From mboxrd@z Thu Jan 1 00:00:00 1970 From: rmccabe@sourceware.org Date: 11 Sep 2007 16:04:48 -0000 Subject: [Cluster-devel] conga/luci ChangeLog configure load_site.py cl ... Message-ID: <20070911160448.31147.qmail@sourceware.org> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit CVSROOT: /cvs/cluster Module name: conga Changes by: rmccabe at sourceware.org 2007-09-11 16:04:36 Modified files: luci : ChangeLog configure load_site.py luci/cluster : fence_device.js form-macros validate_config_multicast.js luci/conga_ssl : SSLClient.cpp SSLClient.h conga_ssl_lib.cpp setup.py luci/docs : config_rhel5 user_manual.html luci/homebase : form-macros luci/logs : index_html luci/plone-custom: README footer global_personalbar login_form_validate.vpy login_success main_template portlet_login luci/site/luci/Extensions: LuciClusterActions.py LuciClusterInfo.py cluster_adapters.py luci/site/luci/Extensions/ClusterModel: ClusterNode.py Cman.py Fence.py FenceDaemon.py Gulm.py Heuristic.py Lockserver.py ModelBuilder.py Multicast.py Rm.py Totem.py luci/site/luci/Products/ManagedSystem: ManagedSystem.py __init__.py luci/site/luci/Products/ManagedSystem/skins: managedsystem_edit_form.cpt managedsystem_view.pt luci/site/luci/bin: runzope.in luci/site/luci/etc: zope.conf.in luci/storage : cache_report check-batch clu_portlet_fetcher form-chooser form-macros index_html mappings_macros mappings_provider portlet_cluconfig portlet_cluconfig_macro validate_html luci/sysconfig : luci Log message: luci whitespace cleanup Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/ChangeLog.diff?cvsroot=cluster&r1=1.5&r2=1.6 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/configure.diff?cvsroot=cluster&r1=1.3&r2=1.4 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/load_site.py.diff?cvsroot=cluster&r1=1.16&r2=1.17 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/cluster/fence_device.js.diff?cvsroot=cluster&r1=1.14&r2=1.15 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/cluster/form-macros.diff?cvsroot=cluster&r1=1.210&r2=1.211 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/cluster/validate_config_multicast.js.diff?cvsroot=cluster&r1=1.6&r2=1.7 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/SSLClient.cpp.diff?cvsroot=cluster&r1=1.4&r2=1.5 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/SSLClient.h.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/conga_ssl_lib.cpp.diff?cvsroot=cluster&r1=1.4&r2=1.5 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/conga_ssl/setup.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/docs/config_rhel5.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/docs/user_manual.html.diff?cvsroot=cluster&r1=1.17&r2=1.18 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/homebase/form-macros.diff?cvsroot=cluster&r1=1.59&r2=1.60 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/logs/index_html.diff?cvsroot=cluster&r1=1.4&r2=1.5 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/README.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/footer.diff?cvsroot=cluster&r1=1.4&r2=1.5 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/global_personalbar.diff?cvsroot=cluster&r1=1.5&r2=1.6 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/login_form_validate.vpy.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/login_success.diff?cvsroot=cluster&r1=1.6&r2=1.7 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/main_template.diff?cvsroot=cluster&r1=1.5&r2=1.6 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/plone-custom/portlet_login.diff?cvsroot=cluster&r1=1.9&r2=1.10 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/LuciClusterActions.py.diff?cvsroot=cluster&r1=1.5&r2=1.6 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/LuciClusterInfo.py.diff?cvsroot=cluster&r1=1.12&r2=1.13 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/cluster_adapters.py.diff?cvsroot=cluster&r1=1.269&r2=1.270 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/ClusterNode.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Cman.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Fence.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/FenceDaemon.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Gulm.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Heuristic.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Lockserver.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/ModelBuilder.py.diff?cvsroot=cluster&r1=1.7&r2=1.8 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Multicast.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Rm.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/ClusterModel/Totem.py.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Products/ManagedSystem/ManagedSystem.py.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Products/ManagedSystem/__init__.py.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Products/ManagedSystem/skins/managedsystem_edit_form.cpt.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Products/ManagedSystem/skins/managedsystem_view.pt.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/bin/runzope.in.diff?cvsroot=cluster&r1=1.4&r2=1.5 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/etc/zope.conf.in.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/cache_report.diff?cvsroot=cluster&r1=1.3&r2=1.4 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/check-batch.diff?cvsroot=cluster&r1=1.2&r2=1.3 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/clu_portlet_fetcher.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/form-chooser.diff?cvsroot=cluster&r1=1.6&r2=1.7 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/form-macros.diff?cvsroot=cluster&r1=1.24&r2=1.25 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/index_html.diff?cvsroot=cluster&r1=1.9&r2=1.10 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/mappings_macros.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/mappings_provider.diff?cvsroot=cluster&r1=1.5&r2=1.6 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/portlet_cluconfig.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/portlet_cluconfig_macro.diff?cvsroot=cluster&r1=1.1&r2=1.2 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/storage/validate_html.diff?cvsroot=cluster&r1=1.3&r2=1.4 http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/sysconfig/luci.diff?cvsroot=cluster&r1=1.1&r2=1.2 --- conga/luci/ChangeLog 2006/07/24 20:17:01 1.5 +++ conga/luci/ChangeLog 2007/09/11 16:04:31 1.6 @@ -1,15 +1,14 @@ -2006-07-24 Stanko Kupcevic - * include zope and plone into rpm if - ../autogen.sh --include_zope_and_plone=yes +2006-07-24 Stanko Kupcevic + * include zope and plone into rpm if + ../autogen.sh --include_zope_and_plone=yes and configure system accordingly -2006-07-18 Stanko Kupcevic +2006-07-18 Stanko Kupcevic * storage: add icons to property dialogs -2006-07-17 Stanko Kupcevic +2006-07-17 Stanko Kupcevic * storage: styling of property dialogs -2006-07-12 Stanko Kupcevic +2006-07-12 Stanko Kupcevic * storage: use pretty properties' names - --- conga/luci/configure 2006/07/24 20:17:01 1.3 +++ conga/luci/configure 2007/09/11 16:04:32 1.4 @@ -19,7 +19,7 @@ done if [ "$INCLUDE_ZOPE_PLONE" = "" ] ; then echo 'please define "include_zope_and_plone" as yes or no' - echo " eg: $0 --include_zope_and_plone=yes" + echo " eg: $0 --include_zope_and_plone=yes" rm -f $MAKE_DEFINES exit 1 fi @@ -47,7 +47,7 @@ LIBDIR_SED=\\/lib X86_64_TMP=`uname -a | grep x86_64` -if [ "$X86_64_TMP" ]; then +if [ "$X86_64_TMP" ]; then LIBDIR_SED=\\/lib64 fi --- conga/luci/load_site.py 2007/02/05 20:08:28 1.16 +++ conga/luci/load_site.py 2007/09/11 16:04:32 1.17 @@ -185,7 +185,7 @@ if verbose: print 'Uploaded', dbid except: print 'Unable to upload', dbid except: print 'Unable to delete', dbid - + def upload_cpt(object, f): dir, name = os.path.split(f) @@ -208,7 +208,7 @@ if verbose: print 'Uploaded', dbid except: print 'Unable to upload', dbid except: print 'Unable to delete', dbid - + def upload_pt(object, f): dir, name = os.path.split(f) --- conga/luci/cluster/fence_device.js 2007/08/08 21:00:06 1.14 +++ conga/luci/cluster/fence_device.js 2007/09/11 16:04:32 1.15 @@ -104,7 +104,7 @@ fence_type = input_tags[i].value; } } - } + } } var target_form = document.createElement('form'); --- conga/luci/cluster/form-macros 2007/08/24 22:01:41 1.210 +++ conga/luci/cluster/form-macros 2007/09/11 16:04:32 1.211 @@ -287,7 +287,7 @@ onClick="allPasswdsSame(this.form)" tal:attributes="checked python: (add_cluster and add_cluster['identical_passwds']) and 'checked'" /> - + Check if node passwords are identical. @@ -423,7 +423,7 @@ - @@ -2387,7 +2387,7 @@ value cur_fencedev/name | nothing" /> - + @@ -3881,7 +3881,7 @@ - @@ -4904,7 +4904,7 @@ - + @@ -5257,7 +5257,7 @@ global cur_fence_type cur_fencedev/agent | nothing" /> - + --- conga/luci/cluster/validate_config_multicast.js 2007/08/24 22:01:41 1.6 +++ conga/luci/cluster/validate_config_multicast.js 2007/09/11 16:04:32 1.7 @@ -36,7 +36,7 @@ var ifObj = document.getElementById(ifId); if (ifObj) { ifObj.disabled = false; - ifObj.value = prev_mcast_if; + ifObj.value = prev_mcast_if; } } --- conga/luci/conga_ssl/SSLClient.cpp 2007/06/25 16:03:38 1.4 +++ conga/luci/conga_ssl/SSLClient.cpp 2007/09/11 16:04:32 1.5 @@ -13,7 +13,7 @@ You should have received a copy of the GNU General Public License along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 675 Mass Ave, Cambridge, + Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ /* @@ -59,7 +59,7 @@ file_cert(const String& file, const String& cert) : file(file), cert(cert) {} - + String file; String cert; }; @@ -67,31 +67,31 @@ -static int +static int verify_cert_callback(int preverify_ok, X509_STORE_CTX *ctx) { return 1; } -static void +static void load_peer_certs() { MutexLocker l(global_lock); - + // load trusted CAs - if (!SSL_CTX_load_verify_locations(ctx, - _trust_CAs, + if (!SSL_CTX_load_verify_locations(ctx, + _trust_CAs, NULL)) ;//cout << "failed to load trusted CAs" << endl; - - STACK_OF(X509_NAME) *cert_names = + + STACK_OF(X509_NAME) *cert_names = SSL_load_client_CA_file(_trust_CAs); if (cert_names) SSL_CTX_set_client_CA_list(ctx, cert_names); // else // cout << "failed to load trusted CAs" << endl; - + // load saved certs - + set files; String dir_path(_certs_store_dir); DIR* d = opendir(dir_path.c_str()); @@ -118,9 +118,9 @@ closedir(d); throw; } - + trusted_certs.clear(); - + for (set::const_iterator iter = files.begin(); iter != files.end(); iter++) { @@ -131,10 +131,10 @@ } catch ( ... ) {} } } -static void -ssl_mutex_callback(int mode, - int n, - const char *file, +static void +ssl_mutex_callback(int mode, + int n, + const char *file, int line) { if (mode & CRYPTO_LOCK) @@ -155,60 +155,60 @@ SSLClient::SSLClient(ClientSocket sock) : - _sock(sock), + _sock(sock), _connected(false) { { MutexLocker l(global_lock); if (!ssl_inited) { // init library - + SSL_library_init(); // TODO: random number generator, // not on systems with /dev/urandom (eg. Linux) - + // thread support ssl_locks.clear(); for (int i=0; i(new Mutex())); CRYPTO_set_locking_callback(ssl_mutex_callback); CRYPTO_set_id_callback(ssl_id_callback); - + // create context if (!ctx) ctx = SSL_CTX_new(SSLv23_client_method()); if (!ctx) throw String("SSL context creation failed"); // set verify_callback() function - SSL_CTX_set_verify(ctx, - SSL_VERIFY_PEER, + SSL_CTX_set_verify(ctx, + SSL_VERIFY_PEER, verify_cert_callback); // set mode SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); SSL_CTX_set_mode(ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); - + // load key - if (!SSL_CTX_use_PrivateKey_file(ctx, - _privkey, + if (!SSL_CTX_use_PrivateKey_file(ctx, + _privkey, SSL_FILETYPE_PEM)) throw String("error importing cert key file"); // load cert - if (!SSL_CTX_use_certificate_file(ctx, - _pubkey, + if (!SSL_CTX_use_certificate_file(ctx, + _pubkey, SSL_FILETYPE_PEM)) throw String("error importing cert file"); // load peers' certs load_peer_certs(); - + ssl_inited = true; } - + // create SSL object, giving it context _ssl = SSL_new(ctx); if (!_ssl) throw String("creation of ssl object failed"); } - + // make socket non-blocking try { _sock.nonblocking(true); @@ -216,7 +216,7 @@ SSL_free(_ssl); throw; } - + // assign fd to _ssl if (!SSL_set_fd(_ssl, _sock.get_sock())) { SSL_free(_ssl); @@ -231,12 +231,12 @@ } -bool +bool SSLClient::connect(unsigned int timeout) { if (_connected) return _connected; - + unsigned int beg = time_mil(); while (time_mil() < beg + timeout) { int ret = SSL_connect(_ssl); @@ -249,20 +249,20 @@ socket().ready(want_read, want_write, 250); } } - + return _connected; } -String +String SSLClient::send(const String& msg, unsigned int timeout) { if (!_connected) throw String("cannot send, yet: SSL connection not connected"); - + if (msg.empty()) return msg; - + unsigned int beg = time_mil(); while (time_mil() < beg + timeout) { int ret = SSL_write(_ssl, msg.c_str(), msg.size()); @@ -274,18 +274,18 @@ socket().ready(want_read, want_write, 250); } } - + return msg; } -String +String SSLClient::recv(unsigned int timeout) { if (!_connected) throw String("cannot receive, yet: SSL connection not connected"); - + char buff[4096]; - + unsigned int beg = time_mil(); while (time_mil() < beg + timeout) { int ret = SSL_read(_ssl, buff, sizeof(buff)); @@ -299,23 +299,23 @@ socket().ready(want_read, want_write, 250); } } - + return ""; } -bool +bool SSLClient::peer_has_cert() { if (!_connected) throw String("cannot determine if peer has certificate: SSL connection not connected"); - + if (_cert_pem.size()) return true; - + X509* cert = SSL_get_peer_certificate(_ssl); - if (!cert) + if (!cert) return false; - + // load cert into _cert_pem FILE* f = NULL; try { @@ -324,7 +324,7 @@ if (!PEM_write_X509(f, cert)) throw String("unable to write cert to tmp file"); X509_free(cert); cert = NULL; - + // read cert rewind(f); while (true) { @@ -339,7 +339,7 @@ } } fclose(f); f = NULL; - } catch ( ... ) { + } catch ( ... ) { if (cert) X509_free(cert); if (f) @@ -347,16 +347,16 @@ _cert_pem.clear(); throw; } - + return true; } -String +String SSLClient::peer_cert_fingerprint(String& digest) { if (!peer_has_cert()) throw String("peer did not present cert"); - + String f_name("/tmp/luci_tmp_XXXXXX"); int fd = -1; char* buff = new char[f_name.size() + 1]; @@ -368,10 +368,10 @@ f_name = buff; delete[] buff; buff = 0; while (close(fd) && errno == EINTR) ; fd = -1; - + File f = File::open(f_name, true); f.replace(_cert_pem); - + String out, err; int status; vector args; @@ -381,7 +381,7 @@ args.push_back(f_name); args.push_back("-noout"); args.push_back("-fingerprint"); - if (utils::execute("/usr/bin/openssl", + if (utils::execute("/usr/bin/openssl", args, out, err, @@ -391,17 +391,17 @@ if (status) throw String("openssl command failed"); unlink(f_name.c_str()); - + vector words(utils::split(utils::strip(out))); if (words.size() != 2) throw String("error parsing fingerprint"); - + String finger(words[1]); String::size_type idx = finger.find('='); if (idx == finger.npos || idx+1 == finger.size()) throw String("error parsing fingerprint"); - + digest = words[0]; return finger.substr(idx+1); } catch ( ... ) { @@ -414,17 +414,17 @@ } } -bool +bool SSLClient::peer_cert_trusted() { // signed by trusted CAs? X509* cert = SSL_get_peer_certificate(_ssl); - if (!cert) + if (!cert) return false; X509_free(cert); if (SSL_get_verify_result(_ssl) == X509_V_OK) return true; - + // cert present among saved certs? peer_has_cert(); // make sure cert is saved in _cert_pem MutexLocker l(global_lock); @@ -436,17 +436,17 @@ return false; } -bool +bool SSLClient::trust_peer_cert(const String& hostname) { MutexLocker l(global_lock); - + if (peer_cert_trusted()) return true; - + if (!peer_has_cert()) throw String("peer did not present cert"); - + String filename(_certs_store_dir); filename += "/" + hostname + "_cert_pub"; try { @@ -455,26 +455,26 @@ unlink(filename.c_str()); return false; } - + load_peer_certs(); - + return true; } -bool +bool SSLClient::untrust_peer_cert() { MutexLocker l(global_lock); - + if (!peer_has_cert()) throw String("peer did not present cert"); - + for (list::const_iterator iter = trusted_certs.begin(); iter != trusted_certs.end(); iter++) if (iter->cert == _cert_pem) unlink(iter->file.c_str()); - + load_peer_certs(); return true; } @@ -489,7 +489,7 @@ SSLClient::check_error(int value, bool& want_read, bool& want_write) { want_read = want_write = false; - + String e; switch (SSL_get_error(_ssl, value)) { case SSL_ERROR_NONE: @@ -520,10 +520,10 @@ e = "SSL_ERROR_SSL"; break; } - + //FILE* f = fopen("/tmp/ssl_error_que", "a"); //ERR_print_errors_fp(f); //fclose(f); - + throw String("SSL error: ") + e; } --- conga/luci/conga_ssl/SSLClient.h 2006/12/21 21:32:00 1.2 +++ conga/luci/conga_ssl/SSLClient.h 2007/09/11 16:04:32 1.3 @@ -13,7 +13,7 @@ You should have received a copy of the GNU General Public License along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 675 Mass Ave, Cambridge, + Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ /* @@ -44,36 +44,36 @@ public: SSLClient(ClientSocket sock); virtual ~SSLClient(); - + bool connect(unsigned int timeout); - + String send(const String& msg, unsigned int timeout); String recv(unsigned int timeout); - - + + bool peer_has_cert(); bool peer_cert_trusted(); // return true if peer's cert is trusted (either thru CA chain, or saved in cert_store) - + String peer_cert_fingerprint(String& digest); - + bool trust_peer_cert(const String&); bool untrust_peer_cert(); // remove peer's cert from cert_store - + ClientSocket& socket(); - + private: SSLClient(const SSLClient&); SSLClient operator=(const SSLClient&); - + ClientSocket _sock; SSL* _ssl; String _cert_pem; - + bool _connected; - + void check_error(int value, bool& want_read, bool& want_write); - - + + }; // class SSLClient --- conga/luci/conga_ssl/conga_ssl_lib.cpp 2007/06/25 16:03:38 1.4 +++ conga/luci/conga_ssl/conga_ssl_lib.cpp 2007/09/11 16:04:32 1.5 @@ -13,7 +13,7 @@ You should have received a copy of the GNU General Public License along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 675 Mass Ave, Cambridge, + Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ /* @@ -41,10 +41,10 @@ public: PythonThreadsAllower() { _save = PyEval_SaveThread(); } - + ~PythonThreadsAllower() { PyEval_RestoreThread(_save); } - + private: PyThreadState *_save; }; @@ -114,8 +114,8 @@ const char* hostname; int port; int timeout; - if (!PyArg_ParseTuple(args, - "sii", + if (!PyArg_ParseTuple(args, + "sii", &hostname, &port, &timeout)) @@ -128,7 +128,7 @@ PyErr_SetString(PyExc_ValueError, "negative timeout"); return NULL; } - + try { counting_auto_ptr ss; { @@ -154,9 +154,9 @@ int id; if (!PyArg_ParseTuple(args, "i", &id)) return NULL; - + try { - map >::iterator iter = + map >::iterator iter = ssls.find(id); if (iter != ssls.end()) ssls.erase(iter); @@ -182,13 +182,13 @@ PyErr_SetString(PyExc_ValueError, "negative timeout"); return NULL; } - + try { - map >::const_iterator iter = + map >::const_iterator iter = ssls.find(id); if (iter == ssls.end()) throw String("SSL connection closed"); - + { PythonThreadsAllower all; int beg = int(time_sec()); @@ -201,7 +201,7 @@ break; } } - + Py_INCREF(Py_None); return Py_None; } catch (String e) { @@ -224,14 +224,14 @@ PyErr_SetString(PyExc_ValueError, "negative timeout"); return NULL; } - + try { map >::const_iterator iter = ssls.find(id); if (iter == ssls.end()) throw String("SSL connection closed"); - + String resp; { PythonThreadsAllower all; @@ -261,7 +261,7 @@ } } } - + PyObject* resp_p = Py_BuildValue("s", resp.c_str()); return resp_p; } catch (String e) { @@ -280,19 +280,19 @@ const char* msg; if (!PyArg_ParseTuple(args, "is", &id, &msg)) return NULL; - + try { - map >::const_iterator iter = + map >::const_iterator iter = ssls.find(id); if (iter == ssls.end()) throw String("SSL connection closed"); - + bool resp; { PythonThreadsAllower all; resp = iter->second->trust_peer_cert(msg); } - + PyObject* resp_p = Py_BuildValue("i", (resp)?1:0); return resp_p; } catch (String e) { @@ -309,19 +309,19 @@ int id; if (!PyArg_ParseTuple(args, "i", &id)) return NULL; - + try { - map >::const_iterator iter = + map >::const_iterator iter = ssls.find(id); if (iter == ssls.end()) throw String("SSL connection closed"); - + bool resp; { PythonThreadsAllower all; resp = iter->second->peer_cert_trusted(); } - + PyObject* resp_p = Py_BuildValue("i", (resp)?1:0); return resp_p; } catch (String e) { @@ -338,19 +338,19 @@ int id; if (!PyArg_ParseTuple(args, "i", &id)) return NULL; - + try { - map >::const_iterator iter = + map >::const_iterator iter = ssls.find(id); if (iter == ssls.end()) throw String("SSL connection closed"); - + bool resp; { PythonThreadsAllower all; resp = iter->second->untrust_peer_cert(); } - + PyObject* resp_p = Py_BuildValue("i", (resp)?1:0); return resp_p; } catch (String e) { @@ -367,19 +367,19 @@ int id; if (!PyArg_ParseTuple(args, "i", &id)) return NULL; - + try { - map >::const_iterator iter = + map >::const_iterator iter = ssls.find(id); if (iter == ssls.end()) throw String("SSL connection closed"); - + String finger, digest; { PythonThreadsAllower all; finger = iter->second->peer_cert_fingerprint(digest); } - + PyObject* resp_p = Py_BuildValue("(ss)", digest.c_str(), finger.c_str()); return resp_p; } catch (String e) { --- conga/luci/conga_ssl/setup.py 2007/03/23 17:25:12 1.2 +++ conga/luci/conga_ssl/setup.py 2007/09/11 16:04:32 1.3 @@ -9,27 +9,27 @@ '/usr/include/libxml2'], libraries = ['ssl', 'xml2'], #library_dirs = ['/usr/local/lib'], - sources = ['conga_ssl_lib.cpp', - 'SSLClient.cpp', - '../../ricci/common/ClientSocket.cpp', - '../../ricci/common/Socket.cpp', - '../../ricci/common/Network.cpp', - '../../ricci/common/Logger.cpp', - '../../ricci/common/Time.cpp', - '../../ricci/common/File.cpp', - '../../ricci/common/XML.cpp', - '../../ricci/common/utils.cpp', + sources = ['conga_ssl_lib.cpp', + 'SSLClient.cpp', + '../../ricci/common/ClientSocket.cpp', + '../../ricci/common/Socket.cpp', + '../../ricci/common/Network.cpp', + '../../ricci/common/Logger.cpp', + '../../ricci/common/Time.cpp', + '../../ricci/common/File.cpp', + '../../ricci/common/XML.cpp', + '../../ricci/common/utils.cpp', '../../ricci/common/executils.cpp']) setup (name = 'conga_ssl_lib', version = '0.8', - description = 'SSL Python bindings for Conga', - author = 'Stanko Kupcevic', + description = 'SSL Python bindings for Conga', + author = 'Stanko Kupcevic', author_email = 'kupcevic at redhat.com', copyright = 'Red Hat, Inc.', - license = 'GPL', + license = 'GPL', url = 'http://www.sourceware.org/cluster/conga', long_description = ''' conga_ssl_lib --- conga/luci/docs/config_rhel5 2006/11/03 21:47:27 1.2 +++ conga/luci/docs/config_rhel5 2007/09/11 16:04:33 1.3 @@ -50,13 +50,13 @@ 9000 MTU as the maximum frame size including the IP header. Setting the netmtu and host MTUs to 9000 will cause totem to use the full 9000 bytes of the frame. Then Linux will add a 18 byte header moving the full frame size to 9018. As a -result some hardware will not operate properly with this size of data. A netmtu +result some hardware will not operate properly with this size of data. A netmtu of 8982 seems to work for the few large frame devices that have been tested. Some manufacturers claim large frame support when in fact they support frame sizes of 4500 bytes.

Increasing the MTU from 1500 to 8982 doubles throughput performance from 30MB/sec -to 60MB/sec as measured with evsbench with 175000 byte messages with the secauth +to 60MB/sec as measured with evsbench with 175000 byte messages with the secauth directive set to off.

When sending multicast traffic, if the network frequently reconfigures, chances are @@ -73,7 +73,7 @@ multiple threads to encrypt and send multicast messages.

A thread directive of 0 indicates that no threaded send should be used. This -mode offers best performance for non-SMP systems. +mode offers best performance for non-SMP systems.

The default is 0.

@@ -81,14 +81,14 @@ This directive controls the virtual synchrony filter type used to identify a primary component. The preferred choice is YKD dynamic linear voting, however, for clusters larger then 32 nodes YKD consumes alot of memory. For -large scale clusters that are created by changing the MAX_PROCESSORS_COUNT +large scale clusters that are created by changing the MAX_PROCESSORS_COUNT #define in the C code totem.h file, the virtual synchrony filter "none" is recommended but then AMF and DLCK services (which are currently experimental) are not safe for use.

The default is ykd. The vsftype can also be set to none.

-Within the +Within the totem directive, there are several configuration options which are used to control @@ -129,7 +129,7 @@ The default is 4 retransmissions.

join
-This timeout specifies in milliseconds how long to wait for join messages in +This timeout specifies in milliseconds how long to wait for join messages in the membership protocol.

The default is 100 milliseconds. @@ -181,10 +181,10 @@

heartbeat_failures_allowed
[HeartBeating mechanism] Configures the optional HeartBeating mechanism for faster failure detection. Keep in -mind that engaging this mechanism in lossy networks could cause faulty loss declaration -as the mechanism relies on the network for heartbeating. +mind that engaging this mechanism in lossy networks could cause faulty loss declaration +as the mechanism relies on the network for heartbeating.

-So as a rule of thumb use this mechanism if you require improved failure in low to +So as a rule of thumb use this mechanism if you require improved failure in low to medium utilized networks.

This constant specifies the number of heartbeat failures the system should tolerate --- conga/luci/docs/user_manual.html 2007/06/27 08:14:12 1.17 +++ conga/luci/docs/user_manual.html 2007/09/11 16:04:33 1.18 @@ -67,28 +67,28 @@

Enter admin as the user name, and then enter the admin password that has been - set up in the appropriate field, then click "log in". + set up in the appropriate field, then click "log in".

UI Organization

luci is set up with three tabs:
  • Homebase: This is where admin tools for adding and deleting systems - or users are located. Only admin is allowed access to this tab.
    • + or users are located. Only admin is allowed access to this tab.
  • Cluster: If any clusters are set up with the luci server, they will show up in a list in this tab. If a user other than admin navigates to the cluster tab, only those clusters that the user has permission to manage show up in the cluster list. The cluster tab provides a means for creating and - configuring clusters.
    • + configuring clusters.
  • Storage: Remote administration of storage is available through this - page in the luci site.
    • + page in the luci site.

Homebase Tab

The following figure shows the entry look of the Homebase tab.
- +
Figure #2: Homebase Tab

With no systems registered with a luci server, the Homebase page provides three - initial utilities to the admin: + initial utilities to the admin:

  • Add a System
  • Add an Existing Cluster
  • Add a User
    • @@ -96,7 +96,7 @@ After systems have been added to a luci server, the Manage Systems link become available in the navigation table.

    - + After users have been added to a luci server, the following links become available in the navigation table:

    • User Permissions
      • @@ -104,12 +104,12 @@

    Add a System:

    Adding a single system to luci makes the system - available for remote storage administration. In addition to + available for remote storage administration. In addition to storage administration, Conga provides remote package retrieval and installation, the chkconfig function, full remote cluster administration, and - module support to filter and retrieve log entries.

    + module support to filter and retrieve log entries.

    To add a system, click on the Add a System link in the left hand navigation - table. This will load the following page: + table. This will load the following page:
    Figure #3: Add a System

    @@ -120,24 +120,24 @@ Another Entry button is provided. When this button is clicked and at least one additional entry row has been provided, a checkbox is also made available that can be selected if all systems specified for addition to the luci server - share the same password. + share the same password.
    Figure #4: Multiple System Entries

    If the System Hostname is left blank for any row, it is disregarded when the - list of systems is submitted for addition. If the user wishes to delete a - row for any reason, the icon at the far right of the row (that resembles + list of systems is submitted for addition. If the user wishes to delete a + row for any reason, the icon at the far right of the row (that resembles rows in a table with an 'x') can be clicked. If systems in the list of rows do NOT share the same password (and the checkbox is, of course, left unchecked) and one or more passwords are incorrect, an error message is generated for each system that has an incorrect password. The systems listed with correct passwords are added to the luci server. In addition to incorrect password problems, an error message is also displayed if luci is unable to connect to - the ricci agent on a system. + the ricci agent on a system.

    For most typical datacenter deployments of conga, the luci server will - reside on a system within the confines of the datacenter network, and + reside on a system within the confines of the datacenter network, and the datacenter systems can pretty safely be assumed to be trustworthy. If a luci server is used to connect to systems across the open Internet, the user could be vulnerable to a form of security attack known @@ -145,15 +145,15 @@ the client and server intercepts data exchanged, while masquerading to its peers as a legitimate party, and issues potentially malicious commands.

    - If the user would like to verify the certificate of a ricci agent before - authenticating to it (avoiding a 'Man in the Middle' attack), the - checkbox marked Verify system certificates before sending any - passwords should be checked. With this box checked, clicking submit - retrieves the certificate information for all systems listed, and provides - a 'Trust' checkbox for each system. The password for a system will not + If the user would like to verify the certificate of a ricci agent before + authenticating to it (avoiding a 'Man in the Middle' attack), the + checkbox marked Verify system certificates before sending any + passwords should be checked. With this box checked, clicking submit + retrieves the certificate information for all systems listed, and provides + a 'Trust' checkbox for each system. The password for a system will not be sent without the trust box checked. To add the system or systems, click the 'Trust' checkboxes for each row desired and click submit again. - Mousing over the lock icon for + Mousing over the lock icon for a row entry will display the certificate information for just that system. It is important to note that in order to defend against this type of attack, the user must know the certificate fingerprints of client systems prior to the initial key exchange. When the client systems are added, the user can then compare the known certificate fingerprints with the fingerprints displayed by the luci server to verify they match. A mismatch indicates the possibility of an attack.


    @@ -182,58 +182,58 @@

    When a cluster is added to a luci server, all nodes are also added as general systems so that storage may be managed on them. If this is not desired, the individual systems may be removed from luci, while remote cluster management capability is maintained.

    NOTE: If an administrator desires to create a new cluster, this capability is available on the Cluster tab. This task link is only for adding and managing - clusters that already exist.

    + clusters that already exist.

    Add a User:

    Here the admin may add additional user accounts. The user - name is entered along with an initial password. + name is entered along with an initial password.
    Figure #5: Add a User

    As stated above, after systems have been added to a luci server, an additional Manage Systems link appears in the navigation table. The Manage Systems page - provides a way to delete systems if desired. + provides a way to delete systems if desired.

    When an administrator adds a new user to a luci server, two additional links appear in the Navigation Table: A Delete User link, and a User Permissions link. The Delete User link is self explanatory, and this page lists all users other than the admin, in a dropdown menu. Selecting a user name and then clicking the - Delete This User button removes that user account from the luci server.
    + Delete This User button removes that user account from the luci server.
    The User Permissions page is where an administrator grants privileges to user accounts. A dropdown menu lists all current users, followed by a list of all systems registered with the luci server. By selecting a user from the dropdown, the context is set for the page, and then those systems that the admin wishes to allow the user to administer are checked. Finally, the Update Permissions button is clicked to persist the privileges. By default, a user - has no user permissions upon creation. + has no user permissions upon creation.
    Figure #6: User Permissions Page

    - +

    Cluster Tab

    - When the cluster tab is selected, luci first checks the identity of the user and + When the cluster tab is selected, luci first checks the identity of the user and compiles a list of clusters that the current user is permitted to administer. If the current user is not permitted to access any of the clusters registered on the luci server, they are informed accordingly. If the current user is the - admin, then all clusters are accessible. + admin, then all clusters are accessible.

    Selecting the Cluster tab causes a page to be displayed that lists all - registered clusters on the luci server that are accessible by the + registered clusters on the luci server that are accessible by the current user. Each cluster is identified by name and presents a link to the properties page for that cluster. In addition, the health of the cluster can be quickly assessed - green indicates good health, and red - indicates a problem. + indicates a problem.

    The nodes of the cluster are also listed, with health indicated by font - color. Green means healthy and part of the cluster; + color. Green means healthy and part of the cluster; red means not part of the cluster, and gray means that the node is not - responding and in an unknown state. + responding and in an unknown state.
    The Cluster List page offers some additional summary information about each cluster. It displays quorum status and the total cluster votes. A dropdown menu allows a cluster to be started, stopped, or restarted. Finally, services for the cluster are listed as links, with their - health indicated by font color. + health indicated by font color.

    On the left side of every cluster tab page is a navigation table with three links: Cluster List, Create, and Configure. The default page is the @@ -241,7 +241,7 @@ the Configure link displays a short list of clusters in the navigation table. Choosing a cluster name takes the user to the properties page for that cluster (the cluster name link on the Cluster List page performs the same - action). + action).
    Figure #7: Cluster List Page

    @@ -253,7 +253,7 @@ navigation table to be displayed below the clusters table (on the left side of the page). The cluster specific table identifies the cluster name at the top of the table and presents links to the five configuration - categories for clusters.
    + categories for clusters.
    NOTE: Until a specific cluster is selected, the cluster pages have no specific cluster context associated with them. Once a cluster has been selected, however, the links and options available on the lower cluster navigation table @@ -265,9 +265,9 @@ (You can easily return to the cluster list page in one of three ways: by clicking on the Cluster tab, selecting the Cluster List link in the main navigation table, or selecting the Configure link from the main navigation - table.) + table.) The configuration categories available in the lower cluster-specific navigation - table are as follows: + table are as follows:

    • Nodes
    • Services
    • Resources
      • @@ -275,14 +275,14 @@
    • Shared Fence Devices
    Selecting any of these primary configuration links offers a similar set of - options for each configuration category, by doing the following: + options for each configuration category, by doing the following:
    • A list is presented of the corresponding configurable cluster elements. For example, if Nodes is selected, a list of all nodes in the cluster is displayed with general node tasks and quick links to node-related configuration pages. The following figure shows a typical node list. Note that this is a high-level view of each node, and is useful for quickly assessing the health of the node and checking which cluster services are currently - deployed on a node.
      • + deployed on a node.
    • A sub-menu is offered for each configuration category. Options in this submenu are:
      • Create or Add
      • Configure; which also displays a list of the individual configuration elements which are direct links to the @@ -293,10 +293,10 @@ of those elements with a high level diagnostic view and links to more detailed aspects of the elements, a link to create a new element, and a sub-menu list of direct links to the detailed configuration properties page for each element - currently configured. + currently configured. This "drill-down" pattern, wherein a top level list of elements is displayed with links to properties pages for each element, paired with a way to create a - new element, is repeated throughout the luci Cluster UI. + new element, is repeated throughout the luci Cluster UI.
        Figure #8: Cluster Properties Page - Note name of cluster at the top of the page, and in the Title section of the lower navigation table

        @@ -308,80 +308,80 @@ for the node in a new browser window. A dropdown menu allows administrators of the cluster a way to have the node join or leave the cluster. The node can also be fenced, rebooted, or deleted through the options in the dropdown - menu. + menu. Figure #9: Node List Page
        -

        -

        +

        +

        The name of the node is a link to the detailed configuration page for that node, and the color of the font (green or red) reflects a course status check on the - health of the node. -

        + health of the node. +

        When the Nodes link is chosen in the lower navigation table, the Add a Node and Configure options become visible. The Configure option link has a list of the nodes beneath it, and selecting one of these links is a direct path to the detailed properties page for the node, in the same way that the node name link - is on the node list page. + is on the node list page.

        Add a Node

        Below is a screenshot of the Add a Node page:
        Figure #10: Add a Node Page -

        -

        +

        +

        The Add a Node page is similar in look and function to the Add a System page available in the Homebase tab. The system hostname of IP address is entered in the appropriate field along with the password for the system. Multiple nodes may be added at once. The user is offered the chance to verify the certificate for the new node to be added, just as - they were when adding a system on the home base tab. + they were when adding a system on the home base tab.

        Two other options are available to the user when adding a node: They are presented with a pair of radio buttons that allow for a choice of either - pulling the necessary packages from the configured Yum repository for + pulling the necessary packages from the configured Yum repository for the system (The very latest packages are always selected with this option), - or packages already installed on the system are used. If any packages + or packages already installed on the system are used. If any packages are missing, an error message is returned and the node is not added.

        The other option available to the user is a checkbox for Shared Storage support. Checking this box will install and initially configure the - CLVM (Clustered Logical Volume Management) packages and the GFS clustered file system packages. In a cluster environment, this box will almost always need to + CLVM (Clustered Logical Volume Management) packages and the GFS clustered file system packages. In a cluster environment, this box will almost always need to be checked. When the submit button is - clicked, the following takes place: + clicked, the following takes place:

        • Contact is made with each future nodes ricci agent. If this contact fails on any listed hostname, the operation is suspended and the user is offered the - chance to re-enter the password.
          • + chance to re-enter the password.
        • After authentication is made on all listed nodes, the proper cluster suite - RPMs for that node's architecture are pulled down and installed.
          • + RPMs for that node's architecture are pulled down and installed.
        • After installation, an initial cluster.conf file is propagated to each node.
        • Finally, each future node is rebooted. When the node comes back up, it - should join the cluster without error.
          • + should join the cluster without error.

        NOTE: Until the node to be added has completed he installation and cluster join operation, any attempts to navigate to the configuration page for that node will result in a "busy signal" graphic that informs the user of what modification is occurring and to try back later when the operation is - complete. + complete.

        Node Configuration Page

        Selecting the name link in the node list page, or selecting a nodename in the list below the node Configure link in the lower navigation table takes the user directly to the Node Configuration page. Here is an image of a typical - node configuration page: + node configuration page: Figure #11: Node Configuration Page
        -

        -

        +

        +

        This page is divided into 5 sections.

        • General Node Tasks - The first section on the node configuration page shows general node health and offers a link to view recent log activity on the node in a pop-up browser window, and also offers a dropdown menu of some common - tasks to perform on a node. These tasks are: + tasks to perform on a node. These tasks are:
          • Have node join/leave cluster - depending on he node status, one of these - options is offered.
            • + options is offered.
          • Fence Node - The node is fenced by the configured means.
          • Reboot Node
          • Delete Node - when a node is deleted, it is made to leave the cluster, @@ -389,16 +389,16 @@ deleted, and a new cluster.conf file is propagated to the remaining nodes in the cluster with the deleted node removed from the configuration. Note that deleting a node does not remove the installed cluster packages from the - node.
            • + node.

        • The next section of the node configuration page is a table showing the status of cluster daemons. In the screenshot above, four cluster daemons are listed. This is for a RHEL 4 cluster. In the RHEL 5 cluster suite, only two - daemons are listed. + daemons are listed.

          Each daemon can be separately started or stopped, and its chkconfig status - amended to allow the daemon to be enabled at system startup or not.

          • + amended to allow the daemon to be enabled at system startup or not.
        • All services running on the node are listed along with their status in the "Services on this Node" section. Links are offered to each services configuration page.

          • @@ -409,16 +409,16 @@ configuration. Two levels of fencing may be configured: A Main fencing method, and a Backup method. The cluster suite attempts to fence the node, if necessary, with the main fencing method first. If this fails, the backup - method is employed. + method is employed.

          Each of the two fence levels or methods may employ multiple fence types within them; for example, when power switch fencing is used to fence a node with dual - redundant power supplies. + redundant power supplies.

        -

        Storage Tab

        +

        Storage Tab

        This tab allows the user to monitor and configure storage on remote systems. It provides a means for configuring disk partitions, logical volumes (clustered as well as single system use), and file system parameters and @@ -434,28 +434,28 @@ changed on specific configuration forms throughout the storage UI. This general choice allows an administrator to avoid difficult decimal representations of storage size (for example, if they know that most of their storage is measured in -gigabytes, terabytes, or other more familiar representations).

        +gigabytes, terabytes, or other more familiar representations).

        A dropdown menu also allows the user to choose if they would rather have devices -displayed by path or SCSI ID.

        +displayed by path or SCSI ID.

        Finally, this main storage page lists systems that the user is authorized to access, but currently unable to administer due to a problem such as a system is unreachable via the network, or the system has been re-imaged and the luci server admin must re-authenticate with the ricci agent on the system. A reason - for the trouble is displayed if it can be determined.

        + for the trouble is displayed if it can be determined.

        Only those systems that the user is privileged to administer is shown in the tabs main navigation table. If the user has no permissions on any systems, an -appropriate message is displayed. +appropriate message is displayed.

        General System Page

        After a system is selected to administer, a general properties page is - displayed for the system. This page view is divided into three sections: + displayed for the system. This page view is divided into three sections:
        • Hard Drives
        • Partitions
        • Volume Groups
        Each of these sections is set up as an expandable tree, with direct links - provided to property sheets for specific devices, partitions, etc. + provided to property sheets for specific devices, partitions, etc. --- conga/luci/homebase/form-macros 2007/08/09 21:05:28 1.59 +++ conga/luci/homebase/form-macros 2007/09/11 16:04:33 1.60 @@ -187,7 +187,7 @@
        - +
- + - +
@@ -370,7 +370,7 @@ value nothing" /> -
@@ -665,10 +665,10 @@ id python: '__SYSTEM%d:Passwd' % cur_sysnum; name python: '__SYSTEM%d:Passwd' % cur_sysnum; value nothing" /> - + - - + Check if node passwords are identical.
  • @@ -864,7 +864,7 @@
    		• - --- conga/luci/logs/index_html 2007/06/25 16:03:38 1.4 +++ conga/luci/logs/index_html 2007/09/11 16:04:33 1.5 @@ -27,7 +27,7 @@ A slot where you can insert elements in the header from a template - + A slot where you can insert CSS in the header from a template @@ -115,8 +115,8 @@

    Recent log information for

    - -
    + +
    --- conga/luci/plone-custom/README 2006/07/26 16:55:37 1.1 +++ conga/luci/plone-custom/README 2007/09/11 16:04:33 1.2 @@ -1,4 +1,4 @@ -custom.xml is a backup of whole portal_skins/custom directory, including methods, types and permisions. +custom.xml is a backup of whole portal_skins/custom directory, including methods, types and permisions. Other files are a content of the same dir. So, custom.xml is to be restored first, thru ZMI, the rest of files can be pushed using Makefile. --- conga/luci/plone-custom/footer 2007/03/12 17:20:01 1.4 +++ conga/luci/plone-custom/footer 2007/09/11 16:04:33 1.5 @@ -4,7 +4,7 @@

    - The + The Conga Cluster and Storage Management System @@ -14,8 +14,8 @@ © 2000— Red Hat, Inc. @@ -23,7 +23,7 @@

    - Distributed under the + Distributed under the GNU GPL license . --- conga/luci/plone-custom/global_personalbar 2006/10/10 19:19:13 1.5 +++ conga/luci/plone-custom/global_personalbar 2007/09/11 16:04:33 1.6 @@ -15,7 +15,7 @@ -

  • --- conga/luci/plone-custom/login_form_validate.vpy 2006/09/19 15:01:21 1.1 +++ conga/luci/plone-custom/login_form_validate.vpy 2007/09/11 16:04:33 1.2 @@ -35,7 +35,7 @@ password_empty = request.get('pwd_empty', None)=='1' ac_name = auth.name_cookie ac_password = auth.pw_cookie - + if not user_name: # no user name state.setError(ac_name, _(u'Please enter your login name.'), 'login_name_required') --- conga/luci/plone-custom/login_success 2006/09/19 14:59:27 1.6 +++ conga/luci/plone-custom/login_success 2007/09/11 16:04:33 1.7 @@ -32,7 +32,7 @@

    You can take fuller advantage of the features of this site - if you enable javascript in your browser. + if you enable javascript in your browser.

    --- conga/luci/plone-custom/main_template 2006/09/18 19:56:35 1.5 +++ conga/luci/plone-custom/main_template 2007/09/11 16:04:33 1.6 @@ -27,7 +27,7 @@ A slot where you can insert elements in the header from a template - + A slot where you can insert CSS in the header from a template @@ -142,7 +142,7 @@ Start of right column

    •  
    --- conga/luci/plone-custom/portlet_login 2006/09/21 21:45:36 1.9 +++ conga/luci/plone-custom/portlet_login 2007/09/11 16:04:33 1.10 @@ -59,7 +59,7 @@ tabindex tabindex/next" i18n:attributes="alt label_login_name;"/>
    - +
    - +
    - Cookie authentication is disabled. + Cookie authentication is disabled. Login portlet not available. --- conga/luci/site/luci/Extensions/LuciClusterActions.py 2007/08/20 16:31:13 1.5 +++ conga/luci/site/luci/Extensions/LuciClusterActions.py 2007/09/11 16:04:33 1.6 @@ -603,7 +603,7 @@ luci_log.debug_verbose('FNF0: no ricci to fence %s for cluster %s' \ % (nodename_resolved, clustername)) return None - + batch_number, result = rq.nodeFence(rc, nodename_resolved) if batch_number is None or result is None: if LUCI_DEBUG_MODE is True: --- conga/luci/site/luci/Extensions/LuciClusterInfo.py 2007/08/24 22:01:42 1.12 +++ conga/luci/site/luci/Extensions/LuciClusterInfo.py 2007/09/11 16:04:33 1.13 @@ -372,7 +372,7 @@ for node in nodenames: if node != nodename: starturl = {} - starturl['nodename'] = node + starturl['nodename'] = node starturl['url'] = '%s?clustername=%s&servicename=%s&pagetype=%s&nodename=%s' % (baseurl, cluname, servicename, SERVICE_START, node) starturls.append(starturl) --- conga/luci/site/luci/Extensions/cluster_adapters.py 2007/08/24 22:01:42 1.269 +++ conga/luci/site/luci/Extensions/cluster_adapters.py 2007/09/11 16:04:33 1.270 @@ -2511,7 +2511,7 @@ return busy_map clusterfolder = getClusterDBObj(self, cluname) - + if LUCI_DEBUG_MODE is True: luci_log.debug_verbose('ICB2: %s is busy: %d flags' \ % (cluname, len(items))) --- conga/luci/site/luci/Extensions/ClusterModel/ClusterNode.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/ClusterNode.py 2007/09/11 16:04:34 1.3 @@ -43,7 +43,7 @@ def setInterface(self, ifc): nd = self.getMulticastNode() if nd is None: - return + return else: nd.addAttribute("interface", ifc) --- conga/luci/site/luci/Extensions/ClusterModel/Cman.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Cman.py 2007/09/11 16:04:34 1.3 @@ -12,4 +12,4 @@ class Cman(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Extensions/ClusterModel/Fence.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Fence.py 2007/09/11 16:04:34 1.3 @@ -12,4 +12,4 @@ class Fence(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Extensions/ClusterModel/FenceDaemon.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/FenceDaemon.py 2007/09/11 16:04:34 1.3 @@ -16,7 +16,7 @@ class FenceDaemon(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME self.addAttribute('post_join_delay', POST_JOIN_DEFAULT) self.addAttribute('post_fail_delay', POST_FAIL_DEFAULT) self.addAttribute('clean_start', CLEAN_START_DEFAULT) --- conga/luci/site/luci/Extensions/ClusterModel/Gulm.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Gulm.py 2007/09/11 16:04:34 1.3 @@ -12,4 +12,4 @@ class Gulm(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Extensions/ClusterModel/Heuristic.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Heuristic.py 2007/09/11 16:04:34 1.3 @@ -12,4 +12,4 @@ class Heuristic(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Extensions/ClusterModel/Lockserver.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Lockserver.py 2007/09/11 16:04:34 1.3 @@ -12,4 +12,4 @@ class Lockserver(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Extensions/ClusterModel/ModelBuilder.py 2007/08/24 22:01:42 1.7 +++ conga/luci/site/luci/Extensions/ClusterModel/ModelBuilder.py 2007/09/11 16:04:34 1.8 @@ -973,7 +973,7 @@ mcast.removeAttribute('interface') except: pass - self.mcast_address = mcast_addr + self.mcast_address = mcast_addr self.mcast_interface = mcast_if self.usesMulticast = True self.set_nodes_multicast(mcast_addr, mcast_if=mcast_if) --- conga/luci/site/luci/Extensions/ClusterModel/Multicast.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Multicast.py 2007/09/11 16:04:35 1.3 @@ -12,4 +12,4 @@ class Multicast(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Extensions/ClusterModel/Rm.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Rm.py 2007/09/11 16:04:35 1.3 @@ -12,4 +12,4 @@ class Rm(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Extensions/ClusterModel/Totem.py 2007/06/25 16:03:39 1.2 +++ conga/luci/site/luci/Extensions/ClusterModel/Totem.py 2007/09/11 16:04:35 1.3 @@ -12,4 +12,4 @@ class Totem(TagObject): def __init__(self): TagObject.__init__(self) - self.TAG_NAME = TAG_NAME + self.TAG_NAME = TAG_NAME --- conga/luci/site/luci/Products/ManagedSystem/ManagedSystem.py 2006/05/30 20:17:21 1.1 +++ conga/luci/site/luci/Products/ManagedSystem/ManagedSystem.py 2007/09/11 16:04:35 1.2 @@ -29,7 +29,7 @@ class ManagedSystem(PortalContent, DefaultDublinCoreImpl): meta_type = product_name - __implements__ = ( + __implements__ = ( PortalContent.__implements__, DefaultDublinCoreImpl.__implements__ ) --- conga/luci/site/luci/Products/ManagedSystem/__init__.py 2006/05/30 20:17:21 1.1 +++ conga/luci/site/luci/Products/ManagedSystem/__init__.py 2007/09/11 16:04:35 1.2 @@ -12,12 +12,9 @@ registerDirectory('skins', globals()) def initialize(context): - product = utils.ContentInit(product_name, + product = utils.ContentInit(product_name, content_types = contentClasses, permission = add_permission, extra_constructors = contentConstructors, fti = contentFTI) product.initialize(context) - - - --- conga/luci/site/luci/Products/ManagedSystem/skins/managedsystem_edit_form.cpt 2006/05/30 20:17:21 1.1 +++ conga/luci/site/luci/Products/ManagedSystem/skins/managedsystem_edit_form.cpt 2007/09/11 16:04:35 1.2 @@ -5,48 +5,48 @@ -

    Edit - Item type - +

    - +

    Fill in the details of this document. -

    +

    - +
    - + Document Details - -
    - +
    - Should not contain spaces, underscores or mixed case. + Should not contain spaces, underscores or mixed case. This will be part of the web address to this item.
    - +
    Validation error output
    - - - +
    - - +
    - + - + (Required) - +
    Validation error output
    - + - +
    - +
    - +
    - A brief description of the item. + A brief description of the item.
    - +
    @@ -116,7 +116,7 @@
    Enter the address:
    - +