antoine.perederii
/
IUT
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ajout de systeme

Browse Source
master
antoine.perederii 2 years ago
parent c59b03194c
commit 3d87072159
900 changed files with 105504 additions and 0 deletions
Show Stats Download Patch File Download Diff File

0
id_rsa.pub → cle_ssh/id_rsa.pub
Unescape View File

17
vdn/LICENCE
Unescape View File

@ -0,0 +1,17 @@
Virtual Didactic Network (VDN).
Copyright (C) 2006-2018 Guénal DAVALAN <guenal.davalan@uca.fr>.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.

5
vdn/README
Unescape View File

@ -0,0 +1,5 @@
=== Virtual Didactic Network ===
see : http://opale.u-clermont1.fr/vdn

54
vdn/allocators/db-default/hosts
Unescape View File

@ -0,0 +1,54 @@
fixme:distributeur
fixme:client
fixme:appolo
fixme:brightside
fixme:comanche
fixme:passerelle
fixme:darkside
fixme:castafiore
docker:docker
demo:web
demo:societe
demo:lambda
demo:tiny
demo:bigboss
demo:nomade
demo-buster:web
demo-buster:societe
demo-buster:lambda
demo-buster:tiny
demo-buster:bigboss
demo-buster:nomade
zoo:bullseye
zoo:buster-test
zoo:bullseye-test
zoo:buster-test-tgz2
zoo:sae103
zoo:docker
zoo:buster-tgz2
zoo:bullseye-sae
zoo:bullseye-test-tgz2
zoo:bookworm
zoo:buster
zoo:bullseye-tgz2
firewall:web
firewall:societe
firewall:lambda
firewall:tiny
firewall:bigboss
firewall:nomade
routing-static:r2
routing-static:s2
routing-static:s1
routing-static:r5
routing-static:r1
routing-static:r4
routing-static:r3
sae103:sae103
routing-ospf:r2
routing-ospf:s2
routing-ospf:s1
routing-ospf:r5
routing-ospf:r1
routing-ospf:r4
routing-ospf:r3

14
vdn/allocators/db-default/hosts.global
Unescape View File

@ -0,0 +1,14 @@
fixme:brightside
fixme:passerelle
fixme:darkside
docker:docker
demo:societe
demo:lambda
demo:nomade
demo-buster:societe
demo-buster:lambda
demo-buster:nomade
firewall:societe
firewall:lambda
firewall:nomade
sae103:sae103

9
vdn/allocators/db-default/networks
Unescape View File

@ -0,0 +1,9 @@
fixme
docker
demo
demo-buster
zoo
firewall
routing-static
sae103
routing-ospf

3174
vdn/allocators/db-default/users
View File

File diff suppressed because it is too large Load Diff

276
vdn/allocators/default
Unescape View File

@ -0,0 +1,276 @@
#!/bin/bash
set -u
PUBLIC_PREFIX=20 # 20, 21, 22...
MCAST_PREFIX_BASE="235"
MCAST_COMMON_ADDR="$MCAST_PREFIX_BASE.0.0.1"
MCAST_BASE_PORT=4000
set +u
[ -z "$USER" ] && export USER=$(id -un)
set -u
error() {
echo ERROR : "allocator : $@ !"
exit 1
}
# Numéro de l'utilisteur sur la machine
# Utilisé par la redirection de port
computeLocalUser() {
set +u
[ -z "$USER" ] && export USER=$(id -un)
set -u
local u=$USER
#[ $# = 2 ] && u=$2
ps --no-headers --sort=start_time -eo user:14,lstart | gawk -v USER=$u -e '
BEGIN {
n=0
}
/[^[:space:]]+ .*/ {
user=$1
#print $0 USER "===" user
if(user == USER) {
print n%32
exit 0
}
if ( ! ( user in users ) ) {
#print "SET USER : user :" $0
users[user]=n
n=n+1
}
}
'
}
# Calcule les paramètres d'un hôte
# $1 : hôte
computeDb() {
local split host network user domain
[ -d $VDN_PATH/allocators/db-$VDN_RESOURCES_ALLOCATOR ] && dir=$VDN_PATH/allocators/db-$VDN_RESOURCES_ALLOCATOR
[ -d /etc/vdn/allocators/db-$VDN_RESOURCES_ALLOCATOR ] && dir=/etc/vdn/allocators/db-$VDN_RESOURCES_ALLOCATOR
ALLOCATOR_DIR=$dir
[ -z "$dir" ] && error "Allocators dir not found!"
split="${1//./ }"
set - $split
set +u
host=$1
network=$2
user=$3
domain=$4
[ -z "$domain" ] && domain=vdn
[ $domain != vdn ] && error "computeDb : bad domain $domain"
set +u
[ -z "$user" -a -n "$GUEST_OWNER" ] && user=$GUEST_OWNER
set -u
[ -z "$user" ] && user=$USER
[ -z "$network" ] && {
[ -z "$NETWORK_DIR" ] &&
error "computeDb : no network and NETWORK_DIR is empty !"
network=$(basename $NETWORK_DIR)
}
[ -z "$host" ] && error "computeDb : host is empty !"
#echo "computeDb : $VDN_NETWORKS_BASE_DIR/$network/$host.conf" >&2
##[ ! -e $VDN_NETWORKS_BASE_DIR/$network/$host.conf ] && \
## error "computeDb : host $host not found in network $network!"
grep -q $network:$host $dir/hosts || {
error "host $host not found in network $network"
}
###
set +u
[ -z "$DB_CURRENT_USER" ] && DB_CURRENT_USER=""
set -u
[ "$user" != "$DB_CURRENT_USER" ] && {
! cat $dir/users | grep -q "^$user$" &&
error "computeDb : user $user not found"
export DB_CURRENT_USER_NUM=$(cat $dir/users | grep -n "^$user$" | cut -d ':' -f 1)
export DB_CURRENT_USER=$user
export DB_CURRENT_LOCAL_USER_NUM=$(computeLocalUser $user $host)
}
[ -z "$DB_CURRENT_LOCAL_USER_NUM" ] && $(computeLocalUser $user $host)
set +u
[ -z "$DB_CURRENT_NETWORK" ] && DB_CURRENT_NETWORK=""
set -u
[ "$network" != "$DB_CURRENT_NETWORK" ] && {
#local netList=$(cd $VDN_NETWORKS_BASE_DIR; find . -maxdepth 1 -type d)
local netList=$(cat $dir/networks)
export DB_CURRENT_NETWORKS_LIST="$netList"
DB_CURRENT_NETWORK_NUM=$(echo "$DB_CURRENT_NETWORKS_LIST" | grep -n "^$network$" | cut -d ':' -f 1)
[ -z "$DB_CURRENT_NETWORK_NUM" ] &&
error "computeDb : DB_CURRENT_NETWORK_NUM empty (not in $VDN_NETWORKS_BASE_DIR ?)"
#local hostsList=$(cd $VDN_NETWORKS_BASE_DIR/$network; find . -maxdepth 1 -type f -name '*.conf' )
local hostsList=$(cat $dir/hosts | grep "^$network:" | cut -d ':' -f 2 )
export DB_CURRENT_HOSTS_LIST="$hostsList"
DB_CURRENT_HOST_NUM=$(echo "$DB_CURRENT_HOSTS_LIST" | grep -n "^$host$" | cut -d ':' -f 1)
[ -z "$DB_CURRENT_HOST_NUM" ] && {
error "computeDb : DB_CURRENT_HOST_NUM empty (not in $VDN_NETWORKS_BASE_DIR/$network/*.conf ?)"
}
DB_CURRENT_NETWORK=$network
DB_CURRENT_HOST=$host
}
cat << EOF > /dev/null
echo "
host:$host
network:$network
user:$user
hostNum:$DB_CURRENT_HOST_NUM
networkNum:$DB_CURRENT_NETWORK_NUM
userNum=$DB_CURRENT_USER_NUM
"
EOF
}
# $1 : host
# $2 : proto (tcp/udp)
# $3 : port à redirigé
# en sortie : affichage d'un port libre
computeRedir() {
local base dst proto=$2
computeDb $1
base=$(( 5000+$DB_CURRENT_LOCAL_USER_NUM*1024 ))
dst=$(( $base + $DB_CURRENT_HOST_NUM*32+($3%16) ))
dst=$(findUnusedPort $proto $dst)
echo $dst
}
# Affiche l'IP PUBLIC de la machine
# L'hôte (ex : tiny.demo.user.vdn)
computePublicIp() {
computeDb $1
grep -q "$DB_CURRENT_NETWORK:$DB_CURRENT_HOST" $ALLOCATOR_DIR/hosts.global || return
#echo $NETWORKS | egrep -q 'NET_0|NET_G' || return
#echo "keys: $DB_CURRENT_USER $DB_CURRENT_NETWORK $DB_CURRENT_HOST"
#echo "keys: userNum networkNum hostNum : $DB_CURRENT_USER_NUM $DB_CURRENT_NETWORK_NUM $DB_CURRENT_HOST_NUM"
# 20.X.Y.Z => 24 bits dispo
# Une adresse IP_PUBLIC par machine
# 13 bits de poids fort pour le numero de l'utilisateur (max 8192)
# 6 bits pour le numéro réseau (max 64 réseaux)
# 5 bits pour le numéro d'hôte (max 32 hôte par réseau)
#
# IP = -------- -------- ---------
# ^ ^^ ^^ ^
# +------------++------++---+
# user net host
local ip=$(( $DB_CURRENT_USER_NUM * 2**11 + $DB_CURRENT_NETWORK_NUM * 2**5 + $DB_CURRENT_HOST_NUM))
ip1=$(( $ip/2**24 ))
ip2=$(( ($ip-$ip1*2**24) / 2**16 ))
ip3=$(( ($ip- $ip1*2**24 - $ip2*2**16) / 2**8 ))
ip4=$(( $ip % 256 ))
echo "$(($PUBLIC_PREFIX+$2)).$ip2.$ip3.$ip4"
}
# $1 :
# $2 : le numéro du lien souhaihé
computeMacAddr() {
computeDb $1
# xx:xx:xx:xx:xx:xx
# 52 ----- -- -- --
# ^ -interface (8 bits, max 256 interface par hôte)
# ^- host (8 bits, max 256 hôtes par réseau)
# ^network (8 bits, max 256 réseaux)
# ^user (16 bits, max 65536 utilisateurs)
local uHigh=$(($DB_CURRENT_USER_NUM /256))
local uLow=$(($DB_CURRENT_USER_NUM %256))
printf "52:%02X:%02X:%02X:%02X:%02X\n" $uHigh $uLow $DB_CURRENT_NETWORK_NUM $DB_CURRENT_HOST_NUM $2
}
# Affiche l'adresse IPv4 multicast du brin ethernet n°$1
# $1 : l'hôte
# $2 : le numéro du lien souhaité
computeEthLink() {
computeDb $1
echo "=== computeEthLink:$2" >&2
echo "DB_CURRENT_USER_NUM:$DB_CURRENT_USER_NUM" >&2
echo "DB_CURRENT_NETWORK_NUM:$DB_CURRENT_NETWORK_NUM" >&2
#echo "DB_CURRENT_HOST_NUM:$DB_CURRENT_HOST_NUM" >&2
# idem que pour l'IP publique sauf :
# - préfixe de l'adresse mcast IPv4
# - le numéro de brin remplace le numéro d'hôte.
# (5bits = 32 brins max par réseau)
# 230.X.Y.Z
# 13 bits de poids fort pour le numero de l'utilisateur (max 8192)
# 6 bits pour le numéro réseau (max 64 réseaux)
# 5 bits pour le numéro de brins (max 32 hôte par réseau)
#
# IP = -------- -------- ---------
# ^ ^^ ^^ ^
# +------------++----++---+
# user net link
local ip=$(( $DB_CURRENT_USER_NUM * 2**11 + $DB_CURRENT_NETWORK_NUM * 2**5))
ip1=$(( $ip/2**24 ))
ip2=$(( ($ip-$ip1*2**24) / 2**16 ))
ip3=$(( ($ip- $ip1*2**24 - $ip2*2**16) / 2**8 ))
ip4=$(( $ip % 256 ))
echo "==> $MCAST_PREFIX_BASE.$ip2.$ip3.$ip4:$MCAST_BASE_PORT" >&2
echo "$MCAST_PREFIX_BASE.$ip2.$ip3.$ip4:$MCAST_BASE_PORT"
}

13
vdn/allocators/resolv
Unescape View File

@ -0,0 +1,13 @@
#!/bin/bash
[ -z "$2" ] && n=0 || n=$2
if [ -e /etc/vdn/config ]; then
. /etc/vdn/config
. /etc/vdn/allocators/$VDN_RESOURCES_ALLOCATOR
computePublicIp $1 $n
else
vdn-query PUBLIC_IP $n $1
fi

1
vdn/authorized-root.txt
Unescape View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYtj+/9jtKUkVrcYBwmanz3WpgPON5nl7+3uj8g7bV2Wz8xavHJSqLpC1tLdAdKjcou5tKL23vDPRaYjFcOAt1A2JJQnoMk56AboeEAnJabGKH/2rhWRYifePVe9LJqzj8h/haF5/JETwJsNRGvmAXYKPW+2srkpP6UyacjoAzwsYHuPtc1hrmJ0vfrc1HDcRrypNZmrzmtSqD08iKmnaSZiQ54P+5bEzJbV03rDF5YG5xYsKYBy0WavZjA05Ouy6OGMUCBKZ6LjMKhtFiYmrdS3TQn9V9rwtr9OLTQU3ZWwWd0VQ9ORnkChVo20mfznfTpTVbccVuGtEsXlUgjwql gudavala

BIN
vdn/bin/bbfs
View File

Binary file not shown.

BIN
vdn/bin/ext4fuse
View File

Binary file not shown.

551
vdn/bin/functions-build.sh
Unescape View File

@ -0,0 +1,551 @@
#!/bin/bash
link() {
ls -l $1 | cut -d '>' -f 2- | cut -d ' ' -f 2
}
injectFileAndLink() {
local b=$(basename $1)
local d=$(dirname $1)
local l
#echo "--> $1"
[ ! -d $DST/$d ] && mkdir -p $DST/$d
[ ! -e $DST/$1 ] && {
#echo "cp $1 $DST/$1"
cp -a $1 $DST/$1
}
if [ -L $1 ]; then
l=$(link $1)
# Absolute link
if ! echo $l | grep -q '^/'; then
l=$d/$l
fi
injectFileAndLink $l
fi
}
injectDepends() {
local b d l ld
#echo "deps : $1"
! file $1 | grep -q 'dynamically linked' && return
# Dynmamic linker
l=$(ldd $1 | grep -v '=>' | grep ld-linux | sed -re 's/^[[:space:]]*//' | cut -d ' ' -f 1)
#echo " $l"
injectFileAndLink $l
# Libraries
for l in $(ldd $1 | grep '=>' | cut -d '>' -f 2 | cut -d ' ' -f 2); do
#echo " -> $l"
injectFileAndLink $l
done
}
injectCommandWithDepends() {
local f=$1
if ! echo $1 | grep -q '/'; then
f=$(whereis -b -B $SEARCH_DIRS -f $1 | cut -d ' ' -f 2)
fi
#echo "*** $f"
[ -z "$f" ] && error "Command $f not found in $SEARCH_DIRS !"
injectFileAndLink $f
injectDepends $f
if [ -L $f ]; then
f=$(link $f)
injectCommandWithDepends $f
fi
}
getRandomPasswd() {
local k
while :; do
k=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom 2> /dev/null | head -c${1:-32} )
if [ $(echo -n $k | wc -c) = 32 ]; then
break
fi
echo "Wait for entropy avail : $(cat /proc/sys/kernel/random/entropy_avail)" >&2
sleep 1
done
echo -n $k
}
debootstrap() {
#if [ -e $VDN_PATH/files/$HDA ]; then
# echo "Warning : $VDN_PATH/files/$HDA exist. Skip debootstrap !"
# return
#fi
ID=$(echo $GUEST_SYS|cut -d '/' -f 1)
VERSION_CODENAME=$(echo $GUEST_SYS|cut -d '/' -f 2)
TMP_DIR=/tmp/bootstrap-$VERSION_CODENAME-$USER
KVERS=$(uname -r)
[ -n "$KVERS" ] || { error "KVERS is empty !?! "; }
LOCAL_KERNEL=$(ls /boot/vmlinuz*$KVERS | head -n 1)
[ -n "$LOCAL_KERNEL" ] || { error "No kernel found in /boot for $KVERS"; }
LOCAL_INITRD=$(ls /boot/initrd*$KVERS | head -n 1)
[ -n "$LOCAL_INITRD" ] || { error "No initrd found in /boot for $KVERS"; }
FORMAT=$(file $LOCAL_INITRD)
case "$FORMAT" in
*gzip*) FORMAT=gzip;;
*cpio*) FORMAT=asciiCpio;;
*Zstandard*) FORMAT=zStandard;;
*) echo "Unknown initrd format ($FORMAT)" >&2
exit 1
esac
if [ $FORMAT = zStandard ]; then
[ -z "$(which zstdcat)" ] && error "zstdcat not found ! Need zstd package !"
[ -z "$(which zstd)" ] && error "zstd not found ! Need zstd package !"
fi
[ ! -d $TMP_DIR/initrd ] && mkdir -p $TMP_DIR/initrd
export DST=$TMP_DIR/initrd
(
set -eu
cd $TMP_DIR
if [ ! -e $TMP_DIR/initrd/init ]; then
echo "Extract $LOCAL_INITRD..."
case $FORMAT in
asciiCpio|gzip) ( cd initrd && zcat $LOCAL_INITRD | cpio -idm > /dev/null);;
zStandard) ( cd initrd && zstdcat $LOCAL_INITRD | cpio -idm > /dev/null )
esac
fi
[ -e $TMP_DIR/initrd/init.bak ] || cp $TMP_DIR/initrd/init $TMP_DIR/initrd/init.bak
#rm -f $DST/bin/busybox $DST/usr/bin/busybox
echo "Inject packages..."
#apt-get download haveged
#dpkg -x haveged*.deb initrd
#apt-get download libhavege2
#dpkg -x libhavege2*.deb initrd
apt-get download busybox
dpkg -x busybox_*.deb initrd
apt-get download debootstrap
dpkg -x debootstrap*.deb initrd
apt-get download file
dpkg -x file*.deb initrd
apt-get download libmagic-mgc
dpkg -x libmagic-mgc*.deb initrd
#apt-get download haveged
#dpkg -x haveged*.deb initrd
echo "Inject files and program with depends..."
[ ! -d $DST/bin ] && mkdir $DST/bin
injectCommandWithDepends /bin/bash
injectCommandWithDepends /sbin/modprobe
injectCommandWithDepends /sbin/fdisk
injectCommandWithDepends /sbin/mke2fs
injectCommandWithDepends /usr/bin/gpgv
injectCommandWithDepends /usr/bin/perl
#injectCommandWithDepends /usr/bin/file
#injectCommandWithDepends /usr/bin/ldd
#injectCommandWithDepends /usr/bin/strace
#injectCommandWithDepends /usr/bin/script
injectFileAndLink /lib/x86_64-linux-gnu/libresolv.so.2
injectFileAndLink /lib/x86_64-linux-gnu/libnss_files.so.2
injectFileAndLink /lib/x86_64-linux-gnu/libnss_dns.so.2
#injectFileAndLink /usr/lib/x86_64-linux-gnu/libidn2.so
cp /sbin/mke2fs $DST/bin/mke2fs
#injectCommandWithDepends /bin/grep
#mv $DST/usr/bin/grep $DST/bin/grep
#injectCommandWithDepends /usr/bin/perl
#injectCommandWithDepends /usr/bin/wget
#cp /usr/bin/wget $DST/bin
mkdir -p $DST/usr/share/keyrings
cp /usr/share/keyrings/debian-archive-keyring.gpg $DST/usr/share/keyrings
cp /etc/resolv.conf $DST/etc/resolv.conf
)
echo "Inject scripts..."
cp $VDN_PATH/scripts/on-boot $TMP_DIR/initrd
set +u
cat << EOF > $TMP_DIR/initrd/init
#!/bin/bash
#set -a
#. /config
#set +a
[ -d /dev ] || mkdir -m 0755 /dev
[ -d /proc ] || mkdir /proc
[ -d /sys ] || mkdir /sys
mkdir -p /var/lock
mount -t sysfs -o nodev,noexec,nosuid sysfs /sys
mount -t proc -o nodev,noexec,nosuid proc /proc
mkdir /dev/pts
mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /dev/pts
modprobe virtio_pci
modprobe virtio_blk
modprobe ext4
modprobe crc32c
modprobe virtio-net
mdev -s
rm -f /dev/null; mknod -m 666 /dev/null c 1 3
if ! fdisk -l /dev/vda | grep -q /dev/vda1; then
echo -e "n\np\n1\n\n\nw\n" | fdisk /dev/vda
mdev -s
/bin/mke2fs -j -t ext4 /dev/vda1
fi
rm -f /dev/null; mknod -m 666 /dev/null c 1 3
mkdir -p /tmp/d
mount /dev/vda1 /tmp/d || {
echo "Can't mount partition !" >&2
echo "Repair + exit to continue or poweroff -f to halt !"
/bin/busybox ash
}
ifconfig eth0 10.0.2.15
route add default gw 10.0.2.2
ln -sf /bin/bash /bin/sh
[ -n "$http_proxy" ] && export http_proxy="$http_proxy"
[ -n "$https_proxy" ] && export https_proxy="$https_proxy"
#echo "Before debootstrap. exit to continue."
#/bin/sh -i
if [ ! -d /tmp/d/bin ]; then
echo "Debootstrap $VERSION_CODENAME ..."
debootstrap --arch=amd64 $VERSION_CODENAME /tmp/d
fi
mount -o bind /dev /tmp/d/dev
mount -t devpts -o noexec,nosuid,gid=5,mode=0620 devpts /tmp/d/dev/pts
mount -o bind /proc /tmp/d/proc
mount -o bind /sys /tmp/d/sys
#cp /config /tmp/d/root/config
cp /base.sh /tmp/d/root/base.sh
[ ! -d /tmp/d/etc/vdn ] && mkdir -p /tmp/d/etc/vdn
cp /on-boot /tmp/d/etc/vdn
chmod 755 /tmp/d/etc/vdn/on-boot
#echo "Before chroot, exit to quit"
#/bin/busybox ash
chroot /tmp/d /root/base.sh
#echo "In chroot exit to quit"
#chroot /tmp/d /bin/bash
#/bin/busybox ash
poweroff -f
EOF
chmod 755 $TMP_DIR/initrd/init
cat << EOF > $DST/base.sh
#set -a
#. /root/config
#set +a
export DEBIAN_FRONTEND=noninteractive
[ -n "$http_proxy" ] && export http_proxy="$http_proxy"
[ -n "$https_proxy" ] && export https_proxy="$https_proxy"
apt-get -y update
apt-get -y upgrade
apt-get -y install linux-image-amd64 grub2
# Inject initramfs config scripts
[ ! -d /etc/initramfs-tools ] && mkdir -p /etc/initramfs-tools
echo "overlay" >> /etc/initramfs-tools/modules
sed -i -re 's/^MODULES=.*$/MODULES=dep/' /etc/initramfs-tools/initramfs.conf
update-initramfs -u
update-grub
rm -f /etc/initramfs-tools/scripts/init-premount/vdn
cat << END > /etc/initramfs-tools/scripts/local-bottom/vdn
#!/bin/sh
PREREQ="lvm"
prereqs()
{
echo "\\\$PREREQ"
}
case \\\$1 in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
# Begin real processing below this line
echo "ECHO : Starting vdn pre-mount, exit to quit !" >&2
log_begin_msg "Starting vdn pre-mount, exit to quit !"
# Extract tgz
lastDisk=\\\$(ls /dev/vd*| grep '/...$' | tail -n 1)
if [ -n "\\\$lastDisk" ]; then
if tar -C / -xzf \\\$lastDisk; then
set -a
. /etc/vdn/config
set +a
else
echo >&2
echo "WARNING : no vdn config partition found !" >&2
sleep 3
exit 1
fi
else
echo 'Not a VDN VM (/dev/vd? !)' >&2
sleep 3
exit 1
fi
#echo "/etc/initramfs-tools/scripts/local-bottom/vdn : before . /etc/vdn/on-initramfs" >&2
#/bin/busybox ash
chown root:root /
chmod 755 /
. /etc/vdn/on-initramfs
log_end_msg
END
chmod 755 /etc/initramfs-tools/scripts/local-bottom/vdn
#echo "base.sh : after install kernel"
#/bin/bash -i
[ -n "$http_proxy" ] && export http_proxy="$http_proxy"
[ -n "$https_proxy" ] && export https_proxy="$https_proxy"
apt-get -y update
apt-get -y upgrade
apt-get -y install ssh locales mingetty file
#grub-install /dev/vda
#update-grub
echo "root:$(getRandomPasswd)" | chpasswd
[ ! -e /home/test ] && adduser --disabled-password --gecos '' test
echo "test:$(getRandomPasswd)" | chpasswd
apt-get -y install ssh # task-ssh-server
#apt-get -y install task-xfce-desktop
cat << END > /etc/fstab
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/vda1 during installation
/dev/vda1 / ext4 errors=remount-ro 0 1
END
[ ! -d /etc/vdn ] && mkdir /etc/vdn
if [ ! -e /etc/rc.local ]; then
cat << END > /etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
END
fi
if ! grep -q /etc/vdn/on-boot /etc/rc.local; then
cat << END >> /etc/rc.local
sh /etc/vdn/on-boot
END
fi
chmod 755 /etc/rc.local
echo "Allow root autologin on ttyS0"
sed -i -re 's,^ExecStart=.*$,ExecStart=-/sbin/mingetty --noclear --autologin root %I,' /lib/systemd/system/serial-getty@.service
echo "Allow net.ifnames=0 in GRUB + console"
sed -i -re 's,^GRUB_CMDLINE_LINUX_DEFAULT=.*$,GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0 console=ttyS0\,115200n8 noresume blacklist=floppy\",' /etc/default/grub
echo "Set 1s timout for Grub menu"
sed -i -re 's,^GRUB_TIMEOUT=.*$,GRUB_TIMEOUT=0,' /etc/default/grub
update-grub
echo "Allow ssh root connection"
if grep -q '^#?PermitRootLogin ' /etc/ssh/sshd_config; then
sed -i -re 's/^#?PermitRootLogin/PermitRootLogin prohibit-password' /etc/ssh/sshd_config
else
echo 'PermitRootLogin prohibit-password' >> /etc/ssh/sshd_config
fi
#apt-get install -y --reinstall linux-image-amd64
update-initramfs -u
grub-install /dev/vda
#update-grub
#echo "End of base.sh, exit to quit"
#/bin/bash -i
EOF
chmod 755 $DST/base.sh
[ ! -e $VDN_PATH/files/$HDA ] && {
echo "Create sparse disk $VDN_PATH/files/$HDA ($HDA_SIZE M)..."
dd of=$VDN_PATH/files/$HDA count=0 bs=1M seek=$HDA_SIZE
}
# Build $TMP_DIR/initrd.img
#if [ ! -e $TMP_DIR/initrd.img ]; then
echo "Create $TMP_DIR/initrd.img..."
case $FORMAT in
asciiCpio|gzip) ( cd $TMP_DIR/initrd && find . | cpio -o -H newc -R root:root | gzip -9 > $TMP_DIR/initrd.img);;
zStandard) ( cd $TMP_DIR/initrd && find . | cpio -o -H newc -R root:root | zstd -9 > $TMP_DIR/initrd.img );;
esac
#fi
#echo "Press return to continue !"
#read
echo "Boot and debootstrap..."
qemu-system-x86_64 -kernel $LOCAL_KERNEL -smp 8 -enable-kvm -cpu host -device virtio-rng-pci,rng=rng0 -object rng-random,filename=/dev/urandom,id=rng0 -rtc base=localtime -m 3072M -nographic -serial mon:stdio -monitor null -initrd $TMP_DIR/initrd.img -append "root=/dev/vda boot=live ro console=ttyS0,115200n8 net.ifnames=0 noresume" -boot order=c -drive file=$VDN_PATH/files/$HDA,if=virtio,format=raw -device virtio-net-pci,netdev=n0,mac=52:56:0A:E8:00:02 -netdev user,id=n0
}
# $1 : system name started
cleanHistory() {
echo "Clear /var/log, history, ..."
vdn-ssh -t root@$1 '
#rm -Rf /etc/vdn
set -a
. /etc/vdn/config
set +a
rm -f /etc/vdn-$MODE-initialized
#for i in $(find /var/log -type f); do cat /dev/null > $i; done
find /var/log -name "*.gz" -delete
echo "Clear .bash_history"
rm -f /root/.bash_history
touch /root/.bash_history
chmod 600 /root/.bash_history
rm -f /home/test/.bash_history
touch /home/test/.bash_history
chmod 600 /home/test/.bash_history
echo "Clear .cache .mozilla"
for d in /root /home/test; do
rm -Rf $d/.cache
rm -Rf $d/.mozilla
done
echo "$$$ Clear apt-cache..."
apt autoremove -y
sleep 1
apt-get clean
echo "Clear authorized_keys (only user test)"
for d in /root /home/test; do
rm -f $d/.ssh/authorized_keys
rm -Rf $d/.mozilla
done
echo end of cleaning !
echo "poweroff (in 3 s) !"
poweroff -f
'
}

635
vdn/bin/functions-scripts.sh
Unescape View File

@ -0,0 +1,635 @@
#!/usr/bin/env bash
set +u
[ -z "$USER" ] && USER=$(id -un)
set -u
GUEST_OWNER=$USER
# Ces fonctions peuvent êtres utilisées par les scripts de configuration et
# de test d'un réseau.
error() {
echo -e "\033[0;31;1mError in $SCRIPT !\033[0m" >&2
echo
if [ $READ -eq 1 ]; then
echo
echo "touche \"Entrée\" pour terminer."
read
fi
exit 1
}
diagOld() {
printf "%-70s" "$@"
}
green() {
local n=""
[ "$1" = "-n" ] && { n="-n"; shift; }
echo $n -e "\033[0;32;1m$@\033[0m"
}
red() {
local n=""
[ "$1" = "-n" ] && { n="-n"; shift; }
echo $n -e "\033[0;31;1m$@\033[0m"
}
diagResult() {
[ "$1" = 0 ] && green " ok" || red " ko"
echo
}
diagResultWithMessage() {
echo
echo -en "$1 ... "
[ "$2" = 0 ] && green " ok" || red " ko"
echo
}
diag() {
local r
local term="-t"
#if [ "$1" = "-t" ]; then
# term="-t"
# shift
#fi
if [ "$1" = "-n" ]; then
term=""
shift
fi
echo -e "$2"
echo -ne " Please wait...\r"
set +e
vdn-ssh $term $1 "$3 &> /dev/null"
r=$?
set -e
echo -ne " \r"
#diagResult $r
return $r
}
vdnTest() {
local error=0
local message="$1"
local cmd="$2"
b=$(echo "$1" | base64 | tr '/' '-')
echo -n "$1 ... "
eval $cmd &> /dev/null
error=$?
#echo -n ""
[ $error = 0 ] && green ok || red ko
VDN_TESTS_DIR=/tmp/vdn-$USER/tests
[ ! -d $VDN_TESTS_DIR ] && mkdir -p $VDN_TESTS_DIR
echo "$1" > $VDN_TESTS_DIR/$b
echo $error >> $VDN_TESTS_DIR/$b
#errors=$(($errors+$error))
return $error
}
warning() {
echo -e "\033[1;33;1mWarning in $SCRIPT !\033[0m" >&2
}
request() {
echo
echo -e "$@"
echo
echo -n "Confirmez (O/n) : "
read
if [ -z "$REPLY" -o "$REPLY" = "o" -o "$REPLY" = "O" ]; then
return 0
fi
return 1
}
setDebugMode() {
[ $VDN_DEBUG = 1 ] && set -x || :
}
setErrorHandler() {
setDebugMode
set +u
[ -z "$SCRIPT" ] && SCRIPT=$(basename "$1") || :
set -u
trap "error" 0
}
echoStart() {
echo
echo "Start : $SCRIPT"
#START_DATE=$(date +%s)
}
echoDone() {
#echo -e "\033[0;32;1m$SCRIPT : done.\033[0m"
echo
echo -ne "\033[0;34;1mdone\033[0m (time : "
gawk 'BEGIN {print strftime("%M:%S)",'$(date +%s)-$START_DATE')}'
}
echoDoneWithTestErrors() {
#echo -e "\033[0;32;1m$SCRIPT : done.\033[0m"
errors=${errors:-0}
echo
[ "$errors" = 0 ] && green -n ok || red -n ko
echo -en " (time : "
gawk 'BEGIN {print strftime("%M:%S)",'$(date +%s)-$START_DATE')}'
}
unsetErrorHandler() {
trap - 0
}
startGuests() {
local i
local n=0
for i in $@; do
echo -n "Alive $i ? : "
if ! $VDN_PATH/bin/vdn-alive $i ; then
echo "No : Start $i..."
set +u
#set -x
if [ "$WITH_GUI" = 1 -o "$VDN_GUI" = 1 ]; then
vdn-start -g $i
elif [ $IN_BG = 1 ]; then
vdn-start -b $i
else
vdn-start $i
fi
#set +x
n=$((n+1))
set -u
else
echo "Yes"
fi
done
return $n
}
waitSsh() {
for i in $@; do
echo "Waiting ssh on $i..."
local n=0
#set -x
until $VDN_PATH/bin/vdn-ssh root@$i : &> /dev/null; do
if [ $n = 1 ]; then
echo "Waiting ssh on $i..." >&2
n=$(n+1)
fi
sleep 2
done
done
}
requireGuests() {
set +e
startGuests $@
#echo "All guests started !"
[ $? -ne 0 ] && sleep 1
set -e
return 0
}
startAndWaitSsh() {
#echo "startAndWaitSsh :$DISABLE_SCAN"
DISABLE_SCAN=${DISABLE_SCAN:-0}
if [ "$DISABLE_SCAN" != 1 ]; then
requireGuests $@
sleep 1
waitSsh $@
fi
}
requireSshGuests() { # DEPRECATED
startAndWaitSsh $@
}
setHostname() {
echo "setHostname $1"
vdn-ssh root@$1 "
echo $1 > /etc/hostname
hostname -F /etc/hostname
"
}
setFile() {
#echo "setFile $1 $2 (functions-script.sh)"
#set -x
vdn-ssh root@$1 "cat > $2"
#set +x
}
setHosts() {
echo "setHosts $1"
setFile $1 /etc/hosts
}
setInterfaces() {
echo "setInterfaces $1"
setFile $1 /etc/network/interfaces
#vdn-ssh root@$1 "ip route | grep -q default && ip route del default || : ; service networking restart"
#cat /etc/network/interfaces
#ip addr
#ip route
vdn-ssh root@$1 "service networking restart"
#sleep 1
}
setForwarding() {
echo "setForwarding $1"
# cat /proc/sys/net/ipv4/ip_forward
vdn-ssh root@$1 "
sed -i -re 's/#(net.ipv4.ip_forward=1)/\1/g' /etc/sysctl.conf
sysctl -p | grep net.ipv4.ip_forward
"
}
setIpv6WorkAround() {
vdn-ssh root@$1 "
echo setIpv6WorkAround $1
if ! grep -q \"^net.ipv6.conf.all.accept_dad = 0\" /etc/sysctl.conf; then
cat << EOF >> /etc/sysctl.conf
#broken for uml/kvm/qemu, mcast hears itself
net.ipv6.conf.all.accept_dad = 0
net.ipv6.conf.all.dad_transmits = 0
net.ipv6.conf.default.accept_dad = 0
net.ipv6.conf.default.dad_transmits = 0
# and since the interfacs are there before sysctl is run, and the
# all target is an utter linux failure, we have to set it per interface
net.ipv6.conf.lo.accept_dad = 0
net.ipv6.conf.eth0.accept_dad = 0
net.ipv6.conf.eth1.accept_dad = 0
net.ipv6.conf.eth2.accept_dad = 0
net.ipv6.conf.lo.dad_transmits = 0
net.ipv6.conf.eth0.dad_transmits = 0
net.ipv6.conf.eth1.dad_transmits = 0
net.ipv6.conf.eth2.dad_transmits = 0
EOF
sysctl -p &> /dev/null
service networking restart
fi
"
}
pauseRaw() {
echo
echo "*** touche \"Entrée\" pour terminer."
read
}
pause() {
set +u
VDN_GUI=${VDN_GUI:-0}
set +u
#echo "PAUSE:$PAUSE RUN_PARALLEL:$RUN_PARALLEL IN_PARALLEL=$IN_PARALLEL VDN_GUI=$VDN_GUI VDN_SCRIPTS_LEVEL=$VDN_SCRIPTS_LEVEL"
#echo "read..."
#read
#set -x
#echo "$PAUSE = 1 -a $IN_PARALLEL = 0 -a \( $VDN_GUI = 1 -a $VDN_SCRIPTS_LEVEL = 1"
if [ $PAUSE = 1 -a $IN_PARALLEL = 0 -a \( $VDN_GUI = 1 -a $VDN_SCRIPTS_LEVEL = 1 \) ]; then
if [ "$NO_INTERACTIVE" != 1 ]; then
echo
echo "*** touche \"Entrée\" pour terminer."
read
fi
else
#echo VDN_SCRIPTS_LEVEL:$VDN_SCRIPTS_LEVEL
if [ $READ = 1 -a $VDN_SCRIPTS_LEVEL -gt 2 ]; then
#echo "reading"
#echo "VDN_SCRIPTS_LEVEL:$VDN_SCRIPTS_LEVEL"
#echo "sleep infinit disable"
sleep infinity
#while :; do
# read
#done
fi
fi
#set +x
}
#parallelDisablePause() {
#[ $RUN_PARALLEL = 1 ] && PAUSE=0 || :
#}
canRunParallel() {
local r
set +u
[ $RUN_PARALLEL = 1 -a "$DISABLE_PARALLEL" != 1 -a $(echo $@ | wc -w) -gt 1 ] && r=0 || r=1
#[ $RUN_PARALLEL = 1 -a "$DISABLE_PARALLEL" != 1 ] && r=0 || r=1
set -u
return $r
}
runParallel() {
local tmp name
#[ $RUN_PARALLEL = 1 ] && PAUSE=0 || :
export RUN_PARALLEL
#export IN_PARALLEL=1
#export IN_PARALLEL=1
#export PAUSE=0
[ ! -d $HOME/.tmuxinator ] && (umask 077 && mkdir $HOME/.tmuxinator )
tmp=$(mktemp -p $HOME/.tmuxinator vdn-tmuxinator-XXXXXX)
name=$(basename $tmp)
#echo "runParallel: PAUSE:$PAUSE"
#sleep 3
#if [ $VDN_DEBUG = 1 ]; then
#tmuxinator new $name
#else
#
#tmuxinator new $name &> /dev/null
#fi
#echo "NAME is $name"
#echo "WRITE to $tmp.yml"
cat << EOF > $tmp.sh
#!/bin/bash
quit() {
tmuxinator stop $name;
}
trap quit 0
tput reset
echo -e '\n\n\n QUIT : Return / CTRL C'
read
EOF
cat << EOF > $tmp.conf
set -g mouse on
set -g status-bg white
set -g status-fg blue
set -g status-left '#[fg=blue](#S) #(whoami)@#H#[default]'
set -g pane-active-border-fg blue
EOF
cat << EOF > $tmp.yml
name: $name
root: $PWD
tmux_options: -f $tmp.conf
windows:
- terminal:
layout: tiled
panes:
- clear; bash "$tmp.sh"
EOF
chmod 700 $tmp.yml
local i n payload
n=$(($#+1))
#n=$(($#))
payload=0
if [ $(($n % 3)) != 0 ]; then
payload=$(( (($n/3)+1)*3 - $n ))
fi
[ $n = 2 -o $n = 4 ] && payload=0 || :
[ $n = 3 ] && payload=1 || :
#echo "#:$# @:$@"
#echo "N: $n"
#echo "PAYLOAD: $payload"
#sleep 10
#set -x
for i in $@; do
echo " - cd; export NETWORK_DIR=$NETWORK_DIR; export VDN_GUI=1; export READ=$READ; export PAUSE=$PAUSE; export FORCE_SEQUENTIAL=$FORCE_SEQUENTIAL; clear; $VDN_PATH/bin/vdn-scripts $i" >> $tmp.yml
done
for i in $(seq 1 $payload); do
echo " - cd; clear; echo -e \"\n\"' Not used !'; sleep infinity" >> $tmp.yml
done
#set +x
#sleep 10
#echo "Press Return"
#read
if [ $VDN_DEBUG = 1 ]; then
tmuxinator start $name
else
tmuxinator start $name &> /dev/null
fi
# dump
local pane
#for pane in $(tmux list-pane | sed -re 's/^.*(%[0-9]+).*$/\1/'); do
# echo "----------------------------"
# tmux capture-pane -S -100 -p -t $pane
#done
rm $tmp $tmp.yml $tmp.sh $tmp.conf
#[ $VDN_DEBUG = 0 ] && clear
#echo "leave: parallel"
}
fn_exists() {
local r
#set -x
set | grep -q "$1 ()"
r=$?
#set +x
return $r
}
prepareRun() {
#echo "### prepareRun : "
#setErrorHandler
#set | grep test
#echo "SCRIPT:$SCRIPT."
#echo "ARGS:$ARGS."
if [ -n "$ARGS" ]; then
fn_exists $ARGS
else
fn_exists $SCRIPT
fi
local fn=$?
#echo "FN:$fn (0 is true)"
if [ $fn = 0 ]; then
if [ -n "$ARGS" ]; then
$ARGS
else
$SCRIPT $@
fi
exit
fi
#read
# Not a function
# is a script ?
if [ -r $SCRIPT ]; then
#echo "$SCRIPT is a script !"
#echo "ARGS:$ARGS"
if [ -n "$ARGS" ]; then
SCRIPT=$ARGS
$SCRIPT
exit
fi
return 0
fi
echo "$SCRIPT not a script !"
#read
#if [ -n "$ARGS" ]; then
# SCRIPT=$1
# shift
# $SCRIPT $@
# exit
#fi
exit
}
vdnExec() {
local L=""
for i in $@; do
set | egrep -q "^$i \(\)"
fn=$?
#echo "$i => $fn"
[ $fn = 0 ] && i="$SCRIPT:$i"
L="$L $i"
done
vdn-scripts $L
}
vdnExecWithErrors() {
export SHOW_ERRORS=1
vdnExec $@
}
runSequential() {
local i
local r
local lerrors=0
#export IN_PARALLEL=0
#echo "runSeq: $@ PAUSE:$PAUSE"
errors=${errors:-0}
for i in $@; do
#echo
#echo -e "Run : $i [$(echo $i | tr ':' ' ')]"
#echo
SCRIPT=$i
#echo "SCRIPT1:$SCRIPT"
SCRIPT=$(echo $i | tr ':' ' ' | sed -re 's/^ *//' | cut -d ' ' -f 1)
ARGS=$(echo $i | tr ':' ' ' | sed -re 's/^ *//' | gawk ' { print $2 $3 $4 $5 $6 $7 }')
#. $VDN_PATH/bin/functions-scripts.sh
#echo "SCRIPT2:$SCRIPT"
. $SCRIPT
START_DATE=$(date +%s)
set -e
PAUSE=1
#echo "runSeq : $SCRIPT args : $ARGS"
if [ -z "$ARGS" ]; then
run
r=$?
else
$ARGS
r=$?
#echoDone
fi
set +u
#echo "R:$r"
if [ $r = 0 ]; then
success=$((success+1))
else
errors=$((errors+1))
lerrors=$((lerrors+1))
#echo "ERRORS ! : $errors"
#echo "LERRORS ! : $lerrors"
fi
set -u
done
if [ $VDN_SCRIPTS_LEVEL = 1 ]; then
if [ $errors != 0 ]; then
red "Error(s) detected !"
fi
fi
return $errors
}
[ "$VDN_DEBUG" = 1 ] && set -x || :

568
vdn/bin/functions.sh
Unescape View File

@ -0,0 +1,568 @@
#!/usr/bin/env bash
# FOR DEBUG : tmux kill-session -t name
# Options prédéfinies pour ssh lors d'un vdn-ssh.
set +u
[ -z "$USER" ] && export USER=$(id -un)
set -u
set -a
VDN_RESOURCES_ALLOCATOR=${VDN_RESOURCES_ALLOCATOR:-default}
DB_CURRENT_HOST=${DB_CURRENT_USER:-$USER}
DB_CURRENT_HOST=${DB_CURRENT_NETWORK:-}
DB_CURRENT_HOST=${DB_CURRENT_HOST:-}
set +a
#SSH_OPTS="-o NoHostAuthenticationForLocalhost=yes -c aes128-ctr"
SSH_OPTS="-o NoHostAuthenticationForLocalhost=yes"
# Options prédéfinies pour scp lors d'un vdn-scp.
SCP_OPTS="-o NoHostAuthenticationForLocalhost=yes -c aes128-ctr"
# Utilise le mode master de ssh pour la connexion avec les systèmes virtuels.
SSH_GUEST_MASTER=1
#set +u
#[ -z "$PAUSE" ] && export PAUSE=1 || :
#set -u
warning() {
echo -e "\n`basename $0` : warning : $@ !" >&2
}
error() {
echo -e "`basename $0` : error : $@ !" >&2
READ_ON_ERROR=${READ_ON_ERROR:-0}
if [ "$READ_ON_ERROR" = "1" ]; then
echo "Appuyez sur Entrée pour quitter"
read
fi
exit 64
}
request() {
echo
echo -e "$@"
echo
echo -n "Confirmez (O/n) : "
read
if [ -z "$REPLY" -o "$REPLY" = "o" -o "$REPLY" = "O" ]; then
return 0
fi
return 1
}
requestNo() {
echo
echo -e "$@"
echo
echo -n "Confirmez (o/N) : "
read
if [ "$REPLY" = "o" -o "$REPLY" = "O" ]; then
return 0
fi
return 1
}
testInstallDebian() {
local notFound=0
#local bin="lsb_release qemu-system-x86_64 neato bzip2 wget"
local bin="lsb_release bzip2 wget"
for i in $bin; do
if ! whereis $i | grep -q bin; then
echo "Impossible de trouver l'exécutable : $i !"
notFound=1
fi
done
if [ $notFound = 1 ]; then
request "Programme(s) manquant(s) !\nL'administrateur doit préparer le système via la commande :\nvdn-prepare-debian\nAbandonner le démarrage de VDN ?"
if [ $? -eq 0 ]; then
exit 1
fi
fi
}
computeHostRelease() {
set +u
[ -n "$HOST_RELEASE" ] && return || :
set -u
if [ -e /usr/lib/os-release ]; then
ID=$(cat /usr/lib/os-release | grep '^ID=' | cut -d '=' -f 2)
if [ -z "$ID" ]; then
ID="empty"
fi
VERSION_CODENAME=$(cat /usr/lib/os-release | grep '^VERSION_CODENAME=' | cut -d '=' -f 2)
if [ -z "$VERSION_CODENAME" ]; then
VERSION_CODENAME="empty"
fi
export HOST_RELEASE="$ID/$VERSION_CODENAME"
else
export HOST_RELEASE="empty/empty"
fi
}
# Fixe GUEST_PATH, GUEST_CONF et GUEST_SAVE
# $1 : GUEST_NAME
setGuestVars() {
set -a
MODE=tgz
GUEST_OWNER=$USER
GUEST_NAME=$1
GUEST_PATH="$NETWORK_DIR"
GUEST_CONF="$GUEST_PATH/$1.conf"
#if [ ! -e "$GUEST_CONF" ]; then
# error "WARNING : Le système $(basename $NETWORK_DIR)/$1 n'existe pas !"
#fi
##NETWORK="$(basename $NETWORK_DIR)"
#IDENT=""
#IDENT=$(grep '^IDENT=[0-9]' $GUEST_CONF | \
# sed -re 's/^.*IDENT=([0-9]+).*/\1/')
#[ -z "$IDENT" ] && error "IDENT n'est pas fixé dans $GUEST_CONF" || :
SSH_IDENTITY="$HOME/.ssh/id_dsa.pub $HOME/.ssh/id_rsa.pub"
SWAP_FILE="$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-swap"
# fichier utilisé pour la partition de l'union.
# si fixée à "" alors un tmpfs est utilisé
AUFS_FILE="$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-part"
OUT_FILE="$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-out"
ALIVE_FILE=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER.alive
EXCLUDE_SERVICES=""
KVM_NETWORKS_OPTS=""
KVM_DISKS_OPTS=""
KVM_OPTS=""
KVM_CMD=""
NET_MODEL=${NET_MODEL:-ne2k_pci}
set +u
[ -n "$EXPR" -a "$EXPR" != '[]' ] && {
eval "$EXPR"
}
set -u
set +a
}
loadGuestVars() {
setGuestVars $1
computeNetworks
. $VDN_PATH/config.template
[ -e $VDN_PATH/config.template.local ] && . $VDN_PATH/config.template.local || :
. $GUEST_CONF
set -a
set +u
[ -n "$EXPR" -a "$EXPR" != '[]' ] && {
eval "$EXPR"
}
set -u
set +a
case "$MODE" in
tgz|tgz2)
SAVE_FILE="$SAVE_DIR/$GUEST_NAME.tgz"
;;
overlay)
#SAVE_FILE="$SAVE_DIR/$GUEST_NAME.tgz"
SAVE_FILE="$SAVE_DIR/$GUEST_NAME.overlay"
;;
*)
SAVE_FILE="$SAVE_DIR/$GUEST_NAME.cow"
;;
esac
[ ! -d "$(dirname $SAVE_FILE)" ] && mkdir -p "$(dirname $SAVE_FILE)" || :
}
# retourne 0 (vrai) si le système existe
isDefined() {
GUEST_PATH="$NETWORK_DIR"
GUEST_CONF="$GUEST_PATH/$1.conf"
test -e "$GUEST_CONF"
return $?
}
resizeMultipleOf512() {
local s=$(stat -c %s $1)
local n=$(( (($s/512)+($s%512!=0)*1)*512 ))
#echo "s=$s, n=$n"
truncate -s $n $1
}
debugNet1() {
set +u
[ -z "$DEBUG_NET" ] && export DEBUG_NET="false"
set -u
echo "debugNet1 host:$KHOST K:$K K_HIGH:$K_HIGH K_LOW:$K_LOW U:$U U1:$U_LOW U2:$U_HIGH" >&2
}
computeNetworksOld() {
local K U i
set +u
ident=$1
set -u
[ -z "$ident" ] && ident=$IDENT || :
# Configuration des réseaux (brins Ethernet, adresse IP et adresses MAC)
# Ce fichier est lu avant la lecture du fichier de configuration d'un
# système et est utilisé pour définir les réseaux (virtuels).
# Lorsque ce fichier est lu, la variable IDENT contenant
# l'identificateur du système à démarrer est fixée.
# ###
# 1. Calcule les adresses "multicast" des brins Ethernet virtuels.
# ###
# Détermine la clé propre à chaque utilisateur.
# Remarque : conflit si même poids faible de l'UID.
U=$(($(id -u)%512))
# !!!
#[ "$USER" = gudavala ] && U=511
U_LOW=$(($U%256))
U_HIGH=$(($U/256))
# Détermine la clé K propre à la machine hôte (poids faible de l'IP)
#K=`/sbin/ifconfig eth0 | grep Bcast | head -n 1 | cut -d ':' -f 2 | \
# cut -d ' ' -f 1 | cut -d '.' -f 4`A
IP_LINE=$(ip addr | grep '192\.168' | head -n 1)
#IP_LINE=$(echo " inet 192.168.1.37/24 brd 192.168.1.255 scope global dynamic eth0" | grep '192\.168' | head -n 1)
K=$(echo $IP_LINE | sed -re 's/.*192\.168\.([0-9]+)\.([0-9]+)\/.*$/\1 \2/')
#IP_LINE=$(echo " inet 192.168.1.37/24 brd 192.168.1.255 scope global dynamic eth0" | grep '192\.168' | head -n 1)
K=$(echo $IP_LINE | sed -re 's/.*192\.168\.([0-9]+)\.([0-9]+)\/.*$/\1 \2/')
[ -z "$K" ] && {
echo "Warning : can't find network host uniq number ! use "1" !"
K=1
}
#KK=""
#if [ -e $NETWORK_DIR/hosts.txt ]; then
# local h=$(hostname)
# h=$(echo $h | sed -re 's/iutclinf(.*)l/\1/')
# KK=$(cat $NETWORK_DIR/hosts.txt | grep -n $h | cut -d ':' -f 1)
# [ -n "$k2" ] && K=$K_LOW
#fi
#echo "KEY:$K K_LOW=$KK"
K_HIGH=$(echo $K | cut -d ' ' -f 1)
K_LOW=$(echo $K | cut -d ' ' -f 2)
KHOST=$K_LOW
[ "$K_HIGH" = "128" ] && KHOST=$((512+$K_LOW))
[ $K_HIGH = 128 ] && K_HIGH=1 || K_HIGH=0
#K_HIGH=$(($K_HIGH%16))
K_LOW=$(($K_LOW%256))
set +u
#[ "$USER" = "gudavala" ] && [ -z "$VDN_FIRST" ] && debugNet1
set -u
set -a
# Brin Ethernet PARTAGÉ par TOUS les systèmes de TOUS les utilisateurs.
# [Internet virtuel]
NET_G="239.2.0.0:1999"
# Brins privés à une machine hôte
for i in `seq 0 64`; do
eval NET_$i="234.$K_HIGH.$K_LOW.$U_LOW:$((2000+$U*16+$i))"
done
# ###
# 2. Calcule l'adresse IP "réservée" sur le brin PARTAGÉ
# ###
###PUBLIC_IP="$((20+$K_HIGH+U_HIGH*2)).$K_LOW.$U_LOW.$ident"
#set -x
PUBLIC_IP=$(vdn-query PUBLIC_IP 0 $GUEST_NAME.$NETWORK_NAME)
#set +x
# ###
# 3. Calcule les adresses MAC des cartes Ethernet
# ###
U_LOW=`printf "%02X" $U_LOW`
V=$((54+$K_HIGH+$U_HIGH*2))
V=$(printf "%02d" $V)
K_HIGH=`printf "%02X" $K_HIGH`
K_LOW=`printf "%02X" $K_LOW`
F_IDENT=$(printf "%02d" $ident)
MAC_0=52:$V:$K_LOW:$U_LOW:$F_IDENT:00
MAC_1=52:$V:$K_LOW:$U_LOW:$F_IDENT:01
MAC_2=52:$V:$K_LOW:$U_LOW:$F_IDENT:02
MAC_3=52:$V:$K_LOW:$U_LOW:$F_IDENT:03
MAC_4=52:$V:$K_LOW:$U_LOW:$F_IDENT:04
MAC_5=52:$V:$K_LOW:$U_LOW:$F_IDENT:05
MAC_6=52:$V:$K_LOW:$U_LOW:$F_IDENT:06
MAC_7=52:$V:$K_LOW:$U_LOW:$F_IDENT:07
set +a
}
computeNetworks() {
set -a
# NET_G ?
# NET_ ?
#PUBLIC_IP=$(vdn-query PUBLIC_IP 0 $GUEST_NAME.$NETWORK_NAME)
# MAC_ ?
}
# "Calcule" le port utilisé pour une redirection (interface pour la connexion
# avec l'hôte).
# En unique argument, le port de la machine virtuelle à rediriger vers un port
# local. En sortie, affichage du port "théorique" pour la redirection.
# En pratique le premier port libre égal ou supérieur au port "théorique" sera
# utilisé.
vdn_redirOld() {
echo $((5000+100*$IDENT+$1))
}
getIpNotUsed() {
name=$1
eth=$2
#vdn-infos $name >&2
local nets=$(vdn-infos $name | grep '^NETWORKS=' | sed -re 's/^NETWORKS=//')
local ip=$(echo $nets | cut -d ' ' -f $((eth+1)) | cut -d '#' -f 2 | sed -re 's/^[^0-9]*([0-9.]+).*$/\1/')
echo $ip
}
# Vérifie l'unicité des identificateurs des systèmes du réseau courant.
verifIdentOld() {
local i=0
local configs="`find $NETWORK_DIR -follow -type f -name \"*.conf\" 2> /dev/null`"
[ -n "$configs" ] || return 0
l=$(grep -E '^[[:space:]]*IDENT=[0-9]+' $configs | \
sed -re 's,^.*/([^/]*)/config:[[:space:]]*IDENT=([0-9]+).*$,\1:\2,' | sort -n -t : -k 2)
local t
for i in $l; do
name=$(echo $i | cut -d ':' -f 1)
ident=$(echo $i | cut -d ':' -f 2)
set +u
t[$ident]="${t[$ident]},$name"
set -u
done
local found=0
for i in ${t[*]}; do
l=$(echo $i | sed -re 's/^,//')
if echo $l | grep -q ','; then
n=$(echo $l | cut -d ',' -f 1)
ident=$(vdn-config $n IDENT)
echo "Erreur : l'identificateur $ident est partagé par $l !"
found=1
fi
done
return $found
}
# Démarre un ssh pour un système virtuel en mode "master"
sshGuestControlMaster() {
Login=${LOGIN}localhost
# wait lock
local n=0
local lock=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-ssh-lock
while ! mkdir $lock 2> /dev/null; do
sleep 0.5
# Securité
n=$(($n+1))
if [ $n -gt 5 ]; then
rmdir $lock 2> /dev/null || :
fi
done
sleep 0.1
#echo "Locked"
#echo "Login:$Login" >&2
#ps auwx > /tmp/p
#ps auwx | grep -v grep | grep $Login | grep -q -- "-N -M" > /tmp/o || :
local sign="$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-guest"
test="ps auwx | grep -v grep | grep $Login | grep $sign"
#[ $GUEST_OWNER = gudavala ] && echo "test:$test"
if ! ps auwx | grep -v grep | grep $Login | grep $sign | grep -q -- "-N -M"; then
rmdir $lock 2> /dev/null || :
#[ $GUEST_OWNER = gudavala ] && echo "Master... $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-guest"
ssh -g $Login $SSH_OPTS $@ -o ServerAliveInterval=5 -p $SSH_REDIR_PORT -X -f -n -N -M -S $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-guest-%r@%h:%p &> /dev/null
else
rmdir $lock 2> /dev/null || :
fi
}
findUnusedPort() {
# $1 : proto
# $2 : port
local proto port dst hex proc
proto=$1
port=$2
hex=`printf "%04X" $port`
proc="/proc/net/$proto"
while cat $proc | cut -d : -f2- | cut -d ' ' -f2,3 | grep -q ":$hex"; do
#echo "$proto port $port (for $dst) is used ! find next !" >&2
port=$(($port+1))
hex=`printf "%04X" $port `
done
echo $port
}
setEnv() {
set +u
local save="$NETWORK_DIR"
set -u
set -a
. $VDN_PATH/config.rc # ! set NETWORK_DIR
[ -e $VDN_PATH/config.rc.local ] && . $VDN_PATH/config.rc.local || :
# NETWORK_DIR priority
if [ -n "$save" ]; then
NETWORK_DIR=$save
fi
set +a
set +u
[ -z "$EDITOR" ] && export EDITOR="vi"
set -u
export HOST_RELEASE
export VDN_WS_PROXY_SOCKET=$TMPDIR/vdn-$USER-ws-sock
}
vdn_init() {
export VDN_NETWORKS_BASE_DIR=${VDN_NETWORKS_BASE_DIR:-$VDN_PATH/networks}
set +u
CURRENT_NETWORK_DIR="$NETWORK_DIR" # var. d'env. prioritaire
NETWORK_NAME=""
[ -n "$CURRENT_NETWORK_DIR" ] && NETWORK_NAME=$(basename $CURRENT_NETWORK_DIR)
#[ -z "$NETWORK_NAME" ] && error "NETWORK_NAME empty !"
set -u
PATH="$PATH:$VDN_PATH/bin"
setEnv
set -a
[ ! -e "$TMPDIR" ] && (umask 077 && mkdir -p "$TMPDIR" )
[ -n "$CURRENT_NETWORK_DIR" ] && NETWORK_DIR="$CURRENT_NETWORK_DIR"
set +u
if [ -n "$NETWORK_DIR" ]; then
if [ ! -d "$NETWORK_DIR" ]; then
#echo "Le réseau $NETWORK_DIR n'existe pas !" >&2 || :
NETWORK_DIR=""
SAVE_DIR=""
#exit 1
fi
if [ "$NETWORK_DIR" != "" ]; then
. $NETWORK_DIR/network.vdn
SAVE_DIR="$SAVE_PATH/$(basename $NETWORK_DIR)"
fi
else
SAVE_DIR=""
fi
set -u
set +a
set +u
[ -z "$VDN_DEBUG" ] && export VDN_DEBUG=0 || :
set -u
}
sendToGui() {
local pid=$(ps auwx | grep 'ruby' | grep 'vdn-gui' | tr -s " " | cut -d ' ' -f 2)
if [ -n "$pid" ]; then
#echo "SENDTOGUI ($TMPDIR/vdn-gui-$USER-fifo-ctrl) : $@"
echo "$@" > $TMPDIR/vdn-gui-$USER-fifo-ctrl
fi
}
# main
set +u
[ -z "$VDN_PATH" ] && export VDN_PATH=$(readlink -f $(dirname $0)/..) || :
! echo "$PATH" | grep -q $VDN_PATH && export PATH="$VDN_PATH/bin:$PATH"
set -u
computeHostRelease
setEnv
vdn_init

89
vdn/bin/sae203-init
Unescape View File

@ -0,0 +1,89 @@
#!/bin/bash
# Mot de passe par défaut
export SSHPASS='iut*'
pass=''
# Demande et affiche un mot de passe
getPassword() {
local pass1 pass2
local cont=1
while [ $cont = 1 ];do
echo -n "Mot de passe : " >&2
# -s : lecture sans affichage
read -s pass1
echo >&2
echo -n "Retapez le mot de passe : " >&2
read -s pass2
echo >&2
if [ -n "$pass1" -a "$pass1" = "$pass2" ]; then
cont=0
else
if [ "$pass1" != "$pass2" ]; then
echo "Les mots de passe ne correspondent pas." >&2
else
echo "Un mot de passe vide n'est pas valide !" >&2
fi
fi
done
echo "$pass1"
}
# main
if [ ! -r ~/.ssh/id_rsa.pub ]; then
echo "~/.ssh/id_rsa.pub manquant !" >&2
exit 1
fi
if [ -z "$pass" ]; then
echo "Entrez un mot de passe pour les utilisateurs root et test"
echo "N'oubliez pas ce mot de passe sous peine de tout perdre !"
echo "ATTENTION : Les caractères ', \" et tabulation ne sont pas autorisés ! :"
pass=$(getPassword)
fi
# Copie de la clé ssh publique dans ~root/.ssh/authorized_keys
# de la machine virtuelle
sshpass -e ~vdn/vdn/bin/vdn-ssh-copy-id -i ~/.ssh/id_rsa.pub root@debian-1 &> /dev/null
# idem pour l'utilisateur test
sshpass -e ~vdn/vdn/bin/vdn-ssh-copy-id -i ~/.ssh/id_rsa.pub test@debian-1 &> /dev/null
vdn-ssh root@debian-1 'echo "root:'$pass'" | chpasswd'
vdn-ssh root@debian-1 'echo "test:'$pass'" | chpasswd'
# Vérification
SSHPASS="$pass"
if ! sshpass -e vdn-ssh -n -o PubkeyAuthentication=no root@debian-1 ':'; then
echo "Echec !" >&2
fi
exit 0
# Copie de la clé ssh publique dans ~test/.ssh/authorized_keys
# de la machine virtuelle
vdn-ssh-copy -i ~/.ssh/id_rsa.pub test@debian-1
# Choix d'un nouveau mot de passe pour le compte root
echo "Entrez un nouveau mot

483
vdn/bin/vdn
Unescape View File

@ -0,0 +1,483 @@
#!/usr/bin/env bash
#set -x
MULTIPLE=1
RUN_SINGULARITY=0
export VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
FIRST_REQUEST=1
ACCEPT_CHROOT=0
USE_SUDO=0
NO_HOST_KVM_TEST=0
FORCE_CHROOT=0 # for test
TEST_ONLY=0 # test host and quit.
NETWORK=""
set +u
[ -z "$RUN_IN_CHROOT" ] && RUN_IN_CHROOT=0 || :
set -u
export RUN_IN_CHROOT
set -a
NO_MOZ=0
set +a
quit() {
echo "quit..."
#sendToGui "gui"
#sleep 1
pid=$(ps auwx | grep 'ruby' | grep 'vdn-gui' | tr -s " " | cut -d ' ' -f 2)
if [ -n "$pid" ]; then
echo "kill : $pid" >&2
kill $pid
sleep 1
fi
echo
}
synopsis() {
cat << EOF
Usage : $(basename $0) [-h] [-v]
EOF
}
help() {
cat << EOF
$(basename $0) démarre l'interface graphique de Vdn.
$(synopsis)
-h : affiche cette aide.
-v : affiche la version.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "cdfhsmntv" opt; do
case $opt in
h) help; exit 0;;
v) cat $VDN_PATH/release; exit 0;;
c) ACCEPT_CHROOT=1;;
d) export VDN_DEBUG=1; vdn-set-var VDN_DEBUG 1; set -x;;
m) MULTIPLE=1;;
n) NO_HOST_KVM_TEST=1;;
s) USE_SUDO=1;;
f) FORCE_CHROOT=1;;
t) TEST_ONLY=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -eq 1 ] && NETWORK="$1"
}
request() {
if [ $FIRST_REQUEST = 1 ]; then
FIRST_REQUEST=0
request "Une ou plusieurs questions vont vous être posées. Sauf bonne raison, acceptez\nles choix par défaut en appuyant sur \"Entrée\"."
if [ $? -ne 0 ]; then
echo "Bye !"
exit 0
fi
fi
echo
echo -e "$@"
echo
echo -n "Confirmez (O/n) : "
read
if [ -z "$REPLY" -o "$REPLY" = "o" -o "$REPLY" = "O" ]; then
return 0
fi
return 1
}
testHost() {
if [ "$(uname -m)" != "x86_64" ]; then
echo "Désolé, cette version de VDN ne fonctionne que sur architecture x86_64 !" >&2
exit 1
fi
#if [ "$DISPLAY" = "" ]; then
# echo "Désolé, cette version de VDN nécessite un serveur graphique compatible X11 !" >&2
# exit 1
#fi
if [ $NO_HOST_KVM_TEST = 0 ]; then
grep -Eq '(vmx|svm)' /proc/cpuinfo
virtproc=$?
[ -w /dev/kvm ]
kvmwrite=$?
lsmod | grep -q 'kvm_'
kvmproc=$?
lsmod | grep -q 'kvm[^_]'
kvm=0
if [ $virtproc -ne 0 ]; then
echo "Votre processeur ne dispose pas d'instructions de virtualisation :-( !"
#else
# echo "Votre processeur dispose d'instructions de virtualisation ;-)"
fi
if [ $virtproc -eq 0 -a $kvmwrite -ne 0 ]; then
echo
echo "Votre processeur dispose d'instructions de virtualisation."
echo "Cependant vous ne pouvez pas les utiliser :-( !"
echo
if [ -e /dev/kvm ]; then
msg=" Vous n'avez pas les droits de lecture/écriture sur /dev/kvm !\n L'administrateur (root) doit, au choix, effectuer les actions suivantes :\n 1. chmod 666 /dev/kvm.\n 2. Vous ajouter au groupe $(stat -c %G /dev/kvm) (commande \"addgroup $USER $(stat -c %G /dev/kvm)\" par exemple).\n\n Si la deuxième solution est choisie, vous devrez vous déconnecter de votre\n session graphique et vous reconnecter ou, plus simplement, ouvrir un nouveau\n shell de connexion via par exemple la commande \"su - $USER\"."
elif lsmod | grep -q kvm; then
msg=" Les instructions de virtualisation de votre processeur ne sont pas activées dans votre BIOS/UEFI.\n
Redémarrez et configurez le BIOS/UEFI pour bénéficier de la virtualisation."
else
proc="intel"
if cat /proc/cpuinfo | grep -i -q amd; then
proc="amd"
fi
msg=" Le module noyau \"kvm-$proc\" n'est pas chargé !\n L'administrateur du système doit exécuter : modprobe kvm-$proc ."
fi
echo "Il semblerait que la raison soit :"
echo -e "$msg"
echo
request "Continuer en mode \"sans instructions de virtualisation\" ?"
[ $? -ne 0 ] && exit 1
fi
fi
}
runInChrootOld() {
#[ $RUN_IN_CHROOT = 1 ] && good=1 || :
if [ $ACCEPT_CHROOT = 0 ]; then
if [ $good = 0 -o \( $FORCE_CHROOT = 1 -a $RUN_IN_CHROOT = 0 \) ]; then
request "Le sytème hôte n'est pas une Debian 10 (buster).\nBasculer dans un environnement chroot ? (accès root nécessaire)"
[ $? -ne 0 ] && exit 0
fi
fi
if [ $good = 0 -o \( $FORCE_CHROOT = 1 -a $RUN_IN_CHROOT = 0 \) ]; then
RUN_IN_CHROOT=1
export VDN_DISK_ENV="DebianBuster-amd64-env.disk"
export VDN_DISK_NAME="DebianBuster-amd64.disk"
[ ! -e $VDN_PATH/files/$VDN_DISK_ENV ] && VDN_DISK_ENV=$VDN_DISK_NAME || :
DISK=$VDN_PATH/files/$VDN_DISK_ENV
DISK_SIZE=0
if [ -e $DISK ]; then
DISK_SIZE=$(ls -l $DISK | tr -s ' ' | cut -d ' ' -f 5)
fi
if [ $DISK_SIZE -lt $REMOTE_DISK_SIZE ]; then
request "Télécharger du disque virtuel de VDN (6 Go) ?"
[ $? -ne 0 ] && exit 0
local notFound=0
local bin="bzip2 wget"
for i in $bin; do
if ! whereis $i | grep -q bin; then
echo "Impossible de trouver l'exécutable : $i !"
notFound=1
fi
done
if [ $notFound = 1 ]; then
error "Programme(s) manquant(s) !\nL'administrateur doit installer ces programmes !"
fi
vdn-download-disks -t DebianBuster-amd64.disk.gz
fi
echo
echo "Running in chroot."
if [ $USE_SUDO = 1 ]; then
vdn-mount-chroot -s
else
vdn-mount-chroot
fi
exit $?
fi
}
runInChrootIfNecessary() {
local good=0
# chroot ?
if [ -e /etc/debian_version ]; then
if grep -q '^10\.' /etc/debian_version ; then
good=1
fi
fi
[ $RUN_IN_CHROOT = 1 ] && good=1 || :
#runInChrootOld
# Not in chroot
}
runWithSingularityIfNecessary() {
local good=0
# chroot ?
if [ -e /etc/debian_version ]; then
if grep -q '^10\.' /etc/debian_version ; then
good=1
fi
fi
if [ $good = 0 ]; then
RUN_SINGULARITY=1
fi
}
updateVdnrc() {
if [ -e ~/.vdnrc ]; then
request "Lors d'un changement de version de VDN, il est conseillé de mettre à jour\nle fichier ~/.vdnrc (la version courante sera enregistrée sous ~/.vdnrc.old).\nVoulez-vous mettre à jour ~/.vdnrc ?"
if [ $? -eq 0 ]; then
mv ~/.vdnrc ~/.vdnrc.old
fi
fi
}
pathWarning() {
echo
echo "*******************************************************************************"
echo "Le chemin de l'exécutable de VDN sera connu uniquement des NOUVEAUX shells !"
echo "*******************************************************************************"
}
### main
export VDN_DEBUG=0; vdn-set-var VDN_DEBUG 0
args "$@"
if [ -n "$NETWORK" -a "$NETWORK" = "stop" ]; then
quit
exit 0
fi
if [ -n "$NETWORK" ]; then
if [ ! -d $NETWORK ]; then
if [ -d $NETWORK_DIR/../$NETWORK ]; then
NETWORK=$(readlink -f $NETWORK_DIR/../$NETWORK)
fi
fi
if [ ! -d $NETWORK ]; then
error "Can' find network $NETWORK !"
fi
# set and reload
vdn-set-var NETWORK_DIR "$NETWORK"
export NETWORK_DIR="$NETWORK"
. $VDN_PATH/bin/functions.sh
fi
#for i in 1 2 3 4 5; do
# if ! ps auwx | grep -v grep | grep -q 'ruby.*vdn-gui' ; then
# break
# fi
# sleep 0.1
#done
if [ $MULTIPLE = 0 ]; then
if ps auwx | grep -v grep | grep -q 'ruby.*vdn-gui' ; then
error "Une instance de l'interface graphique de VDN est déjà active"
fi
else
#echo "Multiple..."
if ps auwx | grep -v grep | grep -q 'ruby.*vdn-gui' ; then
export NETWORK_DIR=""
vdn-set-var NETWORK_DIR ""
fi
fi
#clear
#if ! /sbin/route -n | grep -q '0.0.0.0' ; then
#/sbin/ip route
if ! /sbin/ip route | grep -q default; then
cat << EOF >&2
Pas de route par défaut !
Si le système hôte ne dispose pas d'interface réseau, vous pouvez
autoriser la diffusion sur l'interface lo (loopback) via les commandes
(il faut être root) :
Avec ifconfig :
ifconfig lo multicast
route add default gw 127.0.0.1
avec ip :
ip link set dev lo multicast on
ip route add default via 127.0.0.1
EOF
error "Pas de route par défaut ! Voir ci-dessus ou consultez la FAQ !"
fi
testHost # chroot if necessary
runInChrootIfNecessary
# Not in chroot
# download extras
#if [ -e $VDN_PATH/distribs/hosts/$HOST_RELEASE/download-extras.sh ]; then
# . $VDN_PATH/distribs/hosts/$HOST_RELEASE/download-extras.sh
# if ! testDownloadExtras; then
# downloadExtras
# fi
#fi
testInstallDebian
testVersionOld() {
while :; do
version="$VDN_PATH"
current=$(cat ~/.bashrc |sed -nre 's/^[^#]*PATH.*:([^:]*vdn[^:]*)\/bin.*$/\1/p')
[ "$current" = "$version" ] && break;
# La version courante diffère de la version lancée
if [ -n "$current" ] && [ "$version" != "$current" ]; then
request "Votre fichier ~/.bashrc définit la version $current comme étant la version à utiliser. Cependant vous exécutez $version.\nVotre fichier ~/.bashrc doit être adapté !\nVoulez-vous que ce programme l'adapte pour vous ?"
if [ $? -ne 0 ]; then
echo "Adaptez votre fichier ~/.bashrc puis relancez $0.";
exit 1;
else
cp ~/.bashrc ~/.bashrc.vdn.old
echo "Ancien fichier ~/.bashrc copié sous ~/.bashrc.vdn.old"
cat ~/.bashrc |sed -re 's,[^:]*'$current','$VDN_PATH',g'> \
~/.bashrc-vdn
mv ~/.bashrc-vdn ~/.bashrc
echo
pathWarning
updateVdnrc
fi
elif [ -z "$current" ]; then
line="PATH=\"\$PATH:$VDN_PATH/bin\""
request "Votre fichier ~/.bashrc ne définit pas le chemin des exécutables de $version.\nLa ligne suivante doit être ajoutée :\n$line\nVoulez vous que ce programme adapte votre fichier ~/.bashrc pour vous ?"
if [ $? -eq 0 ]; then
echo "Adaptation de ~/.bashrc"
echo "PATH=\"\$PATH:$VDN_PATH/bin\"" >> ~/.bashrc
pathWarning
updateVdnrc
else
break
fi
# echo "Ajoutez une ligne PATH=\"\$PATH:$VDN_PATH/bin\" à votre fichier ~/.bashrc puis relancez $0."
# exit 1;
fi
done
if [ ! -e ~/.ssh/id_dsa.pub -a ! -e ~/.ssh/id_rsa.pub ]; then
request "Vous ne disposez pas d'un couple de clé SSH RSA nécessaire au fonctionnement de Vdn.\nVoulez vous que ce programme vous génère un couple de clé RSA ?"
if [ $? -eq 0 ]; then
echo
echo "Create ssh keys..."
ssh-keygen -q -N '' -f ~/.ssh/id_rsa -t rsa
else
echo "Exécutez la commde ci-dessous pour générer un couple de
clé SSH RSA puis relancez $0 :"
echo "ssh-keygen -q -N '' -f ~/.ssh/id_rsa -t rsa"
exit 1
fi
set +x
fi
}
export VDN_RELEASE="$(cat $VDN_PATH/release)"
export PATH="$VDN_PATH/bin:$PATH"
[ $TEST_ONLY = 1 ] && exit 0 || :
setEnv
rm -f $HOME/.tmuxinator/vdn-tmuxinator*
trap 'quit' SIGINT
if [ ! -e /usr/bin/tmuxinator ]; then
$VDN_PATH/bin/vdn-set-var RUN_PARALLEL 0
echo "/usr/bin/tmuxinator not found ! RUN_PARALLEL disable..." >&2
sleep 1
fi
rm -f $TMPDIR/vdn-$USER-gui-log
mkfifo $TMPDIR/vdn-$USER-gui-log
chmod 600 $TMPDIR/vdn-$USER-gui-log
export GUI=1
export VDN_GUI=1
export LANG=fr_FR.UTF-8
$VDN_PATH/bin/vdn-gui.rb 2>&1 # | tee $TMPDIR/vdn-$USER-gui-log
#$VDN_PATH/bin/vdn-gui.rb #2>&1 > $TMPDIR/vdn-$USER-gui-log &
#echo

65
vdn/bin/vdn-alive
Unescape View File

@ -0,0 +1,65 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` retourne 0 si le système est en fonctionnement, 1 sinon.
`synopsis`
-h : affiche cette aide.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
alive() {
local r
set +e
#ps u | grep -E $GUEST_NAME[-]$USER-pid
#ps auwx | grep qemu
#ps -w -w -u $USER -eo cmd | grep -Eq $GUEST_NAME[-]$USER-pid
ps -w -w -eo user:14,cmd | grep $USER | grep -Eq $GUEST_NAME[-]$USER-pid
r=$?
set -e
return $r
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
alive

50
vdn/bin/vdn-alives
Unescape View File

@ -0,0 +1,50 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` affiche la liste des systèmes en fonctionnement.
`synopsis`
-h : affiche cette aide.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
#ps u | grep 'bash.*[/]vdn-start ' | grep -v linux | sed -re 's/^.* ([^[:space:]]+)$/\1/' | sort | uniq
#ps -u root -eo cmd | grep 'bash.*[/]vdn-start ' | sed -re 's/^.* ([^[:space:]]+)$/\1/' | sort | uniq
ps -eo user:14,cmd | grep ^$USER | grep 'bash.*[/]vdn-start ' | sed -re 's/^.* ([^[:space:]]+)$/\1/' | sort | uniq
#ps auwx | grep 'name[= ].*user[ =]'$USER' ' | grep -v sed | grep -v grep | sed -re 's/^.*[ -]name[= ]([^[:space:]]+).*$/\1/' | sort | uniq

92
vdn/bin/vdn-build
Unescape View File

@ -0,0 +1,92 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : $(basename $0) [-h] system
EOF
}
help() {
cat << EOF
$(basename $0) initialise le fichier de configuration d'un système.
$(synopsis)
Le fichier de configuration du système est créé à partir du
modèle (config.template) du répertoire du réseau ou, à défaut,
du modèle config.template du répertoire de Vdn.
Pour modifier des variables du fichier de configuration consultez
la commande vdn-config. Le script build du répertoire d'un réseau
utilise $(basename $0).
Voir aussi les fichier build des répertoire des réseaux pour des
exemples de configurations.
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo "$GUEST_NAME" | grep -q '[[:space:]]'; then
error "$GUEST_NAME est un nom de système invalide"
fi
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
setIdentOld() {
tmp=$(mktemp)
cat $GUEST_CONF | sed -re 's/^IDENT=.*$/IDENT='$1'/' \
> $tmp
mv $tmp $GUEST_CONF 2> /dev/null
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
#isDefined $GUEST_NAME && error "$GUEST_PATH existe déjà"
GUEST_PATH="$NETWORK_DIR"
GUEST_CONF="$GUEST_PATH/$1.conf"
#IDENT=256
#computeNetworks
config=$NETWORK_DIR/config.template
[ ! -e $config ] && config=$VDN_PATH/config.template
echo "Build $GUEST_NAME..." >&2
cp $config $GUEST_CONF
#ident=$(vdn-find-ident)
#setIdent $ident

58
vdn/bin/vdn-build-db
Unescape View File

@ -0,0 +1,58 @@
#!/bin/bash
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` reconstruit la base de données de l'allocateur de ressources.
`synopsis`
A faire à chaque changement de la liste des utilisateurs,
ou chaque ajout/suppression d'un réseau ou d'un hôte dans un réseau.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hqs" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# main
args "$@"
dir=$VDN_PATH/allocators/db-$VDN_RESOURCES_ALLOCATOR
[ ! -d $dir ] && mkdir -p $dir
ls $(dirname $HOME) > $dir/users
( cd $VDN_NETWORKS_BASE_DIR; find . -maxdepth 1 -type d | grep -v '^\.$' | cut -d '/' -f 2 | grep -v '\/') > $dir/networks
rm -f $dir/hosts.global
for i in $(cat $dir/networks) ; do
for j in $(cd $VDN_NETWORKS_BASE_DIR/$i; find . -maxdepth 1 -type f -name '*.conf' | sed -re 's/^..(.*).conf$/\1/' ); do
egrep -q '^NETWORKS=.*(NET_G|NET_0)' $VDN_NETWORKS_BASE_DIR/$i/$j.conf && echo $i:$j >> $dir/hosts.global
echo $i:$j
done
done > $dir/hosts

116
vdn/bin/vdn-build-network
Unescape View File

@ -0,0 +1,116 @@
#!/usr/bin/env bash
#set -x
EDIT=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-e] [networkDir...]
EOF
}
help() {
cat << EOF
`basename $0` construit le réseau.
`synopsis`
-h : affiche cette aide.
-e : propose l'édition du script avant la reconstruction
(la reconstruction n'est faite que si modifications il y a)
Cette commande, après avoir fixé quelques variables, appelle
le script build du réseau.
Si networkDir n'est pas précisé, le réseau défini par la
variable NETWORK_DIR est (re)créé.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "he" opt; do
case $opt in
h) help; exit 0;;
e) EDIT=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
NETS=$@
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
if [ -z "$NETS" ]; then
NETS=$NETWORK_DIR
fi
if [ -z "$NETS" ]; then
error "NETWORK_DIR not set !"
fi
for i in $NETS; do
if [ -d $i ]; then
NETWORK_DIR=$i
elif [ -d $VDN_NETWORKS_BASE_DIR/$i ]; then
NETWORK_DIR=$VDN_NETWORKS_BASE_DIR/$i
else
error "Network : $i not found !"
fi
echo
echo "Build : $NETWORK_DIR"
[ ! -r $NETWORK_DIR/build ] && error "$NETWORK_DIR/build script not found !"
if [ $EDIT = 1 ]; then
if [ -w $NETWORK_DIR/build ]; then
cp $NETWORK_DIR/build $NETWORK_DIR/.build.save
$EDITOR $NETWORK_DIR/build
if diff -q $NETWORK_DIR/build $NETWORK_DIR/.build.save > /dev/null; then
rm $NETWORK_DIR/.build.save
echo "No modification !"
exit
fi
rm $NETWORK_DIR/.build.save
else
echo "En lecture seule !"
sleep 2
$EDITOR $NETWORK_DIR/build
exit
fi
rm $NETWORK_DIR/.build.save
fi
if [ -w $NETWORK_DIR ]; then
(
cd $NETWORK_DIR
rm -f *.conf
. build
echo "Create \"$(basename $NETWORK_DIR)\" config files..."
echo
build && echo && vdn-graph
touch $(readlink -f $NETWORK_DIR)/network.vdn
)
else
echo "$NETWORK_DIR not writable !" >&2
fi
done

37
vdn/bin/vdn-busy.rb
Unescape View File

@ -0,0 +1,37 @@
#!/usr/bin/env ruby
require 'gtk2'
$cpt=0
window = Gtk::Window.new
window.modal=true
window.set_default_size(640, 140)
#window.signal_connect("delete_event") {
# puts "delete event occurred"
# #true
# false
#}
window.signal_connect("destroy") {
puts "destroy event occurred"
Gtk.main_quit
}
window.add(Gtk::Label.new("Load network description... Be patient !"))
window.show_all
Gtk.timeout_add(200) {
$cpt=$cpt+1
if $cpt > 2
r=system("ps auwx | grep -v grep | grep -q 'ruby.*vdn-gui'")
if r==true
Gtk.main_quit
end
end
true
}
Gtk.main

96
vdn/bin/vdn-clean
Unescape View File

@ -0,0 +1,96 @@
#!/usr/bin/env bash
set -eu
FORCE=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-f] system
EOF
}
help() {
cat << EOF
`basename $0` supprime les modifications d'un système.
`synopsis`
-h : affiche cette aide
-f : pas de demande de confirmation
Remarque : Les fichiers seront regénérés (vides) au prochain
demarrage de la machine.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hf" opt; do
case $opt in
h) help; exit 0;;
f) FORCE=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
GUEST_NAMES="$@"
[ -z "$GUEST_NAMES" ] && usage || :
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
SAVE_FILES=""
for i in $GUEST_NAMES; do
loadGuestVars $i
[ -n "$SAVE_FILE" ] && {
[ -e $SAVE_FILE ] && \
SAVE_FILES="$SAVE_FILES $SAVE_FILE" || :
} || :
[ -n "$HDB" ] && {
set +u
[ -z "$SAVE_DIR_HDB" ] && SAVE_DIR_HDB=$SAVE_DIR
set -u
[ -e $SAVE_DIR_HDB/$HDB ] && \
SAVE_FILES="$SAVE_FILES $SAVE_DIR_HDB/$HDB" || :
} || :
done
if [ -n "$SAVE_FILES" ]; then
if [ $FORCE = 0 ]; then
echo -e "Supprimer ? :"
for i in $SAVE_FILES; do
du -h $i
done
msg="Supprimer tous les fichiers ?"
request "$msg"
[ $? != 0 ] && exit || :
fi
echo
rm -f $SAVE_FILES
echo "rm -f $SAVE_FILES"
else
echo "No files to clean !" >&2
sleep 1
fi

56
vdn/bin/vdn-clean-network
Unescape View File

@ -0,0 +1,56 @@
#!/usr/bin/env bash
networkDir=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [networkDir]
EOF
}
help() {
cat << EOF
`basename $0` supprime le répertoire des sauvegardes du réseau.
ATTENTION : aucune demande ne confirmation.
`synopsis`
-h : affiche cette aide.
Si networkDir n'est pas précisé, le répertoire des sauvegardes du réseau
défini par la variable NETWORK_DIR est supprimé.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -eq 1 ] && { networkDir=$1; shift; }
[ $# -ne 0 ] && usage;
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ -n "$networkDir" ] && NETWORK_DIR="$networkDir"
netname=$(basename $NETWORK_DIR)
rm -Rf $SAVE_PATH/$netname

69
vdn/bin/vdn-clone-network
Unescape View File

@ -0,0 +1,69 @@
#!/usr/bin/env bash
#set -x
NEW=""
networkName=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-n existingNetworkName] [newNetworkName]
EOF
}
help() {
cat << EOF
`basename $0` clone le réseau courant (ou celui précisé par l'option -n).
`synopsis`
-h : affiche cette aide.
-n : réseau à cloner.
Si newNetwork n'est pas précisé, il sera demandé sur l'entrée standard.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hn:" opt; do
case $opt in
h) help; exit 0;;
n) networkName="$OPTARG";;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -eq 1 ] && { NEW=$1; shift; }
[ $# -ne 0 ] && usage;
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ -n "$networkName" ] && NETWORK_DIR="$VDN_NETWORKS_BASE_DIR/$networkName"
export VDN_PATH
while [ -z "$NEW" ]; do
echo -n "Nom destination : "
read NEW
done
echo "clone : $NETWORK_DIR to $NEW"
new=$(dirname $NETWORK_DIR)/$NEW
[ -d $new ] && error "Le réseau $NEW existe déja !" || :
cp -a $NETWORK_DIR $new

120
vdn/bin/vdn-config
Unescape View File

@ -0,0 +1,120 @@
#!/usr/bin/env bash
set -eu
ADD=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-a] system variable [value]
EOF
}
help() {
cat << EOF
`basename $0` affiche ou modifie une variable de configuration d'un système.
`synopsis`
Le fichier de configuration d'un système contient des définitions de variables.
Si l'argument value n'est pas précisé, cette commande affiche la valeur
de la variable.
Si l'argument value est précisé, cette commande fixe la valeur de la variable.
-h : affiche cette aide
-a : ajoute un espace puis la valeur précisée à la valeur courante.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "ha" opt; do
case $opt in
h) help; exit 0;;
a) ADD=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
if [ $# -ne 2 ] && [ $# -ne 3 ]; then
usage
fi
GUEST_NAME="$1"
VAR=$2
GET=1
[ $# = 3 ] && { GET=0; VALUE=$3; }
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
getValue() {
local file="$1" var="$2" v
v="`cat "$1" | grep "^$var=" | sed -ne 's/^[^=]*="\([^"]*\)".*$/\1/p'`"
[ -z "$v" ] && \
v="`cat "$1" | grep "^$var=" | sed -ne 's/^[^=]*=\([^ ]*\).*$/\1/p'`"
echo "$v"
}
setValue() {
local file="$1" var="$2" value="$3"
shift 2
cat $file | gawk -v value="$@" -e '
BEGIN {
found=0
}
/^'$var'=/ {
found=1
print "'$var'=\""value"\""
next
}
{ print }
END { if(found==0) print "'$var'=\""value"\"" }
' > $file.tmp
mv $file.tmp $file
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
GUEST_CONF=$NETWORK_DIR/$GUEST_NAME.conf
if [ $GET = 1 ]; then
GUEST_OWNER=$USER
loadGuestVars $GUEST_NAME
getValue $GUEST_CONF $VAR
else
if [ $ADD = 1 ]; then
GUEST_OWNER=$USER
loadGuestVars $GUEST_NAME
v=$(getValue $GUEST_CONF $VAR )
VALUE="$v $VALUE"
fi
setValue $GUEST_CONF $VAR "$VALUE"
fi

306
vdn/bin/vdn-create-slash
Unescape View File

@ -0,0 +1,306 @@
#!/usr/bin/env bash
set -eu
VDN_PATH=$(readlink -f $(dirname $(whereis vdn| cut -d ' ' -f 2))/..)
REVERSE=0
TRACE=0
export SLASH=$VDN_PATH/slash
help() {
cat << EOF
`basename $0` create slash directoty.
`synopsis`
-h : affiche cette aide
-t : lance vdn en mode trace. La capture est placée dans /tmp/vdn.trace (*)
-r : replace par un shebang classique.
(*) le fichier capture (/tmp/vdn.trace) est utilisé s'il existe par `basename $0`.
EOF
}
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-r]
`basename $0` -t
EOF
}
usage() {
synopsis
exit 2
}
args() {
local opt
while getopts "hrt" opt; do
case $opt in
h) help; exit 0;;
r) REVERSE=1;;
t) TRACE=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
}
getTrace() {
strace -f -e trace=file $@ 2>&1 | \
egrep -v 'ENOENT|unfinished|resumed|attached|exited|SIG' | \
sed -re 's/^.*"(.*)".*$/\1/' | \
grep -v $VDN_PATH | \
grep -v $HOME | \
egrep '^/' | \
egrep -v '^/proc|^/etc|^/var|^/tmp/|^/run/|^/sys/|^/dev|^.$' | \
egrep -v '^/home|^/tmp' | \
sort -u > /tmp/trace.vdn
}
copy() {
s=$SLASH
r='^#'
while read f; do
[ -z "$f" ] && continue
[[ $f =~ $r ]] && continue
#[ $f = "/bin/bash" ] && continue
[ -d $f ] && continue
[ -f $f -o -L $f ] || {
echo "copy : BAD : $f"
continue
}
#echo ":$f"
d=$(dirname $f)
[ ! -d $s/$d ] && mkdir -p $s/$d || :
cp -a $f $s/$d || :
if [ -L $f ]; then
dst=$(readlink $f)
if [[ $dst =~ ^/ ]]; then
echo "ABS ($f) > $dst"
n=$(($(echo $f | sed -re 's/[^/]//g' | wc -c) -2))
p=$(ruby -e "puts \"../\"*$n")
b=$(basename $f)
rm $s/$d/$b
#ln -sf $s/$dst $s/$d/$b
ln -sf $p/$dst $s/$d/$b
echo $dst | copy
elif [[ $dst =~ ^/ ]]; then
echo "REL ($f) > $dst"
echo $dst | copy
else
echo $d/$dst | copy
fi
fi
#echo "==> $f"
done
}
findLibIte() {
local i e
while :; do
e=${ALL[$N]}
[ -z "$e" ] && break
for i in $(ldd $e | grep '=>' | sed -re 's/.*=> *([^ ]*) .*$/\1/g'); do
[[ ${ALL[@]} =~ (^| )$i( |$) ]] && continue
ALL+=("$i") # push
echo -ne "Found lib dependencies: ${#ALL[@]} ...\r" >&2
done
N=$((N+1))
done
echo "${ALL[@]}"
}
findShebang() {
local shebang
find $VDN_PATH -type f | while read f; do
shebang=$(dd if=$f bs=1 count=2 2> /dev/null | tr '\0' '\n' )
reg='#!'
[[ "$shebang" =~ $reg ]] && echo $f
done
}
setShebang() {
local shebang
while read f; do
#echo "---"
#echo $f
shebang=$(cat $f 2> /dev/null | gawk -e '{ print; exit 0 }' | tr '\0' '\n' 2> /dev/null)
#echo $shebang
new=$(echo "$shebang" | sed -re 's/#! */#!/' | gawk -v SHEBANG=$SHEBANG -e '
/env/ { print SHEBANG" "$2" "$3; exit }
{ sub(/^.*\//, "", $1); printf SHEBANG" "$1" "$2" "$3 ; exit }
')
#echo "new=$new"
sed -i -re "1s,.*,$new," $f
#sed -i -re '1s,(.*) -u,\1\n\nset -eu,' $f
#head -n 3 $f
done
}
findElf() {
local elf
find $VDN_PATH/slash -type f | while read f; do
elf=$(dd if=$f bs=1 count=10 2> /dev/null | tr '\0' '\n' )
reg='ELF'
[[ "$elf" =~ $reg ]] && echo $f
done
}
setElf() {
while read f; do
if ! patchelf --print-interpreter $f &> /dev/null; then
continue
fi
echo "patch $f"
patchelf --set-interpreter "/tmp/vdn-slash/lib/x86_64-linux-gnu/ld-2.24.so" $f
done
}
depends() {
rm -Rf $SLASH
mkdir $SLASH
rm -f /tmp/vdn-list-cmd
[ -e /tmp/vdn.trace ] && {
echo "Read trace"
cat /tmp/vdn.trace >> /tmp/vdn-list-cmd
}
echo "Scan commands"
vdn-find-commands >> /tmp/vdn-list-cmd
echo "Add manual dependencies"
cat << EOF >> /tmp/vdn-list-cmd
/bin/bash
/bin/ls
/bin/sh
/bin/dash
/usr/bin/less
/usr/bin/strace
/usr/bin/vim.gtk
/usr/bin/ldd
/usr/bin/basename
/usr/bin/xclock
/usr/bin/xauth
/lib/x86_64-linux-gnu/libreadline.so.7
/usr/bin/gdk-pixbuf-query-loaders
/usr/share/gir-1.0/Gio-2.0.gir
/lib64/ld-linux-x86-64.so.2
/usr/bin/python2.7
/usr/bin/python2.7-config
/lib/x86_64-linux-gnu/libaudit.so.1
/lib/x86_64-linux-gnu/libpcre.so.3
/lib/x86_64-linux-gnu/libprocps.so.6
/lib/x86_64-linux-gnu/libselinux.so.1
/lib/x86_64-linux-gnu/libtinfo.so.5
/lib/x86_64-linux-gnu/libtinfo.so.5.9
/lib/x86_64-linux-gnu/libnss_dns.so.2
/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so
EOF
echo "Find dependencies..."
#echo "/bin/bash" > /tmp/vdn-list-cmd
#cat /tmp/vdn-list-cmd
cat /tmp/vdn-list-cmd | sort -u | {
declare -a ALL
N=0
while read l; do
[[ "$l" =~ ^[[:space:]]*$ ]] && continue
[[ "$l" =~ ^[[:space:]]*# ]] && continue
ALL+=("$l") # push
done
N=0
while :; do
set +u
e=${ALL[$N]}
set -u
[ -z "$e" ] && { break; }
for i in $(ldd $e 2> /dev/null | grep '=>' | sed -re 's/.*=> *([^ ]*) .*$/\1/g'); do
[[ ${ALL[@]} =~ (^| )$i( |$) ]] && continue
ALL+=("$i") # push
#echo -e "Found lib dependencies ${#ALL[@]} : $i ...\r" >&2
done
N=$((N+1))
done
echo ${ALL[@]} | tr ' ' '\n' | sort -u > /tmp/vdn-list-files
}
}
# main
args "$@"
[ $REVERSE = 1 ] && {
SHEBANG="#!/usr/bin/env"
echo "Reverse shebang : $SHEBANG"
SHEBANG="#!/usr/bin/env"; findShebang | setShebang $SHEBANG
exit
}
[ $TRACE = 1 ] && {
getTrace $@
exit
}
SHEBANG="#!/tmp/vdn-slash/usr/bin/env"
depends
echo "Copy..."; cat /tmp/vdn-list-files | copy
echo "Patch shebang"; findShebang | setShebang $SHEBANG
echo "Patch elf"; findElf | setElf
echo "Update pixbuf loader module file"
[ ! -d $VDN_PATH/slash/usr/lib/gdk-pixbuf-2.0/2.10.0/ ] && mkdir -p $VDN_PATH/slash/usr/lib/gdk-pixbuf-2.0/2.10.0/
gdk-pixbuf-query-loaders $VDN_PATH/slash/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/* |\
sed -re "s,$VDN_PATH/slash,/tmp/vdn-slash,"> $VDN_PATH/slash/usr/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache
#gdk-pixbuf-query-loaders $VDN_PATH/slash/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/* > $VDN_PATH/slash/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders.cache

56
vdn/bin/vdn-delete
Unescape View File

@ -0,0 +1,56 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` supprime le fichier de configuration du système.
`synopsis`
-h : affiche cette aide
ATTENTION : aucune demande de confirmation n'est demandée !
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
isDefined $GUEST_NAME || exit 0
setGuestVars $GUEST_NAME
rm $GUEST_CONF

83
vdn/bin/vdn-delete-disks
Unescape View File

@ -0,0 +1,83 @@
#!/usr/bin/env bash
set -eu
FORCE=0
LIST=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-f] system...
EOF
}
help() {
cat << EOF
`basename $0` supprime les disques associés au(x) système(s).
`synopsis`
Les disques HDA, HDB et CDROM du système présents dans le répertoire "files"
sont supprimés.
-h : affiche cette aide
-f : force : pas de demande de confirmation !
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hf" opt; do
case $opt in
h) help; exit 0;;
f) FORCE=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -lt 1 ] && usage
for i; do
GUEST_NAME="$i"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
HDA=""; HDB=""; CDROM=""
loadGuestVars $GUEST_NAME
LIST="$LIST $HDA $HDB $CDROM"
done
}
deleteDisks() {
for b in $LIST; do
#b=$(basename $i)
if [ -e $VDN_PATH/files/$b ]; then
echo "Suppression de $VDN_PATH/files/$b"
if [ $FORCE = 1 ]; then
rm -f $VDN_PATH/files/$b
else
rm -i $VDN_PATH/files/$b
fi
fi
done
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
deleteDisks

72
vdn/bin/vdn-delete-network
Unescape View File

@ -0,0 +1,72 @@
#!/usr/bin/env bash
#set -x
NEW=""
FORCE=0
networkDir=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-f] networkDir
EOF
}
help() {
cat << EOF
`basename $0` supprime le réseau.
`synopsis`
-h : affiche cette aide.
-f : PAS de demande de confirmation !
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hf" opt; do
case $opt in
h) help; exit 0;;
f) FORCE=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -eq 1 ] && { networkDir=$1; shift; }
[ $# -ne 0 ] && usage;
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ -n "$networkDir" ] && NETWORK_DIR="$networkDir"
export VDN_PATH
echo "DETETE $NETWORK_DIR"
echo
if [ $FORCE = 0 ]; then
msg=$(echo -e "Supprimer:\n$NETWORK_DIR" | tr -s ' ' '\n')
request "$msg"
[ $? != 0 ] && exit || :
fi
[ -d $NETWORK_DIR ] && rm -Rf $NETWORK_DIR || :

96
vdn/bin/vdn-diff
Unescape View File

@ -0,0 +1,96 @@
#!/usr/bin/env bash
set -eu
TMP1="/tmp/vdn-dir1"
TMP2="/tmp/vdn-dir2"
TMP="/tmp/vdn-dir"
EXCLUDES=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] dir1 dir2
EOF
}
help() {
cat << EOF
`basename $0` affiche les différences dans les archives des modifications.
dir1 et dir2 doivent contenir les archives des modifications des systèmes.
Exemple : `basename $0` ~/.vdn-0.7.bak/demo ~/.vdn-0.7/demo
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 2 ] && usage
DIR1=$1
DIR2=$2
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ ! -d "$DIR1" ] && usage
[ ! -d "$DIR2" ] && usage
l1=$(cd $DIR1; ls *.tgz)
l2=$(cd $DIR2; ls *.tgz)
l=$(echo "$l1 $l2" | tr " " '\n' | sort -u | tr '\n' ' ')
for i in $l; do
echo
echo "#------------------------------------------------------------"
echo "### $i"
echo "#------------------------------------------------------------"
echo
if [ ! -e $DIR1/$i ]; then
echo "error : $DIR1/$i absent"
continue
fi
if [ ! -e $DIR2/$i ]; then
echo "error : $DIR2/$i absent"
continue
fi
rm -Rf $TMP1 $TMP2
mkdir $TMP1 $TMP2
tar -C $TMP1 -xzf $DIR1/$i 2> /dev/null
tar -C $TMP2 -xzf $DIR2/$i 2> /dev/null
for f in $EXCLUDES; do
rm -Rf $TMP1/$f; rm -Rf $TMP2/$f
done
diff -Bru $TMP1 $TMP2 2> /dev/null || true
done
echo "### END ###"

139
vdn/bin/vdn-doc
Unescape View File

@ -0,0 +1,139 @@
#!/usr/bin/env bash
set -eu
VDN_PATH=$(readlink -f $(dirname $0)/..);
synopsis() {
cat << EOF
Usage : $(basename $0) [-h]
EOF
}
help() {
cat << EOF
`basename $0` extrait la documentation à partir de l'aide des commandes.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
scan() {
cd $VDN_PATH/bin
for i in *; do
[[ $i =~ .rb$ ]] && continue
[[ $i =~ .sh$ ]] && continue
[ ! -f $i ] && continue
[ ! -x $i ] && continue
echo "=== $i ==="
$i -h
echo
done
}
args $@
#scan
doc() {
echo "=== $1 ==="
echo -n "<code>"
$1 -h
echo "</code>"
echo
}
cat << EOF > /tmp/doc.txt
===== Liste des commandes VDN ====
==== Pour l'administrateur ====
$(doc vdn-prepare)
==== Pour l'utilisateur ====
$(doc vdn-clean)
$(doc vdn-download-disks)
$(doc vdn-halt)
$(doc vdn-infos)
$(doc vdn-kill)
$(doc vdn-list)
$(doc vdn-start)
==== Pour le développeur (de disques et de réseaux) ====
$(doc vdn-build-network)
$(doc vdn-clean-network)
$(doc vdn-delete-disks)
$(doc vdn-delete)
$(doc vdn-scp)
$(doc vdn-ssh)
$(doc vdn-ssh-copy-id)
$(doc vdn-ssh-loop)
==== Non classées ====
$(doc vdn-alive)
$(doc vdn-alives)
$(doc vdn-build)
$(doc vdn-config)
$(doc vdn-create-slash)
$(doc vdn-diff)
$(doc vdn-doc)
$(doc vdn-graph)
$(doc vdn-kvm)
$(doc vdn-mount-chroot)
$(doc vdn-open-network)
$(doc vdn-push)
$(doc vdn-restart)
$(doc vdn-save)
$(doc vdn-scripts)
$(doc vdn-set-network-dir)
$(doc vdn-set-var)
$(doc vdn-shell)
$(doc vdn-show)
$(doc vdn-ssh-loop)
$(doc vdn-start-wrapper)
$(doc vdn-terminal)
$(doc vdn-test)
$(doc vdn-test-kvm)
$(doc vdn-upload-disks)
$(doc vdn-vnc-viewer)
EOF
cat /tmp/doc.txt

183
vdn/bin/vdn-docker
Unescape View File

@ -0,0 +1,183 @@
#!/bin/bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` démarre la machine virtuelle debian-1 du réseau virtualMachines.
La commande ~vdn/vdn/bin/vdn est une alternative graphique à ce script.
`synopsis`
-h : affiche plus d'aide
EOF
}
helpStart() {
cat << EOF
Pour vous connecter en tant qu'utilisateur test sur debian-1 :
vdn-ssh -X test@debian-1 # -X : pour recevoir les fenêtres graphiques de debian-1.
Pour vous connectez root :
vdn-ssh -X root@debian-1 # -X : pour recevoir les fenêtres graphiques de debian-1.
Pour arrêter la machine virtuelle :
vdn-halt debian-1 # ou la commande (root) "poweroff" dans votre machine virtuelle.
Si la machine ne réponds pas :
vdn-kill debian-1 # ARRÊT BRUTAL : équivalent à une coupure électrique !
Pour un écran graphique (VNC) de la debian-1 :
vous devrez fixer un mot de passe à l'utilisateur (commande passwd).
vdn-viewer debian-1
`basename $0` -h pour plus d'aide (vdn-scp, vdn-sshfs, ...).
EOF
}
helpWarning() {
cat << EOF
** AVERTISSEMENT **
Vous êtes l'administrateur unique de vos machines virtuelles !
En tant qu'administrateur vous avez la charge de leur intégrité !
Ce système est une Debian buster classique avec authentification ssh par clés.
L'authentification ssh par clés, uniquement active par défaut pour
l'utilisateur propriétaire de la machine virtuelle, permet de ne pas avoir
à connaitre les mots de passes (générés initialement aléatoirement).
Vous pouvez changer les mots de passe mais, votre machine virtuelle étant
connectée au réseau pédagogique et à Internet (via le proxy du réseau
pédagogique si ce dernier est ouvert), choisissez de bons mots de passe !
****************************************************************************
N'utilisez pas et ne stockez pas de mots de passe (ou tout autre information
"sensible") provenant du monde "réel" dans vos machines virtuelles !
****************************************************************************
EOF
echo -n "Appuyez sur la touche Entrée pour la suite "; read resp
}
helpPlus() {
cat << EOF
** Informations **
Les commandes vdn-* disposent toutes d'une documentation intégrée obtenue
avec l'option -h.
Outre la commande vdn-ssh déjà présentée plus haut, les commandes suivantes
vont cous permettre de "joindre" votre machine virtuelle à partir de l'hôte :
vdn-scp : effectue un scp à partir ou à destination d'un système virtuel.
vdn-sshfs : monte un répertoire du système virtuel dans un répertoire de l'hôte.
vdn-ssh-copy-id : copie une clé publique dans un système virtuel.
Appliquez l'option -h à une de ces commandes pour un exemple.
EOF
cat << EOF
** Notes **
La documentation générale sur VDN, est accessible ici :
https://opale.u-clermont1.fr/info/wiki/doku.php?id=public:vdn:start
S'il vous reste de la place sur le disque de votre machine virtuelle (df -h),
n'hésitez pas à installer, dans un cadre pédagoqique, les paquets/logiciels
de votre choix.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; helpStart; helpPlus; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ -n "$*" ] && usage || :
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)); . $VDN_PATH/bin/functions.sh
args "$@"
n="debian-1"
if vdn-alive $n; then
helpStart
error "Le système virtuel $n est déjà lancé !"
fi
helpWarning
vdn-set-network-dir $VDN_PATH/networks/virtualMachines
vdn -t # test host
echo
echo -n "vdn-start debian-1 "
vdn-start -b -v "KVM_VIEWER_AUTOSTART=0" debian-1
cpt=0
while ! vdn-ssh -n -o ConnectTimeout=1 root@debian-1 exit 0 2> /dev/null; do
echo -n "."
cpt=$(($cpt+1))
done
echo "( $cpt sec.)"
echo "Démarrage du service docker..."
vdn-scripts -n startDocker &> /dev/null
r=$?
helpStart
[ $r -ne 0 ] && warning "Echec du démarrage de docker".
echo "debian-1 démarrée !"

237
vdn/bin/vdn-download-disks
Unescape View File

@ -0,0 +1,237 @@
#!/usr/bin/env bash
set -eu
set -x
DRY=0
SYSTEMS=""
FORCE=0
DDISK=0
synopsis() {
cat << EOF
Usage : `basename $0` [-hdf] system...
`basename $0` -t disk
EOF
}
help() {
cat << EOF
`basename $0` télécharge les disques associés au(x) système(s).
`synopsis`
Les disques utilisés par les systèmes spécifiés sont téléchargés.
Remarque : les fichiers "*.disk.gz" sont automatiquement decompressés.
-h : affiche cette aide
-d : dry run
-f : pas de demande de confirmation
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hdft" opt; do
case $opt in
h) help; exit 0;;
d) DRY=1;;
f) FORCE=1;;
t) DDISK=1;;
?) usage;;
esac
done
shift $(($OPTIND-1))
SYSTEMS=$@
if [ -z "$SYSTEMS" ]; then
SYSTEMS=$(vdn-list | grep -v '^#')
fi
#[ $# -lt 1 ] && usage
}
download() {
local i
echo "start download func"
for i in $@; do
echo "loop"
file=$(basename $i .gz)
echo "file:$file"
if [[ $i =~ \.gz ]]; then
if [ $DRY = 1 ]; then
echo "Dry run : download $i"
else
echo "Download to $VDN_PATH/files/$file..."
wget -c -O - $i | { gzip -d -c || error "Problème de téléchargement"; } | \
dd of=$VDN_PATH/files/$file conv=sparse bs=512 || \
error "Problème de téléchargement"
fi
if [ "$(stat -c %s $VDN_PATH/files/$file)" = "0" ]; then
error "Problème de téléchargement"
fi
else
echo "no gz"
if [ $DRY = 1 ]; then
echo echo "Dry run : download $i"
else
wget -c -O $VDN_PATH/files/$file $i
fi
fi
done
}
downloadDisks() {
local error=0 absent=0 r
LIST=""
LIST_DISKS=""
# find all files (uniq)
for i; do
GUEST_NAME="$i"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
DISKS_REPOSITOY="";
CDROM_REPOSITORY="";
HDA=""; HDB=""; CDROM=""; BOOT_CDROM="0";
KERNEL=""; INITRAMFS=""
loadGuestVars $GUEST_NAME
[ "$MODE" = "tgz" ] && {
[ -n "$KERNEL" ] && LIST="$LIST $DISKS_REPOSITORY/$KERNEL"
[ -n "$INITRAMFS" ] && LIST="$LIST $DISKS_REPOSITORY/$INITRAMFS"
}
#[ -n "$CDROM" -a "$BOOT_CDROM" = 1 ] &&
[ -n "$CDROM" ] && \
LIST="$LIST $CDROM_REPOSITORY/$CDROM"
[ -n "$HDA" ] && LIST_DISKS="$LIST_DISKS $DISKS_REPOSITORY/$HDA.gz"
[ -n "$HDB" ] && LIST_DISKS="$LIST_DISKS $DISKS_REPOSITORY/$HDB.gz"
done
#set -x
LIST_DISKS=$(echo $LIST_DISKS | tr -s ' ' '\n' | sort -u | grep -v '^$')
LIST=$(echo $LIST | tr -s ' ' '\n' | sort -u | grep -v '^$' || :)
LIST="$LIST $LIST_DISKS"
#echo "LIST :"
#echo $LIST | tr -s ' ' '\n'
# test dates
LIST_DOWNLOAD=""
for i in $LIST; do
file=$(basename $i .gz)
locDate=0
[ -e $VDN_PATH/files/$file ] && \
locDate=$(stat -c %Y $VDN_PATH/files/$file)
set +e
reInfos="$(wget --spider -S $i 2>&1)"
r=$?
set -e
if [ $r -ne 0 ]; then
warning "$(basename $i) not found on server !"
error=1
[ ! -e $VDN_PATH/files/$file ] && absent=1
continue
fi
reDate=$(echo "$reInfos" | grep "Last-Modified:" | cut -d ':' -f 2-)
reDate=$(date -d "$reDate" +%s)
#echo $locDate $reDate
[ $locDate -lt $reDate ] && LIST_DOWNLOAD="$LIST_DOWNLOAD $i"
done
if [ $error = 1 ]; then
if [ -n "$LIST_DOWNLOAD" ]; then
if [ $FORCE = 0 ]; then
request "Tous les fichiers ne peuvent être téléchargés !\nTélécharger quand même ceux qui peuvent l'être ?"
[ $? -ne 0 ] && exit 0
fi
fi
fi
[ -n "$LIST_DOWNLOAD" ] && {
echo
echo "LIST_DOWNLOAD :"
echo
echo $LIST_DOWNLOAD | tr -s ' ' '\n'
echo
NEW=""
for i in $(echo $LIST_DOWNLOAD | tr -s ' ' '\n'); do
request "Télécharger le fichier : $i ?"
[ $? -eq 0 ] && NEW="$NEW $i" || :
done
LIST_DOWNLOAD=$NEW
}
if [ -n "$LIST_DOWNLOAD" -a $FORCE = 0 ]; then
request "Télécharger les fichiers ?"
[ $? -ne 0 ] && exit 0
fi
# download
echo "LIST_DOWNLOAD:$LIST_DOWNLOAD"
download $LIST_DOWNLOAD
echo "End of download"
for i in $LIST; do
file=$(basename $i .gz)
if [ ! -e $VDN_PATH/files/$file ]; then
warning "$file absent"
absent=1
fi
done
[ $absent = 1 ] && error "Fichiers manquants" || :
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
if [ $DDISK = 1 ]; then
download http://opale.u-clermont1.fr/vdn/files/$SYSTEMS
else
downloadDisks $SYSTEMS
fi

86
vdn/bin/vdn-download-network
Unescape View File

@ -0,0 +1,86 @@
#!/usr/bin/env bash
set -eu
#set -x
DRY=0
SYSTEMS=""
FORCE=0
synopsis() {
cat << EOF
Usage : `basename $0` [-hdf] url
EOF
}
help() {
cat << EOF
`basename $0` télécharge le réseau.
`synopsis`
-h : affiche cette aide
-d : dry run
-f : pas de demande de confirmation
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hf" opt; do
case $opt in
h) help; exit 0;;
f) FORCE=1;;
?) usage;;
esac
done
shift $(($OPTIND-1))
[ $# -gt 1 ] && usage
[ $# -eq 1 ] && URL=$1 || URL=""
}
download() {
file=$(basename $URL .zip)
if [ $file.zip = $URL ]; then
URL="$DEFAULT_REPOSITORY/$file"
fi
echo "file:$file"
rm -f $TMPDIR/$file.zip
wget -c -O $TMPDIR/$file.zip $URL
if [ -e $VDN_NETWORKS_BASE_DIR/$file -a $FORCE = 0 ]; then
requestNo "Network exist ! Overwrite ?"
fi
if [ $FORCE = 0 ]; then
request "Extract $file.zip ?"
fi
( cd $VDN_NETWORKS_BASE_DIR; rm -Rf $file; unzip -x $TMPDIR/$file.zip )
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
if [ -z "$URL" ]; then
echo -n "URL (ex: http:truc.bidule/net.zip) : "
read URL
fi
download $URL

27
vdn/bin/vdn-exec-in-fakechroot
Unescape View File

@ -0,0 +1,27 @@
#!/bin/bash
FAKECHROOT_DIR=/tmp/vdn-fakechroot-$USER/part
echo "FAKECHROOT_DIR:$FAKECHROOT_DIR"
echo "Exec..."
set -x
export LD_LIBRARY_PATH=$FAKECHROOT_DIR/lib:$FAKECHROOT_DIR/usr/lib:$FAKECHROOT_DIR/usr/lib/x86_64-linux-gnu:/lib:/usr/lib:/usr/lib/x86_64-linux-gnu:/lib/x86_64-linux-gnu:$FAKECHROOT_DIR/lib/x86_64-linux-gnu:$FAKECHROOT_DIR/usr/lib/x86_64-linux-gnu/pulseaudio:$FAKECHROOT_DIR/usr/lib/x86_64-linux-gnu:$FAKECHROOT_DIR/lib/x86_64-linux-gnu:$VDN_PATH/distribs/lib
export LD_LIBRARY_PATH=$FAKECHROOT_DIR/lib:$FAKECHROOT_DIR/usr/lib:$FAKECHROOT_DIR/usr/lib/x86_64-linux-gnu:FAKECHROOT_DIR/lib/x86_64-linux-gnu:$FAKECHROOT_DIR/usr/lib/x86_64-linux-gnu/pulseaudio:$FAKECHROOT_DIR/usr/lib/x86_64-linux-gnu:$FAKECHROOT_DIR/lib/x86_64-linux-gnu:$VDN_PATH/distribs/lib
export GIO_MODULE_DIR=$FAKECHROOT_DIR/usr/lib/x86_64-linux-gnu/gio
#PATH="$FAKECHROOT_DIR/bin:$FAKECHROOT_DIR/usr/bin:$VDN_PATH/bin"
#echo LD_LIBRARY_PATH=$LD_LIBRARY_PATH
#echo PATH=$PATH
echo "LD_LIBRARY_PATH:$LD_LIBRARY_PATH"
echo "### before exec..."
exec $*

149
vdn/bin/vdn-fakechroot
Unescape View File

@ -0,0 +1,149 @@
#!/usr/bin/env bash
set -eu
UMOUNT=0;
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` monte (via fuse) le disque et configure fakechroot pour l'utiliser.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hu" opt; do
case $opt in
h) help; exit 0;;
u) UMOUNT=1;;
?) usage;;
esac
done
}
vdnUmount() {
fusermount -u $FAKECHROOT_DIR/unionfs || :
fusermount -u $FAKECHROOT_DIR//unionfs-2/etc ||:
fusermount -u $FAKECHROOT_DIR//unionfs-2/home ||:
fusermount -u $FAKECHROOT_DIR//unionfs-2/tmp ||:
fusermount -u $FAKECHROOT_DIR/unionfs-1 || :
fusermount -u $FAKECHROOT_DIR/unionfs-2 || :
fusermount -u $FAKECHROOT_DIR/part || :
fusermount -u $FAKECHROOT_DIR/offset || :
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
FAKECHROOT_DIR=/tmp/vdn-fakechroot-$USER
if [ $UMOUNT = 1 ]; then
vdnUmount
exit $?
fi
[ ! -d $FAKECHROOT_DIR/offset ] && mkdir -p $FAKECHROOT_DIR/offset || :
bbfs $VDN_PATH/files $FAKECHROOT_DIR/offset
[ ! -d $FAKECHROOT_DIR/part ] && \
mkdir $FAKECHROOT_DIR/part || :
ext4fuse $FAKECHROOT_DIR/offset/DebianBuster-amd64.disk $FAKECHROOT_DIR/part -o allow_other
[ ! -d $FAKECHROOT_DIR/unionfs-1 ] && mkdir -p $FAKECHROOT_DIR/unionfs-1 || :
unionfs -o max_files=64000 -o allow_other -o relaxed_permissions $FAKECHROOT_DIR/part=RW $FAKECHROOT_DIR/unionfs-1
#rm -Rf $FAKECHROOT_DIR/unionfs-1/etc
# -o uid=1000 -o gid=1000
[ ! -d $FAKECHROOT_DIR/unionfs-2/etc ] && mkdir -p $FAKECHROOT_DIR/unionfs-2/etc || :
unionfs -o max_files=64000 -o allow_other,use_ino,suid,dev -o relaxed_permissions /etc=RW $FAKECHROOT_DIR/unionfs-2/etc
[ ! -d $FAKECHROOT_DIR/unionfs-2/home ] && mkdir -p $FAKECHROOT_DIR/unionfs-2/home || :
unionfs -o max_files=64000 -o allow_other,use_ino,suid,dev -o relaxed_permissions /home=RW $FAKECHROOT_DIR/unionfs-2/home
[ ! -d $FAKECHROOT_DIR/unionfs-2/tmp ] && mkdir -p $FAKECHROOT_DIR/unionfs-2/tmp || :
unionfs -o max_files=64000 -o allow_other,use_ino,suid,dev -o relaxed_permissions /tmp=RW $FAKECHROOT_DIR/unionfs-2/tmp
[ ! -d $FAKECHROOT_DIR/unionfs ] && mkdir -p $FAKECHROOT_DIR/unionfs || :
##unionfs -o cow -o max_files=64000 -o allow_other,use_ino,suid,dev,nonempty /=RW:$FAKECHROOT_DIR/part=RO $FAKECHROOT_DIR/unionfs
set -x
unionfs -o cow -o max_files=64000 -o allow_other,use_ino,suid,dev -o relaxed_permissions \
$FAKECHROOT_DIR/unionfs-2=RW:$FAKECHROOT_DIR/unionfs-1=RO $FAKECHROOT_DIR/unionfs
#echo shell
#bash
#exit
echo fakechroot:$FAKECHROOT_DIR/unionfs
fakechroot -s chroot $FAKECHROOT_DIR/unionfs /bin/bash -i
echo Press Enter to umont
read
vdnUmount
#[ ! -d $FAKECHROOT_DIR/unionfs-home/home ] && mkdir -p $FAKECHROOT_DIR/unionfs-home/home || :
#unionfs -o cow -o max_files=64000 -o allow_other,use_ino,suid,dev,nonempty $FAKECHROOT_DIR/part=RO $FAKECHROOT_DIR/unionfs
#ls $FAKECHROOT_DIR/part
# config fakechroot
#PATH="$PATH:/bin:/usr/bin"
#export FAKECHROOT_DIR
#DIR=$FAKECHROOT_DIR/part
#export FAKECHROOT_EXCLUDE_PATH=/tmp:/proc:/dev:/sys:/var/run:/home:/etc/passwd
#export LD=$DIR/lib:$DIR/usr/lib:$DIR/usr/lib/x86_64-linux-gnu:$DIR/lib/x86_64-linux-gnu:/lib:/usr/lib:/usr/lib/x86_64-linux-gnu:/lib/x86_64-linux-gnu:$DIR/usr/lib/x86_64-linux-gnu/pulseaudio:$DIR/usr/lib/x86_64-linux-gnu:$DIR/lib/x86_64-linux-gnu:$VDN_PATH/distribs/lib
#export GIO_MODULE_DIR=$DIR/usr/lib/x86_64-linux-gnu/gio
#export LD_LIBRARY_PATH=$VDN_PATH/distribs/lib
#echo "LD_LIBRARY_PATH:$LD_LIBRARY_PATH"
#echo "### before fakechroot..."
#echo "export LD_LIBRARY_PATH=$FAKECHROOT_DIR/part/lib/x86_64-linux-gnu"
#/usr/bin/fakechroot -s /usr/sbin/chroot $FAKECHROOT_DIR/part $VDN_PATH/bin/vdn-exec-in-fakechroot $@
#/usr/bin/fakechroot -s /usr/sbin/chroot $FAKECHROOT_DIR/part /bin/bash -c "/bin/bash $VDN_PATH/bin/vdn"
#fakechroot /usr/sbin/chroot $FAKECHROOT_DIR/part /bin/bash
#proot -r $FAKECHROOT_DIR/part /bin/bash
#/usr/bin/fakechroot /usr/sbin/chroot $FAKECHROOT_DIR/part $VDN_PATH/bin/vdn-exec-in-fakechroot ls
#/usr/bin/fakechroot /usr/sbin/chroot $FAKECHROOT_DIR/part /bin/ls
#/usr/bin/fakechroot /bin/bash -c "/usr/sbin/chroot $FAKECHROOT_DIR/part $VDN_PATH/bin/vdn-exec-in-fakechroot $@"

52
vdn/bin/vdn-fakechroot-umount
Unescape View File

@ -0,0 +1,52 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` démonte le disque.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
FAKECHROOT_DIR=/tmp/vdn-fakechroot-$USER
fusermount -u $FAKECHROOT_DIR/part || :
fusermount -u $FAKECHROOT_DIR/offset || :

67
vdn/bin/vdn-find-ident.old
Unescape View File

@ -0,0 +1,67 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` affiche le premier identificateur libre pour un nouveau système.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
findIdent() {
local i=0
local configs="`find $NETWORK_DIR -follow -type f -name \"*.conf\"`"
if [ -n "$configs" ]; then
for i in `seq 0 256`; do
if ! grep -Eq "^IDENT=$i([[:space:]]|$)" $configs; then
break
fi
done
if [ $i = 256 ]; then
error "Aucun identificateur disponible"
fi
fi
echo $i
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
ident=`findIdent`
echo $ident

168
vdn/bin/vdn-fuse-proot
Unescape View File

@ -0,0 +1,168 @@
#!/usr/bin/env bash
set -eu
#set -x
DISK_NAME="DebianBuster-amd64.disk"
FOR_ROOT=0
USE_SUDO=0
UMOUNT=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-r] [-i user] [-s] [-u]
EOF
}
help() {
cat << EOF
`basename $0` exécute VDN dans un environnement proot en utilisant le disque :
$DISK
`synopsis`
-h : affiche cette aide.
-u : démontages seulement.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hrsi:u" opt; do
case $opt in
h) help; exit 0;;
u) UMOUNT=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
vdnMountProotForRoot() {
key="$(cat $TMPDIR/vdn-key-$USER)"
disp=$(cat $TMPDIR/vdn-display-$USER)
d=$TMPDIR/vdn-chroot-$USER;
if [ $UMOUNT = 0 ]; then
mount | grep -q $d || mount -o loop,offset=$((2048*512)) $DISK $d
for i in /dev /dev/pts /sys /proc /tmp; do
mount | grep -q $d$i || { mount --bind $i $d$i; }
done
mount --bind $VDN_PATH $d/home/test/vdn
#mount | grep $d
chroot $d su - -s /bin/bash -c "export DISPLAY=":"$disp; \
unset XAUTHORITY; rm -rf /home/test/.config/xfce4-session; \
rm -rf /home/test/.config/xfce4/terminal/; \
xauth add \$DISPLAY . $key; \
export NO_AT_BRIDGE=1; \
xfce4-terminal --disable-server # 2> /dev/null;" test
sleep 1
fi
for i in /tmp /proc /sys /dev/pts /dev; do
mount | grep -q $d$i && { umount $d$i || { echo "umount lazy : $d$i"; umount -l $d$i; } ; } || :
done
mount | grep -q $d/home/test/vdn && { umount $d/home/test/vdn || umount -l $d/home/test/vdn; } || :
mount | grep -q $d && { umount $d || umount -l $d; } || :
m="$(mount | grep $d)"
echo $m
}
vdnUmount() {
set +e
for i in $(mount | grep $TMPDIR/vdn-proot-$USER | cut -d ' ' -f 3 | tac); do
fusermount -u $i
done
set -e
}
vdnMount() {
[ ! -e $DISK ] && error "$DISK not found !" || :
if [ ! -w $DISK ]; then
error "$DISK doit être accessible en écriture !"
fi
# get display
if [ -z $DISPLAY ]; then
error "DISPLAY not set !"
fi
(rm -f $TMPDIR/vdn-display-$USER; umask 077 ; touch $TMPDIR/vdn-display-$USER)
DISP=$(echo $DISPLAY | cut -d ':' -f 2 | cut -d '.' -f 1)
echo $DISPLAY | cut -d ':' -f 2 >> $TMPDIR/vdn-display-$USER
# get xauth key
key=$(xauth list| grep $(uname -n) | grep $DISP | tail -n 1 | tr -s ' ' | cut -d ' ' -f 3)
[ -n "$key" ] || error "Xauth key is empty !"
echo $key | egrep -q '^[[:xdigit:]]+$' || error "Bad xauth key ($key) !"
(rm -f $TMPDIR/vdn-key-$USER; umask 077 ; touch $TMPDIR/vdn-key-$USER)
echo $key >> $TMPDIR/vdn-key-$USER
# mount (fuse)
# 1 : offset (2048*512)
d=$TMPDIR/vdn-proot-$USER;
[ ! -d $d/offset ] && mkdir -p $d/offset || :
$VDN_PATH/bin/bbfs $VDN_PATH/files $d/offset
# 2 : mount part
[ ! -d $d/part ] && mkdir -p $d/part1 || :
$VDN_PATH/bin/ext4fuse $d/offset/$DISK_NAME $d/part1
# 3 : proot
# -b /etc/passwd -b /etc/group
proot -b /proc -b /dev -b /sys -b /dev/pts -b /home -b /tmp -b /etc \
-r $d/part1 /bin/bash
echo "Done"
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
DISK=$VDN_PATH/files/$DISK_NAME
args "$@"
set -x
if [ $UMOUNT = 0 ]; then
vdnUmount
trap vdnUmount 0
vdnMount
else
vdnUmount
fi

50
vdn/bin/vdn-get-network
Unescape View File

@ -0,0 +1,50 @@
#!/usr/bin/env bash
set -eu
CMD=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] command arg...
EOF
}
help() {
cat << EOF
`basename $0` retourne le nom du réseau courant.
`synopsis`
-h : affiche cette aide.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
[ $# -ne 0 ] && usage || :
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ ! -e $HOME/.vdnrc ] && touch $HOME/.vdnrc
. $HOME/.vdnrc
echo $NETWORK_DIR

252
vdn/bin/vdn-graph
Unescape View File

@ -0,0 +1,252 @@
#!/usr/bin/env bash
ASCII=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-a]
EOF
}
help() {
cat << EOF
`basename $0` génère le graphe associé au réseau (graph.svgz).
`synopsis`
-h : affiche cette aide.
-a : ne génère pas le graphe dans le fichier mais sur stdout (en ASCII).
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "ha" opt; do
case $opt in
h) help; exit 0;;
a) ASCII=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage;
}
toGnuplot() {
n=1
echo "set term dumb"
while read; do
set - $REPLY
#echo $1
case "$1" in
graph) scale=$2; width=$3; height=$4;;
node) name=$2; x=$3; y=$4
echo "set label \"[$name]\" at $x, $y"
n=$(($n+1))
;;
edge) n1=$2; n2=$3; n3=$4; x1=$5; y1=$6;
shift 10
x2=$1; y2=$2
echo "set arrow $n from $x1,$y1 to $x2,$y2 nohead "
name=$3; x=$5; y=$6
echo "set label $name\" at $x, $y"
n=$(($n+1))
;;
esac
done
#echo "plot \"< echo '0 0'\""
echo "set nokey"
echo "unset tics"
echo "unset border"
echo "set xrange [ 0 : $width ]"
echo "set yrange [ 0 : $height ]"
echo "plot [0:$width] 0 with dot"
}
parse() {
echo
echo -e "\t\"$1\" [ $guestProps ]"
ETH=0
guest=$1
[ "$networks" == '""' -o -z "$networks" ] && return 0
set - $networks
for i; do
#set -x
net="$i"
comment=$(echo $net | cut -d '#' -f 2)
net=$(echo $net | cut -d '#' -f 1)
[ "$net" = "$comment" ] && comment=""
#net1=$(echo $net | sed -re 's/^.*NET_(.*)\(\$NET_.*\)$/\1/')
#net1=$(echo $net | sed -re 's/\$NET_([0-9G]+).*/\1/')
#net2=$(echo $net | sed -nre 's/.*NET_.*NET_(.*)\)$/\1/p')
net=$(echo $net | sed -re 's/.*NET_(.*)$/\1/')
[ "$net" = "G" ] && net=0
#net=$(computeEthLink $GUEST_NAME $net2)
#[ "$net1" = "G" ] && net1=0
#[ "$net2" = "G" ] && net2=0
#echo "$guest net:$net net1=$net1 net2=$net2" >&2
#read
#echo "net=$net."
#echo "comment=$comment"
#comment=""
#net=$net1
#[ -n "$net2" ] && net=$net2
case "$net" in
none) ;;
[0-9]*)
set +u
if [ -z "${switchs[$net]}" ]; then
switchs[$net]=1
props=$switchProps
if [ "$net" = "0" ]; then
props=$(echo $switchProps | sed -re 's,switch,internet,g')
props="$props label=\"Internet\",width=\"0\",height=\"0\""
else
props="$props width=\"0\",height=\"0\" label=\"$net\""
fi
echo -e "\t$net [ $props ]"
fi
set -u
echo -e "\t\"$guest\" -> $net [ taillabel=\"eth$ETH $comment\" $edgeProps ]"
;;
*) error "Eth error for $guest: $net"
esac
ETH=$(($ETH+1))
# ???
#[ -n "$net2" ] && {
# connects["$net1 -> $net2"]=1
#}
done
}
# main
declare -A connects
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
export PATH="$VDN_PATH/bin:$PATH"
. $VDN_PATH/allocators/$VDN_RESOURCES_ALLOCATOR
args "$@"
guestProps="shape=box style=solid color=lightgray"
#switchProps="shape=ellipse color=gray fontsize=8"
#switchProps="imagepath=\"$VDN_PATH/svg\", image=\"switch.svg\",width=\"100px\",height=\"100px\",imagepos=tc,fontsize=8,shape=none"
switchProps="fontsize=12 shape=none"
edgeProps="labeldistance=4.0 len=1.8 fontsize=12 fontcolor=gray arrowhead=none"
networkDir=$NETWORK_DIR
echo "Build graph ($NETWORK_DIR/graph.svgz). "
#IDENT=0; computeNetworks
dot1=`mktemp`
#set -x
guests="`find $NETWORK_DIR -maxdepth 1 -follow -name "*.conf" | sort -R | \
sed -re 's/^.*\/([^/]+).conf$/\1/'`"
{
echo "digraph {"
#echo "overlap=scale;"
#echo 'rankdir="LR"'
echo 'splines=true;'
echo 'nodesep=0.1;'
#echo '1 -> 2 [style="invis"]'
for i in $guests; do
#loadGuestVars $i
unset networks
set -a
GUEST_NAME=$i
GUEST_OWNER=$USER
. $NETWORK_DIR/$i.conf
set +a
networks="$NETWORKS"
#networks=$(vdn-config $i NETWORKS)
parse $i
done
for k in "${!connects[@]}"; do
echo "=> $k" >&2
echo "$k [ arrowhead=none ]"
done
echo "}"
} > $dot1
if [ $ASCII = 1 ]; then
# obsolete
#dot2=`mktemp`
#plain=`mktemp`
#gnuplot=`mktemp`
#cat $dot1 | sed -re 's/taillabel/label/g' \
# > $dot2
##graph-easy --renderer neato --as ascii $dot2
#graph-easy --as ascii $dot2
warning "ASCII = 1 is obsolete !"
#neato -Tplain $dot2 > $plain
#cat $plain | toGnuplot > $gnuplot
#gnuplot $gnuplot | sed -re 's/\.//g' | sed -re 's/[<>]/\./g' \
# | sed -re 's/\[/'`echo -e "\033"`'\[1m/g' \
# | sed -re 's/\]/'`echo -e "\033"`'\[22m/g'
#rm -f $dot2 $plain $gnuplot
else
neato -Tsvg $dot1 | iconv -t UTF-8 > $NETWORK_DIR/graph.svg
gzip $NETWORK_DIR/graph.svg
mv $NETWORK_DIR/graph.svg.gz $NETWORK_DIR/graph.svgz
echo "Done."
fi
#cp $dot1 /tmp/dot
rm -f $dot1

4127
vdn/bin/vdn-gui.rb
View File

File diff suppressed because it is too large Load Diff

91
vdn/bin/vdn-halt
Unescape View File

@ -0,0 +1,91 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` arrête le système (la sauvegarde est effectuée).
`synopsis`
-h : affiche cette aide
Retourne 1 en cas d'erreur.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
haltSystemTgz() {
local r=0
for i in 1 2 3; do
if vdn-alive $GUEST_NAME; then
echo "Save $GUEST_NAME..."
set +e
vdn-save $GUEST_NAME
r=$((r+$?))
set -e
if [ $? -eq 0 ]; then
break
fi
#sleep 1
fi
done
#sleep 2
if [ $r = 0 ]; then
vdn-kill $GUEST_NAME || error "Échec de l'arrêt de $GUEST_NAME"
else
return 1
fi
#return $r
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
loadGuestVars $GUEST_NAME
if [ ! -e $GUEST_PATH ]; then
error "Le système $GUEST_NAME n'existe pas !"
fi
case "$MODE" in
tgz|tgz2) haltSystemTgz;;
cow|direct|overlay) vdn-ssh root@$GUEST_NAME poweroff;;
*) error "Mode : \"$MODE\" invalide !";;
esac

50
vdn/bin/vdn-halt-all
Unescape View File

@ -0,0 +1,50 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` arrête les systèmes (la sauvegarde est effectuée).
`synopsis`
-h : affiche cette aide
Retourne 1 en cas d'erreur.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
for i in $(vdn-alives); do
vdn-halt $i
done

107
vdn/bin/vdn-infos
Unescape View File

@ -0,0 +1,107 @@
#!/usr/bin/env bash
set -eu
VAR=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system [variable]
EOF
}
help() {
cat << EOF
`basename $0` affiche des informations sur un système.
Si une variable est précisée, son contenu est affiché.
Exemple : `basename $0` societe PUBLIC_IP
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hr" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -gt 2 ] && usage
[ $# -lt 1 ] && usage
[ $# -eq 2 ] && VAR=$2
GUEST_NAME="$1"
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
. $VDN_PATH/allocators/$VDN_RESOURCES_ALLOCATOR
setGuestVars $GUEST_NAME
GUEST_OWNER=$USER
loadGuestVars $GUEST_NAME
PUBLIC_IP=$(computePublicIp $GUEST_NAME 0 || :)
MAC_0=$(computeMacAddr $GUEST_NAME 0)
if [ -z "$VAR" ]; then
cat <<-EOF
MODE=$MODE
GUEST_NAME=$GUEST_NAME
GUEST_PATH="$GUEST_PATH"
GUEST_SYS=$GUEST_SYS
EMULATOR="$EMULATOR"
MEMORY="$MEMORY"
HDA="$HDA"
AUFS_SIZE="$AUFS_SIZE" AUFS_FILE="$AUFS_FILE"
SWAP_SIZE="$SWAP_SIZE" SWAP_FILE="$SWAP_FILE"
SAVE_FILE="$SAVE_FILE"
NETWORKS="$NETWORKS"
SERVICES="$EXTRA_SERVICES"
REDIRS="$REDIRS"
PUBLIC_IP="$PUBLIC_IP"
MAC_0="$MAC_0"
EOF
if $VDN_PATH/bin/vdn-alive $GUEST_NAME; then
if [ -e $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs ]; then
echo
echo "Redirections :"
cat $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs
fi
fi
echo
echo "Dernières sauvegardes : "
[ -e $SAVE_FILE ] && du -h $SAVE_FILE || echo "Never saved"
if [ -n "$HDB" ]; then
[ -z "$SAVE_DIR_HDB" ] && SAVE_DIR_HDB=$SAVE_DIR || :
[ -e $SAVE_DIR_HDB/$HDB ] && du -h $SAVE_DIR_HDB/$HDB || echo "Never saved"
fi
echo
else
echo ${!VAR}
fi

83
vdn/bin/vdn-kill
Unescape View File

@ -0,0 +1,83 @@
#!/usr/bin/env bash
set -eu
QUIET=0
SILENT=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-q] [-s] system
EOF
}
help() {
cat << EOF
`basename $0` tue tous les processus associés au système.
`synopsis`
ATTENTION : cette action correspond à une coupure d'alimentation.
Dans le cas d'un système utilisant une union de systèmes de
fichiers, les modifications seront perdues !
-h : affiche cette aide
-q : n'affiche pas les PIDS des processus tué.
-s : pas d'erreur si le système n'est pas lancé.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hqs" opt; do
case $opt in
h) help; exit 0;;
q) QUIET=1;;
s) SILENT=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
killSystem() {
pids="$(ps -w -w ux | grep -E $GUEST_NAME[-]$USER | tr -s ' ' | cut -d ' ' -f 2)"
if [ -z "$pids" ]; then
if [ $SILENT = 1 ]; then
exit 0
fi
echo "Le système virtuel $GUEST_NAME.conf n'est pas lancé !" >&2
exit 1
fi
[ $QUIET = 0 ] && \
echo "Kill $GUEST_NAME: Suppression de(s) processus : "$pids
kill $pids 2> /dev/null
#rm -f $TMPDIR/vdn-vnc-$USER-$GUEST_NAME-fifo
rm -f $TMPDIR/vdn-vnc-$USER-$GUEST_NAME-raw-socket
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
killSystem

52
vdn/bin/vdn-kvm
Unescape View File

@ -0,0 +1,52 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` démarre VDN sous KVM.
`synopsis`
-h : affiche cette aide.
Remarque : vdn-kvm, en raison de la double virtualisation qu'il implique,
même correctement configuré (nested kvm), dégrade les performances,
notammentle démarrage, d'environ un facteur 5.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
qemu-system-x86_64 -smp 8 -enable-kvm -cpu host -device virtio-rng-pci,rng=rng0 \
-object rng-random,filename=/dev/urandom,id=rng0 \
-pidfile $TMPDIR/vdn-DebianBuster-amd64-$USER-pid -rtc base=localtime -m 2G \
-boot order=c -drive file=$VDN_PATH/files/DebianBuster-amd64.disk,if=virtio,format=raw

47
vdn/bin/vdn-list
Unescape View File

@ -0,0 +1,47 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` affiche la liste des systèmes.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
l="`ls $NETWORK_DIR/*.conf 2> /dev/null | sort -n`"
#echo "# network: $NETWORK_DIR"
for i in $l; do
echo $(basename $i .conf)
done

55
vdn/bin/vdn-list-networks
Unescape View File

@ -0,0 +1,55 @@
#!/usr/bin/env bash
set -eu
ONLY_BUILD=0
synopsis() {
cat << EOF
Usage : `basename $0` [-b] [-h]
EOF
}
help() {
cat << EOF
`basename $0` affiche la liste des réseaux.
`synopsis`
-h : affiche cette aide
-b : seulement ceux possédant un script build.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hb" opt; do
case $opt in
h) help; exit 0;;
b) ONLY_BUILD=1;;
?) usage;;
esac
done
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ -z "NETWORK_DIR" ] && error "NETWORK_DIR not set !" || :
if [ $ONLY_BUILD = 1 ]; then
( cd $VDN_NETWORKS_BASE_DIR; find -maxdepth 2 -type f -name "build" -exec dirname {} \; | grep -v '^\.$' | sed -re 's/^..//' | sort )
else
( cd $VDN_NETWORKS_BASE_DIR; find -maxdepth 1 -type d -exec basename {} \; | grep -v '^\.$' |sort )
fi

80
vdn/bin/vdn-manage-backups
Unescape View File

@ -0,0 +1,80 @@
#!/bin/bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` gestion des sauvegardes des systèmes.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage
return 0
}
manage() {
L=$(find $SAVE_PATH -type f -ls | sort -n -k 2 | tr -s ' ' | cut -d ' ' -f 12)
[ -z "$L" ] && { echo "Aucune sauvegarde !" >&2; sleep 3; exit 0; } || :
for i in $L; do du -h $i; done
echo
echo "total : $(du -sh $SAVE_PATH)"
echo
[ -x /usr/bin/quota ] && { quota -v; echo; } || :
echo "Remarques :"
echo
echo "pour retrouver l'aspect creux d'un fichier cow :"
echo "virt-sparsify --in-place fichier.cow"
echo
echo "pour inspecter le contenu d'une archive tgz :"
echo "tar tvf fichier.tgz"
echo
echo "Pour supprimer un fichier :"
echo "rm fichier"
echo
#echo "Tapez exit (ou CTRL D) pour quitter ce shell"
#echo
#cd /tmp; PS1="exit (or CTRL D) to quit $ " bash --noprofile --norc -i
#/bin/bash
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
#set -x
manage

65
vdn/bin/vdn-manage-files
Unescape View File

@ -0,0 +1,65 @@
#!/bin/bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` gestion des fichiers (disques, noyau/initramfs, ...).
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage
return 0
}
manage() {
cd $VDN_PATH/files
du -h * | sort -h
echo
echo "Pour supprimer un fichier :"
echo "rm fichier"
echo
#echo "Tapez exit (ou CTRL D) pour quitter ce shell"
#echo
#cd /tmp; PS1="exit (or CTRL D) to quit $ " bash --noprofile --norc -i
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
#set -x
manage

166
vdn/bin/vdn-mount-chroot
Unescape View File

@ -0,0 +1,166 @@
#!/usr/bin/env bash
set -eu
#set -x
FOR_ROOT=0
USE_SUDO=0
UMOUNT=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-r] [-i user] [-s] [-u]
EOF
}
help() {
cat << EOF
`basename $0` exécute VDN dans un environnement chroot en utilisant le disque :
$VDN_DISK_ENV
* Le mot de passe root vous sera demandé !
AVERTISSEMENTS :
1. Cette commande n'a pas vocation à être exécutée manuellement.
2. Quelques opérations sous root sont effectuées (montages, chroot,
démontages). Pour que le démontage se fasse correctement, fermez toutes
les fénêtres et processus de l'environnement chroot (VDN).
3. L'isolation entre le système initial et le système chrooté n'est pas
totale. Les répertoires suivants du système initial sont partagés :
/home, /etc, /dev, /dev/pts, /sys, /proc, /tmp.
Autrement dit, ne faites pas n'importe quoi avec ces répertoires, ce
sont ceux de votre système.
`synopsis`
-h : affiche cette aide.
-r : (réservé) exécution spécifique à l'utilisateur root. Ne pas utiliser
directement sans savoir ce que vous faites !
-s : utilise "sudo" plutôt que "su -" pour basculer sous le compte root.
-i user : (réservé) indique l'utilisateur pour l'option -r. Ne pas utiliser
directement sans savoir ce que vous faites !
-u : démontages seulement.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hrsi:u" opt; do
case $opt in
h) help; exit 0;;
r) FOR_ROOT=1;;
s) USE_SUDO=1;;
i) USER="$OPTARG";;
u) UMOUNT=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
vdnMountChrootForRoot() {
disp=$(cat $TMPDIR/vdn-display-$USER)
d=$TMPDIR/vdn-chroot-$USER;
if [ $UMOUNT = 0 ]; then
mount | grep -q $d || mount -o loop,offset=$((2048*512)) $DISK $d
for i in /dev /dev/pts /sys /proc /tmp /etc; do
mount | grep -q $d$i || { mount --bind $i $d$i; }
done
mount --rbind /home $d/home
chroot $d su - --session-command \
"export DISPLAY=:"$disp"; export RUN_IN_CHROOT=1; \
export VDN_DISK_ENV=$VDN_DISK_ENV; \
export LANGUAGE=C.UTF-8; \
export LANG=C.UTF-8; \
export LC_ALL=C.UTF-8; \
$VDN_PATH/bin/vdn -n" $USER || :
fi
mount | grep -q $d/home && { umount -l $d/home; } || :
for i in /proc /sys /dev/pts /dev /etc /tmp; do
mount | grep -q $d$i && { umount $d$i || { umount -l $d$i; } ; } || :
done
mount | grep -q $d && { umount $d || umount -l $d; } || :
mount | grep $d
}
vdnMountChroot() {
d=$TMPDIR/vdn-chroot-$USER; [ ! -d $d ] && mkdir $d || :
if [ $UMOUNT = 0 ]; then
# get display
(rm -f $TMPDIR/vdn-display-$USER; umask 077 ; touch $TMPDIR/vdn-display-$USER)
DISP=$(echo $DISPLAY | cut -d ':' -f 2 | cut -d '.' -f 1)
echo $DISPLAY | cut -d ':' -f 2 >> $TMPDIR/vdn-display-$USER
fi
if [ $USE_SUDO = 0 ]; then
echo "Le mot de passe demandé est celui de l'administrateur (root)"
if [ $UMOUNT = 0 ]; then
su - -c "$VDN_PATH/bin/vdn-mount-chroot -r -i $USER"
else
su - -c "$VDN_PATH/bin/vdn-mount-chroot -r -i $USER -u"
fi
else
if [ $UMOUNT = 0 ]; then
sudo $VDN_PATH/bin/vdn-mount-chroot -r -i $USER
else
sudo $VDN_PATH/bin/vdn-mount-chroot -r -i $USER -u
fi
fi
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
export VDN_DISK_ENV="DebianBuster-amd64-env.disk"
export VDN_DISK_NAME="DebianBuster-amd64.disk"
[ ! -e $VDN_PATH/files/$VDN_DISK_ENV ] && VDN_DISK_ENV=$VDN_DISK_NAME || :
DISK=$VDN_PATH/files/$VDN_DISK_ENV
[ ! -e $DISK ] && error "$DISK not found !" || :
if [ ! -w $DISK ]; then
error "$DISK doit être accessible à l'utilisateur en écriture !"
fi
args "$@"
if [ $FOR_ROOT = 1 ];then
vdnMountChrootForRoot
else
vdnMountChroot
fi

190
vdn/bin/vdn-mount-chroot.bak
Unescape View File

@ -0,0 +1,190 @@
#!/usr/bin/env bash
set -eu
#set -x
DISK_NAME="DebianBuster-amd64.disk"
FOR_ROOT=0
USE_SUDO=0
UMOUNT=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-r] [-i user] [-s] [-u]
EOF
}
help() {
cat << EOF
`basename $0` exécute VDN dans un environnement chroot en utilisant le disque :
$DISK
* Le mot de passe root vous sera demandé !
AVERTISSEMENTS :
1. de nombreuses opérations sous root sont effectuées (montages, chroot,
démontages). Pour que le démontage se fasse correctement, fermez toutes
les fénêtres et processus de l'environnement chroot (VDN).
2. L'isolation entre le système initial et le système chrooté n'est pas
totale. Les répertoires suivants du système initial sont partagés :
/dev, /dev/pts, /sys, /proc, /tmp et /home/$USER.
Autrement dit, ne faites pas n'importe quoi avec ces répertoires, ce
sont ceux de votre système.
`synopsis`
-h : affiche cette aide.
-r : (réservé) exécution spécifique à l'utilisateur root. Ne pas utiliser
directement sans savoir ce que vous faites !
-s : utilise "sudo" plutôt que "su -" pour basculer sous le compte root.
-i user : (réservé) indique l'utilisateur pour l'option -r. Ne pas utiliser
directement sans savoir ce que vous faites !
-u : démontages seulement.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hrsi:u" opt; do
case $opt in
h) help; exit 0;;
r) FOR_ROOT=1;;
s) USE_SUDO=1;;
i) USER="$OPTARG";;
u) UMOUNT=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
vdnMountChrootForRoot() {
#key="$(cat $TMPDIR/vdn-key-$USER)"
disp=$(cat $TMPDIR/vdn-display-$USER)
echo "USER:$USER"
d=$TMPDIR/vdn-chroot-$USER;
if [ $UMOUNT = 0 ]; then
mount | grep -q $d || mount -o loop,offset=$((2048*512)) $DISK $d
for i in /dev /dev/pts /sys /proc /tmp /etc; do
mount | grep -q $d$i || { mount --bind $i $d$i; }
done
#mount --bind $VDN_PATH $d/home/test/vdn
mount --rbind /home $d/home
#mount | grep $d
#chroot $d su - -s /bin/bash -c "export DISPLAY=":"$disp; \
#unset XAUTHORITY; rm -rf /home/test/.config/xfce4-session; \
#rm -rf /home/test/.config/xfce4/terminal/; \
#xauth add \$DISPLAY . $key; \
#export NO_AT_BRIDGE=1; \
#xfce4-terminal --disable-server # 2> /dev/null;" test
whoami
ls -l $VDN_PATH/bin/vdn
#chroot $d su - $VDN_PATH/bin/vdn $USER
chroot $d su - --session-command "export DISPLAY=:"$disp"; $VDN_PATH/bin/vdn" $USER || :
#chroot $d su - -s /bin/bash -c "export DISPLAY=":"$disp; \
#xfce4-terminal --disable-server # 2> /dev/null;" $USER
fi
for i in /tmp /proc /sys /dev/pts /dev /etc; do
mount | grep -q $d$i && { umount $d$i || { echo "umount lazy : $d$i"; umount -l $d$i; } ; } || :
done
fuser -mv $d/home
mount | grep -q $d/home && { umount -l $d/home; } || :
sleep 1
mount | grep -q $d && { umount $d || umount -l $d; } || :
mount | grep $d
}
vdnMountChroot() {
d=$TMPDIR/vdn-chroot-$USER; [ ! -d $d ] && mkdir $d || :
if [ $UMOUNT = 0 ]; then
# get display
(rm -f $TMPDIR/vdn-display-$USER; umask 077 ; touch $TMPDIR/vdn-display-$USER)
DISP=$(echo $DISPLAY | cut -d ':' -f 2 | cut -d '.' -f 1)
echo $DISPLAY | cut -d ':' -f 2 >> $TMPDIR/vdn-display-$USER
# get xauth key
#key=$(xauth list| grep $(uname -n) | grep $DISP | tail -n 1 | tr -s ' ' | cut -d ' ' -f 3)
#[ -n "$key" ] || error "Xauth key is empty !"
#echo $key | egrep -q '^[[:xdigit:]]+$' || error "Bad xauth key ($key) !"
#(rm -f $TMPDIR/vdn-key-$USER; umask 077 ; touch $TMPDIR/vdn-key-$USER)
#echo $key >> $TMPDIR/vdn-key-$USER
fi
if [ $USE_SUDO = 0 ]; then
echo "Le mot de passe demandé est celui de l'administrateur (root)"
if [ $UMOUNT = 0 ]; then
su - -c "$VDN_PATH/bin/vdn-mount-chroot -r -i $USER"
else
su - -c "$VDN_PATH/bin/vdn-mount-chroot -r -i $USER -u"
fi
else
if [ $UMOUNT = 0 ]; then
sudo $VDN_PATH/bin/vdn-mount-chroot -r -i $USER
else
sudo $VDN_PATH/bin/vdn-mount-chroot -r -i $USER -u
fi
fi
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
DISK=$VDN_PATH/files/$DISK_NAME
[ ! -e $DISK ] && error "$DISK not found !" || :
if [ ! -w $DISK ]; then
error "$DISK doit être accessible à l'utilisateur en écriture !"
fi
args "$@"
if [ $FOR_ROOT = 1 ];then
vdnMountChrootForRoot
else
vdnMountChroot
fi

68
vdn/bin/vdn-new-network
Unescape View File

@ -0,0 +1,68 @@
#!/usr/bin/env bash
#set -x
NEW=""
networkName=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [newNetworkName]
EOF
}
help() {
cat << EOF
`basename $0` crée un réseau vide.
`synopsis`
-h : affiche cette aide.
Si newNetworkName n'est pas précisé, il sera demandé sur l'entrée standard.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -eq 1 ] && { NEW=$1; shift; }
[ $# -ne 0 ] && usage;
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
while [ -z "$NEW" ]; do
echo -n "Nom destination : "
read NEW
done
new=$(dirname $NETWORK_DIR)/$NEW
[ -e $new ] && error "Le réseau $NEW existe déja !" || :
mkdir $new
cp $VDN_PATH/build-template $new/build
cp $VDN_PATH/net-template.svgz $new/net.svgz
mkdir $new/scripts
vdn-build-network $new

82
vdn/bin/vdn-open-network
Unescape View File

@ -0,0 +1,82 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] networkDir
EOF
}
help() {
cat << EOF
`basename $0` définit le réseau courant. (fixe la variable i
NETWORK_DIR du fichier ~/.vdnrc).
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage;
DIR=$1
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
if [ ! -d "$DIR" ]; then
if [ ! -d $VDN_PATH/networks/$DIR ]; then
error "Network $DIR not found"
else
DIR=$VDN_PATH/networks/$DIR
fi
fi
if [ ! -e ~/.vdnrc ]; then
cat <<EOF > ~/.vdnrc
#!/bin/bash
# Chemin du répertoire associé au réseau
NETWORK_DIR="$DIR"
EOF
else
if grep -q 'NETWORK_DIR' ~/.vdnrc; then
tmp=`mktemp`
cat ~/.vdnrc | \
sed -re 's,^NETWORK_DIR=.*$,NETWORK_DIR="'$DIR'",' > $tmp
mv $tmp ~/.vdnrc
else
cat <<EOF >> ~/.vdnrc
# Chemin du répertoire associé au réseau
NETWORK_DIR="$DIR"
EOF
fi
fi

85
vdn/bin/vdn-prepare
Unescape View File

@ -0,0 +1,85 @@
#!/usr/bin/env bash
set -eu
OPTS=""
TEST=0
synopsis() {
cat << EOF
Usage :
`basename $0` [-h] [-f] [-t]
`basename $0` list
EOF
}
help() {
cat << EOF
`basename $0` : installe les logiciels nécessaires à l'utilisation de vdn.
`synopsis`
-h : affiche cette aide
-f : force l'installation des paquets : pas de demande de confirmation.
-t : test l'installation (code de retour à 1 si logiciels manquants).
`basename $0` list : affiche la liste des distributions sur lesquelles VDN
est porté.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hft" opt; do
case $opt in
h) help; exit 0;;
f) OPTS="-y";;
t) TEST=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
[ $# -ge 1 ] && [ "$1" = "list" ] && {
cd $VDN_PATH/distribs/hosts
find . -mindepth 2 -type d | sed -re 's,^\./,,'
exit
}
args $@
[ ! -d $VDN_PATH/distribs/hosts/$HOST_RELEASE ] && {
echo "VDN n'est pas porté pour la distribution $HOST_RELEASE !" >&2
echo "Consultez les FAQ.">&2
exit 1
}
source $VDN_PATH/distribs/hosts/$HOST_RELEASE/prepare.sh
if [ $TEST = 1 ]; then
testInstallDebian
exit
fi
ID=$(id -u -n)
[ $ID != root ] && error "Installation réservée à l'administrateur"
PATH="$PATH:/usr/local/sbin:/usr/sbin:/sbin"
runInstall $OPTS

86
vdn/bin/vdn-prepare1
Unescape View File

@ -0,0 +1,86 @@
#!/usr/bin/env bash
set -eu
set -x
OPTS=""
TEST=0
synopsis() {
cat << EOF
Usage :
`basename $0` [-h] [-f] [-t]
`basename $0` list
EOF
}
help() {
cat << EOF
`basename $0` : installe les logiciels nécessaires à l'utilisation de vdn.
`synopsis`
-h : affiche cette aide
-f : force l'installation des paquets : pas de demande de confirmation.
-t : test l'installation (code de retour à 1 si logiciels manquants).
`basename $0` list : affiche la liste des distributions sur lesquelles VDN
est porté.
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hft" opt; do
case $opt in
h) help; exit 0;;
f) OPTS="-y";;
t) TEST=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 0 ] && usage || :
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
[ $# -ge 1 ] && [ "$1" = "list" ] && {
cd $VDN_PATH/distribs/hosts
find . -mindepth 2 -type d | sed -re 's,^\./,,'
exit
}
args $@
[ ! -d $VDN_PATH/distribs/hosts/$HOST_RELEASE ] && {
echo "VDN n'est pas porté pour la distribution $HOST_RELEASE !" >&2
echo "Consultez les FAQ.">&2
exit 1
}
source $VDN_PATH/distribs/hosts/$HOST_RELEASE/prepare.sh
if [ $TEST = 1 ]; then
testInstallDebian
exit
fi
ID=$(id -u -n)
[ $ID != root ] && error "Installation réservée à l'administrateur"
PATH="$PATH:/usr/local/sbin:/usr/sbin:/sbin"
runInstall $OPTS

98
vdn/bin/vdn-publish-network
Unescape View File

@ -0,0 +1,98 @@
#!/usr/bin/env bash
set -eu
FORCE=0
DRY=0
SYSTEMS=""
synopsis() {
cat << EOF
Usage : `basename $0` [-hdf] [network]
EOF
}
help() {
cat << EOF
`basename $0` dépose le réseau sur le serveur.
`synopsis`
Le réseau est "zipé" et est déposé sur le serveur via scp.
Pour cela, la variable SSH_REPOSITORY doit avoir été fixée dans votre
fichier \$HOME/.vdnrc. Exemple :
SSH_REPOSITORY="toto@truc.bidule.org:public_html/files"
Remarque : les fichiers "*.disk" sont préalablement compressés (.gz).
-h : affiche cette aide
-d : dry run
-f : force : pas de demande de confirmation !
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hdf" opt; do
case $opt in
h) help; exit 0;;
d) DRY=1;;
f) FORCE=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -gt 1 ] && usage
[ $# = 1 ] && NETWORK=$1 || :
}
publishNetwork() {
echo publish $1
d=$(dirname $1)
b=$(basename $1)
rm -f $TMPDIR/$b.zip
(cd $d; umask 077 && zip --exclude \*.conf -r $TMPDIR/$b.zip $b)
ls -l $TMPDIR/$b.zip
if [ -z "$SSH_REPOSITORY" ]; then
error "SSH_REPOSITORY est vide"
fi
if [ $DRY = 0 ]; then
if [ $FORCE = 0 ]; then
request "Publish to $SSH_REPOSITORY ? :"
fi
scp $TMPDIR/$b.zip $SSH_REPOSITORY
fi
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
NETWORK=$NETWORK_DIR
args "$@"
[ -z "$NETWORK" ] && usage
publishNetwork $NETWORK

39
vdn/bin/vdn-push
Unescape View File

@ -0,0 +1,39 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0`
EOF
}
help() {
cat << EOF
`basename $0` effectue un git push de VDN.
`synopsis`
EOF
}
usage() {
synopsis
exit 1
}
args() {
[ $# -ne 0 ] && usage
return 0
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
git push vdn@opale.iut-clermont.uca.fr:public_html/vdn/git/vdn.git

102
vdn/bin/vdn-query
Unescape View File

@ -0,0 +1,102 @@
#!/bin/bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] request [arg...] host
requests :
REDIR proto port : proto : tcp/udp, port : port à rediriger
LOCAL_USER_NUM : numéro local de l'utilisateur sur la machine (%32)
PUBLIC_IP N # N : public IP NUMBER
MAC_ADDR N # N : network interface NUMBER
ETH_LINK N # N : Ethernet link NUMBER
EOF
}
help() {
cat << EOF
`basename $0` affiche des infos sur host.network.user.vdn
La machine n'a pas besoin d'être démarrée (infos statiques)
Pour obtenir des infos dynamiques (redirection de ports) voir
vdn-infos
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -lt 2 ] && usage;
req=$1
shift
reqArgs=""
while [ $# -gt 1 ]; do
reqArgs="$reqArgs $1"
shift
done
[ "$reqArgs" = "" ] && reqArgs=0
host=$1
if [ $host = current ]; then
set +u
[ -z "$GUEST_NAME" ] && error "You can't user current in this context !"
set -u
host=$GUEST_NAME
fi
}
all() {
echo "REDIR $(reqArgs) : $(computeRedir $host $reqArgs)"
echo "LOCAL_USER_NUM: $(computePublicIp $host $reqArgs)"
echo "PUBLIC_IP: $(computePublicIp $host $reqArgs)"
echo "MAC_ADDR: $(computeMacAddr $host $reqArgs)"
echo "ETH_LINK: $(computeEthLink $host $reqArgs)"
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
#set -x
args "$@"
. $VDN_PATH/allocators/$VDN_RESOURCES_ALLOCATOR
case "$req" in
REDIR) computeRedir $host $reqArgs;;
LOCAL_USER_NUM) computeLocalUser $host $reqArgs;;
PUBLIC_IP) computePublicIp $host $reqArgs;;
MAC_ADDR) computeMacAddr $host $reqArgs;;
ETH_LINK) computeEthLink $host $reqArgs;;
all) all;;
*) usage;;
esac

58
vdn/bin/vdn-restart
Unescape View File

@ -0,0 +1,58 @@
#!/usr/bin/env bash
set -eu
set -x
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` system : vdn-shalt suivi de vdn-start.
`synopsis`
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "gh" opt; do
case $opt in
h) help; exit 0;;
g) ;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
if vdn-alive $GUEST_NAME; then
vdn-halt $GUEST_NAME || error "can't halt $GUEST_NAME"
sleep 2
fi
echo "vdn-restart start : $@"
vdn-start $@

99
vdn/bin/vdn-restore-extra-eth
Unescape View File

@ -0,0 +1,99 @@
#!/usr/bin/env bash
set -eu
VAR=""
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` restaure l'état de l'interface suppémentaire utilisée pour
joindre la machine virtuelle (précisée en argument).
Exemple : `basename $0` bigboss
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
setGuestVars $GUEST_NAME
GUEST_OWNER=$USER
loadGuestVars $GUEST_NAME
vdn-infos $GUEST_NAME GUEST_NAME > /dev/null || exit 1
if ! $VDN_PATH/bin/vdn-alive $GUEST_NAME; then
error "Le système $GUEST_NAME n'est pas démarré !"
fi
[ ! -e $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-serial ] && \
error "$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-serial not found !"
echo "ok"
CMD="
stty -echo
PS1=
ls /tmp
iptables -F
iptables -F -t nat
iptables -L
iptables -L -t nat
eth=\$(ip a | egrep '^[0-9]+:' | sed -re 's/^.*(eth[0-9]+).*$/\1/' | tail -n 1)
echo eth=\$eth
ip a flush \$eth
dhclient \$eth
ip a show dev \$eth
ip a show dev \$eth | grep -q 10.0.2.15 && echo ok || echo ERROR
"
#echo socat STDIO UNIX-CLIENT:$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-serial
(echo "$CMD"; sleep 1) | socat STDIO UNIX-CLIENT:$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-serial
echo
#echo "$CMD" | socat STDIO UNIX-CLIENT:$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-serial
#socat STDIO UNIX-CLIENT:$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-serial
#cat << EOF | socat STDIO UNIX-CLIENT:$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-serial
#ip a | egrep '^[0-9]+:' | sed -re 's/^.*(eth[0-9]+).*$/\1/' | tail -n 1"
#EOF

100
vdn/bin/vdn-save
Unescape View File

@ -0,0 +1,100 @@
#!/usr/bin/env bash
set -eu
#set -x
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` sauvegarde le système.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
saveSystem() {
o="$SAVE_FILE"
n="$SAVE_FILE.tmp.tgz"
d="$(dirname $n)"
[ ! -d $d ] && mkdir -p $d
set +e
( umask 077 && vdn-ssh root@$GUEST_NAME "/etc/vdn/save" > $n )
r=$?
set -e
if [ $r = 0 ]; then
mv $n $o
resizeMultipleOf512 $o
r=$?
fi
return $r
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
loadGuestVars $GUEST_NAME
case $MODE in
tgz|tgz2) ;;
*|overlay) exit 0;;
esac
if [ ! -e $GUEST_PATH ]; then
error "Le système $GUEST_NAME n'existe pas !"
fi
#vdn-ssh root@$GUEST_NAME echo > /dev/null || error "Can't connect to $GUEST_NAME"
cmd=saveSystem
if $cmd ; then
s=$(du -h $SAVE_FILE | tr '\t' ' ' | cut -d ' ' -f 1)
echo "Sauvegarde $SAVE_FILE effectuée ($s) !"
exit 0
else
echo "vdn-save ($GUEST_NAME) : Échec de la sauvegarde !" >&2
exit 1
fi

115
vdn/bin/vdn-scp
Unescape View File

@ -0,0 +1,115 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [option...] src dst
EOF
}
help() {
cat << EOF
`basename $0` effectue un scp à partir ou à destination d'un système virtuel.
`synopsis`
-h : affiche cette aide
Les options autorisées sont celles de scp(1).
Exemple :
# Copie de l'hôte vers la machine virtuelle
# /etc/passwd de l'hôte vers /tmp de la machine virtuelle
vdn-scp /etc/passwd test@vm-1:/tmp
# Copie de la machine virtuelle vers l'hôte
# /etc/passwd de la machine virtuelle vers /tmp de l'hôte
vdn-scp test@vm-1:/etc/passwd /tmp
EOF
}
usage() {
synopsis
exit 1
}
args() {
opts=""
[ $# -eq 1 -a "$1" = "-h" ] && { help; exit 0; }
while [ $# -gt 2 ]; do
if [ "$1" = "-h" ]; then help; exit 0; fi
opts="$opts $1"
shift
done
LOGIN="${USER}@"
GUEST_NAME=""
for i in 1 2; do
reg=':'
if [[ "$1" =~ "$reg" ]]; then
user=`echo $1 | cut -d ':' -f 1`
path=`echo $1 | cut -d ':' -f 2`
LOGIN="${USER}@"
GUEST_NAME="$user"
reg="@"
if [[ "$user" =~ "$reg" ]]; then
LOGIN=`echo $user | cut -d '@' -f 1`@
GUEST_NAME=`echo $user | cut -d '@' -f 2`
fi
path="${LOGIN}localhost:$path"
else
path="$1"
fi
[ $i -eq 1 ] && src="$path" || dst="$path"
shift
done
#echo "opts=$opts src=$src dst=$dst GUEST_NAME=$GUEST_NAME"
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ -z "$GUEST_NAME" ] && usage
#setGuestVars $GUEST_NAME
#loadGuestVars $GUEST_NAME
[ ! -e $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs ] &&
error "Impossible de joindre $GUEST_NAME"
SSH_REDIR_PORT=`cat $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs | \
sed -rne 's/^tcp:([0-9]+):22(:|$).*$/\1/p'`
[ -z "$SSH_REDIR_PORT" ] && error "Impossible de joindre $GUEST_NAME"
if [ -z "$SSH_REDIR_PORT" ]; then
error "Aucune redirection vers le port 22 du système $GUEST_NAME !"
exit 1
fi
SSH_MASTER=""
[ $SSH_GUEST_MASTER = 1 ] && {
sshGuestControlMaster
SSH_MASTER="-o ControlPath=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-guest-%r@%h:%p"
}
scp $SSH_MASTER $SCP_OPTS $opts -P $SSH_REDIR_PORT $src $dst

227
vdn/bin/vdn-scripts
Unescape View File

@ -0,0 +1,227 @@
#!/usr/bin/env bash
set -eu
#set -x
export READ=${READ:-0}
DOC=0
VDN_TRACE=${VDN_TRACE:-0}
EDIT=0
export PAUSE=${PAUSE:-0}
export IN_PARALLEL=${IN_PARALLEL:-0}
set +u
export FORCE_SEQUENTIAL=${FORCE_SEQUENTIAL:-0}
set -u
export PAUSE_IF_ERROR=0
export VDN_TRACE
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-r] [-n] [-d] [-t] script1...
EOF
}
help() {
cat << EOF
`basename $0` exécute les scripts du réseau.
`synopsis`
-h : affiche cette aide.
-d : n'exécute pas le script mais affiche sa description.
-e : édite le script.
-n : pas de pause à l'issue du script.
-t : trace l'exécution des commandes effectuées (debug)
-r : attendre la touche "Entrée" pour terminer
-s : force l'exécution séquentielle des scripts."
-w : attendre si erreur
Cette commande, après avoir fixé quelques variables et
quelques fonctions appelle les scripts du réseau.
Remarque : si la variable d'environnement RUN_PARALLEL est fixée à 1 (cf.
~/.vdnrc) alors si plusieurs scripts sont précisés en arguments ils sont
exécutés en parallèle (via tmuxinator).
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "dehrnpstw" opt; do
case $opt in
h) help; exit 0;;
d) DOC=1;;
e) EDIT=1;;
r) READ=1;;
t) VDN_TRACE=1;;
n) PAUSE=0;;
p) PAUSE=1;;
w) PAUSE_IF_ERROR=1;;
s) FORCE_SEQUENTIAL=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
SCRIPTS="$@"
}
realSeq() {
# in sequential
#export IN_PARALLEL=0
set +e
r=0
local SYSTEMS=$(vdn-list | grep -v '^#')
#echo '°°°°'
#ps
#echo '°°°°'
runSequential $SCRIPTS || r=$?
#echo '°°°°'
#ps
#echo '°°°°'
set -e
#if [ $r -ne 0 -a $VDN_SCRIPTS_LEVEL = 1 ]; then
# error "$r"
#
#fi
#pause
return $r
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
. $VDN_PATH/bin/functions-scripts.sh
args "$@"
#echo '0000'
# ps
#echo 'OOOO'
export VDN_PATH
export PATH="$VDN_PATH/bin:$PATH"
#echo "fake script..."
export READ
. $VDN_PATH/bin/functions-scripts.sh
cd $NETWORK_DIR/scripts
if [ $DOC = 1 ]; then
for i in $SCRIPTS; do
. ./$i
echo "$i $DESC"
done
exit
fi
if [ $EDIT = 1 ]; then
set +u
[ -z "$EDITOR" ] && export EDITOR="vi"
set -u
$EDITOR $SCRIPTS
exit
fi
[ $VDN_DEBUG = 1 ] && set -x
set +u
[ -z "$VDN_SCRIPTS_LEVEL" ] && export VDN_SCRIPTS_LEVEL=0 || :
set -u
VDN_SCRIPTS_LEVEL=$((VDN_SCRIPTS_LEVEL+1))
#if [ $VDN_SCRIPTS_LEVEL = 1 ]; then
# if canRunParallel $SCRIPTS; then
# nothing=0
# fi
#fi
#echo "FORCE_SEQ:$FORCE_SEQUENTIAL"
#echo "RUN_PARALLEL=$RUN_PARALLEL"
#sleep 2
#set -x
#set -x
#export IN_PARALLEL=1
#set -x
#set +u
#echo "SCRIPTS:$SCRIPTS DISABLE_SCAN:$DISABLE_SCAN"
#set -u
if [ $VDN_SCRIPTS_LEVEL = 1 ]; then
#echo "RESET ERRORS"
errors=0
success=0
fi
if canRunParallel $SCRIPTS && [ "$FORCE_SEQUENTIAL" = 0 ]; then
# in parallel
#echo "Run parallel ($SCRIPTS)."
export IN_PARALLEL=1
set +u
set -u
#set -x
#parallelDisablePause
if [ $(echo "$SCRIPTS" | wc -w) -gt 1 ]; then
#echo "=== PARALLEL" >&2
export IN_PARALLEL=1
runParallel $SCRIPTS
r=$?
else
export IN_PARALLEL=0
r=0
#echo "=== SEQ" >&2
realSeq $SCRIPTS || { r=$?; }
#pause
fi
else
#echo "=== SEQ2" >&2
export IN_PARALLEL=0
r=0
realSeq $SCRIPTS || { r=$?; }
fi
pause
#echo "vdn-script: return : r:$r"
exit $r

215
vdn/bin/vdn-scripts.old
Unescape View File

@ -0,0 +1,215 @@
#!/usr/bin/env bash
set -eu
#set -x
export READ=${READ:-0}
DOC=0
VDN_TRACE=${VDN_TRACE:-0}
EDIT=0
export PAUSE=${PAUSE:-0}
set +u
export FORCE_SEQUENTIAL=${FORCE_SEQUENTIAL:-0}
set -u
export PAUSE_IF_ERROR=0
export VDN_TRACE
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-r] [-n] [-d] [-t] script1...
EOF
}
help() {
cat << EOF
`basename $0` exécute les scripts du réseau.
`synopsis`
-h : affiche cette aide.
-d : n'exécute pas le script mais affiche sa description.
-e : édite le script.
-n : pas de pause à l'issue du script.
-t : trace l'exécution des commandes effectuées (debug)
-r : attendre la touche "Entrée" pour terminer
-s : force l'exécution séquentielle des scripts."
-w : attendre si erreur
Cette commande, après avoir fixé quelques variables et
quelques fonctions appelle les scripts du réseau.
Remarque : si la variable d'environnement RUN_PARALLEL est fixée à 1 (cf.
~/.vdnrc) alors si plusieurs scripts sont précisés en arguments ils sont
exécutés en parallèle (via tmuxinator).
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "dehrnpstw" opt; do
case $opt in
h) help; exit 0;;
d) DOC=1;;
e) EDIT=1;;
r) READ=1;;
t) VDN_TRACE=1;;
n) PAUSE=0;;
p) PAUSE=1;;
w) PAUSE_IF_ERROR=1;;
s) FORCE_SEQUENTIAL=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
SCRIPTS="$@"
}
realSeq() {
# in sequential
#export IN_PARALLEL=0
set +e
r=0
local SYSTEMS=$(vdn-list | grep -v '^#')
runSequential $SCRIPTS || r=$?
set -e
#if [ $r -ne 0 -a $VDN_SCRIPTS_LEVEL = 1 ]; then
# error "$r"
#
#fi
#pause
return $r
}
# main
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
. $VDN_PATH/bin/functions-scripts.sh
args "$@"
export VDN_PATH
export PATH="$VDN_PATH/bin:$PATH"
export READ
. $VDN_PATH/bin/functions-scripts.sh
cd $NETWORK_DIR/scripts
if [ $DOC = 1 ]; then
for i in $SCRIPTS; do
. ./$i
echo "$i $DESC"
done
exit
fi
if [ $EDIT = 1 ]; then
set +u
[ -z "$EDITOR" ] && export EDITOR="vi"
set -u
$EDITOR $SCRIPTS
exit
fi
[ $VDN_DEBUG = 1 ] && set -x
set +u
[ -z "$VDN_SCRIPTS_LEVEL" ] && export VDN_SCRIPTS_LEVEL=0 || :
set -u
VDN_SCRIPTS_LEVEL=$((VDN_SCRIPTS_LEVEL+1))
#if [ $VDN_SCRIPTS_LEVEL = 1 ]; then
# if canRunParallel $SCRIPTS; then
# nothing=0
# fi
#fi
#echo "FORCE_SEQ:$FORCE_SEQUENTIAL"
#echo "RUN_PARALLEL=$RUN_PARALLEL"
#sleep 2
#set -x
#set -x
#export IN_PARALLEL=1
#set -x
#set +u
#echo "SCRIPTS:$SCRIPTS DISABLE_SCAN:$DISABLE_SCAN"
#set -u
if [ $VDN_SCRIPTS_LEVEL = 1 ]; then
#echo "RESET ERRORS"
errors=0
success=0
fi
if canRunParallel $SCRIPTS && [ "$FORCE_SEQUENTIAL" = 0 ]; then
# in parallel
#echo "Run parallel ($SCRIPTS)."
export IN_PARALLEL=1
set +u
set -u
#set -x
#parallelDisablePause
if [ $(echo "$SCRIPTS" | wc -w) -gt 1 ]; then
export IN_PARALLEL=1
runParallel $SCRIPTS
r=$?
else
#export IN_PARALLEL=1
#(
export IN_PARALLEL=0
#p=$PAUSE
#export PAUSE=1
#VDN_SCRIPTS_LEVEL=$((VDN_SCRIPTS_LEVEL+1))
#set -x
#[ $VDN_SCRIPTS_LEVEL != 1 ] && export IN_PARALLEL=0 || :
r=0
realSeq $SCRIPTS || { r=$?; }
#PAUSE=$p
#[ $VDN_SCRIPTS_LEVEL = 1 ] && export IN_PARALLEL=1 || :
#pause
#)
fi
else
export IN_PARALLEL=0
#[ $VDN_SCRIPTS_LEVEL == 1 ] && export IN_PARALLEL=0
#export PAUSE=1
r=0
realSeq $SCRIPTS || { r=$?; }
fi
pause
#echo "vdn-script: return : r:$r"
exit $r

48
vdn/bin/vdn-send-proxy
Unescape View File

@ -0,0 +1,48 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` émet une commande au proxy (websockets).
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
if [ -e $VDN_WS_PROXY_SOCKET ]; then
echo $@ | socat - UNIX-CONNECT:$VDN_WS_PROXY_SOCKET
fi

84
vdn/bin/vdn-set-network-dir
Unescape View File

@ -0,0 +1,84 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] networkDir
EOF
}
help() {
cat << EOF
`basename $0` définit le réseau courant. (fixe la variable i
NETWORK_DIR du fichier ~/.vdnrc).
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage;
DIR=$1
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
if [ "$DIR" != "" ]; then
if [ ! -d "$DIR" ]; then
if [ ! -d $VDN_NETWORKS_BASE_DIR/$DIR ]; then
error "Network $DIR not found"
else
DIR=$VDN_NETWORKS_BASE_DIR/$DIR
fi
fi
fi
if [ ! -e ~/.vdnrc ]; then
cat <<EOF > ~/.vdnrc
#!/bin/bash
# Chemin du répertoire associé au réseau
NETWORK_DIR="$DIR"
EOF
else
if grep -q 'NETWORK_DIR' ~/.vdnrc; then
tmp=`mktemp`
cat ~/.vdnrc | \
sed -re 's,^NETWORK_DIR=.*$,NETWORK_DIR="'$DIR'",' > $tmp
mv $tmp ~/.vdnrc
else
cat <<EOF >> ~/.vdnrc
# Chemin du répertoire associé au réseau
NETWORK_DIR="$DIR"
EOF
fi
fi

61
vdn/bin/vdn-set-var
Unescape View File

@ -0,0 +1,61 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` var value
EOF
}
help() {
cat << EOF
`basename $0` fixe la variable dans ~/.vdnrc.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hr" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# != 2 ] && usage
VAR=$1
VALUE=$2
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
f=$HOME/.vdnrc
[ ! -e $f ] && touch $f
if cat $f | grep -q "^$VAR="; then
sed -i -re "s,$VAR=.*$,$VAR=\"$VALUE\"," $f || echo "Error"
else
echo "$VAR=\"$VALUE\"" >> $f
fi

55
vdn/bin/vdn-shell
Unescape View File

@ -0,0 +1,55 @@
#!/usr/bin/env bash
name=vdn-shell
synopsis() {
cat << EOF
Usage : $name [-h]
EOF
}
help() {
cat << EOF
$name exécute un shell evec les fonctions et les variables VDN.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# Programme principal
#xclock
args $@
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
echo "Start..."
#export PS1='[VDN] \u@\h:\w\$ '
#$SLASH/usr/bin/env | $SLASH/bin/grep PATH
#export DISPLAY='127.0.0.1:10.0'
#xclock
$SLASH/usr/bin/env $SLASH/bin/bash

214
vdn/bin/vdn-show
Unescape View File

@ -0,0 +1,214 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : $(basename $0) [-h]
EOF
}
help() {
cat << EOF
$(basename $0) Affiche les configurations des systèmes.
$(synopsis)
-h : affiche cette aide
-r : attendre la touche "Entrée" pour terminer
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
}
i1() {
printf "%10s %8s %s\n" "GUEST" "IDENT" "GUEST_SYS"
for i in $guests; do
a=$(vdn-config $i IDENT)
b=$(vdn-config $i GUEST_SYS)
printf "%10s %8s %s\n" $i $a $b
done
echo
}
i2() {
printf "%10s %8s %s\n" "GUEST" "MEMORY" "HDA"
sm=0
for i in $guests; do
m=$(vdn-config $i MEMORY)
d=$(vdn-config $i HDA)
printf "%10s %8s %s\n" $i $m $d
sm=$(($sm+$m))
done
echo
echo "TOTAL MEMORY = $sm"
echo
}
i3() {
printf "%10s %8s %s\n" "GUEST" "NETWORKS"
for i in $guests; do
b=$(vdn-config $i NETWORKS)
printf "%10s %8s %s\n" $i "$b"
done
echo
}
i4() {
nets="NET_G"
for i in $(seq 1 9); do
nets="$nets NET_$i"
done
printf "%10s %s\n" NETWORKS " GUESTS(ETH)"
for i in $nets; do
l=""
for s in $guests; do
setGuestVars $s
grep -q '^[^#]*NETWORKS=.*'$i $GUEST_CONF && {
l="$l $s"
}
done
l2=""
for j in $l; do
a=$(vdn-config $j NETWORKS)
b=$(echo "$a" | sed -re 's/^(.*)'$i'.*$/\1/')
c=$(echo "$b" | sed -re 's/[^ ]//g')
d=$(echo "$c" | wc -c)
d=$(($d-1))
#echo "$i $j(eth$d)"
l2="$l2 $j(eth$d)"
done
[ -n "$l2" ] && {
printf "%10s %s\n" $i "$l2"
}
done
echo
}
i5() {
printf "%10s %s\n" "GUEST" "REDIRS"
for i in $guests; do
a="$(vdn-config $i REDIRS)"
printf "%10s %s\n" $i "$a"
done
echo
}
i6() {
nothing=1
}
i7() {
printf "%10s %12s %s\n" "GUEST" "AUFS_SIZE" "AUFS_FILE"
for i in $guests; do
a="$(vdn-config $i AUFS_SIZE)"
b="$(vdn-config $i AUFS_FILE)"
printf "%10s %12s %s\n" $i "$a" "$b"
done
echo
}
i8() {
printf "%10s %12s %s\n" "GUEST" "SWAP_SIZE" "SWAP_FILE"
for i in $guests; do
a="$(vdn-config $i SWAP_SIZE)"
b="$(vdn-config $i SWAP_FILE)"
printf "%10s %12s %s\n" $i "$a" "$b"
done
echo
}
i9() {
printf "%10s %s\n" "GUEST" "SAVE_EXCLUDE"
for i in $guests; do
a="$(vdn-config $i SAVE_EXCLUDE)"
printf "%10s %s\n" $i "$a"
done
echo
}
i10() {
printf "%10s %s\n" "GUEST" "EXTRA_SERVICES"
for i in $guests; do
a="$(vdn-config $i EXTRA_SERVICES)"
printf "%10s %s\n" $i "$a"
done
echo
}
i11() {
printf "%10s %s\n" "GUEST" "EXCLUDE_SERVICES"
for i in $guests; do
a="$(vdn-config $i EXCLUDE_SERVICES)"
printf "%10s %s\n" $i "$a"
done
echo
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
#IDENT=0; computeNetworks
guests="$(find $NETWORK_DIR -follow -name "*.conf" | sed -re 's/^.*\/([^/]+).conf$/\1/')"
i1
i2
i3
i4
i5
vdn-graph # -a
i6
i7
i8
i9
i10
i11

8
vdn/bin/vdn-singularity
Unescape View File

@ -0,0 +1,8 @@
#!/bin/bash
export VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
DIST=$(echo $HOST_RELEASE | cut -d '/' -f 2)
singularity shell -u /tmp/vdn-$DIST.sif

74
vdn/bin/vdn-spice-viewer
Unescape View File

@ -0,0 +1,74 @@
#!/usr/bin/env bash
set -eu
#set -x
BG=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-b] system
EOF
}
help() {
cat << EOF
`basename $0` démarre un client SPICE présentant l'écran du système.
`synopsis`
Remarque : seuls les systèmes KVM avec leur variable KVM_VIEWER fixée à "spice"
proposent un écran SPICE.
-h : affiche cette aide
-b : start in background
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hb" opt; do
case $opt in
h) help; exit 0;;
b) BG=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage || :
GUEST_NAME=$1; shift;
}
# Programme principal
export VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ $VDN_DEBUG = 1 ] && set -x || :
[ $GUEST_NAME != "nested" ] && setGuestVars $GUEST_NAME
GUEST_OWNER=$USER
[ $GUEST_NAME != "nested" ] && loadGuestVars $GUEST_NAME
if [ $BG = 1 ]; then
remote-viewer -t $GUEST_NAME spice+unix://$TMPDIR/vdn-spice-$USER-$GUEST_NAME-socket &
else
remote-viewer -t $GUEST_NAME spice+unix://$TMPDIR/vdn-spice-$USER-$GUEST_NAME-socket
fi
sleep 1

124
vdn/bin/vdn-ssh
Unescape View File

@ -0,0 +1,124 @@
#!/usr/bin/env bash
set -eu
#set -x
#[ "$USER" = "gudavala" ] && set -x || :
NO_MASTER=0
# ATTENTION : Ce script ne doit rien afficher sur la sortie standard
# car utilisé pour la sauvegarde.
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [option...] [login@]system [command]
EOF
}
help() {
cat << EOF
`basename $0` démarre une connexion ssh à destination d'un système virtuel.
`synopsis`
-h : affiche cette aide
-n : no master mode (utile dans certains cas)
Les options autorisées sont celles de ssh(1).
Exemple :
vdn-ssh -X root@vm-1 # -X pour recevoir les fenêtres graphiques de vm-1.
# Pour quitter le shell distant :
exit
EOF
}
usage() {
synopsis
exit 1
}
args() {
OPTS=""
while [ $# -ne 0 ]; do
reg='^-'
if [[ "$1" =~ $reg ]]; then
OPTS="$OPTS $1"
case "$1" in
-h) help; exit 0;;
-n) NO_MASTER=1;;
-b|-c|-D|-e|-F|-I|-i|-L|-l|-m|-O|-o|-p|-R|-S|-w)
OPTS="$OPTS $2"; shift;;
esac
shift
else
break
fi
done
LOGIN=""
GUEST_NAME="$1"
if echo $1 | grep -q -- '@'; then
LOGIN=`echo $1 | cut -d '@' -f 1`@
GUEST_NAME=`echo $1 | cut -d '@' -f 2`
fi
shift
COMMAND="$@"
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
#if [ $GUEST_NAME = nested ]; then
# SSH_REDIR_PORT=2222
#else
#set -x
[ ! -e $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs ] && \
error "Impossible de joindre $GUEST_NAME"
SSH_REDIR_PORT=`cat $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs | \
sed -rne 's/^tcp:([0-9]+):22(:|$).*$/\1/p'`
[ -z "$SSH_REDIR_PORT" ] && error "Impossible de joindre $GUEST_NAME"
#fi
# No master mode when X11 forwarding
echo $OPTS | grep -q -- -X && {
#echo "Workaround X11 forwarding" >&2
SSH_GUEST_MASTER=0
}
SSH_MASTER=""
[ $SSH_GUEST_MASTER = 1 -a $NO_MASTER != 1 ] && {
sshGuestControlMaster
SSH_MASTER="$SSH_OPTS -o ControlPersist=10m -o ControlMaster=auto -S $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-guest-%r@%h:%p"
}
set +e
export TERM=xterm-256color
#if [ -z "$COMMAND" ]; then
# COMMAND="bash"
#fi
#COMMAND="export http_proxy=$http_proxy; export https_proxy=$https_proxy; $COMMAND"
#set -x
ssh $SSH_MASTER $SSH_OPTS -o ServerAliveInterval=5 $OPTS -p $SSH_REDIR_PORT ${LOGIN}localhost "$COMMAND"

106
vdn/bin/vdn-ssh-copy-id
Unescape View File

@ -0,0 +1,106 @@
#!/usr/bin/env bash
# début des fonctions
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-i [identity_file]] [login@]system
EOF
}
help() {
cat << EOF
`basename $0` copie votre clé publique dans un système virtuel.
`synopsis`
-h : affiche cette aide
-i : indique le fichier contenant la clé publique à copier
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hi:" opt; do
case $opt in
h) help; exit 0;;
i) IDENTITY="$OPTARG";;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
LAST="$1"
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
IDENTITY=""
args $@
LOGIN="$USER@"
GUEST_NAME=$LAST
if echo $LAST | grep -q '@'; then
LOGIN=`echo $LAST | cut -d '@' -f 1`@
GUEST_NAME=`echo $LAST | cut -d '@' -f 2`
fi
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
[ $GUEST_NAME != nested ] && setGuestVars $GUEST_NAME
GUEST_OWNER=$USER
[ $GUEST_NAME != nested ] && loadGuestVars $GUEST_NAME
if [ $GUEST_NAME = nested ]; then
SSH_REDIR_PORT=2222
SSH_GUEST_MASTER=0
else
[ ! -e $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs ] && {
echo "Le fichier $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs n'existe pas !" >&2
echo "Le système $GUEST_NAME est-il démarré ?" >&2
exit 1
}
SSH_REDIR_PORT=`cat $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs | \
sed -rne 's/^tcp:([0-9]+):22(:|$).*$/\1/p'`
fi
if [ -z "$SSH_REDIR_PORT" ]; then
echo "Aucune redirection vers le port 22 du système $GUEST_NAME !" >&2
exit 1
fi
opts="-p $SSH_REDIR_PORT -o NoHostAuthenticationForLocalhost=yes"
[ -n "$IDENTITY" ] && opts="-i $IDENTITY $opts"
RUSER=$USER
RUSER=$(echo $@ | sed -rne 's/^.*(^|[[:space:]])(.*)@.*$/\2/p')
[ -z "$RUSER" ] && RUSER=$USER
name=$(echo $@ | sed -re 's/^.*@(.*)$/\1/')
args=$(echo $LAST | sed -re "s/$name/localhost/g")
ssh-copy-id $opts $args
[ $? -eq 0 ] && {
echo -e "Try : \n\nvdn-ssh $RUSER@$name\n"
}

54
vdn/bin/vdn-ssh-loop
Unescape View File

@ -0,0 +1,54 @@
#!/usr/bin/env bash
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [option...] [login@]system
EOF
}
help() {
cat << EOF
`basename $0` effectue, en boucle un ssh à destination d'un système virtuel.
`synopsis`
-h : affiche cette aide
Les options autorisées sont celles de ssh(1).
Les options précisées dans la variable SSH_OPTS du fichier de configuration
sont implicitement ajoutées.
Si la connexion échoue, un nouvel essai est effectué après 5 secondes.
EOF
}
usage() {
synopsis
exit 1
}
usage() {
echo "usage : $0 systemDir [login]" >&2
exit 1
}
args() {
if [ "$1" = "-h" ]; then
help; exit 0;
fi
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
while :; do
$VDN_PATH/bin/vdn-ssh $@
echo "Retry \"vdn-ssh $1\" in 3 s..."
sleep 3
done

118
vdn/bin/vdn-sshfs
Unescape View File

@ -0,0 +1,118 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [option...] [login@]system:[path] mountpoint
EOF
}
help() {
cat << EOF
`basename $0` monte un répertoire du système virtuel dans un répertoire de l'hôte.
Remarque : nécessite fuse et sshfs.
`synopsis`
-h : affiche cette aide
Les options autorisées sont celles de sshfs(1).
Exemple :
mkdir /tmp/d
vdn-sshfs test@vm-1: /tmp/d # le HOME de test sur vm-1 est monté dans /tmp/d
# Pour démonter
fusermount -u /tmp/d
EOF
}
usage() {
synopsis
exit 1
}
args() {
OPTS=""
while [ $# -ne 0 ]; do
reg='^-'
if [[ "$1" =~ $reg ]]; then
OPTS="$OPTS $1"
case "$1" in
-h) help; exit 0;;
-b|-c|-D|-e|-F|-I|-i|-L|-l|-m|-O|-o|-p|-R|-S|-w)
OPTS="$OPTS $2"; shift;;
esac
shift
else
break
fi
done
LOGIN=""
DIR=""
GUEST_NAME="$1"
if echo $1 | grep -q -- '@'; then
LOGIN=`echo $1 | cut -d '@' -f 1`@
GUEST_NAME=`echo $1 | cut -d '@' -f 2`
if ! echo $GUEST_NAME | grep -q -- ':'; then
usage
fi
DIR=$(echo $GUEST_NAME | cut -d ':' -f 2)
GUEST_NAME=$(echo $GUEST_NAME | cut -d ':' -f 1)
fi
shift
set +u
MOUNT_DIR="$1"
[ -z "$MOUNT_DIR" -o -n "$2" ] && usage
set -u
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
#if [ $GUEST_NAME = nested ]; then
# SSH_REDIR_PORT=2222
#else
[ ! -e $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs ] &&
error "Impossible de joindre $GUEST_NAME"
SSH_REDIR_PORT=`cat $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs | \
sed -rne 's/^tcp:([0-9]+):22(:|$).*$/\1/p'`
[ -z "$SSH_REDIR_PORT" ] && error "Impossible de joindre $GUEST_NAME"
#fi
# No master mode when X11 forwarding
echo $OPTS | grep -q -- -X && {
#echo "Workaround X11 forwarding" >&2
SSH_GUEST_MASTER=0
}
SSH_MASTER=""
[ $SSH_GUEST_MASTER = 1 ] && {
sshGuestControlMaster
SSH_MASTER="$SSH_OPTS -o ControlPersist=10m -o ControlMaster=auto,ControlPath=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-guest-%r@%h:%p"
}
set +e
#ssh $SSH_MASTER $SSH_OPTS -o ServerAliveInterval=5 $OPTS -p $SSH_REDIR_PORT ${LOGIN}localhost "$COMMAND"
sshfs ${LOGIN}localhost:$DIR $MOUNT_DIR $SSH_MASTER $SSH_OPTS -o ServerAliveInterval=5 $OPTS -p $SSH_REDIR_PORT

993
vdn/bin/vdn-start
Unescape View File

@ -0,0 +1,993 @@
#!/usr/bin/env bash
set -eu
set -m # Jobs control
# Script pour l'exécution d'un système virtuel
# --------------------------------------------
NICE=10
EXPR=""
READ_ON_ERROR=0
GUI=0;
VDN_TERM=0
BG=0
EXCLUDE_SERVICES=""
set -a
# Dans le cas où une redirection (cf. REDIRS ci-dessus) échoue,
# attendre que le port se libère (0) ou chercher le premier port libre
# suivant (1).
PORT_INC_ALLOWED=1
set +a
# début des fonctions
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [-f] [-g] [-e] [-t] [-v expr] system
EOF
}
help() {
cat << EOF
`basename $0` démarre un système virtuel.
`synopsis`
Un nom de système correspond au nom d'un répertoire situé dans le
sous répertoire "systems" de Vdn.
-h : affiche cette aide
-b : execute le système en arrière plan.
-d : mode DEBUG.
-g : si l'interface graphique est démarrée, lui délègue le démarrage.
-t : le terminal courant est utilisé en console.
-e : Attendre "Entrée" si erreur.
-v exp : évalue une expression. Pratique pour la surcharge de variables.
exemple : -v "MEMORY=32; SWAP_SIZE=32"
EOF
}
usage() {
synopsis
exit 2
}
args() {
local opt
while getopts "hebdgtv:" opt; do
case $opt in
h) help; exit 0;;
b) BG=1;;
d) export VDN_DEBUG=1;;
e) READ_ON_ERROR=1;;
g) GUI=1;;
t) VDN_TERM=1;;
v) export EXPR="$OPTARG";;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
case "$GUEST_NAME" in
sae103)
VDN_TERM=1
net=$(vdn-get-network)
if [ "$net" != "/home/UCA/vdn/vdn-bullseye/networks/sae103" ]; then
vdn-set-network-dir /home/UCA/vdn/vdn-bullseye/networks/sae103
export NETWORK_DIR=/home/UCA/vdn/vdn-bullseye/networks/sae103
SAVE_DIR="$SAVE_PATH/$(basename $NETWORK_DIR)"
fi
;;
esac
}
testIfAlreadyStarted() {
set +e
vdn-alive $GUEST_NAME
r=$?
[ $r -eq 0 ] && error "Le système virtuel $GUEST_NAME est déjà lancé"
}
testVariables() {
[ -z "$AUFS_SIZE" ] && error "AUFS_SIZE not set"
}
createConfigFile() {
local dir=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-config/etc/vdn
set +u
[ -z "$http_proxy" ] && export http_proxy=""
[ -z "$https_proxy" ] && export https_proxy=""
[ -z "$POST_BOOT" ] && POST_BOOT=""
set -u
NB_ETH=$(echo $NETWORKS | wc -w)
echo -n "Compute network vars... "
#PUBLICS_IP=$(for i in $(vdn-list); do ip=$(vdn-infos $i | grep PUB | sed -re 's/^.*"([0-9.]+)" .*$/\1/'); echo -n "$i:$ip "; done)
PUBLICS_IP=$(for i in $(vdn-list); do ip=$(vdn-query PUBLIC_IP $i); echo -n "$i:$ip "; done)
PUBLIC_IP=$(vdn-query PUBLIC_IP 0 $GUEST_NAME.$NETWORK_NAME)
echo "done"
echo >&2
echo "NETWORKS : $NETWORKS" >&2
echo "NB_ETH : $NB_ETH" >&2
echo "PUBLICS_IP: $PUBLICS_IP" >&2
cat <<EOF > $dir/config
PUBLICS_IP="$PUBLICS_IP"
HOSTS="$HOSTS"
NETWORKS="$NETWORKS"
NETWORK_DIR="$NETWORK_DIR"
VDN_RESOLV="$VDN_RESOLV"
VDN_RESOURCES_ALLOCATOR="$VDN_RESOURCES_ALLOCATOR"
VDN_PATH="$VDN_PATH"
GUEST_SYS="$GUEST_SYS"
MOUNT_ROOT_PATH="$MOUNT_ROOT_PATH"
EMULATOR="$EMULATOR"
MODE="$MODE"
HDA="$HDA"
HDB="$HDB"
HDB_PART_FORMAT="$HDB_PART_FORMAT"
HDB_DIRS="$HDB_DIRS"
GUEST_PATH="$GUEST_PATH"
GUEST_NAME="$GUEST_NAME"
GUEST_OWNER="$GUEST_OWNER"
NB_ETH="$NB_ETH"
NB_DISK="$NB_DISK"
PUBLIC_IP="$PUBLIC_IP"
ON_BOOT="$ON_BOOT" # deprecié
POST_BOOT="$POST_BOOT"
SET_HOSTNAME="$SET_HOSTNAME"
EXTRA_ETH="$EXTRA_ETH"
EXTRA_ETH_DEFAULT_ROUTE="$EXTRA_ETH_DEFAULT_ROUTE"
EXTRA_ETH_MASQUERADING="$EXTRA_ETH_MASQUERADING"
SET_PROXY="$SET_PROXY"
AUFS_FILE="$AUFS_FILE"
AUFS_SIZE="$AUFS_SIZE"
SAVE_EXCLUDE="$SAVE_EXCLUDE"
CLEAR_LOG_WHEN_SAVE="$CLEAR_LOG_WHEN_SAVE"
DELETE_LOG_GZ="$DELETE_LOG_GZ"
SWAP_FILE="$SWAP_FILE"
SWAP_SIZE="$SWAP_SIZE"
SSH_IDENTITY="$SSH_IDENTITY"
EXTRA_SERVICES="$EXTRA_SERVICES"
EXCLUDE_SERVICES="$EXCLUDE_SERVICES"
RUNLEVEL="$RUNLEVEL"
DATE=`date +%Y.%m.%d-%T`
if [ "\$SET_PROXY" = 1 ]; then
HTTP_PROXY="$http_proxy"
HTTPS_PROXY="$https_proxy"
echo "export http_proxy=\"\$HTTP_PROXY\"" >> /etc/bash.bashrc
echo "export https_proxy=\"\$HTTPS_PROXY\"" >> /etc/bash.bashrc
fi
DEFAULT_LANG="$DEFAULT_LANG"
TIMEZONE="$TIMEZONE"
XKBMODEL="$XKBMODEL"
XKBLAYOUT="$XKBLAYOUT"
XKBVARIANT="$XKBVARIANT"
XKBOPTIONS="$XKBOPTIONS"
BACKSPACE="$BACKSPACE"
VDN_DEBUG="$VDN_DEBUG"
EOF
}
waitEndOfRedirsOld() {
local n=0
#while netstat -A inet -a -n | grep TIME_WAIT | \
while ss -a -f inet -n -i state time-wait | \
grep -q "^$1[[:space:]].*:$2[[:space:]]"; do
if [ $n = 0 ]; then
echo "Attente de la libération du port $2 (1 minute environ...)">&2
fi
n=1
sleep 1
done
}
# Create partition for union
createUnionPart() {
echo "Create overlayfs ($AUFS_SIZE Mo). "
if [ -n "$AUFS_FILE" ]; then
[ ! -d $(dirname $AUFS_FILE) ] && mkdir -p $(dirname $AUFS_FILE)
[ -e $AUFS_FILE ] && rm $AUFS_FILE
dd of=$AUFS_FILE bs=1k seek=$(($AUFS_SIZE*1024)) count=0 &> /dev/null
/sbin/mke2fs -q -F -t ext4 $AUFS_FILE
fi
#rm -f $OUT_FILE
#dd of=$OUT_FILE bs=1k seek=$(($AUFS_SIZE*1024)) count=0
}
prepareSwap() {
if [ -n "$SWAP_FILE" ]; then
[ -e $SWAP_FILE ] && rm $SWAP_FILE
if [ -z "$SWAP_SIZE" ]; then
echo -e "SWAP_SIZE not set !" >&2
exit 2
fi
echo "Create swap ($SWAP_SIZE Mo). "
dd of=$SWAP_FILE bs=1k seek=$(($SWAP_SIZE*1024)) count=0 &> /dev/null
chmod 600 $SWAP_FILE
/sbin/mkswap $SWAP_FILE > /dev/null
#echo " done."
fi
}
tgzPrepare() {
createUnionPart
}
injectScriptsInConfigDir() {
local srcDir=$1
local dstDir=$2
if [ -d $srcDir ]; then
local list=$(cd $srcDir; ls | grep -v prepare.sh*)
if [ -n "$list" ]; then
( cd $srcDir; cp -a $list $dir/etc/vdn )
if [ -e $dir/etc/vdn/rc.local ]; then
mv $dir/etc/vdn/rc.local $dir/etc
chmod 755 $dir/etc/rc.local
#echo "SET FILE : $dir/etc/rc.local"
#echo "=== EXTRA === : "
#cat $dir/etc/rc.local | grep EXTRA
fi
fi
fi
}
createConfigDir() {
local dir=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-config
local tgz="$dir.tgz"
#echo "Create config dir..."
rm -Rf $dir
mkdir -m 700 $dir
mkdir -p $dir/etc/vdn
# Copie des fichiers d'initialisation (/etc/rc.local et autres
# du répertoire direct
injectScriptsInConfigDir $VDN_PATH/distribs/guests/direct/$GUEST_SYS $dir
# idem mais spécialise les fichiers (COW, OVERLAY, TGZ)
if [ $MODE != direct ]; then
injectScriptsInConfigDir $VDN_PATH/distribs/guests/$MODE/$GUEST_SYS $dir
fi
createConfigFile
local cp=0
for i in $SSH_IDENTITY; do
[ ! -d $dir/etc/vdn/.ssh ] && {
mkdir -p $dir/etc/vdn/.ssh
chmod 700 $dir/etc/vdn/.ssh
}
if [ -e $i ]; then
cp $i $dir/etc/vdn/.ssh/
cp=1
fi
done
[ $cp = 0 ] && error "Aucune clé SSH !"
[ -e $NETWORK_DIR/authorized-root.txt ] && \
cp $NETWORK_DIR/authorized-root.txt $dir/etc/vdn
# Add host files
for i in $HOST_FILES; do
[ ! -d $dir/etc/vdn/host/$(dirname $i) ] && mkdir -p $dir/etc/vdn/host/$(dirname $i) || :
cp -a $i $dir/etc/vdn/host/$(dirname $i)
done
if [ -d $NETWORK_DIR/all ]; then
[ ! -d $dir/etc/vdn/all ] && mkdir -p $dir/etc/vdn/all
( cd $NETWORK_DIR/all && tar czf - . ) | ( cd $dir/etc/vdn/all && tar -xpzf -)
fi
if [ -d $NETWORK_DIR/$GUEST_NAME ]; then
[ ! -d $dir/etc/vdn/guest ] && mkdir -p $dir/etc/vdn/guest
( cd $NETWORK_DIR/$GUEST_NAME && tar czf - . ) | ( cd $dir/etc/vdn/guest && tar -xpzf - )
fi
# note used
#cp /etc/hosts $dir/etc/vdn
#cp /etc/resolv.conf $dir/etc/vdn
if [ -d $VDN_PATH/scripts ]; then
cp -a $VDN_PATH/scripts/* $dir/etc/vdn
fi
# Add allocator
[ -d $dir/etc/vdn/allocators ] && rm -Rf $dir/etc/vdn/allocators
cp -a $VDN_PATH/allocators $dir/etc/vdn
# Add vdn resolv
cp $VDN_PATH/tools/libnss_vdn.so $dir/etc/vdn
# Build disk
( cd $dir; tar -czf $tgz .; chmod 600 $tgz)
#echo -n "Create config disk... "
dd if=/dev/zero bs=512 count=1 >> $tgz 2> /dev/null
#echo "done."
#echo "done."
}
### KVM (Kernel Virtual Machine)
kvm_query_networks() {
. $VDN_PATH/allocators/$VDN_RESOURCES_ALLOCATOR
# 1. redirections
#if [ $EXTRA_ETH = 1 ]; then
rm -f $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs
REDIRS=$(echo "$REDIRS" | sed -re 's/[[:space:]]+/ /g')
REDIRS=$(echo "$REDIRS" | sed -re 's/^[[:space:]]+//g')
REDIRS=$(echo "$REDIRS" | sed -re 's/[[:space:]]+$//g')
REDIRS=$(echo "$REDIRS" | sed -re 's/[[:space:]]/\n/g')
#echo "REDIRS:$REDIRS" >&2
redirs=`
redirsOpt=""
[ -n "$REDIRS" ] || error "REDIRS empty !"
echo "$REDIRS" | (
export IFS=":"
i=0
while read proto dstPort com; do
[ -z "$dstPort" ] && continue
#echo "dstPort:$dstPort" >&2
#srcPort=$(vdn_redir $dstPort)
[ -z "$proto" ] && continue
#set -x
srcPort=$(computeRedir $GUEST_NAME $proto $dstPort)
echo "port:$srcPort" >&2
#set +x
#if [ "$PORT_INC_ALLOWED" = 1 ]; then
# srcPort=$(findUnusedPort $proto $srcPort $dstPort)
#fi
#waitEndOfRedirs $proto $srcPort
redirsOpt="$redirsOpt -redir $proto:$srcPort::$dstPort"
echo "Add to : $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs" >&2
echo "$proto:$srcPort:$dstPort:$com">>$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-redirs
done
echo "$redirsOpt"
)
`
#fi
# 2. cartes Ethernet
set - $NETWORKS
#echo -n "-net user "
#for i in `seq 0 $(($NB_ETH-1))`; do
ETH=0
for i; do
#set -x
net="$i"
comment=$(echo $net | cut -d '#' -f 2)
net=$(echo $net | cut -d '#' -f 1)
[ "$net" = "$comment" ] && comment=""
[ "$net" = "NET_G" ] && net="NET_0"
[ "$net" = "$comment" ] && comment=""
netNum=$(echo $net | sed -re 's/^ *NET_([0-9]+).*$/\1/')
mac=$(computeMacAddr $GUEST_NAME $ETH)
if [ "$net" = "none" ]; then
local qemuVersion=$(qemu-system-x86_64 --version | grep version | sed -re 's/^.*version ([0-9.]+).*$/\1/')
if [ "$qemuVersion" \< "3.0.0" ]; then
echo -n "-device virtio-net-pci,mac=$mac "
else
echo -n "-device virtio-net-pci,mac=$mac -nic none "
fi
else
if [ $netNum = 0 ]; then
group=$MCAST_COMMON_ADDR
port=$MCAST_BASE_PORT
else
mcast=$(computeEthLink $GUEST_NAME $netNum)
echo "inetNum:$netNum mcast:$mcast" >&2
group=`echo $mcast | cut -d : -f 1`
port=`echo $mcast | cut -d : -f 2`
fi
echo -n "-device virtio-net-pci,netdev=n$(($netNum)),mac=$mac -netdev socket,id=n$(($netNum)),mcast=$group:$port "
fi
ETH=$(($ETH+1))
done
[ $EXTRA_ETH = 1 ] && {
mac=$(computeMacAddr $GUEST_NAME $NB_ETH)
redirs=$(echo $redirs | sed -re 's/^ *//')
echo -n "-device virtio-net-pci,netdev=e0,mac=$mac -netdev user,id=e0$redirs"
#echo -n "-net nic,vlan=0,model=$NET_MODEL -net user,vlan=0$redirs"
} || :
}
kvm_graphic() {
GRAPHICAL_OPTS=""
if [ $KVM_VIEWER = "vnc" ]; then
set +e
ps auwx | grep -v grep |grep -q 'ruby.*vdn-gui'
GUI_RUNNING=$?
set -e
if [ $KVM_VIEWER_AUTOSTART = 1 ]; then
if [ $KVM_VIEWER_EMBEDDED = 1 -a $GUI_RUNNING = 0 ]; then
( sleep 3; sendToGui "vnc-viewer $GUEST_NAME" ) &
else
(sleep 3; vdn-vnc-viewer $GUEST_NAME ) &
fi
fi
GRAPHICAL_OPTS="-serial mon:stdio -monitor null -vnc unix:$TMPDIR/vdn-vnc-$USER-$GUEST_NAME-socket -spice unix,disable-ticketing,addr=$TMPDIR/vdn-spice-$USER-$GUEST_NAME-socket"
#GRAPHICAL_OPTS="$GRAPHICAL_OPTS -device virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent -device virtserialport,chardev=vdagent,name=com.redhat.spice.0"
elif [ $KVM_VIEWER = "spice" ]; then
set +e
ps auwx | grep -v grep |grep -q 'ruby.*vdn-gui'
GUI_RUNNING=$?
set -e
if [ $KVM_VIEWER_AUTOSTART = 1 ]; then
#if [ $KVM_VIEWER_EMBEDDED = 1 -a $GUI_RUNNING = 0 ]; then
# ( sleep 3; sendToGui "spice-viewer $GUEST_NAME" ) &
#else
(sleep 1; vdn-spice-viewer -b $GUEST_NAME ) &
#fi
fi
GRAPHICAL_OPTS="-serial mon:stdio -monitor null -vnc unix:$TMPDIR/vdn-vnc-$USER-$GUEST_NAME-socket -spice unix,disable-ticketing,addr=$TMPDIR/vdn-spice-$USER-$GUEST_NAME-socket"
GRAPHICAL_OPTS="$GRAPHICAL_OPTS -device virtio-serial -chardev spicevmc,id=vdagent,debug=0,name=vdagent -device virtserialport,chardev=vdagent,name=com.redhat.spice.0"
#GRAPHICAL_OPTS="$GRAPHICAL_OPTS -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel1,id=channel1,name=org.spice-space.stream.0 -chardev spiceport,name=org.spice-space.stream.0,id=charchannel1"
elif [ $KVM_VIEWER = "sdl" ]; then
GRAPHICAL_OPTS="-serial mon:stdio -monitor null"
else
GRAPHICAL_OPTS="-serial mon:stdio -monitor null -nographic"
fi
}
startKvmTgz() {
# Config
local r=0
[ ! -d $(dirname $SAVE_FILE) ] && mkdir -p $(dirname $SAVE_FILE)
case "$MODE" in
tgz)
# Sauvegarde
[ ! -e $SAVE_FILE ] && {
#echo -n "Create minimal save file. "
dd if=/dev/zero of=$SAVE_FILE count=1 bs=1 &> /dev/null
#echo "done."
}
DISK_OPTS="$DISK_OPTS -drive file=$SAVE_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
# aufs part
DISK_OPTS="$DISK_OPTS -drive file=$AUFS_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
# swap
[ -n "$SWAP_FILE" ] &&
DISK_OPTS="$DISK_OPTS -drive file=$SWAP_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
#DISK_OPTS="$DISK_OPTS -drive file=$OUT_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
;;
tgz2)
# Sauvegarde
[ ! -e $SAVE_FILE ] && {
#echo -n "Create minimal save file. "
dd if=/dev/zero of=$SAVE_FILE count=1 bs=1 &> /dev/null
#echo "done."
}
DISK_OPTS="$DISK_OPTS -drive file=$SAVE_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
# aufs part
DISK_OPTS="$DISK_OPTS -drive file=$AUFS_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
# swap
[ -n "$SWAP_FILE" ] &&
DISK_OPTS="$DISK_OPTS -drive file=$SWAP_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
;;
overlay)
# Sauvegarde
[ ! -e $SAVE_FILE ] && {
#echo -n "Create minimal save file. "
dd of=$SAVE_FILE bs=1k seek=$(($AUFS_SIZE*1024)) count=0 &> /dev/null
/sbin/mke2fs -q -F -t ext4 $SAVE_FILE
#echo "done."
}
DISK_OPTS="$DISK_OPTS -drive file=$SAVE_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
# aufs part
# none, is $SAVE_FILE
# swap
[ -n "$SWAP_FILE" ] &&
DISK_OPTS="$DISK_OPTS -drive file=$SWAP_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
;;
esac
KVM_NETWORKS_OPTS="$networks"
# Options passées au noyau
case "$MODE" in
tgz2) KOPTS="";;
*) KOPTS="root=/dev/vda1 ro console=ttyS0,115200n8"
KOPTS="$KOPTS vdn-emulator=kvm vdn-mode=$MODE"
KOPTS="$KOPTS net.ifnames=0 noresume" # fastboot quiet"
KOPTS="root=/dev/vda1 ro console=ttyS0,115200n8"
KOPTS="$KOPTS vdn-emulator=kvm vdn-mode=$MODE"
KOPTS="$KOPTS net.ifnames=0 noresume" # fastboot quiet"
esac
createConfigDir
# config disk (last disk)
configTgz=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-config.tgz
DISK_OPTS="$DISK_OPTS -drive file=$configTgz,if=$KVM_DISK_MODEL,media=disk,format=raw"
kvm_graphic
echo "Start begin (EMULATOR=$EMULATOR, SAVE_FILE=$SAVE_FILE)"
case "$MODE" in
tgz2) cmd="ionice -c 3 nice -$NICE $EMULATOR \
$KVM_OPTS $GRAPHICAL_OPTS \
$DISK_OPTS \
$KVM_NETWORKS_OPTS \
"
echo "==> CMD: $cmd"
;;
*) cmd="ionice -c 3 nice -$NICE $EMULATOR \
$KVM_OPTS $GRAPHICAL_OPTS \
-initrd $VDN_PATH/files/$INITRAMFS \
-kernel $VDN_PATH/files/$KERNEL \
-append '$KOPTS' \
$DISK_OPTS \
$KVM_NETWORKS_OPTS \
"
;;
esac
set +u
[ -z "$FORCE_BG" ] && export FORCE_BG=0 || :
set -u
#echo $cmd | tr ' ' '\n'
if [ $BG = 1 -o \( $FORCE_BG = 1 -a $WITH_GUI = 0 \) ]; then
eval $cmd < /dev/null &> /dev/null &
#r=$?
#trap - 0
return 0
fi
#if [ $FORCE_BG = 1 ]; then
# eval $cmd &
#fi
if [ "$VDN_TERM" = 0 ]; then
set -e
$VDN_PATH/bin/vdn-terminal "$cmd"
r=$?
set +e
else
set +e
eval $cmd
r=$?
stty sane
set -e
fi
return $r
}
startKvmDirectOrCow() {
local r=0
set +u
if [ "$HDA" = "$VDN_DISK_ENV" ]; then
error "Impossible de monter en écriture le disque $VDN_DISK_ENV \nservant à l'environnement chroot.\nAbandon"
fi
set -u
if [ ! -e "$VDN_PATH/files/$HDA" ]; then
[ -z "$HDA_SIZE" ] && error "Need HDA_SIZE (in Mo)"
echo "Create $HDA. Size=$HDA_SIZE (Mo)"
dd if=/dev/zero of=$VDN_PATH/files/$HDA count=1 bs=512
dd of=$VDN_PATH/files/$HDA count=0 bs=1M seek=$HDA_SIZE
fi
[ $MODE = direct -a ! -w $VDN_PATH/files/$HDA ] && \
error "No write permission on $VDN_PATH/files/$HDA"
KVM_NETWORKS_OPTS="$networks"
#KVM_NETWORKS_OPTS="$(eval echo $networks)"
[ -n "$SWAP_FILE" ] &&
DISK_OPTS="$DISK_OPTS -drive file=$SWAP_FILE,if=$KVM_DISK_MODEL,media=disk,format=raw"
createConfigDir
configTgz=$TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-config.tgz
set +u
[ -z "$DISK_OPTS" ] && DISK_OPTS=""
set -u
DISK_OPTS="$DISK_OPTS -drive file=$configTgz,if=$KVM_DISK_MODEL,media=disk,format=raw"
kvm_graphic
echo "Start startKvmDirect begin (EMULATOR=$EMULATOR)"
cmd="ionice -c 3 nice -$NICE $EMULATOR \
$KVM_OPTS $GRAPHICAL_OPTS \
$DISK_OPTS \
$KVM_NETWORKS_OPTS \
"
if [ $BG = 1 ]; then
eval $cmd < /dev/null &> /dev/null &
r=$?
trap - 0
return $r
fi
if [ "$VDN_TERM" = 0 ]; then
set -e
$VDN_PATH/bin/vdn-terminal "$cmd"
r=$?
set +e
else
set +e
eval $cmd
r=$?
stty sane
set -e
fi
return $r
}
startKvm() {
local r=0
echo "Start KVM"
networks=`kvm_query_networks`
# for last QEMU versions ( -redir -> hostfwd )
if echo "$networks" | grep -q -- -redir; then
n=$(echo "$networks" | sed -re 's/-redir +(tcp|udp):([^:]+)::([0-9]+)( |$)/,hostfwd=\1::\2-:\3/g')
networks=$(echo "$n" | sed -re 's/-net user /-net user/g')
fi
echo "networks : $NETWORKS" >&2
NB_DISK=0
DISK_OPTS=""
#echo "MODE 1:$MODE"
case "$MODE" in
tgz|overlay|tgz2)
[ $BOOT_CDROM = 1 ] && error "BOOT_CDROM=1 : Can't boot on cdrom !"
#[ -n "$CDROM" ] && warning "CDROM not allowed in tgz mode"
#CDROM=""
tgzPrepare
;;
cow)
[ -z "$HDA" ] && error "Mode COW : Need HDA Disk" || :
[ -z "$SAVE_FILE" ] && error "Mode COW : Need SAVE_FILE" || :
[ ! -d $(dirname $SAVE_FILE) ] && mkdir -p $(dirname $SAVE_FILE)
[ ! -e "$SAVE_FILE" ] && {
#echo "Create $SAVE_FILE"
[ $VDN_DEBUG = 1 ] && set -x || :
( umask 077; qemu-img create -b $VDN_PATH/files/$HDA -f qcow2 $SAVE_FILE )
set +x
}
;;
esac
local boot_hda=on
local boot_cdrom=off
local boot_drive=c
local boot_order=c
[ $BOOT_CDROM = 1 ] && {
boot_hda=off
boot_cdrom=on
local boot_drive=d
local boot_order=d
}
#set +x
case "$MODE" in
tgz|overlay|tgz2)
DISK_OPTS="-boot order=$boot_order -drive file=$VDN_PATH/files/$HDA,if=$KVM_DISK_MODEL,snapshot=on,format=raw"
;;
cow)
DISK_OPTS="-boot order=$boot_order -drive file=$SAVE_FILE,if=$KVM_DISK_MODEL"
;;
direct)
DISK_OPTS="-boot order=$boot_order -drive file=$VDN_PATH/files/$HDA,if=$KVM_DISK_MODEL,format=raw"
;;
*) error "Invalide mode : $MODE"
;;
esac
NB_DISK=$(($NB_DISK+1))
set +u
[ -z "$SAVE_DIR_HDB" ] && SAVE_DIR_HDB=$SAVE_DIR || :
set -u
[ ! -d $SAVE_DIR_HDB ] && mkdir -p $SAVE_DIR_HDB || :
[ -n "$HDB" ] && {
[ ! -e "$SAVE_DIR_HDB/$HDB" ] && {
[ -n "$HDB_SIZE" ] && {
#echo -n "Create HDB ($HDB_SIZE) : $SAVE_DIR_HDB/$HDB... "
dd of=$SAVE_DIR_HDB/$HDB count=0 bs=1M seek=$HDB_SIZE
#echo "done."
}
}
DISK_OPTS="$DISK_OPTS -drive file=$SAVE_DIR_HDB/$HDB,if=$KVM_DISK_MODEL,format=raw"
NB_DISK=$(($NB_DISK+1))
}
[ -n "$CDROM" ] && {
[ ! -e "$VDN_PATH/files/$CDROM" ] && {
warning "Cdrom \"$CDROM\" not found !"
} || {
DISK_OPTS="-boot order=$boot_order $DISK_OPTS -drive file=$VDN_PATH/files/$CDROM,media=cdrom"
#NB_DISK=$(($NB_DISK+1)) # /dev/cdrom -> /dev/sr0
}
}
prepareSwap
if [ $KVM_USB_DEVICE_TABLET = 1 ]; then
KVM_OPTS="$KVM_OPTS -usbdevice tablet"
fi
case $KVM_VIEWER in
no) KVM_OPTS="$KVM_OPTS -nographic";;
sdl) ;;
vnc) ;;
esac
case "$EMULATOR" in
kvm) [ -w /dev/kvm ] && {
KVM_OPTS="-enable-kvm -cpu host $KVM_OPTS"
cpu=$(getconf _NPROCESSORS_ONLN)
KVM_OPTS="-smp $cpu $KVM_OPTS"
}
EMULATOR=qemu-system-x86_64
;;
qemu) KVM_OPTS="-smp 1 $KVM_OPTS"
EMULATOR=qemu-system-x86_64
;;
esac
#echo "MODE: beforeStart : $MODE"
case $MODE in
tgz|overlay|tgz2) startKvmTgz; r=$?;;
direct|cow) startKvmDirectOrCow; r=$?;;
*) error "Mode $MODE not available"
esac
return $r
}
quit() {
echo ""
#echo "*** $GUEST_NAME stopped !"
#echo "Wait return before rm files !"
#read
#rm -Rf $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-*
}
# Programme principal
echo "vdn-start $@"
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
myLocalHostname=$(hostname)
if [ "$myLocalHostname" = "tokyo" -o "$myLocalHostname" = "iutclinfvm01l" ]; then
echo "Lancer des VM sur $myLocalHostname n'est ni autorisé ni judicieux !" >&2
echo "Allez sur une machine de TP (commande scan-dept pour lister celles allumées) !" >&2
exit 9
fi
set +u
[ "$VDN_DEBUG" = "1" ] && set -x || :
set -u
#verifIdent || exit 2
export HOSTS=""
setGuestVars $GUEST_NAME
GUEST_OWNER=$USER
DIRECT=0
loadGuestVars $GUEST_NAME
#if ! /sbin/route -n | grep -q '0.0.0.0' ; then
if ! /sbin/ip route | grep -q default; then
error "Pas de route par défaut ! Consultez la FAQ"
fi
AUFS_OPTS=""
NB_ETH=`echo $NETWORKS | wc -w`
testIfAlreadyStarted
# Délègue à interface graphique
set +u
[ -z "$WITH_GUI" ] && export WITH_GUI=0
[ -z "$VDN_GUI" ] && export VDN_GUI=0
set -u
if [ $GUI = 1 ]; then
if ps auwx | grep -v grep | grep -q 'ruby.*vdn-gui' ; then
sendToGui "start $GUEST_NAME $EXPR"
exit 0
fi
fi
set +u
if [ ! -e $VDN_PATH/files/$INITRAMFS_PATH ]; then
if [ $MODE = "tgz" -o $MODE = "overlay" -o $MODE = "tgz2"]; then
error "Impossible de trouver : $INITRAMFS_PATH"
fi
fi
set -u
export MOUNT_ROOT_PATH="$VDN_PATH/distribs/guests/$GUEST_SYS/mount-root"
#echo
#echo "*** Start $GUEST_NAME ($EMULATOR)"
#echo
trap quit 0
[ -z "$EMULATOR" ] && EMULATOR="kvm"
case "$EMULATOR" in
kvm|qemu*)
#EXCLUDE_SERVICES=""
#echo "Start kvm..."
startKvm
r=$?;;
*) echo "L'émulateur $EMULATOR n'est pas supporté !" >&2; exit 2;;
esac
exit $r

79
vdn/bin/vdn-start-secure-1
Unescape View File

@ -0,0 +1,79 @@
#!/bin/bash
VDN_PATH=/home/prof/vdn/vdn
. $VDN_PATH/bin/functions-scripts.sh
echo "Démarrage du réseau secure-1"
if [ ! -e ~/.ssh/id_rsa ]; then
echo "Vous de disposez pas de clés RSA nécessaire pour contacter"
echo "les machines virtuelle."
echo
echo "Créez un couple de clés RSA ? (O/n)"
read reply
case "$reply" in
'\n'|''|o|O) ;;
*) echo "Bye !"; exit 0;;
esac
echo "=========================================================="
echo "Gardez les choix par défaut (touche Entrée) sauf pour"
echo "la \"passphrase\"."
echo
ssh-keygen -t rsa || exit 1
fi
n=debian-1
if ! vdn-alive $n; then
echo
echo "Démarrage de l'unique VM : $n"
vdn-set-network-dir /home/prof/vdn/vdn/networks/secure-1
vdn-start -b $n
fi
echo "Ouverture d'une connexion ssh sur $n ... (Patientez 10..30 secondes...)"
waitSsh $n
#echo $?
#echo "Configuration de debian-1"
#vdn-ssh root@$n "hostname"
echo
echo "Machine virtuelle : $n démarrée et opérationnelle"
echo
echo "Commandes de base"
echo "-----------------"
echo
echo "Connexion SSH à $n : dans autant d'autres terminaux que vous le souhaitez"
echo
echo " vdn-ssh root@debian-1 # pour ouvrir une connexion SSH avec $n"
echo
echo
echo "Arrêter la machine virtuelle $n : à faire en fin de scéance."
echo
echo " vdn-halt $n # A faire sur l'hôte."
echo
echo
echo "Tuer la VM (la \"débrancher\" brutalement, à utiliser en dernier recours !)"
echo
echo " vdn-kill $n"
echo
echo
echo "Nettoyer $n : repart d'une configuration vierge."
echo
echo " vdn-clean $n # $n DOIT être arrêtée avant !"
echo
echo
echo "Commandes supplémentaires"
echo "-------------------------"
echo "Outre vdn-ssh, les commandes vdn-scp, vdn-sshfs, vdn-ssh-copy-id permettent"
echo "des transferts de fichiers entre l'hôte et la VM."
echo "Chacune de ses commandes s'utilise presque comme l'orginale et dispose d'une"
echo "aide intégrée affichée via l'option -h"
echo
echo "Exemple :"
echo " vdn-scp hosts root@debian-1:/etc # pour"injecter" un fichier dans la VM."
echo
echo

47
vdn/bin/vdn-start-wrapper
Unescape View File

@ -0,0 +1,47 @@
#!/usr/bin/env bash
synopsis() {
cat << EOF
Usage : `basename $0` [-h] [les options de vdn-start]
EOF
}
help() {
cat << EOF
`basename $0` ne fait qu'appeler vdn-start et analyser son
code de retour.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
# Programme principal
[ "$1" = '-h' ] && { help; exit 0; }
vdn-start "$@"
r=$?
[ -z "$VDN_DEBUG" ] && VDN_DEBUG=0 || :
# 1 : when linux killed
# 143 : when kvm is killed
set -x
#if [ $VDN_DEBUG = 1 -o \( $r != 1 -a $r != 143 -a $r != 0 \) ]; then
if [ $VDN_DEBUG = 1 -o \( $r != 143 -a $r != 0 \) ]; then
echo
echo "DEBUG MODE (ret=$r) : Press Return to exit"
read < /dev/tty
#else
# read < /dev/tty
fi

70
vdn/bin/vdn-terminal
Unescape View File

@ -0,0 +1,70 @@
#!/usr/bin/env bash
name=vdn-terminal
BIG=0
synopsis() {
cat << EOF
Usage : $name [-h]
EOF
}
help() {
cat << EOF
$name lance un terminal exécutant une commande en arrière plan.
`synopsis`
-h : affiche cette aide
-b : police de 10 et géométrie de 140x43 (big)
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hb" opt; do
case $opt in
h) help; exit 0;;
b) BIG=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
ARGS=$@
}
# Programme principal
args $@
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
export VDN_PATH
cmd=$ARGS
#geom="-fa 'Monospace' -fs 12"
#[ $BIG = 1 ] && geom="-fa 'Monospace' -fs 10 -geometry 140x43"
opts="-j -rightbar -sb -si -sk -vb"
geom=""
[ $BIG = 1 ] && geom="--geometry 140x43 --font 12"
#c="gnome-terminal --name=\"$name\" -- $cmd"
c="xfce4-terminal $geom --disable-server -T \"$name\" -x $cmd"
#c="xterm $opts $geom -T \"$name\" -e $cmd"
echo "vdn-terminal cmd:$c"
eval $c 2> /dev/null &
#vdn-terminal.rb $@

3
vdn/bin/vdn-test
Unescape View File

@ -0,0 +1,3 @@
#!/usr/bin/env bash
echo ok

187
vdn/bin/vdn-test-all
Unescape View File

@ -0,0 +1,187 @@
#!/usr/bin/env bash
set -eu
export WITH_GUI=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` tests les scripts "repair*" des réseaux."
`synopsis`
-h : affiche cette aide
-g : avec l'interface graphique
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hg" opt; do
case $opt in
h) help; exit 0;;
g) WITH_GUI=1;;
?) usage;;
esac
done
}
testHeader() {
n=$1
echo
echo "Test $n"
echo "=================="
vdn-set-network-dir $VDN_PATH/networks/$n
export NETWORK_DIR=$VDN_PATH/networks/$n
if [ $WITH_GUI = 1 ]; then
sendToGui "quit"
vdn $n &
fi
}
testFinish() {
systems=$@
for i in $systems; do
vdn-halt $i
done
#wait
#vdn-clean -f $systems
if [ $WITH_GUI = 1 ]; then
sendToGui "quit"
fi
}
testRoutingStatic() {
local n
n=routing-static
testHeader $n
systems=$(vdn-list | grep -v '^#')
vdn-clean -f $systems
vdn-scripts -n configAll
vdn-scripts -n repairAll
vdn-scripts -n testAll
testFinish $systems
}
testRoutingOspf() {
local n
n=routing-ospf
testHeader $n
systems=$(vdn-list | grep -v '^#')
vdn-clean -f $systems
vdn-scripts -n configAll
vdn-scripts -n repairAll
vdn-scripts -n testAll
testFinish $systems
}
testRoutingRip() {
local n
n=routing-rip
testHeader $n
systems=$(vdn-list | grep -v '^#')
vdn-clean -f $systems
vdn-scripts -n configAll
vdn-scripts -n repairAll
vdn-scripts -n testAll
testFinish $systems
}
testFirewall() {
local n
n=firewall
testHeader $n
systems=$(vdn-list | grep -v '^#')
vdn-clean -f $systems
vdn-scripts -n configAll
vdn-scripts -n repairFirewall
vdn-scripts -n testFirewall
vdn-scripts -n repairIPv6
vdn-scripts -n testIPv6
testFinish $systems
}
testFixme() {
local n
n=fixme
testHeader $n
systems=$(vdn-list | grep -v '^#')
vdn-clean -f $systems
vdn-scripts -n configAll
vdn-scripts -n repairAll
vdn-scripts -n testAll
testFinish $systems
}
testDocker() {
local n
n=docker
testHeader $n
systems=$(vdn-list | grep -v '^#')
vdn-clean -f $systems
vdn-scripts -n configAll
vdn-scripts -n testAll
testFinish $systems
}
testNagios() {
local n
n=nagios
testHeader $n
systems=$(vdn-list | grep -v '^#')
vdn-clean -f $systems
vdn-scripts -n configAll
vdn-scripts -n testAll
testFinish $systems
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
export DISABLE_PARALLEL=1 # force sequential mode
export FORCE_BG=1
time (
#time testFirewall
#time testRoutingStatic
#time testRoutingOspf
#time testRoutingRip
#time testFixme
#time testDocker
time testNagios
)

88
vdn/bin/vdn-test-kvm
Unescape View File

@ -0,0 +1,88 @@
#!/usr/bin/env bash
set -eu
synopsis() {
cat << EOF
Usage : `basename $0` [-h]
EOF
}
help() {
cat << EOF
`basename $0` analyse les capacités de virtualisation de l'hôte.
`synopsis`
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
grep -Eq '(vmx|svm)' /proc/cpuinfo
virtproc=$?
[ -w /dev/kvm ]
kvmwrite=$?
lsmod | grep -q 'kvm_'
kvmproc=$?
lsmod | grep -q 'kvm[^_]'
kvm=0
ret=1
if [ $virtproc -ne 0 ]; then
echo "Votre processeur ne dispose pas d'instructions de virtualisation :-( !"
fi
if [ $virtproc -eq 0 -a $kvmwrite -ne 0 ]; then
echo
echo "Votre processeur dispose d'instructions de virtualisation."
echo "Cependant vous ne pouvez pas les utiliser :-( !"
echo
if [ -e /dev/kvm ]; then
msg=" Vous n'avez pas les droits de lecture/écriture sur /dev/kvm !\n L'administrateur (root) doit, au choix, effectuer les actions suivantes :\n 1. chmod 666 /dev/kvm.\n 2. Vous ajouter au groupe $(stat -c %G /dev/kvm).\n Si la deuxième solution est choisie, vous devrez vous déconnecter de votre\n session graphique et vous reconnecter."
elif lsmod | grep -q kvm; then
msg=" La virtualisation n'est pas activée dans votre BIOS/UEFI."
else
proc="intel"
if cat /proc/cpuinfo | grep -i -q amd; then
proc="amd"
fi
msg=" Le module noyau \"kvm-$proc\" n'est pas chargé !\n L'administrateur du système doit exécuter : modprobe kvm-$proc ."
fi
echo "Il semblerait que la raison soit :"
echo -e "$msg"
echo
fi
if [ $virtproc -eq 0 -a $kvmwrite -eq 0 ]; then
echo "Instructions de virtualisation accessibles."
ret=0
fi
exit $ret

177
vdn/bin/vdn-upload-disks
Unescape View File

@ -0,0 +1,177 @@
#!/usr/bin/env bash
set -eu
#set -x
FORCE=0
DRY=0
SYSTEMS=""
synopsis() {
cat << EOF
Usage : `basename $0` [-hdf] system...
EOF
}
help() {
cat << EOF
`basename $0` dépose les disques associés au(x) système(s) sur le serveur.
`synopsis`
Les disques des systèmes spécifiés sont déposés sur le serveur (rsync via ssh).
Pour cela, la variable SSH_REPOSITORY doit avoir été fixée dans votre
fichier \$HOME/.vdnrc. Exemple :
SSH_REPOSITORY="toto@truc.bidule.org:public_html/files"
Remarque : les fichiers "*.disk" sont préalablement compressés (.gz).
-h : affiche cette aide
-d : dry run
-f : force : pas de demande de confirmation !
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "hdf" opt; do
case $opt in
h) help; exit 0;;
d) DRY=1;;
f) FORCE=1;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -lt 1 ] && usage
SYSTEMS=$@
}
uploadDisks() {
local error=0 absent=0
LIST=""
LIST_DISKS=""
if [ -z "$SSH_REPOSITORY" ]; then
error "SSH_REPOSITORY est vide"
fi
# find all files (uniq)
for i; do
GUEST_NAME="$i"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
DISKS_REPOSITOY="";
CDROM_REPOSITORY="";
HDA=""; HDB=""; CDROM=""; BOOT_CDROM="0";
KERNEL=""; INITRAMFS=""
loadGuestVars $GUEST_NAME
[ "$MODE" = "tgz" -o "$MODE" = "overlay" ] && {
[ -n "$KERNEL" ] && LIST="$LIST $DISKS_REPOSITORY/$KERNEL"
[ -n "$INITRAMFS" ] && LIST="$LIST $DISKS_REPOSITORY/$INITRAMFS"
}
[ -n "$CDROM" -a "$BOOT_CDROM" = 1 ] && \
LIST="$LIST $CDROM_REPOSITORY/$CDROM"
[ -n "$HDA" ] && LIST_DISKS="$LIST_DISKS $DISKS_REPOSITORY/$HDA.gz"
[ -n "$HDB" ] && LIST_DISKS="$LIST_DISKS $DISKS_REPOSITORY/$HDB.gz"
done
#set -x
LIST_DISKS=$(echo $LIST_DISKS | tr -s ' ' '\n' | sort -u | grep -v '^$')
LIST=$(echo $LIST | tr -s ' ' '\n' | sort -u | grep -v '^$' ||:)
LIST="$LIST $LIST_DISKS"
# test dates
LIST_UPLOAD=""
for i in $LIST; do
file=$(basename $i .gz)
set +e
reInfos="$(wget --spider -S $i 2>&1)"
if [ $? -ne 0 ]; then
reDate=0
else
reDate=$(echo "$reInfos" | grep "Last-Modified:" | cut -d ':' -f 2-)
reDate=$(date -d "$reDate" +%s)
fi
set -e
locDate=0
if [ -e $VDN_PATH/files/$file ]; then
locDate=$(stat -c %Y $VDN_PATH/files/$file)
else
warning "$(basename $i) not found"
absent=1
continue
fi
[ $locDate -gt $reDate ] && LIST_UPLOAD="$LIST_UPLOAD $i" ||
echo "$file : is up to date"
done
echo $LIST_UPLOAD
# upload
for i in $LIST_UPLOAD; do
file=$(basename $i .gz)
if [[ $i =~ \.gz ]]; then
if [ $DRY = 1 ]; then
echo "Dry run : upload $i"
else
tmp=$(mktemp)
echo "Compression ($file). Patience... (environ 5 mn)"
gzip -c -n --rsyncable $VDN_PATH/files/$file > $tmp
chmod 644 $tmp
echo "Synchronisation. Patience..."
rsync -S --progress $tmp $SSH_REPOSITORY/$file.gz
rm $tmp
fi
else
if [ $DRY = 1 ]; then
echo "Dry run : upload $i"
else
rsync -S --progress $VDN_PATH/files/$file $SSH_REPOSITORY
fi
fi
done
[ $absent = 1 ] && return 1 || :
}
# Programme principal
GUEST_OWNER=$USER
VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
uploadDisks $SYSTEMS

65
vdn/bin/vdn-viewer
Unescape View File

@ -0,0 +1,65 @@
#!/usr/bin/env bash
set -eu
#set -x
DEBUG=0
synopsis() {
cat << EOF
Usage : `basename $0` [-h] system
EOF
}
help() {
cat << EOF
`basename $0` démarre un client SPICE présentant l'écran du système.
`synopsis`
Remarque : seuls les systèmes KVM avec leur variable KVM_VIEWER fixée à "spice"
proposent un écran SPICE.
-h : affiche cette aide
EOF
}
usage() {
synopsis
exit 1
}
args() {
local opt
while getopts "h" opt; do
case $opt in
h) help; exit 0;;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage || :
GUEST_NAME=$1; shift;
}
# Programme principal
export VDN_PATH=$(readlink -f $(dirname $0)/..); . $VDN_PATH/bin/functions.sh
args "$@"
[ $DEBUG = 1 ] && set -x || :
[ $GUEST_NAME != "nested" ] && setGuestVars $GUEST_NAME
GUEST_OWNER=$USER
[ $GUEST_NAME != "nested" ] && loadGuestVars $GUEST_NAME
remote-viewer -t $GUEST_NAME spice+unix://$TMPDIR/vdn-spice-$USER-$GUEST_NAME-socket &

6
vdn/build-template
Unescape View File

@ -0,0 +1,6 @@
#!/usr/bin/env bash
build() {
echo "build..."
}

53
vdn/config.rc
Unescape View File

@ -0,0 +1,53 @@
#!/usr/bin/env bash
# Ce fichier contient les préférences par défaut de l'application VDN
# L'utilisateur peut redéfinir la valeur des variables dans son fichier
# ~/.vdnrc
# URL par défault des fichiers à télécharger (disque, réseaux, ...)
DEFAULT_REPOSITORY="http://opale.iut-clermont.uca.fr/vdn-files"
# Taille du disque
REMOTE_DISK_SIZE=6291456000
# Emulateur utilisé. Si vide, autodétection entre KVM et QEMU.
EMULATOR=""
# Répertoire du dernier réseau ouvert (par la GUI).
# Ici il joue le rôle de réseau ouvert par défaut.
NETWORK_DIR="$VDN_PATH/networks/demo"
# Répertoire des sauvegardes.
SAVE_PATH="/home/scratch/$USER/vdn-save"
# Répertoire pour les fichiers temporaires.
TMPDIR="/tmp/vdn-$USER"
# Chemin SSH du répertoire distant des disques (devel).
SSH_REPOSITORY=""
## Les options ci-dessous sont relatives à l'interface graphique (GUI).
# Taille de la police pour les terminaux intégrés à VDN
GRID_FONT="Monospace 11"
# A fixer à 1 pour que les scripts (prévus pour) soient exécutés en parallèle.
RUN_PARALLEL=1
# Montrer le graphe généré par graphviz plutôt que le graphe édité par Inkscape.
RAW_GRAPH=0
# Autorise l'utilisateur à surcharger ces variables.
[ -r $HOME/.vdnrc ] && . $HOME/.vdnrc || :

53
vdn/config.rc.local
Unescape View File

@ -0,0 +1,53 @@
#!/usr/bin/env bash
# Ce fichier contient les préférences par défaut de l'application VDN
# L'utilisateur peut redéfinir la valeur des variables dans son fichier
# ~/.vdnrc
# URL par défault des fichiers à télécharger (disque, réseaux, ...)
DEFAULT_REPOSITORY="http://opale.iut-clermont.uca.fr/vdn-files"
# Taille du disque
REMOTE_DISK_SIZE=6291456000
# Emulateur utilisé. Si vide, autodétection entre KVM et QEMU.
EMULATOR=""
# Répertoire du dernier réseau ouvert (par la GUI).
# Ici il joue le rôle de réseau ouvert par défaut.
NETWORK_DIR="$VDN_PATH/networks/demo"
# Répertoire des sauvegardes.
SAVE_PATH="/home/scratch/$USER/vdn-save"
# Répertoire pour les fichiers temporaires.
TMPDIR="/tmp/vdn-$USER"
# Chemin SSH du répertoire distant des disques (devel).
SSH_REPOSITORY=""
## Les options ci-dessous sont relatives à l'interface graphique (GUI).
# Taille de la police pour les terminaux intégrés à VDN
GRID_FONT="Monospace 11"
# A fixer à 1 pour que les scripts (prévus pour) soient exécutés en parallèle.
RUN_PARALLEL=1
# Montrer le graphe généré par graphviz plutôt que le graphe édité par Inkscape.
RAW_GRAPH=0
# Autorise l'utilisateur à surcharger ces variables.
[ -r $HOME/.vdnrc ] && . $HOME/.vdnrc || :

228
vdn/config.template
Unescape View File

@ -0,0 +1,228 @@
#!/usr/bin/env bash
# Fichier de configuration d'un système virtuel
# ---------------------------------------------
# Lorsque ce fichier est lu, les variables suivantes sont déjà fixées (et
# peuvent donc être utilisées pour la définition des variables ci-dessous).
#
# VDN_PATH : répertoire de vdn
# GUEST_NAME : nom du système virtuel
# ---------------------------------------------
# URL de téléchargement des fichiers
DISKS_REPOSITORY="http://opale.iut-clermont.uca.fr/vdn-files"
# Modes : "tgz" correspond au mode LiveCD, "direct" au mode DIRECT et
# "cow" au mode COW.
MODE="tgz"
# Émulateur à utiliser. Si vide autodétection (kvm/qemu).
EMULATOR=""
# Mémoire dédiée au système virtuel (en Mo).
MEMORY="128"
# Chemin du premier disque du système.
HDA="DebianBuster-amd64.disk"
# Taille (en Mo) du premier disque du système (utile uniquement pour
# les modes DIRECT et COW).
HDA_SIZE="1024"
# Répertoire de sauvegardes du second disque (HDB)
SAVE_DIR_HDB=""
# Chemin du second disque du système.
HDB=""
# Taille (en Mo) du second disque du système.
HDB_SIZE=""
# Auto partitionnement, formatage (ext4), et montage (/mnt/hdb)
HDB_PART_FORMAT="0"
# Répertoires à transférer de façon transparente sur hdb (utilise /mnt/hdb)
HDB_DIRS=""
# Taille (en Mo) du fichier de swap.
SWAP_SIZE="1024"
# Connexions des interfaces réseau.
NETWORKS=""
# Type de carte réseau
#NET_MODEL="ne2k_pci"
NET_MODEL="virtio"
# Redirections "réseau" sur le système virtuel.
REDIRS="tcp:22:(ssh)"
# Interface supplémentaire dédiée à la communication avec l'hôte.
EXTRA_ETH="1"
# Pour que la route par défaut soit vers le réseau hôte
EXTRA_ETH_DEFAULT_ROUTE="1"
# Forcer le masquerading sur l'interface supplémentaire
EXTRA_ETH_MASQUERADING="0"
# Fichier à importer de l'hôte
#HOST_FILES="/etc/bash.bashrc"
HOST_FILES=""
# Fixe les proxys http et https de l'invité
SET_PROXY="1"
# Activer la résolution des hôtes Internet (ex : tiny.demo.toto.vdn)
VDN_RESOLV="1"
######################################################
### Variables spécifiques aux systèmes de type tgz ###
######################################################
# Type de système virtuel (ex : debian/bullseye)
GUEST_SYS=""
# Chemin du noyau
KERNEL="vmlinuz-4.19.0-16-amd64"
# Chemin de l'initramfs
INITRAMFS="initrd-tgz.img-4.19.0-16-amd64"
# Fixe automatiquement le nom de l'hôte au boot ?
SET_HOSTNAME=1
# Quel nom d'hôte au boot ?
BOOT_HOSTNAME="localhost"
# Commandes à exécuter au démarrages (/etc/rc.local)
ON_BOOT=""
# Taille (en Mo) du fichier de l'union.
AUFS_SIZE="500"
# Répertoires à ne pas archiver dans la sauvegarde.
#SAVE_EXCLUDE="var/cache var/run var/log var/lib var/backups var/spool sbin/reboot sbin/poweroff sbin/halt etc/rc2.d etc/rc3.d etc/rc4.d etc/rc5.d etc/rcS.d etc/systemd/system tmp overlays etc/init.d etc/vdn"
#SAVE_EXCLUDE="var/cache var/run var/log var/lib var/backups var/spool sbin/reboot sbin/poweroff sbin/halt tmp overlays etc/init.d"
SAVE_EXCLUDE="tmp var/tmp var/cache etc/systemd/system/default.target.wants \
etc/vdn etc/rc.local etc/vdn/mount-root etc/vdn/save \
var/lib/plymouth/boot-duration ./var/lib/dhcp/dhclient.leases \
var/lib/lightdm/.Xauthority \
var/lib/lightdm/.Xauthority \
var/backups \
var/log/lightdm var/lib/lightdm/.cache \
home/test/.cache"
# Clear log when save
CLEAR_LOG_WHEN_SAVE=1
# Delete .gz in /var/log
DELETE_LOG_GZ=1
# Services à activer en plus de ceux de base.
EXTRA_SERVICES=""
# Services à exclure
EXCLUDE_SERVICES="ssh" # ssh sera activé automatiquement en fin de /etc/rc.local
# Runlevel (multi-user.target, graphical.target, ...)
RUNLEVEL="graphical.target"
#######################################################
### Spécifiques aux systèmes de types COM et DIRECT ###
#######################################################
# Cdrom (fichier iso ou fichier spécial).
CDROM=""
# URL(s) de téléchargement du/des cédérom(s).
CDROM_REPOSITORY="https://cdimage.debian.org/debian-cd/current/amd64/iso-cd"
# À fixer à 1 pour un amorçage sur le cédérom.
BOOT_CDROM=0
############################################################
### Spécifique à KVM (tous types de systèmes confondus). ###
############################################################
# Options (autres que disques et réseaux) à passer à KVM.
KVM_OPTS="-device virtio-rng-pci,rng=rng0 -object rng-random,filename=/dev/urandom,id=rng0 -pidfile $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-pid \
-rtc base=localtime -m ${MEMORY}M"
# Modèle de disque (virtio/ide).
KVM_DISK_MODEL="virtio"
# Mode de visualisation (sdl,vnc, spice).
KVM_VIEWER="spice"
# Démarrage automatique d'un viewer
KVM_VIEWER_AUTOSTART=0
# Intégration du visualisateur VNC interne dans la GUI.
KVM_VIEWER_EMBEDDED=0
# Ajouter l'option "-usbdevice tablet".
KVM_USB_DEVICE_TABLET=0
#######################
### Personalisation ###
#######################
# locales
DEFAULT_LANG=fr_FR.UTF-8
# timezone
TIMEZONE=Europe/Paris
# keyboard
XKBMODEL="pc105"
XKBLAYOUT="fr"
XKBVARIANT="latin9"
XKBOPTIONS=""
BACKSPACE="guess"

231
vdn/config.template.local
Unescape View File

@ -0,0 +1,231 @@
#!/usr/bin/env bash
# Fichier de configuration d'un système virtuel
# ---------------------------------------------
# Lorsque ce fichier est lu, les variables suivantes sont déjà fixées (et
# peuvent donc être utilisées pour la définition des variables ci-dessous).
#
# VDN_PATH : répertoire de vdn
# GUEST_NAME : nom du système virtuel
# ---------------------------------------------
# URL de téléchargement des fichiers
DISKS_REPOSITORY="http://opale.iut-clermont.uca.fr/vdn-files"
# Modes : "tgz" correspond au mode LiveCD, "direct" au mode DIRECT et
# "cow" au mode COW.
MODE="tgz"
# Émulateur à utiliser. Si vide autodétection (kvm/qemu).
EMULATOR=""
# Mémoire dédiée au système virtuel (en Mo).
MEMORY="128"
# Chemin du premier disque du système.
#HDA="debian.disk"
HDA="DebianBuster-amd64.disk"
# Taille (en Mo) du premier disque du système (utile uniquement pour
# les modes DIRECT et COW).
HDA_SIZE="1024"
# Répertoire de sauvegardes du second disque (HDB)
SAVE_DIR_HDB=""
# Chemin du second disque du système.
HDB=""
# Taille (en Mo) du second disque du système.
HDB_SIZE=""
# Auto partitionnement, formatage (ext4), et montage (/mnt/hdb)
HDB_PART_FORMAT="0"
# Répertoires à transférer de façon transparente sur hdb (utilise /mnt/hdb)
HDB_DIRS=""
# Taille (en Mo) du fichier de swap.
SWAP_SIZE="1024"
# Connexions des interfaces réseau.
NETWORKS=""
# Type de carte réseau
#NET_MODEL="ne2k_pci"
NET_MODEL="virtio"
# Redirections "réseau" sur le système virtuel.
REDIRS="tcp:22:(ssh)"
# Interface supplémentaire dédiée à la communication avec l'hôte.
EXTRA_ETH="1"
# Pour que la route par défaut soit vers le réseau hôte
EXTRA_ETH_DEFAULT_ROUTE="1"
# Forcer le masquerading sur l'interface supplémentaire
EXTRA_ETH_MASQUERADING="0"
# Fichier à importer de l'hôte
#HOST_FILES="/etc/bash.bashrc"
HOST_FILES=""
# Fixe les proxys http et https de l'invité
SET_PROXY="1"
# Activer la résolution des hôtes Internet (ex : tiny.demo.toto.vdn)
VDN_RESOLV="1"
######################################################
### Variables spécifiques aux systèmes de type tgz ###
######################################################
# Type de système virtuel.
GUEST_SYS=""
# Chemin du noyau
KERNEL="vmlinuz-4.19.0-16-amd64"
# Chemin de l'initramfs
INITRAMFS="initrd-tgz.img-4.19.0-16-amd64"
# Fixe automatiquement le nom de l'hôte au boot ?
SET_HOSTNAME=1
# Quel nom d'hôte au boot ?
BOOT_HOSTNAME="localhost"
# Commandes à exécuter au démarrages (/etc/rc.local)
ON_BOOT=""
# Taille (en Mo) du fichier de l'union.
AUFS_SIZE="500"
# Répertoires à ne pas archiver dans la sauvegarde.
#SAVE_EXCLUDE="var/cache var/run var/log var/lib var/backups var/spool sbin/reboot sbin/poweroff sbin/halt etc/rc2.d etc/rc3.d etc/rc4.d etc/rc5.d etc/rcS.d etc/systemd/system tmp overlays etc/init.d etc/vdn"
#SAVE_EXCLUDE="var/cache var/run var/log var/lib var/backups var/spool sbin/reboot sbin/poweroff sbin/halt tmp overlays etc/init.d"
SAVE_EXCLUDE="tmp var/tmp var/cache etc/systemd/system/default.target.wants \
etc/vdn etc/rc.local etc/vdn/mount-root etc/vdn/save \
var/lib/plymouth/boot-duration ./var/lib/dhcp/dhclient.leases \
var/lib/lightdm/.Xauthority \
var/lib/lightdm/.Xauthority \
var/backups \
var/log/lightdm var/lib/lightdm/.cache \
home/test/.cache"
# Clear log when save
CLEAR_LOG_WHEN_SAVE=1
# Delete .gz in /var/log
DELETE_LOG_GZ=1
# Services à activer en plus de ceux de base.
EXTRA_SERVICES=""
# Services à exclure
EXCLUDE_SERVICES="ssh" # ssh sera activé automatiquement en fin de /etc/rc.local
# Runlevel (multi-user.target, graphical.target, ...)
RUNLEVEL="graphical.target"
#######################################################
### Spécifiques aux systèmes de types COM et DIRECT ###
#######################################################
# Cdrom (fichier iso ou fichier spécial).
CDROM=""
# URL(s) de téléchargement du/des cédérom(s).
CDROM_REPOSITORY="https://cdimage.debian.org/debian-cd/current/amd64/iso-cd"
# À fixer à 1 pour un amorçage sur le cédérom.
BOOT_CDROM=0
############################################################
### Spécifique à KVM (tous types de systèmes confondus). ###
############################################################
# Options (autres que disques et réseaux) à passer à KVM.
KVM_OPTS="-device virtio-rng-pci,rng=rng0 -object rng-random,filename=/dev/urandom,id=rng0 -pidfile $TMPDIR/vdn-$GUEST_NAME-$GUEST_OWNER-pid \
-rtc base=localtime -m ${MEMORY}M"
# Modèle de disque (virtio/ide).
KVM_DISK_MODEL="virtio"
# Mode de visualisation (sdl,vnc, spice).
KVM_VIEWER="spice"
# Démarrage automatique d'un viewer
KVM_VIEWER_AUTOSTART=0
# Intégration du visualisateur VNC interne dans la GUI.
KVM_VIEWER_EMBEDDED=0
# Ajouter l'option "-usbdevice tablet".
KVM_USB_DEVICE_TABLET=0
#######################
### Personalisation ###
#######################
# locales
DEFAULT_LANG=fr_FR.UTF-8
# timezone
TIMEZONE=Europe/Paris
# keyboard
XKBMODEL="pc105"
XKBLAYOUT="fr"
XKBVARIANT="latin9"
XKBOPTIONS=""
BACKSPACE="guess"

571
vdn/distribs/guests/direct/debian/bullseye/prepare-sae.sh
Unescape View File

@ -0,0 +1,571 @@
#!/usr/bin/env bash
dir=$(readlink -f $(dirname $0));
dist=$(echo $dir | sed -re 's,/.*/([^/]+/[^/]+)$,\1,')
GUEST_RELEASE=$dist
[ -z "$http_proxy" ] && http_proxy=""
[ -z "$https_proxy" ] && https_proxy=""
set -eu
#http_proxy=http://193.49.118.36:8080
#https_proxy=http://193.49.118.36:8080
installAll() {
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get update -y; apt-get dist-upgrade -y; apt-get install rsync git mingetty
"
#preInstallForTgz
#installModulesReseaux
#installDocker
#installLamp
#installNagios3
#installBackportKernel # NE FONCTIONNE PAS, pas utile.
#installVdn
#installPodman
#installForTgz
}
installPodman() {
# Already installed.
# WARNING : set kernel.unprivileged_userns_clone
vdn-ssh -t root@$GUEST_NAME "
cat /etc/sysctl.conf | \
grep kernel.unprivileged_userns_clone || \
{ echo -e '\\nkernel.unprivileged_userns_clone=1' >> /etc/sysctl.conf; sysctl --system; }
"
}
##
### Modules réseaux-1 et réseaux-2 ###
###
installModulesReseaux() {
# Bad to stretch from squeeze
# php5 php5-mysql smbfs cifs-utils console-tools dhcp3-client samba-doc dhcp3-server sux fuse-utils gproftpd xsmbrowser netkit-ping heartbeat-gui hapm
# Aucune version du paquet smbfs n'est disponible, mais il existe dans la base
#de données. Cela signifie en général que le paquet est manquant, qu'il est devenu obsolète
#ou qu'il n'est disponible que sur une autre source
#Cependant les paquets suivants le remplacent :
# cifs-utils
#Aucune version du paquet samba-doc n'est disponible, mais il existe dans la base
#de données. Cela signifie en général que le paquet est manquant, qu'il est devenu obsolète
#ou qu'il n'est disponible que sur une autre source
#Cependant les paquets suivants le remplacent :
# winbind smbclient samba-testsuite samba-common-bin samba-common samba
# registry-tools libsmbclient libpam-winbind
DEBS="less ssh mingetty rsync net-tools haveged rng-tools dnsutils zerofree"
#DEBS="$DEBS dhcp3-client dhcp3-server sux fuse-utils gproftpd xsmbrowser netkit-ping heartbeat-gui hapm"
#DEBS="$DEBS python-gtk-vnc"
#console-tools console-data console-common
DEBS="$DEBS vim slirp nfs-common nfs-kernel-server"
DEBS="$DEBS sshfs psmisc bsdutils strace busybox-static"
DEBS="$DEBS tcpdump wireshark-gtk nmap"
DEBS="$DEBS manpages"
DEBS="$DEBS curlftpfs ftp curl dillo"
DEBS="$DEBS libapache2-mod-php apache2-doc"
DEBS="$DEBS xbase-clients"
DEBS="$DEBS lynx psmisc file strace lsof telnet links links2"
DEBS="$DEBS iputils-ping"
DEBS="$DEBS rsync dialog"
DEBS="$DEBS firefox-esr"
DEBS="$DEBS nautilus"
DEBS="$DEBS user-mode-linux"
DEBS="$DEBS openvpn"
DEBS="$DEBS quagga proftpd isc-dhcp-server"
DEBS="$DEBS busybox-static rpcbind debootstrap"
DEBS="$DEBS user-mode-linux"
DEBS="$DEBS vim-gtk gedit"
DEBS="$DEBS gpm vde2"
DEBS="$DEBS spice-vdagent"
DEBS="$DEBS gpm vde2"
DEBS="$DEBS gcc make autoconf uidmap pkg-config glib-2.0-dev \
glib-2.0 libglib2.0-dev dpkg-dev \
libcap-dev libcap2 libseccomp2 libseccomp-dev"
# TP Pascal :
DEBS="$DEBS john hashcat sqlmap php default-mysql-server"
echo "apt-get..."
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get install -y $DEBS
"
# cas de lighttpd
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get install -y lighttpd
systemctl disable lighttpd
"
# disable services
local l="ModemManager NetworkManager NetworkManager-dispatcher NetworkManager-wait-online anacron apparmor autovt@ bgpd dbus-fi.w1.wpa_supplicant1 dbus-org.freedesktop.Avahi dbus-org.freedesktop.ModemManager1 dbus-org.freedesktop.nm-dispatcher dbus-org.freedesktop.timesync1 getty@ hddtemp isisd lighttpd lm-sensors network-manager nfs-kernel-server nmbd openbsd-inetd openvpn ospf6d ospfd pimd portmap pppd-dns ripd ripngd rpcbind rsync smbd speech-dispatcher syslog systemd-timesyncd udisks2 wpa_supplicant zebra nfs-blkmap uml-utilities apache2 proftpd isc-dhcp-server nfs-server"
vdn-ssh -t root@$GUEST_NAME "for i in $l; do echo \"Disable \$i\"; systemctl disable \$i; done"
# services (enable) :
#l="avahi-daemon console-setup cron inetd keyboard-setup networking rsyslog ssh sshd uml-utilities"
#l="$l apache2 haveged isc-dhcp-server nfs-server proftpd"
}
installBackportKernel() {
local kvers=$(vdn-ssh root@$GUEST_NAME uname -r)
if ! vdn-ssh root@$GUEST_NAME "grep -q backport /etc/apt/sources.list"; then
vdn-ssh root@$GUEST_NAME 'echo "deb http://ftp.debian.org/debian buster-backports main" >> /etc/apt/sources.list'
fi
vdn-ssh -t root@$GUEST_NAME "apt-get update; apt-get -y install linux-image-5.3.0-0.bpo.2-amd64"
vdn-ssh -t root@$GUEST_NAME 'grep -v buster-backports /etc/apt/sources.list > /tmp/o; mv /tmp/o /etc/apt/sources.list'
vdn-ssh -t root@$GUEST_NAME "apt-get update; apt-get -y install --reinstall linux-image-amd64; update-initramfs -u -k $kvers"
}
installDocker() {
set +u
[ -z "$http_proxy" ] && http_proxy="" || :
[ -z "$https_proxy" ] && https_proxy="" || :
set -u
# désactive le service docker, Voir les scripts de post-configuration
# n'ajoute aucun utilisateur au groupe docker par défaut. Voir les scripts de post-configuration
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
export https_proxy=$https_proxy
apt-get update
apt-get -y install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
apt-key fingerprint 0EBFCD88
add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/debian \$(lsb_release -cs) stable\"
apt-get update
apt-get -y install docker-ce docker-ce-cli containerd.io docker-compose
curl -L https://raw.githubusercontent.com/docker/compose/1.24.1/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose
systemctl mask containerd docker
"
}
installLamp() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get -y install apache2 php mariadb-server libapache2-mod-php php-gd php-mysql
systemctl disable mariadb mysql
"
}
preInstallForTgz() {
echo "Set /etc/modprobe.d/blacklist-floppy.conf..."
vdn-ssh root@$GUEST_NAME "f=/etc/modprobe.d/blacklist-floppy.conf; ! grep -q floppy \$f && echo \"blacklist floppy\" >> \$f || :"
echo "Set /etc/initramfs-tools/modules..."
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q ne2k_pci \$f && echo ne2k_pci >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q 8390 \$f && echo 8390 >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q virtio_net \$f && echo virtio_net >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q overlay \$f && echo overlay >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q aufs \$f && echo aufs >> \$f || :"
echo "Create /etc/initramfs-tools/scripts/local-bottom/overlay.sh ..."
cat << EOF | vdn-ssh root@$GUEST_NAME "cat > /etc/initramfs-tools/scripts/local-bottom/overlay.sh"
#!/bin/sh
listDisks() {
if [ "\$EMULATOR" = linux ]; then
ls /dev/ubd[[:lower:]] # | grep -E 'udb[[:lower:]]r?'
else
ls /dev/?d[[:lower:]]
fi
}
PREREQ=""
prereqs()
{
echo "\$PREREQ"
}
case \$1 in
prereqs)
prereqs
exit 0
;;
esac
! grep -E -q 'vdn-mode=(tgz|overlay)' /proc/cmdline && {
echo "*** local-bottom/overlay.sh : exit (no mode tgz or overlay)" >&2
exit 0
}
echo
echo "*** local-bottom/overlay.sh ***"
echo "Extract configuration..."
listDisks
confDisk=\$(listDisks | tail -n 1)
echo confDisk=\$confDisk
mkdir /vdn
tar -C / -xvzf \$confDisk
if [ \$? -ne 0 ]; then
echo "Erreur lors de l'extraction de la configuration" >&2
echo "Lancement d'un shell pour inspection..." >&2
export PS1="initramfs:\w# "
/bin/sh -i
fi
if [ -e /etc/vdn/mount-root ]; then
sh /etc/vdn/mount-root
else
echo "/etc/vdn/mount-root introuvable !" >&2
echo "ARRÊT du système !">&2
while :; do sleep 1000; done
fi
EOF
vdn-ssh root@$GUEST_NAME chmod 755 /etc/initramfs-tools/scripts/local-bottom/overlay.sh
}
installForTgz() {
echo "Install for tgz..."
local kvers
kvers=$(vdn-ssh root@$GUEST_NAME ls /lib/modules | sort -Vr | head -n1)
[ -z "$kvers" ] && {
echo "Warning : /lib/modules is empty !" >&2
kvers=$(vdn-ssh root@$GUEST_NAME uname -r)
echo "Use current kernel : $kvers"
}
rsync -e vdn-ssh root@$GUEST_NAME:/boot/vmlinuz-$kvers $VDN_PATH/files
# initramfs (created it if necessary)
vdn-ssh root@$GUEST_NAME "
rm -f /boot/initrd.img-$kvers.keep
if [ -e /boot/initrd.img-$kvers ]; then
cp /boot/initrd.img-$kvers /boot/initrd.img-$kvers.keep
fi
echo \"update-initramfs ...\" >&2
update-initramfs -u -k $kvers
#cat /etc/initramfs-tools/scripts/local-bottom/overlay.sh
rm /etc/initramfs-tools/scripts/local-bottom/overlay.sh
cp /boot/initrd.img-$kvers /boot/initrd-tgz.img-$kvers
if [ -e /boot/initrd.img-$kvers.keep ]; then
mv /boot/initrd.img-$kvers.keep /boot/initrd.img-$kvers
fi
"
rsync -e vdn-ssh root@$GUEST_NAME:/boot/initrd-tgz.img-$kvers $VDN_PATH/files
}
installNagios1() {
# from https://www.itzgeek.com/how-tos/linux/debian/how-to-install-nagios-on-debian-9-stretch.html
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt update
apt install -y build-essential apache2 php openssl perl make php-gd libgd2-xpm-dev libapache2-mod-php libperl-dev libssl-dev daemon wget apache2-utils unzip
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd www-data
cd /tmp/
wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.5.tar.gz
tar -zxvf nagios-4.4.5.tar.gz
cd /tmp/nagios-4.4.5/
./configure --with-nagios-group=nagios --with-command-group=nagcmd --with-httpd_conf=/etc/apache2/sites-enabled/
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
"
}
installNagios2() {
### sudo nano /usr/local/nagios/etc/objects/contacts.cfg
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
#sed -i -re 's/^.*email.*$/email root@localhost ;/' /usr/local/nagios/etc/objects/contacts.cfg
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
a2enmod cgi
systemctl restart apache2
cd /tmp
wget https://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz
tar -zxvf /tmp/nagios-plugins-2.2.1.tar.gz
cd /tmp/nagios-plugins-2.2.1/
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
"
}
installNagios3() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt install -y nagios-nrpe-server nagios-plugins
apt -y install nagios-nrpe-plugin
"
}
installVdn() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
cd /tmp
rm -Rf vdn
git clone http://opale.u-clermont1.fr/vdn/git/vdn.git
echo "vdn/bin/vdn-prepare $GUEST_RELEASE"
vdn/bin/vdn-prepare $GUEST_RELEASE
"
}
# début des fonctions
synopsis() {
cat << EOF
Usage : `basename $0` [-i identity] system
EOF
}
help() {
cat << EOF
`basename $0` prepare un système virtuel pour fonctionner en mode DIRECT.
`synopsis`
Une identification par clé pour ssh est mise en place (cf. -i identity)
pour éviter les identification par mot de passe lors des connexions ssh
de l'hôte vers l'invité nécessaires à l'opération.
Les mots de passes sont fixés de façon aléatoire
-h : affiche cette aide
-i identity : chemin de la clé publique à utiliser.
EOF
}
usage() {
synopsis
exit 2
}
args() {
local opt
while getopts "hi:" opt; do
case $opt in
h) help; exit 0;;
i) IDENTITY="$OPTARG";;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/../../../../..); . $VDN_PATH/bin/functions.sh
args "$@"
PROG_DIR=$(readlink -f $(dirname $0))
if ! $VDN_PATH/bin/vdn-alive $GUEST_NAME; then
error "Le système $GUEST_NAME n'est pas démarré"
fi
loadGuestVars $GUEST_NAME
foundIdentity=0
for i in $SSH_IDENTITY; do
if [ -e $i ]; then
IDENTITY=$i
foundIdentity=1
fi
done
[ $foundIdentity = 0 ] && error "Aucune clé SSH !"
if vdn-ssh -n -o PasswordAuthentication=no root@$GUEST_NAME exit 0 ; then
vdn-ssh-copy-id -i $IDENTITY root@$GUEST_NAME
fi
#echo "apt-get..."
#vdn-ssh root@$GUEST_NAME apt-get install rsync net-tools
#echo "Set /etc/initramfs-tools/modules..."
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q ne2k_pci \$f && echo ne2k_pci >> \$f || :"
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q 8390 \$f && echo 8390 >> \$f || :"
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q virtio_net \$f && echo virtio_net >> \$f || :"
#echo "Set /etc/modprobe.d/blacklist-floppy.conf..."
#vdn-ssh root@$GUEST_NAME "f=/etc/modprobe.d/blacklist-floppy.conf; ! grep -q floppy \$f && echo \"blacklist floppy\" >> \$f || :"
vdn-ssh -t root@$GUEST_NAME chmod 755 /
echo "Add test user to kvm group (for nested)"
vdn-ssh root@$GUEST_NAME "addgroup test kvm"
echo "Add test user to kvm group (for nested)"
vdn-ssh root@$GUEST_NAME "addgroup test docker || :"
#echo "Add test user to sudo group"
#vdn-ssh root@$GUEST_NAME "addgroup test sudo"
echo "Set vim syntax=on"
vdn-ssh root@$GUEST_NAME "cat /etc/vim/vimrc | sed -re 's/^.*syntax on.*$/syntax on/' > /etc/vim/vimrc.new"
vdn-ssh root@$GUEST_NAME "mv /etc/vim/vimrc.new /etc/vim/vimrc"
vdn-ssh root@$GUEST_NAME "cp /etc/vim/vimrc ~/.vimrc"
vdn-ssh root@$GUEST_NAME "cp /etc/vim/vimrc /home/test/.vimrc; chown test: /home/test/.vimrc"
echo "Allow root autologin on ttyS0"
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^ExecStart=.*$,ExecStart=-/sbin/mingetty --noclear --autologin root %I,' /lib/systemd/system/serial-getty@.service"
# kernel params (in grub )
echo "Allow net.ifnames=0 in GRUB "
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^GRUB_CMDLINE_LINUX_DEFAULT=.*$,GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0 console=ttyS0\,115200n8\",' /etc/default/grub"
echo " 1s timout for menu"
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^GRUB_TIMEOUT=.*$,GRUB_TIMEOUT=1,' /etc/default/grub"
vdn-ssh root@$GUEST_NAME "update-grub"
##########################
export http_proxy=\"$http_proxy\"
export https_proxy=\"$https_proxy\"
echo "http_proxy:$http_proxy"
echo "https_proxy:$https_proxy"
#echo "For debug : exit to guit"
#vdn-ssh root@$GUEST_NAME
installAll
vdn-ssh root@$GUEST_NAME "systemctl mask nagios"
##########################
echo "Set rc.local..."
if [ -e $PROG_DIR/rc.local ]; then
vdn-scp -p $PROG_DIR/rc.local root@$GUEST_NAME:/etc
vdn-ssh root@$GUEST_NAME chmod 755 /etc/rc.local
fi
## Install lxdm
#echo "Install lxdm..."
#
#vdn-ssh -t root@$GUEST_NAME "
#apt-get -y install lxdm
#apt-get -y remove openbox
#"
#echo "Default xsession : xfce4 "
#vdn-ssh root@$GUEST_NAME "sed -i -re 's,^# session=.*$,session=/usr/bin/startxfce4,' /etc/lxdm/lxdm.conf"
#echo "For debug : exit to guit"
#vdn-ssh root@$GUEST_NAME
# Clear
echo "Clear /var/log, history, ..."
vdn-ssh -t root@$GUEST_NAME '
export http_proxy=$http_proxy
rm -Rf /etc/vdn
#for i in $(find /var/log -type f); do cat /dev/null > $i; done
find /var/log -name "*.gz" -delete
echo "Clear .bash_history"
rm -f /root/.bash_history
touch /root/.bash_history
chmod 600 /root/.bash_history
rm -f /home/test/.bash_history
touch /home/test/.bash_history
chmod 600 /home/test/.bash_history
echo "Clear .cache .mozilla"
for d in /root /home/test; do
rm -Rf $d/.cache
rm -Rf $d/.mozilla
done
echo "Clear authorized_keys"
for d in /root /home/test; do
rm -f $d/.ssh/authorized_keys
rm -f $d/.ssh/authorized_keys
done
echo "Clear apt-cache..."
apt autoremove -y
sleep 1
apt-get clean
echo end of cleaning !
'

568
vdn/distribs/guests/direct/debian/bullseye/prepare.sh
Unescape View File

@ -0,0 +1,568 @@
#!/usr/bin/env bash
dir=$(readlink -f $(dirname $0));
dist=$(echo $dir | sed -re 's,/.*/([^/]+/[^/]+)$,\1,')
GUEST_RELEASE=$dist
[ -z "$http_proxy" ] && http_proxy=""
[ -z "$https_proxy" ] && https_proxy=""
set -eu
#http_proxy=http://193.49.118.36:8080
#https_proxy=http://193.49.118.36:8080
installAll() {
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get update -y; apt-get dist-upgrade -y; apt-get install rsync git mingetty
"
preInstallForTgz
installModulesReseaux
installDocker
installLamp
#installNagios3
#installBackportKernel # NE FONCTIONNE PAS, pas utile.
#installVdn
#installPodman
installForTgz
}
installPodman() {
# Already installed.
# WARNING : set kernel.unprivileged_userns_clone
vdn-ssh -t root@$GUEST_NAME "
cat /etc/sysctl.conf | \
grep kernel.unprivileged_userns_clone || \
{ echo -e '\\nkernel.unprivileged_userns_clone=1' >> /etc/sysctl.conf; sysctl --system; }
"
}
##
### Modules réseaux-1 et réseaux-2 ###
###
installModulesReseaux() {
# Bad to stretch from squeeze
# php5 php5-mysql smbfs cifs-utils console-tools dhcp3-client samba-doc dhcp3-server sux fuse-utils gproftpd xsmbrowser netkit-ping heartbeat-gui hapm
# Aucune version du paquet smbfs n'est disponible, mais il existe dans la base
#de données. Cela signifie en général que le paquet est manquant, qu'il est devenu obsolète
#ou qu'il n'est disponible que sur une autre source
#Cependant les paquets suivants le remplacent :
# cifs-utils
#Aucune version du paquet samba-doc n'est disponible, mais il existe dans la base
#de données. Cela signifie en général que le paquet est manquant, qu'il est devenu obsolète
#ou qu'il n'est disponible que sur une autre source
#Cependant les paquets suivants le remplacent :
# winbind smbclient samba-testsuite samba-common-bin samba-common samba
# registry-tools libsmbclient libpam-winbind
DEBS="less ssh mingetty rsync net-tools haveged rng-tools dnsutils zerofree"
#DEBS="$DEBS dhcp3-client dhcp3-server sux fuse-utils gproftpd xsmbrowser netkit-ping heartbeat-gui hapm"
#DEBS="$DEBS python-gtk-vnc"
#console-tools console-data console-common
DEBS="$DEBS vim slirp nfs-common nfs-kernel-server"
DEBS="$DEBS sshfs psmisc bsdutils strace busybox-static"
DEBS="$DEBS tcpdump wireshark-gtk nmap"
DEBS="$DEBS manpages"
DEBS="$DEBS curlftpfs ftp curl dillo"
DEBS="$DEBS libapache2-mod-php apache2-doc"
DEBS="$DEBS xbase-clients"
DEBS="$DEBS lynx psmisc file strace lsof telnet links links2"
DEBS="$DEBS iputils-ping"
DEBS="$DEBS rsync dialog"
DEBS="$DEBS firefox-esr"
DEBS="$DEBS nautilus"
DEBS="$DEBS user-mode-linux"
DEBS="$DEBS openvpn"
DEBS="$DEBS quagga proftpd isc-dhcp-server"
DEBS="$DEBS busybox-static rpcbind debootstrap"
DEBS="$DEBS user-mode-linux"
DEBS="$DEBS vim-gtk gedit"
DEBS="$DEBS gpm vde2"
DEBS="$DEBS spice-vdagent"
DEBS="$DEBS gpm vde2"
DEBS="$DEBS gcc make autoconf uidmap pkg-config glib-2.0-dev \
glib-2.0 libglib2.0-dev dpkg-dev \
libcap-dev libcap2 libseccomp2 libseccomp-dev"
# TP Pascal :
DEBS="$DEBS john hashcat sqlmap php default-mysql-server"
echo "apt-get..."
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get install -y $DEBS
"
# cas de lighttpd
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get install -y lighttpd
systemctl disable lighttpd
"
# disable services
local l="ModemManager NetworkManager NetworkManager-dispatcher NetworkManager-wait-online anacron apparmor autovt@ bgpd dbus-fi.w1.wpa_supplicant1 dbus-org.freedesktop.Avahi dbus-org.freedesktop.ModemManager1 dbus-org.freedesktop.nm-dispatcher dbus-org.freedesktop.timesync1 getty@ hddtemp isisd lighttpd lm-sensors network-manager nfs-kernel-server nmbd openbsd-inetd openvpn ospf6d ospfd pimd portmap pppd-dns ripd ripngd rpcbind rsync smbd speech-dispatcher syslog systemd-timesyncd udisks2 wpa_supplicant zebra nfs-blkmap uml-utilities apache2 proftpd isc-dhcp-server nfs-server"
vdn-ssh -t root@$GUEST_NAME "for i in $l; do echo \"Disable \$i\"; systemctl disable \$i; done"
# services (enable) :
#l="avahi-daemon console-setup cron inetd keyboard-setup networking rsyslog ssh sshd uml-utilities"
#l="$l apache2 haveged isc-dhcp-server nfs-server proftpd"
}
installBackportKernel() {
local kvers=$(vdn-ssh root@$GUEST_NAME uname -r)
if ! vdn-ssh root@$GUEST_NAME "grep -q backport /etc/apt/sources.list"; then
vdn-ssh root@$GUEST_NAME 'echo "deb http://ftp.debian.org/debian buster-backports main" >> /etc/apt/sources.list'
fi
vdn-ssh -t root@$GUEST_NAME "apt-get update; apt-get -y install linux-image-5.3.0-0.bpo.2-amd64"
vdn-ssh -t root@$GUEST_NAME 'grep -v buster-backports /etc/apt/sources.list > /tmp/o; mv /tmp/o /etc/apt/sources.list'
vdn-ssh -t root@$GUEST_NAME "apt-get update; apt-get -y install --reinstall linux-image-amd64; update-initramfs -u -k $kvers"
}
installDocker() {
set +u
[ -z "$http_proxy" ] && http_proxy="" || :
[ -z "$https_proxy" ] && https_proxy="" || :
set -u
# désactive le service docker, Voir les scripts de post-configuration
# n'ajoute aucun utilisateur au groupe docker par défaut. Voir les scripts de post-configuration
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
export https_proxy=$https_proxy
apt-get update
apt-get -y install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
apt-key fingerprint 0EBFCD88
add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/debian \$(lsb_release -cs) stable\"
apt-get update
apt-get -y install docker-ce docker-ce-cli containerd.io docker-compose
curl -L https://raw.githubusercontent.com/docker/compose/1.24.1/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose
systemctl mask containerd docker
"
}
installLamp() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get -y install apache2 php mariadb-server libapache2-mod-php php-gd php-mysql
systemctl disable mariadb mysql
"
}
preInstallForTgz() {
echo "Set /etc/modprobe.d/blacklist-floppy.conf..."
vdn-ssh root@$GUEST_NAME "f=/etc/modprobe.d/blacklist-floppy.conf; ! grep -q floppy \$f && echo \"blacklist floppy\" >> \$f || :"
echo "Set /etc/initramfs-tools/modules..."
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q ne2k_pci \$f && echo ne2k_pci >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q 8390 \$f && echo 8390 >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q virtio_net \$f && echo virtio_net >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q overlay \$f && echo overlay >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q aufs \$f && echo aufs >> \$f || :"
echo "Create /etc/initramfs-tools/scripts/local-bottom/overlay.sh ..."
cat << EOF | vdn-ssh root@$GUEST_NAME "cat > /etc/initramfs-tools/scripts/local-bottom/overlay.sh"
#!/bin/sh
listDisks() {
if [ "\$EMULATOR" = linux ]; then
ls /dev/ubd[[:lower:]] # | grep -E 'udb[[:lower:]]r?'
else
ls /dev/?d[[:lower:]]
fi
}
PREREQ=""
prereqs()
{
echo "\$PREREQ"
}
case \$1 in
prereqs)
prereqs
exit 0
;;
esac
! grep -E -q 'vdn-mode=(tgz|overlay)' /proc/cmdline && {
echo "*** local-bottom/overlay.sh : exit (no mode tgz or overlay)" >&2
exit 0
}
echo
echo "*** local-bottom/overlay.sh ***"
echo "Extract configuration..."
listDisks
confDisk=\$(listDisks | tail -n 1)
echo confDisk=\$confDisk
mkdir /vdn
tar -C / -xvzf \$confDisk
if [ \$? -ne 0 ]; then
echo "Erreur lors de l'extraction de la configuration" >&2
echo "Lancement d'un shell pour inspection..." >&2
export PS1="initramfs:\w# "
/bin/sh -i
fi
if [ -e /etc/vdn/mount-root ]; then
sh /etc/vdn/mount-root
else
echo "/etc/vdn/mount-root introuvable !" >&2
echo "ARRÊT du système !">&2
while :; do sleep 1000; done
fi
EOF
vdn-ssh root@$GUEST_NAME chmod 755 /etc/initramfs-tools/scripts/local-bottom/overlay.sh
}
installForTgz() {
echo "Install for tgz..."
local kvers
kvers=$(vdn-ssh root@$GUEST_NAME ls /lib/modules | sort -Vr | head -n1)
[ -z "$kvers" ] && {
echo "Warning : /lib/modules is empty !" >&2
kvers=$(vdn-ssh root@$GUEST_NAME uname -r)
echo "Use current kernel : $kvers"
}
rsync -e vdn-ssh root@$GUEST_NAME:/boot/vmlinuz-$kvers $VDN_PATH/files
# initramfs (created it if necessary)
vdn-ssh root@$GUEST_NAME "
rm -f /boot/initrd.img-$kvers.keep
if [ -e /boot/initrd.img-$kvers ]; then
cp /boot/initrd.img-$kvers /boot/initrd.img-$kvers.keep
fi
echo \"update-initramfs ...\" >&2
update-initramfs -u -k $kvers
#cat /etc/initramfs-tools/scripts/local-bottom/overlay.sh
rm /etc/initramfs-tools/scripts/local-bottom/overlay.sh
cp /boot/initrd.img-$kvers /boot/initrd-tgz.img-$kvers
if [ -e /boot/initrd.img-$kvers.keep ]; then
mv /boot/initrd.img-$kvers.keep /boot/initrd.img-$kvers
fi
"
rsync -e vdn-ssh root@$GUEST_NAME:/boot/initrd-tgz.img-$kvers $VDN_PATH/files
}
installNagios1() {
# from https://www.itzgeek.com/how-tos/linux/debian/how-to-install-nagios-on-debian-9-stretch.html
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt update
apt install -y build-essential apache2 php openssl perl make php-gd libgd2-xpm-dev libapache2-mod-php libperl-dev libssl-dev daemon wget apache2-utils unzip
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd www-data
cd /tmp/
wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.5.tar.gz
tar -zxvf nagios-4.4.5.tar.gz
cd /tmp/nagios-4.4.5/
./configure --with-nagios-group=nagios --with-command-group=nagcmd --with-httpd_conf=/etc/apache2/sites-enabled/
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
"
}
installNagios2() {
### sudo nano /usr/local/nagios/etc/objects/contacts.cfg
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
#sed -i -re 's/^.*email.*$/email root@localhost ;/' /usr/local/nagios/etc/objects/contacts.cfg
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
a2enmod cgi
systemctl restart apache2
cd /tmp
wget https://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz
tar -zxvf /tmp/nagios-plugins-2.2.1.tar.gz
cd /tmp/nagios-plugins-2.2.1/
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
"
}
installNagios3() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt install -y nagios-nrpe-server nagios-plugins
apt -y install nagios-nrpe-plugin
"
}
installVdn() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
cd /tmp
rm -Rf vdn
git clone http://opale.u-clermont1.fr/vdn/git/vdn.git
echo "vdn/bin/vdn-prepare $GUEST_RELEASE"
vdn/bin/vdn-prepare $GUEST_RELEASE
"
}
# début des fonctions
synopsis() {
cat << EOF
Usage : `basename $0` [-i identity] system
EOF
}
help() {
cat << EOF
`basename $0` prepare un système virtuel pour fonctionner en mode DIRECT.
`synopsis`
Une identification par clé pour ssh est mise en place (cf. -i identity)
pour éviter les identification par mot de passe lors des connexions ssh
de l'hôte vers l'invité nécessaires à l'opération.
Les mots de passes sont fixés de façon aléatoire
-h : affiche cette aide
-i identity : chemin de la clé publique à utiliser.
EOF
}
usage() {
synopsis
exit 2
}
args() {
local opt
while getopts "hi:" opt; do
case $opt in
h) help; exit 0;;
i) IDENTITY="$OPTARG";;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/../../../../..); . $VDN_PATH/bin/functions.sh
args "$@"
PROG_DIR=$(readlink -f $(dirname $0))
if ! $VDN_PATH/bin/vdn-alive $GUEST_NAME; then
error "Le système $GUEST_NAME n'est pas démarré"
fi
loadGuestVars $GUEST_NAME
foundIdentity=0
for i in $SSH_IDENTITY; do
if [ -e $i ]; then
IDENTITY=$i
foundIdentity=1
fi
done
[ $foundIdentity = 0 ] && error "Aucune clé SSH !"
if vdn-ssh -n -o PasswordAuthentication=no root@$GUEST_NAME exit 0 ; then
vdn-ssh-copy-id -i $IDENTITY root@$GUEST_NAME
fi
#echo "apt-get..."
#vdn-ssh root@$GUEST_NAME apt-get install rsync net-tools
#echo "Set /etc/initramfs-tools/modules..."
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q ne2k_pci \$f && echo ne2k_pci >> \$f || :"
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q 8390 \$f && echo 8390 >> \$f || :"
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q virtio_net \$f && echo virtio_net >> \$f || :"
#echo "Set /etc/modprobe.d/blacklist-floppy.conf..."
#vdn-ssh root@$GUEST_NAME "f=/etc/modprobe.d/blacklist-floppy.conf; ! grep -q floppy \$f && echo \"blacklist floppy\" >> \$f || :"
vdn-ssh -t root@$GUEST_NAME chmod 755 /
echo "Add test user to kvm group (for nested)"
vdn-ssh root@$GUEST_NAME "addgroup test kvm"
echo "Add test user to kvm group (for nested)"
vdn-ssh root@$GUEST_NAME "addgroup test docker || :"
#echo "Add test user to sudo group"
#vdn-ssh root@$GUEST_NAME "addgroup test sudo"
echo "Set vim syntax=on"
vdn-ssh root@$GUEST_NAME "cat /etc/vim/vimrc | sed -re 's/^.*syntax on.*$/syntax on/' > /etc/vim/vimrc.new"
vdn-ssh root@$GUEST_NAME "mv /etc/vim/vimrc.new /etc/vim/vimrc"
vdn-ssh root@$GUEST_NAME "cp /etc/vim/vimrc ~/.vimrc"
vdn-ssh root@$GUEST_NAME "cp /etc/vim/vimrc /home/test/.vimrc; chown test: /home/test/.vimrc"
echo "Allow root autologin on ttyS0"
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^ExecStart=.*$,ExecStart=-/sbin/mingetty --noclear --autologin root %I,' /lib/systemd/system/serial-getty@.service"
# kernel params (in grub )
echo "Allow net.ifnames=0 in GRUB "
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^GRUB_CMDLINE_LINUX_DEFAULT=.*$,GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0 console=ttyS0\,115200n8\",' /etc/default/grub"
echo " 1s timout for menu"
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^GRUB_TIMEOUT=.*$,GRUB_TIMEOUT=1,' /etc/default/grub"
vdn-ssh root@$GUEST_NAME "update-grub"
##########################
export http_proxy=\"$http_proxy\"
export https_proxy=\"$https_proxy\"
echo "http_proxy:$http_proxy"
echo "https_proxy:$https_proxy"
#echo "For debug : exit to guit"
#vdn-ssh root@$GUEST_NAME
installAll
vdn-ssh root@$GUEST_NAME "systemctl mask nagios"
##########################
echo "Set rc.local..."
if [ -e $PROG_DIR/rc.local ]; then
vdn-scp -p $PROG_DIR/rc.local root@$GUEST_NAME:/etc
vdn-ssh root@$GUEST_NAME chmod 755 /etc/rc.local
fi
## Install lxdm
#echo "Install lxdm..."
#
#vdn-ssh -t root@$GUEST_NAME "
#apt-get -y install lxdm
#apt-get -y remove openbox
#"
#echo "Default xsession : xfce4 "
#vdn-ssh root@$GUEST_NAME "sed -i -re 's,^# session=.*$,session=/usr/bin/startxfce4,' /etc/lxdm/lxdm.conf"
#echo "For debug : exit to guit"
#vdn-ssh root@$GUEST_NAME
# Clear
echo "Clear /var/log, history, ..."
vdn-ssh -t root@$GUEST_NAME '
export http_proxy=$http_proxy
rm -Rf /etc/vdn
#for i in $(find /var/log -type f); do cat /dev/null > $i; done
find /var/log -name "*.gz" -delete
echo "Clear .bash_history"
rm -f /root/.bash_history
touch /root/.bash_history
chmod 600 /root/.bash_history
rm -f /home/test/.bash_history
touch /home/test/.bash_history
chmod 600 /home/test/.bash_history
echo "Clear .cache .mozilla"
for d in /root /home/test; do
rm -Rf $d/.cache
rm -Rf $d/.mozilla
done
echo "Clear authorized_keys"
for d in /root /home/test; do
rm -f $d/.ssh/authorized_keys
rm -f $d/.ssh/authorized_keys
done
echo "Clear apt-cache..."
apt autoremove -y
sleep 1
apt-get clean
echo end of cleaning !
'

189
vdn/distribs/guests/direct/debian/bullseye/rc.local.disable
Unescape View File

@ -0,0 +1,189 @@
#!/bin/bash
# Script de configuration utilisé par VDN.
getRandomPasswd() {
local k
while :; do
k=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom 2> /dev/null | head -c${1:-32} )
if [ $(echo -n $k | wc -c) = 32 ]; then
break
fi
echo "Wait for entropy avail : $(cat /proc/sys/kernel/random/entropy_avail)" >&2
sleep 1
done
echo -n $k
}
echo "Start rc.local..."
echo "cmdline:$(cat /proc/cmdline)"
lastDisk=$(lsblk -i -n -o PATH | grep '/...$' | tail -n 1)
lastDiskSize=$(lsblk -n -b -o SIZE $lastDisk)
# Disque supplémentaire (avec la clé publique, ...) ?
#[ $lastDiskSize -gt 200000 ] && exit 0
# Si oui
# Désarchive la configuration en provenance de VDN
# le fichier /etc/vdn/rc.vdn n'est modifié que si absent
# Consultez les répertoires distribs/guest/...
[ ! -d /etc/vdn ] && mkdir /etc/vdn
tar -C / -xzf $lastDisk
[ -e /etc/vdn/config ] && {
set -a
. /etc/vdn/config
}
[ $VDN_DEBUG = 1 ] && set -x || :
# set real / mode
chmod 755 /
chown root:root / /etc
chown -R root:root /etc/vdn
systemctl restart haveged
# extract files (host, all, guest)
if [ $MODE = "cow" ]; then
for d in /etc/vdn/host /etc/vdn/all /etc/vdn/guest; do
if [ -d $d ]; then
( cd $d && tar czf - . ) | ( cd / && tar --no-same-owner --sparse -xpzf - )
fi
done
fi
# swap
if [ $SWAP_SIZE != 0 ]; then
swapDev=$(lsblk -n -o PATH | grep '/...$' | tail -n 2 | head -n 1)
swapoff -a
swapon $swapDev
fi
if [ ! -e /etc/vdn-$MODE-initialized ]; then
# regenerate ssh_host_keys
rm -f /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
#systemctl restart ssh
# Random root and test password
echo "Random passwords."
k=$(getRandomPasswd)
#echo "root passwd : $k"
passwdRoot=$k #$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c${1:-32};)
k=$(getRandomPasswd)
#echo "test passwd : $k"
passwdTest=$k #$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c${1:-32};)
cat <<- EOF | chpasswd
root:$passwdRoot
test:$passwdTest
EOF
touch /etc/vdn-$MODE-initialized
fi
# Add user id_rsa.pub to /root/.ssh/authorized_keys
[ ! -d /root/.ssh ] && {
mkdir /root/.ssh
chmod 700 /root/.ssh
}
[ ! -e /root/.ssh/authorized_keys ] &&
touch /root/.ssh/authorized_keys
k=$(cat /etc/vdn/.ssh/id_rsa.pub)
[ -n "$k" ] && {
! fgrep -q "$k" /root/.ssh/authorized_keys &&
echo "$k" >> /root/.ssh/authorized_keys
}
# Add user id_rsa.pub to /home/test/.ssh/authorized_keys
if [ -d "/home/test" ]; then
if [ ! -d /home/test/.ssh ]; then
mkdir /home/test/.ssh
chown test: /home/test/.ssh
chmod 700 /home/test/.ssh
fi
[ ! -e /home/test/.ssh/authorized_keys ] &&
touch /home/test/.ssh/authorized_keys
chown test: /home/test/.ssh
if [ -n "$k" ]; then
! fgrep -q "$k" /home/test/.ssh/authorized_keys &&
echo "$k" >> /home/test/.ssh/authorized_keys
fi
fi
# init slirp connection
lastEth=$(ifconfig -a | grep eth[0-9] | tail -n 1 | cut -d ':' -f 1)
echo "lastEth=$lastEth"
[ -n "$lastEth" ] && {
ifconfig $lastEth down
sleep 1
dhclient $lastEth
if [ "$EXTRA_ETH_DEFAULT_ROUTE" = 0 ]; then
# Set default root to host (slirp)
#route add default gw 10.0.2.2 &> /dev/null
route del default gw 10.0.2.2 &> /dev/null
else
echo "Set default route to 10.0.2.2"
route add default gw 10.0.2.2 &> /dev/null
fi
ping -c 1 10.0.2.2 &> /dev/null &
}
### ON_BOOT
if [ ! -z "$ON_BOOT" ]; then
echo "ON_BOOT:$ON_BOOT"
eval $ON_BOOT
fi
### run rc scripts
rcScripts=$(ls /etc/vdn/[0-9]* 2> /dev/null)
# Add vdn.rc
[ -e /etc/vdn/vdn.rc ] && rcScripts="$rcScripts /etc/vdn/vdn.rc"
# run rc scripts
for i in $rcScripts; do
echo "Run script : $i"
. $i
done
systemctl unmask ssh
sleep 1
systemctl enable ssh
systemctl start ssh

558
vdn/distribs/guests/direct/debian/buster/prepare.sh
Unescape View File

@ -0,0 +1,558 @@
#!/usr/bin/env bash
dir=$(readlink -f $(dirname $0));
dist=$(echo $dir | sed -re 's,/.*/([^/]+/[^/]+)$,\1,')
GUEST_RELEASE=$dist
[ -z "$http_proxy" ] && http_proxy=""
[ -z "$https_proxy" ] && https_proxy=""
set -eu
#http_proxy=http://193.49.118.36:8080
#https_proxy=http://193.49.118.36:8080
installAll() {
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get update -y; apt-get dist-upgrade -y; apt-get install rsync git mingetty
"
preInstallForTgz
installModulesReseaux
installDocker
installLamp
#installNagios3
#installBackportKernel # NE FONCTIONNE PAS, pas utile.
#installVdn
installForTgz
}
##
### Modules réseaux-1 et réseaux-2 ###
###
installModulesReseaux() {
# Bad to stretch from squeeze
# php5 php5-mysql smbfs cifs-utils console-tools dhcp3-client samba-doc dhcp3-server sux fuse-utils gproftpd xsmbrowser netkit-ping heartbeat-gui hapm
# Aucune version du paquet smbfs n'est disponible, mais il existe dans la base
#de données. Cela signifie en général que le paquet est manquant, qu'il est devenu obsolète
#ou qu'il n'est disponible que sur une autre source
#Cependant les paquets suivants le remplacent :
# cifs-utils
#Aucune version du paquet samba-doc n'est disponible, mais il existe dans la base
#de données. Cela signifie en général que le paquet est manquant, qu'il est devenu obsolète
#ou qu'il n'est disponible que sur une autre source
#Cependant les paquets suivants le remplacent :
# winbind smbclient samba-testsuite samba-common-bin samba-common samba
# registry-tools libsmbclient libpam-winbind
DEBS="less ssh mingetty rsync net-tools haveged rng-tools dnsutils zerofree"
#DEBS="$DEBS dhcp3-client dhcp3-server sux fuse-utils gproftpd xsmbrowser netkit-ping heartbeat-gui hapm"
#DEBS="$DEBS python-gtk-vnc"
#console-tools console-data console-common
DEBS="$DEBS vim slirp nfs-common nfs-kernel-server"
DEBS="$DEBS sshfs psmisc bsdutils strace busybox-static"
DEBS="$DEBS tcpdump wireshark-gtk nmap"
DEBS="$DEBS manpages"
DEBS="$DEBS curlftpfs ftp curl dillo"
DEBS="$DEBS libapache2-mod-php apache2-doc"
DEBS="$DEBS xbase-clients"
DEBS="$DEBS lynx psmisc file strace lsof telnet links links2"
DEBS="$DEBS iputils-ping"
DEBS="$DEBS rsync dialog"
DEBS="$DEBS firefox-esr"
DEBS="$DEBS nautilus"
DEBS="$DEBS user-mode-linux"
DEBS="$DEBS openvpn"
DEBS="$DEBS quagga proftpd isc-dhcp-server"
DEBS="$DEBS busybox-static rpcbind debootstrap"
DEBS="$DEBS user-mode-linux"
DEBS="$DEBS vim-gtk gedit"
DEBS="$DEBS gpm vde2"
DEBS="$DEBS spice-vdagent"
DEBS="$DEBS gcc make autoconf uidmap pkg-config glib-2.0-dev \
glib-2.0 libglib2.0-dev dpkg-dev \
libcap-dev libcap2 libseccomp2 libseccomp-dev"
# TP Pascal :
DEBS="$DEBS john hashcat sqlmap php default-mysql-server webcheck"
echo "apt-get..."
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
echo ==========
apt-get install -y $DEBS
"
# cas de lighttpd
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get install -y lighttpd
systemctl disable lighttpd
"
# disable services
local l="ModemManager NetworkManager NetworkManager-dispatcher NetworkManager-wait-online anacron apparmor autovt@ bgpd dbus-fi.w1.wpa_supplicant1 dbus-org.freedesktop.Avahi dbus-org.freedesktop.ModemManager1 dbus-org.freedesktop.nm-dispatcher dbus-org.freedesktop.timesync1 getty@ hddtemp isisd lighttpd lm-sensors network-manager nfs-kernel-server nmbd openbsd-inetd openvpn ospf6d ospfd pimd portmap pppd-dns ripd ripngd rpcbind rsync smbd speech-dispatcher syslog systemd-timesyncd udisks2 wpa_supplicant zebra nfs-blkmap uml-utilities apache2 proftpd isc-dhcp-server nfs-server"
vdn-ssh -t root@$GUEST_NAME "for i in $l; do echo \"Disable \$i\"; systemctl disable \$i; done"
# services (enable) :
#l="avahi-daemon console-setup cron inetd keyboard-setup networking rsyslog ssh sshd uml-utilities"
#l="$l apache2 haveged isc-dhcp-server nfs-server proftpd"
}
installBackportKernel() {
local kvers=$(vdn-ssh root@$GUEST_NAME uname -r)
if ! vdn-ssh root@$GUEST_NAME "grep -q backport /etc/apt/sources.list"; then
vdn-ssh root@$GUEST_NAME 'echo "deb http://ftp.debian.org/debian buster-backports main" >> /etc/apt/sources.list'
fi
vdn-ssh -t root@$GUEST_NAME "apt-get update; apt-get -y install linux-image-5.3.0-0.bpo.2-amd64"
vdn-ssh -t root@$GUEST_NAME 'grep -v buster-backports /etc/apt/sources.list > /tmp/o; mv /tmp/o /etc/apt/sources.list'
vdn-ssh -t root@$GUEST_NAME "apt-get update; apt-get -y install --reinstall linux-image-amd64; update-initramfs -u -k $kvers"
}
installDocker() {
set +u
[ -z "$http_proxy" ] && http_proxy="" || :
[ -z "$https_proxy" ] && https_proxy="" || :
set -u
# désactive le service docker, Voir les scripts de post-configuration
# n'ajoute aucun utilisateur au groupe docker par défaut. Voir les scripts de post-configuration
vdn-ssh -t root@$GUEST_NAME "
export http_proxy=$http_proxy
export https_proxy=$https_proxy
apt-get update
apt-get -y install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
apt-key fingerprint 0EBFCD88
add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/debian \$(lsb_release -cs) stable\"
apt-get update
apt-get -y install docker-ce docker-ce-cli containerd.io docker-compose
curl -L https://raw.githubusercontent.com/docker/compose/1.24.1/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose
systemctl mask containerd docker
"
}
installLamp() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt-get -y install apache2 php mariadb-server libapache2-mod-php php-gd php-mysql
systemctl disable mariadb mysql
"
}
preInstallForTgz() {
echo "Set /etc/modprobe.d/blacklist-floppy.conf..."
vdn-ssh root@$GUEST_NAME "f=/etc/modprobe.d/blacklist-floppy.conf; ! grep -q floppy \$f && echo \"blacklist floppy\" >> \$f || :"
echo "Set /etc/initramfs-tools/modules..."
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q ne2k_pci \$f && echo ne2k_pci >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q 8390 \$f && echo 8390 >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q virtio_net \$f && echo virtio_net >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q overlay \$f && echo overlay >> \$f || :"
vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q aufs \$f && echo aufs >> \$f || :"
echo "Create /etc/initramfs-tools/scripts/local-bottom/overlay.sh ..."
cat << EOF | vdn-ssh root@$GUEST_NAME "cat > /etc/initramfs-tools/scripts/local-bottom/overlay.sh"
#!/bin/sh
listDisks() {
if [ "\$EMULATOR" = linux ]; then
ls /dev/ubd[[:lower:]] # | grep -E 'udb[[:lower:]]r?'
else
ls /dev/?d[[:lower:]]
fi
}
PREREQ=""
prereqs()
{
echo "\$PREREQ"
}
case \$1 in
prereqs)
prereqs
exit 0
;;
esac
! grep -E -q 'vdn-mode=(tgz|overlay)' /proc/cmdline && {
echo "*** local-bottom/overlay.sh : exit (no mode tgz or overlay)" >&2
exit 0
}
echo
echo "*** local-bottom/overlay.sh ***"
echo "Extract configuration..."
listDisks
confDisk=\$(listDisks | tail -n 1)
echo confDisk=\$confDisk
mkdir /vdn
tar -C / -xvzf \$confDisk
if [ \$? -ne 0 ]; then
echo "Erreur lors de l'extraction de la configuration" >&2
echo "Lancement d'un shell pour inspection..." >&2
export PS1="initramfs:\w# "
/bin/sh -i
fi
if [ -e /etc/vdn/mount-root ]; then
sh /etc/vdn/mount-root
else
echo "/etc/vdn/mount-root introuvable !" >&2
echo "ARRÊT du système !">&2
while :; do sleep 1000; done
fi
EOF
vdn-ssh root@$GUEST_NAME chmod 755 /etc/initramfs-tools/scripts/local-bottom/overlay.sh
}
installForTgz() {
echo "Install for tgz..."
local kvers
kvers=$(vdn-ssh root@$GUEST_NAME ls /lib/modules | sort -Vr | head -n1)
[ -z "$kvers" ] && {
echo "Warning : /lib/modules is empty !" >&2
kvers=$(vdn-ssh root@$GUEST_NAME uname -r)
echo "Use current kernel : $kvers"
}
rsync -e vdn-ssh root@$GUEST_NAME:/boot/vmlinuz-$kvers $VDN_PATH/files
# initramfs (created it if necessary)
vdn-ssh root@$GUEST_NAME "
rm -f /boot/initrd.img-$kvers.keep
if [ -e /boot/initrd.img-$kvers ]; then
cp /boot/initrd.img-$kvers /boot/initrd.img-$kvers.keep
fi
echo \"update-initramfs ...\" >&2
update-initramfs -u -k $kvers
#cat /etc/initramfs-tools/scripts/local-bottom/overlay.sh
rm /etc/initramfs-tools/scripts/local-bottom/overlay.sh
cp /boot/initrd.img-$kvers /boot/initrd-tgz.img-$kvers
if [ -e /boot/initrd.img-$kvers.keep ]; then
mv /boot/initrd.img-$kvers.keep /boot/initrd.img-$kvers
fi
"
rsync -e vdn-ssh root@$GUEST_NAME:/boot/initrd-tgz.img-$kvers $VDN_PATH/files
}
installNagios1() {
# from https://www.itzgeek.com/how-tos/linux/debian/how-to-install-nagios-on-debian-9-stretch.html
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt update
apt install -y build-essential apache2 php openssl perl make php-gd libgd2-xpm-dev libapache2-mod-php libperl-dev libssl-dev daemon wget apache2-utils unzip
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd www-data
cd /tmp/
wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.5.tar.gz
tar -zxvf nagios-4.4.5.tar.gz
cd /tmp/nagios-4.4.5/
./configure --with-nagios-group=nagios --with-command-group=nagcmd --with-httpd_conf=/etc/apache2/sites-enabled/
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
"
}
installNagios2() {
### sudo nano /usr/local/nagios/etc/objects/contacts.cfg
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
#sed -i -re 's/^.*email.*$/email root@localhost ;/' /usr/local/nagios/etc/objects/contacts.cfg
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
a2enmod cgi
systemctl restart apache2
cd /tmp
wget https://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz
tar -zxvf /tmp/nagios-plugins-2.2.1.tar.gz
cd /tmp/nagios-plugins-2.2.1/
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
"
}
installNagios3() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
apt install -y nagios-nrpe-server nagios-plugins
apt -y install nagios-nrpe-plugin
"
}
installVdn() {
vdn-ssh root@$GUEST_NAME "
export http_proxy=$http_proxy
cd /tmp
rm -Rf vdn
git clone http://opale.u-clermont1.fr/vdn/git/vdn.git
echo "vdn/bin/vdn-prepare $GUEST_RELEASE"
vdn/bin/vdn-prepare $GUEST_RELEASE
"
}
# début des fonctions
synopsis() {
cat << EOF
Usage : `basename $0` [-i identity] system
EOF
}
help() {
cat << EOF
`basename $0` prepare un système virtuel pour fonctionner en mode DIRECT.
`synopsis`
Une identification par clé pour ssh est mise en place (cf. -i identity)
pour éviter les identification par mot de passe lors des connexions ssh
de l'hôte vers l'invité nécessaires à l'opération.
Les mots de passes sont fixés de façon aléatoire
-h : affiche cette aide
-i identity : chemin de la clé publique à utiliser.
EOF
}
usage() {
synopsis
exit 2
}
args() {
local opt
while getopts "hi:" opt; do
case $opt in
h) help; exit 0;;
i) IDENTITY="$OPTARG";;
?) usage;;
esac
done
shift $(($OPTIND - 1))
[ $# -ne 1 ] && usage
GUEST_NAME="$1"
if echo $GUEST_NAME | grep -q '/'; then
error "$GUEST_NAME est un nom de système invalide"
fi
}
# Programme principal
VDN_PATH=$(readlink -f $(dirname $0)/../../../../..); . $VDN_PATH/bin/functions.sh
args "$@"
PROG_DIR=$(readlink -f $(dirname $0))
if ! $VDN_PATH/bin/vdn-alive $GUEST_NAME; then
error "Le système $GUEST_NAME n'est pas démarré"
fi
loadGuestVars $GUEST_NAME
foundIdentity=0
for i in $SSH_IDENTITY; do
if [ -e $i ]; then
IDENTITY=$i
foundIdentity=1
fi
done
[ $foundIdentity = 0 ] && error "Aucune clé SSH !"
if vdn-ssh -n -o PasswordAuthentication=no root@$GUEST_NAME exit 0 ; then
vdn-ssh-copy-id -i $IDENTITY root@$GUEST_NAME
fi
#echo "apt-get..."
#vdn-ssh root@$GUEST_NAME apt-get install rsync net-tools
#echo "Set /etc/initramfs-tools/modules..."
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q ne2k_pci \$f && echo ne2k_pci >> \$f || :"
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q 8390 \$f && echo 8390 >> \$f || :"
#vdn-ssh root@$GUEST_NAME "f=/etc/initramfs-tools/modules; ! grep -q virtio_net \$f && echo virtio_net >> \$f || :"
#echo "Set /etc/modprobe.d/blacklist-floppy.conf..."
#vdn-ssh root@$GUEST_NAME "f=/etc/modprobe.d/blacklist-floppy.conf; ! grep -q floppy \$f && echo \"blacklist floppy\" >> \$f || :"
vdn-ssh -t root@$GUEST_NAME chmod 755 /
echo "Add test user to kvm group (for nested)"
vdn-ssh root@$GUEST_NAME "addgroup test kvm"
echo "Add test user to kvm group (for nested)"
vdn-ssh root@$GUEST_NAME "addgroup test docker || :"
#echo "Add test user to sudo group"
#vdn-ssh root@$GUEST_NAME "addgroup test sudo"
echo "Set vim syntax=on"
vdn-ssh root@$GUEST_NAME "cat /etc/vim/vimrc | sed -re 's/^.*syntax on.*$/syntax on/' > /etc/vim/vimrc.new"
vdn-ssh root@$GUEST_NAME "mv /etc/vim/vimrc.new /etc/vim/vimrc"
vdn-ssh root@$GUEST_NAME "cp /etc/vim/vimrc ~/.vimrc"
vdn-ssh root@$GUEST_NAME "cp /etc/vim/vimrc /home/test/.vimrc; chown test: /home/test/.vimrc"
echo "Allow root autologin on ttyS0"
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^ExecStart=.*$,ExecStart=-/sbin/mingetty --noclear --autologin root %I,' /lib/systemd/system/serial-getty@.service"
# kernel params (in grub )
echo "Allow net.ifnames=0 in GRUB "
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^GRUB_CMDLINE_LINUX_DEFAULT=.*$,GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0 console=ttyS0\,115200n8\",' /etc/default/grub"
echo " 1s timout for menu"
vdn-ssh root@$GUEST_NAME "sed -i -re 's,^GRUB_TIMEOUT=.*$,GRUB_TIMEOUT=1,' /etc/default/grub"
vdn-ssh root@$GUEST_NAME "update-grub"
##########################
export http_proxy=\"$http_proxy\"
export https_proxy=\"$https_proxy\"
echo "http_proxy:$http_proxy"
echo "https_proxy:$https_proxy"
#echo "For debug : exit to guit"
#vdn-ssh root@$GUEST_NAME
installAll
vdn-ssh root@$GUEST_NAME "systemctl mask nagios"
##########################
echo "Set rc.local..."
if [ -e $PROG_DIR/rc.local ]; then
vdn-scp -p $PROG_DIR/rc.local root@$GUEST_NAME:/etc
vdn-ssh root@$GUEST_NAME chmod 755 /etc/rc.local
fi
## Install lxdm
#echo "Install lxdm..."
#
#vdn-ssh -t root@$GUEST_NAME "
#apt-get -y install lxdm
#apt-get -y remove openbox
#"
#echo "Default xsession : xfce4 "
#vdn-ssh root@$GUEST_NAME "sed -i -re 's,^# session=.*$,session=/usr/bin/startxfce4,' /etc/lxdm/lxdm.conf"
#echo "For debug : exit to guit"
#vdn-ssh root@$GUEST_NAME
# Clear
echo "Clear /var/log, history, ..."
vdn-ssh -t root@$GUEST_NAME '
export http_proxy=$http_proxy
rm -Rf /etc/vdn
#for i in $(find /var/log -type f); do cat /dev/null > $i; done
find /var/log -name "*.gz" -delete
echo "Clear .bash_history"
rm -f /root/.bash_history
touch /root/.bash_history
chmod 600 /root/.bash_history
rm -f /home/test/.bash_history
touch /home/test/.bash_history
chmod 600 /home/test/.bash_history
echo "Clear .cache .mozilla"
for d in /root /home/test; do
rm -Rf $d/.cache
rm -Rf $d/.mozilla
done
echo "Clear authorized_keys"
for d in /root /home/test; do
rm -f $d/.ssh/authorized_keys
rm -f $d/.ssh/authorized_keys
done
echo "Clear apt-cache..."
apt autoremove -y
sleep 1
apt-get clean
echo end of cleaning !
'

202
vdn/distribs/guests/direct/debian/buster/rc.local.disable
Unescape View File

@ -0,0 +1,202 @@
#!/bin/bash
# Script de configuration est utilisé par VDN.
# Ne pas supprimer/modifier
getRandomPasswd() {
local k
while :; do
k=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom 2> /dev/null | head -c${1:-32} )
if [ $(echo -n $k | wc -c) = 32 ]; then
break
fi
echo "Wait for entropy avail : $(cat /proc/sys/kernel/random/entropy_avail)" >&2
sleep 1
done
echo -n $k
}
set -x
echo "Start rc.local (buster)..."
echo "cmdline:$(cat /proc/cmdline)"
lastDisk=$(lsblk -i -n -o PATH | grep '/...$' | tail -n 1)
lastDiskSize=$(lsblk -n -b -o SIZE $lastDisk)
# Disque supplémentaire (avec la clé publique, ...) ?
#[ $lastDiskSize -gt 200000 ] && exit 0
# Si oui
# Désarchive la configuration en provenance de VDN
# le fichier /etc/vdn/rc.vdn n'est modifié que si absent
# Consultez les répertoires distribs/guest/...
[ ! -d /etc/vdn ] && mkdir /etc/vdn
tar -C / -xzf $lastDisk
[ -e /etc/vdn/config ] && {
set -a
. /etc/vdn/config
}
[ $VDN_DEBUG = 1 ] && set -x || :
# set real / mode
chmod 755 /
chown root:root / /etc
chown -R root:root /etc/vdn
systemctl restart haveged
# extract files (host, all, guest)
if [ $MODE = "cow" ]; then
for d in /etc/vdn/host /etc/vdn/all /etc/vdn/guest; do
if [ -d $d ]; then
( cd $d && tar czf - . ) | ( cd / && tar --no-same-owner --sparse -xpzf - )
fi
done
fi
# swap
if [ $SWAP_SIZE != 0 ]; then
swapDev=$(lsblk -n -o PATH | grep '/...$' | tail -n 2 | head -n 1)
swapoff -a
swapon $swapDev
fi
if [ ! -e /etc/vdn-$MODE-initialized ]; then
# regenerate ssh_host_keys
rm -f /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
#systemctl restart ssh
# Random root and test password
echo "Random passwords."
k=$(getRandomPasswd)
#echo "root passwd : $k"
passwdRoot=$k #$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c${1:-32};)
k=$(getRandomPasswd)
#echo "test passwd : $k"
passwdTest=$k #$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c${1:-32};)
cat <<- EOF | chpasswd
root:$passwdRoot
test:$passwdTest
EOF
touch /etc/vdn-$MODE-initialized
fi
# Add user id_rsa.pub to /root/.ssh/authorized_keys
[ ! -d /root/.ssh ] && {
mkdir /root/.ssh
chmod 700 /root/.ssh
}
[ ! -e /root/.ssh/authorized_keys ] &&
touch /root/.ssh/authorized_keys
k=$(cat /etc/vdn/.ssh/id_rsa.pub)
[ -n "$k" ] && {
! fgrep -q "$k" /root/.ssh/authorized_keys &&
echo "$k" >> /root/.ssh/authorized_keys
}
# Add user id_rsa.pub to /home/test/.ssh/authorized_keys
if [ -d "/home/test" ]; then
if [ ! -d /home/test/.ssh ]; then
mkdir /home/test/.ssh
chown test: /home/test/.ssh
chmod 700 /home/test/.ssh
fi
[ ! -e /home/test/.ssh/authorized_keys ] &&
touch /home/test/.ssh/authorized_keys
chown test: /home/test/.ssh
if [ -n "$k" ]; then
! fgrep -q "$k" /home/test/.ssh/authorized_keys &&
echo "$k" >> /home/test/.ssh/authorized_keys
fi
fi
# init slirp connection
lastEth=$(ifconfig -a | grep eth[0-9] | tail -n 1 | cut -d ':' -f 1)
echo "lastEth=$lastEth"
[ -n "$lastEth" ] && {
ifconfig $lastEth down
sleep 1
dhclient $lastEth
if [ "$EXTRA_ETH_DEFAULT_ROUTE" = 0 ]; then
# Set default root to host (slirp)
#route add default gw 10.0.2.2 &> /dev/null
route del default gw 10.0.2.2 &> /dev/null
else
echo "Set default route to 10.0.2.2"
route add default gw 10.0.2.2 &> /dev/null
fi
ping -c 1 10.0.2.2 &> /dev/null &
#echo "EXTRA_ETH_MASQUERADING:$EXTRA_ETH_MASQUERADING"
if [ "$EXTRA_ETH_MASQUERADING" = 1 ]; then
#echo "iptables -t nat -A POSTROUTING -o $lastEth -j MASQUERADE"
iptables -t nat -A POSTROUTING -o $lastEth -j MASQUERADE
fi
}
### ON_BOOT
if [ ! -z "$ON_BOOT" ]; then
echo "ON_BOOT:$ON_BOOT"
eval $ON_BOOT
fi
### run rc scripts
rcScripts=$(ls /etc/vdn/[0-9]* 2> /dev/null)
# Add vdn.rc
[ -e /etc/vdn/vdn.rc ] && rcScripts="$rcScripts /etc/vdn/vdn.rc"
# run rc scripts
for i in $rcScripts; do
echo "Run script : $i"
. $i
done
systemctl unmask ssh
sleep 1
systemctl enable ssh
systemctl start ssh

502
vdn/distribs/guests/overlay/debian/bullseye/mount-root
Unescape View File

@ -0,0 +1,502 @@
#!/usr/bin/env sh
# Script de l'initramfs pour le montage de la racine finale
# ---------------------------------------------------------
# Ce script est appelé par l'initramfs pour monter la racine finale
# Ce script utilise les variables définies dans le fichier de configuration
# d'un système virtuel.
# Monte les répertoires de l'union
mountUnionDirs_tgz() {
echo "Mount in TGZ mode..."
[ ! -d /root-ro ] && mkdir /root-ro
[ ! -d /root-rw ] && mkdir /root-rw
# readonly
if ! mount | grep -q /root && [ "$EMULATOR" = "linux" ]; then
ls -l /dev/ubd*
mount -o ro,noload /dev/ubda1 /root
#mount -o remount,ro /root
fi
#ls /root
mount -o move /root /root-ro
# aufs
#mount -t tmpfs -o size=64m tmpfs /root-rw
if [ -z "$AUFS_FILE" ]; then
if [ -n "$AUFS_SIZE" ]; then
mount -o size=$((1024*1024*$AUFS_SIZE)) \
-t tmpfs none /root-rw || exit 1
else
mount -t tmpfs none /root-rw || exit 1
fi
else
mount -t ext4 $aufsDev /root-rw || exit 1
rm -Rf /root-rw/*
fi
# union
mkdir /root-rw/data /root-rw/work
if [ 1 = 1 ]; then
modprobe overlay
mount none -t overlay -o redirect_dir=on -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root
[ $? -eq 0 ] && {
mkdir -p /root/overlays/ro /root/overlays/rw
mount -o bind /root-ro /root/overlays/ro
mount -o bind /root-rw /root/overlays/rw
}
else
# aufs DEPRECATED, not functional
modprobe aufs
mount -v -t aufs -o br:/root-rw/data:/root-ro none /root
#[ $? -eq 0 ] && {
mkdir -p /root/overlays/ro /root/overlays/rw
mount --move /root-ro /root/overlays/ro
mount --move /root-rw /root/overlays/rw
#}
fi
if [ ! -d /root/etc ]; then
echo
echo "Error in overlay (tgz mode) !"
echo
sh -i
fi
}
mountUnionDirs_overlay() {
echo "Mount in OVERLAY mode..."
[ ! -d /root-ro ] && mkdir /root-ro
[ ! -d /root-rw ] && mkdir /root-rw
# readonly
if ! mount | grep -q /root && [ "$EMULATOR" = "linux" ]; then
ls -l /dev/ubd*
mount -o ro,noload /dev/ubda1 /root
#mount -o remount,ro /root
fi
#ls /root
mount -o move /root /root-ro
mount -t ext4 $saveDev /root-rw || exit 1
# union
[ ! -d /root-rw/data ] && mkdir /root-rw/data
[ ! -d /root-rw/work ] && mkdir /root-rw/work
if [ 1 = 1 ]; then
modprobe overlay #redirect_dir=on xino_auto metacopy=off
mount none -t overlay -o redirect_dir=on -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root
#mount none -t overlay -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root
[ $? -eq 0 ] && {
mkdir -p /root/overlays/ro /root/overlays/rw
mount -o bind /root-ro /root/overlays/ro
mount -o bind /root-rw /root/overlays/rw
}
set +x
else
# deprecated, not fonctional !
modprobe aufs
mount -v -t aufs -o br:/root-rw/data:/root-ro none /root
#[ $? -eq 0 ] && {
mkdir -p /root/overlays/ro /root/overlays/rw
mount --move /root-ro /root/overlays/ro
mount --move /root-rw /root/overlays/rw
#}
fi
if [ ! -d /root/etc ]; then
echo
echo "Error in overlay (overlay mode) !"
echo
sh -i
fi
}
setNetwork() {
modprobe virtio_net
for i in $(seq 0 $NB_ETH); do
ifconfig eth$i up
done
ifconfig -a
ifconfig eth$NB_ETH 10.0.2.15 netmask 255.255.255.0
#sh -i
cat << EOF > /root/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
EOF
}
cpSshIdentityOld() {
# Copie de l'identité ssh
authorized_keys=/root/.ssh/authorized_keys
[ -n "$SSH_IDENTITY" ] && {
[ ! -d /root//root/.ssh ] && mkdir -m 700 /root/root/.ssh
for i in $SSH_IDENTITY; do
f=/etc/vdn/.ssh/$(basename $i)
if [ -e $f ]; then
ident="$(cat $f)"
grep -q "$ident" /root/root/.ssh/authorized_keys || \
cat $f >> /root/root/.ssh/authorized_keys
chmod 600 /root/root/.ssh/authorized_keys
echo "vdn : copie de $f"
cat /root/root/.ssh/authorized_keys
break
fi
done
}
}
beforeExtractTgz() {
# Copie de la conf
[ ! -d /root/etc/vdn ] && mkdir -p /root/etc/vdn
cp -a /etc/vdn/* /root/etc/vdn
# extract files (host, all, guest)
for d in /etc/vdn/host /etc/vdn/all /etc/vdn/guest; do
if [ -d $d ]; then
( cd $d && tar czf - . ) | ( cd /root && tar --no-same-owner -xpzf - )
fi
done
if [ -e /etc/rc.local ]; then
cp /etc/rc.local /root/etc/rc.local
fi
}
extractSaveTgz() {
echo "Extract save tgz"
if [ -n "$saveDev" ]; then
tar -C /root -xzpf $saveDev #2> /dev/null
fi
}
setServices() {
generated="
hddtemp
isc-dhcp-server
proftpd
speech-dispatcher
"
base="
avahi-daemon
console-setup
cron
inetd
keyboard-setup
networking
rsyslog
ssh
sshd
"
cmd="systemctl list-unit-files --type service --no-legend --no-pager | egrep 'enabled|generated' | cut -d ' ' -f 1 | sed -re 's/\.service//'"
all=$(eval chroot /root $cmd)
all=$( { echo "$all"; echo "$generated"; } | tr ' ' '\n' | grep -v '^$' | sort )
base=$( echo "$base" | tr ' ' '\n' | grep -v '^$' | sort )
extra="$(echo $EXTRA_SERVICES | tr ' ' '\n' | grep -v '^$' | sort -u ) haveged"
enable=$( { echo "$base"; echo "$extra"; } | tr ' ' '\n' | grep -v '^$' | sort -u )
echo "$all" > /root/tmp/all
echo "$enable" > /root/tmp/enable
badEnable=$(chroot /root comm -1 -3 /tmp/all /tmp/enable)
disable=$(chroot /root comm -2 -3 /tmp/all /tmp/enable)
#echo "==== all (file) ===="
#cat /root/tmp/all
#echo "==== enable (file) ===="
#cat /root/tmp/enable
#echo "================"
echo
echo "Services :"
echo
echo All services : $all
echo
echo Base services : $base
echo
echo Extra services : $extra
echo
echo enable : $enable
echo
echo disable : $disable
echo
echo mask : $EXCLUDE_SERVICES
echo
#if [ -n "$badEnable" ]; then
# echo "!!! Invalid enable service(s) ! : $badEnable"
# sleep 1
#fi
export enable
export disable
OLDROOT=$ROOT
unset ROOT
set -x
for i in $enable; do
chroot /root systemctl unmask $i
chroot /root systemctl enable $i
done
for i in $disable; do
chroot /root systemctl disable $i
done
chroot /root systemctl mask $EXCLUDE_SERVICES
set +x
ROOT=$OLDROOT
}
updateHdb() {
#set -x
if [ $HDB_PART_FORMAT = 1 ]; then
if ! fdisk -l /dev/vdb | grep -q vdb1; then
#/bin/sh -i
echo -e 'n\np\n1\n\n\np\nw\n' | fdisk /dev/vdb
/root/sbin/mkfs.ext4 -j /dev/vdb1
#/bin/sh -i
#mv \$mdir \$mdir.bak
fi
[ ! -d /root/mnt/vdb1 ] && mkdir /root/mnt/vdb1
mount -o errors=remount-ro /dev/vdb1 /root/mnt/vdb1
fi
if [ -n "$HDB_DIRS" ]; then
if ! mount | grep -q /root/mnt/vdb1 ; then
echo
echo "/root/mnt/vdb1 non monté ! Abandon du transfert des répertoires"
echo
sleep 3
fi
for i in $HDB_DIRS; do
if [ ! -d /root/mnt/vdb1/$i ]; then
[ ! -d $(dirname /root/mnt/vdb1/$i) ] && mkdir -p $(dirname /root/mnt/vdb1/$i)
if [ -d /root/$i ]; then
cp -a /root/$i /root/mnt/vdb1/$i
else
mkdir -p /root/mnt/vdb1/$i
fi
fi
mount -o bind /root/mnt/vdb1/$i /root/$i || echo "Error mount /mnt/vdb1/$i !" >&2
done
set +x
fi
}
listDisks() {
if [ "$EMULATOR" = "linux" ]; then
ls /dev/ubd[[:lower:]] # | grep -E 'udb[:lower:]r?'
else
ls /dev/?d[[:lower:]]
fi
}
echo
echo "=== Start mount-root script..."
echo
#set -eu
set -a
. /etc/vdn/config
set +a
#cat /etc/vdn/config
echo "EMULATOR=$EMULATOR" >&2
echo "MODE=$MODE" >&2
echo "NB_DISK=$NB_DISK" >&2
listDisks >&2
# Sauvegarde
saveDev=$(listDisks | head -n $((1+$NB_DISK)) | tail -n 1 )
if [ $MODE = tgz ]; then
if [ "$(dd if=$saveDev count=1 bs=512 2>/dev/null | wc -c)" = "0" ]; then
saveDev=""
fi
fi
#echo "saveDev=$saveDev"
# Aufs (now : overlayfs)
aufsDev=""
if [ $MODE = tgz ]; then
aufsDev=$(listDisks | head -n $((2+$NB_DISK)) | tail -n 1 )
fi
#echo "aufsDev=$aufsDev"
mountUnionDirs_$MODE
updateHdb
beforeExtractTgz
setServices
setNetwork
if [ $MODE = tgz ]; then
extractSaveTgz
fi
if [ ! -e /root-rw/data/etc/hostname ]; then
if [ $SET_HOSTNAME = 1 ]; then
echo "$GUEST_NAME" > /root-rw/data/etc/hostname
else
echo "" > /root-rw/data/etc/hostname
fi
fi
# disable halt reboot shutdown poweroff
if [ $MODE = tgz ]; then
for i in halt reboot shutdown poweroff; do
[ -e /root/sbin/$i -a ! -e /root/sbin/.$i ] && mv /root/sbin/$i /root/sbin/.$i
#/bin/rm -f /root/sbin/$i 2> /dev/null
cat << EOF > /root/sbin/$i
#!/bin/bash
echo -e "\$0 is disable in TGZ mode !\nUse vdn-halt host command or halt in the GUI." >&2
exit 1
EOF
chmod 755 /root/sbin/$i
done
fi
#if [ ! -e /root/root/.vimrc ]; then
# sed -re 's/"syntax on/syntax on/' /root/etc/vim/vimrc > /root/root/.vimrc
#fi
# runlevel
chroot /root systemctl set-default $RUNLEVEL
cat << EOF > /root/etc/rc.local.old
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
mount -t tmpfs tmpfs /run -o remount,size=20M
[ -x /root/firewall.sh ] && /root/firewall.sh
[ -e /etc/start ] && bash /etc/start &
exit 0
EOF
#chmod 755 /root/etc/rc.local
if [ -n "$HOSTS" ]; then
#echo "Generate /etc/hosts"
(
echo "
127.0.0.1 localhost
127.0.1.1 debian
"
echo "$HOSTS" | while read name; do
if echo $name | grep -q PUB; then
name=$(echo $name | sed -re 's/^[[:space:]]*PUB[^[:space:]]*[[:space:]]+([^[:space:]]+).*$/\1/')
pub=$(echo $PUBLICS_IP | sed -re 's/^.*'$name':([0-9.]+).*$/\1/')
echo "replace $name ($pub)..." >&2
name="$pub $name"
fi
echo "$name"
done
echo "
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
"
) > /root/etc/hosts
cat /root/etc/hosts
fi
#cat /root/root/.ssh/authorized_keys
#echo
[ -e /root/etc/vdn/authorized-root.txt ] && {
echo "Add authorized root(s)" >&2
cat /root/etc/vdn/authorized-root.txt | while read l; do
echo " found $l"
cat /root/root/.ssh/authorized_keys | grep -q "$l$" || {
echo " add $l"
echo "$l" >> /root/root/.ssh/authorized_keys
}
done
}
#echo
#cat /root/root/.ssh/authorized_keys
#echo "end of $0"
#sleep 3
#/bin/sh -i
#echo "###################################################################"

41
vdn/distribs/guests/overlay/debian/bullseye/save
Unescape View File

@ -0,0 +1,41 @@
#!/usr/bin/env bash
set -eu
sync
if ! cat /proc/cmdline | grep -q vdn-emulator; then
echo "Commande réservée à un système VDN." >&2
exit 1
fi
. /etc/vdn/config
e=""
for i in $SAVE_EXCLUDE; do
e="$e --exclude $i"
done
set +u
if [ "$CLEAR_LOG_WHEN_SAVE" = 1 ]; then
find /var/log -type f ! -name "*.gz" -exec truncate -s 0 {} \;
find /var/log -maxdepth 2 -type f -name '*log' -exec truncate -s 0 {} \;
fi
if [ "$DELETE_LOG_GZ = 1" ]; then
find /var/log -type f -name "*.gz" -delete
fi
set -u
cd /overlays/rw/data
tar $e -czpf - .
#umount -a
#sync
#sleep 1
#/usr/sbin/.poweroff

Some files were not shown because too many files have changed in this diff Show More

Write Preview
Loading…
Cancel
Save