1 | #!/bin/sh |
---|
2 | # Script to bounce the packs on an Athena workstation |
---|
3 | # |
---|
4 | # $Id: reactivate.sh,v 1.81 2007-02-02 22:07:18 rbasch Exp $ |
---|
5 | |
---|
6 | # Ignore various terminating signals. |
---|
7 | trap "" HUP INT QUIT PIPE ALRM TERM USR1 USR2 |
---|
8 | |
---|
9 | PATH=/bin:/etc/athena:/bin/athena:/usr/bin:/usr/sbin:/usr/ucb:/usr/bsd:/sbin; export PATH |
---|
10 | HOSTTYPE=`/bin/athena/machtype`; export HOSTTYPE |
---|
11 | |
---|
12 | pidfile=/var/athena/reactivate.pid |
---|
13 | countfile=/var/athena/reactivate.count |
---|
14 | nologin=/etc/nologin |
---|
15 | made_nologin=false |
---|
16 | afsconfig=/afs/athena.mit.edu/system/config/afs |
---|
17 | |
---|
18 | umask 22 |
---|
19 | . /etc/athena/rc.conf |
---|
20 | |
---|
21 | case "$HOSTTYPE" in |
---|
22 | sun4) |
---|
23 | # Quit now if the multi-user milestone has not been reached, |
---|
24 | # i.e. we have not completed booting. |
---|
25 | multi_user=`svcs -H -o state /milestone/multi-user 2>/dev/null` |
---|
26 | if [ -n "$multi_user" -a "$multi_user" != online ]; then |
---|
27 | exit 0 |
---|
28 | fi |
---|
29 | ;; |
---|
30 | esac |
---|
31 | |
---|
32 | # Quit now if in the middle of an update. |
---|
33 | if [ -f /var/athena/update.running ]; then |
---|
34 | # In an update, quit now. |
---|
35 | echo "reactivate: This workstation is in the middle of an update." |
---|
36 | exit 1 |
---|
37 | fi |
---|
38 | |
---|
39 | if [ "$1" = -prelogin ]; then |
---|
40 | echo "Cleaning up..." >> /dev/console |
---|
41 | full=false |
---|
42 | else |
---|
43 | full=true |
---|
44 | fi |
---|
45 | |
---|
46 | # Quit now if another reactivate process is running. |
---|
47 | if [ -s $pidfile ]; then |
---|
48 | pid=`cat $pidfile 2>/dev/null` |
---|
49 | if [ -n "$pid" -a "$pid" -ne 0 ]; then |
---|
50 | kill -0 $pid 2>/dev/null |
---|
51 | if [ $? -eq 0 ]; then |
---|
52 | echo "Another reactivate process is running ($pid)." |
---|
53 | exit 0 |
---|
54 | fi |
---|
55 | fi |
---|
56 | fi |
---|
57 | |
---|
58 | echo $$ > $pidfile |
---|
59 | |
---|
60 | # Define a function to clean up at exit. |
---|
61 | # We want to ensure that we don't leave logins disabled. |
---|
62 | # This function also removes our pid file. |
---|
63 | # (Note that terminating signals are ignored, above). |
---|
64 | cleanexit() |
---|
65 | { |
---|
66 | if [ true = "${made_nologin}" ]; then |
---|
67 | rm -f $nologin |
---|
68 | fi |
---|
69 | rm -f $pidfile |
---|
70 | } |
---|
71 | |
---|
72 | trap cleanexit EXIT |
---|
73 | |
---|
74 | # See if anyone is logged in. We check for stale utmp entries, by |
---|
75 | # doing a kill -0 on the session leader's pid. |
---|
76 | # The Linux who does not give the pid, so we must use ps to figure |
---|
77 | # it out. |
---|
78 | if [ "$full" = true ]; then |
---|
79 | if [ linux = "$HOSTTYPE" ]; then |
---|
80 | pids= |
---|
81 | # Use w instead of who, since it ignores stale utmp entries. |
---|
82 | for tty in `w -h -s | awk '{ print $2; }'` ; do |
---|
83 | pids="$pids `ps --no-heading -j -t $tty 2>/dev/null | \ |
---|
84 | awk '($1 == $3) { print $1; }'`" |
---|
85 | done |
---|
86 | else |
---|
87 | pids=`who -u | awk '{ print $7; }'` |
---|
88 | fi |
---|
89 | |
---|
90 | # If any session leader pid is current, quit now. Ignore dm |
---|
91 | # (which is the session leader on the console tty), in case of |
---|
92 | # a stale utmp entry from a console login. |
---|
93 | dmpid=`cat /var/athena/dm.pid 2>/dev/null` |
---|
94 | for pid in $pids ; do |
---|
95 | if [ "$pid" != "$dmpid" ]; then |
---|
96 | kill -0 $pid 2>/dev/null |
---|
97 | if [ $? -eq 0 ]; then |
---|
98 | rm -f $countfile |
---|
99 | exit 0 |
---|
100 | fi |
---|
101 | fi |
---|
102 | done |
---|
103 | |
---|
104 | # Also quit if there are screen processes running. |
---|
105 | if [ false = "$PUBLIC" ] && pgrep '^screen' > /dev/null; then |
---|
106 | exit 0 |
---|
107 | fi |
---|
108 | |
---|
109 | # Check for valid Athena session records; these get created for |
---|
110 | # remote shells, etc., which may not have an associated utmp entry. |
---|
111 | # Quit if any are found. |
---|
112 | |
---|
113 | # We need to use nawk on Solaris in parsing the sessions file below. |
---|
114 | case "$HOSTTYPE" in |
---|
115 | sun4) |
---|
116 | awk=nawk |
---|
117 | ;; |
---|
118 | *) |
---|
119 | awk=awk |
---|
120 | ;; |
---|
121 | esac |
---|
122 | |
---|
123 | for i in /var/athena/sessions/* ; do |
---|
124 | if [ -s $i ]; then |
---|
125 | for pid in ` \ |
---|
126 | $awk -F : ' \ |
---|
127 | FNR == 5 \ |
---|
128 | { \ |
---|
129 | for (i = 1; i <= NF; i++) \ |
---|
130 | if (int($i) != 0) \ |
---|
131 | print $i; \ |
---|
132 | }' $i` ; do |
---|
133 | kill -0 $pid 2>/dev/null |
---|
134 | if [ $? -eq 0 ]; then |
---|
135 | rm -f $countfile |
---|
136 | exit 0 |
---|
137 | fi |
---|
138 | done |
---|
139 | fi |
---|
140 | done |
---|
141 | |
---|
142 | local-menus |
---|
143 | fi |
---|
144 | |
---|
145 | # There are no current logins or sessions, so proceed. We disable |
---|
146 | # logins for the duration, by creating /etc/nologin, unless it |
---|
147 | # already exists. |
---|
148 | if [ ! -f $nologin ]; then |
---|
149 | made_nologin=true |
---|
150 | echo "Workstation is reactivating." > $nologin |
---|
151 | fi |
---|
152 | |
---|
153 | # Usage: nuke directoryname |
---|
154 | # Do the equivalent of rm -rf directoryname/*, except using saferm. |
---|
155 | nuke() |
---|
156 | { |
---|
157 | ( |
---|
158 | cd $1 |
---|
159 | if [ $? -eq 0 ]; then |
---|
160 | find * ! -type d -exec saferm {} \; |
---|
161 | find * -depth -type d -exec rmdir {} \; |
---|
162 | fi |
---|
163 | ) |
---|
164 | } |
---|
165 | |
---|
166 | # Begin section for actions to be performed in all cases, including |
---|
167 | # for a private machine during prelogin. |
---|
168 | |
---|
169 | # Remove any mozilla component and chrome registries, created if |
---|
170 | # mozilla is run as root. The resulting component registry may |
---|
171 | # be corrupted, preventing mozilla from starting subsequently. |
---|
172 | # See http://bugzilla.mozilla.org/show_bug.cgi?id=197516 |
---|
173 | rm -rf /usr/athena/lib/mozilla/components/compreg.dat |
---|
174 | rm -rf /usr/athena/lib/mozilla/components/xpti.dat |
---|
175 | rm -rf /usr/athena/lib/mozilla/chrome/chrome.rdf |
---|
176 | rm -rf /usr/athena/lib/mozilla/chrome/overlayinfo |
---|
177 | |
---|
178 | # End section for actions to be performed in all cases. |
---|
179 | |
---|
180 | if [ "$PUBLIC" = false -a "$full" = false ]; then |
---|
181 | exit 0 |
---|
182 | fi |
---|
183 | |
---|
184 | if [ -f /var/athena/clusterinfo.bsh ] ; then |
---|
185 | . /var/athena/clusterinfo.bsh |
---|
186 | fi |
---|
187 | |
---|
188 | # Determine where the config files live |
---|
189 | THISVERS=`awk '{a=$5} END{print a}' /etc/athena/version` |
---|
190 | if [ "$HOSTTYPE" = linux -a -n "$SYSPREFIX" ]; then |
---|
191 | config=$SYSPREFIX/config/$THISVERS |
---|
192 | pwconfig=$config/etc |
---|
193 | else |
---|
194 | config=/srvd |
---|
195 | pwconfig=/afs/athena.mit.edu/system/config/passwd/`machtype -S` |
---|
196 | fi |
---|
197 | |
---|
198 | # We don't want to detach all filesystems on every invocation, so |
---|
199 | # we keep a count file, and only detach all every tenth invocation, |
---|
200 | # or when the -detach option is specified. |
---|
201 | count=`cat $countfile 2>/dev/null` |
---|
202 | if [ -z "$count" ]; then |
---|
203 | count=0 |
---|
204 | fi |
---|
205 | if [ "$1" = -detach -o `expr $count % 10` -eq 0 ]; then |
---|
206 | dflags="" |
---|
207 | else |
---|
208 | dflags="-clean" |
---|
209 | fi |
---|
210 | |
---|
211 | if [ ! -t 0 ]; then |
---|
212 | quiet=-q |
---|
213 | else |
---|
214 | echo "Reactivating workstation..." |
---|
215 | quiet="" |
---|
216 | fi |
---|
217 | |
---|
218 | # Flush all NFS uid mappings |
---|
219 | /bin/athena/fsid $quiet -p -a |
---|
220 | |
---|
221 | # Tell the Zephyr hostmanager to reset state |
---|
222 | if [ -f /var/athena/zhm.pid -a "$ZCLIENT" = true ] ; then |
---|
223 | /bin/kill -HUP `/bin/cat /var/athena/zhm.pid` |
---|
224 | fi |
---|
225 | |
---|
226 | # Zero any ticket files in /tmp that may have escaped other methods |
---|
227 | # of destruction, before we clear /tmp. We must cd there since saferm |
---|
228 | # will not follow symbolic links. |
---|
229 | (cd /tmp; saferm -z tkt* krb5cc*) > /dev/null 2>&1 |
---|
230 | |
---|
231 | # Clean up occasional leavings of emacs and esd. |
---|
232 | rm -rf /var/tmp/!!!SuperLock!!! /tmp/.esd |
---|
233 | |
---|
234 | # Remove utmp and wtmp so Solaris doesn't complain. |
---|
235 | if [ sun4 = "$HOSTTYPE" ]; then |
---|
236 | rm -rf /var/adm/utmp /var/adm/wtmp |
---|
237 | fi |
---|
238 | |
---|
239 | # Clean up socket files left by sawfish. |
---|
240 | rm -rf /tmp/.sawfish-* |
---|
241 | |
---|
242 | # Clean up per-session temporary directories. |
---|
243 | rm -rf /tmp/session-* |
---|
244 | |
---|
245 | if [ "$full" = true ]; then |
---|
246 | # Clean temporary areas (including temporary home directories) |
---|
247 | if [ "$PUBLIC" = true ]; then |
---|
248 | if [ sun4 = "$HOSTTYPE" -a -f /tmp/ps_data ]; then |
---|
249 | cp -p /tmp/ps_data /var/athena/ps_data |
---|
250 | nuke /tmp > /dev/null 2>&1 |
---|
251 | cp -p /var/athena/ps_data /tmp/ps_data |
---|
252 | rm -f /var/athena/ps_data |
---|
253 | else |
---|
254 | nuke /tmp > /dev/null 2>&1 |
---|
255 | fi |
---|
256 | fi |
---|
257 | nuke /var/athena/tmphomedir > /dev/null 2>&1 |
---|
258 | fi |
---|
259 | |
---|
260 | # Copy in a few config files |
---|
261 | if [ "$PUBLIC" = true ]; then |
---|
262 | if [ -d $pwconfig ]; then |
---|
263 | syncupdate -c /etc/passwd.local.new $pwconfig/passwd \ |
---|
264 | /etc/passwd.local |
---|
265 | syncupdate -c /etc/shadow.local.new $pwconfig/shadow \ |
---|
266 | /etc/shadow.local |
---|
267 | syncupdate -c /etc/group.local.new $pwconfig/group \ |
---|
268 | /etc/group.local |
---|
269 | fi |
---|
270 | if [ -d $config ]; then |
---|
271 | cp $config/etc/athena/athinfo.access /etc/athena |
---|
272 | cp $config/etc/athena/local-lockers.conf /etc/athena |
---|
273 | fi |
---|
274 | rm -rf /etc/athena/access >/dev/null 2>&1 |
---|
275 | fi |
---|
276 | |
---|
277 | # Restore password and group files |
---|
278 | if [ -s /etc/passwd.local ] ; then |
---|
279 | syncupdate -c /etc/passwd.new /etc/passwd.local /etc/passwd |
---|
280 | fi |
---|
281 | if [ -s /etc/shadow.local ] ; then |
---|
282 | syncupdate -c /etc/shadow.new /etc/shadow.local /etc/shadow |
---|
283 | fi |
---|
284 | if [ -s /etc/group.local ] ; then |
---|
285 | syncupdate -c /etc/group.new /etc/group.local /etc/group |
---|
286 | fi |
---|
287 | |
---|
288 | if [ "$full" = true ]; then |
---|
289 | # Reconfigure AFS state |
---|
290 | if [ "$AFSCLIENT" != "false" ]; then |
---|
291 | /etc/athena/config_afs > /dev/null 2>&1 & |
---|
292 | fi |
---|
293 | # If the encrypt file doesn't exist, disable AFS encryption. |
---|
294 | # Don't do this on Irix because we're not running OpenAFS there. |
---|
295 | if [ sgi != "$HOSTTYPE" ]; then |
---|
296 | if [ -f $afsconfig/encrypt ]; then |
---|
297 | /bin/athena/fs setcrypt on |
---|
298 | else |
---|
299 | /bin/athena/fs setcrypt off |
---|
300 | fi |
---|
301 | fi |
---|
302 | fi |
---|
303 | |
---|
304 | # Punt any processes owned by users not in /etc/passwd. |
---|
305 | /etc/athena/cleanup -passwd |
---|
306 | |
---|
307 | if [ "$full" = true ]; then |
---|
308 | # Remove session files. |
---|
309 | for i in /var/athena/sessions/*; do |
---|
310 | # Sanity check. |
---|
311 | if [ -s $i ]; then |
---|
312 | logger -p user.notice "Non-empty session record $i" |
---|
313 | fi |
---|
314 | rm -f $i |
---|
315 | done |
---|
316 | |
---|
317 | # Detach all remote filesystems |
---|
318 | /bin/athena/detach -O -h -n $quiet $dflags -a |
---|
319 | |
---|
320 | # Now start activate again |
---|
321 | /etc/athena/save_cluster_info |
---|
322 | |
---|
323 | if [ -f /var/athena/clusterinfo.bsh ] ; then |
---|
324 | . /var/athena/clusterinfo.bsh |
---|
325 | # Set up /etc/noroot as appropriate. |
---|
326 | if [ -n "$CLUSTER" ]; then |
---|
327 | touch /var/athena/iscluster |
---|
328 | echo "Use su to gain root access to cluster machines" \ |
---|
329 | "or quickstations." > /etc/noroot |
---|
330 | chmod 644 /var/athena/iscluster /etc/noroot |
---|
331 | else |
---|
332 | rm -f /var/athena/iscluster /etc/noroot |
---|
333 | fi |
---|
334 | elif [ "$RVDCLIENT" = true ]; then |
---|
335 | echo "Can't determine system packs location." |
---|
336 | exit 1 |
---|
337 | fi |
---|
338 | |
---|
339 | if [ "$RVDCLIENT" = true ]; then |
---|
340 | /bin/athena/attach $quiet -h -n -O $SYSLIB |
---|
341 | fi |
---|
342 | |
---|
343 | # Perform an update if appropriate |
---|
344 | update_ws -a reactivate |
---|
345 | |
---|
346 | if [ "$PUBLIC" = true -a -f /srvd/.rvdinfo ]; then |
---|
347 | NEWVERS=`awk '{a=$5} END{print a}' /srvd/.rvdinfo` |
---|
348 | if [ "$NEWVERS" = "$THISVERS" ]; then |
---|
349 | case "$HOSTTYPE" in |
---|
350 | sun4) |
---|
351 | /srvd/usr/athena/etc/verify-pkgs |
---|
352 | ;; |
---|
353 | *) |
---|
354 | /usr/athena/etc/track -q |
---|
355 | ;; |
---|
356 | esac |
---|
357 | cf=`cat /srvd/usr/athena/lib/update/configfiles` |
---|
358 | for i in $cf; do |
---|
359 | if [ -f /srvd$i ]; then |
---|
360 | src=/srvd$i |
---|
361 | else |
---|
362 | src=/os$i |
---|
363 | fi |
---|
364 | syncupdate -c $i.new $src $i |
---|
365 | done |
---|
366 | ps -e | awk '$4=="inetd" {print $1}' | xargs kill -HUP |
---|
367 | fi |
---|
368 | fi |
---|
369 | fi |
---|
370 | |
---|
371 | if [ "$PUBLIC" = true ]; then |
---|
372 | rm -f /etc/athena/reactivate.local /etc/ssh_host_* /etc/ssh_random_seed |
---|
373 | if [ -r /var/athena/sshd.pid ]; then |
---|
374 | # public machines shouldn't be running an sshd |
---|
375 | kill `cat /var/athena/sshd.pid` |
---|
376 | fi |
---|
377 | rm -rf /etc/athena/orbitrc |
---|
378 | # Clean up Mozilla cache directories. |
---|
379 | rm -rf /var/tmp/Mozilla-* |
---|
380 | fi |
---|
381 | |
---|
382 | if [ "$ACCESSON" = true -a -f /usr/athena/bin/access_on ]; then |
---|
383 | /usr/athena/bin/access_on |
---|
384 | elif [ "$ACCESSON" != true -a -f /usr/athena/bin/access_off ]; then |
---|
385 | /usr/athena/bin/access_off |
---|
386 | fi |
---|
387 | |
---|
388 | if [ "$full" = true ]; then |
---|
389 | if [ -f /etc/athena/reactivate.local ]; then |
---|
390 | /etc/athena/reactivate.local |
---|
391 | fi |
---|
392 | # Update our invocation count. |
---|
393 | echo `expr $count + 1` > $countfile |
---|
394 | fi |
---|
395 | |
---|
396 | exit 0 |
---|