From 6013ccd5a16f068c679249dd8996ef2359a9b193 Mon Sep 17 00:00:00 2001 From: cxhong Date: Thu, 8 Oct 2020 16:45:00 -0400 Subject: [PATCH 1/2] Get the correct path for nice command --- .../add-on/statelite/rc.statelite.ppc.redhat | 7 ++++++- xCAT/postscripts/getcredentials.awk | 17 +++++++++++++++-- xCAT/postscripts/getpostscript.awk | 17 +++++++++++++++-- xCAT/postscripts/startsyncfiles.awk | 17 +++++++++++++++-- 4 files changed, 51 insertions(+), 7 deletions(-) diff --git a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat index 8aa5dac22..9cc8b7a14 100755 --- a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat +++ b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat @@ -128,7 +128,12 @@ GetSyncInfo () { xCATCmd () { # $1 is the xCAT server # $2 is the command - echo "\n${2}\n" | /usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -quiet -no_ssl3 $(/usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -help 2>&1 | grep -m 1 -o -- -no_ssl2) -connect ${1} -rand /bin/nice 2>/dev/null + if [ -f "/usr/bin/nice" ]; then + NICE="/usr/bin/nice" + else + NICE="/bin/nice" + fi + echo "\n${2}\n" | /usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -quiet -no_ssl3 $(/usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -help 2>&1 | grep -m 1 -o -- -no_ssl2) -connect ${1} -rand ${NICE} 2>/dev/null } diff --git a/xCAT/postscripts/getcredentials.awk b/xCAT/postscripts/getcredentials.awk index 67300becf..31f1c1750 100755 --- a/xCAT/postscripts/getcredentials.awk +++ b/xCAT/postscripts/getcredentials.awk @@ -1,9 +1,22 @@ #!/usr/bin/awk -f BEGIN { + if (!system("test -f /bin/nice")) { + nice = "/bin/nice" + } else if (!system("test -f /usr/bin/nice")) { + nice = "/usr/bin/nice" + } else { + print "Error: nice utility missing" + exit 1 + } + if (!system("test -f openssl")) { + print "Error: openssl utility missing" + exit 1 + } + if ((ENVIRON["USEOPENSSLFORXCAT"]) || (ENVIRON["AIX"])) { - server = "openssl s_client -quiet -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null" + server = "openssl s_client -quiet -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) { - server = "openssl s_client -quiet -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null" + server = "openssl s_client -quiet -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" } } else { server = "/inet/tcp/0/127.0.0.1/400" diff --git a/xCAT/postscripts/getpostscript.awk b/xCAT/postscripts/getpostscript.awk index 985b34dcb..062636f7f 100755 --- a/xCAT/postscripts/getpostscript.awk +++ b/xCAT/postscripts/getpostscript.awk @@ -1,9 +1,22 @@ #!/usr/bin/awk -f BEGIN { + if (!system("test -f /bin/nice")) { + nice = "/bin/nice" + } else if (!system("test -f /usr/bin/nice")) { + nice = "/usr/bin/nice" + } else { + print "Error: nice utility missing" + exit 1 + } + if (!system("test -f openssl")) { + print "Error: openssl utility missing" + exit 1 + } + if (ENVIRON["USEOPENSSLFORXCAT"]) { - server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null" + server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) { - server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null" + server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" } } else { server = "/inet/tcp/0/127.0.0.1/400" diff --git a/xCAT/postscripts/startsyncfiles.awk b/xCAT/postscripts/startsyncfiles.awk index c9af5345b..0cf6489f7 100755 --- a/xCAT/postscripts/startsyncfiles.awk +++ b/xCAT/postscripts/startsyncfiles.awk @@ -1,9 +1,22 @@ #!/usr/bin/awk -f BEGIN { + if (!system("test -f /bin/nice")) { + nice = "/bin/nice" + } else if (!system("test -f /usr/bin/nice")) { + nice = "/usr/bin/nice" + } else { + print "Error: nice utility missing" + exit 1 + } + if (!system("test -f openssl")) { + print "Error: openssl utility missing" + exit 1 + } + if (ENVIRON["USEOPENSSLFORXCAT"]) { - server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null" + server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) { - server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null" + server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand "nice 2> /dev/null" } } else { server = "/inet/tcp/0/127.0.0.1/400" From 2878022b95ae7d53c7250abb044aecee0484e210 Mon Sep 17 00:00:00 2001 From: cxhong Date: Fri, 9 Oct 2020 15:19:27 -0400 Subject: [PATCH 2/2] able to run no random bytes if /usr/bin/nice is not available --- .../add-on/statelite/rc.statelite.ppc.redhat | 6 +++--- xCAT/postscripts/getcredentials.awk | 13 +++++-------- xCAT/postscripts/getpostscript.awk | 13 +++++-------- xCAT/postscripts/startsyncfiles.awk | 13 +++++-------- 4 files changed, 18 insertions(+), 27 deletions(-) diff --git a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat index 9cc8b7a14..deaadde40 100755 --- a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat +++ b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat @@ -129,11 +129,11 @@ xCATCmd () { # $1 is the xCAT server # $2 is the command if [ -f "/usr/bin/nice" ]; then - NICE="/usr/bin/nice" + RANDOMBYTES="-rand /usr/bin/nice" else - NICE="/bin/nice" + RANDOMBYTES="" fi - echo "\n${2}\n" | /usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -quiet -no_ssl3 $(/usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -help 2>&1 | grep -m 1 -o -- -no_ssl2) -connect ${1} -rand ${NICE} 2>/dev/null + echo "\n${2}\n" | /usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -quiet -no_ssl3 $(/usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -help 2>&1 | grep -m 1 -o -- -no_ssl2) -connect ${1} ${RANDOMBYTES} 2>/dev/null } diff --git a/xCAT/postscripts/getcredentials.awk b/xCAT/postscripts/getcredentials.awk index 31f1c1750..0cbf2fdfb 100755 --- a/xCAT/postscripts/getcredentials.awk +++ b/xCAT/postscripts/getcredentials.awk @@ -1,12 +1,9 @@ #!/usr/bin/awk -f BEGIN { - if (!system("test -f /bin/nice")) { - nice = "/bin/nice" - } else if (!system("test -f /usr/bin/nice")) { - nice = "/usr/bin/nice" + if (!system("test -f /usr/bin/nice")) { + randombytes = "-rand /usr/bin/nice" } else { - print "Error: nice utility missing" - exit 1 + randombytes = "" } if (!system("test -f openssl")) { print "Error: openssl utility missing" @@ -14,9 +11,9 @@ BEGIN { } if ((ENVIRON["USEOPENSSLFORXCAT"]) || (ENVIRON["AIX"])) { - server = "openssl s_client -quiet -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" + server = "openssl s_client -quiet -no_ssl3 -connect " ENVIRON["XCATSERVER"] " "randombytes" 2> /dev/null" if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) { - server = "openssl s_client -quiet -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" + server = "openssl s_client -quiet -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " "randombytes" 2> /dev/null" } } else { server = "/inet/tcp/0/127.0.0.1/400" diff --git a/xCAT/postscripts/getpostscript.awk b/xCAT/postscripts/getpostscript.awk index 062636f7f..e4ffd3006 100755 --- a/xCAT/postscripts/getpostscript.awk +++ b/xCAT/postscripts/getpostscript.awk @@ -1,12 +1,9 @@ #!/usr/bin/awk -f BEGIN { - if (!system("test -f /bin/nice")) { - nice = "/bin/nice" - } else if (!system("test -f /usr/bin/nice")) { - nice = "/usr/bin/nice" + if (!system("test -f /usr/bin/nice")) { + randombytes = "-rand /usr/bin/nice" } else { - print "Error: nice utility missing" - exit 1 + randombytes = "" } if (!system("test -f openssl")) { print "Error: openssl utility missing" @@ -14,9 +11,9 @@ BEGIN { } if (ENVIRON["USEOPENSSLFORXCAT"]) { - server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" + server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " "randombytes" 2> /dev/null" if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) { - server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" + server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " "randombytes" 2> /dev/null" } } else { server = "/inet/tcp/0/127.0.0.1/400" diff --git a/xCAT/postscripts/startsyncfiles.awk b/xCAT/postscripts/startsyncfiles.awk index 0cf6489f7..0c85ae262 100755 --- a/xCAT/postscripts/startsyncfiles.awk +++ b/xCAT/postscripts/startsyncfiles.awk @@ -1,12 +1,9 @@ #!/usr/bin/awk -f BEGIN { - if (!system("test -f /bin/nice")) { - nice = "/bin/nice" - } else if (!system("test -f /usr/bin/nice")) { - nice = "/usr/bin/nice" + if (!system("test -f /usr/bin/nice")) { + randombytes = "-rand /usr/bin/nice" } else { - print "Error: nice utility missing" - exit 1 + randombytes = "" } if (!system("test -f openssl")) { print "Error: openssl utility missing" @@ -14,9 +11,9 @@ BEGIN { } if (ENVIRON["USEOPENSSLFORXCAT"]) { - server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand "nice" 2> /dev/null" + server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " "randombytes" 2> /dev/null" if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) { - server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand "nice 2> /dev/null" + server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " "randombytes" 2> /dev/null" } } else { server = "/inet/tcp/0/127.0.0.1/400"