netpass-devel Mailing List for NetPass (Page 17)
Brought to you by:
jeffmurphy
Menu
▾
▴
netpass-devel — Developer Discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
(39) |
May
(103) |
Jun
(89) |
Jul
(22) |
Aug
(100) |
Sep
(21) |
Oct
(5) |
Nov
|
Dec
(7) |
| 2006 |
Jan
(25) |
Feb
(8) |
Mar
(12) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:20
|
Update of /cvsroot/netpass/NetPass/www/components/Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/www/components/Client Modified Files: BeginScan Remediate ShowResults Log Message: QC results management, client code cleanup, admin perms cleanup Index: ShowResults =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/ShowResults,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- ShowResults 24 Apr 2005 03:42:03 -0000 1.3 +++ ShowResults 1 May 2005 05:44:11 -0000 1.4 @@ -21,6 +21,7 @@ if ($nres == 0) { my $sid = $results->{'id'}->[0]; + my $rid = $results->{'rowid'}->[0]; my ($shortName, $info, $description, $type); $type = $results->{'type'}->[0]; @@ -42,7 +43,7 @@ } print qq{<tr><td colspan=3 align="right"> }; - print $q->submit(-name=>"fixed:$type:$sid", -value=>'Fixed') unless $pquar; + print $q->submit(-name=>"fixed:$type:$sid:$rid", -value=>'Fixed') unless $pquar; print qq{</td>}; print qq{</tr><tr><td colspan=3>}; @@ -66,6 +67,7 @@ my $autoexpand = ($nres <= ($np->cfg->policy(-key => 'RESULTS_EXPAND', -network =>$ip)-1)); for(my $resultNum = 0 ; $resultNum <= $nres ; $resultNum++) { my $sid = $results->{'id'}->[$resultNum]; + my $rid = $results->{'rowid'}->[$resultNum]; my ($shortName, $info, $description, $type); $type = $results->{'type'}->[$resultNum]; @@ -83,7 +85,7 @@ $type = "manual"; $shortName = "Database failure."; $info = "msg:dbfailure"; - $description = "Sorry, something didn't work out quite right when I was looking at my database."; + $description = "Sorry, something didn't work out quite right while I was looking at my database."; } print qq{<tr><td width="3%" align=center>}; @@ -95,7 +97,7 @@ } print qq{</td><td>$shortName</td>}; print qq{<td width="1%" align="right"> }; - print $q->submit(-name=>"fixed:$type:$sid", -value=>'Fixed') unless $pquar; + print $q->submit(-name=>"fixed:$type:$sid:$rid", -value=>'Fixed') unless $pquar; print qq{</td>}; print qq{</tr><tr><td colspan=3 class="gray">}; Index: BeginScan =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/BeginScan,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- BeginScan 19 Apr 2005 04:01:23 -0000 1.6 +++ BeginScan 1 May 2005 05:44:11 -0000 1.7 @@ -86,9 +86,6 @@ goto scan_finished; } - $m->session->{'nessus'} = []; - $m->session->{'nessus_defaults'} = {}; - print $q->table( { -width => "500", # $progress_bar_width (see callback above) -border => 0, -bgcolor => '#EFEFEF' @@ -132,8 +129,6 @@ foreach my $nes ( @holes ) { my $sid = $nes->ScanID; $m->comp('/Audit', msg => [ "Found vulnerability: $sid" ] ); - push(@{$m->session->{'nessus'}}, $sid); - $m->session->{'nessus_defaults'}->{$sid} = $nes->Description; $np->db->addResult(-type => 'nessus', -mac => $mac, -id => $sid); } } @@ -142,18 +137,7 @@ $nessus = undef; - # DEBUG TESTING - #push(@{$m->session->{'nessus'}}, 10024); - #push(@{$m->session->{'nessus'}}, 11633); - #push(@{$m->session->{'nessus'}}, 10283); - #push(@{$m->session->{'nessus'}}, 10390); - #push(@{$m->session->{'nessus'}}, 10794); - # DEBUG TESTING - - - my $number_of_holes = $#{$m->session->{'nessus'}}+1; - - if($number_of_holes > 0) { + if($#holes > -1) { _log("DEBUG", "$mac $ip end scan need remediation\n"); $m->comp('/Audit', msg => [ 'Scan Complete. Machine is not Clean. Forwarding to Remediation Step.' ] ); $m->session->{'phase'} = 'REMEDIATE'; Index: Remediate =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Client/Remediate,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- Remediate 27 Apr 2005 03:54:07 -0000 1.9 +++ Remediate 1 May 2005 05:44:11 -0000 1.10 @@ -42,17 +42,12 @@ print $q->br; -$m->session->{'nessus'} = [] if(!$m->session->{'nessus'}); -$m->session->{'nessus_defaults'} = {} if(!$m->session->{'nessus_defaults'}); - foreach my $sid (keys %ARGS) { if($ARGS{$sid} eq 'Fixed') { - my ($type, $id) = (split(':', $sid))[1,2]; - _log ("INFO", "$mac $ip user claims $type:$id is fixed.\n"); - my @foo = grep(!/^$sid/, @{$m->session->{'nessus'}}); - $m->session->{'nessus'} = \@foo; - my $rv = $np->db->updateResult(-mac => $mac, -type => $type, -id => $id, - -status => 'user-fixed'); + my ($type, $id, $rid) = (split(':', $sid))[1,2,3]; + _log ("INFO", "$mac $ip user claims $type:$id:$rid is fixed.\n"); + my $rv = $np->db->updateResult(-mac => $mac, -ip => $ip, + -rowid => $rid, -status => 'user-fixed'); if ($rv) { _log ("ERROR", "$mac $ip failed to updateResult($type:$id): $rv\n"); } |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:20
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/www/htdocs/Admin/cmd Added Files: setresult.mhtml Log Message: QC results management, client code cleanup, admin perms cleanup --- NEW FILE: setresult.mhtml --- <%doc> </%doc> <%args> $ma => ''; $rid => ''; $st => ''; </%args> <%perl> $ma = NetPass::padMac($ma); my $rv = $np->db->getRegisterInfo(-mac => $ma); if (ref($rv) ne "HASH") { print "NOK $rid $rv\n"; } else { # validate perms # find mac's network # find mac's netgroup # do you have quaradmin or admin on the network or netgroup? my $nw = $np->cfg->getMatchingNetwork(-ip => $rv->{$ma}->{'ipAddress'}); if ($nw eq "none") { print "NOK $rid client's IP is not a part of NetPass\n"; } else { my $ng = $np->cfg->getNetgroup($nw); my ($isOK, $groups) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin', 'QuarAdmin' ]); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); if ($isRoot || ($isOK && (grep (/^$nw$/, @$groups) || grep (/^$ng$/, @$groups)))) { $rv = $np->db->updateResult(-mac => $ma, -rowid => $rid, -status => $st); if ($rv) { print "NOK $rid failed: $rv\n"; } else { print "OK $rid\n"; } } else { print "NOK $rid permission denied\n"; } } } </%perl> |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:20
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/www/components/Admin Modified Files: LockConfig Log Message: QC results management, client code cleanup, admin perms cleanup Index: LockConfig =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/LockConfig,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- LockConfig 29 Apr 2005 00:30:07 -0000 1.4 +++ LockConfig 1 May 2005 05:44:11 -0000 1.5 @@ -1,6 +1,7 @@ <%doc> </%doc> <%args> + $enabledWhenLocked => ''; </%args> <script language="JavaScript"> |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:19
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/lib/NetPass Modified Files: DB.pm Log Message: QC results management, client code cleanup, admin perms cleanup Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.36 retrieving revision 1.37 diff -u -d -r1.36 -r1.37 --- DB.pm 29 Apr 2005 00:30:07 -0000 1.36 +++ DB.pm 1 May 2005 05:44:10 -0000 1.37 @@ -2070,7 +2070,7 @@ Returns - HASHREF on success (so addResult && die should work) + HASHREF on success "invalid mac" if mac doesnt look right ([0-9a-f]) or is "remote" "invalid type" if type is invalid "invalid parameters" if the routine was called improperly @@ -2083,7 +2083,9 @@ print $hr->{'type'}->[0] , ' ', $hr->{'id'}->[0] , ' ', + $hr->{'row'}->[0] , ' ', $hr->{'timestamp'}->[0], ' ', + $hr->{'dt'}->[0] , ' ', $hr->{'status'}->[0]; =cut @@ -2128,7 +2130,7 @@ $t ||= ''; $i ||= ''; - my $sql = "SELECT unix_timestamp(dt) AS timestamp, testType AS type, status, id FROM results WHERE macAddress = " . $self->dbh->quote($m); + my $sql = "SELECT unix_timestamp(dt) AS timestamp, dt, testType AS type, status, id, rowid FROM results WHERE macAddress = " . $self->dbh->quote($m); $sql .= " AND testType = ".$self->dbh->quote($t) if ($t ne ""); $sql .= " AND ID = ".$self->dbh->quote($i) if ($i ne ""); @@ -2138,6 +2140,8 @@ $self->reconnect() || return "db failure"; + #_log("DEBUG", "sql=$sql\n"); + my $rv = $self->dbh->selectall_arrayref($sql); if (!defined($rv)) { @@ -2145,19 +2149,22 @@ return "db failure\n".$self->dbh->errstr; } - my $hv = { 'timestamp' => [], 'type' => [], 'status' => [], 'id' => [], 'sql' => $sql }; + my $hv = { 'timestamp' => [], 'dt' => [], 'type' => [], 'status' => [], + 'rowid' => [], 'id' => [], 'sql' => $sql }; foreach my $row (@{$rv}) { push @{$hv->{'timestamp'}}, $row->[0]; - push @{$hv->{'type'}} , $row->[1]; - push @{$hv->{'status'}} , $row->[2]; - push @{$hv->{'id'}} , $row->[3]; + push @{$hv->{'dt'}} , $row->[1]; + push @{$hv->{'type'}} , $row->[2]; + push @{$hv->{'status'}} , $row->[3]; + push @{$hv->{'id'}} , $row->[4]; + push @{$hv->{'rowid'}} , $row->[5]; } return $hv; } -=head2 updateResult(-mac => '', -type => '', -id => '', -status => [fixed|user-fixed|pending]) +=head2 updateResult(-mac => '', -ip => '', -rowid => '', -status => [fixed|user-fixed|pending]) Set the status of the matching result to whatever you specified. @@ -2173,11 +2180,11 @@ my $parms = parse_parms({ -parms => \@_, - -required => [ qw(-mac -type -id -status) ], + -required => [ qw(-rowid -status) ], -defaults => { - -mac => undef, - -type => '', - -id => '', + -rowid => '', + -mac => '', + -ip => '', -status => 'user-fixed', } } @@ -2186,41 +2193,21 @@ return "invalid parameters\n".Carp::longmess (Class::ParmList->error) if (!defined($parms)); - my ($m, $t, $i, $s) = $parms->get('-mac', '-type', '-id', '-status'); + my ($mac, $ip, $rid, $s) = $parms->get('-mac', '-ip', '-rowid', '-status'); if ($s !~ /^(pending|fixed|user-fixed)$/) { _log("WARNING", "invalid 'status' of '$s' given\n"); return "invalid paramters (status=$s)"; } - if ($m =~ /REMOTE/) { - _log("WARNING", "cant modify result for remote client\n"); - return "invalid mac"; - } - - $m = NetPass::padMac($m); - - if ($m !~ /^[0-9a-f]+$/) { - _log("WARNING", "$m invalid mac address. not 0-9a-f\n"); - return "invalid mac"; - } - - $t ||= ''; - $i ||= ''; - - my $sql = "UPDATE results SET status = ".$self->dbh->quote($s)." WHERE macAddress = " . $self->dbh->quote($m); - - $sql .= " AND testType = ".$self->dbh->quote($t) if ($t ne ""); - $sql .= " AND ID = ".$self->dbh->quote($i) if ($i ne ""); + my $sql = "UPDATE results SET status = ".$self->dbh->quote($s)." WHERE rowid = " . $self->dbh->quote($rid); $self->reconnect() || return "db failure"; my $rv = $self->dbh->do($sql); - #_log("DEBUG", "sql=$sql\n"); - if (!defined($rv)) { - _log ("ERROR", qq{$m sql failure sql="$sql" err=}.$self->dbh->errstr); + _log ("ERROR", qq{$mac $ip sql failure sql="$sql" err=}.$self->dbh->errstr); return "db failure\n".$self->dbh->errstr; } |
|
From: jeff m. <jef...@us...> - 2005-05-01 05:44:19
|
Update of /cvsroot/netpass/NetPass/install.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv6281/install.d Modified Files: tables.sql Log Message: QC results management, client code cleanup, admin perms cleanup Index: tables.sql =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/tables.sql,v retrieving revision 1.14 retrieving revision 1.15 diff -u -d -r1.14 -r1.15 --- tables.sql 27 Apr 2005 03:54:06 -0000 1.14 +++ tables.sql 1 May 2005 05:44:10 -0000 1.15 @@ -20,58 +20,64 @@ switchPort SMALLINT, PRIMARY KEY(macAddress) -) TYPE=NDBCLUSTER; +) ENGINE=NDBCLUSTER; CREATE TABLE results ( + rowid INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, macAddress VARCHAR(32) NOT NULL, dt DATETIME NOT NULL, testType VARCHAR(32), #enum('nessus', 'snort', 'manual') NOT NULL, ID VARCHAR(128), status enum('pending', 'user-fixed', 'fixed') NOT NULL default 'pending', - INDEX (macAddress), - INDEX (macAddress, testType), - INDEX (macAddress, status), -) TYPE=NDBCLUSTER; + PRIMARY KEY(rowid) +) ENGINE=NDBCLUSTER; + +CREATE INDEX results_idx1 ON results (macAddress); +CREATE INDEX results_idx2 ON results (macAddress, testType); +CREATE INDEX results_idx3 ON results (macAddress, status); CREATE TABLE policy ( name VARCHAR(128) NOT NULL, val VARCHAR(128) NOT NULL, PRIMARY KEY(name) -) TYPE=NDBCLUSTER; +) ENGINE=NDBCLUSTER; CREATE TABLE users ( username VARCHAR(128) NOT NULL, groups VARCHAR(128) NOT NULL, PRIMARY KEY (username) -) TYPE=NDBCLUSTER; +) ENGINE=NDBCLUSTER; -reate table config ( +CREATE TABLE config ( rev integer unsigned not null auto_increment, dt datetime not null, xlock integer not null default 0, user varchar(128) not null, log text, config text, - primary key (rev), - index (dt) + PRIMARY KEY (rev) ) type=ndbcluster; +CREATE INDEX config_idx1 ON config (dt); + CREATE TABLE passwd ( username VARCHAR(128) NOT NULL, password VARCHAR(128), PRIMARY KEY(username) -) TYPE=NDBCLUSTER; +) ENGINE=NDBCLUSTER; INSERT INTO users VALUES ('netpass', 'default+Admin'); INSERT INTO passwd VALUES ('netpass', ENCRYPT('netpass', 'xx')); CREATE TABLE pages ( + rowid INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, network VARCHAR(128) NOT NULL default 'default', name VARCHAR(128) NOT NULL, content TEXT, - UNIQUE INDEX (name, network) -) TYPE=NDBCLUSTER; + PRIMARY KEY (rowid) +) ENGINE=NDBCLUSTER; +CREATE UNIQUE INDEX pages_idx1 ON pages (name, network); CREATE TABLE portMoves ( serverid VARCHAR(128) NOT NULL, @@ -87,7 +93,7 @@ INDEX (status), /* we often query on status */ INDEX (requested), INDEX (switchIP, switchPort) -) TYPE=NDBCLUSTER; +) ENGINE=MyISAM; CREATE TABLE audit ( ts DATETIME NOT NULL, @@ -105,18 +111,21 @@ INDEX (ipAddress), INDEX (macAddress(12)), INDEX (ts) -) TYPE=NDBCLUSTER; +) ENGINE=MyISAM; CREATE TABLE clientHistory ( + chid INTEGER UNSIGNED AUTO_INCREMENT NOT NULL, macAddress VARCHAR(32) NOT NULL, username VARCHAR(32) NOT NULL, dt DATETIME NOT NULL, notes TEXT NOT NULL, - INDEX(macAddress), - INDEX(dt) -) TYPE=NDBCLUSTER; + PRIMARY KEY (chid) +) ENGINE=NDBCLUSTER; -CREATE TABLE `nessusScans` ( +CREATE INDEX clientHistory_idx1 ON clientHistory (macAddress); +CREATE INDEX clientHistory_idx2 ON clientHistory (dt); + +CREATE TABLE nessusScans ( `pluginID` int(10) unsigned NOT NULL default '0', `name` varchar(255) default NULL, `family` varchar(255) default NULL, @@ -134,9 +143,10 @@ `cve` varchar(255) default NULL, `bugtraq` varchar(255) default NULL, `other_refs` varchar(255) default NULL, - PRIMARY KEY (`pluginID`), - KEY `status` (`status`) -) TYPE=NDBCLUSTER; + PRIMARY KEY (`pluginID`) +) ENGINE=NDBCLUSTER; + +CREATE INDEX nessusScans_idx1 ON nessusScans (status); CREATE TABLE `snortRules` ( `snortID` int(10) unsigned NOT NULL default '0', @@ -156,12 +166,9 @@ `other_refs` varchar(255) default NULL, PRIMARY KEY (`snortID`), KEY `status` (`status`) -) TYPE=NDBCLUSTER; +) ENGINE=NDBCLUSTER; -# ENUM('httpd', 'nessusd', 'garp', 'squid', 'resetport', -# 'portmover', 'macscan', 'netpass', 'npcfgd', -# 'npstatusd', 'npsnortctl', 'npsnortd', 'unquar-all', -# 'quar-all'), +CREATE INDEX snortRules_idx1 ON snortRules (status); CREATE TABLE appStarter ( rowid INTEGER UNSIGNED AUTO_INCREMENT, @@ -170,27 +177,34 @@ action ENUM('start', 'stop', 'restart'), actionAs VARCHAR(16), status ENUM('pending', 'completed'), - PRIMARY KEY (rowid), - INDEX (status) -) TYPE=NDBCLUSTER; + PRIMARY KEY (rowid) +) ENGINE=NDBCLUSTER; + +CREATE INDEX appStarter_idx1 ON appStarter (status); CREATE TABLE stats_procs ( + rowid INTEGER UNSIGNED AUTO_INCREMENT, `serverid` varchar(128) NOT NULL, `dt` datetime NOT NULL, `proc` varchar(128) NOT NULL, `count` integer NOT NULL, - INDEX(dt), - INDEX(proc) -) TYPE=NDBCLUSTER; + PRIMARY KEY (rowid) +) ENGINE=NDBCLUSTER; + +CREATE INDEX stats_procs_idx1 ON stats_procs (dt); +CREATE INDEX stats_procs_idx1 ON stats_procs (proc); CREATE TABLE urlFilters ( + rowid INTEGER UNSIGNED AUTO_INCREMENT, url varchar(254) not null, dst varchar(254), network varchar(128) not null, action enum('permit', 'soft-redirect', 'hard-redirect', 'block') not null, - unique index (url, network) + PRIMARY KEY (rowid) ); +CREATE UNIQUE INDEX on urlFilters (url, network); + insert into urlFilters values ('itpolicies\.buffalo\.edu', NULL, 'default', 'permit'); insert into urlFilters values ('netpass\.buffalo\.edu', NULL, 'default', 'permit'); |
|
From: jeff m. <jef...@us...> - 2005-05-01 04:54:48
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14240/www/htdocs/Admin/cmd Log Message: Directory /cvsroot/netpass/NetPass/www/htdocs/Admin/cmd added to the repository |
|
From: Matt <mt...@us...> - 2005-05-01 04:33:41
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4775 Modified Files: mysqlcluster.txt Log Message: Index: mysqlcluster.txt =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/mysqlcluster.txt,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- mysqlcluster.txt 29 Apr 2005 00:30:06 -0000 1.4 +++ mysqlcluster.txt 1 May 2005 04:33:31 -0000 1.5 @@ -63,6 +63,7 @@ [MYSQLD] [MYSQLD] -4. copy ndb_mgmd from npw1-d and place in /var/lib/mysql-cluster +4. download and install MySQL-ndb-management-4.1.11-0.i386.rpm from either +dev.mysql.com or http://foobar.cit.buffalo.edu/netpass/ttt/ # use startup script included with netpass to start mgmd daemon 5. /etc/init.d/ndbmgmd start |
|
From: Matt <mt...@us...> - 2005-04-30 18:08:13
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25002 Modified Files: ndbmgmd Log Message: Index: ndbmgmd =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/init.d/ndbmgmd,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- ndbmgmd 28 Apr 2005 07:04:20 -0000 1.1 +++ ndbmgmd 30 Apr 2005 18:08:04 -0000 1.2 @@ -8,7 +8,8 @@ . /etc/rc.d/init.d/functions CLUSTERDIR=/var/lib/mysql-cluster -NDBMGMD=/var/lib/mysql-cluster/ndb_mgmd +NDBMGMD=/usr/sbin/ndb_mgmd +NDBMGM=/usr/bin/ndb_mgm case "$1" in start) @@ -22,8 +23,13 @@ killproc ndb_mgmd echo ;; + clusterstop) + echo -n "Shutting Down Cluster: " + $NDBMGM -e shutdown + echo + ;; *) - echo "Usage: $0 {start|stop}" + echo "Usage: $0 {start|stop|clusterstop}" exit 2 esac |
|
From: Matt <mt...@us...> - 2005-04-29 04:54:51
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29868 Modified Files: netpass-install.sxw Log Message: Index: netpass-install.sxw =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/netpass-install.sxw,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 Binary files /tmp/cvsRxPuZV and /tmp/cvsPCJoJF differ |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:32:43
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5679 Modified Files: MANIFEST Log Message: manifest Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.31 retrieving revision 1.32 diff -u -d -r1.31 -r1.32 --- MANIFEST 29 Apr 2005 00:30:05 -0000 1.31 +++ MANIFEST 29 Apr 2005 00:32:35 -0000 1.32 @@ -181,7 +181,6 @@ www/htdocs/Admin/qc.mhtml www/htdocs/Admin/user.mhtml www/htdocs/Admin/urlfilter.mhtml -www/htdocs/Admin/test.html www/htdocs/Admin/clienthistory.mhtml www/htdocs/Admin/help.mhtml www/htdocs/Admin/chpwd.mhtml |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:32:04
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5272 Modified Files: install Log Message: RH WS/AS Index: install =================================================================== RCS file: /cvsroot/netpass/NetPass/install,v retrieving revision 1.18 retrieving revision 1.19 diff -u -d -r1.18 -r1.19 --- install 19 Apr 2005 01:40:33 -0000 1.18 +++ install 29 Apr 2005 00:31:55 -0000 1.19 @@ -1201,7 +1201,7 @@ ll("getDistVersion: looks like FC $1\n"); return ("FC", $1); } - if ($l =~ /Red Hat Enterprise Linux AS release (\d+)/i) { + if ($l =~ /Red Hat Enterprise Linux [WA]S release (\d+)/i) { ll("getDistVersion: looks like RHAS $1\n"); return ("RHAS", $1); } |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:31:07
|
Update of /cvsroot/netpass/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4093 Modified Files: MANIFEST Log Message: user/group work Index: MANIFEST =================================================================== RCS file: /cvsroot/netpass/NetPass/MANIFEST,v retrieving revision 1.30 retrieving revision 1.31 diff -u -d -r1.30 -r1.31 --- MANIFEST 27 Apr 2005 03:54:05 -0000 1.30 +++ MANIFEST 29 Apr 2005 00:30:05 -0000 1.31 @@ -39,31 +39,11 @@ doc/lvs/setup.txt doc/lvs/getint.c doc/lvs/lvs-netpass.patch -doc/website/img/arrows.png -doc/website/img/arrows.svg -doc/website/img/arrows.xcf -doc/website/img/arrows2.png -doc/website/img/arrows3.png -doc/website/img/eye.png -doc/website/img/eye.svg -doc/website/img/eye2.png -doc/website/img/eye3.png -doc/website/img/index.html -doc/website/img/overview.png -doc/website/img/overview.svg -doc/website/img/quar.png -doc/website/img/quar.png.svg -doc/website/img/rem.png -doc/website/img/rem.svg doc/website/supequip.html doc/website/index.html doc/website/install.html doc/website/site.css doc/website/deploy.html -doc/website/new/images/arrowback.gif -doc/website/new/images/logo.png -doc/website/new/images/logo.xcf -doc/website/new/index.html doc/website/roadmap.html doc/insert_docs_from_ascit.pl doc/Netpass_Overview.txt @@ -109,6 +89,7 @@ install.d/init.d/swatch install.d/init.d/mysqld install.d/init.d/snortd +install.d/init.d/ndbmgmd install.d/crontab.netpass install.d/httpd.conf install.d/fstab |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:30:18
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4093/www/htdocs/Admin Modified Files: qc.mhtml user.mhtml Log Message: user/group work Index: qc.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/qc.mhtml,v retrieving revision 1.17 retrieving revision 1.18 diff -u -d -r1.17 -r1.18 --- qc.mhtml 27 Apr 2005 03:54:08 -0000 1.17 +++ qc.mhtml 29 Apr 2005 00:30:07 -0000 1.18 @@ -25,6 +25,8 @@ <%perl> +return unless $m->comp('/Admin/Login', %ARGS); + my @rwGroups = ('Admin', 'QuarAdmin'); my @roGroups = ('Reports'); my $readOnly = "disabled"; @@ -43,7 +45,7 @@ else { print $q->p({-class=>'error'}, "Sorry, you don't have permission to access this form.<P>"); - return; + return; } my $statuses = ['QUAR','PQUAR','UNQUAR','PUNQUAR']; # love the grammer! @@ -176,7 +178,7 @@ ) ); -return if(!$submit && !$search); +goto end_of_page if(!$submit && !$search); if($submit) { if ($readOnly eq "") { @@ -186,9 +188,9 @@ } } else { # this really shouldnt happen. we dont give them a submit button - $np->db->audit( -user => $m->session->{'username'}, + $np->db->audit( -user => $m->session->{'username'}, -severity => "ALERT", - -msg => [ "tried to change QuarControl but is ReadOnly" ]); + -msg => [ "tried to change QuarControl but is ReadOnly" ]); } } @@ -225,7 +227,7 @@ $q->th("Unquar<BR>When?") . $q->th("Status") . $q->th("History") . - $q->th("Message") + $q->th("Add Result") ) ); @@ -298,6 +300,8 @@ print $q->table({-width=>'80%'}, @rows); +end_of_page:; + print $q->p(); print $q->end_form(); @@ -326,10 +330,14 @@ my @params = (); if($mac) { - my @macList = split("\n", $mac); + $mac =~ s/\n/ /g; + $mac =~ s/\r/ /g; + $mac =~ s/\s+/ /g; + my @macList = split(/\s/, $mac); if ($#macList > 0) { my @_clause; for(my $ml = 0; $ml <= $#macList ; $ml++) { + next unless $macList[$ml] ne ""; $macList[$ml] =~ s/://g; $macList[$ml] = lc($macList[$ml]); push @_clause, "macAddress=?"; @@ -404,7 +412,7 @@ my @msgs = (''); while(my $m = $sth->fetchrow_arrayref) { - push(@msgs, $m->[0]); + push(@msgs, $m->[0]); } $sth->finish; Index: user.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/user.mhtml,v retrieving revision 1.19 retrieving revision 1.20 diff -u -d -r1.19 -r1.20 --- user.mhtml 25 Apr 2005 02:52:48 -0000 1.19 +++ user.mhtml 29 Apr 2005 00:30:08 -0000 1.20 @@ -231,7 +231,7 @@ } - $np->db->setUsersAndGroups(-userhash => $uh, -whoami => $m->{'session'}->{'username'}, + $np->db->setUsersAndGroups(-userhash => $uh, -whoami => $m->session->{'username'}, -ip => $ENV{'REMOTE_ADDR'}); # because some of the above might have altered this hash, we reload it from the |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:30:18
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4093/doc Modified Files: mysqlcluster.txt Log Message: user/group work Index: mysqlcluster.txt =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/mysqlcluster.txt,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- mysqlcluster.txt 28 Apr 2005 06:55:13 -0000 1.3 +++ mysqlcluster.txt 29 Apr 2005 00:30:06 -0000 1.4 @@ -1,3 +1,5 @@ +http://dev.mysql.com/doc/mysql/en/mysql-cluster-faq.html + # # mysql storage node setup (npw1-d, npw2-d) # |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:30:18
|
Update of /cvsroot/netpass/NetPass/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4093/lib/NetPass Modified Files: DB.pm Log Message: user/group work Index: DB.pm =================================================================== RCS file: /cvsroot/netpass/NetPass/lib/NetPass/DB.pm,v retrieving revision 1.35 retrieving revision 1.36 diff -u -d -r1.35 -r1.36 --- DB.pm 27 Apr 2005 03:54:07 -0000 1.35 +++ DB.pm 29 Apr 2005 00:30:07 -0000 1.36 @@ -1398,7 +1398,7 @@ if(defined($u)) { $self->reconnect() || return undef; - my $sql = qq{SELECT groups FROM users WHERE username = '$u'}; + my $sql = qq{SELECT groups FROM users WHERE username = }.$self->dbh->quote($u); my $a = $self->{'dbh'}->selectrow_arrayref($sql); return $self->decomposeGroupMembership($a->[0]); } @@ -1474,7 +1474,7 @@ return "" unless (ref($gh) eq "HASH"); my $gstring = ""; - foreach my $g (keys %$gh) { + foreach my $g (sort keys %$gh) { if (ref($gh->{$g}) eq "ARRAY") { $gstring .= "$g+".join('+', @{$gh->{$g}}).";"; } else { @@ -1545,41 +1545,59 @@ foreach my $u (keys %$uh) { my $groups = $self->composeGroupMembership($uh->{$u}); - _log ("DEBUG", "u $u g $groups\n"); + my $sql = ''; $self->reconnect() || return "db failure database down"; # if groups contains no ACLs, then delete the user. if ($groups !~ /\+/) { - my $sql = qq{DELETE FROM users WHERE username = '$u'}; + $sql = qq{DELETE FROM users WHERE username = '$u'}; if (!$self->{'dbh'}->do($sql)) { - _log("ERROR", "failed to delete user $u ".$self->{'dbh'}->errstr."\n"); + _log("ERROR", "$whoami failed to delete user $u ".$self->{'dbh'}->errstr."\n"); return "db failure ".$self->{'dbh'}->errstr; } else { - _log("INFO", "user $u deleted\n"); + _log("INFO", "$whoami deleted user $u\n"); $self->deletePasswd($u); $self->audit(-ip => $myip, -user => $whoami, -severity => 'ALERT', -msg => [ qq{user $u deleted} ]); } } else { - my $sql = qq{INSERT INTO users (username, groups) VALUES (}; - my $msg = "user added."; - $sql .= $self->dbh->quote($u). ","; - $sql .= $self->dbh->quote($groups). ")"; - if (!$self->dbh->do($sql)) { - $sql = qq{UPDATE users SET groups = }; - $sql .= $self->dbh->quote($groups); - $sql .= " WHERE username = ".$self->dbh->quote($u); - if (!$self->{'dbh'}->do($sql)) { - _log("ERROR", - "failed to change groups to ($groups) for $u ".$self->{'dbh'}->errstr."\n"); - return "db failure ".$self->{'dbh'}->errstr; - } + my $ugh = $self->getUserGroups($u); + if (!defined($ugh)) { + # user doesnt exist + $sql = "NSERT INTO users (username, groups) VALUES ("; + $sql .= $self->dbh->quote($u). ","; + $sql .= $self->dbh->quote($groups). ")"; + if (!$self->dbh->do($sql)) { + _log("ERROR", "failed to add user: $u sql=$sql err=".$self->dbh->errstr); + return "db failured ".$self->dbh->errstr; + } + _log ("INFO", qq{$whoami added user $u groups "$groups"}); + $self->audit(-ip => $myip, -user => $whoami, -severity => 'ALERT', + "user added: $u groups: $groups"); + } + + else { + # user already exists + + my $groups_orig = $self->composeGroupMembership($ugh); + if ($groups ne $groups_orig) { + $sql = qq{UPDATE users SET groups = }; + $sql .= $self->dbh->quote($groups); + $sql .= " WHERE username = ".$self->dbh->quote($u); + if (!$self->{'dbh'}->do($sql)) { + _log("ERROR", + "failed to change groups to ($groups) for $u ".$self->{'dbh'}->errstr."\n"); + return "db failure ".$self->{'dbh'}->errstr; + } + _log ("INFO", qq{$whoami modified user $u groups "$groups_orig" to "$groups"}); + $self->audit(-ip => $myip, -user => $whoami, -severity => 'ALERT', + "groups for $u changed from: $groups_orig to: $groups"); + } } - $self->audit(-ip => $myip, -user => $whoami, -severity => 'ALERT', - "$msg groups for $u changed to: $groups"); } } + return 0; } |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:30:18
|
Update of /cvsroot/netpass/NetPass/doc/website In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4093/doc/website Modified Files: install.html Log Message: user/group work Index: install.html =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/website/install.html,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- install.html 20 Apr 2005 15:42:09 -0000 1.2 +++ install.html 29 Apr 2005 00:30:06 -0000 1.3 @@ -5,7 +5,7 @@ <TITLE></TITLE> <META NAME="GENERATOR" CONTENT="OpenOffice.org 1.1.3 (Linux)"> <META NAME="CREATED" CONTENT="20050420;270300"> - <META NAME="CHANGED" CONTENT="20050420;11385800"> + <META NAME="CHANGED" CONTENT="20050427;9241000"> <STYLE> <!-- @page { size: 8.5in 11in; margin-left: 1.25in; margin-right: 1.25in; margin-top: 1in; margin-bottom: 1in } @@ -200,13 +200,48 @@ and type <FONT FACE="Nimbus Mono L">/etc/init.d/mysqld start</FONT><BR><BR>2b.16. Note: steps 13 and 14 just on management server. Steps 15, 16 on both. Step 17 only on the machine(s) that are <I>not</I> the -management server. Step 18 on both.<BR><BR><BR><B>3. Packages -included with NetPass</B><BR><BR>This version of NetPass includes -pre-built versions of Perl, SquidGuard and Apache. These versions -have been tested and are known to work and included all of the -recommended options. Use of these is optional, but encouraged. This -document doesn't discuss how to set up any of these by hand. The -source distribution includes various scripts (to be documented in the +management server. Step 18 on both.<BR><BR>2b.17. create the NetPass +database on <B><U>all</U></B> cluster members</P> +<P STYLE="margin-bottom: 0in"> <FONT FACE="Nimbus Mono L">mysqladmin +-u root create netpass</FONT></P> +<P STYLE="margin-bottom: 0in"> repeat command on <B><U><SPAN STYLE="font-style: normal">all</SPAN></U></B> +cluster members</P> +<P STYLE="margin-bottom: 0in"><BR> +</P> +<P STYLE="margin-bottom: 0in">2b.18. test cluster by connecting to +one member:</P> +<P STYLE="margin-bottom: 0in"><BR> +</P> +<P STYLE="margin-bottom: 0in"> <FONT FACE="Nimbus Mono L">npw1-d% +mysql -u root netpass</FONT></P> +<P STYLE="margin-bottom: 0in"> <FONT FACE="Nimbus Mono L">mysql> +create table foo (a integer) type=ndbcluster;</FONT></P> +<P STYLE="margin-bottom: 0in"> <FONT FACE="Nimbus Mono L">mysql> +insert into foo values(1);</FONT></P> +<P STYLE="margin-bottom: 0in"><BR> +</P> +<P STYLE="margin-bottom: 0in"> and ensure that table is +replicated onto the other member(s):</P> +<P STYLE="margin-bottom: 0in"><BR> +</P> +<P STYLE="margin-bottom: 0in"> <FONT FACE="Nimbus Mono L">npw2-d% +mysql -u root netpass</FONT></P> +<P STYLE="margin-bottom: 0in"> <FONT FACE="Nimbus Mono L">mysql> +select * from foo;</FONT></P> +<P STYLE="margin-bottom: 0in"> (should return results)</P> +<P STYLE="margin-bottom: 0in"> <FONT FACE="Nimbus Mono L">mysql> +drop table foo;</FONT></P> +<P STYLE="margin-bottom: 0in"><BR> +</P> +<P STYLE="margin-bottom: 0in"><BR> +</P> +<P STYLE="margin-bottom: 0in"><BR><B>3. Packages included with +NetPass</B><BR><BR>This version of NetPass includes pre-built +versions of Perl, SquidGuard and Apache. These versions have been +tested and are known to work and included all of the recommended +options. Use of these is optional, but encouraged. This document +doesn't discuss how to set up any of these by hand. The source +distribution includes various scripts (to be documented in the future) to assist in, for example, building a new copy of Perl with all of the required modules.<BR><BR>This version of NetPass is a pre-release (beta) version of 2.0. As such, it is not available as a @@ -275,24 +310,45 @@ file and make any changes to the <FONT FACE="Nimbus Mono L"><policy> <radius> <ldap> <snmpcommunities> <vlanmap></FONT> and <FONT FACE="Nimbus Mono L"><network></FONT> sections. -Ignore the other sections for now. Save your changes.<BR>4a.4. Import -the configuration into the database: <BR><FONT FACE="Nimbus Mono L">bin/ciconf.pl --i /tmp/netpass.conf</FONT><BR><BR><B>4b. To make changes in the +Ignore the other sections for now. Save your changes.</P> +<P STYLE="margin-bottom: 0in">4a.4. <B>leave ADMIN_AUTH_METHOD set to +NetPass::Auth::DB</B><BR>4a.5. Import the configuration into the +database: <BR><FONT FACE="Nimbus Mono L">bin/ciconf.pl -i +/tmp/netpass.conf</FONT><BR><BR><B>4b. To make changes in the future:</B><BR><BR>4b.1.<FONT FACE="Nimbus Mono L"> bin/coconf.pl -l -o /tmp/netpass.conf</FONT><BR>4b.2. edit the file<BR>4b.3. <FONT FACE="Nimbus Mono L">bin/ciconf.pl -u -i /tmp/netpass.conf</FONT><BR><BR>The intent is to finish the Web UI features within the next week.<BR><BR><B>4c. -Configuring a user.</B> <BR><BR>The user access control feature -should be done late tomorrow. For now, add a user manually:<BR><BR>4c.1. -<FONT FACE="Nimbus Mono L">mysql -u root netpass</FONT><BR>4c.2. -<FONT FACE="Nimbus Mono L">insert into users values ('yourusername', -'default+Admin');</FONT><BR>4c.3. If you've configured Radius and -changed your ADMIN_AUTH_METHOD in <FONT FACE="Nimbus Mono L"><policy></FONT> -then connect to your NetPass virtual name (or directly to one of the -servers) and login. If you are not using Radius, leave the -ADMIN_AUTH_METHOD alone and create a local password:</P> -<P STYLE="margin-bottom: 0in">4c.4. <FONT FACE="Nimbus Mono L">insert -into passwd values ('yourusername', encrypt('yourpassword', 'xx'))</FONT></P> +Configuring users.</B> <BR><BR>To add administrative users to +NetPass:<BR><BR> +</P> +<P STYLE="margin-bottom: 0in">4c.1. Connect to your NetPass server: +http://yourserver/Admin/<BR>4c.2. Login as “netpass” with +a password of “netpass” <BR>4c.3. <FONT FACE="Nimbus Mono L">Go +to the User Editor screen</FONT><BR>4c.4. Add as many users as you +need. The “default” group means “all groups”. +So if you give a user “Admin” permissions to “default” +that means they have full access to everything. +</P> +<P STYLE="margin-bottom: 0in">4c.4.<FONT FACE="Nimbus Roman No9 L"> +If you are <B>not going to use Radius</B> as an authentication +mechanism, then <B>specify a password for each user</B> by clicking +on a user and then clicking on the “change password” +link.</FONT></P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">4c.5. +If you <B>are going to use Radius</B>, then you don't need to specify +a password. Instead, once you've created at least one “Default/Admin” +user, go to the “<FONT FACE="Nimbus Mono L">Configuration->General</FONT>” +screen and change “<B>ADMIN_AUTH_METHOD</B>” to +“<FONT FACE="Nimbus Mono L">NetPass::Auth::Radius</FONT>” +and then commit the changes. </FONT> +</P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">4c.6. +At this point, <B>the “netpass” account will no longer be +usable</B> (unless you have it configured into your Radius server) +and you should use the “Default/Admin” account that you +created in step [4c.4] </FONT> +</P> <P STYLE="margin-bottom: 0in"><BR><BR><BR> </P> <OL START=5> @@ -311,57 +367,62 @@ each redirector</P> <P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5a.4. </FONT>cd /opt/netpass-src/NetPass</FONT></P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5a.5. -</FONT>sudo install.d/install-lvs.sh</FONT><BR> that will -install required packages onto the system</P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5a.6. -</FONT>sudo install.d/lvs</FONT><BR> that will configure ha.cf -and ldirectord.cf</P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5a.5. +</FONT><FONT FACE="Nimbus Mono L">sudo install.d/install-lvs.sh</FONT><BR> + that will install required packages onto the system</P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5a.6. +</FONT><FONT FACE="Nimbus Mono L">sudo install.d/lvs</FONT><BR> +that will configure ha.cf and ldirectord.cf</P> <P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5a.7. </FONT>cp install.d/iptables-lvs.sh /etc/iptables.sh</FONT></P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5a.8. -</FONT>vi /etc/iptables.sh</FONT> and adjust local system rules -(change 128.205's to something appropriate so you can SSH into the -redirectors).</P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5a.9. -</FONT>sudo /etc/iptables.sh ; sudo /etc/init.d/iptables save</FONT><BR><BR><B>5b. -Configuring the interfaces on the redirectors.</B></P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5a.8. +</FONT><FONT FACE="Nimbus Mono L">vi /etc/iptables.sh</FONT> and +adjust local system rules (change 128.205's to something appropriate +so you can SSH into the redirectors).</P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5a.9. +</FONT><FONT FACE="Nimbus Mono L">sudo /etc/iptables.sh ; sudo +/etc/init.d/iptables save</FONT><BR><BR><B>5b. Configuring the +interfaces on the redirectors.</B></P> <P STYLE="margin-bottom: 0in"><BR> </P> <P STYLE="margin-bottom: 0in">Once you've configured your <FONT FACE="Nimbus Mono L"><network></FONT>'s you'll want to do the following (on one of the NetPass servers)<BR><BR> </P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5b.1. -</FONT>bin/coconf.pl -o /tmp/netpass.conf</FONT><BR> (note: no -l -this time since we just want a copy, we dont want to <BR> lock it -since we arent going to edit it)</P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5b.1. +</FONT><FONT FACE="Nimbus Mono L">bin/coconf.pl -o /tmp/netpass.conf</FONT><BR> + (note: no -l this time since we just want a copy, we dont want to +<BR> lock it since we arent going to edit it)</P> <P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5b.2. </FONT>bin/interfacecfg.pl -d 1 > /tmp/redir1.sh</FONT></P> <P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5b.3. </FONT>bin/interfacecfg.pl -d 2 > /tmp/redir2.sh</FONT></P> <P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5b.4. </FONT>scp /tmp/redir1.sh redirector1:/tmp</FONT></P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5b.5. -</FONT>scp /tmp/redir2.sh redirector2:/tmp</FONT><BR><BR><B>5c. -Making the redirector configuration persist across reboots.</B><BR><BR><BR> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5b.5. +</FONT><FONT FACE="Nimbus Mono L">scp /tmp/redir2.sh +redirector2:/tmp</FONT><BR><BR><B>5c. Making the redirector +configuration persist across reboots.</B><BR><BR><BR> </P> <P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5c.1. </FONT>mkdir -p /opt/netpass/bin</FONT></P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5c.2. -</FONT>cp /tmp/redir1.sh /opt/netpass/bin/hascript.sh</FONT></P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5c.3. -</FONT>chmod 755 /opt/netpass/bin/hascript.sh</FONT></P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5c.4. -</FONT>cp /opt/netpass-src/NetPass/install.d/init.d/netpassha -/etc/init.d/</FONT></P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5c.2. +</FONT><FONT FACE="Nimbus Mono L">cp /tmp/redir1.sh +/opt/netpass/bin/hascript.sh</FONT></P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5c.3. +</FONT><FONT FACE="Nimbus Mono L">chmod 755 +/opt/netpass/bin/hascript.sh</FONT></P> +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5c.4. +</FONT><FONT FACE="Nimbus Mono L">cp +/opt/netpass-src/NetPass/install.d/init.d/netpassha /etc/init.d/</FONT></P> <P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5c.5. </FONT>chkconfig --add netpassha</FONT></P> -<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Mono L"><FONT FACE="Nimbus Roman No9 L">5c.6. -</FONT>chkconfig --level 2345 on netpassha</FONT><BR><BR><BR>For now, -if you add or remove a network, you would re-do the appropriate parts -of the 2nd and 3rd sections, above. Note that adding a network -requires a restart of heartbeat (because “haresources” -changes), so existing networks will see a 1-2 minute outage. +<P STYLE="margin-bottom: 0in"><FONT FACE="Nimbus Roman No9 L">5c.6. +</FONT><FONT FACE="Nimbus Mono L">chkconfig --level 2345 on +netpassha</FONT><BR><BR><BR>For now, if you add or remove a network, +you would re-do the appropriate parts of the 2nd and 3rd sections, +above. Note that adding a network requires a restart of heartbeat +(because “haresources” changes), so existing networks +will see a 1-2 minute outage. </P> <P STYLE="margin-bottom: 0in"><BR> </P> |
|
From: jeff m. <jef...@us...> - 2005-04-29 00:30:18
|
Update of /cvsroot/netpass/NetPass/www/components/Admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4093/www/components/Admin Modified Files: LockConfig Login Log Message: user/group work Index: Login =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/Login,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- Login 24 Apr 2005 03:42:03 -0000 1.8 +++ Login 29 Apr 2005 00:30:07 -0000 1.9 @@ -10,13 +10,13 @@ <%args> - $username => undef - $password => undef - $wherefrom => undef + $username => undef; + $password => undef; + $wherefrom => undef; </%args> <%perl> - return 1 if (exists $m->session->{'logged_in'} && + return 1 if (exists $m->session->{'logged_in'} && ($m->session->{'logged_in'} == 1)); my $ip = $ENV{'REMOTE_ADDR'}; @@ -40,7 +40,6 @@ print "<center>Authentication failed.</center><P>"; } } - </%perl> <form method="post" name="mainForm"> Index: LockConfig =================================================================== RCS file: /cvsroot/netpass/NetPass/www/components/Admin/LockConfig,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- LockConfig 27 Apr 2005 03:54:07 -0000 1.3 +++ LockConfig 29 Apr 2005 00:30:07 -0000 1.4 @@ -46,7 +46,7 @@ // button -> red // text -> 'force unlock' b.style.backgroundColor = '#FF7777'; - b.innerHTML = 'Config is Locked by '+ra[2]+'<BR>Force Unock Config'; + b.innerHTML = 'Config is Locked by '+ra[2]+'<BR>Force Unlock Config'; adjust_onClick(b, "return lockConfig(0, 1);"); } } |
|
From: Matt <mt...@us...> - 2005-04-28 16:47:53
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5646 Added Files: snort-2.3.3-vlan.patch Log Message: --- NEW FILE: snort-2.3.3-vlan.patch --- diff -ruN /tmp/snort-2.3.3/src/detection-plugins/Makefile.in snort-2.3.3/src/detection-plugins/Makefile.in --- /tmp/snort-2.3.3/src/detection-plugins/Makefile.in 2005-04-23 15:47:24.000000000 -0400 +++ snort-2.3.3/src/detection-plugins/Makefile.in 2005-04-28 12:25:22.472508632 -0400 @@ -97,7 +97,7 @@ sp_tcp_win_check.c sp_tcp_win_check.h sp_ttl_check.c sp_ttl_check.h \ sp_clientserver.c sp_clientserver.h sp_byte_check.c sp_byte_check.h \ sp_byte_jump.c sp_byte_jump.h sp_pcre.c sp_pcre.h sp_isdataat.c sp_isdataat.h \ -sp_flowbits.c sp_flowbits.h sp_asn1.c sp_asn1.h +sp_flowbits.c sp_flowbits.h sp_asn1.c sp_asn1.h sp_vlan_check.h subdir = src/detection-plugins mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs @@ -120,7 +120,7 @@ sp_tcp_win_check.$(OBJEXT) sp_ttl_check.$(OBJEXT) \ sp_clientserver.$(OBJEXT) sp_byte_check.$(OBJEXT) \ sp_byte_jump.$(OBJEXT) sp_pcre.$(OBJEXT) sp_isdataat.$(OBJEXT) \ - sp_flowbits.$(OBJEXT) sp_asn1.$(OBJEXT) + sp_flowbits.$(OBJEXT) sp_asn1.$(OBJEXT) sp_vlan_check.$(OBJEXT) libspd_a_OBJECTS = $(am_libspd_a_OBJECTS) DEFS = @DEFS@ diff -ruN /tmp/snort-2.3.3/src/detection-plugins/sp_vlan_check.c snort-2.3.3/src/detection-plugins/sp_vlan_check.c --- /tmp/snort-2.3.3/src/detection-plugins/sp_vlan_check.c 1969-12-31 19:00:00.000000000 -0500 +++ snort-2.3.3/src/detection-plugins/sp_vlan_check.c 2005-04-28 12:24:38.742820511 -0400 @@ -0,0 +1,174 @@ +/* +** Copyright (C) 1998-2002 Martin Roesch <ro...@so...> +** +** This program is free software; you can redistribute it and/or modify +** it under the terms of the GNU General Public License as published by +** the Free Software Foundation; either version 2 of the License, or +** (at your option) any later version. +** +** This program is distributed in the hope that it will be useful, +** but WITHOUT ANY WARRANTY; without even the implied warranty of +** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +** GNU General Public License for more details. +** +** You should have received a copy of the GNU General Public License +** along with this program; if not, write to the Free Software +** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +*/ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <sys/types.h> +#include <stdlib.h> +#include <ctype.h> + +#include "rules.h" +#include "decode.h" +#include "parser.h" +#include "plugbase.h" +#include "debug.h" +#include "plugin_enum.h" +#include "util.h" + +typedef struct _VlanData +{ + u_short vlanid; + +} VlanData; + +void VlanCheckInit(char *, OptTreeNode *, int); +void ParseVlan(char *, OptTreeNode *); +int VlanCheck(Packet *, struct _OptTreeNode *, OptFpList *); + + +/**************************************************************************** + * + * Function: SetupVlanCheck() + * + * Purpose: Associate the vlan keyword with VlanCheckInit + * + * Arguments: None. + * + * Returns: void function + * + ****************************************************************************/ +void SetupVlanCheck(void) +{ + /* map the keyword to an initialization/processing function */ + RegisterPlugin("vlan", VlanCheckInit); + + DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Plugin: VlanCheck Initialized\n");); +} + + +/**************************************************************************** + * + * Function: VlanCheckInit(char *, OptTreeNode *) + * + * Purpose: Setup the vlan data struct and link the function into option + * function pointer list + * + * Arguments: data => rule arguments/data + * otn => pointer to the current rule option list node + * + * Returns: void function + * + ****************************************************************************/ +void VlanCheckInit(char *data, OptTreeNode *otn, int protocol) +{ + /* multiple declaration check */ + if(otn->ds_list[PLUGIN_VLAN_CHECK]) + { + FatalError("%s(%d): Multiple vlan options in rule\n", file_name, + file_line); + } + + /* allocate the data structure and attach it to the + rule's data struct list */ + otn->ds_list[PLUGIN_VLAN_CHECK] = (VlanData *) + SnortAlloc(sizeof(VlanData)); + + /* this is where the keyword arguments are processed and placed into the + rule option's data structure */ + ParseVlan(data, otn); + + /* finally, attach the option's detection function to the rule's + detect function pointer list */ + AddOptFuncToList(VlanCheck, otn); +} + + + +/**************************************************************************** + * + * Function: ParseVlan(char *, OptTreeNode *) + * + * Purpose: Convert the vlan option argument to data and plug it into the + * data structure + * + * Arguments: data => argument data + * otn => pointer to the current rule's OTN + * + * Returns: void function + * + ****************************************************************************/ +void ParseVlan(char *data, OptTreeNode *otn) +{ + VlanData *ds_ptr; /* data struct pointer */ + + /* set the ds pointer to make it easier to reference the option's + particular data struct */ + ds_ptr = otn->ds_list[PLUGIN_VLAN_CHECK]; + + /* get rid of any whitespace */ + while(isspace((int)*data)) + { + data++; + } + + ds_ptr->vlanid = (u_short)atoi(data); + + DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Vlan set to %d\n", ds_ptr->vlanid);); +} + + +/**************************************************************************** + * + * Function: VlanCheck(char *, OptTreeNode *) + * + * Purpose: look for the vlanid in the packet and determine if it + * matches the rule. + * + * Arguments: data => argument data + * otn => pointer to the current rule's OTN + * + * Returns: void function + * + ****************************************************************************/ +int VlanCheck(Packet *p, struct _OptTreeNode *otn, OptFpList *fp_list) +{ + u_short vlanid; + + if(!p->vh) + return 0; /* if no vlan header present return 0 + * immediately + */ + + vlanid = VTH_VLAN(p->vh); + + if(((VlanData *)otn->ds_list[PLUGIN_VLAN_CHECK])->vlanid == vlanid) + { + /* call the next function in the function list recursively */ + return fp_list->next->OptTestFunc(p, otn, fp_list->next); + } + else + { + /* you can put debug comments here or not */ + DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN, "No match for sp_vlan_check\n");); + } + + /* if the test isn't successful, return 0 */ + return 0; +} diff -ruN /tmp/snort-2.3.3/src/detection-plugins/sp_vlan_check.h snort-2.3.3/src/detection-plugins/sp_vlan_check.h --- /tmp/snort-2.3.3/src/detection-plugins/sp_vlan_check.h 1969-12-31 19:00:00.000000000 -0500 +++ snort-2.3.3/src/detection-plugins/sp_vlan_check.h 2005-04-28 12:24:38.743820367 -0400 @@ -0,0 +1,6 @@ +#ifndef __SP_VLAN_CHECK_H__ +#define __SP_VLAN_CHECK_H__ + +void SetupVlanCheck(void); + +#endif /* __SP_VLAN_CHECK_H__ */ diff -ruN /tmp/snort-2.3.3/src/plugbase.c snort-2.3.3/src/plugbase.c --- /tmp/snort-2.3.3/src/plugbase.c 2005-04-22 15:03:56.000000000 -0400 +++ snort-2.3.3/src/plugbase.c 2005-04-28 12:26:31.286575359 -0400 @@ -91,6 +91,7 @@ #include "detection-plugins/sp_pcre.h" #include "detection-plugins/sp_flowbits.h" #include "detection-plugins/sp_asn1.h" +#include "detection-plugins/sp_vlan_check.h" #ifdef ENABLE_RESPONSE #include "detection-plugins/sp_react.h" #include "detection-plugins/sp_respond.h" @@ -136,6 +137,7 @@ SetupIcmpCodeCheck(); SetupTtlCheck(); SetupIpIdCheck(); + SetupVlanCheck(); SetupTcpAckCheck(); SetupTcpSeqCheck(); SetupDsizeCheck(); diff -ruN /tmp/snort-2.3.3/src/plugin_enum.h snort-2.3.3/src/plugin_enum.h --- /tmp/snort-2.3.3/src/plugin_enum.h 2003-10-20 11:03:22.000000000 -0400 +++ snort-2.3.3/src/plugin_enum.h 2005-04-28 12:25:54.006956765 -0400 @@ -34,4 +34,5 @@ PLUGIN_TTL_CHECK, PLUGIN_BYTE_TEST, PLUGIN_PCRE, + PLUGIN_VLAN_CHECK, }; |
|
From: jeff m. <jef...@us...> - 2005-04-28 14:22:15
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30944/doc Modified Files: netpass-install.sxw Log Message: install doc Index: netpass-install.sxw =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/netpass-install.sxw,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 Binary files /tmp/cvsA5UAyU and /tmp/cvsgWVp1B differ |
|
From: Matt <mt...@us...> - 2005-04-28 07:21:09
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26080 Modified Files: netpass Log Message: Index: netpass =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/init.d/netpass,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- netpass 14 Apr 2005 18:32:12 -0000 1.2 +++ netpass 28 Apr 2005 07:21:00 -0000 1.3 @@ -60,6 +60,10 @@ echo -n $"Starting macscan: " daemon ${B}/bin/macscan.pl + echo + + echo -n $"Starting npapid: " + daemon ${B}/bin/npapid.pl echo #[ $RETVAL -eq 0 ] && exit $RETVAL @@ -78,6 +82,11 @@ echo -n $"Shutting down macscan: " killproc macscan.pl echo + + echo -n $"Shutting down npapid: " + killproc npapid.pl + echo + return 0 } @@ -98,6 +107,7 @@ status portmover status resetport status macscan + status npapid.pl RETVAL=$? ;; *) |
|
From: Matt <mt...@us...> - 2005-04-28 07:16:26
|
Update of /cvsroot/netpass/NetPass/bin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23769 Modified Files: npapid.pl Log Message: Index: npapid.pl =================================================================== RCS file: /cvsroot/netpass/NetPass/bin/npapid.pl,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- npapid.pl 12 Apr 2005 19:25:30 -0000 1.7 +++ npapid.pl 28 Apr 2005 07:16:17 -0000 1.8 @@ -10,13 +10,11 @@ use IO::SessionSet; use Socket; -#use lib '/opt/netpass/lib'; -use lib '/u1/students/mtbell/NetPass/lib'; +use lib '/opt/netpass/lib'; use RUNONCE; use NetPass::LOG qw(_log _cont); NetPass::LOG::init [ 'npapid', 'local0' ]; #*STDOUT; use NetPass; -use NetPass::Config; use NetPass::API; my $otherPid = RUNONCE::alreadyRunning('npapi'); |
|
From: Matt <mt...@us...> - 2005-04-28 07:04:29
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17257 Added Files: ndbmgmd Log Message: --- NEW FILE: ndbmgmd --- #!/bin/sh # # ndb_mgmd Start/Stop the ndb_mgmd. # # chkconfig: 2345 40 60 # # Source function library. . /etc/rc.d/init.d/functions CLUSTERDIR=/var/lib/mysql-cluster NDBMGMD=/var/lib/mysql-cluster/ndb_mgmd case "$1" in start) echo -n "Starting ndb_mgmd: " cd $CLUSTERDIR daemon $NDBMGMD echo ;; stop) echo -n "Stopping ndb_mgmd: " killproc ndb_mgmd echo ;; *) echo "Usage: $0 {start|stop}" exit 2 esac exit 0 |
|
From: Matt <mt...@us...> - 2005-04-28 06:55:25
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12588 Modified Files: mysqlcluster.txt Log Message: Index: mysqlcluster.txt =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/mysqlcluster.txt,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- mysqlcluster.txt 27 Apr 2005 20:49:06 -0000 1.2 +++ mysqlcluster.txt 28 Apr 2005 06:55:13 -0000 1.3 @@ -13,16 +13,16 @@ 9. chown -R mysql data 10. chgrp -R mysql . 11. mkdir /var/lib/mysql-cluster -# ndbd --initial deletes a bunch of stuff in /var/lib/mysql-cluster -# so only use initial setup -12. run /usr/local/mysql/bin/ndbd --initial -13 kill ndbd 14. edit my.cnf add these lines [mysqld] ndbcluster [mysql_cluster] ndb-connectstring=128.205.10.40;128.205.10.62 +# ndbd --initial deletes a bunch of stuff in /var/lib/mysql-cluster +# so only use initial setup +12. run /usr/local/mysql/bin/ndbd --initial +13 kill ndbd # use mysqld included in netpass, this should start ndbd # normally and mysqld 15. /etc/init.d/mysqld start |
|
From: Matt <mt...@us...> - 2005-04-28 06:51:33
|
Update of /cvsroot/netpass/NetPass/install.d/init.d In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10762 Modified Files: npsnortd Log Message: Index: npsnortd =================================================================== RCS file: /cvsroot/netpass/NetPass/install.d/init.d/npsnortd,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- npsnortd 24 Apr 2005 02:46:19 -0000 1.3 +++ npsnortd 28 Apr 2005 06:51:20 -0000 1.4 @@ -10,10 +10,40 @@ # Source the local configuration file . /etc/sysconfig/npsnortd +if [ "$SNORTLOGFILE"X = "X" ]; then + SNORTLOGFILE="" +else + SNORTLOGFILE="-l $SNORTLOGFILE" +fi + +if [ "$SNORTRULESFILE"X = "X" ]; then + SNORTRULESFILE="" +else + SNORTRULESFILE="-r $SNORTRULESFILE" +fi + +if [ "$NPSNORTDPORT"X = "X" ]; then + NPSNORTDPORT="" +else + NPSNORTDPORT="-P $NPSNORTDPORT" +fi + +if [ "$SNORTPIDFILE"X = "X" ]; then + SNORTPIDFILE="" +else + SNORTPIDFILE="-p $SNORTPIDFILE" +fi + +if [ "$SNORTSTARTUPSCRIPT"X = "X" ]; then + SNORTSTARTUPSCRIPT="" +else + SNORTSTARTUPSCRIPT="-f $SNORTSTARTUPSCRIPT" +fi + case "$1" in start) echo -n "Starting npsnortd: " - daemon /opt/snort/bin/npsnortd.pl -s $NPAPISERVER -S $NPAPISECRET -l $SNORTLOGFILE -r $SNORTRULESFILE -P $NPSNORTDPORT -p $SNORTPIDFILE -f $SNORTSTARTUPSCRIPT + daemon /opt/snort/bin/npsnortd.pl -s $NPAPISERVER -S $NPAPISECRET $SNORTLOGFILE $SNORTRULESFILE $NPSNORTDPORT $SNORTPIDFILE $SNORTSTARTUPSCRIPT echo ;; stop) |
|
From: Matt <mt...@us...> - 2005-04-27 20:49:17
|
Update of /cvsroot/netpass/NetPass/doc In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16864 Modified Files: mysqlcluster.txt Log Message: Index: mysqlcluster.txt =================================================================== RCS file: /cvsroot/netpass/NetPass/doc/mysqlcluster.txt,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- mysqlcluster.txt 19 Apr 2005 19:17:54 -0000 1.1 +++ mysqlcluster.txt 27 Apr 2005 20:49:06 -0000 1.2 @@ -1,3 +1,7 @@ +# +# mysql storage node setup (npw1-d, npw2-d) +# +# do this step after mgmd daemons are config'd and running 1. download mysql from mirrors.cloud9.net/pub/Downloads 2. groupadd mysql 3. useradd -g mysql mysql @@ -9,37 +13,54 @@ 9. chown -R mysql data 10. chgrp -R mysql . 11. mkdir /var/lib/mysql-cluster -12. cd /var/lib/mysql-cluster -13. create config.ini (only on server with mgmt daemon) +# ndbd --initial deletes a bunch of stuff in /var/lib/mysql-cluster +# so only use initial setup +12. run /usr/local/mysql/bin/ndbd --initial +13 kill ndbd +14. edit my.cnf add these lines +[mysqld] +ndbcluster + +[mysql_cluster] +ndb-connectstring=128.205.10.40;128.205.10.62 +# use mysqld included in netpass, this should start ndbd +# normally and mysqld +15. /etc/init.d/mysqld start + +# +# management daemon setup (npr1-d, npr2-d) +# +1. mkdir /var/lib/mysql-cluster +2. cd /var/lib/mysql-cluster +3. create config.ini (only on server with mgmt daemon) [NDBD DEFAULT] NoOfReplicas=2 + [MYSQLD DEFAULT] [NDB_MGMD DEFAULT] [TCP DEFAULT] [NDB_MGMD] ID=10 -HostName=npw2-d.cit.buffalo.edu +HostName=npr1-d.cit.buffalo.edu + +[NDB_MGMD] +ID=11 +HostName=npr2-d.cit.buffalo.edu + [NDBD] ID=1 HostName= npw2-d.cit.buffalo.edu DataDir= /var/lib/mysql-cluster + [NDBD] ID=2 HostName= npw1-d.cit.buffalo.edu DataDir= /var/lib/mysql-cluster + [MYSQLD] [MYSQLD] [MYSQLD] -14. run /usr/local/mysql/bin/ndb_mgmd (only on server with mgmt daemon) -15. run /usr/local/mysql/bin/ndbd --initial -16. edit my.cnf add these lines -[mysqld] -ndbcluster - -# add the following lines to the mysql machines not running mgmt daemon -[mysql_cluster] -ndb-connectstring=128.205.10.137 -17. /etc/init.d/mysqld start - -#steps 13 and 14 just on mgmt server +4. copy ndb_mgmd from npw1-d and place in /var/lib/mysql-cluster +# use startup script included with netpass to start mgmd daemon +5. /etc/init.d/ndbmgmd start |
