[pve-devel] r5352 - in pve-manager/pve2: bin bin/init.d debian lib/PVE www/templates

svn-commits at proxmox.com svn-commits at proxmox.com
Tue Jan 11 13:26:41 CET 2011


Author: dietmar
Date: 2011-01-11 13:26:41 +0100 (Tue, 11 Jan 2011)
New Revision: 5352

Removed:
   pve-manager/pve2/bin/init.d/pvemirror
   pve-manager/pve2/bin/init.d/pvetunnel
   pve-manager/pve2/bin/pveca
   pve-manager/pve2/bin/pvemirror
   pve-manager/pve2/bin/pvetunnel
Modified:
   pve-manager/pve2/bin/Makefile.am
   pve-manager/pve2/bin/Makefile.in
   pve-manager/pve2/bin/init.d/Makefile.am
   pve-manager/pve2/bin/init.d/Makefile.in
   pve-manager/pve2/bin/init.d/pvenetcommit
   pve-manager/pve2/bin/pvecert
   pve-manager/pve2/debian/conffiles
   pve-manager/pve2/debian/config
   pve-manager/pve2/debian/control.in
   pve-manager/pve2/debian/postinst
   pve-manager/pve2/debian/postrm
   pve-manager/pve2/lib/PVE/AuthCookieHandler.pm
   pve-manager/pve2/lib/PVE/Cluster.pm
   pve-manager/pve2/lib/PVE/REST.pm
   pve-manager/pve2/www/templates/pve.conf.in
Log:
start to merge in the new pve-cluster code, removing old 1.0 code


Modified: pve-manager/pve2/bin/Makefile.am
===================================================================
--- pve-manager/pve2/bin/Makefile.am	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/Makefile.am	2011-01-11 12:26:41 UTC (rev 5352)
@@ -5,22 +5,17 @@
 bin_SCRIPTS =  			\
 	pvesh			\
 	pveam			\
-	pveca 			\
 	pvecert			\
 	pvebanner		\
 	pvectl			\
 	pvebash			\
 	pvedaemon		\
-	pvetunnel		\
-	pvemirror		\
 	pvesetup		\
 	pveversion		\
 	pveperf
 
 man_MANS = 			\
-	pveca.1			\
 	pvedaemon.1		\
-	pvetunnel.1		\
 	pveversion.1		\
 	pveperf.1
 

Modified: pve-manager/pve2/bin/Makefile.in
===================================================================
--- pve-manager/pve2/bin/Makefile.in	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/Makefile.in	2011-01-11 12:26:41 UTC (rev 5352)
@@ -218,22 +218,17 @@
 bin_SCRIPTS = \
 	pvesh			\
 	pveam			\
-	pveca 			\
 	pvecert			\
 	pvebanner		\
 	pvectl			\
 	pvebash			\
 	pvedaemon		\
-	pvetunnel		\
-	pvemirror		\
 	pvesetup		\
 	pveversion		\
 	pveperf
 
 man_MANS = \
-	pveca.1			\
 	pvedaemon.1		\
-	pvetunnel.1		\
 	pveversion.1		\
 	pveperf.1
 

Modified: pve-manager/pve2/bin/init.d/Makefile.am
===================================================================
--- pve-manager/pve2/bin/init.d/Makefile.am	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/Makefile.am	2011-01-11 12:26:41 UTC (rev 5352)
@@ -2,8 +2,6 @@
 
 initdbin_SCRIPTS = 	\
 	pvedaemon 	\
-	pvetunnel	\
-	pvemirror 	\
 	pvebanner	\
 	pvenetcommit
 

Modified: pve-manager/pve2/bin/init.d/Makefile.in
===================================================================
--- pve-manager/pve2/bin/init.d/Makefile.in	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/Makefile.in	2011-01-11 12:26:41 UTC (rev 5352)
@@ -173,8 +173,6 @@
 top_srcdir = @top_srcdir@
 initdbin_SCRIPTS = \
 	pvedaemon 	\
-	pvetunnel	\
-	pvemirror 	\
 	pvebanner	\
 	pvenetcommit
 

Deleted: pve-manager/pve2/bin/init.d/pvemirror
===================================================================
--- pve-manager/pve2/bin/init.d/pvemirror	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/pvemirror	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,52 +0,0 @@
-#!/bin/sh
-
-### BEGIN INIT INFO
-# Provides:        pvemirror
-# Required-Start:  $network $syslog
-# Required-Stop:   $network $syslog
-# Default-Start:   2 3 4 5
-# Default-Stop:    0 1 6
-# Short-Description: Start PVE Cluster Server
-### END INIT INFO
-
-. /lib/lsb/init-functions
-
-PATH=/sbin:/bin:/usr/bin:/usr/sbin
-DAEMON=/usr/bin/pvemirror
-PIDFILE=/var/run/pvemirror.pid
-
-test -f $DAEMON || exit 0
-
-case "$1" in
-	start)
-		log_daemon_msg "Starting PVE Cluster Server" "pvemirror"
-  		start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE 
-		log_end_msg $?
-  		;;
-	stop)
-		log_daemon_msg "Stopping PVE Cluster Server" "pvemirror"
-  		start-stop-daemon --oknodo --stop  --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
-		log_end_msg $?
-  		;;
-	reload)
-		log_daemon_msg "Reloading PVE Cluster Server Configuration" "pvemirror"
-		if ( [ -e $PIDFILE ] && kill -0 `cat $PIDFILE`) then
-		    start-stop-daemon --stop --quiet --pidfile $PIDFILE --signal HUP
-		else
-		    start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
-		fi
-		log_end_msg $?
-  		;;
-	restart|force-reload)
-		log_daemon_msg "Restarting PVE Cluster Server" "pvemirror"
-  		start-stop-daemon --stop --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
-  		start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
-		log_end_msg $?
-  		;;
-	*)
-  		echo "Usage: /etc/init.d/pvemirror {start|stop|reload|restart|force-reload}"
-  		exit 1
-		;;
-esac
-
-exit 0

Modified: pve-manager/pve2/bin/init.d/pvenetcommit
===================================================================
--- pve-manager/pve2/bin/init.d/pvenetcommit	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/pvenetcommit	2011-01-11 12:26:41 UTC (rev 5352)
@@ -2,7 +2,7 @@
 
 ### BEGIN INIT INFO
 # Provides:        pvenetcommit
-# Required-Start:  checkroot
+# Required-Start:  checkroot $remote_fs
 # Required-Stop:
 # Default-Start:   S
 # Default-Stop:

Deleted: pve-manager/pve2/bin/init.d/pvetunnel
===================================================================
--- pve-manager/pve2/bin/init.d/pvetunnel	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/init.d/pvetunnel	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,52 +0,0 @@
-#!/bin/sh
-
-### BEGIN INIT INFO
-# Provides:        pvetunnel
-# Required-Start:  $network $syslog
-# Required-Stop:   $network $syslog
-# Default-Start:   2 3 4 5
-# Default-Stop:    0 1 6
-# Short-Description: Start Proxmox Tunnel Server
-### END INIT INFO
-
-. /lib/lsb/init-functions
-
-PATH=/sbin:/bin:/usr/bin:/usr/sbin
-DAEMON=/usr/bin/pvetunnel
-PIDFILE=/var/run/pvetunnel.pid
-
-test -f $DAEMON || exit 0
-
-case "$1" in
-	start)
-		log_daemon_msg "Starting PVE Tunnel Server" "pvetunnel"
-  		start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE 
-		log_end_msg $?
-  		;;
-	stop)
-		log_daemon_msg "Stopping PVE Tunnel Server" "pvetunnel"
-  		start-stop-daemon --oknodo --stop  --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
-		log_end_msg $?
-  		;;
-	reload)
-		log_daemon_msg "Reloading PVE Tunnel Server Configuration" "pvetunnel"
-		if ( [ -e $PIDFILE ] && kill -0 `cat $PIDFILE`) then
-		    start-stop-daemon --stop --quiet --pidfile $PIDFILE --signal HUP
-		else
-		    start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
-		fi
-		log_end_msg $?
-  		;;
-	restart|force-reload)
-		log_daemon_msg "Restarting PVE Tunnel Server" "pvetunnel"
-  		start-stop-daemon --stop --quiet --retry TERM/5/TERM/10/KILL --pidfile $PIDFILE
-  		start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- -p $PIDFILE
-		log_end_msg $?
-  		;;
-	*)
-  		echo "Usage: /etc/init.d/pvetunnel {start|stop|reload|restart|force-reload}"
-  		exit 1
-		;;
-esac
-
-exit 0

Deleted: pve-manager/pve2/bin/pveca
===================================================================
--- pve-manager/pve2/bin/pveca	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pveca	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,385 +0,0 @@
-#!/usr/bin/perl -w
-
-use strict;
-use Socket;
-use PVE::Utils;
-use PVE::Cluster;
-use PVE::ConfigServer;
-use PVE::AtomicFile;
-use Getopt::Long;
-use File::Path;
-use Data::Dumper;
-
-my $cinfo = PVE::Cluster::clusterinfo();
-
-my $localip = $cinfo->{local}->{ip};
-my $localname = $cinfo->{local}->{name};
-
-my $opt_add;
-my $opt_create;
-my $opt_list;
-my $opt_host;
-my $opt_delete;
-my $opt_master;
-my $opt_sync;
-my $opt_info;
-my $opt_maxtimediff = 5;
-
-sub print_usage {
-    my $msg = shift;
-
-    print STDERR "ERROR: $msg\n" if $msg;
-    print STDERR "USAGE: pveca -l             # show cluster status\n";
-    print STDERR "       pveca -c             # create new cluster with localhost as master\n";
-    print STDERR "       pveca -s [-h IP]     # sync cluster configuration from master (or IP)\n";
-    print STDERR "       pveca -d ID          # delete a node\n";
-    print STDERR "       pveca -a [-h IP]     # add new node to cluster\n";
-    print STDERR "       pveca -m             # force local node to become master\n";
-    print STDERR "       pveca -i             # print node info (CID NAME IP ROLE)\n";
-}
-
-if (!GetOptions ('list' => \$opt_list, 
-		 'host=s' => \$opt_host, 
-		 'sync' => \$opt_sync, 
-		 'delete=i' => \$opt_delete, 
-		 'create' => \$opt_create, 
-		 'master' => \$opt_master,
-		 'info' => \$opt_info,
-		 'add' => \$opt_add)) {
-    print_usage ();
-    exit (-1);
-}
-
-#PVE::Cluster::debug (1);
-
-if ($opt_host && ($opt_host !~ m/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)) {
-    my ($name,$aliases,$addrtype,$length, at addrs) = gethostbyname ($opt_host);
-    if (@addrs) {
-	$opt_host = inet_ntoa(@addrs);
-    } else {
-	die "unable to resolve name '$opt_host'\n";
-    }
-}
-
-my $hostrsapubkey = PVE::Config::read_file('hostrsapubkey');
-
-if (! -f '/root/.ssh/id_rsa.pub') {
-    mkdir '/root/.ssh/';
-    system ("echo|ssh-keygen -t rsa -N '' -b 1024 -f /root/.ssh/id_rsa");
-}
-
-my $rootrsapubkey =   PVE::Config::read_file('rootrsapubkey');
-
-sub create_needed_dirs {
-    my ($lcid) = @_;
-
-    if ($lcid) {
-	#fixme: what dirs do we need?
-	#my $spooldir = "/var/spool/proxmox";
-	#mkpath "$spooldir/cluster/$lcid/virus";
-	#mkpath "$spooldir/cluster/$lcid/spam";  
-    }
-}
-
-create_needed_dirs ($cinfo->{local}->{cid});
-
-my $secret = PVE::Utils::load_auth_secret();
-
-sub cluster_print_nodes {
-    my ($cinfo) = @_;
-
-    my $ticket = PVE::Utils::create_auth_ticket ($secret, 'root', 'root');
-
-    print "CID----IPADDRESS----ROLE-STATE--------UPTIME---LOAD----MEM---DISK\n";
-    foreach my $ni (@{$cinfo->{nodes}}) {
-
-	my $state = '-';
-	my $conn;
-	my $status;
-
-
-	eval {
-	    $conn = PVE::ConfigClient::connect ($ticket, $cinfo, $ni->{cid});
-	    if ($status = $conn->ping()->result) {
-		$state = 'A';
-	    }
-	};
-
-	my $err = $@;
-
-	$state = "ERROR: $err" if $err;
-
-	if ($state eq 'A') {
-	    $state = 'S' if !$status->{insync};
-
-	    printf "%2s : %-15s %-5s %1s %15s %6s %5s%% %5s%%\n", 
-	    $ni->{cid}, $ni->{ip}, $ni->{role}, $state,
-	    $status->{uptime}->{uptimestrshort}, $status->{uptime}->{avg1},
-	    int (0.5 + ($status->{meminfo}->{mbmemused}*100/$status->{meminfo}->{mbmemtotal})), 
-	    int (0.5 + ($status->{hdinfo}->{root}->{used}*100/$status->{hdinfo}->{root}->{avail}));
-
-	} else {
-	    printf "%2s : %-15s %-5s %1s\n", $ni->{cid}, $ni->{ip}, $ni->{role}, $state;
-	}
-    }
-}
-
-
-if ($opt_list) {
-
-    if (scalar @{$cinfo->{nodes}}) {
-	if ($cinfo->{local}->{role} eq '-') {
-	    print STDERR "local node '$cinfo->{local}->{ip}' not part of cluster\n";
-	} else {
-	    cluster_print_nodes ($cinfo);
-	}
-    } else {
-	print STDERR "no cluster defined\n";
-    }
-
-} elsif ($opt_info) {
-
-    my $ni = $cinfo->{local};
-
-    print "$ni->{cid} $ni->{name} $ni->{ip} $ni->{role}\n";
-
-} elsif ($opt_master) {
-
-    if (scalar @{$cinfo->{nodes}}) {
-
-	if ($cinfo->{local}->{role} eq 'M') {
-	    print STDERR "local node is already master\n";
-	} elsif ($cinfo->{local}->{role} eq 'N') {
-	    print STDERR "forcing local node to become master\n";
-
-	    my $nodes;
-	    foreach my $ni (@{$cinfo->{nodes}}) {
-		push @$nodes, $ni if $ni->{role} ne 'M';
-	    }
-
-	    foreach my $ni (@$nodes) {
-		if ($ni->{cid} eq $cinfo->{local}->{cid}) {
-		    $ni->{role} = 'M';
-		}
-	    }
-
-	    $cinfo->{nodes} = $nodes;
-
-	    PVE::Cluster::save_clusterinfo ($cinfo);
-
-	    PVE::Utils::service_cmd ('pvetunnel', 'restart');
-
-	} else {
-	    print STDERR "local node '$cinfo->{local}->{ip}' not part of cluster\n";
-	}
-
-    } else {
-	print STDERR "no cluster defined\n";
-    }
-
-} elsif ($opt_sync) {
-
-    my $syncip = $opt_host;
-
-    $syncip = $cinfo->{master}->{ip} if !$syncip && $cinfo->{master};
-
-    die "no master specified (use option -h)\n" if !$syncip;
-
-    print STDERR "syncing master configuration from '$syncip'\n";
-    PVE::Cluster::cluster_sync_mastercfg ($cinfo, $syncip);
-
-} elsif ($opt_delete) {
-
-    if (!scalar @{$cinfo->{nodes}}) {
-	die "no cluster defined\n";
-    }
-
-    if ($cinfo->{local}->{role} ne 'M') {
-	die "operation not permitted (not master)\n";
-    }
-
-    my $new = [];
-    foreach my $ni (@{$cinfo->{nodes}}) {
-
-	if ($ni->{cid} == $opt_delete) {
-	    if ($ni->{cid} == $cinfo->{master}->{cid}) {
-		die "unable to delete master\n";
-	    }
-	} else {
-	    push @$new, $ni; 
-	}
-    }
-
-    $cinfo->{nodes} = $new;
-
-    PVE::Cluster::save_clusterinfo ($cinfo);
-
-} elsif ($opt_create) {
-
-    if ($cinfo->{local}->{role} ne '-') {
-
-	print STDERR "cluster already defined - checking consistency\n";
-
-	# fixme: do something here ?
-
-    }
-
-    my $res;
-
-    $res->{ip} = $cinfo->{local}->{ip};
-    $res->{name} = $cinfo->{local}->{name};
-    $res->{hostrsapubkey} = $hostrsapubkey;
-    $res->{rootrsapubkey} = $rootrsapubkey;
-
-    $res->{cid} = 1;
-    $res->{role} = 'M';
-
-    $cinfo = { "CID_1" => $res , maxcid => 1 };
-    $cinfo->{local} = $cinfo->{"CID_1"};
-    push @{$cinfo->{nodes}}, $cinfo->{"CID_1"};
-
-    # stop all cluster services 
-    PVE::Utils::service_wait_stopped (40, 'pvemirror', 'pvetunnel');
-
-    # save new cluster configuration
-    PVE::Cluster::save_clusterinfo ($cinfo);
-
-    # fixme: remove any stale date
-    # system ("rm -rf /var/spool/proxmox/cluster");
-    create_needed_dirs ($res->{cid});
-
-    # start services again
-    PVE::Utils::service_cmd ('pvetunnel', 'start');
-    PVE::Utils::service_cmd ('pvemirror', 'start');
-
-    print STDERR "cluster master successfully created\n";
-
-} elsif ($opt_add) {
-
-    my $res = {};
-
-    if (!$opt_host) {
-	if ($cinfo->{local}->{role} eq '-') {
-	    die "local host not part of cluster\n";
-	} elsif ($cinfo->{local}->{role} ne 'M') {
-	    die "operation not permitted (not master)\n";
-	}
-    } else {
-	if ($cinfo->{local}->{role} ne '-') {
-	    die "local node already part of cluster\n";
-	} 
-    }
-
-    foreach my $arg (@ARGV) {
-	if ($arg =~ m/^\s*(IP):\s*(\S+)\s*$/i) {
-	    my ($n, $v) = (lc $1, $2);
-	    $res->{$n} = $v;
-	} elsif ($arg =~ m/^\s*(NAME):\s*(\S+)\s*$/i) {
-	    my ($n, $v) = (lc $1, $2);
-	    $res->{$n} = $v;
-	} elsif ($arg =~ m/^\s*(HOSTRSAPUBKEY):\s*(\S+)\s*$/i) {
-	    my ($n, $v) = (lc $1, $2);
-	    $res->{$n} = $v;
-	} elsif ($arg =~ m/^\s*(ROOTRSAPUBKEY):\s*(\S+)\s*$/i) {
-	    my ($n, $v) = (lc $1, $2);
-	    $res->{$n} = $v;
-	} else {
-	    die "unknown argument type '$arg'\n";
-	}
-    }
-
-    if ($opt_host) {
-	$res->{ip} = $cinfo->{local}->{ip} if !$res->{ip};
-    }
-
-    die "missing ip address (or use option -h)\n" if !$res->{ip};
-
-    if ($res->{ip} eq $cinfo->{local}->{ip}) {
-	$res->{hostrsapubkey} = $hostrsapubkey if !$res->{hostrsapubkey};
-	$res->{rootrsapubkey} = $rootrsapubkey if !$res->{rootrsapubkey};
-	$res->{name} = $cinfo->{local}->{name} if !$res->{name};
-    }
-
-    die "missing name\n" if !$res->{name};
-    die "missing host RSA key\n" if !$res->{hostrsapubkey};
-    die "missing user RSA key\n" if !$res->{rootrsapubkey};
-
-    # fixme: check values
-
-    if ($opt_host) {
-	my $cmd = "ssh $opt_host /usr/bin/pveca -a " .
-	    "'IP:$res->{ip}' " . 
-	    "'NAME:$res->{name}' " .
-	    "'HOSTRSAPUBKEY:$res->{hostrsapubkey}' " .
-	    "'ROOTRSAPUBKEY:$res->{rootrsapubkey}'";
-
-	# print "DOING: $cmd\n";
-
-	if (system ($cmd) != 0) {
-	    die "unable to add node: command failed - $cmd\n";
-	}
-
-	# stop all cluster services
-	PVE::Utils::service_wait_stopped (40, 'pvemirror', 'pvetunnel');
-    
-	PVE::Cluster::cluster_sync_mastercfg ($cinfo, $opt_host, 1);
-
-	$cinfo = PVE::Cluster::clusterinfo (); # RELOAD
-
-	create_needed_dirs ($cinfo->{local}->{cid});
-
-	# start services again
-	PVE::Utils::service_cmd ('pvetunnel', 'start');
-	PVE::Utils::service_cmd ('pvemirror', 'start');
-
-	# auth secrect may have changed
-	PVE::Utils::service_cmd ('apache', 'restart');
-	PVE::Utils::service_cmd ('pvedaemon', 'reload');
-	
-	print STDERR "cluster node successfully created\n";
- 
-    } else {
-	# check if node is unique
-
-	foreach my $ni (@{$cinfo->{nodes}}) {
-	    if ($ni->{ip} eq $res->{ip}) {
-		die "node already exists (CID:$ni->{cid}, IP:$res->{ip})\n";
-	    }
-	    if ($ni->{name} eq $res->{name}) {
-		die "node already exists (CID:$ni->{cid}, NAME:$res->{name})\n";
-	    }
-	}
-
-	$res->{cid} = (++$cinfo->{maxcid});
-	$res->{role} = 'N';
-
-	push @{$cinfo->{nodes}}, $res;
-
-	PVE::Cluster::save_clusterinfo ($cinfo);
-
-	create_needed_dirs ($res->{cid});
-
-	PVE::Cluster::cluster_sync_mastercfg ($cinfo, $localip);
-    }
-
-} else {
-    print_usage ("no action specified");
-}
-
-exit (0);
-
-__END__
-
-=head1 NAME
-                                          
-pveca - PVE Cluster Administration Toolkit
-
-=head1 SYNOPSIS
-
-pveca
-
-=head1 DESCRIPTION
-
-Documentation is available at www.proxmox.com
-
-

Modified: pve-manager/pve2/bin/pvecert
===================================================================
--- pve-manager/pve2/bin/pvecert	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pvecert	2011-01-11 12:26:41 UTC (rev 5352)
@@ -3,7 +3,23 @@
 use strict;
 use PVE::Cluster;
 use Getopt::Long;
+use PVE::RPCEnvironment;
+use PVE::INotify qw(read_file);
 
+$ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
+
+die "please run as root\n" if $> != 0;
+
+PVE::INotify::inotify_init();
+
+my $rpcenv = PVE::RPCEnvironment->init('cli');
+
+$rpcenv->set_language($ENV{LANG});
+
+$rpcenv->set_user('root'); 
+
+my $hostname = $rpcenv->get_hostname();
+
 my $opt_force;
 
 if (!GetOptions ('force' => \$opt_force)) {
@@ -11,6 +27,18 @@
     exit (-1);
 }
 
+PVE::Cluster::gen_local_dirs($hostname);
+
+# make sure we have a (per node) private key
+PVE::Cluster::gen_pve_ssl_key();
+
+# make sure we have a CA
+my $force = PVE::Cluster::gen_pveca_cert();
+
+PVE::Cluster::gen_pve_ssl_cert ($force, $hostname);
+
+exit 0;
+
 eval { 
     # make sure we have a private key
     PVE::Cluster::gen_pve_ssl_key();

Deleted: pve-manager/pve2/bin/pvemirror
===================================================================
--- pve-manager/pve2/bin/pvemirror	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pvemirror	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,310 +0,0 @@
-#!/usr/bin/perl -w
-
-use strict;
-use PVE::SafeSyslog;
-use POSIX ":sys_wait_h";
-use Fcntl ':flock';
-use Getopt::Long;
-use Time::HiRes qw (gettimeofday);
-use PVE::Utils;
-use PVE::Cluster;
-use PVE::ConfigServer;
-
-initlog ('pvemirror', 'daemon');
-
-my $secret = PVE::Utils::load_auth_secret();
-
-my $synctime = 60*1;
-
-my $opt_pidfile;
-my $opt_debug;
-my $opt_maxtimediff = 5;
-
-if (!GetOptions ('pidfile=s' => \$opt_pidfile, 
-		 'debug' => \$opt_debug)) {
-    die "USAGE: $0 [--pidfile=FILENAME --debug]\n";
-    exit (-1);
-}
-
-$opt_pidfile = "/var/run/pvemirror.pid" if !$opt_pidfile;
-
-sub lockpidfile {
-    my $pidfile = shift;
-    my $lkfn = "$pidfile.lock";
-
-    if (!open (FLCK, ">>$lkfn")) {
-	my $msg = "can't aquire lock on file '$lkfn' - $!";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg";
-	exit (-1);
-    }
-
-    if (!flock (FLCK, LOCK_EX|LOCK_NB)) {
-	close (FLCK);
-        my $msg = "can't aquire lock '$lkfn' - $!";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg";
-	exit (-1);
-    }
-}
-
-sub writepidfile {
-    my $pidfile = shift;
-
-    if (!open (PIDFH, ">$pidfile")) {
-	my $msg = "can't open pid file '$pidfile' - $!";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg";
-	exit (-1);
-    } 
-    print PIDFH "$$\n";
-    close (PIDFH);
-}
-
-sub exit_if_not_cluster { 
-    my $cinfo = PVE::Cluster::clusterinfo();
-
-    if ($cinfo->{local}->{role} eq '-') {
-	syslog ('info' , "not starting server - not part of cluster");
-	exit (0);
-    }
-}
-
-exit_if_not_cluster ();
-
-# try to get the lock
-lockpidfile ($opt_pidfile);
-
-# run in background
-my $spid;
-
-if (!$opt_debug) {
-    open STDIN,  '</dev/null' || die "can't read /dev/null";
-    open STDOUT, '>/dev/null' || die "can't write /dev/null";
-}
-
-my $restart = $ENV{RESTART_PVEMIRROR};
-
-if (!$restart && !$opt_debug) {
-    $spid = fork();
-    if (!defined ($spid)) {
-	my $msg =  "can't put server into background - fork failed";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg\n";
-	exit (-1);
-    } elsif ($spid) { #parent
-	exit (0);
-    }
-}
-
-writepidfile ($opt_pidfile);
-
-open STDERR, '>&STDOUT' || die "can't close STDERR";
-
-sub cleanup {
-    unlink "$opt_pidfile.lock";
-    unlink "$opt_pidfile";
-}
- 
-$SIG{INT} = $SIG{TERM} = $SIG{QUIT} = sub { 
-    syslog ('info' , "server closing");
-
-    $SIG{INT} = 'DEFAULT';
-
-    # wait for children
-    1 while (waitpid (-1, POSIX::WNOHANG()) > 0);
-
-    cleanup ();
-
-    exit (0);
-};
-
-my $reload_config;
-
-if ($restart) {
-    syslog ('info' , "restarting server");
-} else {
-    syslog ('info' , "starting server");
-}
-
-$SIG{HUP} = sub { 
-    $reload_config = 1;
-};
-
-sub cluster_sync {
-
-    $reload_config = 0;
-
-    my $cinfo = PVE::Cluster::clusterinfo();
-    my $rsynctime = 0;
-    my $csynctime = 0;
-
-    return if $cinfo->{local}->{role} eq '-';
-
-    return if !defined ($cinfo->{master});
-
-    my ($ccsec, $cusec) = gettimeofday ();
-
-    my $errors = {};
-    foreach my $ni (@{$cinfo->{nodes}}) {
-	$errors->{$ni->{cid}} = '';
-    }
-
-    syslog ('info', "starting cluster syncronization");
-
-    if ($cinfo->{master}->{ip} ne $cinfo->{local}->{ip}) {
-
-	eval {
-	    syslog ('info', "syncing master configuration from '$cinfo->{master}->{ip}'");
-	    PVE::Cluster::cluster_sync_mastercfg ($cinfo, $cinfo->{master}->{ip});
-	};
-
-	my $err = $@;
-
-	my ($ccsec_end, $cusec_end) = gettimeofday ();
-	$csynctime += int (($ccsec_end-$ccsec)*1000 + ($cusec_end - $cusec)/1000);
-
-	if ($err) {
-	    syslog ('err', "syncing master configuration from '$cinfo->{master}->{ip}' failed ($csynctime ms) : $err");
-	    $errors->{$cinfo->{master}->{cid}} .= $err;
-	}
-
-	$cinfo = PVE::Cluster::clusterinfo(); # reload cinfo
-    }
-
-    # re-check role after cinfo update - still part of cluster?
-    return if $cinfo->{local}->{role} eq '-';
-
-    my $sync_status = PVE::Config::read_file ("syncstatus");
-
-    foreach my $ni (@{$cinfo->{nodes}}) {
-	my ($rhost, $rcid) = ($ni->{ip}, $ni->{cid});
-	# fixme: test resmote time if remote
-	# my $ctime = PVE::Cluster::get_remote_time ($rdb);
-	#my $ltime = time();
-	#my $td;
-	#if (($td = abs ($ltime - $ctime)) > $opt_maxtimediff) {
-	#die "large time difference ($td seconds) - not syncing\n";		
-	#}
-	#};
-
-	# sync other things
-
-	my $vzl = {};
-
-	my $ticket = PVE::Utils::create_auth_ticket ($secret, 'root', 'root');
-
-	eval {
-	    my $conn = PVE::ConfigClient::connect ($ticket, $cinfo, $rcid);
-	    $vzl = $conn->vzlist()->result;
-	};
-
-	my $err = $@;
-
-	if ($err) {
-	    syslog ('err', "syncing vzlist from '$rhost' failed: $err");
-	    $errors->{$ni->{cid}} .= $err;
-	} else {
-	    PVE::Config::update_file ('vzlist', $vzl, $ni->{cid});
-	}
-
-	next if $rhost eq $cinfo->{local}->{ip}; # local host
-	
-	if (!$errors->{$ni->{cid}}) {
-	    $sync_status->{$ni->{cid}}->{lastsync} = time();
-	}
-	
-    }
-
-    # write sync status
-
-    PVE::Config::write_file ("syncstatus", $sync_status);
-
-    # try to sync template database - ignore errors
-    syslog ('info', "syncing templates");
-    eval { PVE::Cluster::sync_templates ($cinfo); };
-    syslog ('err', $@) if $@;
- 
-    my ($ccsec_end, $cusec_end) = gettimeofday ();
-    my $cptime = ($ccsec_end-$ccsec) + ($cusec_end - $cusec)/1000000;
-    my $rstime = $rsynctime/1000.0;
-    my $cstime = $csynctime/1000.0;
-
-    syslog ('info', sprintf ("cluster syncronization finished (%.2f seconds " .
-			     "(files %.2f, config %.2f))", 
-			     $cptime, $rstime, $cstime));
-}
-
-#Pve::Cluster::debug ($opt_debug);
-
-my $next_sync = 0;
-
-# do not sync master directly after startup, because install scripts
-# have a problem with that
-my $sync = 0; 
-
-my $commandline = [$0, @ARGV];
-
-sub restart_server {
-    my $waittime = shift;
-
-    syslog ('info', "server shutdown (restart)");
-
-    $ENV{RESTART_PVEMIRROR} = 1;
-
-    sleep ($waittime) if $waittime; # avoid high server load due to restarts
-
-    exec (@$commandline);
-    exit (-1); # never reached?
-}
-
-for (;;) { # forever
-
-    eval {
-	$next_sync = time + $synctime;
-
-	if ($sync) {
-	    cluster_sync ();
-	}
-
-	$sync++;
-
-	my $mem = PVE::Utils::get_mem_usage();
-
-	if ($mem->{resident} > (35*1024*1024)) {
-	    syslog ('info', "restarting server after $sync cycles to reduce memory usage (free $mem->{resident} bytes)");
-	    restart_server ();
-	}
-
-	while (time < $next_sync && !$reload_config) { sleep (1); };
-    };
-
-    my $err = $@;
-    
-    if ($err) {
-	syslog ('err', "ERROR: $err");
-	restart_server (5);
-	exit (0);
-    }
-}
-
-exit (0);
-
-__END__
-
-=head1 NAME
-                                          
-pvemirror - PVE Cluster Server
-
-=head1 SYNOPSIS
-
-pvemirror
-
-=head1 DESCRIPTION
-
-Documentation is available at www.proxmox.com
-
-
-
-
-

Deleted: pve-manager/pve2/bin/pvetunnel
===================================================================
--- pve-manager/pve2/bin/pvetunnel	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/bin/pvetunnel	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,280 +0,0 @@
-#!/usr/bin/perl -w
-
-use strict;
-use PVE::SafeSyslog;
-use POSIX ":sys_wait_h";
-use Fcntl ':flock';
-use Getopt::Long;
-use PVE::Utils;
-use PVE::Cluster;
-use File::stat;
-
-initlog ('pvetunnel', 'daemon');
-
-my $workers = {};
-my $delayed_exec = {};
-my $startcount = {};
-my $reload_config;
-
-my $opt_pidfile;
-my $opt_debug;
-
-if (!GetOptions ('pidfile=s' => \$opt_pidfile, 
-		 'debug' => \$opt_debug)) {
-    die "USAGE: $0 [--pidfile=FILENAME --debug]\n";
-    exit (-1);
-}
-
-$opt_pidfile = "/var/run/pvetunnel.pid" if !$opt_pidfile;
-
-sub lockpidfile {
-    my $pidfile = shift;
-    my $lkfn = "$pidfile.lock";
-
-    if (!open (SERVER_FLCK, ">>$lkfn")) {
-	my $msg = "can't aquire lock on file '$lkfn' - $!";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg";
-	exit (-1);
-    }
-
-    if (!flock (SERVER_FLCK, LOCK_EX|LOCK_NB)) {
-	close (SERVER_FLCK);
-        my $msg = "can't aquire lock '$lkfn' - $!";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg";
-	exit (-1);
-    }
-}
-
-sub writepidfile {
-    my $pidfile = shift;
-
-    if (!open (PIDFH, ">$pidfile")) {
-	my $msg = "can't open pid file '$pidfile' - $!";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg";
-	exit (-1);
-    } 
-    print PIDFH "$$\n";
-    close (PIDFH);
-}
-
-sub exit_if_not_cluster { 
-    my $cinfo = PVE::Cluster::clusterinfo();
-
-    if ($cinfo->{local}->{role} eq '-') {
-	syslog ('info' , "not starting server - not part of cluster");
-	exit (0);
-    }
-}
-
-exit_if_not_cluster ();
-
-# try to get the lock
-lockpidfile ($opt_pidfile);
-
-# run in background
-my $spid;
-
-open STDIN,  '</dev/null' || die "can't read /dev/null";
-open STDOUT, '>/dev/null' || die "can't write /dev/null";
-
-if (!$opt_debug) {
-    $spid = fork();
-    if (!defined ($spid)) {
-	my $msg =  "can't put server into background - fork failed";
-	syslog ('err', $msg);
-	print STDERR "ERROR: $msg\n";
-	exit (-1);
-    } elsif ($spid) { #parent
-	exit (0);
-    }
-}
-
-writepidfile ($opt_pidfile);
-
-open STDERR, '>&STDOUT' || die "can't close STDERR";
- 
-### set some sigs
-$SIG{INT} = $SIG{TERM} = $SIG{QUIT} = sub { 
-    syslog ('info' , "server closing");
-
-    $SIG{INT} = 'DEFAULT';
-
-    foreach my $cpid (keys %$workers) {
-	if (kill (15, $cpid) || ! kill(0, $cpid)) {
-	    my $ip = $workers->{$cpid}->{ip};
-	    delete $workers->{$cpid};
-	    syslog ('info', "successfully deleted tunnel $cpid $ip");
-	} 
-    }
-    # wait for children
-    1 while (waitpid (-1, POSIX::WNOHANG()) > 0);
-
-    unlink "$opt_pidfile.lock";
-    unlink "$opt_pidfile";
-
-    exit (0);
-};
-
-sub start_tunnels {
-    my ($cinfo) = @_;
-
-    return if $cinfo->{local}->{role} eq '-';
-
-    foreach my $ni (@{$cinfo->{nodes}}) {
-	next if $ni->{ip} eq $cinfo->{local}->{ip};
-
-	my $running;
-	foreach my $cpid (keys %$workers) {
-	    $running = 1 if $workers->{$cpid}->{ip} eq  $ni->{ip};
-	}
-	next if $running;
-
-	if ($delayed_exec->{$ni->{cid}} && (time < $delayed_exec->{$ni->{cid}})) {
-	    next;
-	}
-	$delayed_exec->{$ni->{cid}} = 0;
-	$startcount->{$ni->{cid}}++;
-
-	my $pid = fork;
-
-	if (!defined ($pid)) {
-
-	    syslog ('err', "can't fork tunnel");
-
-	} elsif ($pid) { #parent
-
-	    $workers->{$pid}->{ip} = $ni->{ip};
-	    $workers->{$pid}->{cid} = $ni->{cid};
-	    $workers->{$pid}->{configport} = $ni->{configport};
-	    
-	    if ($startcount->{$ni->{cid}} > 1) {
-		syslog ('info', "restarting crashed tunnel $pid $ni->{ip}");
-	    } else {
-		syslog ('info', "starting tunnel $pid $ni->{ip}");
-	    }
-
-	} else { # child
-		
-	    close (SERVER_FLCK); # close the lock file (not needed for children)
-
-	    exec ('/usr/bin/ssh', '-N', '-o', 'BatchMode=yes',  
-		  '-L', "$ni->{configport}:localhost:83", 
-		  $ni->{ip});
-	    exit (0);
-	}
-    }
-}
-
-sub purge_tunnels {
-    my ($cinfo) = @_;
-
-    foreach my $cpid (keys %$workers) {
-	my $ip = $workers->{$cpid}->{ip};
-	my $cid = $workers->{$cpid}->{cid};
-	my $configport = $workers->{$cpid}->{configport};
-       
-	my $found;
-	foreach my $ni (@{$cinfo->{nodes}}) {
-	    $found = 1 if (($ni->{ip} eq $ip) && ($ni->{configport} eq $configport));
-	}
-
-	$found = 0 if $cinfo->{local}->{role} eq '-';
-
-	if (!$found) {
-	    syslog ('info', "trying to finish tunnel $cpid $ip");
-	    kill (15, $cpid);
-	    $delayed_exec->{$cid} = time + ($startcount->{$cid} > 5 ? 60 : 10);
-	    delete $workers->{$cpid};
-	} 
-    }
-}
-
-sub finish_children {
-    while ((my $cpid = waitpid(-1, POSIX::WNOHANG())) > 0) {
-	if (defined ($workers->{$cpid})) {
-	    my $ip = $workers->{$cpid}->{ip};
-	    my $cid = $workers->{$cpid}->{cid};
-	    syslog ('err', "tunnel finished $cpid $ip");
-	    $delayed_exec->{$cid} = time + ($startcount->{$cid} > 5 ? 60 : 10);
-	    delete $workers->{$cpid};
-	}
-    }
-}
-
-syslog ('info' , "starting server");
-
-$SIG{CHLD} = \&finish_children;
-
-$SIG{HUP} = sub { 
-    $reload_config = 1;
-};
-
-$SIG{PIPE} = 'IGNORE';
-
-for (;;) { # forever
-
-    eval {
-
-	my $lasttime = time();
-	my $cinfo = PVE::Cluster::clusterinfo ();
-	
-	start_tunnels ($cinfo);
-	
-	while (sleep (1)) {
-
-	    finish_children ();
-
-	    if ($reload_config) {
-		syslog ('info', "HUP detected - reloading config");
-		$lasttime = time();
-		$cinfo = PVE::Cluster::clusterinfo ();
-		$reload_config = 0;
-	    } else {
-		my $st = stat ("/etc/pve/cluster.cfg");
-		if ($st) {
-		    if ($st->ctime > $lasttime) {
-			$lasttime = time();
-			syslog ('info', "reloading config (test for changes)");
-			$cinfo = PVE::Cluster::clusterinfo ();
-		    }
-		} else {
-		    if ($cinfo->{exists}) {
-			syslog ('info', "no cluster configuration found");
-			$cinfo = PVE::Cluster::clusterinfo ();
-		    }
-		}
-	    }
-
-	    purge_tunnels ($cinfo); 
-	    start_tunnels ($cinfo);		    
-	}
-    };
-
-    my $err = $@;
-    
-    if ($err) {
-	syslog ('err', $err);
-    }
-
-    sleep (2); # dont loop to fast
-}
-
-exit (0);
-
-__END__
-
-=head1 NAME
-                                          
-pvetunnel - PVE Cluster Tunnel Server
-
-=head1 SYNOPSIS
-
-pvetunnel
-
-=head1 DESCRIPTION
-
-Documentation is available at www.proxmox.com
-

Modified: pve-manager/pve2/debian/conffiles
===================================================================
--- pve-manager/pve2/debian/conffiles	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/conffiles	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,6 +1,4 @@
 /etc/init.d/pvedaemon
-/etc/init.d/pvetunnel
-/etc/init.d/pvemirror
 /etc/init.d/pvebanner
 /etc/init.d/pvenetcommit
 /etc/cron.daily/pve

Modified: pve-manager/pve2/debian/config
===================================================================
--- pve-manager/pve2/debian/config	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/config	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,5 +1,8 @@
 #!/bin/sh	
 
+# Abort if any command returns an error value 
+set -e
+
 . /usr/share/debconf/confmodule
 
 # we do nothing here

Modified: pve-manager/pve2/debian/control.in
===================================================================
--- pve-manager/pve2/debian/control.in	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/control.in	2011-01-11 12:26:41 UTC (rev 5352)
@@ -3,7 +3,7 @@
 Section: admin
 Priority: optional
 Architecture: all
-Depends: perl5, libtimedate-perl, apache2-mpm-prefork, postfix (>= 2.2.8), libembperl-perl, libauthen-pam-perl, libintl-perl, libfilesys-smbclient-perl, rsync, libsoap-lite-perl, libapache-authcookie-perl, libgd-graph-perl, libapache2-request-perl, atsar, libjson-perl, libfile-sync-perl, libdigest-sha1-perl, vncterm, qemu-server (>= 1.1-1), libwww-perl, wget, libnet-dns-perl, vlan, ifenslave-2.6 (>= 1.1.0-10), liblinux-inotify2-perl, debconf (>= 0.5) | debconf-2.0, libjs-prototype (>= 1.6.0.3-1), netcat-traditional, pve-cluster, libpve-common-perl, libpve-storage-perl, libterm-readline-gnu-perl, libhttp-request-params-perl, libpve-access-control
+Depends: perl5, libtimedate-perl, apache2-mpm-prefork, libauthen-pam-perl, libintl-perl, rsync, libapache-authcookie-perl, libapache2-request-perl, libjson-perl, libdigest-sha1-perl, libio-stringy-perl, vncterm, qemu-server (>= 1.1-1), libwww-perl, wget, libnet-dns-perl, vlan, ifenslave-2.6 (>= 1.1.0-10), liblinux-inotify2-perl, debconf (>= 0.5) | debconf-2.0, libjs-prototype (>= 1.6.0.3-1), netcat-traditional, pve-cluster, libpve-common-perl, libpve-storage-perl, libterm-readline-gnu-perl, libhttp-request-params-perl, libpve-access-control
 Conflicts: netcat-openbsd
 Maintainer: Proxmox Support Team <support at proxmox.com>
 Description: The Proxmox Virtual Environment

Modified: pve-manager/pve2/debian/postinst
===================================================================
--- pve-manager/pve2/debian/postinst	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/postinst	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,7 +1,7 @@
-#! /bin/sh
+#!/bin/sh
 
 # Abort if any command returns an error value 
-set -e 
+set -e
 
 # This script is called as the last step of the installation of the 
 # package.  All the package's files are in place, dpkg has already
@@ -21,55 +21,28 @@
     # Configure this package.  If the package must prompt the user for
     # information, do it here.
 
-    mkdir /etc/pve 2>/dev/null || /bin/true
-    chown -R root:root /etc/pve
-    chmod -R go-w /etc/pve
+    mkdir /etc/pve 2>/dev/null || true
 
-    # fix security (V 1.3 set wrong owner/permission)
-    if [ -e /etc/pve/pve-root-ca.key ]; then
-	chmod 0600 /etc/pve/pve-root-ca.key
-    fi
-    if [ -e /etc/pve/pve-root-ca.pem ]; then
-	chmod 0644 /etc/pve/pve-root-ca.pem
-    fi
-    if [ -e /etc/pve/pve-root-ca.srl ]; then
-	chmod 0600 /etc/pve/pve-root-ca.srl
-    fi
-    if [ -e /etc/pve/pve-ssl.key ]; then
-	chmod 0600 /etc/pve/pve-ssl.key
-    fi
-    if [ -e /etc/pve/pve-ssl.pem ]; then
-	chmod 0644 /etc/pve/pve-ssl.pem
-    fi    
-
-    # allow access to log files and passwords
-    usermod -G adm,shadow www-data
-
     test -e /var/lib/pve-manager/apl-available || cp /usr/share/doc/pve-manager/aplinfo.dat /var/lib/pve-manager/apl-available
     
     update-rc.d pvedaemon defaults 21 >/dev/null 2>&1
-    update-rc.d pvetunnel defaults 21 >/dev/null 2>&1
-    update-rc.d pvemirror defaults 22 >/dev/null 2>&1
     update-rc.d pvebanner defaults 99 >/dev/null 2>&1
     update-rc.d pvenetcommit start 15 S . >/dev/null 2>&1
 
     # generate ssl keys
-    /usr/bin/pvecert
+    pvecert
 
     # make sure we have a crontab for vzdump
     touch /etc/cron.d/vzdump
 
     test -e /proxmox_install_mode || invoke-rc.d pvedaemon restart
-    test -e /proxmox_install_mode || invoke-rc.d pvetunnel restart
-    test -e /proxmox_install_mode || invoke-rc.d pvemirror restart
 
     a2enmod perl >/dev/null 2>&1
     a2enmod ssl >/dev/null 2>&1
     a2enmod rewrite >/dev/null 2>&1
     a2enmod proxy >/dev/null 2>&1
-    a2enmod zembperl >/dev/null 2>&1
 
-    a2dissite default >/dev/null 2>&1 || /bin/true
+    a2dissite default >/dev/null 2>&1 || true
     a2ensite pve.conf >/dev/null 2>&1
 
     test -e /proxmox_install_mode || invoke-rc.d apache2 restart

Modified: pve-manager/pve2/debian/postrm
===================================================================
--- pve-manager/pve2/debian/postrm	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/debian/postrm	2011-01-11 12:26:41 UTC (rev 5352)
@@ -5,8 +5,6 @@
 
 if [ "$1" = purge ]; then
     update-rc.d pvedaemon remove >/dev/null 2>&1
-    update-rc.d pvetunnel remove >/dev/null 2>&1
-    update-rc.d pvemirror remove >/dev/null 2>&1
     update-rc.d pvebanner remove >/dev/null 2>&1
     update-rc.d pvenetcommit remove >/dev/null 2>&1
 

Modified: pve-manager/pve2/lib/PVE/AuthCookieHandler.pm
===================================================================
--- pve-manager/pve2/lib/PVE/AuthCookieHandler.pm	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/lib/PVE/AuthCookieHandler.pm	2011-01-11 12:26:41 UTC (rev 5352)
@@ -19,7 +19,6 @@
 use Digest::SHA1;
 use PVE::SafeSyslog;
 use PVE::Utils;
-use PVE::ConfigServer;
 use base qw(Apache2::AuthCookie);
 use Encode;
 

Modified: pve-manager/pve2/lib/PVE/Cluster.pm
===================================================================
--- pve-manager/pve2/lib/PVE/Cluster.pm	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/lib/PVE/Cluster.pm	2011-01-11 12:26:41 UTC (rev 5352)
@@ -1,11 +1,11 @@
 package PVE::Cluster;
 
 use strict;
+use Socket;
 use IO::File;
 use PVE::Config;
 use PVE::Utils;
 use PVE::I18N;
-use PVE::ConfigServer;
 use PVE::SafeSyslog;
 use Time::HiRes qw (gettimeofday);
 
@@ -14,12 +14,28 @@
 
 # x509 certificate utils
 
-my $pveca_key_fn = "/etc/pve/pve-root-ca.key";
-my $pveca_srl_fn = "/etc/pve/pve-root-ca.srl";
-my $pveca_cert_fn = "/etc/pve/pve-root-ca.pem";
-my $pvessl_key_fn = "/etc/pve/pve-ssl.key";
-my $pvessl_cert_fn = "/etc/pve/pve-ssl.pem";
+my $basedir = "/etc/pve";
+my $pveca_key_fn = "$basedir/priv/pve-root-ca.key";
+my $pveca_srl_fn = "$basedir/priv/pve-root-ca.srl";
+my $pveca_cert_fn = "$basedir/pve-root-ca.pem";
+my $pvessl_key_fn = "$basedir/local/priv/pve-ssl.key";
+my $pvessl_cert_fn = "$basedir/local/pve-ssl.pem";
 
+sub gen_local_dirs {
+    my ($nodename) = @_;
+
+    (-l "$basedir/local" ) || die "pve configuration filesystem not mounted\n";
+
+    my $dir = "$basedir/nodes/$nodename";
+    if (! -d $dir) {
+	mkdir($dir) || die "unable to create directory '$dir' - $!\n";
+    }
+    $dir = "$dir/priv";
+    if (! -d $dir) {
+	mkdir($dir) || die "unable to create directory '$dir' - $!\n";
+    }
+}
+
 sub gen_pveca_key {
     
     return if -f $pveca_key_fn;
@@ -62,13 +78,10 @@
     
     return if -f $pvessl_key_fn;
 
-    my $old_umask = umask();
     eval {
-	umask (0177);
 	PVE::Utils::run_command (['openssl', 'genrsa', '-out', $pvessl_key_fn, '1024']);
     };
-    umask ($old_umask);
-    
+     
     die "unable to generate pve ssl key:\n$@" if $@;
 }
 
@@ -76,13 +89,11 @@
     my ($serial) = @_;
 
     my $old_umask = umask();
-    umask (0177);
     system ("echo '$serial' > '$pveca_srl_fn'");
-    umask ($old_umask);
 }
 
 sub gen_pve_ssl_cert {
-    my ($force, $cinfo) = @_;
+    my ($force, $nodename) = @_;
 
     return if !$force && -f $pvessl_cert_fn;
 
@@ -90,23 +101,22 @@
 
     my $rc = PVE::Config::read_file ('resolvconf');
 
-    if ($cinfo->{local}->{ip}) {
-	$names .= ",IP:" . $cinfo->{local}->{ip};
+    my $packed_ip = gethostbyname($nodename);
+    if (defined $packed_ip) {
+        my $ip = inet_ntoa($packed_ip);
+	$names .= ",IP:" . $ip;
     }
 
-    my $fqdn = 'pve'; # default value - should not be used
+    my $fqdn = $nodename;
 
-    if ($cinfo->{local}->{name}) {
-	$names .= ",DNS:" . $cinfo->{local}->{name};
-	$fqdn = $cinfo->{local}->{name};
+    $names .= ",DNS:" . $nodename;
 
-	if ($rc && $rc->{search}) {
-	    $fqdn = $cinfo->{local}->{name} . "." . $rc->{search};
-	    $names .= ",DNS:$fqdn";
-	}
-
+    if ($rc && $rc->{search}) {
+	$fqdn = $nodename . "." . $rc->{search};
+	$names .= ",DNS:$fqdn";
     }
 
+
     my $sslconf = <<__EOD;
 RANDFILE = /root/.rnd
 extensions = v3_req
@@ -149,10 +159,8 @@
 	die "unable to generate pve certificate request:\n$err";
     }
 
+    update_serial ("0000000000000000") if ! -f $pveca_srl_fn;
 
-    my $serial = sprintf ("%04X000000000000", $cinfo->{local}->{cid});
-    update_serial ($serial) if ! -f $pveca_srl_fn;
-
     eval {
 	PVE::Utils::run_command (['openssl', 'x509', '-req', '-in', $reqfn, '-days', '3650', 
 				  '-out', $pvessl_cert_fn, '-CAkey', $pveca_key_fn,

Modified: pve-manager/pve2/lib/PVE/REST.pm
===================================================================
--- pve-manager/pve2/lib/PVE/REST.pm	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/lib/PVE/REST.pm	2011-01-11 12:26:41 UTC (rev 5352)
@@ -3,7 +3,6 @@
 use warnings;
 use strict;
 use PVE::SafeSyslog;
-use PVE::ConfigServer;
 use PVE::API2;
 use Apache2::Const;
 use CGI;

Modified: pve-manager/pve2/www/templates/pve.conf.in
===================================================================
--- pve-manager/pve2/www/templates/pve.conf.in	2011-01-11 09:55:39 UTC (rev 5351)
+++ pve-manager/pve2/www/templates/pve.conf.in	2011-01-11 12:26:41 UTC (rev 5352)
@@ -67,8 +67,8 @@
 
     SSLEngine on
     SSLProtocol all -SSLv2
-    SSLCertificateFile @PROXMOX_ETC@/pve-ssl.pem
-    SSLCertificateKeyFile @PROXMOX_ETC@/pve-ssl.key
+    SSLCertificateFile @PROXMOX_ETC@/local/pve-ssl.pem
+    SSLCertificateKeyFile @PROXMOX_ETC@/local/priv/pve-ssl.key
 
     RewriteEngine on
     RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)



More information about the pve-devel mailing list