source: trunk/packs/maint/reactivate.sh @ 22075

Revision 22075, 9.6 KB checked in by ghudson, 19 years ago (diff)
Set up /etc/noroot here, as well as at boot time, so that changes in Hesiod are reflected in a timely fashion.
Line 
1#!/bin/sh
2# Script to bounce the packs on an Athena workstation
3#
4# $Id: reactivate.sh,v 1.80 2005-07-07 15:19:02 ghudson Exp $
5
6# Ignore various terminating signals.
7trap "" HUP INT QUIT PIPE ALRM TERM USR1 USR2
8
9PATH=/bin:/etc/athena:/bin/athena:/usr/bin:/usr/sbin:/usr/ucb:/usr/bsd:/sbin; export PATH
10HOSTTYPE=`/bin/athena/machtype`; export HOSTTYPE
11
12pidfile=/var/athena/reactivate.pid
13countfile=/var/athena/reactivate.count
14nologin=/etc/nologin
15made_nologin=false
16afsconfig=/afs/athena.mit.edu/system/config/afs
17
18umask 22
19. /etc/athena/rc.conf
20
21# Quit now if in the middle of an update.
22if [ -f /var/athena/update.running ]; then
23        # In an update, quit now.
24        echo "reactivate: This workstation is in the middle of an update."
25        exit 1
26fi
27
28if [ "$1" = -prelogin ]; then
29        echo "Cleaning up..." >> /dev/console
30        full=false
31else
32        full=true
33fi
34
35# Quit now if another reactivate process is running.
36if [ -s $pidfile ]; then
37        pid=`cat $pidfile 2>/dev/null`
38        if [ -n "$pid" -a "$pid" -ne 0 ]; then
39                kill -0 $pid 2>/dev/null
40                if [ $? -eq 0 ]; then
41                        echo "Another reactivate process is running ($pid)."
42                        exit 0
43                fi
44        fi
45fi
46
47echo $$ > $pidfile
48
49# Define a function to clean up at exit.
50# We want to ensure that we don't leave logins disabled.
51# This function also removes our pid file.
52# (Note that terminating signals are ignored, above).
53cleanexit()
54{
55        if [ true = "${made_nologin}" ]; then
56                rm -f $nologin
57        fi
58        rm -f $pidfile
59}
60
61trap cleanexit EXIT
62
63# See if anyone is logged in.  We check for stale utmp entries, by
64# doing a kill -0 on the session leader's pid.
65# The Linux who does not give the pid, so we must use ps to figure
66# it out.
67if [ "$full" = true ]; then
68        if [ linux = "$HOSTTYPE" ]; then
69                pids=
70                # Use w instead of who, since it ignores stale utmp entries.
71                for tty in `w -h -s | awk '{ print $2; }'` ; do
72                        pids="$pids `ps --no-heading -j -t $tty 2>/dev/null | \
73                                awk '($1 == $3) { print $1; }'`"
74                done
75        else
76                pids=`who -u | awk '{ print $7; }'`
77        fi
78
79        # If any session leader pid is current, quit now.  Ignore dm
80        # (which is the session leader on the console tty), in case of
81        # a stale utmp entry from a console login.
82        dmpid=`cat /var/athena/dm.pid 2>/dev/null`
83        for pid in $pids ; do
84                if [ "$pid" != "$dmpid" ]; then
85                        kill -0 $pid 2>/dev/null
86                        if [ $? -eq 0 ]; then
87                                rm -f $countfile
88                                exit 0
89                        fi
90                fi
91        done
92
93        # Also quit if there are screen processes running.
94        if [ false = "$PUBLIC" ] && pgrep '^screen' > /dev/null; then
95                exit 0
96        fi
97
98        # Check for valid Athena session records; these get created for
99        # remote shells, etc., which may not have an associated utmp entry.
100        # Quit if any are found.
101
102        # We need to use nawk on Solaris in parsing the sessions file below.
103        case "$HOSTTYPE" in
104        sun4)
105                awk=nawk
106                ;;
107        *)
108                awk=awk
109                ;;
110        esac
111
112        for i in /var/athena/sessions/* ; do
113                if [ -s $i ]; then
114                        for pid in `                                    \
115                          $awk -F : '                                   \
116                            FNR == 5                                    \
117                            {                                           \
118                                for (i = 1; i <= NF; i++)               \
119                                    if (int($i) != 0)                   \
120                                        print $i;                       \
121                            }' $i` ; do
122                                kill -0 $pid 2>/dev/null
123                                if [ $? -eq 0 ]; then
124                                        rm -f $countfile
125                                        exit 0
126                                fi
127                        done
128                fi
129        done
130
131        local-menus
132fi
133
134# There are no current logins or sessions, so proceed.  We disable
135# logins for the duration, by creating /etc/nologin, unless it
136# already exists.
137if [ ! -f $nologin ]; then
138        made_nologin=true
139        echo "Workstation is reactivating." > $nologin
140fi
141
142# Usage: nuke directoryname
143# Do the equivalent of rm -rf directoryname/*, except using saferm.
144nuke()
145{
146        (
147                cd $1
148                if [ $? -eq 0 ]; then
149                        find * ! -type d -exec saferm {} \;
150                        find * -depth -type d -exec rmdir {} \;
151                fi
152        )
153}
154
155# Begin section for actions to be performed in all cases, including
156# for a private machine during prelogin.
157
158# Remove any mozilla component and chrome registries, created if
159# mozilla is run as root.  The resulting component registry may
160# be corrupted, preventing mozilla from starting subsequently.
161# See http://bugzilla.mozilla.org/show_bug.cgi?id=197516
162rm -rf /usr/athena/lib/mozilla/components/compreg.dat
163rm -rf /usr/athena/lib/mozilla/components/xpti.dat
164rm -rf /usr/athena/lib/mozilla/chrome/chrome.rdf
165rm -rf /usr/athena/lib/mozilla/chrome/overlayinfo
166
167# End section for actions to be performed in all cases.
168
169if [ "$PUBLIC" = false -a "$full" = false ]; then
170        exit 0
171fi
172
173if [ -f /var/athena/clusterinfo.bsh ] ; then
174        . /var/athena/clusterinfo.bsh
175fi
176
177# Determine where the config files live
178THISVERS=`awk '{a=$5} END{print a}' /etc/athena/version`
179if [ "$HOSTTYPE" = linux -a -n "$SYSPREFIX" ]; then
180        config=$SYSPREFIX/config/$THISVERS
181        pwconfig=$config/etc
182else
183        config=/srvd
184        pwconfig=/afs/athena.mit.edu/system/config/passwd/`machtype -S`
185fi
186
187# We don't want to detach all filesystems on every invocation, so
188# we keep a count file, and only detach all every tenth invocation,
189# or when the -detach option is specified.
190count=`cat $countfile 2>/dev/null`
191if [ -z "$count" ]; then
192        count=0
193fi
194if [ "$1" = -detach -o `expr $count % 10` -eq 0 ]; then
195        dflags=""
196else
197        dflags="-clean"
198fi
199
200if [ ! -t 0 ]; then
201        quiet=-q
202else
203        echo "Reactivating workstation..."
204        quiet=""
205fi
206
207# Flush all NFS uid mappings
208/bin/athena/fsid $quiet -p -a
209
210# Tell the Zephyr hostmanager to reset state
211if [ -f /var/athena/zhm.pid -a "$ZCLIENT" = true ] ; then
212        /bin/kill -HUP `/bin/cat /var/athena/zhm.pid`
213fi
214
215# Zero any ticket files in /tmp that may have escaped other methods
216# of destruction, before we clear /tmp. We must cd there since saferm
217# will not follow symbolic links.
218(cd /tmp; saferm -z tkt* krb5cc*) > /dev/null 2>&1
219
220# Clean up occasional leavings of emacs and esd.
221rm -rf /var/tmp/!!!SuperLock!!! /tmp/.esd
222
223# Remove utmp and wtmp so Solaris doesn't complain.
224if [ sun4 = "$HOSTTYPE" ]; then
225        rm -rf /var/adm/utmp /var/adm/wtmp
226fi
227
228# Clean up socket files left by sawfish.
229rm -rf /tmp/.sawfish-*
230
231# Clean up per-session temporary directories.
232rm -rf /tmp/session-*
233
234if [ "$full" = true ]; then
235        # Clean temporary areas (including temporary home directories)
236        if [ "$PUBLIC" = true ]; then
237                if [ sun4 = "$HOSTTYPE" -a -f /tmp/ps_data ]; then
238                        cp -p /tmp/ps_data /var/athena/ps_data
239                        nuke /tmp > /dev/null 2>&1
240                        cp -p /var/athena/ps_data /tmp/ps_data
241                        rm -f /var/athena/ps_data
242                else
243                        nuke /tmp > /dev/null 2>&1
244                fi
245        fi
246        nuke /var/athena/tmphomedir > /dev/null 2>&1
247fi
248
249# Copy in a few config files
250if [ "$PUBLIC" = true ]; then
251        if [ -d $pwconfig ]; then
252                syncupdate -c /etc/passwd.local.new $pwconfig/passwd \
253                        /etc/passwd.local
254                syncupdate -c /etc/shadow.local.new $pwconfig/shadow \
255                        /etc/shadow.local
256                syncupdate -c /etc/group.local.new $pwconfig/group \
257                        /etc/group.local
258        fi
259        if [ -d $config ]; then
260                cp $config/etc/athena/athinfo.access /etc/athena
261                cp $config/etc/athena/local-lockers.conf /etc/athena
262        fi
263        rm -rf /etc/athena/access >/dev/null 2>&1
264fi
265
266# Restore password and group files
267if [ -s /etc/passwd.local ] ; then
268        syncupdate -c /etc/passwd.new /etc/passwd.local /etc/passwd
269fi
270if [ -s /etc/shadow.local ] ; then
271        syncupdate -c /etc/shadow.new /etc/shadow.local /etc/shadow
272fi
273if [ -s /etc/group.local ] ; then
274        syncupdate -c /etc/group.new /etc/group.local /etc/group
275fi
276
277if [ "$full" = true ]; then
278        # Reconfigure AFS state
279        if [ "$AFSCLIENT" != "false" ]; then
280                /etc/athena/config_afs > /dev/null 2>&1 &
281        fi
282        # If the encrypt file doesn't exist, disable AFS encryption.
283        # Don't do this on Irix because we're not running OpenAFS there.
284        if [ sgi != "$HOSTTYPE" ]; then
285                if  [ -f $afsconfig/encrypt ]; then
286                        /bin/athena/fs setcrypt on
287                else
288                        /bin/athena/fs setcrypt off
289                fi
290        fi
291fi
292
293# Punt any processes owned by users not in /etc/passwd.
294/etc/athena/cleanup -passwd
295
296if [ "$full" = true ]; then
297        # Remove session files.
298        for i in /var/athena/sessions/*; do
299                # Sanity check.
300                if [ -s $i ]; then
301                        logger -p user.notice "Non-empty session record $i"
302                fi
303                rm -f $i
304        done
305
306        # Detach all remote filesystems
307        /bin/athena/detach -O -h -n $quiet $dflags -a
308
309        # Now start activate again
310        /etc/athena/save_cluster_info
311
312        if [ -f /var/athena/clusterinfo.bsh ] ; then
313                . /var/athena/clusterinfo.bsh
314                # Set up /etc/noroot as appropriate.
315                if [ -n "$CLUSTER" ]; then
316                        touch /var/athena/iscluster
317                        echo "Use su to gain root access to cluster machines" \
318                                "or quickstations." > /etc/noroot
319                        chmod 644 /var/athena/iscluster /etc/noroot
320                else
321                        rm -f /var/athena/iscluster /etc/noroot
322                fi
323        elif [ "$RVDCLIENT" = true ]; then
324                echo "Can't determine system packs location."
325                exit 1
326        fi
327
328        if [ "$RVDCLIENT" = true ]; then
329                /bin/athena/attach $quiet -h -n -O $SYSLIB
330        fi
331
332        # Perform an update if appropriate
333        update_ws -a reactivate
334
335        if [ "$PUBLIC" = true -a -f /srvd/.rvdinfo ]; then
336                NEWVERS=`awk '{a=$5} END{print a}' /srvd/.rvdinfo`
337                if [ "$NEWVERS" = "$THISVERS" ]; then
338                        case "$HOSTTYPE" in
339                        sun4)
340                                /srvd/usr/athena/etc/verify-pkgs
341                                ;;
342                        *)
343                                /usr/athena/etc/track -q
344                                ;;
345                        esac
346                        cf=`cat /srvd/usr/athena/lib/update/configfiles`
347                        for i in $cf; do
348                                if [ -f /srvd$i ]; then
349                                        src=/srvd$i
350                                else
351                                        src=/os$i
352                                fi
353                                syncupdate -c $i.new $src $i
354                        done
355                        ps -e | awk '$4=="inetd" {print $1}' | xargs kill -HUP
356                fi
357        fi
358fi
359
360if [ "$PUBLIC" = true ]; then
361        rm -f /etc/athena/reactivate.local /etc/ssh_host_* /etc/ssh_random_seed
362        if [ -r /var/athena/sshd.pid ]; then
363                # public machines shouldn't be running an sshd
364                kill `cat /var/athena/sshd.pid`
365        fi
366        rm -rf /etc/athena/orbitrc
367        # Clean up Mozilla cache directories.
368        rm -rf /var/tmp/Mozilla-*
369fi
370
371if [ "$ACCESSON" = true -a -f /usr/athena/bin/access_on ]; then
372        /usr/athena/bin/access_on
373elif [ "$ACCESSON" != true -a -f /usr/athena/bin/access_off ]; then
374        /usr/athena/bin/access_off
375fi
376
377if [ "$full" = true ]; then
378        if [ -f /etc/athena/reactivate.local ]; then
379                /etc/athena/reactivate.local
380        fi
381        # Update our invocation count.
382        echo `expr $count + 1` > $countfile
383fi
384
385exit 0
Note: See TracBrowser for help on using the repository browser.