source: trunk/packs/maint/reactivate.sh @ 22075

Revision 22075, 9.6 KB checked in by ghudson, 19 years ago (diff)
Set up /etc/noroot here, as well as at boot time, so that changes in Hesiod are reflected in a timely fashion.
RevLine 
[4333]1#!/bin/sh
2# Script to bounce the packs on an Athena workstation
3#
[22075]4# $Id: reactivate.sh,v 1.80 2005-07-07 15:19:02 ghudson Exp $
[4333]5
[15992]6# Ignore various terminating signals.
7trap "" HUP INT QUIT PIPE ALRM TERM USR1 USR2
[4333]8
[16617]9PATH=/bin:/etc/athena:/bin/athena:/usr/bin:/usr/sbin:/usr/ucb:/usr/bsd:/sbin; export PATH
[10741]10HOSTTYPE=`/bin/athena/machtype`; export HOSTTYPE
[4333]11
[15992]12pidfile=/var/athena/reactivate.pid
13countfile=/var/athena/reactivate.count
14nologin=/etc/nologin
15made_nologin=false
[16383]16afsconfig=/afs/athena.mit.edu/system/config/afs
[15992]17
18umask 22
19. /etc/athena/rc.conf
20
21# Quit now if in the middle of an update.
[16700]22if [ -f /var/athena/update.running ]; then
[15992]23        # In an update, quit now.
24        echo "reactivate: This workstation is in the middle of an update."
25        exit 1
[16700]26fi
[15992]27
28if [ "$1" = -prelogin ]; then
29        echo "Cleaning up..." >> /dev/console
30        full=false
31else
32        full=true
33fi
34
35# Quit now if another reactivate process is running.
36if [ -s $pidfile ]; then
37        pid=`cat $pidfile 2>/dev/null`
38        if [ -n "$pid" -a "$pid" -ne 0 ]; then
39                kill -0 $pid 2>/dev/null
40                if [ $? -eq 0 ]; then
41                        echo "Another reactivate process is running ($pid)."
42                        exit 0
43                fi
44        fi
45fi
46
47echo $$ > $pidfile
48
49# Define a function to clean up at exit.
50# We want to ensure that we don't leave logins disabled.
51# This function also removes our pid file.
52# (Note that terminating signals are ignored, above).
53cleanexit()
54{
55        if [ true = "${made_nologin}" ]; then
56                rm -f $nologin
57        fi
58        rm -f $pidfile
59}
60
61trap cleanexit EXIT
62
63# See if anyone is logged in.  We check for stale utmp entries, by
64# doing a kill -0 on the session leader's pid.
65# The Linux who does not give the pid, so we must use ps to figure
66# it out.
67if [ "$full" = true ]; then
68        if [ linux = "$HOSTTYPE" ]; then
69                pids=
[16275]70                # Use w instead of who, since it ignores stale utmp entries.
71                for tty in `w -h -s | awk '{ print $2; }'` ; do
[16243]72                        pids="$pids `ps --no-heading -j -t $tty 2>/dev/null | \
[15992]73                                awk '($1 == $3) { print $1; }'`"
74                done
75        else
76                pids=`who -u | awk '{ print $7; }'`
77        fi
78
[16252]79        # If any session leader pid is current, quit now.  Ignore dm
80        # (which is the session leader on the console tty), in case of
81        # a stale utmp entry from a console login.
82        dmpid=`cat /var/athena/dm.pid 2>/dev/null`
[15992]83        for pid in $pids ; do
[16252]84                if [ "$pid" != "$dmpid" ]; then
85                        kill -0 $pid 2>/dev/null
86                        if [ $? -eq 0 ]; then
87                                rm -f $countfile
88                                exit 0
89                        fi
[15992]90                fi
91        done
92
[19933]93        # Also quit if there are screen processes running.
94        if [ false = "$PUBLIC" ] && pgrep '^screen' > /dev/null; then
95                exit 0
96        fi
97
[15992]98        # Check for valid Athena session records; these get created for
99        # remote shells, etc., which may not have an associated utmp entry.
100        # Quit if any are found.
101
102        # We need to use nawk on Solaris in parsing the sessions file below.
103        case "$HOSTTYPE" in
104        sun4)
105                awk=nawk
106                ;;
107        *)
108                awk=awk
109                ;;
110        esac
111
112        for i in /var/athena/sessions/* ; do
113                if [ -s $i ]; then
114                        for pid in `                                    \
115                          $awk -F : '                                   \
116                            FNR == 5                                    \
117                            {                                           \
118                                for (i = 1; i <= NF; i++)               \
119                                    if (int($i) != 0)                   \
120                                        print $i;                       \
121                            }' $i` ; do
122                                kill -0 $pid 2>/dev/null
123                                if [ $? -eq 0 ]; then
124                                        rm -f $countfile
125                                        exit 0
126                                fi
127                        done
128                fi
129        done
[16279]130
131        local-menus
[15992]132fi
133
134# There are no current logins or sessions, so proceed.  We disable
135# logins for the duration, by creating /etc/nologin, unless it
136# already exists.
137if [ ! -f $nologin ]; then
138        made_nologin=true
139        echo "Workstation is reactivating." > $nologin
140fi
141
[11336]142# Usage: nuke directoryname
143# Do the equivalent of rm -rf directoryname/*, except using saferm.
144nuke()
145{
146        (
147                cd $1
148                if [ $? -eq 0 ]; then
149                        find * ! -type d -exec saferm {} \;
150                        find * -depth -type d -exec rmdir {} \;
151                fi
152        )
153}
154
[19729]155# Begin section for actions to be performed in all cases, including
156# for a private machine during prelogin.
157
158# Remove any mozilla component and chrome registries, created if
159# mozilla is run as root.  The resulting component registry may
160# be corrupted, preventing mozilla from starting subsequently.
161# See http://bugzilla.mozilla.org/show_bug.cgi?id=197516
162rm -rf /usr/athena/lib/mozilla/components/compreg.dat
163rm -rf /usr/athena/lib/mozilla/components/xpti.dat
164rm -rf /usr/athena/lib/mozilla/chrome/chrome.rdf
165rm -rf /usr/athena/lib/mozilla/chrome/overlayinfo
166
167# End section for actions to be performed in all cases.
168
169if [ "$PUBLIC" = false -a "$full" = false ]; then
170        exit 0
171fi
172
[15091]173if [ -f /var/athena/clusterinfo.bsh ] ; then
174        . /var/athena/clusterinfo.bsh
175fi
[4333]176
[15992]177# Determine where the config files live
[16700]178THISVERS=`awk '{a=$5} END{print a}' /etc/athena/version`
[15354]179if [ "$HOSTTYPE" = linux -a -n "$SYSPREFIX" ]; then
[15091]180        config=$SYSPREFIX/config/$THISVERS
[20362]181        pwconfig=$config/etc
[15091]182else
183        config=/srvd
[20362]184        pwconfig=/afs/athena.mit.edu/system/config/passwd/`machtype -S`
[15091]185fi
186
[15992]187# We don't want to detach all filesystems on every invocation, so
188# we keep a count file, and only detach all every tenth invocation,
189# or when the -detach option is specified.
190count=`cat $countfile 2>/dev/null`
191if [ -z "$count" ]; then
192        count=0
193fi
194if [ "$1" = -detach -o `expr $count % 10` -eq 0 ]; then
[10741]195        dflags=""
196else
197        dflags="-clean"
198fi
[5526]199
[15992]200if [ ! -t 0 ]; then
[4333]201        quiet=-q
202else
[10741]203        echo "Reactivating workstation..."
204        quiet=""
[4333]205fi
206
207# Flush all NFS uid mappings
[4334]208/bin/athena/fsid $quiet -p -a
[4333]209
210# Tell the Zephyr hostmanager to reset state
[10741]211if [ -f /var/athena/zhm.pid -a "$ZCLIENT" = true ] ; then
[9804]212        /bin/kill -HUP `/bin/cat /var/athena/zhm.pid`
[4333]213fi
214
[11336]215# Zero any ticket files in /tmp that may have escaped other methods
216# of destruction, before we clear /tmp. We must cd there since saferm
217# will not follow symbolic links.
218(cd /tmp; saferm -z tkt* krb5cc*) > /dev/null 2>&1
[7503]219
[16330]220# Clean up occasional leavings of emacs and esd.
221rm -rf /var/tmp/!!!SuperLock!!! /tmp/.esd
[12067]222
[16414]223# Remove utmp and wtmp so Solaris doesn't complain.
224if [ sun4 = "$HOSTTYPE" ]; then
225        rm -rf /var/adm/utmp /var/adm/wtmp
226fi
227
[16610]228# Clean up socket files left by sawfish.
229rm -rf /tmp/.sawfish-*
230
[19157]231# Clean up per-session temporary directories.
232rm -rf /tmp/session-*
233
[10741]234if [ "$full" = true ]; then
235        # Clean temporary areas (including temporary home directories)
[15992]236        if [ "$PUBLIC" = true ]; then
237                if [ sun4 = "$HOSTTYPE" -a -f /tmp/ps_data ]; then
238                        cp -p /tmp/ps_data /var/athena/ps_data
239                        nuke /tmp > /dev/null 2>&1
240                        cp -p /var/athena/ps_data /tmp/ps_data
241                        rm -f /var/athena/ps_data
242                else
243                        nuke /tmp > /dev/null 2>&1
244                fi
[14869]245        fi
[11336]246        nuke /var/athena/tmphomedir > /dev/null 2>&1
[10741]247fi
[6662]248
[18029]249# Copy in a few config files
[10741]250if [ "$PUBLIC" = true ]; then
[20362]251        if [ -d $pwconfig ]; then
252                syncupdate -c /etc/passwd.local.new $pwconfig/passwd \
[14206]253                        /etc/passwd.local
[20362]254                syncupdate -c /etc/shadow.local.new $pwconfig/shadow \
[14206]255                        /etc/shadow.local
[20362]256                syncupdate -c /etc/group.local.new $pwconfig/group \
[15992]257                        /etc/group.local
[20362]258        fi
259        if [ -d $config ]; then
[22066]260                cp $config/etc/athena/athinfo.access /etc/athena
261                cp $config/etc/athena/local-lockers.conf /etc/athena
[14592]262        fi
[13152]263        rm -rf /etc/athena/access >/dev/null 2>&1
[8380]264fi
265
[5526]266# Restore password and group files
[13645]267if [ -s /etc/passwd.local ] ; then
[14206]268        syncupdate -c /etc/passwd.new /etc/passwd.local /etc/passwd
[10741]269fi
[13645]270if [ -s /etc/shadow.local ] ; then
[14206]271        syncupdate -c /etc/shadow.new /etc/shadow.local /etc/shadow
[10741]272fi
[13645]273if [ -s /etc/group.local ] ; then
[14206]274        syncupdate -c /etc/group.new /etc/group.local /etc/group
[10741]275fi
[5355]276
[10741]277if [ "$full" = true ]; then
278        # Reconfigure AFS state
279        if [ "$AFSCLIENT" != "false" ]; then
280                /etc/athena/config_afs > /dev/null 2>&1 &
281        fi
[16383]282        # If the encrypt file doesn't exist, disable AFS encryption.
[17192]283        # Don't do this on Irix because we're not running OpenAFS there.
284        if [ sgi != "$HOSTTYPE" ]; then
[16383]285                if  [ -f $afsconfig/encrypt ]; then
286                        /bin/athena/fs setcrypt on
287                else
288                        /bin/athena/fs setcrypt off
289                fi
290        fi
[4333]291fi
292
[10741]293# Punt any processes owned by users not in /etc/passwd.
[4333]294/etc/athena/cleanup -passwd
295
[10741]296if [ "$full" = true ]; then
[10876]297        # Remove session files.
298        for i in /var/athena/sessions/*; do
299                # Sanity check.
300                if [ -s $i ]; then
301                        logger -p user.notice "Non-empty session record $i"
302                fi
303                rm -f $i
[11057]304        done
[10876]305
[10741]306        # Detach all remote filesystems
307        /bin/athena/detach -O -h -n $quiet $dflags -a
[4333]308
[10741]309        # Now start activate again
310        /etc/athena/save_cluster_info
[4333]311
[10741]312        if [ -f /var/athena/clusterinfo.bsh ] ; then
313                . /var/athena/clusterinfo.bsh
[22075]314                # Set up /etc/noroot as appropriate.
315                if [ -n "$CLUSTER" ]; then
316                        touch /var/athena/iscluster
317                        echo "Use su to gain root access to cluster machines" \
318                                "or quickstations." > /etc/noroot
319                        chmod 644 /var/athena/iscluster /etc/noroot
320                else
321                        rm -f /var/athena/iscluster /etc/noroot
322                fi
[10741]323        elif [ "$RVDCLIENT" = true ]; then
324                echo "Can't determine system packs location."
[4333]325                exit 1
326        fi
327
[10741]328        if [ "$RVDCLIENT" = true ]; then
[14213]329                /bin/athena/attach $quiet -h -n -O $SYSLIB
[10741]330        fi
[4333]331
[10741]332        # Perform an update if appropriate
[14259]333        update_ws -a reactivate
[8529]334
[10741]335        if [ "$PUBLIC" = true -a -f /srvd/.rvdinfo ]; then
336                NEWVERS=`awk '{a=$5} END{print a}' /srvd/.rvdinfo`
337                if [ "$NEWVERS" = "$THISVERS" ]; then
[16623]338                        case "$HOSTTYPE" in
339                        sun4)
[20426]340                                /srvd/usr/athena/etc/verify-pkgs
[16623]341                                ;;
342                        *)
343                                /usr/athena/etc/track -q
344                                ;;
345                        esac
[10741]346                        cf=`cat /srvd/usr/athena/lib/update/configfiles`
347                        for i in $cf; do
348                                if [ -f /srvd$i ]; then
[14206]349                                        src=/srvd$i
[10741]350                                else
[14206]351                                        src=/os$i
[10741]352                                fi
[14206]353                                syncupdate -c $i.new $src $i
[10741]354                        done
[10830]355                        ps -e | awk '$4=="inetd" {print $1}' | xargs kill -HUP
[10741]356                fi
[14847]357        fi
[16918]358fi
359
360if [ "$PUBLIC" = true ]; then
[17446]361        rm -f /etc/athena/reactivate.local /etc/ssh_host_* /etc/ssh_random_seed
[16918]362        if [ -r /var/athena/sshd.pid ]; then
363                # public machines shouldn't be running an sshd
364                kill `cat /var/athena/sshd.pid`
[10643]365        fi
[17998]366        rm -rf /etc/athena/orbitrc
[19157]367        # Clean up Mozilla cache directories.
368        rm -rf /var/tmp/Mozilla-*
[10643]369fi
[4334]370
[11401]371if [ "$ACCESSON" = true -a -f /usr/athena/bin/access_on ]; then
372        /usr/athena/bin/access_on
373elif [ "$ACCESSON" != true -a -f /usr/athena/bin/access_off ]; then
[10741]374        /usr/athena/bin/access_off
375fi
[4333]376
[10741]377if [ "$full" = true ]; then
378        if [ -f /etc/athena/reactivate.local ]; then
379                /etc/athena/reactivate.local
380        fi
[15992]381        # Update our invocation count.
382        echo `expr $count + 1` > $countfile
[4333]383fi
384
385exit 0
Note: See TracBrowser for help on using the repository browser.