About: Licorn® DevBlog
rss
Browse by time:
- May 2012 (1)
- April 2012 (2)
- March 2012 (2)
- February 2012 (3)
- December 2011 (1)
- October 2011 (3)
- September 2011 (3)
- May 2011 (3)
- April 2011 (1)
- March 2011 (2)
- February 2011 (1)
- January 2011 (2)
- December 2010 (7)
- November 2010 (5)
- October 2010 (2)
- September 2010 (3)
- August 2010 (10)
- July 2010 (3)
- June 2010 (6)
- March 2009 (1)
- January 2009 (8)
Browse by category:
- rss ACLs (1)
- rss Architecture (1)
- rss CLI (4)
- rss D3 (1)
- rss Debian (1)
- rss LDAP (3)
- rss Licorn (4)
- rss Licorn® (2)
- rss NFS (1)
- rss OOP (1)
- rss Pyro (2)
- rss QA (2)
- rss RPC (1)
- rss SAMBA (1)
- rss Twisted (1)
- rss UNIX (1)
- rss WMI (5)
- rss add (2)
- rss admin (1)
- rss animations (1)
- rss apache (1)
- rss apprentice (1)
- rss architecture (1)
- rss automation (2)
- rss backend (5)
- rss backends (2)
- rss backup (2)
- rss bazaar (2)
- rss benchmark (1)
- rss bugfix (1)
- rss bugs (1)
- rss bzr (3)
- rss change (1)
- rss changes (1)
- rss check (1)
- rss chk (1)
- rss cleanup (1)
- rss cli (1)
- rss client (1)
- rss code (3)
- rss coding (1)
- rss completion (1)
- rss complexity (1)
- rss configuration (4)
- rss console (1)
- rss controllers (1)
- rss core (3)
- rss crashes (1)
- rss customization (1)
- rss daemon (12)
- rss darcs (4)
- rss debug (2)
- rss debugger (1)
- rss debugging (1)
- rss del (1)
- rss description (2)
- rss developement (1)
- rss developer (1)
- rss development (3)
- rss difficulties (1)
- rss discover (1)
- rss discovery (1)
- rss django (2)
- rss documentation (4)
- rss dynamic (1)
- rss ease (1)
- rss enhance (1)
- rss enhancement (9)
- rss enhancements (2)
- rss errors (1)
- rss events (1)
- rss experimental (1)
- rss extensions (5)
- rss features (1)
- rss finish (1)
- rss flag (1)
- rss flexibility (1)
- rss geany (1)
- rss geekism (1)
- rss get (1)
- rss gevent (2)
- rss git (1)
- rss gitflow (1)
- rss good (1)
- rss graphics (1)
- rss groups (3)
- rss gvim (1)
- rss httperf (1)
- rss https (1)
- rss i18n (1)
- rss ideas (1)
- rss implementation (1)
- rss inotifier (2)
- rss interaction (3)
- rss internals (1)
- rss javascript (1)
- rss jinja2 (1)
- rss jquery (1)
- rss key (1)
- rss ldap (6)
- rss leak (1)
- rss licorn (5)
- rss licornd (8)
- rss licornd-wmi (1)
- rss live (1)
- rss ltrace (2)
- rss machines (1)
- rss major (1)
- rss meliae (1)
- rss memory (1)
- rss migration (2)
- rss milestones (1)
- rss mod (1)
- rss model (1)
- rss modules (2)
- rss monitor (1)
- rss mount (1)
- rss network (4)
- rss news (1)
- rss night (1)
- rss nmap (1)
- rss ntfs (1)
- rss object (1)
- rss openldap (1)
- rss openssh (1)
- rss ouput (1)
- rss password (1)
- rss patch (1)
- rss performance (2)
- rss permissions (1)
- rss pickle (1)
- rss preferences (1)
- rss privileges (2)
- rss profiling (1)
- rss progress (5)
- rss properties (1)
- rss push (1)
- rss pyinotify (1)
- rss pylint (2)
- rss pyro (2)
- rss python (3)
- rss quality (2)
- rss rdiff-backup (1)
- rss readings (1)
- rss readline (1)
- rss refactor (1)
- rss reference (1)
- rss regexxer (1)
- rss release (1)
- rss remote (3)
- rss rename (1)
- rss report (1)
- rss repositories (2)
- rss repository (2)
- rss research (1)
- rss rewrite (1)
- rss rfoo (1)
- rss roadmap (1)
- rss rsync (1)
- rss schema (1)
- rss security (1)
- rss server (2)
- rss service (1)
- rss shadow (1)
- rss shutdown (1)
- rss speed (1)
- rss ssh (1)
- rss standard (1)
- rss status (2)
- rss summary (1)
- rss switch (1)
- rss system (3)
- rss team (1)
- rss testing (1)
- rss testsuite (2)
- rss thread (1)
- rss trac (2)
- rss udisks (1)
- rss unix (3)
- rss upgrade (1)
- rss usb (1)
- rss users (2)
- rss vfat (1)
- rss volumes (2)
- rss webserver (1)
- rss work (1)
- rss worklog (1)
Network discovery in the daemon
The daemon has now an auto-discovery capability on its local network(s). It will scan the LAN (on all of its ethernet interfaces) and will try to discover all hosts which are up (answer ping).
With 10 to 30 network threads in each pool (the default beiing 5, is resource-conservative), it can be faster than nmap to do a full LAN discovery (you will gain ARP resolution and Pyro resolution bonuses).
You can disable the feature if you don't like it or experiment problems with it (don't forget to report bugs in this case).
We finally got rid of nmap and all those consuming subprocess.Popen calls, with a big functionnality gain.
Testing client/server communication
Defining LICORN_SERVER environment variable (in latest stable code) provides an easy way to test bi-directionnal communication between 2 or more Licorn® daemons installed on distinct machines.
WARNING: this is meant for testing and development purposes only. In production environments, there should be a DHCP server on the Licorn® machine with the SERVER role, and the CLIENTs will discover it automatically.
To use:
- be sure all machines are on the same IP network.
- set up one of the machine with licornd.role = SERVER in /etc/licorn/licorn.conf.
- find the IP address of this machine and remember it.
- set up all other machines with licornd.role = CLIENT
- open a Terminal on each, and run export LICORN_SERVER=<IP_address> with the IP address of your server.
- start all licornd, ending with the server one (else it won't detect the clients because they currently don't push their status to the server).
- alternatively, if you want to force detection of new clients started after the server, you can run add machines --discover <IP_subnet/mask> on the server, it will scan the subnet and register all new machines.
Besides this, be sure to set experimental.enabled = True on the SERVER machine, to get the Machines tab in the WMI.
You can now enjoy remotely shutting down client machines.
WMI listen address is now configurable
The WMI listen address is now configurable, either:
- in the main configuration file (/etc/licorn/licorn.conf if you didn't change it), with the directive daemon.wmi.listen_address. Don't put any quotes around the address. Example:
daemon.wmi.listen_address = 192.168.1.1
- on the command line, when manually starting the daemon. Example:
sudo licornd -vvD -W 192.168.1.1
You can use an IP address, or a hostname (it will be resolved to an IP address). Note that the CLI argument has always precedence over the configuration file, for obvious reasons of easy testing.
- Posted: 2010-08-30 09:29 (Updated: 2010-08-30 09:30)
- Author: olive
- Categories: WMI configuration network
- Comments (0)
Removed silly limitations on system groups with LDAP backend enabled
Responding to changeset 279 and explaining the reasons of changeset 304, there is now no more limitations when creating system groups.
If the LDAP backend is enabled, the newly created system group will go into the LDAP backend.
This makes NFS works perfectly on LDAP-enabled clients, which now see all groups when listings ACLs and standard posix perms.
Now, the licorn-ldap-server debian package tries to move every important pre-existing system group (acl, licorn-wmi) from the Unix backend to the LDAP one. This will implicitly install them network-wide and avoid the need to create them on every ALT®. Finally this will help propagate admin privileges on every client.
- Posted: 2010-08-19 09:16
- Author: olive
- Categories: network privileges system standard NFS enhancement groups LDAP
- Comments (0)
