source: trunk/packs/maint/reactivate.sh @ 18029

Revision 18029, 8.5 KB checked in by ghudson, 22 years ago (diff)
Add a new config file /etc/athena/local-lockers.conf, to be used by /etc/athena/local-lockers. Don't touch it once it's installed, except on public machines.
Line 
1#!/bin/sh
2# Script to bounce the packs on an Athena workstation
3#
4# $Id: reactivate.sh,v 1.72 2002-11-11 22:18:28 ghudson Exp $
5
6# Ignore various terminating signals.
7trap "" HUP INT QUIT PIPE ALRM TERM USR1 USR2
8
9PATH=/bin:/etc/athena:/bin/athena:/usr/bin:/usr/sbin:/usr/ucb:/usr/bsd:/sbin; export PATH
10HOSTTYPE=`/bin/athena/machtype`; export HOSTTYPE
11
12pidfile=/var/athena/reactivate.pid
13countfile=/var/athena/reactivate.count
14nologin=/etc/nologin
15made_nologin=false
16afsconfig=/afs/athena.mit.edu/system/config/afs
17
18umask 22
19. /etc/athena/rc.conf
20
21# Quit now if in the middle of an update.
22if [ -f /var/athena/update.running ]; then
23        # In an update, quit now.
24        echo "reactivate: This workstation is in the middle of an update."
25        exit 1
26fi
27
28if [ "$1" = -prelogin ]; then
29        if [ "$PUBLIC" = "false" ]; then
30                exit 0;
31        fi
32        echo "Cleaning up..." >> /dev/console
33        full=false
34else
35        full=true
36fi
37
38# Quit now if another reactivate process is running.
39if [ -s $pidfile ]; then
40        pid=`cat $pidfile 2>/dev/null`
41        if [ -n "$pid" -a "$pid" -ne 0 ]; then
42                kill -0 $pid 2>/dev/null
43                if [ $? -eq 0 ]; then
44                        echo "Another reactivate process is running ($pid)."
45                        exit 0
46                fi
47        fi
48fi
49
50echo $$ > $pidfile
51
52# Define a function to clean up at exit.
53# We want to ensure that we don't leave logins disabled.
54# This function also removes our pid file.
55# (Note that terminating signals are ignored, above).
56cleanexit()
57{
58        if [ true = "${made_nologin}" ]; then
59                rm -f $nologin
60        fi
61        rm -f $pidfile
62}
63
64trap cleanexit EXIT
65
66# See if anyone is logged in.  We check for stale utmp entries, by
67# doing a kill -0 on the session leader's pid.
68# The Linux who does not give the pid, so we must use ps to figure
69# it out.
70if [ "$full" = true ]; then
71        if [ linux = "$HOSTTYPE" ]; then
72                pids=
73                # Use w instead of who, since it ignores stale utmp entries.
74                for tty in `w -h -s | awk '{ print $2; }'` ; do
75                        pids="$pids `ps --no-heading -j -t $tty 2>/dev/null | \
76                                awk '($1 == $3) { print $1; }'`"
77                done
78        else
79                pids=`who -u | awk '{ print $7; }'`
80        fi
81
82        # If any session leader pid is current, quit now.  Ignore dm
83        # (which is the session leader on the console tty), in case of
84        # a stale utmp entry from a console login.
85        dmpid=`cat /var/athena/dm.pid 2>/dev/null`
86        for pid in $pids ; do
87                if [ "$pid" != "$dmpid" ]; then
88                        kill -0 $pid 2>/dev/null
89                        if [ $? -eq 0 ]; then
90                                rm -f $countfile
91                                exit 0
92                        fi
93                fi
94        done
95
96        # Check for valid Athena session records; these get created for
97        # remote shells, etc., which may not have an associated utmp entry.
98        # Quit if any are found.
99
100        # We need to use nawk on Solaris in parsing the sessions file below.
101        case "$HOSTTYPE" in
102        sun4)
103                awk=nawk
104                ;;
105        *)
106                awk=awk
107                ;;
108        esac
109
110        for i in /var/athena/sessions/* ; do
111                if [ -s $i ]; then
112                        for pid in `                                    \
113                          $awk -F : '                                   \
114                            FNR == 5                                    \
115                            {                                           \
116                                for (i = 1; i <= NF; i++)               \
117                                    if (int($i) != 0)                   \
118                                        print $i;                       \
119                            }' $i` ; do
120                                kill -0 $pid 2>/dev/null
121                                if [ $? -eq 0 ]; then
122                                        rm -f $countfile
123                                        exit 0
124                                fi
125                        done
126                fi
127        done
128
129        local-menus
130fi
131
132# There are no current logins or sessions, so proceed.  We disable
133# logins for the duration, by creating /etc/nologin, unless it
134# already exists.
135if [ ! -f $nologin ]; then
136        made_nologin=true
137        echo "Workstation is reactivating." > $nologin
138fi
139
140# Usage: nuke directoryname
141# Do the equivalent of rm -rf directoryname/*, except using saferm.
142nuke()
143{
144        (
145                cd $1
146                if [ $? -eq 0 ]; then
147                        find * ! -type d -exec saferm {} \;
148                        find * -depth -type d -exec rmdir {} \;
149                fi
150        )
151}
152
153if [ -f /var/athena/clusterinfo.bsh ] ; then
154        . /var/athena/clusterinfo.bsh
155fi
156
157# Determine where the config files live
158THISVERS=`awk '{a=$5} END{print a}' /etc/athena/version`
159if [ "$HOSTTYPE" = linux -a -n "$SYSPREFIX" ]; then
160        config=$SYSPREFIX/config/$THISVERS
161else
162        config=/srvd
163fi
164
165# We don't want to detach all filesystems on every invocation, so
166# we keep a count file, and only detach all every tenth invocation,
167# or when the -detach option is specified.
168count=`cat $countfile 2>/dev/null`
169if [ -z "$count" ]; then
170        count=0
171fi
172if [ "$1" = -detach -o `expr $count % 10` -eq 0 ]; then
173        dflags=""
174else
175        dflags="-clean"
176fi
177
178if [ ! -t 0 ]; then
179        quiet=-q
180else
181        echo "Reactivating workstation..."
182        quiet=""
183fi
184
185# Flush all NFS uid mappings
186/bin/athena/fsid $quiet -p -a
187
188# Tell the Zephyr hostmanager to reset state
189if [ -f /var/athena/zhm.pid -a "$ZCLIENT" = true ] ; then
190        /bin/kill -HUP `/bin/cat /var/athena/zhm.pid`
191fi
192
193# Zero any ticket files in /tmp that may have escaped other methods
194# of destruction, before we clear /tmp. We must cd there since saferm
195# will not follow symbolic links.
196(cd /tmp; saferm -z tkt* krb5cc*) > /dev/null 2>&1
197
198# Clean up occasional leavings of emacs and esd.
199rm -rf /var/tmp/!!!SuperLock!!! /tmp/.esd
200
201# Remove utmp and wtmp so Solaris doesn't complain.
202if [ sun4 = "$HOSTTYPE" ]; then
203        rm -rf /var/adm/utmp /var/adm/wtmp
204fi
205
206# Clean up socket files left by sawfish.
207rm -rf /tmp/.sawfish-*
208
209if [ "$full" = true ]; then
210        # Clean temporary areas (including temporary home directories)
211        if [ "$PUBLIC" = true ]; then
212                if [ sun4 = "$HOSTTYPE" -a -f /tmp/ps_data ]; then
213                        cp -p /tmp/ps_data /var/athena/ps_data
214                        nuke /tmp > /dev/null 2>&1
215                        cp -p /var/athena/ps_data /tmp/ps_data
216                        rm -f /var/athena/ps_data
217                else
218                        nuke /tmp > /dev/null 2>&1
219                fi
220        fi
221        nuke /var/athena/tmphomedir > /dev/null 2>&1
222fi
223
224# Copy in a few config files
225if [ "$PUBLIC" = true ]; then
226        if [ -r $config/etc/passwd ]; then
227                syncupdate -c /etc/passwd.local.new $config/etc/passwd \
228                        /etc/passwd.local
229        fi
230        if [ -r $config/etc/shadow ]; then
231                syncupdate -c /etc/shadow.local.new $config/etc/shadow \
232                        /etc/shadow.local
233        fi
234        if [ -r $config/etc/group ]; then
235                syncupdate -c /etc/group.local.new $config/etc/group \
236                        /etc/group.local
237        fi
238        rm -rf /etc/athena/access >/dev/null 2>&1
239        cp -p $config/etc/athena/athinfo.access /etc/athena
240        cp -p $config/etc/athena/local-lockers.conf /etc/athena
241fi
242
243# Restore password and group files
244if [ -s /etc/passwd.local ] ; then
245        syncupdate -c /etc/passwd.new /etc/passwd.local /etc/passwd
246fi
247if [ -s /etc/shadow.local ] ; then
248        syncupdate -c /etc/shadow.new /etc/shadow.local /etc/shadow
249fi
250if [ -s /etc/group.local ] ; then
251        syncupdate -c /etc/group.new /etc/group.local /etc/group
252fi
253
254if [ "$full" = true ]; then
255        # Reconfigure AFS state
256        if [ "$AFSCLIENT" != "false" ]; then
257                /etc/athena/config_afs > /dev/null 2>&1 &
258        fi
259        # If the encrypt file doesn't exist, disable AFS encryption.
260        # Don't do this on Irix because we're not running OpenAFS there.
261        if [ sgi != "$HOSTTYPE" ]; then
262                if  [ -f $afsconfig/encrypt ]; then
263                        /bin/athena/fs setcrypt on
264                else
265                        /bin/athena/fs setcrypt off
266                fi
267        fi
268fi
269
270# Punt any processes owned by users not in /etc/passwd.
271/etc/athena/cleanup -passwd
272
273if [ "$full" = true ]; then
274        # Remove session files.
275        for i in /var/athena/sessions/*; do
276                # Sanity check.
277                if [ -s $i ]; then
278                        logger -p user.notice "Non-empty session record $i"
279                fi
280                rm -f $i
281        done
282
283        # Detach all remote filesystems
284        /bin/athena/detach -O -h -n $quiet $dflags -a
285
286        # Now start activate again
287        /etc/athena/save_cluster_info
288
289        if [ -f /var/athena/clusterinfo.bsh ] ; then
290                . /var/athena/clusterinfo.bsh
291        elif [ "$RVDCLIENT" = true ]; then
292                echo "Can't determine system packs location."
293                exit 1
294        fi
295
296        if [ "$RVDCLIENT" = true ]; then
297                /bin/athena/attach $quiet -h -n -O $SYSLIB
298        fi
299
300        # Perform an update if appropriate
301        update_ws -a reactivate
302
303        if [ "$PUBLIC" = true -a -f /srvd/.rvdinfo ]; then
304                NEWVERS=`awk '{a=$5} END{print a}' /srvd/.rvdinfo`
305                if [ "$NEWVERS" = "$THISVERS" ]; then
306                        case "$HOSTTYPE" in
307                        sun4)
308                                /srvd/usr/athena/lib/update/track-srvd
309                                ;;
310                        *)
311                                /usr/athena/etc/track -q
312                                ;;
313                        esac
314                        cf=`cat /srvd/usr/athena/lib/update/configfiles`
315                        for i in $cf; do
316                                if [ -f /srvd$i ]; then
317                                        src=/srvd$i
318                                else
319                                        src=/os$i
320                                fi
321                                syncupdate -c $i.new $src $i
322                        done
323                        ps -e | awk '$4=="inetd" {print $1}' | xargs kill -HUP
324                fi
325        fi
326fi
327
328if [ "$PUBLIC" = true ]; then
329        rm -f /etc/athena/reactivate.local /etc/ssh_host_* /etc/ssh_random_seed
330        if [ -r /var/athena/sshd.pid ]; then
331                # public machines shouldn't be running an sshd
332                kill `cat /var/athena/sshd.pid`
333        fi
334        rm -rf /etc/athena/orbitrc
335fi
336
337if [ "$ACCESSON" = true -a -f /usr/athena/bin/access_on ]; then
338        /usr/athena/bin/access_on
339elif [ "$ACCESSON" != true -a -f /usr/athena/bin/access_off ]; then
340        /usr/athena/bin/access_off
341fi
342
343if [ "$full" = true ]; then
344        if [ -f /etc/athena/reactivate.local ]; then
345                /etc/athena/reactivate.local
346        fi
347        # Update our invocation count.
348        echo `expr $count + 1` > $countfile
349fi
350
351exit 0
Note: See TracBrowser for help on using the repository browser.