diff options
author | Eric Thibodeau <kyron@neuralbs.com> | 2008-07-01 20:42:40 -0400 |
---|---|---|
committer | Eric Thibodeau <kyron@neuralbs.com> | 2008-07-01 20:42:40 -0400 |
commit | 3d2c2067fb5dc390ec8c78762b06ebffa265ce95 (patch) | |
tree | 551ededf9c986d8e9d374457012da05739f2a59e /overlay | |
download | clustering-livecd-3d2c2067fb5dc390ec8c78762b06ebffa265ce95.tar.gz clustering-livecd-3d2c2067fb5dc390ec8c78762b06ebffa265ce95.tar.bz2 clustering-livecd-3d2c2067fb5dc390ec8c78762b06ebffa265ce95.zip |
Initial commit
Diffstat (limited to 'overlay')
-rw-r--r-- | overlay/app-admin/diradm/ChangeLog | 136 | ||||
-rw-r--r-- | overlay/app-admin/diradm/Manifest | 4 | ||||
-rw-r--r-- | overlay/app-admin/diradm/diradm-2.9.3-r1.ebuild | 74 | ||||
-rw-r--r-- | overlay/app-admin/diradm/files/diradm-2.9.3-emptyUID.patch | 12 | ||||
-rw-r--r-- | overlay/net-nds/lat/Manifest | 2 | ||||
-rw-r--r-- | overlay/net-nds/lat/lat-1.2.3.ebuild | 45 | ||||
-rw-r--r-- | overlay/net-nds/ldap-auth/Manifest | 2 | ||||
-rw-r--r-- | overlay/net-nds/ldap-auth/files/cluster_ldap_skel.conf | 91 | ||||
-rw-r--r-- | overlay/net-nds/ldap-auth/ldap-auth-0.1.ebuild | 435 | ||||
-rw-r--r-- | overlay/sys-cluster/beowulf-head/beowulf-head-0.1.ebuild | 136 | ||||
-rw-r--r-- | overlay/sys-cluster/beowulf-head/files/beowulf_cluster.conf | 36 |
11 files changed, 973 insertions, 0 deletions
diff --git a/overlay/app-admin/diradm/ChangeLog b/overlay/app-admin/diradm/ChangeLog new file mode 100644 index 0000000..314977d --- /dev/null +++ b/overlay/app-admin/diradm/ChangeLog @@ -0,0 +1,136 @@ +# ChangeLog for app-admin/diradm +# Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/diradm/ChangeLog,v 1.32 2008/02/20 23:03:36 robbat2 Exp $ + + 30 Jun 2008; Eric Thibodeau <kyron@neuralbs.com> diradm-2.9.3-r1.ebuild: + Add diradm-2.9.3-emptyUID.patch to fix empty UID bug. + + 20 Feb 2008; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.3.ebuild: + Stable on amd64 per misplaced bug #181562. + + 14 Jun 2007; Tobias Scherbaum <dertobi123@gentoo.org> diradm-2.9.3.ebuild: + ppc stable, bug #181562 + + 12 Jun 2007; Markus Ullmann <jokey@gentoo.org> diradm-2.9.3.ebuild: + Stable on x86 wrt bug #181562 + + 11 Jun 2007; Markus Rothe <corsair@gentoo.org> diradm-2.9.3.ebuild: + Stable on ppc64; bug #181562 + + 07 Jun 2007; Christian Faulhammer <opfer@gentoo.org> ChangeLog: + modified ChangeLog to meet common standards + + 26 Apr 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.1.ebuild, + diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild, + diradm-2.5.ebuild, diradm-2.8.2.ebuild, diradm-2.9.ebuild, + diradm-2.9.1.ebuild, diradm-2.9.3.ebuild: + Clean up all usage of HOMEPAGE in SRC_URI, as well as not installing COPYING. + + 10 Apr 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.ebuild: + Refix #172174. + +*diradm-2.9.3 (30 Mar 2007) + + 30 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.1.ebuild, + +diradm-2.9.3.ebuild: + Bump for new upstream version, and also fix bug #172174 for IUSE. + +*diradm-2.9.1 (22 Mar 2007) + + 22 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.ebuild, + +diradm-2.9.1.ebuild: + Add 2.9.1 release with a last minute upstream fix. + +*diradm-2.9 (22 Mar 2007) + + 22 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.9.ebuild: + Add 2.9 version to the tree, read the release notes and changelog!. + +*diradm-2.8.2 (22 Mar 2007) + + 22 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.5.ebuild, + +diradm-2.8.2.ebuild: + Add ~amd64 and bump diradm to 2.8.2, after a long series of private-use + releases. 2.8 and later releases bring in an automated test suite. Also read + KNOWN-BUGS for places where LDAP is just plain incompatible with POSIX, and + workarounds for this. + + 24 Jan 2007; Marius Mauch <genone@gentoo.org> diradm-1.1.ebuild, + diradm-1.1-r1.ebuild, diradm-1.2.ebuild, diradm-2.1.ebuild, + diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild, + diradm-2.5.ebuild: + Replacing einfo with elog + + 04 Jan 2007; Steve Dibb <beandog@gentoo.org> diradm-1.1.ebuild, + diradm-1.1-r1.ebuild, diradm-1.2.ebuild, diradm-2.1.ebuild, + diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild, + diradm-2.5.ebuild: + ebuild cleanup, bug 157661 + + 11 Feb 2006; Michael Cummings <mcummings@gentoo.org> diradm-2.1.ebuild, + diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild, + diradm-2.5.ebuild: + Setting virtual for MIME-Base64 + +*diradm-2.5 (30 Aug 2005) + + 30 Aug 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.5.ebuild: + New upstream version. + + 13 Aug 2005; Michael Hanselmann <hansmi@gentoo.org> diradm-2.4.ebuild: + Stable on ppc. + + 12 Aug 2005; Robin H. Johnson <robbat2@gentoo.org> diradm-1.2.ebuild, + diradm-2.4.ebuild: + Stabilize 1.2 and 2.4 on x86. + +*diradm-2.4 (04 Jul 2005) + + 04 Jul 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.4.ebuild: + Version bump. + + 25 May 2005; Michael Cummings <mcummings@gentoo.org> diradm-2.3.ebuild: + dev-perl/MIME-Base64 => perl-core/MIME-Base64 migration + + 25 May 2005; Michael Cummings <mcummings@gentoo.org> diradm-2.2.ebuild: + dev-perl/MIME-Base64 => perl-core/MIME-Base64 migration + + 25 May 2005; Michael Cummings <mcummings@gentoo.org> diradm-2.1.ebuild: + dev-perl/MIME-Base64 => perl-core/MIME-Base64 migration + +*diradm-2.3 (09 Jan 2005) + + 09 Jan 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.3.ebuild: + new version. + +*diradm-2.2 (09 Jan 2005) + + 09 Jan 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.2.ebuild: + New version. + +*diradm-2.1 (23 Dec 2004) + + 23 Dec 2004; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.1.ebuild: + New major revision, from a forked tree (by myself). + + 05 Oct 2004; Pieter Van den Abeele <pvdabeel@gentoo.org> diradm-1.2.ebuild: + Masked diradm-1.2.ebuild stable for ppc + + 21 Jul 2004; David Holm <dholm@gentoo.org> diradm-1.2.ebuild: + Added to ~ppc. + +*diradm-1.2 (19 Jul 2004) +*diradm-1.1-r1 (19 Jul 2004) + + 19 Jul 2004; Robin H. Johnson <robbat2@gentoo.org> diradm-1.1-r1.ebuild, + diradm-1.2.ebuild, metadata.xml: + ebuild cleanup, version bump. + + 12 Mar 2004; Michael Sterrett <mr_bones_@gentoo.org> diradm-1.1.ebuild: + Don't assign default to S; header fix + +*diradm-1.1 (05 Jul 2003) + + 05 Jul 2003; Robin H. Johnson <robbat2@gentoo.org> diradm-1.1.ebuild: + Initial commit + diff --git a/overlay/app-admin/diradm/Manifest b/overlay/app-admin/diradm/Manifest new file mode 100644 index 0000000..024d868 --- /dev/null +++ b/overlay/app-admin/diradm/Manifest @@ -0,0 +1,4 @@ +AUX diradm-2.9.3-emptyUID.patch 402 RMD160 67d06408d2dea38a8fe27cab30ce1338ebf8c66f SHA1 45103f49c5bbbed4703bd3548181c10c6b138a12 SHA256 3f08354844e55a0fe0d7d05806244be4efd9158afd709c0038af8ac8ed0395aa +DIST diradm-2.9.3.tar.bz2 105362 RMD160 b4c24bbcecfd8f092f510663eb512b600f1c4ce2 SHA1 8451ff3023bd18c7b29200bc495db8a22f1f8935 SHA256 4bd8261c11916caab989b596c78f648510225de4d52af3c9a425ef92bf6a096d +EBUILD diradm-2.9.3-r1.ebuild 2133 RMD160 545f71372e8c529e44d635822045202dbebcdf7d SHA1 e0b4ab6e49f639dfc00eb4a31a87fda13b55567a SHA256 51fbd7ab8eb2d116903c0ad65a85dbf6ced1edf20817237e7383ef4bedc860b4 +MISC ChangeLog 4760 RMD160 378e53d71a636caad2aced83a0b883bef8a9be2f SHA1 749ef3669fa410e7d8a918eb3aaee4a5a680e544 SHA256 8ec5a9d29de2fa9b08f4564b25844d5553944c03f5591abf1e8f0a741dbc148e diff --git a/overlay/app-admin/diradm/diradm-2.9.3-r1.ebuild b/overlay/app-admin/diradm/diradm-2.9.3-r1.ebuild new file mode 100644 index 0000000..954e0c9 --- /dev/null +++ b/overlay/app-admin/diradm/diradm-2.9.3-r1.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/diradm/diradm-2.9.3.ebuild,v 1.6 2008/02/20 23:03:36 robbat2 Exp $ + +inherit eutils + +DESCRIPTION="diradm is a nearly complete nss/shadow suite for managing POSIX users/groups/data in LDAP." +#HOMEPAGE="http://research.iat.sfu.ca/custom-software/diradm/" +#SRC_URI="${HOMEPAGE}/${P}.tar.bz2" +HOMEPAGE="http://orbis-terrarum.net/~robbat2/" +SRC_URI="http://orbis-terrarum.net/~robbat2/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc ppc64 x86" +IUSE="samba irixpasswd automount test" +DEPEND="net-nds/openldap + sys-apps/gawk + sys-apps/coreutils + sys-apps/grep + dev-lang/perl + app-shells/bash + sys-apps/sed + virtual/perl-MIME-Base64 + samba? ( + dev-perl/Crypt-SmbHash + >=net-fs/samba-3.0.6 + ) + test? ( dev-perl/Crypt-SmbHash >=net-fs/samba-3.0.6 dev-util/dejagnu )" + +src_unpack() { + unpack ${A} + cd "${S}/src" + epatch "${FILESDIR}"/diradm-2.9.3-emptyUID.patch +} +pkg_setup() { + if use test; then + if built_with_use net-nds/openldap minimal ; then + die "You MUST have a non-minimal build of OpenLDAP to use the testcases!" + fi + elog "Warning, for test usage, diradm is built with all optional features!" + fi +} + +src_compile() { + local myconf + if use test; then + myconf="--enable-samba --enable-automount --enable-irixpasswd" + else + myconf="`use_enable samba` `use_enable automount` `use_enable irixpasswd`" + fi + econf ${myconf} || die "econf failed" + emake || die "emake failed" +} + +src_install() { + emake install DESTDIR="${D}" || die "emake install failed" + dodoc CHANGES* README AUTHORS ChangeLog NEWS README.prefork THANKS TODO KNOWN-BUGS + if use irixpasswd; then + insinto /etc/openldap/schema + doins irixpassword.schema + fi +} + +pkg_postinst() { + elog "The new diradm pulls many settings from your LDAP configuration." + elog "But don't forget to customize /etc/diradm.conf for other settings." + elog "Please see the README to instructions if you problems." +} + +src_test() { + use test || die "You must build diradm with USE=test to run the testcases!" + emake -j1 check +} diff --git a/overlay/app-admin/diradm/files/diradm-2.9.3-emptyUID.patch b/overlay/app-admin/diradm/files/diradm-2.9.3-emptyUID.patch new file mode 100644 index 0000000..6bc86c2 --- /dev/null +++ b/overlay/app-admin/diradm/files/diradm-2.9.3-emptyUID.patch @@ -0,0 +1,12 @@ +--- src/diradm.user.sh.in 2007-03-30 06:44:10.000000000 -0400 ++++ src.new/diradm.user.sh.in 2008-06-30 12:31:53.986106620 -0400 +@@ -59,8 +59,8 @@ + exit 4 + fi + else +- UIDNUMBER="${UIDNUMBERMIN}" + UIDNUMBER="$(usernextfreeuid)" ++ [ -z "${UIDNUMBER}" ] && UIDNUMBER="${UIDNUMBERMIN}" + if [ "${UIDNUMBER}" -gt "${UIDNUMBERMAX}" ]; then + echo "${modulename}: Can't get unique uid" + exit 4 diff --git a/overlay/net-nds/lat/Manifest b/overlay/net-nds/lat/Manifest new file mode 100644 index 0000000..b826451 --- /dev/null +++ b/overlay/net-nds/lat/Manifest @@ -0,0 +1,2 @@ +DIST lat-1.2.3.tar.gz 463225 RMD160 56fad3d30ad19bfc267403368547c4d53a481b87 SHA1 52e2de528d2fa35519b2d67cd2937d4d524001de SHA256 8071bcacb3f5be5b10f7a154cf64f007670b67415f986e0794202643ab52e16e +EBUILD lat-1.2.3.ebuild 1249 RMD160 8b602a71c213def241788ba14f48dab549c18a12 SHA1 840c3049d082e141fd7291d3b114db698754eb2c SHA256 e6a905b2519160d390f8cb0a302fb6512ad29e352325a4cf3431ade27a97d085 diff --git a/overlay/net-nds/lat/lat-1.2.3.ebuild b/overlay/net-nds/lat/lat-1.2.3.ebuild new file mode 100644 index 0000000..7e1db14 --- /dev/null +++ b/overlay/net-nds/lat/lat-1.2.3.ebuild @@ -0,0 +1,45 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-nds/lat/lat-1.2.2.ebuild,v 1.1 2007/04/08 18:38:31 bass Exp $ + +inherit gnome2 mono versionator + +KEYWORDS="~amd64 x86" + +DESCRIPTION="LDAP Administration Tool, allows you to browse LDAP-based directories and add/edit/delete entries." +HOMEPAGE="http://dev.mmgsecurity.com/projects/lat" +SRC_URI="http://dev.mmgsecurity.com/downloads/${PN}/$(get_version_component_range 1-2)/${P}.tar.gz" +LICENSE="GPL-2" +IUSE="avahi dbus" +SLOT="0" + +RDEPEND=">=dev-lang/mono-1.1.13 + >=dev-dotnet/gtk-sharp-2.8 + >=dev-dotnet/gnome-sharp-2.8 + >=dev-dotnet/glade-sharp-2.8 + >=dev-dotnet/gconf-sharp-2.8 + >=gnome-base/gnome-keyring-0.4 + sys-apps/dbus + avahi? ( net-dns/avahi )" +DEPEND="${RDEPEND} + app-text/scrollkeeper + dev-util/pkgconfig" + +src_compile() { + econf \ + $(use_enable avahi) \ + || die "econf failed" + emake || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed" + dodoc AUTHORS ChangeLog NEWS README TODO +} + +pkg_postinst() { + if use avahi ; then + ewarn "You've enabled avahi support." + ewarn "Make sure the avahi daemon is running before you try to start ${PN}" + fi +} diff --git a/overlay/net-nds/ldap-auth/Manifest b/overlay/net-nds/ldap-auth/Manifest new file mode 100644 index 0000000..caab865 --- /dev/null +++ b/overlay/net-nds/ldap-auth/Manifest @@ -0,0 +1,2 @@ +AUX cluster_ldap_skel.conf 3737 RMD160 eb82a475caa338f29dbd7bc64d0de659829d52f7 SHA1 bf5cbca83cec4633442523506123c92862d27623 SHA256 d03ddca79b751e182c44d346c555c7bd08f411cd87c32608915964de9664810b +EBUILD ldap-auth-0.1.ebuild 12734 RMD160 cc4869546234d9496beff0318afa22a037e7b734 SHA1 bacacc1425cdd63fd5a5140f1d445c795734d8e8 SHA256 5b18dc255b9c96fc26422ef96bd9d73d36b13934b713a4342ba18413d41b2b0a diff --git a/overlay/net-nds/ldap-auth/files/cluster_ldap_skel.conf b/overlay/net-nds/ldap-auth/files/cluster_ldap_skel.conf new file mode 100644 index 0000000..83c2e42 --- /dev/null +++ b/overlay/net-nds/ldap-auth/files/cluster_ldap_skel.conf @@ -0,0 +1,91 @@ +#!/bin/bash +# By Eric Thibodeau +# 01 July 2008 +# +# NOTES: +# * it is usually suggested to keep all LDAP definitions in +# _lower case_... but do as youi wish! +# * all *_DESC variables are optionnal and are simply used +# in the description field of the LDAP db. + +# The following is to tell pkg_config that this files has been revised +# Set it to "yes" once you're done +CONFIG_OK="no" + +# What is the name you want to give the LDAP domain? +# say we wanted the domain to be gentoo.local you would +# put the following: +#DOMAIN="gentoo.local" +# or, in a more automated-generally-speaking sense: +#DOMAIN=$(hostname -d) +# Since this is the Clustering template, our Domain Context +# is actually more like : "machine.domain.com". ASSuming +# the machine is set up right, we can pull that in autmatically +# using the following: +DOMAIN=$(hostname -f) +DOMAIN_DESC="This the LDAP server residing on $DOMAIN" + +# Which part of your organisation is this machine filling in +# for? In the present example, this is the cluster so we'll call +# this Organizational Unit (ou) cluster: +OU="cluster" +OU_DESC="Clustering department branch. All units defined under this branch are for use by the cluster" + +# We will create some specific branches under that cluster, +# logically, we'll have users and groups to manage these, so +# we will minimally impose the definition of these two: +USERS_OU="users" +USERS_OU_DESC="Cluster specific Users" +GROUPS_OU="groups" +GROUPS_OU_DESC="Cluster specific Groups" + +# OUTHER_OU is parsed to automatically create other sub-OU under +# the one defined above (as OU). This could be, for example: +#OTHER_OU="aliases networks hosts" + +# if you want descriptions to be added to each of these groups +# automatically in the LDAP database, dedine a separate _DESC +# vairable for each. For example: +#aliases_DESC="This is the container for user aliases" +#hosts_DESC="This is the container for static host descriptions" + +# Although this is often a philosophical debate, we'll stick +# with having an admin for the ldap user database and one +# for managing it's contents. Here is the dirrerence in their +# role: +# +# The ADMIN_DN will be the user used to create the ldap db +# and have total control over it. This user is typically useful +# only at creation and dumping/migration of the database. This +# user _always_ has TOTAL access to the LDAP db where it's +# defined. One typically _doesn't_ use this user to mange the +# LDAP database, the user defined in ADMIN_DN is the one to use. +# +LDAP_ADMIN_DN="admin" +# This is the paswsord to use for LDAP management tasks and is the +# one that is stored in /etc/openldap/slapd.conf (but we at least +# hash it ;) +LDAP_ADMIN_DN_PWD="default" + +# The following user will essentially be identical to root, you're better +# off not renaming him. +ADMIN_DN="root" +ADMIN_DN_DESC="root account (under LDAP)" + +# The following is the name of the group used to identify people +# with full access to the LDAP db. One advantage is that the members +# of this group can be dynamically changed within the LDAP db. NOTE: +# Since it's given the same gid as wheel, it's functionnaly equivalent!!! +ADMIN_GROUP_DN="wheel" +ADMIN_GROUP_DN_DESC="Users in this group can freely modify the LDAP directory at will" + +# The following is the place to put the resulting generated files +# usually we'd want this to be ROOT="/" ...if you trust the script +# entirely ;). We use the environment's $ROOT if one is available... +[[ -z $ROOT ]] && ROOT="/" + +# The LDIF_OUT defines the name of the ldif file that will be automatically +# created by the script. It's only really useful if you want to keep that file +# afterwards for xyz reason (obviously, LDIF_OUT_KEEP has to be set to yes): +LDIF_OUT="./create_db.ldif" +LDIF_OUT_KEEP="yes" diff --git a/overlay/net-nds/ldap-auth/ldap-auth-0.1.ebuild b/overlay/net-nds/ldap-auth/ldap-auth-0.1.ebuild new file mode 100644 index 0000000..459c4e7 --- /dev/null +++ b/overlay/net-nds/ldap-auth/ldap-auth-0.1.ebuild @@ -0,0 +1,435 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +DESCRIPTION="This meta ebuild automates the configuration of OpenLDAP as the authentification backend" +HOMEPAGE="http://code.google.com/soc/2008/gentoo/appinfo.html?csaid=79DB497BA0D95148" +SRC_URI="" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~x86" +IUSE="autoconfigure authmaster" + +DEPEND="" +RDEPEND="sys-auth/nss_ldap + sys-auth/pam_ldap + app-admin/diradm" + +inherit confutils + +CONFIG_FILE="/etc/conf.d/ldap_auth.conf" +TEMPLATE_FILE="${FILESDIR}/cluster_ldap_skel.conf" + +pkg_setup() { + if use authmaster; then + if built_with_use net-nds/openldap minimal ; then + die "You MUST have a non-minimal build of OpenLDAP to use ${P}!" + fi + fi +} + +src_install() +{ + if use authmaster; then + cp $TEMPLATE_FILE ./ldap_auth.conf + doconfd ./ldap_auth.conf + if ! use autoconfigure; then + elog "You need to edit $CONFIG_FILE to your likings" + elog "Once you are done, set CONFIG_OK=\"yes\" in there and" + elog "call emerge --config =${CATEGORY}/${PF}" + fi + fi +} + +parse_config() +{ + . $1 + # Derived VARs: + DC="dc=${DOMAIN//\./,dc=}" + BASE_DN="ou=$OU,$DC" + BASE_DN_DESC="$OU_DESC" + USR_DN="ou=$USERS_OU,$BASE_DN" + GRP_DN="ou=$GROUPS_OU,$BASE_DN" + ROOTDN="cn=$LDAP_ADMIN_DN,$DC" + ROOTDNPWD="$LDAP_ADMIN_DN_PWD" + DBDIR="/var/lib/openldap-${DOMAIN}-data" + + # Config Files: + SLAPDCONF="${ROOT}/etc/openldap/slapd.conf" + ETCSLAP="${ROOT}/etc/ldap.conf" + [ -f $SLAPDCONF ] || mkdir -p $(dirname $SLAPDCONF) + [ -f $ETCSLAP ] || mkdir -p $(dirname $ETCSLAP) + +} + +make_slapd_conf() +{ + [ -f $SLAPDCONF ] && mv $SLAPDCONF ${SLAPDCONF}.${PN}.bak + cat > $SLAPDCONF <<-EOF + # + # Based on instructoins from: http://www.gentoo.org/doc/en/ldap-howto.xml + # See slapd.conf(5) for details on configuration options. + # This file should NOT be world readable. + # + + # Schema definitions, these are order sensitive + include /etc/openldap/schema/core.schema + include /etc/openldap/schema/cosine.schema + include /etc/openldap/schema/inetorgperson.schema + include /etc/openldap/schema/nis.schema + + + # Do not enable referrals until AFTER you have a working directory + # service AND an understanding of referrals. + #referral ldap://root.openldap.org + + pidfile /var/run/openldap/slapd.pid + argsfile /var/run/openldap/slapd.args + + # Define global ACLs to disable default read access. + + # Sample security restrictions + # Require integrity protection (prevent hijacking) + # Require 112-bit (3DES or better) encryption for updates + # Require 63-bit encryption for simple bind + # security ssf=1 update_ssf=112 simple_bind=64 + + # Sample access control policy: + # Root DSE: allow anyone to read it + # Subschema (sub)entry DSE: allow anyone to read it + # Other DSEs: + # Allow self write access + # Allow authenticated users read access + # Allow anonymous users to authenticate + # Directives needed to implement policy: + # access to dn.base="" by * read + # access to dn.base="cn=Subschema" by * read + # access to * + # by self write + # by users read + # by anonymous auth + # + # if no access controls are present, the default policy + # allows anyone and everyone to read anything but restricts + # updates to rootdn. (e.g., "access to * by * read") + # + # rootdn can always read and write EVERYTHING! + + # We define ACLs on a per-DB basis below, so no access as a default: + access to * by * none + + # Database definitions (only have one here but you could have more than 1): + + database hdb + suffix "$DC" + # <kbyte> <min> + checkpoint 32 30 + rootdn "$ROOTDN" + # Cleartext passwords, especially for the rootdn, should + # be avoid. See slappasswd(8) and slapd.conf(5) for details. + # Use of strong authentication encouraged. + rootpw $(slappasswd -s $ROOTDNPWD) + # The database directory MUST exist prior to running slapd AND + # should only be accessible by the slapd and slap tools. + # Mode 700 recommended. + directory $DBDIR + # Indices to maintain + index objectClass,uid,uidNumber eq + + # Auto-Generated ACL definitions: + + access to attrs=userPassword + by set="[cn=$ADMIN_GROUP_DN,$GRP_DN]/member* & user" write + by dn="uid=$ADMIN_DN,$USR_DN" write + by self write + by anonymous auth + by * none + + access to * + by set="[cn=$ADMIN_GROUP_DN,$GRP_DN]/member* & user" write + by dn="uid=$ADMIN_DN,$USR_DN" write + by * read + + EOF + +} + +make_lapd_confs() +{ + # etc/openldap/ldap.conf file: + cat > ${ROOT}/etc/openldap/ldap.conf <<-EOF + # Autogenerated by $0 + base $BASE_DN + uri ldap://$(hostname -f):389/ + rootbinddn $ROOTDN + EOF + + # etc/ldap.conf file: + [[ -f ${ROOT}/etc/ldap.conf ]] && cp ${ROOT}/etc/ldap.conf ${ROOT}/etc/ldap.conf.orig + cat > ${ROOT}/etc/ldap.conf <<-EOF + host $(hostname -f) + base $BASE_DN + uri ldap://$(hostname -f):389/ + + # The distinguished name to bind to the server with + # if the effective user ID is root. Password is + # stored in /etc/ldap.secret (mode 600) + #rootbinddn $ROOTDN + + # The search scope. + scope sub + #scope one + #scope base + + # Reconnect policy: + # hard_open: reconnect to DSA with exponential backoff if + # opening connection failed + # hard_init: reconnect to DSA with exponential backoff if + # initializing connection failed + # hard: alias for hard_open + # soft: return immediately on server failure + bind_policy hard + + ldap_version 3 + + # Use the OpenLDAP password change + # extended operation to update the password. + pam_password exop + #pam_filter objectclass=posixAccount + pam_login_attribute uid + pam_member_attribute gid + pam_password md5 + + #RFC2307bis naming contexts + # Syntax: + # nss_base_XXX base?scope?filter + # where scope is {base,one,sub} + # and filter is a filter to be &'d with the + # default filter. + # You can omit the suffix eg: + # nss_base_passwd ou=People, + # to append the default base DN but this + # may incur a small performance impact. + nss_base_passwd ou=users,$BASE_DN?one + nss_base_shadow ou=users,$BASE_DN?one + nss_base_group ou=groups,$BASE_DN?one + #nss_base_hosts ou=Hosts,$BASE_DN?one + #nss_base_services ou=Services,$BASE_DN?one + #nss_base_networks ou=Networks,$BASE_DN?one + #nss_base_protocols ou=Protocols,$BASE_DN?one + #nss_base_rpc ou=Rpc,$BASE_DN?one + #nss_base_ethers ou=Ethers,$BASE_DN?one + #nss_base_netmasks ou=Networks,$BASE_DN?ne + #nss_base_bootparams ou=Ethers,$BASE_DN?one + #nss_base_aliases ou=Aliases,$BASE_DN?one + #nss_base_netgroup ou=Netgroup,$BASE_DN?one + + # For Gentoo's distribution of nss_ldap, as of 250-r1, we use these values + # (The hardwired constants in the code are changed to them as well): + #nss_reconnect_tries 4 # number of times to double the sleep time + #nss_reconnect_sleeptime 1 # initial sleep value + #nss_reconnect_maxsleeptime 16 # max sleep value to cap at + #nss_reconnect_maxconntries 2 # how many tries before sleeping + # This leads to a delay of 15 seconds (1+2+4+8=15) + + # If you are impatient, and know your LDAP server is reliable, fast or local, + # you may wish to use these values instead: + nss_reconnect_tries 1 # number of times to double the sleep time + nss_reconnect_sleeptime 1 # initial sleep value + nss_reconnect_maxsleeptime 1 # max sleep value to cap at + nss_reconnect_maxconntries 3 # how many tries before sleeping + # This leads to a delay of 1 second. + EOF +} + +install_pam_auth() +{ + SYSAUTH="${ROOT}/etc/pam.d/system-auth" + if [[ ! -f $SYSAUTH ]] + then + mkdir -p $(dirname $SYSAUTH) + cp /etc/pam.d/system-auth $SYSAUTH + fi + cp $SYSAUTH ${SYSAUTH}.${PN}.bak + + einfo "OVERWRITING $SYSAUTH" + cat > $SYSAUTH <<-EOF + #%PAM-1.0 + # Savagely copied over from http://gentoo-wiki.com/HOWTO_LDAPv3#Configuration :P + + auth required pam_env.so + auth [success=ignore default=1] pam_localuser.so + auth [success=done new_authtok_reqd=done default=1] pam_unix.so likeauth nullok try_first_pass + auth sufficient pam_ldap.so try_first_pass + auth required pam_deny.so + + account sufficient pam_unix.so + account sufficient pam_ldap.so + + password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 + password sufficient pam_unix.so nullok md5 shadow use_authtok + password sufficient pam_ldap.so use_authtok + password required pam_deny.so + + session required pam_limits.so + session required pam_unix.so + #Creates the home directories if they do not exist + session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 + session optional pam_ldap.so + EOF +} + +install_nssswitch() +{ + NNSSWITCH="${ROOT}/etc/nsswitch.conf" + if [[ ! -f $NNSSWITCH ]] + then + mkdir -p $(dirname $NNSSWITCH) + cp /etc/nsswitch.conf $NNSSWITCH + fi + cp $NNSSWITCH ${NNSSWITCH}.${PN}.bak + einfo "Modifying $NNSSWITCH" + for I in passwd shadow group $OTHER_OU + do + sed -i -e"s:\(^${I}.*\):\1 ldap:" $NNSSWITCH + done +} + +make_ldif() +{ + # NOTE: LDIF_OUT is defined in the config file + cat > $LDIF_OUT <<-EOF + dn: $DC + o: $DOMAIN + objectClass: organization + objectClass: dcObject + description: $DOMAIN_DESC + + dn: $BASE_DN + ou: $OU + objectClass: top + objectClass: organizationalUnit + description: $BASE_DN_DESC + + #dn: cn=${LDAP_ADMIN_DN},$DC + #objectClass: person + #cn: $LDAP_ADMIN_DN + #sn: $LDAP_ADMIN_DN + EOF + + for OU in $USERS_OU $GROUPS_OU $OTHER_OU + do + DESC=$(eval echo "$"${I}_DESC) + cat >> $LDIF_OUT <<-EOF + + dn: ou=${OU},$BASE_DN + ou: $OU + objectClass: top + objectClass: organizationalUnit + EOF + [[ ! -z $DESC ]] && echo " description: $DESC" >> $LDIF_OUT + done + + # We need to define at least one user with GODlike rights :) + cat >> $LDIF_OUT <<-EOF + + dn: cn=${ADMIN_DN},$USR_DN + cn: $ADMIN_DN + sn: $ADMIN_DN + gidNumber: 0 + uid: $ADMIN_DN + uidNumber: 0 + homeDirectory: /home/root + loginShell: /bin/bash + # we need at least one STRUCTURAL objectClass: so we choose inetOrgPerson + # as it is the most popular in such a context and will require less fscking + # around of the management tools (such as lat) + objectClass: inetOrgPerson + objectClass: posixAccount + objectClass: shadowAccount + description: $ADMIN_DN_DESC + EOF + + # Let's provide for multiple diety possibilies O_o! + # This is a group explicitly linked to wheel + cat >> $LDIF_OUT <<-EOF + + dn: cn=${ADMIN_GROUP_DN},$GRP_DN + gidNumber: $(getent group wheel | cut -f3 -d:) + cn: $ADMIN_GROUP_DN + # RFCs will eventually define posixGroup as an AUXILIARY class and + # not a STRUCTURAL class, then we'll have to uncomment groupOfNames + #objectClass: groupOfNames + objectClass: posixGroup + description: $DESC NOTE: This group OVERLAPS the local wheel account + EOF +} + +creade_db() +{ + # NOTE: setting ${ROOT} here is irrelevant since this function should not be + # called unless ROOT=/ + + # This is bad, I know...all of this should be done using the installed + # openldap version (don't know how to get the installed version from portage) + einfo "Adding default DB_CONFIG file do DB directory." + mkdir -p $DBDIR + bzcat /usr/share/doc/openldap-*/DB_CONFIG.fast.example.bz2 > /$DBDIR/DB_CONFIG + + einfo "Initiating the database" + slapadd -v -b $ROOTDN -l $LDIF_OUT + # had ldap been online: + #ldapadd -x -D $ROOTDN -w $ROOTDNPWD -f $LDIF_OUT + + einfo "Ensuring proper permissions are set for the data dir." + #chown -R ldap: `awk '/^directory/ {print $2}' $SLAPDCONF` + chown -R ldap: $DBDIR + + einfo "Starting slapd" + /etc/init.d/slapd start || ewarn "Failed to start slapd, check /var/log/messages"; + + einfo "Adding slapd to default runlevel" + rc-update add slapd default +} + +config_diradm() +{ + # diradm has questionnable defaults, we bring them back to + # what most users will expect: + sed -i -e's:HOMEBASE="/home/users":HOMEBASE="/home":' \ + -e 's:DEFAULT_LOGINSHELL="/bin/localshell":DEFAULT_LOGINSHELL="/bin/bash":' \ + ${ROOT}/etc/diradm.conf + + # When we enable automount, we'll add the stuff here +} + + +pkg_config() +{ + [[ -f ${CONFIG_FILE} ]] || die "${CONFIG_FILE} missing!!! re-emerge ${PF}" + if ! use autoconfigure; then + . ${CONFIG_FILE} + [[ $CONFIG_OK != "yes" ]] && die "You need to edit ${CONFIG_FILE} and set CONFIG_OK=\"yes\"" + fi + parse_config ${CONFIG_FILE} + if use authmaster; then + make_slapd_conf + make_ldif + config_diradm + # Don't create the DB on a live system if that's not + # where we want to install + [[ ${ROOT} == "/" ]] && creade_db + [[ $LDIF_OUT_KEEP != "yes" ]] && rm $LDIF_OUT + fi + make_lapd_confs + + # commented for irrelevancy in this ebuild. + #if [[ $LDAP_AS_AUTH == "yes" ]] + #then + install_pam_auth + install_nssswitch + #fi + +} + diff --git a/overlay/sys-cluster/beowulf-head/beowulf-head-0.1.ebuild b/overlay/sys-cluster/beowulf-head/beowulf-head-0.1.ebuild new file mode 100644 index 0000000..6f223ca --- /dev/null +++ b/overlay/sys-cluster/beowulf-head/beowulf-head-0.1.ebuild @@ -0,0 +1,136 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +DESCRIPTION="This is a meta ebuild that pulls in the packages and some config +scripts/files for building the Gentoo Clustering Master node" +HOMEPAGE="http://code.google.com/soc/2008/gentoo/appinfo.html?csaid=79DB497BA0D95148" +SRC_URI="" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~x86" +IUSE="" + +DEPEND="" +RDEPEND="net-nds/ldap-auth + sys-boot/syslinux + net-dns/dnsmasq + app-admin/sudo + net-misc/sipcalc + net-fs/nfs-utils" + +gent_ip_config() +{ + CLUSTER_ETH_IP=$(sipcalc $CLUSTER_ETH | egrep 'Host address\W*-' | cut -d- -f2) + RANGE_START=$(sipcalc $CLUSTER_ETH | egrep 'Host address\W*-' | cut -d- -f2) + IPSTART="${RANGE_START#*.}.$(( ${RANGE_START##*.} +1 ))" + IPSTOP=$(sipcalc $CLUSTER_ETH | egrep 'Usable range\W*-' | cut -d- -f3) + SUBNET=$(sipcalc $CLUSTER_ETH | egrep 'Network mask\W*-' | cut -d- -f2) + NETADDR=$(sipcalc $CLUSTER_ETH | egrep 'Network address' | cut -d- -f2) +} + +dnsmasq_conf() +{ + cat > ${ROOT}/etc/dnsmasq.conf <<-EOF + + # Public interface + except-interface=$ETH + + # Set up the local-only domain + local=/${LOCALDOMAINNAME}/ + domain=$LOCALDOMAINNAME + expand-hosts + + # Some netiquette: + domain-needed + bogus-priv + + # Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client + # probably doesn't support this...... (option 119) + dhcp-option=119,$LOCALDOMAINNAME + # Domain DNS name + dhcp-option=15,$LOCALDOMAINNAME + + enable-tftp + tftp-root=${TFTPROOT} + + dhcp-authoritative + + ### Node definitions, this could be in a separate file + # Turn on the DHCP server, pass out addresses from $IPSTART to $IPSTOP + # with subnet mask of $SUBNET with a 12-hour lease + dhcp-range=nodes,$IPSTART,$IPSTOP,$SUBNET,12h + + # Override the default route supplied by dnsmasq, which assumes the + # router is the same machine as the one running dnsmasq. + dhcp-option=3,$CLUSTER_ETH_IP + + # This tells the clients the hostname and IP of the TFTP server + dhcp-boot=${PXELINUX},$(hostname),$CLUSTER_ETH_IP + + # We are the authoritative DHCP server for this network + dhcp-authoritative + + # address and root path of NFS server + dhcp-option=17,$CLUSTER_ETH_IP:${NFSROOT} + + EOF +} + +pxe_conf() +{ + PROFNAME="$(uname -m)_node" + BOOTPATH="${NFSROOT##$TFTPROOT}" + BOOTPATH="${BOOTPATH#/}/boot" + + mkdir -p ${TFTPROOT}/pxelinux.cfg + cat >> ${TFTPROOT}/pxelinux.cfg/default <<-EOF + prompt 1 + timeout 50 + say Press F1 for boot profiles, default is $PROFNAME in 5 seconds... + F1 BootProfiles + default $PROFNAME + + label $PROFNAME + kernel ${BOOTPATH}/vmlinuz + append initrd=/initramfs ramdisk=8192 ip=dhcp root=nfs;tmpfs + + label local + localboot 0 + + EOF + + cat >> ${TFTPROOT}/BootProfiles <<-EOF + ^L + Type $PROFNAME for regular bootup (default after 5 seconds) + Type local to boot on the local HDD + EOF + + ln -s ${ROOT}/usr/lib/syslinux/pxelinux.0 ${TFTPROOT}/pxelinux.0 + +} + +nfs_root_conf() +{ + cat >> ${ROOT}/etc/exportfs <<-EOF + ${NFSROOT} $NETADDR/$SUBNET(ro,no_root_squash,async,no_subtree_check) + EOF + + mkdir -p ${NFSROOT} + einfo "${NFSROOT} has been populated, all configs point to this root" + einfo "to boot, firthermore, the fonfigs expect the kernel to be" + einfo "${NFSROOT}/boot/vmlinuz" +} + +pkg_config() +{ + dnsmasq_conf + pxe_conf + nfs_root_conf + + for I in dnsmasq netmount; + do + rc-update add $I + done +} diff --git a/overlay/sys-cluster/beowulf-head/files/beowulf_cluster.conf b/overlay/sys-cluster/beowulf-head/files/beowulf_cluster.conf new file mode 100644 index 0000000..7b223d5 --- /dev/null +++ b/overlay/sys-cluster/beowulf-head/files/beowulf_cluster.conf @@ -0,0 +1,36 @@ +# Clustering template configuration file +# Eric Thibodeau June 2008 + +# PUBETH is the public-side ETH, which means dnsmasq won't listen on this +# interfaces, any other interface will be taken in charge by dnsmasq. +PUBETH="eth0" + +# CLUSTER_ETH defines the interface connected to the cluster's +# _PRIVATE_ network. All relevant information is derived automatically +# from this interface's configuration to create the proper address +# mapping using net-misc/sipcalc +# IMPORTANT, it is ASSumed the interface has an address of NETWORKSADDR+1 +# this means that, if the cluster network base is 10.0.0.0/24, we assume +# eth1 to be 10.0.0.1, other configurations are beyond the scope of this +# automation script and you shouldn't even be using it in this case ;) +CLUSTER_ETH="eth1" + +# Not sure we want this to be (auto)configurable since +# we are building an isolated (true) Beowulf cluster +# where the nodes aren't supposed to be accessible from +# the outside. For the same reason, we don't set up +# routing on the head server. +LOCALDOMAINNAME="cluster.local" + +# This is where the boot images and boot files are stored, +# including pxelinux and kernel stuff. +TFTPROOT="/tftproot" + +# This is the location of the pxelinux.0 file used for booting. +# The file is provided by sys-boot/syslinux. +PXELINUX="${TFTPROOT}/pxelinux.0" + +# This is where the NFS booted image resides, for practical reasons, +# this is kept within TFTPROOT: +NFSROOT="${TFTPROOT}/nfsroot/$(uname -m)" + |