLDIR}/etc/fstab" <> "${INSTALLDIR}/etc/fstab" </dev/null 2>&1; then - : - else - chroot "${INSTALLDIR}" groupadd -f user - chroot "${INSTALLDIR}" useradd -g user -G dialout,cdrom,floppy,sudo,audio,dip,video,plugdev -m -s /bin/bash user - fi +# # -------------------------------------------------------------------------- +# # Qubes needs a user named 'user' +# # -------------------------------------------------------------------------- +# if chroot "${INSTALLDIR}" id -u 'user' >/dev/null 2>&1; then +# : +# else +# chroot "${INSTALLDIR}" groupadd -f user +# chroot "${INSTALLDIR}" useradd -g user -G dialout,cdrom,floppy,sudo,audio,dip,video,plugdev -m -s /bin/bash user +# fi - # -------------------------------------------------------------------------- - # Modules setup - # -------------------------------------------------------------------------- - echo "xen_netfront" >> "${INSTALLDIR}/etc/modules" +# # -------------------------------------------------------------------------- +# # Modules setup +# # -------------------------------------------------------------------------- +# echo "xen_netfront" >> "${INSTALLDIR}/etc/modules" - # -------------------------------------------------------------------------- - # Remove `mesg` from root/.profile? - # -------------------------------------------------------------------------- - sed -i -e '/^mesg n/d' "${INSTALLDIR}/root/.profile" +# # -------------------------------------------------------------------------- +# # Remove `mesg` from root/.profile? +# # -------------------------------------------------------------------------- +# sed -i -e '/^mesg n/d' "${INSTALLDIR}/root/.profile" - # -------------------------------------------------------------------------- - # Need a xen log directory or xen scripts will fail - # -------------------------------------------------------------------------- - mkdir -p -m 0700 "${INSTALLDIR}/var/log/xen" +# # -------------------------------------------------------------------------- +# # Need a xen log directory or xen scripts will fail +# # -------------------------------------------------------------------------- +# mkdir -p -m 0700 "${INSTALLDIR}/var/log/xen" # -------------------------------------------------------------------------- # Copy extra files to installation directory. Contains: @@ -189,12 +189,12 @@ EOF # -------------------------------------------------------------------------- copyTree "qubes-files" "${SCRIPTSDIR}" "${INSTALLDIR}" - # -------------------------------------------------------------------------- - # Looks like hosts file may contain tabs and qubes will not parse it - # correctly - # -------------------------------------------------------------------------- - expand "${INSTALLDIR}/etc/hosts" > "${INSTALLDIR}/etc/hosts.dist" - mv "${INSTALLDIR}/etc/hosts.dist" "${INSTALLDIR}/etc/hosts" +# # -------------------------------------------------------------------------- +# # Looks like hosts file may contain tabs and qubes will not parse it +# # correctly +# # -------------------------------------------------------------------------- +# expand "${INSTALLDIR}/etc/hosts" > "${INSTALLDIR}/etc/hosts.dist" +# mv "${INSTALLDIR}/etc/hosts.dist" "${INSTALLDIR}/etc/hosts" touch "${INSTALLDIR}/tmp/.prepared_qubes" fi diff --git a/scripts_debian/proxy/files/.facl b/scripts_debian/proxy/files/.facl index 8e44ed9..4e26d4d 100644 --- a/scripts_debian/proxy/files/.facl +++ b/scripts_debian/proxy/files/.facl @@ -40,234 +40,3 @@ user::rw- group::r-- other::r-- -# file: etc/xen -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vif-bridge -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vtpm-delete -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vif2 -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vtpm -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/external-device-migrate -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vif-route-qubes -# owner: root -# group: root -user::rwx -group::r-x -other::r-x - -# file: etc/xen/scripts/network-nat -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/xen-hotplug-common.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vtpm-common.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vtpm-impl -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/locking.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/xen-hotplug-cleanup -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/xen-network-common.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/block-nbd -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/block -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/hotplugpath.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vtpm-migration.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/network-bridge -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/block-enbd -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vif-common.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vif-setup -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vif-nat -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vif-route -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vscsi -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/network-route -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/blktap -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/xen-script-common.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/logging.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/block-common.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: etc/xen/scripts/vtpm-hotplug-common.sh -# owner: root -# group: root -user::rwx -group::--- -other::--- - -# file: .facl -# owner: user -# group: user -user::rwx -group::rwx -other::rwx - diff --git a/scripts_debian/proxy/files/etc/udev/rules.d/98-kexec.rules b/scripts_debian/proxy/files/etc/udev/rules.d/98-kexec.rules deleted file mode 100644 index 8c742dd..0000000 --- a/scripts_debian/proxy/files/etc/udev/rules.d/98-kexec.rules +++ /dev/null @@ -1,4 +0,0 @@ -SUBSYSTEM=="cpu", ACTION=="online", PROGRAM="/bin/systemctl try-restart kdump.service" -SUBSYSTEM=="cpu", ACTION=="offline", PROGRAM="/bin/systemctl try-restart kdump.service" -SUBSYSTEM=="memory", ACTION=="add", PROGRAM="/bin/systemctl try-restart kdump.service" -SUBSYSTEM=="memory", ACTION=="remove", PROGRAM="/bin/systemctl try-restart kdump.service" diff --git a/scripts_debian/proxy/files/etc/xen/scripts/blktap b/scripts_debian/proxy/files/etc/xen/scripts/blktap deleted file mode 100755 index cd30a38..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/blktap +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2005, XenSource Ltd. - -dir=$(dirname "$0") -. "$dir/xen-hotplug-common.sh" -. "$dir/block-common.sh" - -findCommand "$@" - -## -# check_blktap_sharing file mode -# -# Perform the sharing check for the given blktap and mode. -# -check_blktap_sharing() -{ - local file="$1" - local mode="$2" - - local base_path="$XENBUS_BASE_PATH/$XENBUS_TYPE" - for dom in $(xenstore-list "$base_path") - do - for dev in $(xenstore-list "$base_path/$dom") - do - params=$(xenstore_read_default "$base_path/$dom/$dev/params" "" | cut -d: -f2) - if [ "$file" = "$params" ] - then - - if [ "$mode" = 'w' ] - then - if ! same_vm "$dom" - then - echo 'guest' - return - fi - else - local m=$(xenstore_read_default "$base_path/$dom/$dev/mode" "") - m=$(canonicalise_mode "$m") - - if [ "$m" = 'w' ] - then - if ! same_vm "$dom" - then - echo 'guest' - return - fi - fi - fi - fi - done - done - - echo 'ok' -} - - -t=$(xenstore_read_default "$XENBUS_PATH/type" 'MISSING') -if [ -n "$t" ] -then - p=$(xenstore_read "$XENBUS_PATH/params") - p=${p#tapdisk:} - # if we have a ':', chew from head including : - if echo $p | grep -q \: - then - p=${p#*:} - fi -fi -# some versions of readlink cannot be passed a regular file -if [ -L "$p" ]; then - file=$(readlink -f "$p") || fatal "$p link does not exist." -else - file="$p" -fi - -if [ "$command" = 'add' ] -then - [ -e "$file" ] || { fatal $file does not exist; } - - FRONTEND_ID=$(xenstore_read "$XENBUS_PATH/frontend-id") - FRONTEND_UUID=$(xenstore_read "/local/domain/$FRONTEND_ID/vm") - mode=$(xenstore_read "$XENBUS_PATH/mode") - mode=$(canonicalise_mode "$mode") - - if [ "$mode" != '!' ] - then - result=$(check_blktap_sharing "$file" "$mode") - [ "$result" = 'ok' ] || ebusy "$file already in use by other domain" - fi - - success -fi - -exit 0 diff --git a/scripts_debian/proxy/files/etc/xen/scripts/block b/scripts_debian/proxy/files/etc/xen/scripts/block deleted file mode 100755 index 7266a78..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/block +++ /dev/null @@ -1,354 +0,0 @@ -#!/bin/bash - -dir=$(dirname "$0") -. "$dir/block-common.sh" - -HOTPLUG_STORE="/var/run/xen-hotplug/${XENBUS_PATH//\//-}" - -expand_dev() { - local dev - case $1 in - /*) - dev=$1 - ;; - *) - dev=/dev/$1 - ;; - esac - echo -n $dev -} - -find_free_loopback_helper() { - local next_devnum=0 - local busy_devnum - while read busy_devnum; do - if [ "$next_devnum" != "$busy_devnum" ]; then - break - fi - let next_devnum=$next_devnum+1 - done - echo "/dev/loop${next_devnum}" -} - -# Not all distros have "losetup -f" -find_free_loopback_dev() { - local loopdev - loopdev=$(losetup -a | sed -e 's+^/dev/loop++' -e 's/:.*//' | find_free_loopback_helper) - if [ -n "$loopdev" ] && [ -b "$loopdev" ]; then - echo "$loopdev" - fi -} - -## -# check_sharing device mode -# -# Check whether the device requested is already in use. To use the device in -# read-only mode, it may be in use in read-only mode, but may not be in use in -# read-write anywhere at all. To use the device in read-write mode, it must -# not be in use anywhere at all. -# -# Prints one of -# -# 'local': the device may not be used because it is mounted in the current -# (i.e. the privileged domain) in a way incompatible with the -# requested mode; -# 'guest': the device may not be used because it already mounted by a guest -# in a way incompatible with the requested mode; or -# 'ok': the device may be used. -# -check_sharing() -{ - local dev="$1" - local mode="$2" - - local devmm=$(device_major_minor "$dev") - local file - - if [ "$mode" = 'w' ] - then - toskip="^$" - else - toskip="^[^ ]* [^ ]* [^ ]* ro[, ]" - fi - - for file in $(cat /proc/mounts | grep -v "$toskip" | cut -f 1 -d ' ') - do - if [ -e "$file" ] - then - local d=$(device_major_minor "$file") - - if [ "$d" = "$devmm" ] - then - echo 'local' - return - fi - fi - done - - local base_path="$XENBUS_BASE_PATH/$XENBUS_TYPE" - for dom in $(xenstore-list "$base_path") - do - for dev in $(xenstore-list "$base_path/$dom") - do - d=$(xenstore_read_default "$base_path/$dom/$dev/physical-device" "") - - if [ "$d" = "$devmm" ] - then - if [ "$mode" = 'w' ] - then - if ! same_vm $dom - then - echo 'guest' - return - fi - else - local m=$(xenstore_read_default "$base_path/$dom/$dev/mode" "") - m=$(canonicalise_mode "$m") - - if [ "$m" = 'w' ] - then - if ! same_vm $dom - then - echo 'guest' - return - fi - fi - fi - fi - done - done - - echo 'ok' -} - - -## -# check_device_sharing dev mode -# -# Perform the sharing check for the given physical device and mode. -# -check_device_sharing() -{ - local dev="$1" - local mode=$(canonicalise_mode "$2") - local result - - if [ "x$mode" = 'x!' ] - then - return 0 - fi - - result=$(check_sharing "$dev" "$mode") - - if [ "$result" != 'ok' ] - then - do_ebusy "Device $dev is mounted " "$mode" "$result" - fi -} - - -## -# check_device_sharing file dev mode -# -# Perform the sharing check for the given file mounted through the given -# loopback interface, in the given mode. -# -check_file_sharing() -{ - local file="$1" - local dev="$2" - local mode="$3" - - result=$(check_sharing "$dev" "$mode") - - if [ "$result" != 'ok' ] - then - do_ebusy "File $file is loopback-mounted through $dev, -which is mounted " "$mode" "$result" - fi -} - - -## -# do_ebusy prefix mode result -# -# Helper function for check_device_sharing check_file_sharing, calling ebusy -# with an error message constructed from the given prefix, mode, and result -# from a call to check_sharing. -# -do_ebusy() -{ - local prefix="$1" - local mode="$2" - local result="$3" - - if [ "$result" = 'guest' ] - then - dom='a guest ' - when='now' - else - dom='the privileged ' - when='by a guest' - fi - - if [ "$mode" = 'w' ] - then - m1='' - m2='' - else - m1='read-write ' - m2='read-only ' - fi - - release_lock "block" - ebusy \ -"${prefix}${m1}in ${dom}domain, -and so cannot be mounted ${m2}${when}." -} - - -t=$(xenstore_read_default "$XENBUS_PATH/type" 'MISSING') - -case "$command" in - add) - phys=$(xenstore_read_default "$XENBUS_PATH/physical-device" 'MISSING') - if [ "$phys" != 'MISSING' ] - then - # Depending upon the hotplug configuration, it is possible for this - # script to be called twice, so just bail. - exit 0 - fi - - if [ -n "$t" ] - then - p=$(xenstore_read "$XENBUS_PATH/params") - mode=$(xenstore_read "$XENBUS_PATH/mode") - echo $p > "$HOTPLUG_STORE-params" - echo $mode > "$HOTPLUG_STORE-mode" - echo $t > "$HOTPLUG_STORE-type" - fi - FRONTEND_ID=$(xenstore_read "$XENBUS_PATH/frontend-id") - FRONTEND_UUID=$(xenstore_read_default \ - "/local/domain/$FRONTEND_ID/vm" 'unknown') - - case $t in - phy) - dev=$(expand_dev $p) - - if [ -L "$dev" ] - then - dev=$(readlink -f "$dev") || fatal "$dev link does not exist." - fi - test -e "$dev" || fatal "$dev does not exist." - test -b "$dev" || fatal "$dev is not a block device." - - claim_lock "block" - check_device_sharing "$dev" "$mode" - write_dev "$dev" - release_lock "block" - exit 0 - ;; - - file) - # Canonicalise the file, for sharing check comparison, and the mode - # for ease of use here. - file=$(readlink -f "$p") || fatal "$p does not exist." - test -f "$file" || fatal "$file does not exist." - mode=$(canonicalise_mode "$mode") - - claim_lock "block" - - # Avoid a race with the remove if the path has been deleted, or - # otherwise changed from "InitWait" state e.g. due to a timeout - xenbus_state=$(xenstore_read_default "$XENBUS_PATH/state" 'unknown') - if [ "$xenbus_state" != '2' ] - then - release_lock "block" - fatal "Path closed or removed during hotplug add: $XENBUS_PATH state: $xenbus_state" - fi - - if [ "$mode" = 'w' ] && ! stat "$file" -c %A | grep -q w - then - release_lock "block" - ebusy \ -"File $file is read-only, and so I will not -mount it read-write in a guest domain." - fi - - if [ "x$mode" != 'x!' ] - then - inode=$(stat -c '%i' "$file") - dev=$(stat -c '%D' "$file") - if [ -z "$inode" ] || [ -z "$dev" ] - then - fatal "Unable to lookup $file: dev: $dev inode: $inode" - fi - - shared_list=$(losetup -j "$file" | head -n 1 | cut -d : -f 1) - for dev in "$shared_list" - do - if [ -n "$dev" ] - then - check_file_sharing "$file" "$dev" "$mode" - loopdev="$dev" - fi - done - fi - - if [ -z "$loopdev" ]; then - loopdev=$(losetup -f 2>/dev/null || find_free_loopback_dev) - if [ "$loopdev" = '' ] - then - release_lock "block" - fatal 'Failed to find an unused loop device' - fi - - if LANG=C losetup -h 2>&1 | grep read-only >/dev/null - then - roflag="-$mode"; roflag="${roflag#-w}"; roflag="${roflag#-!}" - else - roflag='' - fi - do_or_die losetup $roflag "$loopdev" "$file" - fi - xenstore_write "$XENBUS_PATH/node" "$loopdev" - echo $loopdev > "$HOTPLUG_STORE-node" - write_dev "$loopdev" - release_lock "block" - exit 0 - ;; - - "") - claim_lock "block" - success - release_lock "block" - ;; - esac - ;; - - remove) - t=$(cat $HOTPLUG_STORE-type) - case $t in - phy) - exit 0 - ;; - - file) - claim_lock "block" - node=$(cat "$HOTPLUG_STORE-node") - losetup -d "$node" - release_lock "block" - exit 0 - ;; - - "") - exit 0 - ;; - esac - ;; - -esac - -# If we've reached here, $t is neither phy nor file, so fire a helper script. -[ -x ${XEN_SCRIPT_DIR}/block-"$t" ] && \ - ${XEN_SCRIPT_DIR}/block-"$t" "$command" $node diff --git a/scripts_debian/proxy/files/etc/xen/scripts/block-common.sh b/scripts_debian/proxy/files/etc/xen/scripts/block-common.sh deleted file mode 100755 index cc374ef..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/block-common.sh +++ /dev/null @@ -1,125 +0,0 @@ -# -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - - -dir=$(dirname "$0") -. "$dir/xen-hotplug-common.sh" - -findCommand "$@" - -if [ "$command" != "add" ] && - [ "$command" != "remove" ] -then - log err "Invalid command: $command" - exit 1 -fi - - -XENBUS_PATH="${XENBUS_PATH:?}" - - -ebusy() -{ - xenstore_write "$XENBUS_PATH/hotplug-error" "$*" \ - "$XENBUS_PATH/hotplug-status" busy - log err "$@" - exit 1 -} - - -## -# Print the given device's major and minor numbers, written in hex and -# separated by a colon. -device_major_minor() -{ - stat -L -c %t:%T "$1" -} - - -## -# Write physical-device = MM,mm to the store, where MM and mm are the major -# and minor numbers of device respectively. -# -# @param device The device from which major and minor numbers are read, which -# will be written into the store. -# -write_dev() { - local mm - - mm=$(device_major_minor "$1") - - if [ -z $mm ] - then - fatal "Backend device does not exist" - fi - - xenstore_write "$XENBUS_PATH/physical-device" "$mm" - - success -} - - -## -# canonicalise_mode mode -# -# Takes the given mode, which may be r, w, ro, rw, w!, or rw!, or variations -# thereof, and canonicalises them to one of -# -# 'r': perform checks for a new read-only mount; -# 'w': perform checks for a read-write mount; or -# '!': perform no checks at all. -# -canonicalise_mode() -{ - local mode="$1" - - if ! expr index "$mode" 'w' >/dev/null - then - echo 'r' - elif ! expr index "$mode" '!' >/dev/null - then - echo 'w' - else - echo '!' - fi -} - - -same_vm() -{ - local otherdom="$1" - # Note that othervm can be MISSING here, because Xend will be racing with - # the hotplug scripts -- the entries in /local/domain can be removed by - # Xend before the hotplug scripts have removed the entry in - # /local/domain/0/backend/. In this case, we want to pretend that the - # VM is the same as FRONTEND_UUID, because that way the 'sharing' will be - # allowed. - local othervm=$(xenstore_read_default "/local/domain/$otherdom/vm" \ - "$FRONTEND_UUID") - local target=$(xenstore_read_default "/local/domain/$FRONTEND_ID/target" \ - "-1") - local otarget=$(xenstore_read_default "/local/domain/$otherdom/target" \ - "-1") - local otvm=$(xenstore_read_default "/local/domain/$otarget/vm" \ - "-1") - otvm=${otvm%-1} - othervm=${othervm%-1} - local frontend_uuid=${FRONTEND_UUID%-1} - - [ "$frontend_uuid" = "$othervm" -o "$target" = "$otherdom" -o "$frontend_uuid" = "$otvm" ] -} - diff --git a/scripts_debian/proxy/files/etc/xen/scripts/block-enbd b/scripts_debian/proxy/files/etc/xen/scripts/block-enbd deleted file mode 100755 index 67faa84..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/block-enbd +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -# Usage: block-enbd [bind server ctl_port |unbind node] -# -# The node argument to unbind is the name of the device node we are to -# unbind. -# -# This assumes you're running a correctly configured server at the other end! - -dir=$(dirname "$0") -. "$dir/block-common.sh" - -case "$command" in - add) - for dev in /dev/nd*; do - if nbd-client $2:$3 $dev; then - write_dev $dev - exit 0 - fi - done - exit 1 - ;; - remove) - nbd-client -d $2 - exit 0 - ;; -esac diff --git a/scripts_debian/proxy/files/etc/xen/scripts/block-nbd b/scripts_debian/proxy/files/etc/xen/scripts/block-nbd deleted file mode 100755 index b29b315..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/block-nbd +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -# Usage: block-nbd [bind server ctl_port |unbind node] -# -# The node argument to unbind is the name of the device node we are to -# unbind. -# -# This assumes you're running a correctly configured server at the other end! - -dir=$(dirname "$0") -. "$dir/block-common.sh" - -case "$command" in - add) - for dev in /dev/nbd*; do - if nbd-client $2 $3 $dev; then - write_dev $dev - exit 0 - fi - done - exit 1 - ;; - remove) - nbd-client -d $2 - exit 0 - ;; -esac diff --git a/scripts_debian/proxy/files/etc/xen/scripts/external-device-migrate b/scripts_debian/proxy/files/etc/xen/scripts/external-device-migrate deleted file mode 100755 index a411348..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/external-device-migrate +++ /dev/null @@ -1,98 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2005 IBM Corporation -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -set -x - -# This script is called by XenD for migration of external devices -# It does not handle the migration of those devices itself, but -# passes the requests on to further applications -# It handles the low-level command line parsing and some of the -# synchronization - -dir=$(dirname "$0") -. "$dir/logging.sh" - - -function ext_dev_migrate_usage() { -cat < : n-th migration step --host : the destination host --domname : name of the domain that is migrating --type : the type of device that is migrating --subtype : the subtype of the device --recover : indicates recovery request; an error - occurred during migration --help : display this help screen -EOF -} - -# Parse the command line paramters. The following parameters must be -# passed as the first ones in the sequence: -# -step [required] -# -host [required] -# -domname [required] -# -type [required] -# -subtype [optional] -# -recover [optional] -# The remaining ones will be passed to the called function. -function evaluate_params() -{ - local step host domname typ recover filename func stype - stype="" - while [ $# -ge 1 ]; do - case "$1" in - -step) step=$2; shift; shift;; - -host) host=$2; shift; shift;; - -domname) domname=$2; shift; shift;; - -type) typ=$2; shift; shift;; - -subtype) stype=$2; shift; shift;; - -recover) recover=1; shift;; - -help) ext_dev_migrate_usage; exit 0;; - *) break;; - esac - done - - if [ "$step" = "" -o \ - "$host" = "" -o \ - "$typ" = "" -o \ - "$domname" = "" ]; then - echo "Error: Parameter(s) missing (-step/-host/-type/-domname)" 1>&2 - echo "" 1>&2 - echo "$0 -help for usage." 1>&2 - exit 1 - fi - - filename="$dir/$typ$stype-migration.sh" - if [ ! -r $filename ]; then - echo "Error: Could not find script '$filename'" - return - fi - . "$filename" - - if [ "$recover" = "1" ]; then - func="$typ"_recover - eval $func $host $domname $step $* - else - func="$typ"_migration_step - eval $func $host $domname $step $* - fi -} - -evaluate_params "$@" diff --git a/scripts_debian/proxy/files/etc/xen/scripts/hotplugpath.sh b/scripts_debian/proxy/files/etc/xen/scripts/hotplugpath.sh deleted file mode 100755 index 254b3e2..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/hotplugpath.sh +++ /dev/null @@ -1,10 +0,0 @@ -SBINDIR="/usr/sbin" -BINDIR="/usr/bin" -LIBEXEC="/usr/lib/xen/bin" -LIBDIR="/usr/lib64" -SHAREDIR="/usr/share" -PRIVATE_BINDIR="/usr/lib64/xen/bin" -XENFIRMWAREDIR="/usr/lib/xen/boot" -XEN_CONFIG_DIR="/etc/xen" -XEN_SCRIPT_DIR="/etc/xen/scripts" -XEN_LOCK_DIR="/var/lock" diff --git a/scripts_debian/proxy/files/etc/xen/scripts/locking.sh b/scripts_debian/proxy/files/etc/xen/scripts/locking.sh deleted file mode 100755 index e233c47..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/locking.sh +++ /dev/null @@ -1,110 +0,0 @@ -# -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -# -# Serialisation -# - -LOCK_SLEEPTIME=1 -LOCK_SPINNING_RETRIES=5 -LOCK_RETRIES=100 -LOCK_BASEDIR=/var/run/xen-hotplug - - -claim_lock() -{ - local lockdir="$LOCK_BASEDIR/$1" - mkdir -p "$LOCK_BASEDIR" - _claim_lock "$lockdir" -} - - -release_lock() -{ - _release_lock "$LOCK_BASEDIR/$1" -} - - -# This function will be redefined in xen-hotplug-common.sh. -sigerr() { - exit 1 -} - - -_claim_lock() -{ - local lockdir="$1" - local owner=$(_lock_owner "$lockdir") - local retries=0 - - while [ $retries -lt $LOCK_RETRIES ] - do - mkdir "$lockdir" 2>/dev/null && trap "_release_lock $lockdir; sigerr" ERR && - _update_lock_info "$lockdir" && return - - local new_owner=$(_lock_owner "$lockdir") - if [ "$new_owner" != "$owner" ] - then - owner="$new_owner" - retries=0 - else - local pid=$(echo $owner | cut -d : -f 1) - if [ -n "$pid" -a "$pid" != "unknown" -a ! -f "/proc/$pid/status" ] - then - _release_lock $lockdir - fi - fi - - if [ $retries -gt $LOCK_SPINNING_RETRIES ] - then - sleep $LOCK_SLEEPTIME - else - sleep 0 - fi - retries=$(($retries + 1)) - done - _steal_lock "$lockdir" -} - - -_release_lock() -{ - trap sigerr ERR - rm -rf "$1" 2>/dev/null || true -} - - -_steal_lock() -{ - local lockdir="$1" - local owner=$(cat "$lockdir/owner" 2>/dev/null || echo "unknown") - log err "Forced to steal lock on $lockdir from $owner!" - _release_lock "$lockdir" - _claim_lock "$lockdir" -} - - -_lock_owner() -{ - cat "$1/owner" 2>/dev/null || echo "unknown" -} - - -_update_lock_info() -{ - echo "$$: $0" >"$1/owner" -} diff --git a/scripts_debian/proxy/files/etc/xen/scripts/logging.sh b/scripts_debian/proxy/files/etc/xen/scripts/logging.sh deleted file mode 100755 index c1bc699..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/logging.sh +++ /dev/null @@ -1,22 +0,0 @@ -# -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -log() { - local level="$1" - shift - logger -p "daemon.$level" -- "$0:" "$@" || echo "$0 $@" >&2 -} diff --git a/scripts_debian/proxy/files/etc/xen/scripts/network-bridge b/scripts_debian/proxy/files/etc/xen/scripts/network-bridge deleted file mode 100755 index 6f8475a..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/network-bridge +++ /dev/null @@ -1,337 +0,0 @@ -#!/bin/bash -#============================================================================ -# Default Xen network start/stop script. -# Xend calls a network script when it starts. -# The script name to use is defined in ${XEN_CONFIG_DIR}/xend-config.sxp -# in the network-script field. -# -# This script creates a bridge (default ${netdev}), adds a device -# (defaults to the device on the default gateway route) to it, copies -# the IP addresses from the device to the bridge and adjusts the routes -# accordingly. -# -# If all goes well, this should ensure that networking stays up. -# However, some configurations are upset by this, especially -# NFS roots. If the bridged setup does not meet your needs, -# configure a different script, for example using routing instead. -# -# Usage: -# -# network-bridge (start|stop|status) {VAR=VAL}* -# -# Vars: -# -# bridge The bridge to use (default ${netdev}). -# netdev The interface to add to the bridge (default gateway device). -# antispoof Whether to use iptables to prevent spoofing (default no). -# -# Internal Vars: -# pdev="p${netdev}" -# tdev=tmpbridge -# -# start: -# Creates the bridge as tdev -# Copies the IP and MAC addresses from pdev to bridge -# Renames netdev to be pdev -# Renames tdev to bridge -# Enslaves pdev to bridge -# -# stop: -# Removes pdev from the bridge -# Transfers addresses, routes from bridge to pdev -# Renames bridge to tdev -# Renames pdev to netdev -# Deletes tdev -# -# status: -# Print addresses, interfaces, routes -# -#============================================================================ - - -dir=$(dirname "$0") -. "$dir/logging.sh" -. "$dir/xen-script-common.sh" -. "$dir/xen-network-common.sh" -. "$dir/locking.sh" - -findCommand "$@" -evalVariables "$@" - -is_network_root () { - local rootfs=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $3; }}' /etc/mtab) - local rootopts=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $4; }}' /etc/mtab) - - [[ "$rootfs" =~ "^nfs" ]] || [[ "$rootopts" =~ "_netdev" ]] && has_nfsroot=1 || has_nfsroot=0 - if [ $has_nfsroot -eq 1 ]; then - local bparms=$(cat /proc/cmdline) - for p in $bparms; do - local ipaddr=$(echo $p | awk /nfsroot=/'{ print substr($1,9,index($1,":")-9) }') - if [ "$ipaddr" != "" ]; then - local nfsdev=$(ip route get $ipaddr | awk /$ipaddr/'{ print $3 }') - [[ "$nfsdev" == "$netdev" ]] && return 0 || return 1 - fi - done - fi - return 1 -} - -find_alt_device () { - local interf=$1 - local prefix=${interf%[[:digit:]]} - local ifs=$(ip link show | grep " $prefix" |\ - awk '{ printf ("%s",substr($2,1,length($2)-1)) }' |\ - sed s/$interf//) - echo "$ifs" -} - -netdev=${netdev:-$(ip route list 0.0.0.0/0 | \ - sed 's/.*dev \([a-z]\+[0-9]\+\).*$/\1/')} -if is_network_root ; then - altdevs=$(find_alt_device $netdev) - for netdev in $altdevs; do break; done - if [ -z "$netdev" ]; then - [ -x /usr/bin/logger ] && /usr/bin/logger "network-bridge: bridging not supported on network root; not starting" - exit - fi -fi -netdev=${netdev:-eth0} -bridge=${bridge:-${netdev}} -antispoof=${antispoof:-no} - -pdev="p${netdev}" -tdev=tmpbridge - -get_ip_info() { - addr_pfx=`ip addr show dev $1 | egrep '^ *inet' | sed -e 's/ *inet //' -e 's/ .*//'` - gateway=`ip route show dev $1 | fgrep default | sed 's/default via //'` -} - -do_ifup() { - if [ $1 != "${netdev}" ] || ! ifup $1 ; then - if [ -n "$addr_pfx" ] ; then - # use the info from get_ip_info() - ip addr flush $1 - ip addr add ${addr_pfx} dev $1 - fi - ip link set dev $1 up - [ -n "$gateway" ] && ip route add default via ${gateway} - fi -} - -# Usage: transfer_addrs src dst -# Copy all IP addresses (including aliases) from device $src to device $dst. -transfer_addrs () { - local src=$1 - local dst=$2 - # Don't bother if $dst already has IP addresses. - if ip addr show dev ${dst} | egrep -q '^ *inet ' ; then - return - fi - # Address lines start with 'inet' and have the device in them. - # Replace 'inet' with 'ip addr add' and change the device name $src - # to 'dev $src'. - ip addr show dev ${src} | egrep '^ *inet ' | sed -e " -s/inet/ip addr add/ -s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+\)@\1@ -s/${src}/dev ${dst} label ${dst}/ -s/secondary// -" | sh -e - # Remove automatic routes on destination device - ip route list | sed -ne " -/dev ${dst}\( \|$\)/ { - s/^/ip route del / - p -}" | sh -e -} - -# Usage: transfer_routes src dst -# Get all IP routes to device $src, delete them, and -# add the same routes to device $dst. -# The original routes have to be deleted, otherwise adding them -# for $dst fails (duplicate routes). -transfer_routes () { - local src=$1 - local dst=$2 - # List all routes and grep the ones with $src in. - # Stick 'ip route del' on the front to delete. - # Change $src to $dst and use 'ip route add' to add. - ip route list | sed -ne " -/dev ${src}\( \|$\)/ { - h - s/^/ip route del / - P - g - s/${src}/${dst}/ - s/^/ip route add / - P - d -}" | sh -e -} - - -## -# link_exists interface -# -# Returns 0 if the interface named exists (whether up or down), 1 otherwise. -# -link_exists() -{ - if ip link show "$1" >/dev/null 2>/dev/null - then - return 0 - else - return 1 - fi -} - -# Set the default forwarding policy for $dev to drop. -# Allow forwarding to the bridge. -antispoofing () { - iptables -P FORWARD DROP - iptables -F FORWARD - iptables -A FORWARD -m physdev --physdev-in ${pdev} -j ACCEPT -} - -# Usage: show_status dev bridge -# Print ifconfig and routes. -show_status () { - local dev=$1 - local bridge=$2 - - echo '============================================================' - ip addr show ${dev} - ip addr show ${bridge} - echo ' ' - brctl show ${bridge} - echo ' ' - ip route list - echo ' ' - route -n - echo '============================================================' -} - -op_start () { - if [ "${bridge}" = "null" ] ; then - return - fi - - if [ `brctl show | wc -l` != 1 ]; then - return - fi - - if link_exists "$pdev"; then - # The device is already up. - return - fi - - claim_lock "network-bridge" - - create_bridge ${tdev} - - preiftransfer ${netdev} - transfer_addrs ${netdev} ${tdev} - # Remember slaves for bonding interface. - if [ -e /sys/class/net/${netdev}/bonding/slaves ]; then - slaves=`cat /sys/class/net/${netdev}/bonding/slaves` - fi - # Remember the IP details for do_ifup. - get_ip_info ${netdev} - if ! ifdown ${netdev}; then - ip link set ${netdev} down - ip addr flush ${netdev} - fi - ip link set ${netdev} name ${pdev} - ip link set ${tdev} name ${bridge} - - setup_physical_bridge_port ${pdev} - - # Restore slaves - if [ -n "${slaves}" ]; then - ip link set ${pdev} up - ifenslave ${pdev} ${slaves} - fi - add_to_bridge2 ${bridge} ${pdev} - do_ifup ${bridge} - - if [ ${antispoof} = 'yes' ] ; then - antispoofing - fi - - release_lock "network-bridge" -} - -op_stop () { - if [ "${bridge}" = "null" ]; then - return - fi - if ! link_exists "$bridge"; then - return - fi - if ! [ -e "/sys/class/net/${bridge}/brif/${pdev}" ]; then - # $bridge is not a bridge to which pdev is enslaved - return - fi - - claim_lock "network-bridge" - - transfer_addrs ${bridge} ${pdev} - if ! ifdown ${bridge}; then - get_ip_info ${bridge} - fi - ip link set ${pdev} down - ip addr flush ${bridge} - - brctl delif ${bridge} ${pdev} - ip link set ${bridge} down - - ip link set ${bridge} name ${tdev} - ip link set ${pdev} name ${netdev} - do_ifup ${netdev} - - brctl delbr ${tdev} - - release_lock "network-bridge" -} - -# adds $dev to $bridge but waits for $dev to be in running state first -add_to_bridge2() { - local bridge=$1 - local dev=$2 - local maxtries=10 - - echo -n "Waiting for ${dev} to negotiate link." - ip link set ${dev} up - for i in `seq ${maxtries}` ; do - if ifconfig ${dev} | grep -q RUNNING ; then - break - else - echo -n '.' - sleep 1 - fi - done - - if [ ${i} -eq ${maxtries} ] ; then echo -n '(link isnt in running state)' ; fi - echo - - add_to_bridge ${bridge} ${dev} -} - -case "$command" in - start) - op_start - ;; - - stop) - op_stop - ;; - - status) - show_status ${netdev} ${bridge} - ;; - - *) - echo "Unknown command: $command" >&2 - echo 'Valid commands are: start, stop, status' >&2 - exit 1 -esac diff --git a/scripts_debian/proxy/files/etc/xen/scripts/network-nat b/scripts_debian/proxy/files/etc/xen/scripts/network-nat deleted file mode 100755 index eb1740e..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/network-nat +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -#============================================================================ -# Default Xen network start/stop script when using NAT. -# Xend calls a network script when it starts. -# The script name to use is defined in ${XEN_CONFIG_DIR}/xend-config.sxp -# in the network-script field. -# -# Usage: -# -# network-nat (start|stop|status) {VAR=VAL}* -# -# Vars: -# -# netdev The gateway interface (default eth0). -# antispoof Whether to use iptables to prevent spoofing (default no). -# dhcp Whether to alter the local DHCP configuration (default no). -# -#============================================================================ - -dir=$(dirname "$0") -. "$dir/hotplugpath.sh" -. "$dir/xen-script-common.sh" -. "$dir/xen-network-common.sh" - -findCommand "$@" -evalVariables "$@" - -netdev=${netdev:-eth0} -# antispoofing not yet implemented -antispoof=${antispoof:-no} - -# turn on dhcp feature by default if dhcpd is installed -if [ -f /etc/dhcpd.conf ] -then - dhcp=${dhcp:-yes} -else - dhcp=${dhcp:-no} -fi - - -if [ "$dhcp" != 'no' ] -then - dhcpd_conf_file=$(find_dhcpd_conf_file) - dhcpd_init_file=$(find_dhcpd_init_file) - if [ -z "$dhcpd_conf_file" ] || [ -z "$dhcpd_init_file" ] - then - echo 'Failed to find dhcpd configuration or init file.' >&2 - exit 1 - fi -fi - -domain_name=`cat /etc/resolv.conf | grep -v "#" | grep -E 'search|domain' -i | tail -n 1 | awk '{ print $2 }'` -nameserver=`cat /etc/resolv.conf | grep -v "#" | grep "nameserver" -i -m 1 | awk '{ print $2 }'` - -function dhcp_start() -{ - if ! grep -q "subnet 10.0.0.0" "$dhcpd_conf_file" - then - echo >>"$dhcpd_conf_file" "subnet 10.0.0.0 netmask 255.255.0.0 {\ - option domain-name \"$domain_name\";\ - option domain-name-servers $nameserver; }" - fi - - "$dhcpd_init_file" restart -} - - -function dhcp_stop() -{ - local tmpfile=$(mktemp) - grep -v "subnet 10.0.0.0" "$dhcpd_conf_file" >"$tmpfile" - if diff "$tmpfile" "$dhcpd_conf_file" >&/dev/null - then - rm "$tmpfile" - else - mv "$tmpfile" "$dhcpd_conf_file" - fi - - "$dhcpd_init_file" restart -} - - -op_start() { - echo 1 >/proc/sys/net/ipv4/ip_forward - iptables -t nat -A POSTROUTING -o ${netdev} -j MASQUERADE - [ "$dhcp" != 'no' ] && dhcp_start -} - - -op_stop() { - [ "$dhcp" != 'no' ] && dhcp_stop - iptables -t nat -D POSTROUTING -o ${netdev} -j MASQUERADE -} - - -show_status() { - echo '============================================================' - ifconfig - echo ' ' - ip route list - echo ' ' - route -n - echo '============================================================' - -} - -case "$command" in - start) - op_start - ;; - - stop) - op_stop - ;; - - status) - show_status - ;; - - *) - echo "Unknown command: $command" >&2 - echo 'Valid commands are: start, stop, status' >&2 - exit 1 -esac diff --git a/scripts_debian/proxy/files/etc/xen/scripts/network-route b/scripts_debian/proxy/files/etc/xen/scripts/network-route deleted file mode 100755 index 8f6a1be..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/network-route +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -#============================================================================ -# Default Xen network start/stop script. -# Xend calls a network script when it starts. -# The script name to use is defined in ${XEN_CONFIG_DIR}/xend-config.sxp -# in the network-script field. -# -# Usage: -# -# network-route (start|stop|status) {VAR=VAL}* -# -# Vars: -# -# netdev The gateway interface (default eth0). -# antispoof Whether to use iptables to prevent spoofing (default yes). -# -#============================================================================ - -dir=$(dirname "$0") -. "$dir/hotplugpath.sh" -. "$dir/xen-script-common.sh" - -evalVariables "$@" - -netdev=${netdev:-eth0} - -echo 1 >/proc/sys/net/ipv4/ip_forward -echo 1 >/proc/sys/net/ipv4/conf/${netdev}/proxy_arp diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vif-bridge b/scripts_debian/proxy/files/etc/xen/scripts/vif-bridge deleted file mode 100755 index 960784a..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vif-bridge +++ /dev/null @@ -1,108 +0,0 @@ -#!/bin/bash -#============================================================================ -# ${XEN_SCRIPT_DIR}/vif-bridge -# -# Script for configuring a vif in bridged mode. -# The hotplugging system will call this script if it is specified either in -# the device configuration given to Xend, or the default Xend configuration -# in ${XEN_CONFIG_DIR}/xend-config.sxp. If the script is specified in -# neither of those places, then this script is the default. -# -# Usage: -# vif-bridge (add|remove|online|offline) -# -# Environment vars: -# vif vif interface name (required). -# XENBUS_PATH path to this device's details in the XenStore (required). -# -# Read from the store: -# bridge bridge to add the vif to (optional). Defaults to searching for the -# bridge itself. -# ip list of IP networks for the vif, space-separated (optional). -# -# up: -# Enslaves the vif interface to the bridge and adds iptables rules -# for its ip addresses (if any). -# -# down: -# Removes the vif interface from the bridge and removes the iptables -# rules for its ip addresses (if any). -#============================================================================ - -dir=$(dirname "$0") -. "$dir/vif-common.sh" - -bridge=${bridge:-} -bridge=$(xenstore_read_default "$XENBUS_PATH/bridge" "$bridge") - -if [ -z "$bridge" ] -then - bridge=$(brctl show | cut -d " -" -f 2 | cut -f 1) - - if [ -z "$bridge" ] - then - fatal "Could not find bridge, and none was specified" - fi -else - # - # Old style bridge setup with netloop, used to have a bridge name - # of xenbrX, enslaving pethX and vif0.X, and then configuring - # eth0. - # - # New style bridge setup does not use netloop, so the bridge name - # is ethX and the physical device is enslaved pethX - # - # So if... - # - # - User asks for xenbrX - # - AND xenbrX doesn't exist - # - AND there is a ethX device which is a bridge - # - # ..then we translate xenbrX to ethX - # - # This lets old config files work without modification - # - if [ ! -e "/sys/class/net/$bridge" ] && [ -z "${bridge##xenbr*}" ] - then - if [ -e "/sys/class/net/eth${bridge#xenbr}/bridge" ] - then - bridge="eth${bridge#xenbr}" - fi - fi -fi - -RET=0 -ip link show $bridge 1>/dev/null 2>&1 || RET=1 -if [ "$RET" -eq 1 ] -then - fatal "Could not find bridge device $bridge" -fi - -case "$command" in - online) - setup_virtual_bridge_port "$dev" - mtu="`ip link show $bridge | awk '/mtu/ { print $5 }'`" - if [ -n "$mtu" ] && [ "$mtu" -gt 0 ] - then - ip link set $dev mtu $mtu || : - fi - add_to_bridge "$bridge" "$dev" - ;; - - offline) - do_without_error brctl delif "$bridge" "$dev" - do_without_error ifconfig "$dev" down - ;; - - add) - setup_virtual_bridge_port "$dev" - add_to_bridge "$bridge" "$dev" - ;; -esac - -log debug "Successful vif-bridge $command for $dev, bridge $bridge." -if [ "$type_if" = vif -a "$command" = "online" ] -then - success -fi diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vif-common.sh b/scripts_debian/proxy/files/etc/xen/scripts/vif-common.sh deleted file mode 100755 index c9c5d41..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vif-common.sh +++ /dev/null @@ -1,190 +0,0 @@ -# -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - - -dir=$(dirname "$0") -. "$dir/xen-hotplug-common.sh" -. "$dir/xen-network-common.sh" - -findCommand "$@" - -if [ "$command" != "online" ] && - [ "$command" != "offline" ] && - [ "$command" != "add" ] && - [ "$command" != "remove" ] -then - log err "Invalid command: $command" - exit 1 -fi - - -# Parameters may be read from the environment, the command line arguments, and -# the store, with overriding in that order. The environment is given by the -# driver, the command line is given by the Xend global configuration, and -# store details are given by the per-domain or per-device configuration. - -evalVariables "$@" - -# Older versions of Xen do not pass in the type as an argument, -# so the default value is vif. -: ${type_if:=vif} - -case "$type_if" in - vif) - dev=$vif - ;; - tap) - dev=$INTERFACE - ;; - *) - log err "unknown interface type $type_if" - exit 1 - ;; -esac - -case "$command" in - online | offline) - test "$type_if" != vif && exit 0 - ;; - add | remove) - test "$type_if" != tap && exit 0 - ;; -esac - - -if [ "$type_if" = vif ]; then - # Check presence of compulsory args. - XENBUS_PATH="${XENBUS_PATH:?}" - dev="${dev:?}" - - vifname=$(xenstore_read_default "$XENBUS_PATH/vifname" "") - if [ "$vifname" ] - then - if [ "$command" == "online" ] && ! ip link show "$vifname" >&/dev/null - then - do_or_die ip link set "$dev" name "$vifname" - fi - dev="$vifname" - fi -elif [ "$type_if" = tap ]; then - # Check presence of compulsory args. - : ${INTERFACE:?} - - # Get xenbus_path from device name. - # The name is built like that: "tap${domid}.${devid}". - dev_=${dev#tap} - domid=${dev_%.*} - devid=${dev_#*.} - - XENBUS_PATH="/local/domain/0/backend/vif/$domid/$devid" -fi - -ip=${ip:-} -ip=$(xenstore_read_default "$XENBUS_PATH/ip" "$ip") - -frob_iptable() -{ - if [ "$command" == "online" ] - then - local c="-I" - else - local c="-D" - fi - - iptables "$c" FORWARD -m physdev --physdev-is-bridged --physdev-in "$dev" \ - "$@" -j ACCEPT 2>/dev/null && - iptables "$c" FORWARD -m physdev --physdev-is-bridged --physdev-out "$dev" \ - -j ACCEPT 2>/dev/null - - if [ "$command" == "online" -a $? -ne 0 ] - then - log err "iptables setup failed. This may affect guest networking." - fi -} - - -## -# Add or remove the appropriate entries in the iptables. With antispoofing -# turned on, we have to explicitly allow packets to the interface, regardless -# of the ip setting. If ip is set, then we additionally restrict the packets -# to those coming from the specified networks, though we allow DHCP requests -# as well. -# -handle_iptable() -{ - # Check for a working iptables installation. Checking for the iptables - # binary is not sufficient, because the user may not have the appropriate - # modules installed. If iptables is not working, then there's no need to do - # anything with it, so we can just return. - if ! iptables -L -n >&/dev/null - then - return - fi - - claim_lock "iptables" - - if [ "$ip" != "" ] - then - local addr - for addr in $ip - do - frob_iptable -s "$addr" - done - - # Always allow the domain to talk to a DHCP server. - frob_iptable -p udp --sport 68 --dport 67 - else - # No IP addresses have been specified, so allow anything. - frob_iptable - fi - - release_lock "iptables" -} - - -## -# ip_of interface -# -# Print the IP address currently in use at the given interface, or nothing if -# the interface is not up. -# -ip_of() -{ - ip addr show "$1" | awk "/^.*inet.*$1\$/{print \$2}" | sed -n '1 s,/.*,,p' -} - - -## -# dom0_ip -# -# Print the IP address of the interface in dom0 through which we are routing. -# This is the IP address on the interface specified as "netdev" as a parameter -# to these scripts, or eth0 by default. This function will call fatal if no -# such interface could be found. -# -dom0_ip() -{ - local nd=${netdev:-eth0} - local result=$(ip_of "$nd") - if [ -z "$result" ] - then - fatal -"$netdev is not up. Bring it up or specify another interface with " \ -"netdev= as a parameter to $0." - fi - echo "$result" -} diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vif-nat b/scripts_debian/proxy/files/etc/xen/scripts/vif-nat deleted file mode 100755 index 9082cc9..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vif-nat +++ /dev/null @@ -1,192 +0,0 @@ -#!/bin/bash -#============================================================================ -# ${XEN_SCRIPT_DIR}/vif-nat -# -# Script for configuring a vif in routed-nat mode. -# The hotplugging system will call this script if it is specified either in -# the device configuration given to Xend, or the default Xend configuration -# in ${XEN_CONFIG_DIR}/xend-config.sxp. If the script is specified in -# neither of those places, then vif-bridge is the default. -# -# Usage: -# vif-nat (add|remove|online|offline) -# -# Environment vars: -# dev vif interface name (required). -# XENBUS_PATH path to this device's details in the XenStore (required). -# -# Parameters: -# dhcp Whether to alter the local DHCP configuration to include this -# new host (default no). -# -# Read from the store: -# ip list of IP networks for the vif, space-separated (default given in -# this script). -#============================================================================ - - -dir=$(dirname "$0") -. "$dir/vif-common.sh" - -# turn on dhcp feature by default if dhcpd is installed -if [ -f /etc/dhcpd.conf ] -then - dhcp=${dhcp:-yes} -else - dhcp=${dhcp:-no} -fi - -if [ "$dhcp" != 'no' ] -then - dhcpd_conf_file=$(find_dhcpd_conf_file) - dhcpd_init_file=$(find_dhcpd_init_file) - dhcpd_arg_file=$(find_dhcpd_arg_file) - if [ -z "$dhcpd_conf_file" ] || [ -z "$dhcpd_init_file" ] || [ -z "$dhcpd_arg_file" ] - then - echo 'Failed to find dhcpd configuration or init or args file.' >&2 - exit 1 - fi -fi - - -domid=$(xenstore_read "$XENBUS_PATH/frontend-id") -vifid=$(xenstore_read "$XENBUS_PATH/handle") -vifid=$(( $vifid + 1 )) - - -ip_from_dom() -{ - local domid1=$(( $domid / 256 )) - local domid2=$(( $domid % 256 )) - - echo "10.$domid1.$domid2.$vifid/16" -} - - -routing_ip() -{ - echo $(echo $1 | awk -F. '{print $1"."$2"."$3"."$4 + 127}') -} - - -dotted_quad() -{ - echo\ - $(( ($1 & 0xFF000000) >> 24))\ -.$(( ($1 & 0x00FF0000) >> 16))\ -.$(( ($1 & 0x0000FF00) >> 8 ))\ -.$(( $1 & 0x000000FF )) -} - - -if [ "$ip" = "" ] -then - ip=$(ip_from_dom) -fi - -router_ip=$(routing_ip "$ip") - -# Split the given IP/bits pair. -vif_ip=`echo ${ip} | awk -F/ '{print $1}'` - -hostname=$(xenstore_read "$XENBUS_PATH/domain" | tr -- '_.:/+' '-----') -if [ "$vifid" != "1" ] -then - hostname="$hostname-$vifid" -fi - -dhcparg_remove_entry() -{ - local tmpfile=$(mktemp) - sed -e "s/${dev} //" "$dhcpd_arg_file" >"$tmpfile" - if diff "$tmpfile" "$dhcpd_arg_file" >/dev/null - then - rm "$tmpfile" - else - mv "$tmpfile" "$dhcpd_arg_file" - fi -} - -dhcparg_add_entry() -{ - dhcparg_remove_entry - local tmpfile=$(mktemp) - # handle Red Hat, SUSE, and Debian styles, with or without quotes - sed -e 's/^DHCPDARGS="*\([^"]*\)"*/DHCPDARGS="\1'"${dev} "'"/' \ - "$dhcpd_arg_file" >"$tmpfile" && mv "$tmpfile" "$dhcpd_arg_file" - sed -e 's/^DHCPD_INTERFACE="*\([^"]*\)"*/DHCPD_INTERFACE="\1'"${dev} "'"/' \ - "$dhcpd_arg_file" >"$tmpfile" && mv "$tmpfile" "$dhcpd_arg_file" - sed -e 's/^INTERFACES="*\([^"]*\)"*/INTERFACES="\1'"${dev} "'"/' \ - "$dhcpd_arg_file" >"$tmpfile" && mv "$tmpfile" "$dhcpd_arg_file" - rm -f "$tmpfile" -} - -dhcp_remove_entry() -{ - local tmpfile=$(mktemp) - grep -v "host $hostname" "$dhcpd_conf_file" >"$tmpfile" - if diff "$tmpfile" "$dhcpd_conf_file" >/dev/null - then - rm "$tmpfile" - else - mv "$tmpfile" "$dhcpd_conf_file" - fi - dhcparg_remove_entry -} - - -dhcp_up() -{ - claim_lock "vif-nat-dhcp" - dhcp_remove_entry - mac=$(xenstore_read "$XENBUS_PATH/mac") - echo >>"$dhcpd_conf_file" \ -"host $hostname { hardware ethernet $mac; fixed-address $vif_ip; option routers $router_ip; option host-name \"$hostname\"; }" - dhcparg_add_entry - release_lock "vif-nat-dhcp" - "$dhcpd_init_file" restart || true -} - - -dhcp_down() -{ - claim_lock "vif-nat-dhcp" - dhcp_remove_entry - release_lock "vif-nat-dhcp" - "$dhcpd_init_file" restart || true # We need to ignore failure because - # ISC dhcpd 3 borks if there is nothing - # for it to do, which is the case if - # the outgoing interface is not - # configured to offer leases and there - # are no vifs. -} - - -case "$command" in - online) - if ip route | grep -q "dev ${dev}" - then - log debug "${dev} already up" - exit 0 - fi - - do_or_die ip link set "${dev}" up arp on - do_or_die ip addr add "$router_ip" dev "${dev}" - do_or_die ip route add "$vif_ip" dev "${dev}" src "$router_ip" - echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp - [ "$dhcp" != 'no' ] && dhcp_up - ;; - offline) - [ "$dhcp" != 'no' ] && dhcp_down - do_without_error ifconfig "${dev}" down - ;; -esac - - -handle_iptable - -log debug "Successful vif-nat $command for ${dev}." -if [ "$command" = "online" ] -then - success -fi diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vif-route b/scripts_debian/proxy/files/etc/xen/scripts/vif-route deleted file mode 100755 index 6c5587a..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vif-route +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -#============================================================================ -# ${XEN_SCRIPT_DIR}/vif-route -# -# Script for configuring a vif in routed mode. -# The hotplugging system will call this script if it is specified either in -# the device configuration given to Xend, or the default Xend configuration -# in ${XEN_CONFIG_DIR}/xend-config.sxp. If the script is specified in -# neither of those places, then vif-bridge is the default. -# -# Usage: -# vif-route (add|remove|online|offline) -# -# Environment vars: -# dev vif interface name (required). -# XENBUS_PATH path to this device's details in the XenStore (required). -# -# Read from the store: -# ip list of IP networks for the vif, space-separated (default given in -# this script). -#============================================================================ - -dir=$(dirname "$0") -. "${dir}/vif-common.sh" - -main_ip=$(dom0_ip) - -case "${command}" in - online) - ifconfig ${dev} ${main_ip} netmask 255.255.255.255 up - echo 1 >/proc/sys/net/ipv4/conf/${dev}/proxy_arp - ipcmd='add' - cmdprefix='' - ;; - offline) - do_without_error ifdown ${dev} - ipcmd='del' - cmdprefix='do_without_error' - ;; -esac - -if [ "${ip}" ] ; then - # If we've been given a list of IP addresses, then add routes from dom0 to - # the guest using those addresses. - for addr in ${ip} ; do - ${cmdprefix} ip route ${ipcmd} ${addr} dev ${dev} src ${main_ip} - done -fi - -handle_iptable - -log debug "Successful vif-route ${command} for ${dev}." -if [ "${command}" = "online" ] -then - success -fi diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vif-route-qubes b/scripts_debian/proxy/files/etc/xen/scripts/vif-route-qubes deleted file mode 100755 index 68fbf38..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vif-route-qubes +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash -#============================================================================ -# /etc/xen/vif-route-qubes -# -# Script for configuring a vif in routed mode. -# The hotplugging system will call this script if it is specified either in -# the device configuration given to Xend, or the default Xend configuration -# in /etc/xen/xend-config.sxp. If the script is specified in neither of those -# places, then vif-bridge is the default. -# -# Usage: -# vif-route (add|remove|online|offline) -# -# Environment vars: -# vif vif interface name (required). -# XENBUS_PATH path to this device's details in the XenStore (required). -# -# Read from the store: -# ip list of IP networks for the vif, space-separated (default given in -# this script). -#============================================================================ - -dir=$(dirname "$0") -. "$dir/vif-common.sh" - -#main_ip=$(dom0_ip) - -case "$command" in - online) - ifconfig ${vif} up - echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp - ipcmd='add' - iptables_cmd='-I PREROUTING 1' - cmdprefix='' - ;; - offline) - do_without_error ifdown ${vif} - ipcmd='del' - iptables_cmd='-D PREROUTING' - cmdprefix='do_without_error' - ;; -esac - -domid=${vif/vif/} -domid=${domid/.*/} -# metric must be possitive, but prefer later interface -# 32752 is max XID aka domid -metric=$[ 32752 - $domid ] - -if [ "${ip}" ] ; then - # If we've been given a list of IP addresses, then add routes from dom0 to - # the guest using those addresses. - for addr in ${ip} ; do - ${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} metric $metric - done - ${cmdprefix} iptables -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP - back_ip=`xenstore-read qubes-netvm-gateway` - ${cmdprefix} ip addr ${ipcmd} ${back_ip}/32 dev ${vif} -fi - -log debug "Successful vif-route-qubes $command for $vif." -if [ "$command" = "online" ] -then - success -fi diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vif-setup b/scripts_debian/proxy/files/etc/xen/scripts/vif-setup deleted file mode 100755 index bcc462e..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vif-setup +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -if test "$script" -then - exec $script $* -else - exec /etc/xen/scripts/vif-bridge $* -fi - diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vif2 b/scripts_debian/proxy/files/etc/xen/scripts/vif2 deleted file mode 100755 index 2c155be..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vif2 +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -dir=$(dirname "$0") -. "$dir/xen-hotplug-common.sh" -. "$dir/xen-network-common.sh" - -bridge=$(xenstore_read_default "$XENBUS_PATH/bridge" "$bridge") -if [ -z "$bridge" ] - then - nr_bridges=$(($(brctl show | cut -f 1 | grep -v "^$" | wc -l) - 1)) - if [ "$nr_bridges" != 1 ] - then - fatal "no bridge specified, and don't know which one to use ($nr_bridges found)" - fi - bridge=$(brctl show | cut -d " -" -f 2 | cut -f 1) -fi - -command="$1" -shift - -case "$command" in - "online") - if [ "$bridge" != "-" ] - then - setup_virtual_bridge_port "$vif" - add_to_bridge "$bridge" "$vif" - else - # Just let the normal udev rules for interfaces handle it. - true - fi - success - ;; - - "add") - success - ;; - - "remove") - ;; - - *) - echo "Unknown command: $command" - echo 'Valid commands are: add, remove, online' - exit 1 -esac diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vscsi b/scripts_debian/proxy/files/etc/xen/scripts/vscsi deleted file mode 100755 index 5ac2614..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vscsi +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007, FUJITSU Limited -# Based on the block scripts code. -# - -dir=$(dirname "$0") -. "$dir/xen-hotplug-common.sh" - -findCommand "$@" - -case "$command" in - add) - success - ;; - remove) - # TODO - exit 0 - ;; -esac - -exit 0 diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vtpm b/scripts_debian/proxy/files/etc/xen/scripts/vtpm deleted file mode 100755 index 38a4532..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vtpm +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -dir=$(dirname "$0") -. "$dir/vtpm-hotplug-common.sh" - -vtpm_fatal_error=0 - -case "$command" in - add) - vtpm_create_instance - ;; - remove) - vtpm_remove_instance - ;; -esac - -if [ $vtpm_fatal_error -eq 0 ]; then - log debug "Successful vTPM operation '$command'." - success -else - fatal "Error while executing vTPM operation '$command'." -fi diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-common.sh b/scripts_debian/proxy/files/etc/xen/scripts/vtpm-common.sh deleted file mode 100755 index d0d7935..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-common.sh +++ /dev/null @@ -1,448 +0,0 @@ -# -# Copyright (c) 2005 IBM Corporation -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -dir=$(dirname "$0") -. "$dir/logging.sh" -. "$dir/locking.sh" - -VTPMDB="/var/vtpm/vtpm.db" - -#In the vtpm-impl file some commands should be defined: -# vtpm_create, vtpm_setup, vtpm_start, etc. (see below) -if [ -r "$dir/vtpm-impl.alt" ]; then - . "$dir/vtpm-impl.alt" -elif [ -r "$dir/vtpm-impl" ]; then - . "$dir/vtpm-impl" -else - function vtpm_create () { - true - } - function vtpm_setup() { - true - } - function vtpm_start() { - true - } - function vtpm_suspend() { - true - } - function vtpm_resume() { - true - } - function vtpm_delete() { - true - } - function vtpm_migrate() { - echo "Error: vTPM migration accross machines not implemented." - } - function vtpm_migrate_local() { - echo "Error: local vTPM migration not supported" - } - function vtpm_migrate_recover() { - true - } -fi - - -#Find the instance number for the vtpm given the name of the domain -# Parameters -# - vmname : the name of the vm -# Return value -# Returns '0' if instance number could not be found, otherwise -# it returns the instance number in the variable 'instance' -function vtpmdb_find_instance () { - local vmname ret instance - vmname=$1 - ret=0 - - instance=$(cat $VTPMDB | \ - awk -vvmname=$vmname \ - '{ \ - if ( 1 != index($1,"#")) { \ - if ( $1 == vmname ) { \ - print $2; \ - exit; \ - } \ - } \ - }') - if [ "$instance" != "" ]; then - ret=$instance - fi - echo "$ret" -} - - -# Check whether a particular instance number is still available -# returns "0" if it is not available, "1" otherwise. -function vtpmdb_is_free_instancenum () { - local instance instances avail i - instance=$1 - avail=1 - #Allowed instance number range: 1-255 - if [ $instance -eq 0 -o $instance -gt 255 ]; then - avail=0 - else - instances=$(cat $VTPMDB | \ - awk \ - '{ \ - if (1 != index($1,"#")) { \ - printf("%s ",$2); \ - } \ - }') - for i in $instances; do - if [ $i -eq $instance ]; then - avail=0 - break - fi - done - fi - echo "$avail" -} - - -# Get an available instance number given the database -# Returns an unused instance number -function vtpmdb_get_free_instancenum () { - local ctr instances don found - instances=$(cat $VTPMDB | \ - awk \ - '{ \ - if (1 != index($1,"#")) { \ - printf("%s ",$2); \ - } \ - }') - ctr=1 - don=0 - while [ $don -eq 0 ]; do - found=0 - for i in $instances; do - if [ $i -eq $ctr ]; then - found=1; - break; - fi - done - - if [ $found -eq 0 ]; then - don=1 - break - fi - let ctr=ctr+1 - done - echo "$ctr" -} - - -# Add a domain name and instance number to the DB file -function vtpmdb_add_instance () { - local res vmname inst - vmname=$1 - inst=$2 - - if [ ! -f $VTPMDB ]; then - echo "#Database for VM to vTPM association" > $VTPMDB - echo "#1st column: domain name" >> $VTPMDB - echo "#2nd column: TPM instance number" >> $VTPMDB - fi - res=$(vtpmdb_validate_entry $vmname $inst) - if [ $res -eq 0 ]; then - echo "$vmname $inst" >> $VTPMDB - fi -} - - -#Validate whether an entry is the same as passed to this -#function -function vtpmdb_validate_entry () { - local res rc vmname inst - rc=0 - vmname=$1 - inst=$2 - - res=$(cat $VTPMDB | \ - awk -vvmname=$vmname \ - -vinst=$inst \ - '{ \ - if ( 1 == index($1,"#")) {\ - } else \ - if ( $1 == vmname && \ - $2 == inst) { \ - printf("1"); \ - exit; \ - } else \ - if ( $1 == vmname || \ - $2 == inst) { \ - printf("2"); \ - exit; \ - } \ - }') - - if [ "$res" == "1" ]; then - rc=1 - elif [ "$res" == "2" ]; then - rc=2 - fi - echo "$rc" -} - - -#Remove an entry from the vTPM database given its domain name -#and instance number -function vtpmdb_remove_entry () { - local vmname instance VTPMDB_TMP - vmname=$1 - instance=$2 - VTPMDB_TMP="$VTPMDB".tmp - - $(cat $VTPMDB | \ - awk -vvmname=$vmname \ - '{ \ - if ( $1 != vmname ) { \ - print $0; \ - } \ - '} > $VTPMDB_TMP) - if [ -e $VTPMDB_TMP ]; then - mv -f $VTPMDB_TMP $VTPMDB - vtpm_delete $instance - else - log err "Error creating temporary file '$VTPMDB_TMP'." - fi -} - - -# Find the reason for the creation of this device: -# Returns 'resume' or 'create' -function vtpm_get_create_reason () { - local resume - resume=$(xenstore_read $XENBUS_PATH/resume) - if [ "$resume" == "True" ]; then - echo "resume" - else - echo "create" - fi -} - - -#Create a vTPM instance -# If no entry in the TPM database is found, the instance is -# created and an entry added to the database. -function vtpm_create_instance () { - local res instance domname reason uuid - uuid=$(xenstore_read "$XENBUS_PATH"/uuid) - reason=$(vtpm_get_create_reason) - - claim_lock vtpmdb - - instance="0" - - if [ "$uuid" != "" ]; then - instance=$(vtpmdb_find_instance $uuid) - fi - if [ "$instance" == "0" ]; then - domname=$(xenstore_read "$XENBUS_PATH"/domain) - instance=$(vtpmdb_find_instance $domname) - fi - - if [ "$instance" == "0" -a "$reason" != "create" ]; then - release_lock vtpmdb - return - fi - - if [ "$instance" == "0" ]; then - #Try to give the preferred instance to the domain - instance=$(xenstore_read "$XENBUS_PATH"/pref_instance) - if [ "$instance" != "" ]; then - res=$(vtpmdb_is_free_instancenum $instance) - if [ $res -eq 0 ]; then - instance=$(vtpmdb_get_free_instancenum) - fi - else - instance=$(vtpmdb_get_free_instancenum) - fi - - vtpm_create $instance - - if [ $vtpm_fatal_error -eq 0 ]; then - if [ "$uuid" != "" ]; then - vtpmdb_add_instance $uuid $instance - else - vtpmdb_add_instance $domname $instance - fi - fi - else - if [ "$reason" == "resume" ]; then - vtpm_resume $instance - else - vtpm_start $instance - fi - fi - - release_lock vtpmdb - - xenstore_write $XENBUS_PATH/instance $instance -} - - -#Remove an instance when a VM is terminating or suspending. -#Since it is assumed that the VM will appear again, the -#entry is kept in the VTPMDB file. -function vtpm_remove_instance () { - local instance reason domname uuid - #Stop script execution quietly if path does not exist (anymore) - xenstore-exists "$XENBUS_PATH"/domain - uuid=$(xenstore_read "$XENBUS_PATH"/uuid) - - claim_lock vtpmdb - - instance="0" - - if [ "$uuid" != "" ]; then - instance=$(vtpmdb_find_instance $uuid) - fi - - if [ "$instance" == "0" ]; then - domname=$(xenstore_read "$XENBUS_PATH"/domain) - instance=$(vtpmdb_find_instance $domname) - fi - - if [ "$instance" != "0" ]; then - vtpm_suspend $instance - fi - - release_lock vtpmdb -} - - -#Remove an entry in the VTPMDB file given the domain's name -#1st parameter: The name of the domain -function vtpm_delete_instance () { - local instance - - claim_lock vtpmdb - - instance=$(vtpmdb_find_instance $1) - if [ "$instance" != "0" ]; then - vtpmdb_remove_entry $1 $instance - fi - - release_lock vtpmdb -} - -# Determine whether the given address is local to this machine -# Return values: -# "-1" : the given machine name is invalid -# "0" : this is not an address of this machine -# "1" : this is an address local to this machine -function vtpm_isLocalAddress() { - local addr res - addr=$(ping $1 -c 1 | \ - awk '{ print substr($3,2,length($3)-2); exit }') - if [ "$addr" == "" ]; then - echo "-1" - return - fi - res=$(ifconfig | grep "inet addr" | \ - awk -vaddr=$addr \ - '{ \ - if ( addr == substr($2, 6)) {\ - print "1"; \ - } \ - }' \ - ) - if [ "$res" == "" ]; then - echo "0" - return - fi - echo "1" -} - -# Perform a migration step. This function differentiates between migration -# to the local host or to a remote machine. -# Parameters: -# 1st: destination host to migrate to -# 2nd: name of the domain to migrate -# 3rd: the migration step to perform -function vtpm_migration_step() { - local res=$(vtpm_isLocalAddress $1) - if [ "$res" == "0" ]; then - vtpm_migrate $1 $2 $3 - else - vtpm_migrate_local - fi -} - -# Recover from migration due to an error. This function differentiates -# between migration to the local host or to a remote machine. -# Parameters: -# 1st: destination host the migration was going to -# 2nd: name of the domain that was to be migrated -# 3rd: the last successful migration step that was done -function vtpm_recover() { - local res - res=$(vtpm_isLocalAddress $1) - if [ "$res" == "0" ]; then - vtpm_migrate_recover $1 $2 $3 - fi -} - - -#Determine the domain id given a domain's name. -#1st parameter: name of the domain -#return value: domain id or -1 if domain id could not be determined -function vtpm_domid_from_name () { - local id name ids - ids=$(xenstore-list /local/domain) - for id in $ids; do - name=$(xenstore-read /local/domain/$id/name) - if [ "$name" == "$1" ]; then - echo "$id" - return - fi - done - echo "-1" -} - -#Determine the virtual TPM's instance number using the domain ID. -#1st parm: domain ID -function vtpm_uuid_by_domid() { - echo $(xenstore-read /local/domain/0/backend/vtpm/$1/0/uuid) -} - - -# Determine the vTPM's UUID by the name of the VM -function vtpm_uuid_from_vmname() { - local domid=$(vtpm_domid_from_name $1) - if [ "$domid" != "-1" ]; then - echo $(vtpm_uuid_by_domid $domid) - return - fi - echo "" -} - -#Add a virtual TPM instance number and its associated domain name -#to the VTPMDB file and activate usage of this virtual TPM instance -#by writing the instance number into the xenstore -#1st parm: name of virtual machine -#2nd parm: instance of associated virtual TPM -function vtpm_add_and_activate() { - local domid=$(vtpm_domid_from_name $1) - local vtpm_uuid=$(vtpm_uuid_from_vmname $1) - if [ "$vtpm_uuid" != "" -a "$domid" != "-1" ]; then - vtpmdb_add_instance $vtpm_uuid $2 - xenstore-write backend/vtpm/$domid/0/instance $2 - fi -} diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-delete b/scripts_debian/proxy/files/etc/xen/scripts/vtpm-delete deleted file mode 100755 index b75b95b..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-delete +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -# This scripts must be called the following way: -# vtpm-delete -# or -# vtpm-delete --vmname - -dir=$(dirname "$0") -. "$dir/vtpm-common.sh" - -if [ "$1" == "--vmname" ]; then - vtpm_uuid=$(vtpm_uuid_from_vmname $2) - if [ "$vtpm_uuid" != "" ];then - vtpm_delete_instance $vtpm_uuid - fi -else - vtpm_delete_instance $1 -fi diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-hotplug-common.sh b/scripts_debian/proxy/files/etc/xen/scripts/vtpm-hotplug-common.sh deleted file mode 100755 index 9fd35e7..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-hotplug-common.sh +++ /dev/null @@ -1,35 +0,0 @@ -# -# Copyright (c) 2005 IBM Corporation -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -dir=$(dirname "$0") -. "$dir/xen-hotplug-common.sh" - -findCommand "$@" -if [ "$command" != "online" ] && - [ "$command" != "offline" ] && - [ "$command" != "add" ] && - [ "$command" != "remove" ] -then - log err "Invalid command: $command" - exit 1 -fi - - -XENBUS_PATH="${XENBUS_PATH:?}" - -. "$dir/vtpm-common.sh" diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-impl b/scripts_debian/proxy/files/etc/xen/scripts/vtpm-impl deleted file mode 100755 index 4f9a1fd..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-impl +++ /dev/null @@ -1,208 +0,0 @@ -#!/bin/bash -# =================================================================== -# -# Copyright (c) 2005, Intel Corp. -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# * Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials provided -# with the distribution. -# * Neither the name of Intel Corporation nor the names of its -# contributors may be used to endorse or promote products derived -# from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -# OF THE POSSIBILITY OF SUCH DAMAGE. -# =================================================================== - -# | SRC | TAG | CMD SIZE | ORD |mtype|strt -TPM_CMD_OPEN=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x11\\x01\\x00\\x00\\x01\\x01\\x01 -TPM_CMD_RESM=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x11\\x01\\x00\\x00\\x01\\x01\\x02 -TPM_CMD_CLOS=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x02 -TPM_CMD_DELE=\\x00\\x00\\x00\\x00\\x01\\xc1\\x00\\x00\\x00\\x0e\\x01\\x00\\x00\\x03 - -TPM_TYPE_PVM=\\x01 -TPM_TYPE_HVM=\\x02 - -TPM_SUCCESS=00000000 - -TX_VTPM_MANAGER=/var/vtpm/fifos/from_console.fifo -RX_VTPM_MANAGER=/var/vtpm/fifos/to_console.fifo - -VTPM_MIG=/usr/bin/vtpm_migrator - -# -------------------- Helpers for binary streams ----------- - -function str_to_hex32() { - printf "%0.8x" $1 -} - -function hex32_to_bin() { - local inst=$(str_to_hex32 $1); - - local n1=`echo $inst | sed 's/\(..\)....../\\\\x\1/'` - local n2=`echo $inst | sed 's/..\(..\)..../\\\\x\1/'` - local n3=`echo $inst | sed 's/....\(..\)../\\\\x\1/'` - local n4=`echo $inst | sed 's/......\(..\)/\\\\x\1/'` - - echo "$n1$n2$n3$n4" -} - -function vtpm_manager_cmd() { - local cmd=$1; - local inst=$2; - local inst_bin=$(hex32_to_bin $inst); - - claim_lock vtpm_mgr - - #send cmd to vtpm_manager - printf "$cmd$inst_bin" > $TX_VTPM_MANAGER - - #recv response - set +e - local resp_hex=`dd skip=10 bs=1 count=4 if=$RX_VTPM_MANAGER 2> /dev/null | xxd -ps` - set -e - - release_lock vtpm_mgr - - #return whether the command was successful - if [ $resp_hex -ne $TPM_SUCCESS ]; then - vtpm_fatal_error=1 - false - else - true - fi -} - -# Helper to get vm type to pass to vtpm_manager open/resume -function vtpm_get_type() { - local inst=$(xenstore_read $XENBUS_PATH/frontend-id) - local vm=$(xenstore_read /local/domain/$inst/vm) - if [ "$vm" != "" ]; then - local ostype=$(xenstore-read $vm/image/ostype) - if [ "$ostype" == "hvm" ]; then - echo $TPM_TYPE_HVM; - else - echo $TPM_TYPE_PVM; - fi - fi -} - -# ------------------ Command handlers ----------------- - -# Create new vtpm instance & set it up for use -function vtpm_create () { - # Creation is handled implicitly by the manager on first setup - # so just set it up for use - $(vtpm_start $1) -} - -# Setup vtpm instance for use. -function vtpm_start() { - local vmtype=$(vtpm_get_type); - $(vtpm_manager_cmd $TPM_CMD_OPEN$vmtype $1) -} - -function vtpm_resume() { - local vmtype=$(vtpm_get_type); - $(vtpm_manager_cmd $TPM_CMD_RESM$vmtype $1) -} - -# Reset the vtpm AKA clear PCRs -function vtpm_reset() { - #not used by current implemenation - true -} - -# Shutdown the vtpm while the vm is down -# This could be a suspend of shutdown -# we cannot distinquish, so save the state -# and decide on startup if we should keep is -function vtpm_suspend() { - $(vtpm_manager_cmd $TPM_CMD_CLOS $1) -} - - -function vtpm_delete() { - local inst=$1 - if $(vtpm_manager_cmd $TPM_CMD_DELE $inst); then - rm -f /var/vtpm/vtpm_dm_$1.data - true - else - vtpm_fatal_error=1 - false - fi -} - -# Perform a migration step. This function differentiates between migration -# to the local host or to a remote machine. -# Parameters: -# 1st: destination host to migrate to -# 2nd: name of the domain to migrate -# 3rd: the migration step to perform -function vtpm_migrate() { - local instance res - - instance=$(vtpmdb_find_instance $2) - if [ "$instance" == "" ]; then - log err "VTPM Migratoin failed. Unable to translation of domain name" - echo "Error: VTPM Migration failed while looking up instance number" - fi - - case "$3" in - 0) - #Incicate migration supported - echo "0" - ;; - - 1) - # Get Public Key from Destination - # Call vtpm_manager's migration part 1 - claim_lock vtpm_mgr - $VTPM_MIG $1 $2 $instance $3 - release_lock vtpm_mgr - ;; - - 2) - # Call manager's migration step 2 and send result to destination - # If successful remove from db - claim_lock vtpm_mgr - $VTPM_MIG $1 $2 $instance $3 - release_lock vtpm_mgr - ;; - - 3) - if `ps x | grep "$VTPM_MIG $1"`; then - log err "VTPM Migration failed to complete." - echo "Error: VTPM Migration failed to complete." - fi - ;; - esac - -} - - -function vtpm_migrate_recover() { - echo "Error: Recovery not supported yet" -} - -function vtpm_migrate_local() { - echo "Error: local vTPM migration not supported" -} diff --git a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-migration.sh b/scripts_debian/proxy/files/etc/xen/scripts/vtpm-migration.sh deleted file mode 100755 index 7e38ae2..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/vtpm-migration.sh +++ /dev/null @@ -1,19 +0,0 @@ -# -# Copyright (c) 2005 IBM Corporation -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - -dir=$(dirname "$0") -. "$dir/vtpm-common.sh" diff --git a/scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-cleanup b/scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-cleanup deleted file mode 100755 index fcaa8fc..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-cleanup +++ /dev/null @@ -1,45 +0,0 @@ -#! /bin/bash - -dir=$(dirname "$0") -. "$dir/xen-hotplug-common.sh" - -# Claim the lock protecting ${XEN_SCRIPT_DIR}/block. This stops a race whereby -# paths in the store would disappear underneath that script as it attempted to -# read from the store checking for device sharing. -# Any other scripts that do similar things will have to have their lock -# claimed too. -# This is pretty horrible, but there's not really a nicer way of solving this. -claim_lock "block" - -# split backend/DEVCLASS/VMID/DEVID on slashes -path_array=( ${XENBUS_PATH//\// } ) -# get /vm/UUID path -vm=$(xenstore_read_default "/local/domain/${path_array[2]}/vm" "") -# construct /vm/UUID/device/DEVCLASS/DEVID -if [ "$vm" != "" ]; then - vm_dev="$vm/device/${path_array[1]}/${path_array[3]}" - - # if the vm path does not exist and the device class is 'vbd' then we may have - # a tap2 device - $(xenstore-read "$vm_dev" 2>/dev/null) || \ - { - if [ "${path_array[1]}" = "vbd" ]; then - vm_dev="$vm/device/tap2/${path_array[3]}" - fi - } -else - vm_dev= -fi - -# remove device frontend store entries -xenstore-rm -t \ - $(xenstore-read "$XENBUS_PATH/frontend" 2>/dev/null) 2>/dev/null || true - -# remove device backend store entries -xenstore-rm -t "$XENBUS_PATH" 2>/dev/null || true -xenstore-rm -t "error/$XENBUS_PATH" 2>/dev/null || true - -# remove device path from /vm/UUID -[ "$vm_dev" != "" ] && xenstore-rm -t "$vm_dev" 2>/dev/null || true - -release_lock "block" diff --git a/scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-common.sh b/scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-common.sh deleted file mode 100755 index 370f9ad..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/xen-hotplug-common.sh +++ /dev/null @@ -1,102 +0,0 @@ -# -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - - -dir=$(dirname "$0") -. "$dir/hotplugpath.sh" -. "$dir/logging.sh" -. "$dir/xen-script-common.sh" -. "$dir/locking.sh" - -exec 2>>/var/log/xen/xen-hotplug.log - -export PATH="${BINDIR}:${SBINDIR}:${LIBEXEC}:${PRIVATE_BINDIR}:/sbin:/bin:/usr/bin:/usr/sbin:$PATH" -export LANG="POSIX" -unset $(set | grep ^LC_ | cut -d= -f1) - -fatal() { - _xenstore_write "$XENBUS_PATH/hotplug-error" "$*" \ - "$XENBUS_PATH/hotplug-status" error - log err "$@" - exit 1 -} - -success() { - # Tell DevController that backend is "connected" - xenstore_write "$XENBUS_PATH/hotplug-status" connected -} - -do_or_die() { - "$@" || fatal "$@ failed" -} - -do_without_error() { - "$@" 2>/dev/null || log debug "$@ failed" -} - -sigerr() { - fatal "$0 failed; error detected." -} - -trap sigerr ERR - - -## -# xenstore_read + -# -# Read each of the given paths, returning each result on a separate line, or -# exit this script if any of the paths is missing. -# -xenstore_read() { - local v=$(xenstore-read "$@" || true) - [ "$v" != "" ] || fatal "xenstore-read $@ failed." - echo "$v" -} - - -## -# xenstore_read_default -# -# Read the given path, returning the value there or the given default if the -# path is not present. -# -xenstore_read_default() { - xenstore-read "$1" 2>/dev/null || echo "$2" -} - - -## -# _xenstore_write ( )+ -# -# Write each of the key/value pairs to the store. -# -_xenstore_write() { - log debug "Writing $@ to xenstore." - xenstore-write "$@" -} - -## -# xenstore_write ( )+ -# -# Write each of the key/value pairs to the store, and exit this script if any -# such writing fails. -# -xenstore_write() { - _xenstore_write "$@" || fatal "Writing $@ to xenstore failed." -} - -log debug "$@" "XENBUS_PATH=$XENBUS_PATH" diff --git a/scripts_debian/proxy/files/etc/xen/scripts/xen-network-common.sh b/scripts_debian/proxy/files/etc/xen/scripts/xen-network-common.sh deleted file mode 100755 index f88f9b6..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/xen-network-common.sh +++ /dev/null @@ -1,141 +0,0 @@ -# -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - - -# Gentoo doesn't have ifup/ifdown, so we define appropriate alternatives. - -# Other platforms just use ifup / ifdown directly. - -## -# preiftransfer -# -# @param $1 The current name for the physical device, which is also the name -# that the virtual device will take once the physical device has -# been renamed. - -if ! which ifup >/dev/null 2>/dev/null -then - preiftransfer() - { - true - } - ifup() - { - false - } - ifdown() - { - false - } -else - preiftransfer() - { - true - } -fi - - -first_file() -{ - t="$1" - shift - for file in $@ - do - if [ "$t" "$file" ] - then - echo "$file" - return - fi - done -} - -find_dhcpd_conf_file() -{ - first_file -f /etc/dhcp3/dhcpd.conf /etc/dhcpd.conf -} - - -find_dhcpd_init_file() -{ - first_file -x /etc/init.d/{dhcp3-server,dhcp,dhcpd} -} - -find_dhcpd_arg_file() -{ - first_file -f /etc/sysconfig/dhcpd /etc/defaults/dhcp /etc/default/dhcp3-server -} - -# configure interfaces which act as pure bridge ports: -_setup_bridge_port() { - local dev="$1" - local virtual="$2" - - # take interface down ... - ip link set ${dev} down - - if [ $virtual -ne 0 ] ; then - # Initialise a dummy MAC address. We choose the numerically - # largest non-broadcast address to prevent the address getting - # stolen by an Ethernet bridge for STP purposes. - # (FE:FF:FF:FF:FF:FF) - ip link set ${dev} address fe:ff:ff:ff:ff:ff || true - fi - - # ... and configure it - ip addr flush ${dev} -} - -setup_physical_bridge_port() { - _setup_bridge_port $1 0 -} -setup_virtual_bridge_port() { - _setup_bridge_port $1 1 -} - -# Usage: create_bridge bridge -create_bridge () { - local bridge=$1 - - # Don't create the bridge if it already exists. - if [ ! -e "/sys/class/net/${bridge}/bridge" ]; then - brctl addbr ${bridge} - brctl stp ${bridge} off - brctl setfd ${bridge} 0 - # Setting these to zero stops guest<->LAN traffic - # traversing the bridge from hitting the *tables - # rulesets. guest<->host traffic still gets processed - # by the host's iptables rules so this isn't a hole - sysctl -q -w "net.bridge.bridge-nf-call-arptables=0" - sysctl -q -w "net.bridge.bridge-nf-call-ip6tables=0" - sysctl -q -w "net.bridge.bridge-nf-call-iptables=0" - fi -} - -# Usage: add_to_bridge bridge dev -add_to_bridge () { - local bridge=$1 - local dev=$2 - - # Don't add $dev to $bridge if it's already on a bridge. - if [ -e "/sys/class/net/${bridge}/brif/${dev}" ]; then - ip link set ${dev} up || true - return - fi - brctl addif ${bridge} ${dev} - ip link set ${dev} up -} - diff --git a/scripts_debian/proxy/files/etc/xen/scripts/xen-script-common.sh b/scripts_debian/proxy/files/etc/xen/scripts/xen-script-common.sh deleted file mode 100755 index f6841ac..0000000 --- a/scripts_debian/proxy/files/etc/xen/scripts/xen-script-common.sh +++ /dev/null @@ -1,44 +0,0 @@ -# -# Copyright (c) 2005 XenSource Ltd. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of version 2.1 of the GNU Lesser General Public -# License as published by the Free Software Foundation. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# - - -set -e - - -evalVariables() -{ - for arg in "$@" - do - if expr 'index' "$arg" '=' '>' '1' >/dev/null - then - eval "$arg" - fi - done -} - - -findCommand() -{ - for arg in "$@" - do - if ! expr 'index' "$arg" '=' >/dev/null - then - command="$arg" - return - fi - done -}