Some scripts write to files to pass information to SNMP.
To avoid read access failure from SNMP, the previous file is copied to a
.old file then the new one is created.

The update is related to the new feature introduced in Kconfig for the
logging of messages (default_syslog)

The system clock monitor measures the offset between the local time and
the NTP time. If this offset exceed a given threshold an alarm will be
raised .

Another option is added in Kconfig that applies to all the deamons
that provide <facility*8+priority> in their messages. If logging
in Kconfig is set to "default_syslog", the logger is run with
the option --prio-prefix. With this option, the facility/priority
from message is used. All the other otions for "Logint directions.."
are left unchnaged.

Jean-Claude BAU authored 5 years ago and Maciej Lipinski committed 5 years ago

- Add a new tool (wrs_leapsec) to check for an incoming leap second. It
is done by parsing the leap second file. If a leap second is detected
then adjustment parameters for the clock algoritm are set in the kernel.
- Start the tool at startup
- With cron, execute the tool every 3 hours
- As many tools need to parse the leap seconds file, functions have been
added in the library and then called by these tools

Jean-Claude BAU authored 5 years ago and Maciej Lipinski committed 5 years ago

- Install cron
- New leap_seconds_file_update script. Launched at startup and then 1
time per day by cron
- Kconfig update to setup from where the file should be downloaded

Jean-Claude BAU authored 5 years ago and Maciej Lipinski committed 5 years ago

The -n option in the wr_date tool is used for a dry run. It execute the
code without applying changes in the system and the hardware.
However calling "wr_date -n set host" was not setting the date but
applying the TAI offset. To make things more consistant, a new option
has been added. Calling "wr_date set host tai" now sets only the TAI
offset.
The wr_date script has been changed to take into account this
modification of the behavior.

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

If the build or image is broken and sdb-read is missing don't try to
overwrite hwinfo

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Forward messages from scripts running before syslog is available
to the kernel log. Before these messages were printed only to the
console.

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Init scripts start logger that prints output of deamons into syslogs.
This logger is run with -p to attach tag. This tag is interpreted
as the process that produces the following message. In the many init
scripts this tag was set to wr-switch, incorrectly. This commit
corrects it to include the name of the daemon.

Since nss-pam-ldapd 0.8.4 the uniqueMember attribute was replaced by
using the member attribute by default. This means that you should use

map group member sAMAccountName

https://lists.arthurdejong.org/nss-pam-ldapd-users/2017/msg00012.html



Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

dropbear was replaced, because it does not support correctly LDAP+kerberos.

It was almost working. With LDAP+Kerberos over PAM dropbear was prompting once
more for a password when the correct was given.

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

It is assumed that authorization is done via LDAP

No need to give extra password when using sudo

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

otherwise openssh complains at the root login

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

--nslcd does not support uniqueMember, comment it out:
map    group  uniqueMember     member
--run nslcd as root, remove gid and uid

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Downloaded from:
https://linux.web.cern.ch/linux/docs/nslcd.conf.example



Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Jean-Claude BAU authored 5 years ago and Adam Wujek committed 5 years ago

1/ wr_date script:
- Started before PPSi
- Set number of NTP retries to 10 if GM otherwise 1. GM info is
extracted from dot-config
- Clock source is controlled directly with wr_date tool
- Can be started any time without any risk to set a wrong date (see
point 2)
2/ wr_date
- 'set host' parameters take into account the time mode ( FR: set
sec+ns, BC: time cannot be set, GM: set seconds only+wait to be in a
middle of a second)
- function substrat_substrat() moved to time_lib.h. Also used by wr_mon
3/ wr_mon
- Print TAI-UTC
- Update Timing Mode & PLL locking state displayed values

Benoit Rat authored 5 years ago and Adam Wujek committed 5 years ago

- Check if we are in GM mode, if yes :
    - wait GM to be locked
    - Disable WR as kernel clock source
    - Increase retries for NTP
- Retries x time NTP until setting host time:
    - Set date from host to WR
    - Enable (back) WR as kernel clock source

Benoit Rat authored 5 years ago and Adam Wujek committed 5 years ago

Fix TAI offset into kernel was done withing get function but this has
been removed in commit #091f4c8d. As it is still needed by slave, we
force its use using -n option. This will only fix tai offset into kernel
without applying ToD to WR/FPGA time.

Conflicts:
	userspace/tools/wr_date.c

baujc authored 6 years ago and Adam Wujek committed 5 years ago

This feature is very useful when we reboot very often the switch
especially during the development process.

Benoit Rat authored 6 years ago and Adam Wujek committed 5 years ago

Now we use ajax+js to constantly refresh value of WR into the web
interface without needing to manually refresh the webpage by the user.
However this refresh flood the accesslog and this is a problem with the
small RAM available

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

It may be useful in networks which require low latency.

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>

Signed-off-by: Adam Wujek <adam.wujek@cern.ch>