Debian packaging for open-iscsi
Philipp Hug
I just updated the Debian packaging for open-iscsi.
Is it possible that you add iscsi-iname? This makes installation much
simpler for first time iscsi users.
Patch for Makefile and fixed iscsi-iname.c from linux-iscsi attached...
There's also a patch for a fixed Debian init script attached.
philipp
--
Please CC me, I'm not subscribed to the list.
David Wysochanski
>
> Index: Makefile
> ===================================================================
> --- Makefile (revision 514)
> +++ Makefile (working copy)
> @@ -33,7 +33,7 @@
> OPTFLAGS ?= -O2 -g
> WARNFLAGS ?= -Wall -Wstrict-prototypes
> CFLAGS += $(OPTFLAGS) $(WARNFLAGS) -I../include -D$(OSNAME) $(IPC_CFLAGS)
> -PROGRAMS = iscsid iscsiadm iscsistart
> +PROGRAMS = iscsid iscsiadm iscsistart iscsi-iname
>
> # sources shared between iscsid, iscsiadm and iscsistart
> ISCSI_LIB_SRCS = util.o io.o auth.o login.o log.o md5.o sha1.o
> @@ -53,5 +53,8 @@
> iscsistart: $(IPC_OBJ) $(ISCSI_LIB_SRCS) $(INITIATOR_SRCS) iscsistart.o
> $(CC) $^ -o $@
>
> +iscsi-iname: md5.o iscsi-iname.o
> + $(CC) $^ $(DBM_LIB) -o $@
> +
> clean:
> rm -f *.o $(PROGRAMS)
>
>
> ------------------------------------------------------------------------
>
> /*
> * iSCSI InitiatorName creation utility
> * Copyright (C) 2001 Cisco Systems, Inc.
> * maintained by open-...@googlegroups.com
> *
> * This program is free software; you can redistribute it and/or modify
> * it under the terms of the GNU General Public License as published
> * by the Free Software Foundation; either version 2 of the License, or
> * (at your option) any later version.
> *
> * This program is distributed in the hope that it will be useful, but
> * WITHOUT ANY WARRANTY; without even the implied warranty of
> * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> * General Public License for more details.
> *
> * See the file COPYING included with this distribution for more details.
> *
> * iscsi-iname.c - Compute an iSCSI InitiatorName for this host.
> * Note that to ensure uniqueness, the system time is
> * a factor. This name must be cached and only regenerated
> * if there is no cached value.
> */
>
> #include <stdio.h>
> #include <stdint.h>
> #include <stdlib.h>
> #include <fcntl.h>
> #include <unistd.h>
> #include <sys/utsname.h>
> #include <sys/time.h>
>
> #include "strings.h"
> #include "types.h"
> #include "iscsi_proto.h"
> #include "md5.h"
>
> #define RANDOM_NUM_GENERATOR "/dev/urandom"
>
> int
> main(int argc, char *argv[])
> {
> char iname[TARGET_NAME_MAXLEN + 1];
> struct timeval time;
> struct utsname system_info;
> long hostid;
> struct MD5Context context;
> unsigned char digest[16];
> unsigned char *bytes = digest;
> unsigned char entropy[16];
> int e;
> int fd;
> char *prefix;
>
> /* initialize */
> memset(iname, 0, sizeof (iname));
> memset(digest, 0, sizeof (digest));
> memset(&context, 0, sizeof (context));
> MD5Init(&context);
>
> /* take a prefix if given, otherwise use a default. */
> if (argc > 1 && argv[1]) {
> prefix = argv[1];
> if (( strcmp(prefix, "-h") == 0 ) ||
> ( strcmp(prefix, "--help") == 0 )) {
> printf("\nDisplays the iSCSI initiator name\n");
> exit(0);
> } else if ( strcmp(prefix, "-p") == 0 ) {
> prefix = argv[2];
> } else {
> printf("\nUsage: iscsi-iname [-h | --help | "
> "-p <prefix>]\n");
> exit(0);
> }
> } else {
> prefix = "iqn.1987-05.com.cisco:01";
>
How about setting this to something more interesting than
"1987-05.com.cisco"?
Maybe the reverse dns portion could be the linux distro running it?
Something
from /etc/issue.net, a version string, etc?
> }
>
> /* try to feed some entropy from the pool to MD5 in order to get
> * uniqueness properties
> */
>
> if ((fd = open(RANDOM_NUM_GENERATOR, O_RDONLY))) {
> e = read(fd, &entropy, 16);
> if (e >= 1)
> MD5Update(&context, (md5byte *)entropy, e);
> close(fd);
> }
>
> /* time the name is created is a factor in order to get
> * uniqueness properties
> */
> if (gettimeofday(&time, NULL) < 0) {
> perror("error: gettimeofday failed");
> return 1;
> }
> MD5Update(&context, (md5byte *) & time.tv_sec, sizeof (time.tv_sec));
> MD5Update(&context, (md5byte *) & time.tv_usec, sizeof (time.tv_usec));
>
> /* hostid */
> hostid = gethostid();
> MD5Update(&context, (md5byte *) & hostid, sizeof (hostid));
>
> /* get the hostname and system name */
> if (uname(&system_info) < 0) {
> perror("error: uname failed");
> return 1;
> }
> MD5Update(&context, (md5byte *) system_info.sysname,
> sizeof (system_info.sysname));
> MD5Update(&context, (md5byte *) system_info.nodename,
> sizeof (system_info.nodename));
> MD5Update(&context, (md5byte *) system_info.release,
> sizeof (system_info.release));
> MD5Update(&context, (md5byte *) system_info.version,
> sizeof (system_info.version));
> MD5Update(&context, (md5byte *) system_info.machine,
> sizeof (system_info.machine));
>
> /* compute the md5 hash of all the bits we just collected */
> MD5Final(digest, &context);
>
> /* vary which md5 bytes we pick (though we probably don't need to do
> * this, since hopefully MD5 produces results such that each byte is as
> * good as any other).
> */
>
> if ((fd = open(RANDOM_NUM_GENERATOR, O_RDONLY))) {
> if (read(fd, entropy, 1) == 1)
> bytes = &digest[(entropy[0] % (sizeof(digest) - 6))];
> close(fd);
> }
>
> /* print the prefix followed by 6 bytes of the MD5 hash */
> sprintf(iname, "%s.%x%x%x%x%x%x", prefix,
> bytes[0], bytes[1], bytes[2], bytes[3], bytes[4], bytes[5]);
>
> iname[sizeof (iname) - 1] = '\0';
> printf("%s\n", iname);
> return 0;
> }
>
>
> ------------------------------------------------------------------------
>
> #!/bin/sh
> #
> # chkconfig: - 39 35
> # description: Starts and stops the iSCSI initiator
> # debianized start-stop script
>
> PIDFILE=/var/run/iscsid.pid
> CONFIGFILE=/etc/iscsid.conf
> DAEMON=/usr/sbin/iscsid
>
> PATH=/sbin:/bin:/usr/sbin:/usr/bin
>
> RETVAL=0
> ISCSIADM=/usr/bin/iscsiadm
>
> iscsid_start()
> {
> echo -n "Starting iSCSI initiator service: "
> # Do sanity checks before we start..
> if [ ! -e $CONFIGFILE ]; then
> echo
> echo "Error: configuration file $CONFIGFILE is missing!"
> echo "The iSCSI driver has not been correctly installed and cannot start."
> echo
> exit 1
> elif [ -s $PIDFILE ] && kill -0 `head -1 $PIDFILE` >/dev/null ; then
> echo "iSCSI daemon already running"
> echo
> exit 1
> fi
>
> if [ ! -f /etc/initiatorname.iscsi ] ; then
> echo
> echo "Error: InitiatorName file /etc/initiatorname.iscsi is missing!"
> echo "The iSCSI driver has not been correctly installed and cannot start."
> echo
> exit 1
> fi
>
> # see if we need to generate a unique iSCSI InitiatorName
> # this should only happen if the
> if grep -q "^GenerateName=yes" /etc/initiatorname.iscsi ; then
> if [ ! -x /usr/sbin/iscsi-iname ] ; then
> echo "Error: /usr/sbin/iscsi-iname does not exist, driver was not successfully installed"
> exit 1;
> fi
> # Generate a unique InitiatorName and save it
> INAME=`/usr/sbin/iscsi-iname`
> if [ "$INAME" != "" ] ; then
> echo "## DO NOT EDIT OR REMOVE THIS FILE!" > /etc/initiatorname.iscsi
> echo "## If you remove this file, the iSCSI daemon will not start." >> /etc/initiatorname.iscsi
> echo "## If you change the InitiatorName, existing access control lists" >> /etc/initiatorname.iscsi
> echo "## may reject this initiator. The InitiatorName must be unique">> /etc/initiatorname.iscsi
> echo "## for each iSCSI initiator. Do NOT duplicate iSCSI InitiatorNames." >> /etc/initiatorname.iscsi
> printf "InitiatorName=$INAME\n" >> /etc/initiatorname.iscsi
> chmod 600 /etc/initiatorname.iscsi
> else
> echo "Error: failed to generate an iSCSI InitiatorName, driver cannot start."
> echo
> exit 1;
> fi
> fi
>
> # make sure there is a valid InitiatorName for the driver
> if ! grep -q "^InitiatorName=[^ \t\n]" /etc/initiatorname.iscsi ; then
> echo
> echo "Error: /etc/initiatorname.iscsi does not contain a valid InitiatorName."
> echo "The iSCSI driver has not been correctly installed and cannot start."
> echo
> exit 1
> fi
>
> modprobe scsi_transport_iscsi
> modprobe iscsi_tcp
> start-stop-daemon --start --exec $DAEMON --quiet --pidfile $PIDFILE
> RETVAL=$?
> if [ $RETVAL == "0" ]; then
> echo "succeeded."
> else
> echo "failed."
> fi
> }
>
> iscsid_stop()
> {
> echo -n "Stopping iSCSI initiator service: "
> sync
> TARGETS=`$ISCSIADM | grep "\[*\]" | sed 's@\[\(.*\)\] .*@\1@g'`
> for rec in $TARGETS
> do
> $ISCSIADM -m node -r $rec -u
> done
> start-stop-daemon --stop --quiet --exec $DAEMON --pidfile $PIDFILE --signal KILL
> RETVAL=$?
> if [ $RETVAL == "0" ]; then
> echo "succeeded."
> else
> echo "failed."
> fi
> # ugly, but pid file is not removed by iscsid
> rm -f $PIDFILE
>
> echo -n "Removing iSCSI enterprise target modules: "
> modprobe -r iscsi_tcp
> modprobe -r scsi_transport_iscsi
> RETVAL=$?
> if [ $RETVAL == "0" ]; then
> echo "succeeded."
> else
> echo "failed."
> exit 1
> fi
> }
>
> case "$1" in
> start)
> iscsid_start
> ;;
> stop)
> iscsid_stop
> ;;
> restart|force-reload)
> iscsid_stop
> sleep 1
> iscsid_start
> ;;
> status)
> PID=`pidof iscsid`
> if [ $PID ]; then
> echo "iSCSI initiator is running at pid $PID"
> else
> echo "no iSCSI initiator found!"
> exit 1
> fi
> ;;
> dump)
> DUMP=`tempfile -p iscsid`
> RETVAL=$?
> if [ $RETVAL != "0" ]; then
> echo "Failed to create dump file $DUMP"
> exit 1
> fi
> iscsiadm -m node --record 0a45f8 >$DUMP
> RETVAL=$?
> if [ $RETVAL != "0" ]; then
> echo "Error dumping config from daemon"
> rm $DUMP
> exit 1
> fi
> mv -u $DUMP $CONFIG_FILE
> echo "Config dumped to $CONFIG_FILE"
> ;;
> *)
> echo $"Usage: $0 {start|stop|restart|status|dump}"
> exit 1
> esac
>
> exit 0
>
>
> ------------------------------------------------------------------------
>
> Index: initd.debian
> ===================================================================
> --- initd.debian (revision 514)
> +++ initd.debian (working copy)
> @@ -4,20 +4,75 @@
> # description: Starts and stops the iSCSI initiator
> # debianized start-stop script
>
> -PID_FILE=/var/run/iscsid.pid
> -CONFIG_FILE=/etc/iscsid.conf
> +PIDFILE=/var/run/iscsid.pid
> +CONFIGFILE=/etc/iscsid.conf
> DAEMON=/usr/sbin/iscsid
>
> PATH=/sbin:/bin:/usr/sbin:/usr/bin
>
> RETVAL=0
> +ISCSIADM=/usr/bin/iscsiadm
>
> iscsid_start()
> {
> echo -n "Starting iSCSI initiator service: "
> + # Do sanity checks before we start..
> + if [ ! -e $CONFIGFILE ]; then
> + echo
> + echo "Error: configuration file $CONFIGFILE is missing!"
> + echo "The iSCSI driver has not been correctly installed and cannot start."
> + echo
> + exit 1
> + elif [ -s $PIDFILE ] && kill -0 `head -1 $PIDFILE` >/dev/null ; then
> + echo "iSCSI daemon already running"
> + echo
> + exit 1
> + fi
> +
> + if [ ! -f /etc/initiatorname.iscsi ] ; then
> + echo
> + echo "Error: InitiatorName file /etc/initiatorname.iscsi is missing!"
> + echo "The iSCSI driver has not been correctly installed and cannot start."
> + echo
> + exit 1
> + fi
> +
> + # see if we need to generate a unique iSCSI InitiatorName
> + # this should only happen if the
> + if grep -q "^GenerateName=yes" /etc/initiatorname.iscsi ; then
> + if [ ! -x /usr/sbin/iscsi-iname ] ; then
> + echo "Error: /usr/sbin/iscsi-iname does not exist, driver was not successfully installed"
> + exit 1;
> + fi
> + # Generate a unique InitiatorName and save it
> + INAME=`/usr/sbin/iscsi-iname`
> + if [ "$INAME" != "" ] ; then
> + echo "## DO NOT EDIT OR REMOVE THIS FILE!" > /etc/initiatorname.iscsi
> + echo "## If you remove this file, the iSCSI daemon will not start." >> /etc/initiatorname.iscsi
> + echo "## If you change the InitiatorName, existing access control lists" >> /etc/initiatorname.iscsi
> + echo "## may reject this initiator. The InitiatorName must be unique">> /etc/initiatorname.iscsi
> + echo "## for each iSCSI initiator. Do NOT duplicate iSCSI InitiatorNames." >> /etc/initiatorname.iscsi
> + printf "InitiatorName=$INAME\n" >> /etc/initiatorname.iscsi
> + chmod 600 /etc/initiatorname.iscsi
> + else
> + echo "Error: failed to generate an iSCSI InitiatorName, driver cannot start."
> + echo
> + exit 1;
> + fi
> + fi
> +
> + # make sure there is a valid InitiatorName for the driver
> + if ! grep -q "^InitiatorName=[^ \t\n]" /etc/initiatorname.iscsi ; then
> + echo
> + echo "Error: /etc/initiatorname.iscsi does not contain a valid InitiatorName."
> + echo "The iSCSI driver has not been correctly installed and cannot start."
> + echo
> + exit 1
> + fi
> +
> modprobe scsi_transport_iscsi
> modprobe iscsi_tcp
> - start-stop-daemon --start --exec $DAEMON --quiet
> + start-stop-daemon --start --exec $DAEMON --quiet --pidfile $PIDFILE
> RETVAL=$?
> if [ $RETVAL == "0" ]; then
> echo "succeeded."
> @@ -29,7 +84,13 @@
> iscsid_stop()
> {
> echo -n "Stopping iSCSI initiator service: "
> - start-stop-daemon --stop --quiet --exec $DAEMON --pidfile $PID_FILE
> + sync
> + TARGETS=`$ISCSIADM | grep "\[*\]" | sed 's@\[\(.*\)\] .*@\1@g'`
> + for rec in $TARGETS
> + do
> + $ISCSIADM -m node -r $rec -u
> + done
> + start-stop-daemon --stop --quiet --exec $DAEMON --pidfile $PIDFILE --signal KILL
> RETVAL=$?
> if [ $RETVAL == "0" ]; then
> echo "succeeded."
> @@ -37,7 +98,7 @@
> echo "failed."
> fi
> # ugly, but pid file is not removed by iscsid
> - rm -f $PID_FILE
> + rm -f $PIDFILE
>
> echo -n "Removing iSCSI enterprise target modules: "
> modprobe -r iscsi_tcp
> @@ -58,7 +119,7 @@
> stop)
> iscsid_stop
> ;;
> - restart)
> + restart|force-reload)
> iscsid_stop
> sleep 1
> iscsid_start
>
>
Mike Christie
>>
>> /* take a prefix if given, otherwise use a default. */
>> if (argc > 1 && argv[1]) {
>> prefix = argv[1];
>> if (( strcmp(prefix, "-h") == 0 ) ||
>> ( strcmp(prefix, "--help") == 0 )) {
>> printf("\nDisplays the iSCSI initiator name\n");
>> exit(0);
>> } else if ( strcmp(prefix, "-p") == 0 ) {
>> prefix = argv[2];
>> } else {
>> printf("\nUsage: iscsi-iname [-h | --help | "
>> "-p <prefix>]\n");
>> exit(0);
>> }
>> } else {
>> prefix = "iqn.1987-05.com.cisco:01";
>>
>
> How about setting this to something more interesting than
> "1987-05.com.cisco"?
> Maybe the reverse dns portion could be the linux distro running it?
> Something
> from /etc/issue.net, a version string, etc?
>
I agree we should do something more interesting. I remember core-iscsi
wanted to setttle on this. Maybe now would be a good time to settle how
to set a default name for linux, where we should put it, etc. For FC5
due to lack of time, I just did whaterver we did in RHEL4 for
Cisco/sfnet, so I am open to anything.
Dave, have you looked at what core-iscsi does? Is there something we can
compromise on or something we can reuse?
Hannes Reinecke
Basically we have two choices:
- pick a iqn number based on the distro (which would mean the distro has
to ensure uniqueness)
- pick a iqn number based on the hostname; this would leave the end-user
with the task to ensure its uniqueness.
The latter has the obvious advantage that we don't have to twiddle much;
just reverse the domainname, add some date and pass it to iscsi-iname.
The 'add some date' bit might be a bit tricky; the spec states that the
date should be the first month the domain was owned. Obviously this
information is not readily available to everyone; so the spec does allow
for any date during which the domain was owned. By necessity this would
include the installation date.
However, in doing so we _do_ violate the spec in that the initiator
names are _not_ constant. Any re-installation would result in a
different initiator name as the date has changed. And we can't use a
fixed date as we don't know whether the domain we're installing into was
actually owned at that date.
Therefore I vote for having a fixed name per distro and hard-code that
into iscsi-iname. And we should add some magic into iscsi-iname to
distinguish between open-iscsi and core-iscsi.
For SuSE the iqn is: iqn.1996-04.de.suse
Cheers,
Hannes
--
Dr. Hannes Reinecke ha...@suse.de
SuSE Linux Products GmbH S390 & zSeries
Maxfeldstraße 5 +49 911 74053 688
90409 Nürnberg http://www.suse.de
Robin H. Johnson
> The 'add some date' bit might be a bit tricky; the spec states that the
> date should be the first month the domain was owned. Obviously this
> information is not readily available to everyone; so the spec does allow
> for any date during which the domain was owned. By necessity this would
> include the installation date.
initiatorname.iscsi that's entirely commented out, and instructs users
on how to build their own Initiator Name value.
For the date portion, I suggest that users look at WHOIS to find when
their domain name was registered.
I don't like the concept of embedded the distro's domain and date in
the prefix portion of the InitiatorName, as it can be hard to make this
unique when open-iscsi is installed over many machines.
--
Robin Hugh Johnson
E-Mail : rob...@gentoo.org
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
Hannes Reinecke
> On Wed, Mar 08, 2006 at 10:07:55AM +0100, Hannes Reinecke wrote:
>> The 'add some date' bit might be a bit tricky; the spec states that the
>> date should be the first month the domain was owned. Obviously this
>> information is not readily available to everyone; so the spec does allow
>> for any date during which the domain was owned. By necessity this would
>> include the installation date.
> As the Gentoo open-iscsi maintainer, I include a sample
> initiatorname.iscsi that's entirely commented out, and instructs users
> on how to build their own Initiator Name value.
>
> For the date portion, I suggest that users look at WHOIS to find when
> their domain name was registered.
Hmm, that unfortunately doesn't work in all cases. WHOIS tells you when
the domain information was last updated which is not exactly the same
information.
At least it does for .suse.de. You're welcome to try and send me the
corrected information if I'm wrong.
>
> I don't like the concept of embedded the distro's domain and date in
> the prefix portion of the InitiatorName, as it can be hard to make this
> unique when open-iscsi is installed over many machines.
>
Yes. But then I think iscsi-iname will gather quite a bit of information
to make that unique.
Robin H. Johnson
> > For the date portion, I suggest that users look at WHOIS to find when
> > their domain name was registered.
> Hmm, that unfortunately doesn't work in all cases. WHOIS tells you when
> the domain information was last updated which is not exactly the same
> information.
> At least it does for .suse.de. You're welcome to try and send me the
> corrected information if I'm wrong.
creation/registration date.
I did a quick survey of other 40 TLDs throughout the world and found a
very low occurrence of this - in my test, the only ones to not provide
a registration or creation date were: .vg, .de, .as, .to
At a 10% failure rate for this method, I agree that it's not ideal.
Mike Christie
yeah that makes sense to me. I am fine with it.
Mike Christie
> On Wed, Mar 08, 2006 at 10:07:55AM +0100, Hannes Reinecke wrote:
>
>>The 'add some date' bit might be a bit tricky; the spec states that the
>>date should be the first month the domain was owned. Obviously this
>>information is not readily available to everyone; so the spec does allow
>>for any date during which the domain was owned. By necessity this would
>>include the installation date.
>
> As the Gentoo open-iscsi maintainer, I include a sample
> initiatorname.iscsi that's entirely commented out, and instructs users
> on how to build their own Initiator Name value.
>
> For the date portion, I suggest that users look at WHOIS to find when
> their domain name was registered.
>
> I don't like the concept of embedded the distro's domain and date in
> the prefix portion of the InitiatorName, as it can be hard to make this
> unique when open-iscsi is installed over many machines.
>
iscsi-iname does some md5 random number junk that adds some magic number
onto the name. Would that be ok with you guys?
Philipp Hug
> > For SuSE the iqn is: iqn.1996-04.de.suse
>
> yeah that makes sense to me. I am fine with it.
core-iscsi uses almost the same code. they just another default.
btw: this already works: (I'll put this in the package)
./initiator_iname -p iqn.1993-08.org.debian:01
greetings
philipp
In case you want to have a look at the debian packaging stuff:
http://svn.debian.org/wsvn/pkg-iscsi/open-iscsi/
David Wysochanski
>
> > > For SuSE the iqn is: iqn.1996-04.de.suse
> >
> > yeah that makes sense to me. I am fine with it.
>
> core-iscsi uses almost the same code. they just another default.
> btw: this already works: (I'll put this in the package)
> ./initiator_iname -p iqn.1993-08.org.debian:01
>