#! /bin/sh # PCP QA Test No. 272 # $Revision: 1.25 $ # pmcd access control tests (used to be the second half of 051) # # # Copyright (c) 1995-2002 Silicon Graphics, Inc. All Rights Reserved. # # creator owner=kenmcd seq=`basename $0` echo "QA output created by $seq" # get standard filters . ./common.product . ./common.filter . ./common.check tmp=/tmp/$$ here=`pwd` sudo=$here/sudo status=1 # failure is the default! # pmcd may be quite some distance away # PMCD_CONNECT_TIMEOUT=30 PMCD_REQUEST_TIMEOUT=30 NETSTAT=netstat export PMCD_CONNECT_TIMEOUT PMCD_REQUEST_TIMEOUT NETSTAT # --- from here on down, originally copied _to_ 339, so need to push # --- changes into that qa test ... but the tests have now diverged, sigh! # # real QA test starts here config=$PCP_PMCDCONF_PATH oconfig=$tmp.config # get FQDN # host=`hostname` me=`_host_to_fqdn $host` if [ -z "$me" ] then echo "Cannot get fully qualified domain name for $host" exit fi _needclean=true # get standard filters . ./common.filter . ./common.check # _wait_for_pmcd_from_remote remote-host [max-wait] # _wait_for_pmcd_from_remote() { # 20 seconds default seems like a reasonble max time to get going can_wait=${2-20} i=0 dead=true while [ $i -lt $can_wait ] do clients=`rsh $1 -n -l pcpqa "sh -c 'PMCD_PORT=$port pmprobe -h $me -n $PCP_VAR_DIR/pmns/root_pmcd pmcd.numclients'" 2>/dev/null | sed -e 's/.* //'` if [ ! -z "$clients" -a "$clients" -gt 0 ] then dead=false break fi sleep 1 i=`expr $i + 1` done if $dead then echo "Arrgghhh ... pmcd failed to start after $can_wait seconds" rsh $1 -n -l pcpqa cat $PCP_PMCDLOG_PATH ps $PCP_PS_ALL_FLAGS status=2 exit $status fi } cleanup() { if $_needclean then unset PMCD_PORT [ -f $oconfig ] && $sudo cp $oconfig $config # _change_config pmlogger on $sudo $PCP_RC_DIR/pcp start | _filter_pcp_start _wait_for_pmcd _wait_for_pmlogger _needclean=false fi $sudo rm -f $tmp.* } trap "cleanup; exit \$status" 0 1 2 3 15 touch $seq.full # real QA test starts here port=`_get_port tcp 6060 6070` if [ -z "$port" ] then echo "Arrggh ... no free TCP port in the range 6060 ... 6070" $NETSTAT -a exit 1 fi # _change_config pmlogger off $sudo $PCP_RC_DIR/pcp stop $sudo cp $config $oconfig other1=bogus other2=bogus eval `./getpmcdhosts -n 2 -L -a sample -v pcp=2 -s IRIX64 2>/dev/null \ | $PCP_AWK_PROG '{ if (NF >= 2) printf("other1=%s other2=%s\n",$1,$2); }'` if [ "X$other1" = Xbogus -o "X$other2" = Xbogus ] then echo "Error: Unable to find two hosts configured with the sample PMDA" echo "+ ./getpmcdhosts -D -n 2 -L -a sample -v pcp=2 -s IRIX64 " ./getpmcdhosts -D -n 2 -L -a sample -v pcp=2 -s IRIX64 echo "Desperate: check all hosts in qa_hosts ..." cat $tmp.hosts \ | while read host do echo "=== $host ===" pminfo -b 1 -f -h $host pmcd.numagents pmcd.agent.status sample.seconds done exit 1 fi list1=`_all_hostnames $other1` if [ -z "$list1" ] then echo "Arrgh ... failed to expand other1=\"$other1\" to all hostnames" echo "netstat reports ..." rsh $tmp.access <$config" $sudo "cat $tmp.access >>$config" echo "First pmcd.conf" >>$seq.full cat $config >>$seq.full # don'use the regular port ... # PMCD_PORT=$port export PMCD_PORT $sudo $PCP_RC_DIR/pcp start | _filter_pcp_start _wait_for_pmcd echo " checking default access for this host ..." pminfo -f sample.long.million pmstore sample.write_me 111 echo echo " checking access for OTHERHOST1 (both should succeed)" rsh $other1 -n -l pcpqa "sh -c 'PMCD_PORT=$port pminfo -h $me -f sample.long.million'" rsh $other1 -n -l pcpqa "sh -c 'PMCD_PORT=$port pmstore -h $me sample.write_me 222'" echo echo " checking access for OTHERHOST2 (store should fail)" rsh $other2 -n -l pcpqa "sh -c 'PMCD_PORT=$port pminfo -h $me -f sample.long.hundred'" rsh $other2 -n -l pcpqa "sh -c 'PMCD_PORT=$port pmstore -h $me sample.write_me 333'" echo echo " checking connection limit for OTHERHOST2 (will exceed connection limit)" rsh $other2 -n -l pcpqa "sh -c 'PMCD_PORT=$port pmval -h $me -t 666 sample.long.ten'" >/dev/null 2>&1 & # guess at delay sleep `expr $PMCD_CONNECT_TIMEOUT / 2` rsh $other2 -n -l pcpqa "sh -c 'PMCD_PORT=$port pminfo -h $me -f sample.long.one'" 2>& 1 | sed -e 's/".*"/"OTHERHOST2"/' rsh $other2 -n -l pcpqa killall pmval > /dev/null 2>&1 echo "pmcd.log:=======" sed -n <$PCP_PMCDLOG_PATH -e '/endclient/{ s/\[[0-9]*]/[M]/ s/(fd [0-9]*)/(fd N)/ p }' echo "================" iplist1=`_all_ipaddrs $other1` iplist2=`_all_ipaddrs $other2` netlist2=`echo $iplist2 | sed -e 's/$/,/' -e 's/[0-9][0-9]*\.[0-9][0-9]*,/*,/g' -e 's/,$//'` myip=`_host_to_ipaddr $me` cat >$tmp.access <$config" $sudo "cat $tmp.access >>$config" echo >>$seq.full echo "Second pmcd.conf" >>$seq.full cat $config >>$seq.full $sudo $PCP_RC_DIR/pcp start | _filter_pcp_start _wait_for_pmcd_from_remote $other1 rsh $other1 -n -l pcpqa "sh -c 'PMCD_PORT=$port pmstore -h $me pmcd.control.debug 4096'" echo " checking default access for this host (store should fail) ..." pminfo -f sample.long.million pmstore sample.write_me 444 echo echo " checking access for OTHERHOST1 (both should succeed)" rsh $other1 -n -l pcpqa "sh -c 'PMCD_PORT=$port pminfo -h $me -f sample.long.million'" rsh $other1 -n -l pcpqa "sh -c 'PMCD_PORT=$port pmstore -h $me sample.write_me 555'" echo echo " checking access for OTHERHOST2 (store should fail)" rsh $other2 -n -l pcpqa "sh -c 'PMCD_PORT=$port pminfo -h $me -f sample.long.hundred'" rsh $other2 -n -l pcpqa "sh -c 'PMCD_PORT=$port pmstore -h $me sample.write_me 666'" echo echo " checking default access for explicit/localhost (both should fail)" pmstore -h localhost sample.write_me 21 pmstore -h $me sample.write_me 42 echo "pmcd.log:=======" sed -n <$PCP_PMCDLOG_PATH -e '/endclient/{ s/\[[0-9]*]/[M]/ s/(fd [0-9]*)/(fd N)/ p }' echo "================" # success, all done status=0 exit