shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-02-22 17:57:46 +03:00
Code Releases Wiki Activity

B #3046: Review sudoers (#3786)

Browse Source
This commit is contained in:
Vlastimil Holer 2019-09-30 15:15:42 +02:00 committed by Ruben S. Montero
parent 2ef32c1f9f
commit cf0d1465df
64 changed files with 140 additions and 1036 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
share/pkgs/CentOS/opennebula.sudoers
View File

@ -1,14 +0,0 @@
Defaults:oneadmin !requiretty
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Cmnd_Alias ONE_MISC = /sbin/mkfs, /bin/sync, /sbin/mkswap
Cmnd_Alias ONE_NET = /sbin/ebtables, /sbin/iptables, /sbin/ip6tables, /sbin/ip, /usr/sbin/ipset, /usr/sbin/arping
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
Cmnd_Alias ONE_ISCSI = /sbin/iscsiadm, /usr/sbin/tgt-admin, /usr/sbin/tgtadm
Cmnd_Alias ONE_OVS = /usr/bin/ovs-ofctl, /usr/bin/ovs-vsctl
Cmnd_Alias ONE_XEN = /usr/sbin/xentop, /usr/sbin/xl, /usr/sbin/xm
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh
Cmnd_Alias ONE_HA = /usr/bin/systemctl start opennebula-flow, /usr/bin/systemctl stop opennebula-flow, /usr/bin/systemctl start opennebula-gate, /usr/bin/systemctl stop opennebula-gate, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop
oneadmin ALL=(ALL) NOPASSWD: ONE_MISC, ONE_NET, ONE_LVM, ONE_ISCSI, ONE_OVS, ONE_XEN, ONE_CEPH, ONE_MARKET, ONE_HA

14
share/pkgs/Debian7/opennebula.sudoers
View File

@ -1,14 +0,0 @@
Defaults:oneadmin !requiretty
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Cmnd_Alias ONE_MISC = /sbin/mkfs, /bin/sync, /sbin/mkswap
Cmnd_Alias ONE_NET = /sbin/ebtables, /sbin/iptables, /sbin/ip, /usr/sbin/ipset, /usr/bin/arping
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
Cmnd_Alias ONE_ISCSI = /usr/bin/iscsiadm, /usr/sbin/tgt-admin, /usr/sbin/tgtadm
Cmnd_Alias ONE_OVS = /usr/bin/ovs-ofctl, /usr/bin/ovs-vsctl
Cmnd_Alias ONE_XEN = /usr/sbin/xentop, /usr/sbin/xl, /usr/sbin/xm
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop
oneadmin ALL=(ALL) NOPASSWD: ONE_MISC, ONE_NET, ONE_LVM, ONE_ISCSI, ONE_OVS, ONE_XEN, ONE_CEPH, ONE_MARKET, ONE_HA

1
share/pkgs/Debian8-systemd
View File

@ -1 +0,0 @@
CentOS7

128
share/pkgs/Debian8/opennebula
View File

@ -1,128 +0,0 @@
#! /bin/sh
### BEGIN INIT INFO
# Provides: opennebula
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Should-Start: mysql
# Should-Stop: mysql
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: OpenNebula init script
# Description: OpenNebula cloud initialisation script
### END INIT INFO
# Author: Soren Hansen <soren@canonical.com>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="OpenNebula cloud"
NAME=one
DAEMON=/usr/bin/$NAME
DAEMON_ARGS=""
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
mkdir -p /var/run/one /var/lock/one
chown oneadmin /var/run/one /var/lock/one
su oneadmin -s /bin/sh -c 'one start'
}
#
# Function that stops the daemon/service
#
do_stop()
{
su oneadmin -s /bin/sh -c 'one stop'
}
do_start_sched()
{
su oneadmin -s /bin/sh -c 'one start-sched'
}
do_stop_sched()
{
su oneadmin -s /bin/sh -c 'one stop-sched'
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
status_of_proc "oned" "$NAME" && exit 0 || exit $?
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
restart-sched)
log_daemon_msg "Restarting scheduler"
do_stop_sched
case "$?" in
0|1)
do_start_sched
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2
exit 3
;;
esac
:

106
share/pkgs/Debian8/opennebula-econe
View File

@ -1,106 +0,0 @@
#! /bin/sh
### BEGIN INIT INFO
# Provides: opennebula-econe
# Required-Start: $remote_fs
# Required-Stop: $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ECONE Server init script
# Description: OpenNebula ECONE service initialisation script
### END INIT INFO
# Author: Tino Vázquez <tinova@opennebula.org>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="ECONE Service"
NAME=econe-server
DAEMON=/usr/bin/$NAME
DAEMON_ARGS=""
SCRIPTNAME=/etc/init.d/$NAME
PID_FILE=/var/run/one/econe-server.pid
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
mkdir -p /var/run/one /var/lock/one /var/log/one
chown oneadmin /var/run/one /var/lock/one /var/log/one
su oneadmin -s /bin/sh -c "$DAEMON start"
}
#
# Function that stops the daemon/service
#
do_stop()
{
su oneadmin -s /bin/sh -c "$DAEMON stop"
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
ECONE_PID=`cat $PID_FILE`
kill -0 $ECONE_PID > /dev/null 2>&1
if [ "$?" -eq "0" ]; then
log_daemon_msg "$NAME is running"
log_end_msg 0
else
log_daemon_msg "$NAME is not running"
log_end_msg 1
fi
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:

94
share/pkgs/Debian8/opennebula-flow
View File

@ -1,94 +0,0 @@
#! /bin/sh
### BEGIN INIT INFO
# Provides: opennebula-flow
# Required-Start: $remote_fs
# Required-Stop: $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: OneFlow init script
# Description: OpenNebula OneFlow service initialisation script
### END INIT INFO
# Author: Tino Vázquez <tinova@opennebula.org>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="OneFlow Service"
NAME=oneflow-server
DAEMON=/usr/bin/$NAME
DAEMON_ARGS=""
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
mkdir -p /var/run/one /var/lock/one /var/log/one
chown oneadmin /var/run/one /var/lock/one /var/log/one
su oneadmin -s /bin/sh -c "$DAEMON start"
}
#
# Function that stops the daemon/service
#
do_stop()
{
su oneadmin -s /bin/sh -c "$DAEMON stop"
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac
:

94
share/pkgs/Debian8/opennebula-gate
View File

@ -1,94 +0,0 @@
#! /bin/sh
### BEGIN INIT INFO
# Provides: opennebula-gate
# Required-Start: $remote_fs
# Required-Stop: $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: OneGate init script
# Description: OpenNebula OneGate service initialisation script
### END INIT INFO
# Author: Tino Vázquez <tinova@opennebula.org>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="OneGate Service"
NAME=onegate-server
DAEMON=/usr/bin/$NAME
DAEMON_ARGS=""
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
mkdir -p /var/run/one /var/lock/one /var/log/one
chown oneadmin /var/run/one /var/lock/one /var/log/one
su oneadmin -s /bin/sh -c "$DAEMON start"
}
#
# Function that stops the daemon/service
#
do_stop()
{
su oneadmin -s /bin/sh -c "$DAEMON stop"
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac
:

105
share/pkgs/Debian8/opennebula-novnc
View File

@ -1,105 +0,0 @@
#! /bin/sh
### BEGIN INIT INFO
# Provides: opennebula-novnc
# Required-Start: $remote_fs
# Required-Stop: $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: novnc init script
# Description: OpenNebula novnc server
### END INIT INFO
# Author: Arnold Bechtoldt <mail@arnoldbechtoldt.com>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="OpenNebula novnc server"
NAME=novnc-server
DAEMON=/usr/bin/$NAME
DAEMON_ARGS=""
SCRIPTNAME=/etc/init.d/opennebula-novnc
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
mkdir -p /var/lock/one /var/log/one
chown oneadmin /var/lock/one /var/log/one
su oneadmin -s /bin/sh -c "$DAEMON start"
}
#
# Function that retrives the status of the daemon/service
#
do_status()
{
su oneadmin -s /bin/sh -c "$DAEMON status"
}
#
# Function that stops the daemon/service
#
do_stop()
{
su oneadmin -s /bin/sh -c "$DAEMON stop"
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
do_status && exit 0 || exit $?
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:

108
share/pkgs/Debian8/opennebula-sunstone
View File

@ -1,108 +0,0 @@
#! /bin/sh
### BEGIN INIT INFO
# Provides: opennebula-sunstone
# Required-Start: $remote_fs
# Required-Stop: $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Sunstone init script
# Description: OpenNebula Sunstone web interface cloud initialisation script
### END INIT INFO
# Author: Jaime Melis <jmelis@opennebula.org>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="Sunstone Web interface"
NAME=sunstone-server
DAEMON=/usr/bin/$NAME
DAEMON_ARGS=""
SCRIPTNAME=/etc/init.d/opennebula-sunstone
PID_FILE=/var/run/one/sunstone.pid
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
service opennebula-novnc start
mkdir -p /var/run/one /var/lock/one /var/log/one
chown oneadmin /var/run/one /var/lock/one /var/log/one
su oneadmin -s /bin/sh -c "$DAEMON start-sunstone"
}
#
# Function that stops the daemon/service
#
do_stop()
{
su oneadmin -s /bin/sh -c "$DAEMON stop-sunstone"
service opennebula-novnc stop
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
SUNSTONE_PID=`cat $PID_FILE`
kill -0 $SUNSTONE_PID > /dev/null 2>&1
if [ "$?" -eq "0" ]; then
log_daemon_msg "$NAME is running"
log_end_msg 0
else
log_daemon_msg "$NAME is not running"
log_end_msg 1
fi
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:

1
share/pkgs/Ubuntu-systemd
View File

@ -1 +0,0 @@
CentOS7

14
share/pkgs/Ubuntu/opennebula.sudoers
View File

@ -1,14 +0,0 @@
Defaults:oneadmin !requiretty
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Cmnd_Alias ONE_MISC = /sbin/mkfs, /bin/sync, /sbin/mkswap
Cmnd_Alias ONE_NET = /sbin/ebtables, /sbin/iptables, /sbin/ip6tables, /sbin/ip, /sbin/ipset, /usr/bin/arping
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
Cmnd_Alias ONE_ISCSI = /usr/bin/iscsiadm, /usr/sbin/tgt-admin, /usr/sbin/tgtadm
Cmnd_Alias ONE_OVS = /usr/bin/ovs-ofctl, /usr/bin/ovs-vsctl
Cmnd_Alias ONE_XEN = /usr/sbin/xentop, /usr/sbin/xl, /usr/sbin/xm
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop
oneadmin ALL=(ALL) NOPASSWD: ONE_MISC, ONE_NET, ONE_LVM, ONE_ISCSI, ONE_OVS, ONE_XEN, ONE_CEPH, ONE_MARKET, ONE_HA

13
share/pkgs/openSUSE/opennebula.sudoers
View File

@ -1,13 +0,0 @@
Defaults:oneadmin !requiretty
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Cmnd_Alias ONE_MISC = /sbin/mkfs, /usr/bin/sync
Cmnd_Alias ONE_NET = /usr/sbin/ebtables, /usr/sbin/iptables, /usr/sbin/ip6tables, /sbin/ip, /usr/sbin/arping
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
Cmnd_Alias ONE_ISCSI = /sbin/iscsiadm, /usr/sbin/tgt-admin, /usr/sbin/tgtadm
Cmnd_Alias ONE_OVS = /usr/bin/ovs-ofctl, /usr/bin/ovs-vsctl
Cmnd_Alias ONE_XEN = /usr/sbin/xentop, /usr/sbin/xl, /usr/sbin/xm
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh
Cmnd_Alias ONE_HA = /usr/bin/systemctl start opennebula-flow, /usr/bin/systemctl stop opennebula-flow, /usr/bin/systemctl start opennebula-gate, /usr/bin/systemctl stop opennebula-gate, /sbin/service opennebula-flow start, /sbin/service opennebula-flow stop, /sbin/service opennebula-gate start, /sbin/service opennebula-gate stop
oneadmin ALL=(ALL) NOPASSWD: ONE_MISC, ONE_NET, ONE_LVM, ONE_ISCSI, ONE_OVS, ONE_XEN, ONE_MARKET, ONE_HA

20
share/pkgs/openSUSE/systemd/econe.service
View File

@ -1,20 +0,0 @@
[Unit]
Description=OpenNebula EC2 Interface Service
After=syslog.target
After=network.target
After=one.service
After=one_scheduler.service
BindTo=one.service
!ConditionFileExists=/var/lock/one/.econe.lock
[Service]
ExecStart=/bin/bash -c "/usr/bin/econe-server start"
ExecStartPost=/usr/bin/touch /var/lock/one/.econe.lock
ExecStop=/bin/kill -INT $MAINPID
PIDFile=/var/run/one/econe.pid
Type=simple
Group=cloud
User=oneadmin
[Install]
WantedBy=multi-user.target

30
share/pkgs/openSUSE/systemd/one.service
View File

@ -1,30 +0,0 @@
[Unit]
Description=OpenNebula Cloud Controller Daemon
After=syslog.target
After=network.target
After=remote-fs.target
Before=one_scheduler.service
# Do not start if the scheduler does not exist
ConditionFileIsExecutable=/usr/bin/mm_sched
# Directory lock and run directories must exist
ConditionPathIsDirectory=/var/lock/one
ConditionPathIsDirectory=/var/run/one
# The PID file for the process should not exist, we either have a
# running process or the previous run did not exit cleanly
!ConditionPathExists=/var/run/one/oned.pid
[Service]
# Start daemon in foreground mode, when starting as forking process the
# daemon shuts down without obvious reason.
ExecStart=/usr/bin/oned -f
# Log file location must exist
ExecStartPre=/bin/mkdir -p /var/log/one
ExecStartPre=/bin/chown oneadmin:cloud /var/log/one
ExecStop=/bin/kill -TERM $MAINPID
PIDFile=/var/run/one/oned.pid
Type=simple
Group=cloud
User=oneadmin
[Install]
WantedBy=multi-user.target

20
share/pkgs/openSUSE/systemd/one_scheduler.service
View File

@ -1,20 +0,0 @@
[Unit]
Description=OpenNebula Cloud Scheduler Daemon
After=syslog.target
After=network.target
After=remote-fs.target
After=one.service
BindTo=one.service
!ConditionFileExists=/var/run/one/sched.pid
[Service]
EnvironmentFile=/etc/one/oned.conf
ExecStart=/usr/bin/mm_sched -p $PORT -t 30 -m 300 -d 30 -h 1
ExecStop=/bin/kill -TERM $MAINPID
PIDFile=/var/run/one/sched.pid
Type=simple
Group=cloud
User=oneadmin
[Install]
WantedBy=multi-user.target

109
share/pkgs/openSUSE/systemd/onedsetup
View File

@ -1,109 +0,0 @@
#!/bin/bash
# -------------------------------------------------------------------------- #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
# One time setup for oned
KILL_9_SECONDS=10
LOCK_FILE=/var/lock/one/one
LOCK_FILE_DIR=/var/lock/one
ONE_PID=/var/run/one/oned.pid
ONE_CONF=/etc/one/oned.conf
ONE_DB=/var/lib/one/one.db
ONED=/usr/bin/oned
PORT=$(sed -n '/^[ \t]*PORT/s/^.*PORT\s*=\s*\([0-9]\+\)\s*.*$/\1/p' $ONE_CONF)
if [ $? -ne 0 ]; then
echo "Can not find PORT in $ONE_CONF."
exit 1
fi
if [ ! -d $LOCK_FILE_DIR ]; then
mkdir $LOCK_FILE_DIR > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo "Could not create lock file directory: $LOCK_FILE_DIR"
exit 1
fi
fi
if [ -f $LOCK_FILE ]; then
if [ -f $ONE_PID ]; then
ONEPID=`cat $ONE_PID`
ps $ONEPID > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo "oned already running thus it is configured, nothing to do exiting"
exit 0
fi
fi
echo "Stale .lock detected. Erasing it."
rm $LOCK_FILE
fi
if [ ! -x "$ONED" ]; then
echo "Can not find $ONED."
exit 1
fi
if [ ! -f "$ONE_DB" ]; then
if [ ! -f "$HOME/.one/one_auth" ]; then
if [ -z "$ONE_AUTH" ]; then
echo "You should have ONE_AUTH set the first time you start"
echo "OpenNebula as it is used to set the credentials for"
echo "the administrator user."
exit 1
fi
fi
fi
if [ ! -d /var/lock/one ]; then
mkdir /var/lock/one > /dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Could not create necessary lock directory: /var/lock/one"
exit 1
fi
fi
# Start the one daemon
$ONED -i 2>&1 &
STARTED=$?
CURPID=$!
if [ $STARTED -ne 0 ]; then
echo "Error executing $ONED : Initial setup failed"
exit 1
fi
# Give oned a chance to do it's thing...
sleep 5
# OK we're all done here
# Just in case the process gets stuck, kill it
kill -TERM $CURPID > /dev/null 2>&1
counter=0
while ps $CURPID > /dev/null 2>&1; do
let counter=counter+1
if [ $counter -gt $KILL_9_SECONDS ]; then
kill -9 $CURPID > /dev/null 2>&1
break
fi
sleep 1
done
# If the lock file is left over remove it
rm -f /var/lock/one/one

20
share/pkgs/openSUSE/systemd/oneflow.service
View File

@ -1,20 +0,0 @@
[Unit]
Description=OpenNebula Flow Service for multi tier applications
After=syslog.target
After=network.target
After=one.service
After=one_scheduler.service
BindTo=one.service
!ConditionFileExists=/var/lock/one/.oneflow.lock
[Service]
ExecStart=/bin/bash -c "/usr/bin/oneflow-server start"
ExecStartPost=/usr/bin/touch /var/lock/one/.oneflow.lock
ExecStop=/bin/kill -INT $MAINPID
PIDFile=/var/run/one/oneflow.pid
Type=simple
Group=cloud
User=oneadmin
[Install]
WantedBy=multi-user.target

20
share/pkgs/openSUSE/systemd/onegate.service
View File

@ -1,20 +0,0 @@
[Unit]
Description=OpenNebula Gate Service for Service monitoring
After=syslog.target
After=network.target
After=one.service
After=one_scheduler.service
BindTo=one.service
!ConditionFileExists=/var/lock/one/.onegate.lock
[Service]
ExecStart=/bin/bash -c "/usr/bin/onegate-server start"
ExecStartPost=/usr/bin/touch /var/lock/one/.onegate.lock
ExecStop=/bin/kill -INT $MAINPID
PIDFile=/var/run/one/onegate.pid
Type=simple
Group=cloud
User=oneadmin
[Install]
WantedBy=multi-user.target

2
share/pkgs/openSUSE/systemd/onetmpdirs
View File

@ -1,2 +0,0 @@
d /var/lock/one 0755 oneadmin cloud
d /var/run/one 0755 oneadmin cloud

21
share/pkgs/openSUSE/systemd/sunstone.service
View File

@ -1,21 +0,0 @@
[Unit]
Description=OpenNebula Web UI Server
After=syslog.target
After=network.target
After=one.service
After=one_scheduler.service
BindTo=one.service
!ConditionFileExists=/var/lock/one/.sunstone.lock
[Service]
ExecStart=/bin/bash -c "sleep 5; /usr/bin/ruby /usr/lib/one/sunstone/sunstone-server.rb > /var/log/one/sunstone.log 2>&1"
ExecStop=/bin/kill -INT $MAINPID
PIDFile=/var/run/one/sunstone.pid
Type=simple
Group=cloud
User=oneadmin
[Install]
WantedBy=multi-user.target

1
share/pkgs/services/legacy/README.txt Normal file
View File

@ -0,0 +1 @@
Please note these service scripts are not actively maintained.

0
share/pkgs/CentOS/opennebula → share/pkgs/services/legacy/centos6/opennebula
View File

0
share/pkgs/CentOS/opennebula-econe → share/pkgs/services/legacy/centos6/opennebula-econe
View File

0
share/pkgs/CentOS/opennebula-flow → share/pkgs/services/legacy/centos6/opennebula-flow
View File

0
share/pkgs/CentOS/opennebula-gate → share/pkgs/services/legacy/centos6/opennebula-gate
View File

0
share/pkgs/CentOS/opennebula-novnc → share/pkgs/services/legacy/centos6/opennebula-novnc
View File

0
share/pkgs/CentOS/opennebula-sunstone → share/pkgs/services/legacy/centos6/opennebula-sunstone
View File

0
share/pkgs/Debian7/opennebula → share/pkgs/services/legacy/debian/opennebula
View File

0
share/pkgs/Debian7/opennebula-econe → share/pkgs/services/legacy/debian/opennebula-econe
View File

0
share/pkgs/Debian7/opennebula-flow → share/pkgs/services/legacy/debian/opennebula-flow
View File

0
share/pkgs/Debian7/opennebula-gate → share/pkgs/services/legacy/debian/opennebula-gate
View File

0
share/pkgs/Debian7/opennebula-novnc → share/pkgs/services/legacy/debian/opennebula-novnc
View File

0
share/pkgs/Debian7/opennebula-sunstone → share/pkgs/services/legacy/debian/opennebula-sunstone
View File

0
share/pkgs/Ubuntu/opennebula → share/pkgs/services/legacy/ubuntu/opennebula
View File

0
share/pkgs/Ubuntu/opennebula-econe → share/pkgs/services/legacy/ubuntu/opennebula-econe
View File

0
share/pkgs/Ubuntu/opennebula-flow → share/pkgs/services/legacy/ubuntu/opennebula-flow
View File

0
share/pkgs/Ubuntu/opennebula-gate → share/pkgs/services/legacy/ubuntu/opennebula-gate
View File

0
share/pkgs/Ubuntu/opennebula-novnc → share/pkgs/services/legacy/ubuntu/opennebula-novnc Normal file → Executable file
View File

0
share/pkgs/Ubuntu/opennebula-sunstone → share/pkgs/services/legacy/ubuntu/opennebula-sunstone
View File

0
share/pkgs/CentOS7/opennebula-econe.service → share/pkgs/services/systemd/opennebula-econe.service
View File

0
share/pkgs/CentOS7/opennebula-flow.service → share/pkgs/services/systemd/opennebula-flow.service
View File

0
share/pkgs/CentOS7/opennebula-gate.service → share/pkgs/services/systemd/opennebula-gate.service
View File

0
share/pkgs/CentOS7/opennebula-hem.service → share/pkgs/services/systemd/opennebula-hem.service
View File

0
share/pkgs/CentOS7/opennebula-novnc.service → share/pkgs/services/systemd/opennebula-novnc.service
View File

0
share/pkgs/CentOS7/opennebula-scheduler.service → share/pkgs/services/systemd/opennebula-scheduler.service
View File

0
share/pkgs/CentOS7/opennebula-sunstone.service → share/pkgs/services/systemd/opennebula-sunstone.service
View File

0
share/pkgs/CentOS7/opennebula.service → share/pkgs/services/systemd/opennebula.service
View File

13
share/pkgs/sudoers/centos/opennebula Normal file
View File

@ -0,0 +1,13 @@
Defaults:oneadmin !requiretty
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
Cmnd_Alias ONE_HA = /usr/bin/systemctl start opennebula-flow, /usr/bin/systemctl stop opennebula-flow, /usr/bin/systemctl start opennebula-gate, /usr/bin/systemctl stop opennebula-gate, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/sbin/arping
Cmnd_Alias ONE_LVM = /usr/sbin/lvcreate, /usr/sbin/lvremove, /usr/sbin/lvs, /usr/sbin/vgdisplay, /usr/sbin/lvchange, /usr/sbin/lvscan, /usr/sbin/lvextend
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh
Cmnd_Alias ONE_NET = /usr/sbin/ebtables, /usr/sbin/iptables, /usr/sbin/ip6tables, /usr/sbin/ip, /usr/sbin/ipset
Cmnd_Alias ONE_OVS = /usr/bin/ovs-ofctl, /usr/bin/ovs-vsctl
## Command aliases are enabled individually in dedicated
## sudoers files by each OpenNebula component (server, node).
# oneadmin ALL=(ALL) NOPASSWD: ONE_CEPH, ONE_HA, ONE_LVM, ONE_MARKET, ONE_NET, ONE_OVS

16
share/pkgs/Debian8/opennebula.sudoers → share/pkgs/sudoers/debian/opennebula
View File

@ -1,14 +1,14 @@
Defaults:oneadmin !requiretty
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Cmnd_Alias ONE_MISC = /sbin/mkfs, /bin/sync, /sbin/mkswap
Cmnd_Alias ONE_NET = /sbin/ebtables, /sbin/iptables, /sbin/ip6tables, /sbin/ip, /sbin/ipset, /usr/bin/arping
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
Cmnd_Alias ONE_ISCSI = /usr/bin/iscsiadm, /usr/sbin/tgt-admin, /usr/sbin/tgtadm
Cmnd_Alias ONE_OVS = /usr/bin/ovs-ofctl, /usr/bin/ovs-vsctl
Cmnd_Alias ONE_XEN = /usr/sbin/xentop, /usr/sbin/xl, /usr/sbin/xm
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/bin/arping
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
Cmnd_Alias ONE_LXD = /snap/bin/lxc, /usr/bin/catfstab, /bin/mount, /bin/umount, /bin/mkdir, /bin/lsblk, /sbin/losetup, /sbin/kpartx, /usr/bin/qemu-nbd, /sbin/blkid, /sbin/e2fsck, /sbin/resize2fs, /usr/sbin/xfs_growfs, /usr/bin/rbd-nbd, /usr/sbin/xfs_admin, /sbin/tune2fs
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop
Cmnd_Alias ONE_NET = /sbin/ebtables, /sbin/iptables, /sbin/ip6tables, /sbin/ip, /sbin/ipset
Cmnd_Alias ONE_OVS = /usr/bin/ovs-ofctl, /usr/bin/ovs-vsctl
oneadmin ALL=(ALL) NOPASSWD: ONE_MISC, ONE_NET, ONE_LVM, ONE_ISCSI, ONE_OVS, ONE_XEN, ONE_CEPH, ONE_MARKET, ONE_HA
## Command aliases are enabled individually in dedicated
## sudoers files by each OpenNebula component (server, node).
# oneadmin ALL=(ALL) NOPASSWD: ONE_CEPH, ONE_HA, ONE_LVM, ONE_LXD, ONE_MARKET, ONE_NET, ONE_OVS

1
share/pkgs/sudoers/opennebula-node Normal file
View File

@ -0,0 +1 @@
oneadmin ALL=(ALL:ALL) NOPASSWD: ONE_CEPH, ONE_NET, ONE_OVS, ONE_LVM

1
share/pkgs/sudoers/opennebula-node-lxd Normal file
View File

@ -0,0 +1 @@
oneadmin ALL=(ALL:ALL) NOPASSWD: ONE_LXD

1
share/pkgs/sudoers/opennebula-server Normal file
View File

@ -0,0 +1 @@
oneadmin ALL=(ALL) NOPASSWD: ONE_CEPH, ONE_HA, ONE_MARKET

0
share/pkgs/CentOS7/opennebula-node.conf → share/pkgs/tmpfiles/opennebula-node.conf
View File

0
share/pkgs/CentOS7/opennebula.conf → share/pkgs/tmpfiles/opennebula.conf
View File

80
share/sudoers/sudo_commands.rb
View File

@ -16,78 +16,34 @@
# limitations under the License. #
#--------------------------------------------------------------------------- #
ONE_LOCATION=ENV["ONE_LOCATION"]
ONE_LOCATION = ENV['ONE_LOCATION']
if !ONE_LOCATION
LIB_LOCATION="/usr/lib/one"
LIB_LOCATION = '/usr/lib/one'
else
LIB_LOCATION=ONE_LOCATION+"/lib"
LIB_LOCATION = ONE_LOCATION + '/lib'
end
require "erb"
require 'erb'
require_relative 'sudoers'
CMDS = {
:MISC => %w(mkfs sync mkswap),
:NET => %w(ebtables iptables ip6tables ip ipset arping),
:LVM => %w(lvcreate lvremove lvs vgdisplay lvchange lvscan lvextend),
:ISCSI => %w(iscsiadm tgt-admin tgtadm),
:OVS => %w(ovs-ofctl ovs-vsctl),
:XEN => %w(xentop xl xm),
:CEPH => %w(rbd),
:MARKET => %W{#{LIB_LOCATION}/sh/create_container_image.sh},
:HA => [
'systemctl start opennebula-flow',
'systemctl stop opennebula-flow',
'systemctl start opennebula-gate',
'systemctl stop opennebula-gate',
'service opennebula-flow start',
'service opennebula-flow stop',
'service opennebula-gate start',
'service opennebula-gate stop'
],
}
sudoers = Sudoers.new LIB_LOCATION
aliases = sudoers.aliases
aliases.reject! {|_k, v| v.empty? }
KEYS = CMDS.keys
abs_cmds = {}
not_found_cmds = []
KEYS.each do |label|
cmds = CMDS[label]
_abs_cmds = []
cmds.each do |cmd|
cmd_parts = cmd.split
abs_cmd = `which #{cmd_parts[0]} 2>/dev/null`
if !abs_cmd.empty?
cmd_parts[0] = abs_cmd.strip
_abs_cmds << cmd_parts.join(' ')
else
not_found_cmds << cmd
end
end
abs_cmds["ONE_#{label}"] = _abs_cmds
end
abs_cmds.reject!{|k,v| v.empty?}
puts ERB.new(DATA.read,nil, "<>").result(binding)
if !not_found_cmds.empty?
STDERR.puts "\n---\n\nNot found:"
not_found_cmds.each{|cmd| STDERR.puts("- #{cmd}")}
end
puts ERB.new(DATA.read, nil, '<>').result(binding)
__END__
Defaults !requiretty
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Defaults:oneadmin !requiretty
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
<% KEYS.each do |k|; l = "ONE_#{k}"; v = abs_cmds[l] %>
<% if !v.nil? %>
<% cmd_sets = sudoers.cmds.keys.sort %>
<% cmd_sets.each do |k|; l = "ONE_#{k}"; v = aliases[l] %>
<% if !v.nil? %>
Cmnd_Alias <%= l %> = <%= v.join(", ") %>
<% end %>
<% end %>
<% end %>
oneadmin ALL=(ALL) NOPASSWD: <%= KEYS.select{|k| !abs_cmds["ONE_#{k}"].nil?}.collect{|k| "ONE_#{k}"}.join(", ") %>
## Command aliases are enabled individually in dedicated
## sudoers files by each OpenNebula component (server, node).
# oneadmin ALL=(ALL) NOPASSWD: <%= cmd_sets.each.sort.collect{|k| "ONE_#{k}"}.join(", ") %>

87
share/sudoers/sudoers.rb Normal file
View File

@ -0,0 +1,87 @@
# -------------------------------------------------------------------------- #
# Copyright 2002-2019, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
# Holds configuration about sudoers requirements for OpeNebula
class Sudoers
NODECMDS = [:NET, :OVS, :LVM, :LXD]
attr_accessor :cmds
def initialize(lib_location)
# Commands required to be used as root, without password, by oneadmin
@cmds = {
:NET => %w[ebtables iptables ip6tables ip ipset],
:LVM => %w[
lvcreate lvremove lvs vgdisplay lvchange lvscan lvextend
],
:OVS => %w[ovs-ofctl ovs-vsctl],
:CEPH => %w[rbd],
:LXD => %w[
/snap/bin/lxc /usr/bin/catfstab mount umount mkdir lsblk losetup
kpartx qemu-nbd blkid e2fsck resize2fs xfs_growfs rbd-nbd
xfs_admin tune2fs
],
:HA => [
'systemctl start opennebula-flow',
'systemctl stop opennebula-flow',
'systemctl start opennebula-gate',
'systemctl stop opennebula-gate',
'service opennebula-flow start',
'service opennebula-flow stop',
'service opennebula-gate start',
'service opennebula-gate stop',
'arping'
],
:MARKET => %W[#{lib_location}/sh/create_container_image.sh]
}
end
# Return a list of commands full path
def aliases
cmnd_aliases = {}
cmds.keys.each do |label|
cmd_path = []
cmds[label].each do |cmd|
if cmd[0] == '/'
cmd_path << cmd
next
end
cmd_parts = cmd.split
cmd_parts[0] = which(cmd_parts[0])
if cmd_parts[0].empty?
STDERR.puts "command not found: #{cmd}"
exit 1
end
cmd_path << cmd_parts.join(' ')
end
cmnd_aliases["ONE_#{label}"] = cmd_path
end
cmnd_aliases
end
def which(cmd)
`which #{cmd} 2>/dev/null`.strip
end
end

2
src/tm_mad/fs_lvm/clone
View File

@ -113,7 +113,7 @@ DEV="/dev/${VG_NAME}/${LV_NAME}"
# Execute lvcreate with a lock in the frontend
CREATE_CMD=$(cat <<EOF
set -e -o pipefail
$SUDO $SYNC
$SYNC
$SUDO $LVSCAN
$SUDO $LVCREATE --wipesignatures n -L${SIZE}M -n $LV_NAME $VG_NAME
EOF

2
src/tm_mad/fs_lvm/delete
View File

@ -81,7 +81,7 @@ ACTIVATE_CMD=$(cat <<EOF
if [ -L "$DST_PATH" ]; then
DEV=\$(readlink $DST_PATH)
if echo "\$DEV" | grep "^/dev/" &>/dev/null; then
${SUDO} ${SYNC}
${SYNC}
${SUDO} ${LVSCAN}
${SUDO} ${LVCHANGE} -ay "\${DEV}"
fi

2
src/tm_mad/fs_lvm/mkimage
View File

@ -64,7 +64,7 @@ DEV="/dev/${VG_NAME}/${LV_NAME}"
# Execute lvcreate with a lock in the frontend
CREATE_CMD=$(cat <<EOF
set -e -o pipefail
$SUDO $SYNC
$SYNC
$SUDO $LVSCAN
$SUDO $LVCREATE --wipesignatures n -L${SIZE}M -n $LV_NAME $VG_NAME
EOF

8
src/tm_mad/fs_lvm/mv
View File

@ -95,7 +95,7 @@ if [ `is_disk $SRC_PATH` -eq 1 ]; then
CMD=$(cat <<EOF
set -ex -o pipefail
if [ -b "${SRC_DEV}" ]; then
${SUDO} ${SYNC}
${SYNC}
${SUDO} ${LVSCAN}
${SUDO} ${LVCHANGE} -an "${SRC_DEV}"
fi
@ -120,7 +120,7 @@ EOF
# create new volume
CREATE_CMD=$(cat <<EOF
set -e -o pipefail
${SUDO} ${SYNC}
${SYNC}
${SUDO} ${LVSCAN}
SIZE=\$(${SUDO} ${LVS} --noheadings --units B -o lv_size "${SRC_DEV}" | tr -d '[:blank:]')
${SUDO} ${LVCREATE} --wipesignatures n -L"\${SIZE}" -n "${LV_NAME}" "${DST_VG_NAME}"
@ -140,7 +140,7 @@ EOF
DELETE_CMD=$(cat <<EOF
set -e -o pipefail
${SUDO} ${LVREMOVE} -f ${SRC_DEV}
${SUDO} ${SYNC}
${SYNC}
rm -f "${SRC_PATH}"
ln -s "${DST_DEV}" "${SRC_PATH}"
@ -155,7 +155,7 @@ EOF
# activate
CMD=$(cat <<EOF
set -ex -o pipefail
${SUDO} ${SYNC}
${SYNC}
${SUDO} ${LVSCAN}
${SUDO} ${LVCHANGE} -ay "${DST_DEV}"

2
src/tm_mad/fs_lvm/postmigrate
View File

@ -44,7 +44,7 @@ fi
CMD=$(cat <<EOF
set -ex -o pipefail
$SUDO $SYNC
$SYNC
$SUDO $LVSCAN
for disk in \$(ls ${DST_PATH}/disk.*); do

2
src/tm_mad/fs_lvm/premigrate
View File

@ -44,7 +44,7 @@ fi
CMD=$(cat <<EOF
set -ex -o pipefail
$SUDO $SYNC
$SYNC
$SUDO $LVSCAN
for disk in \$(ls ${DST_PATH}/disk.*); do

2
src/tm_mad/fs_lvm/resize
View File

@ -80,7 +80,7 @@ fi
# Execute lvextend with a lock in the frontend
RESIZE_CMD=$(cat <<EOF
set -e -o pipefail
$SUDO $SYNC
$SYNC
$SUDO $LVSCAN
$SUDO $LVEXTEND -L${SIZE}M "$DEV"
EOF

22
src/vmm_mad/remotes/lib/lxd/opennebula-lxd
View File

@ -1,22 +0,0 @@
# -------------------------------------------------------------------------- #
# Copyright 2002-2019, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
#
# This file is meant for allow oneadmin to run the following commands as root
#
Cmnd_Alias ONE_MAPPER = /bin/lsblk, /sbin/losetup, /bin/mount, /bin/umount, /sbin/kpartx, /usr/bin/qemu-nbd, /bin/mkdir, /usr/bin/catfstab, /sbin/blkid, /sbin/e2fsck, /sbin/resize2fs, /usr/sbin/xfs_growfs, /usr/bin/rbd-nbd, /usr/sbin/xfs_admin, /sbin/tune2fs
oneadmin ALL=(ALL:ALL) NOPASSWD: ONE_MAPPER