Index: head/GIDs =================================================================== --- head/GIDs (revision 428836) +++ head/GIDs (revision 428837) @@ -1,946 +1,946 @@ # $FreeBSD$ # Please keep this file sorted by GID! # Please pick an empty slot when available and also consider base values from # /usr/src/etc/group daemon:*:1: operator:*:5:amanda mail:*:6:postfix,clamav ftp:*:14: smmsp:*:25: video:*:44: bind:*:53: rdfdb:*:55: spamd:*:58: unbound:*:59: cyrus:*:60: proxy:*:62: authpf:*:63: uucp:*:66: xten:*:67: dialer:*:68:aprsd network:*:69: pgsql:*:70: ircd:*:72: ircservices:*:73: simscan:*:74: hybserv:*:76: audit:*:77: virtuoso:*:79: www:*:80: qnofiles:*:81: qmail:*:82: mysql:*:88: vchkpw:*:89: firebird:*:90: mailman:*:91: gdm:*:92: jabber:*:93: p4admin:*:94: interch:*:95: squeuer:*:96: mud:*:97: msql:*:98: rscsi:*:99: squid:*:100: quagga:*:101: ganglia:*:102: sgeadmin:*:103: slimserv:*:104: dnetc:*:105: clamav:*:106: cacti:*:107: webkit:*:108: quickml:*:109: vscan:*:110: fido:*:111: dcc:*:112: amavis:*:113: dhis:*:114: _symon:*:115: # free: 116 smokeping:*:117: ircproxyd:*:118: mythtv:*:119: pdns:*:120: otrs:*:121: zabbix:*:122: _ntp:*:123: fetchmail:*:124: postfix:*:125: maildrop:*:126: nav:*:127: sd-agent:*:128: vlock:*:129: _bgpd:*:130: _ospfd:*:131: _spamd:*:132: freeradius:*:133: undernet:*:134: rabbitmq:*:135: dhcpd:*:136: mpd:*:137: wolfpack:*:138: shellinabox:*:139: amanda:*:140: # free: 141 ladvd:*:142: dovecot:*:143: dovenull:*:144: webcamd:*:145: ventrilo:*:146: kdm:*:147: ipv6mon:*:148: avenger:*:149: cbsd:*:150: # free: 151 # free: 152 rbldns:*:153: trircd:*:154: xorp:*:155: monetdb:*:156: barman:*:157: pootle:*:158: nocat:*:159: _ypldap:*:160: solr:*:161: octoprint:*:162: _iked:*:163: # free: 164 # free: 165 # free: 166 # free: 167 # free: 168 # free: 169 tile38:*:170: sfs:*:171: agk:*:172: polipo:*:173: flowtools:*:174: twms:*:175: mlvpn:*:176: _mdnsd:*:177: otpw:*:178: gdnsd:*:179: rt:*:180: nagios:*:181: noc:*:182: icinga:*:183: dnscache:*:184: tinydns:*:185: dnslog:*:186: swift:*:187: netxms:*:188: leofs:*:189: keystone:*:190: glance:*:191: moinmoin:*:192: cups:*:193: saned:*:194: radns:*:195: -# free: 196 +nova:*:196: # free: 197 # free: 198 mcserver:*:199: sympa:*:200: privoxy:*:201: dspam:*:202: # free: 203 yate:*:204: gnugk:*:205: gini:*:206: _mixminion:*:207: _dnsdist:*:208: gogs:*:209: shoutcast:*:210: git:*:211: hg:*:212: drizzle:*:213: # free: 214 opendnssec:*:215: nsd:*:216: # free: 217 # free: 218 # free: 219 bs:*:220: # free: 221 rtpproxy:*:222: # free: 223 # free: 224 postgrey:*:225: sqlgrey:*:226: _hfm:*:227: # free: 228 kismet:*:229: # free: 230 # free: 231 # free: 232 # free: 233 # free: 234 # free: 235 # free: 236 # free: 237 # free: 238 # free: 239 aprsd:*:240: tnc:*:241: prosody:*:242: # free: 243 # free: 244 # free: 245 # free: 246 fcron:*:247: # free: 248 # free: 249 # free: 250 # free: 251 # free: 252 _adsuck:*:253: # free: 254 # free: 255 _tor:*:256: _smtpd:*:257: _smtpq:*:258: # free: 259 meta1s:*:260: meta1q:*:261: meta1c:*:262:meta1s meta1m:*:263:meta1s,meta1q meta1:*:264: # free: 265 # free: 266 # free: 267 # free: 268 # free: 269 # free: 270 # free: 271 # free: 272 # free: 273 # free: 274 haclient:*:275: frontbase:*:276: # free: 277 rtg:*:278: mrtg:*:279: xymon:*:280: prelude:*:281: spread:*:282: devmon:*:283: vnstat:*:284: exaddos:*:285:exaddos rancid:*:286: # free: 287 ntopng:*:288: # free: 289 # free: 290 # free: 291 # free: 292 # free: 293 # free: 294 # free: 295 # free: 296 # free: 297 # free: 298 # free: 299 backuppc:*:300: # free: 301 # free: 302 # free: 303 # free: 304 # free: 305 # free: 306 # free: 307 # free: 308 # free: 309 # free: 310 # free: 311 _sphinx:*:312: _fastdfs:*:313: # free: 314 # free: 315 # free: 316 # free: 317 # free: 318 # free: 319 # free: 320 # free: 321 # free: 322 # free: 323 # free: 324 dkfilter:*:325: smfs:*:326: # free: 327 # free: 328 # free: 329 orthanc:*:330: # free: 331 # free: 332 # free: 333 # free: 334 # free: 335 # free: 336 daapd:*:337: murmur:*:338: # free: 339 wildfire:*:340: stunnel:*:341: openfire:*:342: # free: 343 # free: 344 # free: 345 # free: 346 # free: 347 # free: 348 # free: 349 _sabnzbd:*:350: # free: 351 # free: 352 _iodined:*:353: # free: 354 # free: 355 # free: 356 # free: 357 # free: 358 # free: 359 # free: 360 httptunnel:*:361: # free: 362 # free: 363 # free: 364 # free: 365 # free: 366 # free: 367 # free: 368 # free: 369 # free: 370 # free: 371 # free: 372 # free: 373 # free: 374 # free: 375 # free: 376 # free: 377 # free: 378 # free: 379 # free: 380 # free: 381 # free: 382 # free: 383 # free: 384 # free: 385 # free: 386 # free: 387 # free: 388 ldap:*:389: # free: 390 # free: 391 # free: 392 # free: 393 # free: 394 # free: 395 # free: 396 # free: 397 tiarra:*:398: # free: 399 # free: 400 # free: 401 # free: 402 # free: 403 # free: 404 # free: 405 # free: 406 # free: 407 # free: 408 # free: 409 # free: 410 uhub:*:411: # free: 412 # free: 413 # free: 414 # free: 415 # free: 416 # free: 417 # free: 418 # free: 419 # free: 420 # free: 421 # free: 422 # free: 423 # free: 424 # free: 425 drweb:*:426: # free: 427 # free: 428 varnish:*:429: # free: 430 # free: 431 # free: 432 # free: 433 # free: 434 # free: 435 # free: 436 # free: 437 # free: 438 # free: 439 # free: 440 # free: 441 quasselcore:*:442: # free: 443 callweaver:*:444: # free: 445 # free: 446 # free: 447 # free: 448 # free: 449 ecartis:*:450: # free: 451 # free: 452 # free: 453 # free: 454 # free: 455 # free: 456 # free: 457 # free: 458 # free: 459 # free: 460 # free: 461 # free: 462 # free: 463 # free: 464 courier:*:465: condor:*:466: netmon:*:467: slurm:*:468: consul:*:469: serf:*:470: vault:*:471: nomad:*:472: # free: 473 # free: 474 # free: 475 # free: 476 # free: 477 prometheus:*:478: # free: 479 # free: 480 # free: 481 # free: 482 # free: 483 # free: 484 # free: 485 # free: 486 # free: 487 # free: 488 # free: 489 # free: 490 # free: 491 # free: 492 # free: 493 # free: 494 # free: 495 # free: 496 # free: 497 # free: 498 # free: 499 # free: 500 # free: 501 # free: 502 # free: 503 # free: 504 _bbstored:*:505: radmind:*:506: skkserv:*:507: # free: 508 # free: 509 # free: 510 # free: 511 pwhois:*:512: # free: 513 # free: 514 # free: 515 # free: 516 # free: 517 # free: 518 # free: 519 # free: 520 davmail:*:521: nullmail:*:522: freevo:*:523: # free: 524 dkimproxy:*:525: # free: 526 # free: 527 # free: 528 # free: 529 # free: 530 # free: 531 # free: 532 # free: 533 pgbouncer:*:534: redis:*:535: # free: 536 # free: 537 # free: 538 # free: 539 # free: 540 # free: 541 _flowd:*:542: ejabberd:*:543: # free: 544 # free: 545 # free: 546 # free: 547 # free: 548 # free: 549 # free: 550 # free: 551 kresd:*:552: knot:*:553: qtss:*:554: ircdru:*:555: messagebus:*:556: pulse-rt:*:557: avahi:*:558: tacacs:*:559: haldaemon:*:560: distcc:*:561: polkit:*:562: pulse:*:563: pulse-access:*:564: polkitd:*:565: # free: 566 # free: 567 # free: 568 # free: 569 # free: 570 # free: 571 # free: 572 # free: 573 # free: 574 nexus:*:575: # free: 576 # free: 577 # free: 578 # free: 579 # free: 580 # free: 581 # free: 582 # free: 583 # free: 584 # free: 585 # free: 586 assp:*:587: avahi-autoipd:*:588: # free: 589 # free: 590 # free: 591 # free: 592 # free: 593 # free: 594 # free: 595 # free: 596 # free: 597 # free: 598 # free: 599 _xsi:*:600: _tss:*:601: _pkcs11:*:602: # free: 603 # free: 604 # free: 605 # free: 606 # free: 607 # free: 608 # free: 609 freeswitch:*:610: # free: 611 # free: 612 # free: 613 # free: 614 ntpa:*:615: taskd:*:616: # free: 617 # free: 618 # free: 619 # free: 620 # free: 621 # free: 622 # free: 623 # free: 624 # free: 625 # free: 626 # free: 627 # free: 628 # free: 629 # free: 630 # free: 631 # free: 632 # free: 633 # free: 634 # free: 635 # free: 636 # free: 637 # free: 638 caldavd:*:639: # free: 640 monkeysphere:*:641: # free: 642 # free: 643 # free: 644 # free: 645 # free: 646 # free: 647 # free: 648 # free: 649 # free: 650 # free: 651 # free: 652 # free: 653 # free: 654 # free: 655 # free: 656 # free: 657 # free: 658 # free: 659 # free: 660 # free: 661 # free: 662 # free: 663 # free: 664 # free: 665 aox:*:666: riak:*:667: # free: 668 # free: 669 # free: 670 # free: 671 # free: 672 # free: 673 # free: 674 # free: 675 # free: 676 # free: 677 # free: 678 # free: 679 # free: 680 # free: 681 # free: 682 # free: 683 # free: 684 # free: 685 # free: 686 # free: 687 # free: 688 # free: 689 # free: 690 # free: 691 # free: 692 # free: 693 # free: 694 # free: 695 # free: 696 # free: 697 # free: 698 # free: 699 bnetd:*:700: fastnetmon:*:701: _sndio:*:702: # free: 703 # free: 704 # free: 705 # free: 706 # free: 707 # free: 708 # free: 709 # free: 710 # free: 711 # free: 712 # free: 713 # free: 714 # free: 715 # free: 716 bopm:*:717: # free: 718 # free: 719 # free: 720 # free: 721 # free: 722 # free: 723 # free: 724 # free: 725 # free: 726 # free: 727 # free: 728 # free: 729 # free: 730 # free: 731 # free: 732 # free: 733 # free: 734 # free: 735 # free: 736 # free: 737 # free: 738 # free: 739 # free: 740 # free: 741 # free: 742 # free: 743 # free: 744 # free: 745 # free: 746 # free: 747 # free: 748 # free: 749 # free: 750 # free: 751 # free: 752 # free: 753 # free: 754 # free: 755 # free: 756 # free: 757 # free: 758 # free: 759 # free: 760 # free: 761 # free: 762 # free: 763 # free: 764 # free: 765 # free: 766 # free: 767 # free: 768 # free: 769 postgres:*:770: # free: 771 # free: 772 # free: 773 # free: 774 # free: 775 # free: 776 openxpki:*:777: # free: 778 bitcoin:*:779: zetacoin:*:780: # free: 781 # free: 782 # free: 783 # free: 784 # free: 785 # free: 786 # free: 787 # free: 788 # free: 789 # free: 790 # free: 791 # free: 792 # free: 793 # free: 794 # free: 795 # free: 796 # free: 797 # free: 798 # free: 799 # free: 800 # free: 801 # free: 802 # free: 803 # free: 804 # free: 805 # free: 806 # free: 807 # free: 808 # free: 809 # free: 810 # free: 811 foreman_proxy:*:812: # free: 813 puppet:*:814: uchiwa:*:815: # free: 816 btsync:*:817: jenkins:*:818: rundeck:*:819: openacs:*:820: dotlrn:*:821: # free: 822 # free: 823 # free: 824 polw:*:825: statsd:*:826: # free: 827 # free: 828 # free: 829 # free: 830 # free: 831 # free: 832 # free: 833 # free: 834 # free: 835 # free: 836 # free: 837 # free: 838 # free: 839 netdisco:*:840: tcpcryptd:*:841: munin:*:842: dahdi:*:843:asterisk subsonic:*:844: # free: 845 sogod:*:846: domoticz:*:847: graylog:*:848: # free: 849 # free: 850 # free: 851 # free: 852 # free: 853 # free: 854 # free: 855 # free: 856 # free: 857 # free: 858 # free: 859 # free: 860 # free: 861 # free: 862 # free: 863 # free: 864 # free: 865 # free: 866 # free: 867 # free: 868 # free: 869 # free: 870 # free: 871 # free: 872 # free: 873 # free: 874 # free: 875 # free: 876 # free: 877 # free: 878 # free: 879 # free: 880 # free: 881 # free: 882 # free: 883 # free: 884 # free: 885 # free: 886 # free: 887 # free: 888 # free: 889 # free: 890 # free: 891 # free: 892 # free: 893 # free: 894 # free: 895 # free: 896 znc:*:897: ufdb:*:898: guacamole:*:899: seafile:*:900: fossy:*:901:www scanlogd:*:902: _ocserv:*:903: grafana:*:904: artifactory:*:905: opentsdb:*:906: influxd:*:907: riemann:*:908: proxy65:*:909: bacula:*:910: iserv:*:911: _sj3:*:912: _relayd:*:913: bitlbee:*:914: logcheck:*:915: ssmtp:*:916: prayer:*:917: nefu:*:918: couchdb:*:919: vboxusers:*:920: transmission:*:921: mongodb:*:922: liquidsoap:*:923: postpals:*:924: mfs:*:925: minbif:*:926: kumofs:*:927: nslcd:*:928: activemq:*:929: ifgraph:*:930: asterisk:*:931: sancp:*:932: dlna:*:933: torrus:*:934:www erlyvideo:*:935: crtmpserver:*:936: get_iplayer:*:937: vdr:*:938: noip:*:939: _tcpproxy:*:940: cego:*:941: teamspeak:*:942: dnetfold:*:943: bbs:*:944: dbxml:*:945: mediatomb:*:946: gnokii:*:947: dnrd:*:948: _lldpd:*:949: conquest:*:950: openerpd:*:951: bitten-slave:*:952: _neubot:*:953: # free: 954 hadoop:*:955: pandora:*:956: razorback:*:957: gnunet:*:958: c_icap:*:959: trytond:*:960: gearmand:*:961: zookeeper:*:962: fluentd:*:963: git_daemon:*:964: elasticsearch:*:965: ossec:*:966: # free: 967 # free: 968 kippo:*:969: colord:*:970: shibd:*:971: plex:*:972: boinc:*:973: radicale:*:974: unifi:*:975: minetest:*:976: # free: 977 # free: 978 ums:*:979: hbase:*:980: uvncrep:*:981: bro:*:982: syncthing:*:983: tvheadend:*:984: puppetdb:*:985: kamailio:*:986: spark:*:987: # free: 988 emby:*:989: oozie:*:990: sguil:*:991: hive:*:992: kannel:*:993: rcynic:*:994: rpkirtr:*:995: tarantool:*:996: bareos:*:997: _rmilter:*:998: ebnetd:*:999: # DO NOT USE: 1000-65532 nogroup:*:65533: nobody:*:65534: Index: head/UIDs =================================================================== --- head/UIDs (revision 428836) +++ head/UIDs (revision 428837) @@ -1,950 +1,950 @@ # $FreeBSD$ # Please keep this file sorted by UID! # Please pick an empty slot when available and also consider base values from # /usr/src/etc/master.passwd operator:*:2:5::0:0:System &:/:/usr/sbin/nologin ftp:*:14:14::0:0:Anonymous FTP:/var/ftp:/nonexistent smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin majordom:*:54:54::0:0:Majordomo Pseudo User:/usr/local/majordomo:/nonexistent rdfdb:*:55:55::0:0:rdfDB Daemon:/var/db/rdfdb:/bin/sh spamd:*:58:58::0:0:SpamAssassin user:/var/spool/spamd:/usr/sbin/nologin unbound:*:59:59::0:0:Unbound DNS Resolver:/nonexistent:/usr/sbin/nologin cyrus:*:60:60::0:0:the cyrus mail server:/nonexistent:/nonexistent gnats:*:61:1::0:0:GNATS database owner:/usr/local/share/gnats/gnats-db:/bin/sh proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/nonexistent uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/nonexistent pop:*:68:6::0:0:Post Office Owner (popper):/nonexistent:/usr/sbin/nologin wnn:*:69:7::0:0:Wnn:/nonexistent:/nonexistent pgsql:*:70:70::0:0:PostgreSQL pseudo-user:/usr/local/pgsql:/bin/sh oracle:*:71:71::0:0:Oracle:/usr/local/oracle7:/usr/sbin/nologin ircd:*:72:72::0:0:IRC daemon:/nonexistent:/nonexistent ircservices:*:73:73::0:0:IRC services:/nonexistent:/nonexistent simscan:*:74:74::0:0:Simscan User:/nonexistent:/usr/sbin/nologin ifmail:*:75:66::0:0:Ifmail user:/nonexistent:/nonexistent hybserv:*:76:76::0:0:HybServ Daemon:/nonexistent:/usr/sbin/nologin auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin virtuoso:*:79:79::0:0:Virtuoso Universal Server:/usr/local/virtuoso:/bin/sh www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin alias:*:81:81::0:0:QMail user:/var/qmail/alias:/nonexistent qmaild:*:82:81::0:0:QMail user:/var/qmail:/nonexistent qmaill:*:83:81::0:0:QMail user:/var/qmail:/nonexistent qmailp:*:84:81::0:0:QMail user:/var/qmail:/nonexistent qmailq:*:85:82::0:0:QMail user:/var/qmail:/nonexistent qmailr:*:86:82::0:0:QMail user:/var/qmail:/nonexistent qmails:*:87:82::0:0:QMail user:/var/qmail:/nonexistent mysql:*:88:88::0:0:MySQL Daemon:/var/db/mysql:/usr/sbin/nologin vpopmail:*:89:89::0:0:VPop Mail User:/usr/local/vpopmail:/nonexistent firebird:*:90:90::0:0:Firebird Database Administrator:/var/db/firebird:/bin/sh mailman:*:91:91::0:0:Mailman User:/usr/local/mailman:/usr/sbin/nologin gdm:*:92:92::0:0:GNOME Display Manager:/usr/local/etc/gdm/home:/usr/sbin/nologin jabber:*:93:93::0:0:Jabber Daemon:/nonexistent:/nonexistent p4admin:*:94:94::0:0:Perforce admin:/nonexistent:/usr/sbin/nologin interch:*:95:95::0:0:Interchange user:/usr/local/interchange:/usr/sbin/nologin squeuer:*:96:96::0:0:SQueuer Owner:/nonexistent:/bin/sh mud:*:97:97::0:0:MUD Owner:/nonexistent:/bin/sh msql:*:98:98::0:0:mSQL-2 pseudo-user:/var/db/msqldb:/bin/sh rscsi:*:99:99::0:0:Remote SCSI:/usr/local/rscsi:/usr/local/sbin/rscsi squid:*:100:100::0:0:squid caching-proxy pseudo user:/var/squid:/usr/sbin/nologin quagga:*:101:101::0:0:Quagga route daemon pseudo user:/var/empty:/usr/sbin/nologin ganglia:*:102:102::0:0:Ganglia User:/nonexistent:/usr/sbin/nologin sgeadmin:*:103:103::0:0:Sun Grid Engine Admin:/nonexistent:/usr/sbin/nologin slimserv:*:104:104::0:0:Slim Devices SlimServer pseudo-user:/nonexistent:/usr/sbin/nologin dnetc:*:105:105::0:0:distributed.net client and proxy pseudo-user:/nonexistent:/usr/sbin/nologin clamav:*:106:106::0:0:Clamav Antivirus:/nonexistent:/usr/sbin/nologin cacti:*:107:107::0:0:Cacti Sandbox:/nonexistent:/usr/sbin/nologin webkit:*:108:108::0:0:WebKit Default User:/usr/local/www/webkit:/bin/sh quickml:*:109:109::0:0:quickml Server:/nonexistent:/usr/sbin/nologin vscan:*:110:110::0:0:Scanning Virus Account:/var/maiad:/bin/sh fido:*:111:111::0:0:Fido System:/usr/local/fido:/bin/sh dcc:*:112:112::0:0:Distributed Checksum Clearinghouse:/nonexistent:/usr/sbin/nologin amavis:*:113:113::0:0:Amavis-stats Account:/nonexistent:/usr/sbin/nologin dhis:*:114:114::0:0:DHIS Daemon:/nonexistent:/usr/sbin/nologin _symon:*:115:115::0:0:Symon Account:/var/empty:/usr/sbin/nologin hplip:*:116:116::0:0:HPLIP Server:/nonexistent:/usr/sbin/nologin smokeping:*:117:117::0:0:SmokePing Daemon:/nonexistent:/usr/sbin/nologin ircproxyd:*:118:118::0:0:Night Light IRC Proxy:/nonexistent:/usr/sbin/nologin mythtv:*:119:119::0:0:MythTV pseudo-user:/nonexistent:/bin/sh pdns_recursor:*:120:120::0:0:pdns_recursor pseudo-user:/nonexistent:/usr/sbin/nologin otrs:*:121:121::0:0:OTRS Administrator:/usr/local/otrs:/bin/csh zabbix:*:122:122::0:0:Zabbix NMS:/nonexistent:/bin/sh _ntp:*:123:123::0:0:NTP Daemon:/var/empty:/usr/sbin/nologin fetchmail:*:124:124::0:0:Fetchmail mail-retrieval daemon:/nonexistent:/usr/sbin/nologin postfix:*:125:125::0:0:Postfix Mail System:/var/spool/postfix:/usr/sbin/nologin # free: 126 navcron:*:127:127::0:0:Network Administration Visualized:/usr/local/nav:/usr/sbin/nologin sd-agent:*:128:128::0:0:ServerDensity Agent:/nonexistent:/usr/sbin/nologin # free: 129 _bgpd:*:130:130::0:0:BGP Daemon:/var/empty:/usr/sbin/nologin _ospfd:*:131:131::0:0:OSPF Daemon:/var/empty:/usr/sbin/nologin _spamd:*:132:132::0:0:Spam Daemon:/var/empty:/usr/sbin/nologin freeradius:*:133:133::0:0:FreeRADIUS Daemon:/nonexistent:/usr/sbin/nologin undernet:*:134:134::0:0:Undernet ircu Daemon:/nonexistent:/usr/sbin/nologin rabbitmq:*:135:135::0:0:RabbitMQ:/var/db/rabbitmq:/usr/sbin/nologin dhcpd:*:136:136::0:0:ISC DHCP daemon:/nonexistent:/usr/sbin/nologin mpd:*:137:137::0:0:MusicPD pseudo-user:/var/mpd:/usr/sbin/nologin wolfpack:*:138:138::0:0:Wolfpack Empire Server:/usr/local/share/wolfpack:/usr/sbin/nologin shellinabox:*:139:139::0:0:Shell In A Box:/nonexistent:/usr/sbin/nologin amanda:*:140:140::0:0:Amanda Daemon:/var/db/amanda:/usr/sbin/nologin cricket:*:141:80::0:0:Cricket Monitoring User:/usr/local/cricket:/usr/sbin/nologin ladvd:*:142:142::0:0:Ladvd User:/var/empty:/usr/sbin/nologin dovecot:*:143:143::0:0:Dovecot User:/var/empty:/usr/sbin/nologin dovenull:*:144:144::0:0:Dovecot login User:/var/empty:/usr/sbin/nologin webcamd:*:145:145::0:0:Webcamd user:/var/empty:/usr/sbin/nologin ventrilo:*:146:146::0:0:& server:/usr/local/ventrilo-server:/usr/sbin/nologin kdm:*:147:147::0:0:KDE Display Manager:/nonexistent:/usr/sbin/nologin ipv6mon:*:148:148::0:0:IPv6 Address Monitoring Daemon:/nonexistent:/usr/sbin/nologin avenger:*:149:149::0:0:Mail Avenger:/var/spool/avenger:/usr/sbin/nologin cbsd:*:150:150::0:0:Cbsd user:/nonexistent:/bin/sh pop3vscan:*:151:6::0:0:POP3VScan Daemon:/var/spool/pop3vscan:/usr/sbin/nologin iog:*:152:80::0:0:iog Monitoring Owner:/usr/local/iog:/usr/sbin/nologin rbldns:*:153:153::0:0:rbldnsd pseudo-user:/nonexistent:/usr/sbin/nologin trircd:*:154:154::0:0:& user:/usr/local/etc/tr-ircd:/usr/sbin/nologin # free: 155 monetdb:*:156:156::0:0:MonetDB user:/usr/local/monetdb5:/bin/sh barman:*:157:157::0:0:Barman user:/var/barman:/bin/sh pootle:*:158:158::0:0:Pootle User:/var/db/pootle:/usr/sbin/nologin nocat:*:159:159::0:0:NoCat Daemon:/libexec/nocat:/sbin/nologin _ypldap:*:160:160::0:0:YP Ldap unprivileged user:/var/empty:/usr/sbin/nologin solr:*:161:161::0:0:Apache Solr System:/var/db/solr:/usr/sbin/nologin octoprint:*:162:162::0:0:OctoPrint Daemon:/usr/local/octoprint:/usr/sbin/nologin _iked:*:163:163::0:0:IKEv2 Daemon:/var/empty:/usr/sbin/nologin # free: 164 # free: 165 # free: 166 # free: 167 # free: 168 # free: 169 tile38:*:170:170::0:0:Tile38 User:/var/db/tile38:/usr/sbin/nologin sfs:*:171:171::0:0:Self-Certifying File System:/nonexistent:/usr/sbin/nologin agk:*:172:172::0:0:AquaGateKeeper:/nonexistent:/nonexistent polipo:*:173:173::0:0:polipo web cache:/nonexistent:/usr/sbin/nologin flowtools:*:174:174::0:0:Flow-tools collector pseudo-user:/nonexistent:/usr/sbin/nologin twms:*:175:175::0:0:tWMS pseudo-user:/nonexistent:/usr/sbin/nologin mlvpn:*:176:176::0:0:mlVPN pseudo-user:/var/run/mlvpn:/usr/sbin/nologin _mdnsd:*:177:177::0:0:Multicast DNS Daemon:/var/empty:/usr/sbin/nologin otpw:*:178:178::0:0:OTPW pseudo-user:/var/lib/otpw:/usr/sbin/nologin gdnsd:*:179:179::0:0:gDNSd pseudo-user:/nonexistent:/usr/sbin/nologin # free: 180 nagios:*:181:181::0:0:Nagios pseudo-user:/var/spool/nagios:/usr/sbin/nologin noc:*:182:182::0:0:NOC pseudo-user:/usr/local/noc:/bin/sh icinga:*:183:183::0:0:Icinga pseudo-user:/var/spool/icinga:/usr/sbin/nologin dnscache:*:184:184::0:0:dnscache pseudo-user:/nonexistent:/usr/sbin/nologin tinydns:*:185:185::0:0:tinydns pseudo-user:/nonexistent:/usr/sbin/nologin dnslog:*:186:186::0:0:dnslog pseudo-user:/nonexistent:/usr/sbin/nologin swift:*:187:187::0:0:Swift daemon pseudo-user:/nonexistent:/usr/sbin/nologin netxms:*:188:188::0:0:netxms pseudo-user:/nonexistent:/usr/sbin/nologin leofs:*:189:189::0:0:LeoFS daemons pseudo-user:/var/db/leofs:/usr/sbin/nologin keystone:*:190:190::0:0:Keystone pseudo-user:/var/lib/keystone:/usr/sbin/nologin glance:*:191:191::0:0:Glance pseudo-user:/var/lib/glance:/usr/sbin/nologin moinmoin:*:192:192::0:0:MoinMoin User:/nonexistent:/usr/sbin/nologin cups:*:193:193::0:0:Cups Owner:/nonexistent:/usr/sbin/nologin saned:*:194:194::0:0:SANE Scanner Daemon:/nonexistent:/bin/sh radns:*:195:195::0:0:radns user:/nonexistent:/usr/sbin/nologin -# free: 196 +nova:*:196:196::0:0:Nova daemon pseudo-user:/var/lib/nova:/usr/sbin/nologin # free: 197 # free: 198 mcserver:*:199:199::0:0:Minecraft Server:/nonexistent:/bin/sh sympa:*:200:200::0:0:Sympa Owner:/nonexistent:/usr/sbin/nologin privoxy:*:201:201::0:0:Privoxy proxy user:/nonexistent:/usr/sbin/nologin dspam:*:202:202::0:0:Dspam:/nonexistent:/usr/sbin/nologin # free: 203 yate:*:204:204::0:0:Yate:/nonexistent:/usr/sbin/nologin gnugk:*:205:205::0:0:GNU GateKeeper pseudo-user:/nonexistent:/usr/sbin/nologin gini:*:206:206::0:0:& streaming server:/var/log/gini:/usr/sbin/nologin _mixminion:*:207:207::0:0:Mixminion server:/nonexistent:/usr/sbin/nologin _dnsdist:*:208:208::0:0:dnsdist user:/nonexistent:/usr/sbin/nologin gogs:*:209:209::0:0:gogs user:/var/db/gogs/home:/bin/sh shoutcast:*:210:210::0:0:Shoutcast sandbox:/nonexistent:/bin/sh git:*:211:211::0:0:gitosis user:/usr/local/git:/bin/sh hg:*:212:212::0:0:mercurial-server user:/usr/local/hg:/bin/sh drizzle:*:213:213::0:0:Drizzle daemon:/var/db/drizzle:/usr/sbin/nologin # free: 214 opendnssec:*:215:215::0:0:Opendnssec Pseudo User:/nonexistent:/usr/sbin/nologin nsd:*:216:216::0:0:NSD DNS Server:/nonexistent:/usr/sbin/nologin # free: 217 # free: 218 # free: 219 bs:*:220:220::0:0:Big Sister:/usr/local/bigsister:/bin/sh # free: 221 rtpproxy:*:222:222::0:0:& user:/nonexistent:/sbin/nologin # free: 223 # free: 224 postgrey:*:225:225::0:0:Postgrey Owner:/nonexistent:/usr/sbin/nologin sqlgrey:*:226:226::0:0:SQLgrey Owner:/nonexistent:/usr/sbin/nologin _hfm:*:227:227::0:0:hfm daemon:/nonexistent:/usr/sbin/nologin # free: 228 # free: 229 # free: 230 # free: 231 # free: 232 # free: 233 # free: 234 # free: 235 # free: 236 # free: 237 # free: 238 # free: 239 aprsd:*:240:240::0:0:aprsd:/nonexistent:/bin/sh tnc:*:241:241::0:0:aprsd:/nonexistent:/bin/sh prosody:*:242:242::0:0:Prosody Jabber Server:/nonexistent:/usr/sbin/nologin # free: 243 # free: 244 # free: 245 # free: 246 fcron:*:247:247::0:0:fcron pseudo-user:/nonexistent:/usr/sbin/nologin # free: 248 # free: 249 # free: 250 # free: 251 # free: 252 _adsuck:*:253:253::0:0:Adsuck ad blocking user:/nonexistent:/usr/sbin/nologin # free: 254 # free: 255 _tor:*:256:256::0:0:Tor anonymizing router:/var/db/tor:/usr/sbin/nologin _smtpd:*:257:257::0:0:OpenSMTPD:/var/empty:/usr/sbin/nologin _smtpq:*:258:258::0:0:OpenSMTPD queue user:/var/empty:/usr/sbin/nologin # free: 259 meta1s:*:260:260::0:0:MeTA1 SMTPS:/nonexistent:/usr/sbin/nologin meta1q:*:261:261::0:0:MeTA1 QMGR:/nonexistent:/usr/sbin/nologin meta1c:*:262:262::0:0:MeTA1 SMTPC:/nonexistent:/usr/sbin/nologin meta1m:*:263:263::0:0:MeTA1 misc:/nonexistent:/usr/sbin/nologin meta1:*:264:264::0:0:MeTA1 other:/nonexistent:/usr/sbin/nologin # free: 265 # free: 266 # free: 267 # free: 268 # free: 269 # free: 270 # free: 271 # free: 272 # free: 273 # free: 274 hacluster:*:275:275::0:0:Heartbeat cluster user:/nonexistent:/usr/sbin/nologin frontbase:*:276:276::0:0:FrontBase Daemon:/usr/local/FrontBase/Databases:/bin/sh # free: 277 rtg:*:278:278::0:0:RTG daemon:/nonexistent:/usr/sbin/nologin mrtg:*:279:279::0:0:MRTG daemon:/nonexistent:/usr/sbin/nologin xymon:*:280:280::0:0:Xymon Monitor:/nonexistent:/usr/sbin/nologin prelude:*:281:281::0:0:Prelude user:/nonexistent:/usr/sbin/nologin spread:*:282:282::0:0:Spread user:/nonexistent:/usr/sbin/nologin devmon:*:283:283::0:0:devmon monitor:/nonexistent:/usr/sbin/nologin vnstat:*:284:284::0:0:vnStat Network Monitor:/nonexistent:/usr/sbin/nologin exaddos:*:285:285::0:0:exaddos daemon user:/nonexistent:/usr/sbin/nologin rancid:*:286:286::0:0:RANCID daemon user:/usr/local/var/rancid:/bin/sh # free: 287 ntopng:*:288:288::0:0:ntopng daemon user:/nonexistent:/usr/sbin/nologin # free: 289 # free: 290 # free: 291 # free: 292 # free: 293 # free: 294 # free: 295 # free: 296 # free: 297 # free: 298 # free: 299 backuppc:*:300:300::0:0:BackupPC pseudo-user:/nonexistent:/usr/sbin/nologin # free: 301 # free: 302 # free: 303 # free: 304 # free: 305 # free: 306 # free: 307 # free: 308 # free: 309 # free: 310 # free: 311 _sphinx:*:312:312::0:0:Sphinxsearch Owner:/nonexistent:/usr/sbin/nologin _fastdfs:*:313:313::0:0:FastDFS Owner:/nonexistent:/usr/sbin/nologin # free: 314 # free: 315 # free: 316 # free: 317 # free: 318 # free: 319 # free: 320 # free: 321 # free: 322 # free: 323 # free: 324 dkfilter:*:325:325::0:0:DK Filter Owner:/nonexistent:/usr/sbin/nologin smfs:*:326:326::0:0:SMFSAV Owner:/nonexistent:/usr/sbin/nologin # free: 327 # free: 328 # free: 329 orthanc:*:330:330::0:0:Orthanc Daemon:/nonexistent:/usr/sbin/nologin # free: 331 # free: 332 # free: 333 # free: 334 # free: 335 _pma:*:336:80::0:0:phpMyAdmin Owner:/nonexistent:/usr/sbin/nologin daapd:*:337:337::0:0:daapd User:/nonexistent:/usr/sbin/nologin murmur:*:338:338::0:0:& User:/nonexistent:/usr/sbin/nologin # free: 339 wildfire:*:340:340::0:0:Wildfire Daemon:/nonexistent:/usr/sbin/nologin stunnel:*:341:341::0:0:Stunnel Daemon:/nonexistent:/usr/sbin/nologin openfire:*:342:342::0:0:Openfire IM Daemon:/nonexistent:/usr/sbin/nologin # free: 343 # free: 344 # free: 345 # free: 346 # free: 347 # free: 348 # free: 349 _sabnzbd:*:350:350::0:0:sabnzb Daemon:/nonexistent:/usr/sbin/nologin sonarr:*:351:65534::0:0:Sonarr PVR:/nonexistent:/usr/sbin/nologin # free: 352 _iodined:*:353:353::0:0:Iodine Daemon:/nonexistent:/usr/sbin/nologin # free: 354 # free: 355 # free: 356 # free: 357 # free: 358 # free: 359 # free: 360 httptunnel:*:361:361::0:0:httptunnel Daemon:/nonexistent:/usr/sbin/nologin # free: 362 # free: 363 # free: 364 # free: 365 # free: 366 # free: 367 # free: 368 # free: 369 # free: 370 # free: 371 # free: 372 # free: 373 # free: 374 # free: 375 # free: 376 # free: 377 # free: 378 # free: 379 # free: 380 # free: 381 # free: 382 # free: 383 # free: 384 # free: 385 # free: 386 # free: 387 # free: 388 ldap:*:389:389::0:0:OpenLDAP Server:/nonexistent:/usr/sbin/nologin # free: 390 # free: 391 # free: 392 # free: 393 # free: 394 # free: 395 # free: 396 # free: 397 tiarra:*:398:398::0:0:Tiarra IRC Proxy:/nonexistent:/usr/sbin/nologin # free: 399 # free: 400 # free: 401 # free: 402 # free: 403 # free: 404 # free: 405 # free: 406 # free: 407 # free: 408 # free: 409 # free: 410 uhub:*:411:411::0:0:uHub ADC Daemon:/nonexistent:/usr/sbin/nologin # free: 412 # free: 413 # free: 414 # free: 415 # free: 416 # free: 417 # free: 418 # free: 419 # free: 420 # free: 421 # free: 422 # free: 423 # free: 424 # free: 425 drweb:*:426:426::0:0:Dr.Web Mail Scanner:/nonexistent:/usr/sbin/nologin # free: 427 # free: 428 varnish:*:429:429::0:0:Varnish Cache User:/nonexistent:/usr/sbin/nologin varnishlog:*:430:429::0:0:Varnish Log User:/nonexistent:/usr/sbin/nologin # free: 431 # free: 432 # free: 433 # free: 434 # free: 435 # free: 436 # free: 437 # free: 438 # free: 439 # free: 440 # free: 441 quasselcore:*:442:442::0:0:Quassel IRC User:/nonexistent:/usr/sbin/nologin # free: 443 callweaver:*:444:444::0:0:Callweaver account:/var/lib/callweaver:/usr/sbin/nologin # free: 445 # free: 446 # free: 447 # free: 448 # free: 449 ecartis:*:450:450::0:0:Ecartis Listserver:/usr/local/ecartis:/usr/sbin/nologin # free: 451 # free: 452 # free: 453 # free: 454 # free: 455 # free: 456 # free: 457 # free: 458 # free: 459 # free: 460 # free: 461 # free: 462 # free: 463 # free: 464 courier:*:465:465::0:0:Courier Mail Server:/nonexistent:/usr/sbin/nologin condor:*:466:466::0:0:& user:/home/condor:/usr/sbin/nologin netmon:*:467:467::0:0:Network monitor account:/var/netmon:/usr/sbin/nologin slurm:*:468:468::0:0:SLURM Daemon:/nonexistent:/usr/sbin/nologin consul:*:469:469::0:0:Consul Daemon:/var/tmp/consul:/usr/sbin/nologin serf:*:470:470::0:0:Serf Daemon:/nonexistent:/usr/sbin/nologin vault:*:471:471::0:0:Vault Daemon:/nonexistent:/usr/sbin/nologin nomad:*:472:472::0:0:Nomad Daemon:/var/tmp/nomad:/usr/sbin/nologin # free: 473 # free: 474 # free: 475 # free: 476 # free: 477 prometheus:*:478:478::0:0:Prometheus Daemon:/var/tmp/prometheus:/usr/sbin/nologin # free: 479 # free: 480 # free: 481 # free: 482 # free: 483 # free: 484 # free: 485 # free: 486 # free: 487 # free: 488 # free: 489 # free: 490 # free: 491 # free: 492 # free: 493 # free: 494 # free: 495 # free: 496 # free: 497 # free: 498 # free: 499 # free: 500 # free: 501 # free: 502 # free: 503 # free: 504 _bbstored:*:505:505::0:0:Box Backup Store Daemon:/nonexistent:/usr/sbin/nologin radmind:*:506:506::0:0:radmind User:/var/radmind:/usr/sbin/nologin skkserv:*:507:507::0:0:skkserv User:/nonexistent:/usr/sbin/nologin # free: 508 # free: 509 # free: 510 # free: 511 pwhois:*:512:512::0:0:pwhoisd User:/nonexistent:/usr/sbin/nologin # free: 513 # free: 514 # free: 515 # free: 516 # free: 517 # free: 518 # free: 519 # free: 520 davmail:*:521:521::0:0:Davmail Exchange Gateway:/nonexistent:/usr/sbin/nologin nullmail:*:522:522::0:0:Nullmailer Mail System:/var/spool/nullmailer:/bin/sh freevo:*:523:523::0:0:Freevo User:/var/db/freevo:/bin/sh # free: 524 dkimproxy:*:525:525::0:0:DKIM Proxy Owner:/nonexistent:/usr/sbin/nologin # free: 526 # free: 527 # free: 528 # free: 529 # free: 530 # free: 531 # free: 532 # free: 533 pgbouncer:*:534:534::0:0:Pgbouncer Daemon:/nonexistent:/usr/sbin/nologin redis:*:535:535::0:0:Redis Daemon:/nonexistent:/usr/sbin/nologin # free: 536 # free: 537 # free: 538 # free: 539 # free: 540 # free: 541 _flowd:*:542:542::0:0:flowd privilege separation user:/var/empty:/usr/sbin/nologin ejabberd:*:543:543::0:0:ejabberd pseudo user:/var/spool/ejabberd:/bin/sh # free: 544 # free: 545 # free: 546 # free: 547 # free: 548 # free: 549 # free: 550 # free: 551 kresd:*:552:552::0:0:Knot DNS Resolver:/nonexistent:/usr/sbin/nologin knot:*:553:553::0:0:Knot DNS Server:/nonexistent:/usr/sbin/nologin qtss:*:554:554::0:0:Darwin Streaming Server:/nonexistent:/usr/sbin/nologin ircdru:*:555:555::0:0:Russian hybrid IRC server:/nonexistent:/bin/sh messagebus:*:556:556::0:0:D-BUS Daemon User:/nonexistent:/usr/sbin/nologin # free: 557 avahi:*:558:558::0:0:Avahi Daemon User:/nonexistent:/usr/sbin/nologin tacacs:*:559:559::0:0:TACACS+ Daemon User:/nonexistent:/usr/sbin/nologin haldaemon:*:560:560::0:0:HAL Daemon User:/nonexistent:/usr/sbin/nologin distcc:*:561:561::0:0:Distcc user:/nonexistent:/usr/sbin/nologin polkit:*:562:562::0:0:PolicyKit User:/nonexistent:/usr/sbin/nologin pulse:*:563:563::0:0:PulseAudio System User:/nonexistent:/usr/sbin/nologin # free: 564 polkitd:*:565:565::0:0:Polkit Daemon User:/var/empty:/usr/sbin/nologin # free: 566 # free: 567 # free: 568 # free: 569 # free: 570 # free: 571 # free: 572 # free: 573 # free: 574 nexus:*:575:575::0:0:Nexus Repository Manager OSS:/nonexistent:/usr/sbin/nologin # free: 576 # free: 577 # free: 578 # free: 579 # free: 580 # free: 581 # free: 582 # free: 583 # free: 584 # free: 585 # free: 586 assp:*:587:587::0:0:ASSP Anti-Spam Proxy:/var/db/assp:/usr/sbin/nologin avahi-autoipd:*:588:588::0:0:Avahi Autoipd Daemon user:/nonexistent:/usr/sbin/nologin # free: 589 # free: 590 # free: 591 # free: 592 # free: 593 # free: 594 # free: 595 # free: 596 # free: 597 # free: 598 # free: 599 _xsi:*:600:600::0:0:XMLSysInfo User:/nonexistent:/usr/sbin/nologin _tss:*:601:601:daemon:0:0:TrouSerS user:/var/empty:/usr/sbin/nologin _pkcs11:*:602:602:daemon:0:0:opencryptoki user:/var/empty:/usr/sbin/nologin # free: 603 # free: 604 # free: 605 # free: 606 # free: 607 # free: 608 # free: 609 freeswitch:*:610:610::0:0:Freeswitch user:/nonexistent:/usr/sbin/nologin # free: 611 # free: 612 # free: 613 # free: 614 ntpa:*:615:615::0:0:NTPa user:/nonexistent:/usr/sbin/nologin taskd:*:616:616::0:0:taskd user:/nonexistent:/usr/sbin/nologin # free: 617 # free: 618 # free: 619 # free: 620 # free: 621 # free: 622 # free: 623 # free: 624 # free: 625 # free: 626 # free: 627 # free: 628 # free: 629 # free: 630 # free: 631 # free: 632 # free: 633 # free: 634 # free: 635 _pla:*:636:80::0:0:phpLDAPAdmin Owner:/nonexistent:/usr/sbin/nologin # free: 637 # free: 638 caldavd:*:639:639::0:0:Caldavd user:/var/db/caldavd:/usr/sbin/nologin # free: 640 monkeysphere:*:641:641::0:0:Monkeysphere User:/var/monkeysphere:/usr/local/bin/bash # free: 642 # free: 643 # free: 644 # free: 645 # free: 646 # free: 647 # free: 648 # free: 649 # free: 650 # free: 651 # free: 652 # free: 653 # free: 654 # free: 655 # free: 656 # free: 657 # free: 658 # free: 659 # free: 660 # free: 661 # free: 662 # free: 663 # free: 664 # free: 665 aox:*:666:666::0:0:Archiveopteryx user:/nonexistent:/usr/sbin/nologin riak:*:667:667::0:0:Riak user:/usr/local/lib/riak:/bin/sh riakcs:*:668:667::0:0:Riak CS user:/usr/local/lib/riak-cs:/bin/sh stanchion:*:669:667::0:0:Stanchion user:/usr/local/lib/stanchion:/bin/sh # free: 670 # free: 671 # free: 672 # free: 673 # free: 674 # free: 675 # free: 676 # free: 677 # free: 678 # free: 679 # free: 680 # free: 681 # free: 682 # free: 683 # free: 684 # free: 685 # free: 686 # free: 687 # free: 688 # free: 689 # free: 690 # free: 691 # free: 692 # free: 693 # free: 694 # free: 695 # free: 696 # free: 697 # free: 698 # free: 699 bnetd:*:700:700::0:0:Bnetd user:/nonexistent:/usr/sbin/nologin fastnetmon:*:701:701::0:0:FastNetMon user:/nonexistent:/usr/sbin/nologin _sndio:*:702:702::0:0:sndio privsep:/var/empty:/usr/sbin/nologin # free: 703 # free: 704 # free: 705 # free: 706 # free: 707 # free: 708 # free: 709 # free: 710 # free: 711 # free: 712 # free: 713 # free: 714 # free: 715 # free: 716 bopm:*:717:717::0:0:Blitzed Open Proxy Monitor:/nonexistent:/bin/sh _dnscrypt-wrapper:*:718:65534::0:0:dnscrypt-wrapper user:/var/empty:/usr/sbin/nologin # free: 719 # free: 720 # free: 721 # free: 722 # free: 723 # free: 724 # free: 725 # free: 726 # free: 727 # free: 728 # free: 729 # free: 730 # free: 731 # free: 732 # free: 733 # free: 734 # free: 735 # free: 736 # free: 737 # free: 738 # free: 739 # free: 740 # free: 741 # free: 742 # free: 743 # free: 744 # free: 745 # free: 746 # free: 747 # free: 748 # free: 749 # free: 750 # free: 751 # free: 752 # free: 753 # free: 754 # free: 755 # free: 756 # free: 757 # free: 758 # free: 759 # free: 760 # free: 761 # free: 762 # free: 763 # free: 764 # free: 765 # free: 766 # free: 767 # free: 768 # free: 769 postgres:*:770:770::0:0:PostgreSQL Daemon:/var/db/postgres:/bin/sh # free: 771 # free: 772 # free: 773 # free: 774 # free: 775 # free: 776 openxpki:*:777:777::0:0:OpenXPKI Owner:/nonexistent:/usr/sbin/nologin # free: 778 bitcoin:*:779:779::0:0:bitcoin Daemon:/var/db/bitcoin:/usr/sbin/nologin zetacoin:*:780:780::0:0:ZetaCoin Daemon:/nonexistent:/usr/sbin/nologin # free: 781 # free: 782 # free: 783 # free: 784 # free: 785 # free: 786 # free: 787 # free: 788 # free: 789 # free: 790 # free: 791 # free: 792 # free: 793 # free: 794 # free: 795 # free: 796 # free: 797 # free: 798 # free: 799 # free: 800 # free: 801 # free: 802 # free: 803 # free: 804 # free: 805 # free: 806 # free: 807 # free: 808 # free: 809 # free: 810 # free: 811 foreman_proxy:*:812:812::0:0:Foreman Smart Proxy:/usr/local/share/foreman-proxy:/usr/sbin/nologin # free: 813 puppet:*:814:814::0:0:Puppet Daemon:/nonexistent:/usr/sbin/nologin uchiwa:*:815:815::0:0:Uchiwa Dashboard:/nonexistent:/usr/sbin/nologin # free: 816 btsync:*:817:817::0:0:BitTorrent Sync Daemon:/nonexistent:/usr/sbin/nologin jenkins:*:818:818::0:0:Jenkins CI:/usr/local/jenkins:/bin/sh rundeck:*:819:819::0:0:Rundeck:/usr/local/rundeck:/bin/sh openacs:*:820:820::0:0:OpenACS Daemon User:/nonexistent:/usr/sbin/nologin dotlrn:*:821:821::0:0:.LRN Daemon User:/nonexistent:/usr/sbin/nologin titus:*:822:65533::0:0:Titus Daemon User:/nonexistent:/usr/sbin/nologin titus-keys:*:823:65533::0:0:Titus Keyserver User:/nonexistent:/usr/sbin/nologin # free: 824 polw:*:825:825::0:0:Policyd-weight Cache Owner:/nonexistent:/sbin/nologin statsd:*:826:826::0:0:Statsd Daemon:/nonexistent:/sbin/nologin # free: 827 # free: 828 # free: 829 # free: 830 # free: 831 # free: 832 # free: 833 # free: 834 # free: 835 # free: 836 # free: 837 # free: 838 # free: 839 netdisco:*:840:840::0:0:netdisco daemon:/nonexistent:/usr/sbin/nologin tcpcryptd:*:841:841::0:0:tcpcrypt daemon:/nonexistent:/usr/sbin/nologin munin:*:842:842::0:0:Munin:/var/munin:/usr/sbin/nologin # free: 843 subsonic:*:844:844::0:0:Subsonic standalone-server:/nonexistent:/usr/sbin/nologin # free: 845 sogod:*:846:846::0:0:SOGo groupware:/nonexistent:/usr/sbin/nologin domoticz:*:847:847::0:0:domoticz user:/nonexistent:/usr/sbin/nologin graylog:*:848:848::0:0:Graylog user:/nonexistent:/usr/sbin/nologin # free: 849 # free: 850 # free: 851 # free: 852 # free: 853 # free: 854 # free: 855 # free: 856 # free: 857 # free: 858 # free: 859 # free: 860 # free: 861 # free: 862 # free: 863 # free: 864 # free: 865 # free: 866 # free: 867 # free: 868 # free: 869 # free: 870 # free: 871 # free: 872 # free: 873 # free: 874 # free: 875 # free: 876 # free: 877 # free: 878 # free: 879 # free: 880 # free: 881 # free: 882 # free: 883 # free: 884 # free: 885 # free: 886 # free: 887 # free: 888 # free: 889 # free: 890 # free: 891 # free: 892 # free: 893 # free: 894 # free: 895 # free: 896 znc:*:897:897::0:0:ZNC User:/nonexistent:/usr/sbin/nologin ufdb:*:898:898::0:0:ufdb user:/nonexistent:/usr/sbin/nologin guacamole:*:899:899::0:0:Guacamole user:/nonexistent:/usr/sbin/nologin seafile:*:900:900::0:0:Seafile user:/nonexistent:/usr/bin/nologin fossy:*:901:901::0:0:FOSSology user:/usr/local/share/fossology:/usr/local/bin/bash scanlogd:*:902:902::0:0:scanlogd user:/nonexistent:/usr/sbin/nologin _ocserv:*:903:903::0:0:ocserv user:/nonexistent:/usr/sbin/nologin grafana:*:904:904::0:0:Grafana2:/nonexistent:/usr/bin/nologin artifactory:*:905:905::0:0:artifactory user:/nonexistent:/usr/sbin/nologin opentsdb:*:906:906::0:0:OpenTSDB Daemon:/var/empty:/usr/sbin/nologin influxd:*:907:907::0:0:InfluxDB Daemon:/var/empty:/usr/sbin/nologin riemann:*:908:908::0:0:Riemann User:/var/empty:/usr/sbin/nologin proxy65:*:909:909::0:0:Proxy65 Daemon:/nonexistent:/usr/sbin/nologin bacula:*:910:910::0:0:Bacula Daemon:/var/db/bacula:/usr/sbin/nologin iserv:*:911:911::0:0:Iserv Daemon:/nonexistent:/usr/sbin/nologin _sj3:*:912:912::0:0:SJ3 Daemon:/nonexistent:/usr/sbin/nologin _relayd:*:913:913::0:0:Relay Daemon:/var/empty:/usr/sbin/nologin bitlbee:*:914:914::0:0:Bitlbee pseudo-user:/var/db/bitlbee:/usr/sbin/nologin logcheck:*:915:915::0:0:Logcheck system account:/var/lib/logcheck:/usr/local/bin/bash # free: 916 _prayer:*:917:917::0:0:Prayer Account:/nonexistent:/usr/sbin/nologin nefu:*:918:918::0:0:Nefu daemon:/var/db/nefu:/usr/sbin/nologin couchdb:*:919:919::0:0:CouchDB Account:/var/empty:/usr/sbin/nologin vboxusers:*:920:920::0:0:Virtualbox user:/nonexistent:/usr/sbin/nologin transmission:*:921:921::0:0:Transmission Daemon User:/usr/local/etc/transmission/home:/usr/sbin/nologin mongodb:*:922:922::0:0:MongoDB pseudo-user:/var/db/mongodb:/usr/sbin/nologin liquidsoap:*:923:923::0:0:Liquidsoap User:/nonexistent:/usr/sbin/nologin postpals:*:924:924::0:0:postpals user:/nonexistent:/usr/sbin/nologin mfs:*:925:925::0:0:MooseFS User:/nonexistent:/usr/sbin/nologin minbif:*:926:926::0:0:Minbif Daemon User:/nonexistent:/usr/sbin/nologin kumofs:*:927:927::0:0:kumofs daemon:/nonexistent:/usr/sbin/nologin nslcd:*:928:928::0:0:nslcd daemon:/nonexistent:/usr/sbin/nologin activemq:*:929:929::0:0:ActiveMQ Daemon:/nonexistent:/usr/sbin/nologin ifgraph:*:930:930::0:0:ifGraph:/nonexistent:/usr/sbin/nologin asterisk:*:931:931::0:0:Asterisk User:/nonexistent:/usr/sbin/nologin sancp:*:932:932::0:0:SANCP Daemon:/var/log/sancp:/usr/sbin/nologin dlna:*:933:933::0:0:DLNA Daemon:/nonexistent:/usr/sbin/nologin torrus:*:934:934::0:0:torrus daemon:/nonexistent:/usr/sbin/nologin erlyvideo:*:935:935::0:0:erlyvideo user:/nonexistent:/usr/sbin/nologin crtmpserver:*:936:936::0:0:crtmpserver user:/nonexistent:/usr/sbin/nologin get_iplayer:*:937:937::0:0:get_iplayer user:/nonexistent:/usr/sbin/nologin vdr:*:938:938::0:0:vdr user:/nonexistent:/usr/sbin/nologin noip:*:939:939::0:0:noip user:/nonexistent:/usr/sbin/nologin _tcpproxy:*:940:940::0:0:tcpproxy user:/nonexistent:/usr/sbin/nologin cego:*:941:941::0:0:cego user:/usr/local/cego:/usr/sbin/nologin teamspeak:*:942:942::0:0:TeamSpeak user:/nonexistent:/usr/sbin/nologin dnetfold:*:943:943::0:0:& user:/nonexistent:/usr/sbin/nologin bbs:*:944:944::0:0:& user:/nonexistent:/usr/sbin/nologin dbxml:*:945:945::0:0:& user:/nonexistent:/usr/sbin/nologin mediatomb:*:946:946::0:0:Mediatomb UPnP AV MediaServer:/nonexistent:/usr/sbin/nologin mapred:*:947:955::0:0:Hadoop MapReduce user:/nonexistent:/usr/sbin/nologin dnrd:*:948:948::0:0:& user:/nonexistent:/usr/sbin/nologin _lldpd:*:949:949::0:0:lldpd user:/nonexistent:/usr/sbin/nologin # free: 950 openerpd:*:951:951::0:0:Openerpd user:/nonexistent:/usr/sbin/nologin bitten-slave:*:952:952:daemon:0:0:Bitten slave user:/var/lib/bitten-slave:/usr/sbin/nologin _neubot:*:953:953::0:0:neubot daemon:/nonexistent:/usr/sbin/nologin oops:*:954:65534::0:0:oops user:/nonexistent:/usr/sbin/nologin hdfs:*:955:955::0:0:Hadoop HDFS user:/nonexistent:/usr/sbin/nologin pandora:*:956:956::0:0:Pandora FMS user:/usr/local/etc/pandora/home:/usr/sbin/nologin razorback:*:957:957::0:0:Razorback user:/var/run/razorback:/usr/sbin/nologin gnunet:*:958:958::0:0:GNUnet daemon:/var/lib/gnunet:/usr/sbin/nologin c_icap:*:959:959::0:0:c-icap daemon:/var/empty:/usr/sbin/nologin trytond:*:960:960::0:0:trytond daemon:/var/empty:/usr/sbin/nologin gearmand:*:961:961::0:0:gearmand daemon:/var/empty:/usr/sbin/nologin zookeeper:*:962:962::0:0:zookeeper user:/nonexistent:/usr/sbin/nologin fluentd:*:963:963::0:0:fluentd user:/nonexistent:/usr/sbin/nologin git_daemon:*:964:964::0:0:git daemon:/nonexistent:/usr/sbin/nologin elasticsearch:*:965:965::0:0:elasticsearch user:/nonexistent:/usr/sbin/nologin ossec:*:966:966::0:0:OSSEC user:/usr/local/ossec-hids:/usr/sbin/nologin ossecm:*:967:966::0:0:OSSEC mail user:/usr/local/ossec-hids:/usr/sbin/nologin ossecr:*:968:966::0:0:OSSEC rem user:/usr/local/ossec-hids:/usr/sbin/nologin kippo:*:969:969::0:0:kippo user:/nonexistent:/usr/sbin/nologin colord:*:970:970::0:0:colord color management daemon:/nonexistent:/usr/sbin/nologin shibd:*:971:971::0:0:Shibboleth SAML daemon:/nonexistent:/usr/sbin/nologin plex:*:972:972::0:0:Plex Media Server:/nonexistent:/usr/sbin/nologin boinc:*:973:973::0:0:BOINC user:/var/db/boinc:/bin/sh radicale:*:974:974::0:0:Radicale daemon:/nonexistent:/usr/sbin/nologin unifi:*:975:975::0:0:Unifi Wireless Controller:/nonexistent:/usr/sbin/nologin minetest:*:976:976::0:0:& server:/nonexistent:/usr/sbin/nologin tests:*:977:65534::0:0:Unprivileged user for tests:/nonexistent:/usr/sbin/nologin _dnscrypt-proxy:*:978:65534::0:0:dnscrypt-proxy user:/var/empty:/usr/sbin/nologin ums:*:979:979::0:0:Universal Media Server:/nonexistent:/usr/sbin/nologin hbase:*:980:980::0:0:HBase user:/nonexistent:/usr/sbin/nologin uvncrep:*:981:981::0:0:UltraVNC Repeater daemon:/nonexistent:/usr/sbin/nologin bro:*:982:982::0:0:Bro Network Security Monitor:/nonexistent:/usr/sbin/nologin syncthing:*:983:983::0:0:Syncthing Daemon:/var/tmp/syncthing:/usr/sbin/nologin tvheadend:*:984:984::0:0:TV Headend:/usr/local/etc/tvheadend:/bin/sh puppetdb:*:985:985::0:0:PuppetDB Daemon pseudo-user:/nonexistent:/usr/sbin/nologin kamailio:*:986:986::0:0:kamailio daemon:/nonexistent:/usr/sbin/nologin spark:*:987:987::0:0:Apache Spark user:/nonexistent:/usr/sbin/nologin toxdht:*:988:65534::0:0:Tox DHT bootstrap user:/nonexistent:/usr/sbin/nologin emby:*:989:989::0:0:Emby:/nonexistent:/usr/sbin/nologin oozie:*:990:990::0:0:Apache Oozie user:/nonexistent:/usr/sbin/nologin sguil:*:991:991::0:0:Sguil:/nonexistent:/usr/sbin/nologin hive:*:992:992::0:0:Apache Hive user:/nonexistent:/usr/sbin/nologin kannel:*:993:993::0:0:Kannel User:/nonexistent:/usr/sbin/nologin rcynic:*:994:994::0:0:RPKI validation system:/nonexistent:/usr/sbin/nologin rpkirtr:*:995:995::0:0:RPKI router server:/nonexistent:/usr/sbin/nologin tarantool:*:996:996::0:0:Tarantool Daemon:/nonexistent:/usr/sbin/nologin bareos:*:997:997::0:0:Bareos Daemon:/var/db/bareos:/usr/sbin/nologin _rmilter:*:998:998::0:0:Rmilter daemon:/nonexistent:/usr/sbin/nologin ebnetd:*:999:999::0:0:EBNETD:/nonexistent:/usr/sbin/nologin # DO NOT USE: 1000-65533 nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin Index: head/emulators/Makefile =================================================================== --- head/emulators/Makefile (revision 428836) +++ head/emulators/Makefile (revision 428837) @@ -1,190 +1,191 @@ # $FreeBSD$ # COMMENT = Emulators for other operating systems SUBDIR += adamem SUBDIR += advancemame SUBDIR += advancemenu SUBDIR += advancemess SUBDIR += aftp SUBDIR += aqemu SUBDIR += atari800 SUBDIR += bfe SUBDIR += bochs SUBDIR += bsvc SUBDIR += catapult SUBDIR += cinc SUBDIR += cingb SUBDIR += citra SUBDIR += citra-qt5 SUBDIR += cpmemu SUBDIR += cpmtools SUBDIR += cpmtools2 SUBDIR += darcnes SUBDIR += dboxfe SUBDIR += desmume SUBDIR += dgen-sdl SUBDIR += dolphin-emu SUBDIR += dosbox SUBDIR += doscmd SUBDIR += dtcyber SUBDIR += dynagen SUBDIR += dynagui SUBDIR += dynamips-community SUBDIR += e-uae SUBDIR += fceux SUBDIR += fmsx SUBDIR += frodo SUBDIR += fs-uae SUBDIR += fs-uae-launcher SUBDIR += fuse SUBDIR += fuse-roms SUBDIR += fuse-utils SUBDIR += gbe SUBDIR += gem5 SUBDIR += generator SUBDIR += generator-cbiere SUBDIR += gens SUBDIR += gngb SUBDIR += gngeo SUBDIR += gns3 SUBDIR += gnuboy SUBDIR += gxemul SUBDIR += hatari SUBDIR += hercules SUBDIR += higan SUBDIR += hugo SUBDIR += hyperv-is SUBDIR += i386-wine SUBDIR += i386-wine-devel SUBDIR += i386-wine-staging SUBDIR += ia64sim SUBDIR += ines SUBDIR += javatari SUBDIR += joytran SUBDIR += jzintv SUBDIR += kcemu SUBDIR += klh10 SUBDIR += lib765 SUBDIR += libdsk SUBDIR += libspectrum SUBDIR += linux-c6 SUBDIR += linux-c7 SUBDIR += linux-f10 SUBDIR += linux_base-c6 SUBDIR += linux_base-c7 SUBDIR += linux_base-f10 SUBDIR += lisaem SUBDIR += loemu SUBDIR += m2000 SUBDIR += mame SUBDIR += mastergear SUBDIR += mednafen SUBDIR += mess SUBDIR += mtools SUBDIR += mupen64plus SUBDIR += mupen64plus-audio-sdl SUBDIR += mupen64plus-core SUBDIR += mupen64plus-input-sdl SUBDIR += mupen64plus-plugins SUBDIR += mupen64plus-rsp-cxd4 SUBDIR += mupen64plus-rsp-hle SUBDIR += mupen64plus-rsp-z64 SUBDIR += mupen64plus-ui-console SUBDIR += mupen64plus-video-arachnoid SUBDIR += mupen64plus-video-glide64 SUBDIR += mupen64plus-video-glide64mk2 SUBDIR += mupen64plus-video-rice SUBDIR += mupen64plus-video-z64 SUBDIR += nestopia SUBDIR += nonpareil SUBDIR += o2em SUBDIR += ods2reader SUBDIR += open-vm-tools SUBDIR += open-vm-tools-nox11 SUBDIR += openmsx SUBDIR += p5-Acme-6502 SUBDIR += parallels-tools SUBDIR += pcemu SUBDIR += pcsxr SUBDIR += pearpc SUBDIR += pipelight SUBDIR += playonbsd SUBDIR += ppsspp SUBDIR += ppsspp-qt4 SUBDIR += ppsspp-qt5 SUBDIR += py-gns3-converter + SUBDIR += py-nova SUBDIR += q4wine SUBDIR += qemu SUBDIR += qemu-cheri SUBDIR += qemu-cheri128 SUBDIR += qemu-cheri128m SUBDIR += qemu-devel SUBDIR += qemu-launcher SUBDIR += qemu-sbruno SUBDIR += qemu-user-static SUBDIR += qemu-utils SUBDIR += qmc2 SUBDIR += qtemu SUBDIR += quasi88 SUBDIR += raine SUBDIR += rtc SUBDIR += rubygem-fission SUBDIR += simh SUBDIR += skyeye SUBDIR += snes9express SUBDIR += snes9x SUBDIR += snes9x-gtk SUBDIR += spim SUBDIR += stella SUBDIR += stonx SUBDIR += swine SUBDIR += tiemu3 SUBDIR += tilem SUBDIR += tme SUBDIR += tpm-emulator SUBDIR += tuxnes SUBDIR += uae SUBDIR += ucon64 SUBDIR += unicorn SUBDIR += vba SUBDIR += vboxtool SUBDIR += vgb-bin SUBDIR += vgba-bin SUBDIR += vice SUBDIR += virtio-kmod SUBDIR += virtualbox-ose SUBDIR += virtualbox-ose-additions SUBDIR += virtualbox-ose-additions-nox11 SUBDIR += virtualbox-ose-kmod SUBDIR += virtualbox-ose-nox11 SUBDIR += visualboyadvance-m SUBDIR += vmips SUBDIR += vmsbackup SUBDIR += vmw SUBDIR += vpcs SUBDIR += vxtools SUBDIR += wine SUBDIR += wine-devel SUBDIR += wine-gecko SUBDIR += wine-gecko-devel SUBDIR += wine-mono SUBDIR += wine-mono-devel SUBDIR += wine-staging SUBDIR += winetricks SUBDIR += wxmupen64plus SUBDIR += x48 SUBDIR += x49gp SUBDIR += xbraitenberg SUBDIR += xcpc SUBDIR += xen SUBDIR += xen-kernel SUBDIR += xhomer SUBDIR += xsystem35 SUBDIR += xzx SUBDIR += yabause SUBDIR += yape SUBDIR += zsnes .include Index: head/emulators/py-nova/Makefile =================================================================== --- head/emulators/py-nova/Makefile (nonexistent) +++ head/emulators/py-nova/Makefile (revision 428837) @@ -0,0 +1,141 @@ +# Created by: Alexander Nusov +# $FreeBSD$ + +PORTNAME= nova +PORTVERSION= 14.0.2 +CATEGORIES= emulators python +MASTER_SITES= https://fossies.org/linux/misc/openstack/ +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= alexander.nusov@nfvexpress.com +COMMENT= OpenStack compute service + +LICENSE= APACHE20 + +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pbr>=1.6:devel/py-pbr + +RUN_DEPENDS:= ${BUILD_DEPENDS} +RUN_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}sqlalchemy10>=0:databases/py-sqlalchemy10 \ + ${PYTHON_PKGNAMEPREFIX}boto>=2.32.1:devel/py-boto \ + ${PYTHON_PKGNAMEPREFIX}decorator>=3.4.0:devel/py-decorator \ + ${PYTHON_PKGNAMEPREFIX}eventlet>=0:net/py-eventlet \ + ${PYTHON_PKGNAMEPREFIX}Jinja2>=2.8:devel/py-Jinja2 \ + ${PYTHON_PKGNAMEPREFIX}keystonemiddleware>=0:devel/py-keystonemiddleware \ + ${PYTHON_PKGNAMEPREFIX}lxml>=2.3:devel/py-lxml \ + ${PYTHON_PKGNAMEPREFIX}routes>=0:www/py-routes \ + ${PYTHON_PKGNAMEPREFIX}cryptography>=0:security/py-cryptography \ + ${PYTHON_PKGNAMEPREFIX}webob>=1.2.3:www/py-webob \ + ${PYTHON_PKGNAMEPREFIX}greenlet>=0.3.2:devel/py-greenlet \ + ${PYTHON_PKGNAMEPREFIX}PasteDeploy>=1.5.0:www/py-pastedeploy \ + ${PYTHON_PKGNAMEPREFIX}Paste>=0:www/py-paste \ + ${PYTHON_PKGNAMEPREFIX}prettytable>=0:devel/py-prettytable \ + ${PYTHON_PKGNAMEPREFIX}sqlalchemy-migrate>=0.9.6:databases/py-sqlalchemy-migrate \ + ${PYTHON_PKGNAMEPREFIX}netaddr>=0:net/py-netaddr \ + ${PYTHON_PKGNAMEPREFIX}netifaces>=0.10.4:net/py-netifaces \ + ${PYTHON_PKGNAMEPREFIX}paramiko>=2.0:security/py-paramiko \ + ${PYTHON_PKGNAMEPREFIX}Babel>=2.3.4:devel/py-babel \ + ${PYTHON_PKGNAMEPREFIX}iso8601>=0.1.11:devel/py-iso8601 \ + ${PYTHON_PKGNAMEPREFIX}jsonschema>=0:devel/py-jsonschema \ + ${PYTHON_PKGNAMEPREFIX}python-cinderclient>=0:net/py-python-cinderclient \ + ${PYTHON_PKGNAMEPREFIX}keystoneauth1>=2.10.0:devel/py-keystoneauth1 \ + ${PYTHON_PKGNAMEPREFIX}python-neutronclient>=5.1.0:net/py-python-neutronclient \ + ${PYTHON_PKGNAMEPREFIX}python-glanceclient>=0:net/py-python-glanceclient \ + ${PYTHON_PKGNAMEPREFIX}requests>=2.10.0:www/py-requests \ + ${PYTHON_PKGNAMEPREFIX}six>=1.9.0:devel/py-six \ + ${PYTHON_PKGNAMEPREFIX}stevedore>=1.16.0:devel/py-stevedore \ + ${PYTHON_PKGNAMEPREFIX}websockify>=0.8.0:devel/py-websockify \ + ${PYTHON_PKGNAMEPREFIX}oslo.cache>=1.5.0:devel/py-oslo.cache \ + ${PYTHON_PKGNAMEPREFIX}oslo.concurrency>=3.8.0:devel/py-oslo.concurrency \ + ${PYTHON_PKGNAMEPREFIX}oslo.config>=3.14.0:devel/py-oslo.config \ + ${PYTHON_PKGNAMEPREFIX}oslo.context>=2.9.0:devel/py-oslo.context \ + ${PYTHON_PKGNAMEPREFIX}oslo.log>=1.14.0:devel/py-oslo.log \ + ${PYTHON_PKGNAMEPREFIX}oslo.reports>=0.6.0:devel/py-oslo.reports \ + ${PYTHON_PKGNAMEPREFIX}oslo.serialization>=1.10.0:devel/py-oslo.serialization \ + ${PYTHON_PKGNAMEPREFIX}oslo.utils>=3.16.0:devel/py-oslo.utils \ + ${PYTHON_PKGNAMEPREFIX}oslo.db>=0:devel/py-oslo.db \ + ${PYTHON_PKGNAMEPREFIX}oslo.rootwrap>=5.0.0:devel/py-oslo.rootwrap \ + ${PYTHON_PKGNAMEPREFIX}oslo.messaging>=5.2.0:devel/py-oslo.messaging \ + ${PYTHON_PKGNAMEPREFIX}oslo.policy>=1.9.0:devel/py-oslo.policy \ + ${PYTHON_PKGNAMEPREFIX}oslo.privsep>=1.9.0:devel/py-oslo.privsep \ + ${PYTHON_PKGNAMEPREFIX}oslo.i18n>=2.1.0:devel/py-oslo.i18n \ + ${PYTHON_PKGNAMEPREFIX}oslo.service>=1.10.0:devel/py-oslo.service \ + ${PYTHON_PKGNAMEPREFIX}rfc3986>=0.2.2:www/py-rfc3986 \ + ${PYTHON_PKGNAMEPREFIX}oslo.middleware>=3.0.0:devel/py-oslo.middleware \ + ${PYTHON_PKGNAMEPREFIX}psutil121>=0:sysutils/py-psutil121 \ + ${PYTHON_PKGNAMEPREFIX}oslo.versionedobjects>=1.13.0:devel/py-oslo.versionedobjects \ + ${PYTHON_PKGNAMEPREFIX}os-brick>=1.6.1:devel/py-os-brick \ + ${PYTHON_PKGNAMEPREFIX}os-vif>=1.1.0:devel/py-os-vif \ + ${PYTHON_PKGNAMEPREFIX}os-win>=0.2.3:devel/py-os-win \ + ${PYTHON_PKGNAMEPREFIX}castellan>=0.4.0:devel/py-castellan \ + ${PYTHON_PKGNAMEPREFIX}microversion-parse>=0.1.2:devel/py-microversion-parse \ + ${PYTHON_PKGNAMEPREFIX}wsgi_intercept>=0.6.1:devel/py-wsgi_intercept \ + ${PYTHON_PKGNAMEPREFIX}sqlparse>=0:databases/py-sqlparse \ + ${PYTHON_PKGNAMEPREFIX}libvirt>=0:devel/py-libvirt \ + e2fsprogs>=0:sysutils/e2fsprogs \ + arping>=0:net/arping + +EXTRA_PATCHES= ${FILESDIR}/01-firewall-manager.patch:-p1 \ + ${FILESDIR}/02-freebsd-l3.patch:-p1 \ + ${FILESDIR}/03-nova-conf.patch:-p1 \ + ${FILESDIR}/04-xen-phy.patch:-p1 \ + ${FILESDIR}/05-online-cpus.patch:-p1 \ + ${FILESDIR}/06-freebsd-net.patch:-p1 + +ONLY_FOR_ARCHS= amd64 + +USES= python +USE_PYTHON= autoplist distutils noegginfo + +USE_RC_SUBR= nova-api \ + nova-consoleauth \ + nova-conductor \ + nova-scheduler \ + nova-network \ + nova-compute \ + nova-cert \ + nova-cells \ + nova-serialproxy +USERS= nova +GROUPS= nova + +.include + +.if ${OPSYS} != FreeBSD +IGNORE= only supported on FreeBSD +.endif + +.if ${OSVERSION} < 1100055 +IGNORE= only supported on recent FreeBSD 11 +.endif + +post-extract: + @(cd ${WRKSRC}/etc/nova; ${MV} logging_sample.conf logging.conf.sample) + @(cd ${WRKSRC}/etc/nova; for f in *.conf; do ${MV} $${f} $${f}.sample; done) + +post-patch: + ${CP} ${FILESDIR}/nova.conf.sample \ + ${WRKSRC}/etc/nova/nova.conf.sample + ${CP} ${FILESDIR}/nova-compute.conf.sample \ + ${WRKSRC}/etc/nova/nova-compute.conf.sample + ${REINPLACE_CMD} -e "s|/etc|${PREFIX}/etc|g" \ + ${WRKSRC}/nova/api/openstack/placement/wsgi.py \ + ${WRKSRC}/nova/conf/base.py \ + ${WRKSRC}/nova/conf/cloudpipe.py \ + ${WRKSRC}/nova/conf/network.py \ + ${WRKSRC}/nova/conf/remote_debug.py \ + ${WRKSRC}/nova/conf/xvp.py \ + ${WRKSRC}/nova/hacking/checks.py \ + ${WRKSRC}/nova/network/linux_net.py \ + ${WRKSRC}/nova/network/manager.py \ + ${WRKSRC}/nova/virt/disk/api.py \ + ${WRKSRC}/nova/virt/disk/vfs/guestfs.py \ + ${WRKSRC}/nova/virt/libvirt/driver.py \ + ${WRKSRC}/nova/virt/xenapi/agent.py \ + ${WRKSRC}/nova/wsgi/nova-api.py \ + ${WRKSRC}/nova/wsgi/nova-metadata.py + +post-install: + ${MKDIR} ${STAGEDIR}${ETCDIR} + ${CP} -R ${WRKSRC}/etc/nova/ ${STAGEDIR}${ETCDIR} + +.include Property changes on: head/emulators/py-nova/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/distinfo =================================================================== --- head/emulators/py-nova/distinfo (nonexistent) +++ head/emulators/py-nova/distinfo (revision 428837) @@ -0,0 +1,3 @@ +TIMESTAMP = 1478994869 +SHA256 (nova-14.0.2.tar.gz) = e98291734b4b16615fb1518161c89749f09ad33b6344feb70d62b69e8161a50d +SIZE (nova-14.0.2.tar.gz) = 5574197 Property changes on: head/emulators/py-nova/distinfo ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/01-firewall-manager.patch =================================================================== --- head/emulators/py-nova/files/01-firewall-manager.patch (nonexistent) +++ head/emulators/py-nova/files/01-firewall-manager.patch (revision 428837) @@ -0,0 +1,60 @@ +From 60668a502b5f7af77861507e94a89b7f4201c2cb Mon Sep 17 00:00:00 2001 +From: Alexander Nusov +Date: Tue, 8 Nov 2016 16:52:29 +0300 +Subject: [PATCH] add get_firewall_manager + +--- + nova/network/linux_net.py | 4 ++++ + nova/network/manager.py | 8 ++++---- + 2 files changed, 11 insertions(+), 4 deletions(-) + +diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py +index b10fa28..2637e26 100644 +--- a/nova/network/linux_net.py ++++ b/nova/network/linux_net.py +@@ -1898,3 +1898,7 @@ def set_vf_interface_vlan(pci_addr, mac_addr, vlan=0): + port_state, + run_as_root=True, + check_exit_code=exit_code) ++ ++ ++def get_firewall_manager(): ++ return iptables_manager +diff --git a/nova/network/manager.py b/nova/network/manager.py +index 9de53d9..f6eb106 100644 +--- a/nova/network/manager.py ++++ b/nova/network/manager.py +@@ -1799,13 +1799,13 @@ class FlatDHCPManager(RPCAllocateFixedIP, floating_ips.FloatingIP, + ctxt = context.get_admin_context() + networks = objects.NetworkList.get_by_host(ctxt, self.host) + +- self.driver.iptables_manager.defer_apply_on() ++ self.driver.get_firewall_manager().defer_apply_on() + + self.l3driver.initialize(fixed_range=False, networks=networks) + super(FlatDHCPManager, self).init_host() + self.init_host_floating_ips() + +- self.driver.iptables_manager.defer_apply_off() ++ self.driver.get_firewall_manager().defer_apply_off() + + def _setup_network_on_host(self, context, network): + """Sets up network on this host.""" +@@ -1887,13 +1887,13 @@ class VlanManager(RPCAllocateFixedIP, floating_ips.FloatingIP, NetworkManager): + ctxt = context.get_admin_context() + networks = objects.NetworkList.get_by_host(ctxt, self.host) + +- self.driver.iptables_manager.defer_apply_on() ++ self.driver.get_firewall_manager().defer_apply_on() + + self.l3driver.initialize(fixed_range=False, networks=networks) + NetworkManager.init_host(self) + self.init_host_floating_ips() + +- self.driver.iptables_manager.defer_apply_off() ++ self.driver.get_firewall_manager().defer_apply_off() + + def allocate_fixed_ip(self, context, instance_id, network, **kwargs): + """Gets a fixed IP from the pool.""" +-- +2.8.1 Property changes on: head/emulators/py-nova/files/01-firewall-manager.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/02-freebsd-l3.patch =================================================================== --- head/emulators/py-nova/files/02-freebsd-l3.patch (nonexistent) +++ head/emulators/py-nova/files/02-freebsd-l3.patch (revision 428837) @@ -0,0 +1,90 @@ +From 2e4a0e0a2588c4d52495fad8105aa1a4609797f6 Mon Sep 17 00:00:00 2001 +From: Alexander Nusov +Date: Tue, 8 Nov 2016 16:50:56 +0300 +Subject: [PATCH] add freebsd l3 driver + +--- + nova/network/l3.py | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 61 insertions(+) + +diff --git a/nova/network/l3.py b/nova/network/l3.py +index c13e6e2..a5982d5 100644 +--- a/nova/network/l3.py ++++ b/nova/network/l3.py +@@ -16,6 +16,7 @@ + from oslo_log import log as logging + + from nova.network import linux_net ++from nova.network import freebsd_net + from nova import utils + + LOG = logging.getLogger(__name__) +@@ -134,6 +135,66 @@ class LinuxNetL3(L3Driver): + pass + + ++class FreeBSDNetL3(L3Driver): ++ """L3 driver that uses freebsd_net as the backend.""" ++ def __init__(self): ++ self.initialized = False ++ ++ def initialize(self, **kwargs): ++ if self.initialized: ++ return ++ LOG.debug("Initializing freebsd_net L3 driver") ++ fixed_range = kwargs.get('fixed_range', False) ++ networks = kwargs.get('networks', None) ++ if not fixed_range and networks is not None: ++ for network in networks: ++ if network['enable_dhcp']: ++ is_ext = (network['dhcp_server'] is not None and ++ network['dhcp_server'] != network['gateway']) ++ self.initialize_network(network['cidr'], is_ext) ++ freebsd_net.ensure_metadata_ip() ++ freebsd_net.metadata_forward() ++ self.initialized = True ++ ++ def is_initialized(self): ++ return self.initialized ++ ++ def initialize_network(self, cidr, is_external): ++ freebsd_net.init_host(cidr, is_external) ++ ++ def initialize_gateway(self, network_ref): ++ mac_address = utils.generate_mac_address() ++ dev = freebsd_net.plug(network_ref, mac_address, ++ gateway=(network_ref['gateway'] is not None)) ++ freebsd_net.initialize_gateway_device(dev, network_ref) ++ ++ def remove_gateway(self, network_ref): ++ freebsd_net.unplug(network_ref) ++ ++ def add_floating_ip(self, floating_ip, fixed_ip, l3_interface_id, ++ network=None): ++ freebsd_net.ensure_floating_forward(floating_ip, fixed_ip, ++ l3_interface_id, network) ++ freebsd_net.bind_floating_ip(floating_ip, l3_interface_id) ++ ++ def remove_floating_ip(self, floating_ip, fixed_ip, l3_interface_id, ++ network=None): ++ freebsd_net.unbind_floating_ip(floating_ip, l3_interface_id) ++ freebsd_net.remove_floating_forward(floating_ip, fixed_ip, ++ l3_interface_id, network) ++ freebsd_net.clean_conntrack(fixed_ip) ++ ++ def add_vpn(self, public_ip, port, private_ip): ++ freebsd_net.ensure_vpn_forward(public_ip, port, private_ip) ++ ++ def remove_vpn(self, public_ip, port, private_ip): ++ # FreeBSD net currently doesn't implement any way of removing ++ # the VPN forwarding rules ++ pass ++ ++ def teardown(self): ++ pass ++ + class NullL3(L3Driver): + """The L3 driver that doesn't do anything. This class can be used when + nova-network should not manipulate L3 forwarding at all (e.g., in a Flat +-- +2.8.1 Property changes on: head/emulators/py-nova/files/02-freebsd-l3.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/03-nova-conf.patch =================================================================== --- head/emulators/py-nova/files/03-nova-conf.patch (nonexistent) +++ head/emulators/py-nova/files/03-nova-conf.patch (revision 428837) @@ -0,0 +1,51 @@ +diff --git a/nova/conf/network.py b/nova/conf/network.py +index 3bb4cd9..eb57041 100644 +--- a/nova/conf/network.py ++++ b/nova/conf/network.py +@@ -704,6 +704,30 @@ Related options: + """), + ] + ++freebsd_net_opts = [ ++ cfg.StrOpt("freebsdnet_interface_driver", ++ default="nova.network.freebsd.FreeBSDBridgeInterfaceDriver", ++ help=""" ++This is the class used as the ethernet device driver for freebsdnet bridge ++operations. The default value should be all you need for most cases, but if you ++wish to use a customized class, set this option to the full dot-separated ++import path for that class. ++ ++Possible values: ++ ++ Any string representing a dot-separated class path that Nova can import. ++"""), ++ cfg.StrOpt("freebsdnet_ovs_integration_bridge", ++ default="br-int", ++ help=""" ++The name of the Open vSwitch bridge that is used with freebsdnet when connecting ++with Open vSwitch." ++ ++Possible values: ++ ++ Any string representing a valid bridge name. ++"""), ++] + + ldap_dns_opts = [ + cfg.StrOpt('ldap_dns_url', +@@ -766,12 +790,13 @@ by using this option. + 'some rpc network calls will be sent directly to host.'), + ] + +-ALL_DEFAULT_OPTS = (linux_net_opts + network_opts + ldap_dns_opts ++ALL_DEFAULT_OPTS = (linux_net_opts + freebsd_net_opts + network_opts + ldap_dns_opts + + rpcapi_opts + driver_opts) + + + def register_opts(conf): + conf.register_opts(linux_net_opts) ++ conf.register_opts(freebsd_net_opts) + conf.register_opts(network_opts) + conf.register_opts(ldap_dns_opts) + conf.register_opts(driver_opts) + Property changes on: head/emulators/py-nova/files/03-nova-conf.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/04-xen-phy.patch =================================================================== --- head/emulators/py-nova/files/04-xen-phy.patch (nonexistent) +++ head/emulators/py-nova/files/04-xen-phy.patch (revision 428837) @@ -0,0 +1,42 @@ +From b4e9024ac90ed0eaf155bc24ef7ee3b01112366e Mon Sep 17 00:00:00 2001 +From: Alexander Nusov +Date: Tue, 15 Nov 2016 13:08:49 +0300 +Subject: [PATCH] foce xen phy option + +--- + nova/conf/libvirt.py | 3 +++ + nova/virt/libvirt/utils.py | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/nova/conf/libvirt.py b/nova/conf/libvirt.py +index bfb278e..2eba080 100644 +--- a/nova/conf/libvirt.py ++++ b/nova/conf/libvirt.py +@@ -498,6 +498,9 @@ libvirt_imagebackend_opts = [ + help='Discard option for nova managed disks. Need' + ' Libvirt(1.0.6) Qemu1.5 (raw format) Qemu1.6(qcow2' + ' format)'), ++ cfg.BoolOpt('force_xen_phy', ++ default=False, ++ help='Force using of PHY driver in Xen'), + ] + + libvirt_imagecache_opts = [ +diff --git a/nova/virt/libvirt/utils.py b/nova/virt/libvirt/utils.py +index f0a4796..ff68d45 100644 +--- a/nova/virt/libvirt/utils.py ++++ b/nova/virt/libvirt/utils.py +@@ -112,7 +112,7 @@ def pick_disk_driver_name(hypervisor_version, is_block_dev=False): + :returns: driver_name or None + """ + if CONF.libvirt.virt_type == "xen": +- if is_block_dev: ++ if is_block_dev or CONF.libvirt.force_xen_phy: + return "phy" + else: + # 4002000 == 4.2.0 +-- +2.8.1 + + + Property changes on: head/emulators/py-nova/files/04-xen-phy.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/05-online-cpus.patch =================================================================== --- head/emulators/py-nova/files/05-online-cpus.patch (nonexistent) +++ head/emulators/py-nova/files/05-online-cpus.patch (revision 428837) @@ -0,0 +1,63 @@ +From 8eb8fb92f21243ae0e41f2f626398d09582de29b Mon Sep 17 00:00:00 2001 +From: Alexander Nusov +Date: Fri, 25 Nov 2016 17:36:10 +0300 +Subject: [PATCH] add online cpu tracking option + +--- + nova/conf/libvirt.py | 3 +++ + nova/virt/libvirt/driver.py | 18 +++++++++++------- + 2 files changed, 14 insertions(+), 7 deletions(-) + +diff --git a/nova/conf/libvirt.py b/nova/conf/libvirt.py +index 2eba080..d133b03 100644 +--- a/nova/conf/libvirt.py ++++ b/nova/conf/libvirt.py +@@ -471,6 +471,9 @@ events`, refer https://libvirt.org/formatdomain.html#elementsPerf . + None + + """), ++ cfg.BoolOpt('online_cpu_tracking', ++ default=True, ++ help='Enable online cpu tracking'), + ] + + libvirt_imagebackend_opts = [ +diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py +index f9225de..f19ef70 100644 +--- a/nova/virt/libvirt/driver.py ++++ b/nova/virt/libvirt/driver.py +@@ -5188,11 +5188,12 @@ class LibvirtDriver(driver.ComputeDriver): + + cells = [] + allowed_cpus = hardware.get_vcpu_pin_set() +- online_cpus = self._host.get_online_cpus() +- if allowed_cpus: +- allowed_cpus &= online_cpus +- else: +- allowed_cpus = online_cpus ++ if CONF.libvirt.online_cpu_tracking: ++ online_cpus = self._host.get_online_cpus() ++ if allowed_cpus: ++ allowed_cpus &= online_cpus ++ else: ++ allowed_cpus = online_cpus + + def _get_reserved_memory_for_cell(self, cell_id, page_size): + cell = self._reserved_hugepages.get(cell_id, {}) +@@ -5205,8 +5206,11 @@ class LibvirtDriver(driver.ComputeDriver): + if cpu.siblings else () + for cpu in cell.cpus) + )) +- cpuset &= allowed_cpus +- siblings = [sib & allowed_cpus for sib in siblings] ++ if CONF.libvirt.online_cpu_tracking or allowed_cpus: ++ cpuset &= allowed_cpus ++ siblings = [sib & allowed_cpus for sib in siblings] ++ ++ + # Filter out singles and empty sibling sets that may be left + siblings = [sib for sib in siblings if len(sib) > 1] + +-- +2.8.1 + Property changes on: head/emulators/py-nova/files/05-online-cpus.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/06-freebsd-net.patch =================================================================== --- head/emulators/py-nova/files/06-freebsd-net.patch (nonexistent) +++ head/emulators/py-nova/files/06-freebsd-net.patch (revision 428837) @@ -0,0 +1,1245 @@ +From 2dd71331d4d204466e7b066f62952990e55c2e24 Mon Sep 17 00:00:00 2001 +From: Alexander Nusov +Date: Tue, 29 Nov 2016 14:21:41 +0300 +Subject: [PATCH] add freebsd_net driver + +--- + nova/network/freebsd_net.py | 1226 +++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 1226 insertions(+) + create mode 100644 nova/network/freebsd_net.py + +diff --git a/nova/network/freebsd_net.py b/nova/network/freebsd_net.py +new file mode 100644 +index 0000000..b71fcf6 +--- /dev/null ++++ b/nova/network/freebsd_net.py +@@ -0,0 +1,1226 @@ ++# Copyright (c) 2011 X.commerce, a business unit of eBay Inc. ++# Copyright 2010 United States Government as represented by the ++# Administrator of the National Aeronautics and Space Administration. ++# All Rights Reserved. ++# ++# Licensed under the Apache License, Version 2.0 (the "License"); you may ++# not use this file except in compliance with the License. You may obtain ++# a copy of the License at ++# ++# http://www.apache.org/licenses/LICENSE-2.0 ++# ++# Unless required by applicable law or agreed to in writing, software ++# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT ++# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the ++# License for the specific language governing permissions and limitations ++# under the License. ++ ++"""Implements vlans, bridges, and iptables rules using linux utilities.""" ++ ++import calendar ++import inspect ++import os ++import re ++import time ++import json ++ ++import netaddr ++import netifaces ++import socket ++import struct ++ ++from oslo_concurrency import processutils ++from oslo_log import log as logging ++from oslo_serialization import jsonutils ++from oslo_utils import excutils ++from oslo_utils import fileutils ++from oslo_utils import importutils ++from oslo_utils import timeutils ++import six ++ ++import nova.conf ++from nova import exception ++from nova.i18n import _, _LE, _LW ++from nova.network import model as network_model ++from nova import objects ++from nova.pci import utils as pci_utils ++from nova import utils ++ ++LOG = logging.getLogger(__name__) ++ ++ ++CONF = nova.conf.CONF ++ ++ ++# NOTE(vish): Iptables supports chain names of up to 28 characters, and we ++# add up to 12 characters to binary_name which is used as a prefix, ++# so we limit it to 16 characters. ++# (max_chain_name_length - len('-POSTROUTING') == 16) ++def get_binary_name(): ++ """Grab the name of the binary we're running in.""" ++ return os.path.basename(inspect.stack()[-1][1])[:16] ++ ++binary_name = get_binary_name() ++ ++ ++# NOTE(jkoelker) This is just a nice little stub point since mocking ++# builtins with mox is a nightmare ++def write_to_file(file, data, mode='w'): ++ with open(file, mode) as f: ++ f.write(data) ++ ++ ++def is_pid_cmdline_correct(pid, match): ++ """Ensure that the cmdline for a pid seems sane ++ ++ Because pids are recycled, blindly killing by pid is something to ++ avoid. This provides the ability to include a substring that is ++ expected in the cmdline as a safety check. ++ """ ++ try: ++ with open('/proc/%d/cmdline' % pid) as f: ++ cmdline = f.read() ++ return match in cmdline ++ except EnvironmentError: ++ return False ++ ++ ++def metadata_forward(): ++ """Create forwarding rule for metadata.""" ++ firewall_manager.add_rule("rdr proto tcp from any to 169.254.169.254 " ++ "port 80 -> %s port %s" % ++ (CONF.metadata_host, CONF.metadata_port)) ++ firewall_manager.add_rule("pass out route-to (lo0 127.0.0.1) proto tcp " ++ "from any to 169.254.169.254 port 80") ++ firewall_manager.apply() ++ ++ ++def metadata_accept(): ++ """Create the filter accept rule for metadata.""" ++ firewall_manager.add_rule("pass in inet proto tcp from any to " ++ "169.254.169.254 port = http " ++ "flags S/SA keep state") ++ firewall_manager.apply() ++ ++ ++def init_host(ip_range, is_external=False): ++ """Basic networking setup goes here.""" ++ # NOTE(devcamcar): Cloud public SNAT entries and the default ++ # SNAT rule for outbound traffic. ++ ++ firewall_manager.add_snat_rule(ip_range, is_external) ++ if is_external: ++ for snat_range in CONF.force_snat_range: ++ firewall_manager.add_rule("pass quick inet from %s to %s" % ++ (ip_range, snat_range)) ++ firewall_manager.add_rule("pass quick inet from %s to %s/32" % ++ (ip_range, CONF.metadata_host)) ++ for dmz in CONF.dmz_cidr: ++ firewall_manager.add_rule("pass quick inet from %s to %s" % ++ (ip_range, dmz)) ++ ++ """ ++ iptables_manager.ipv4['nat'].add_rule('POSTROUTING', ++ '-s %(range)s -d %(range)s ' ++ '-m conntrack ! --ctstate DNAT ' ++ '-j ACCEPT' % ++ {'range': ip_range}) ++ """ ++ firewall_manager.apply() ++ ++ ++def send_arp_for_ip(ip, device, count): ++ out, err = _execute('arping', '-U', '-i', device, '-c', str(count), ip, ++ run_as_root=True, check_exit_code=False) ++ ++ if err: ++ LOG.debug('arping error for IP %s', ip) ++ ++ ++def bind_floating_ip(floating_ip, device): ++ """Bind IP to public interface.""" ++ _execute('ifconfig', device, str(floating_ip) + '/32', 'add', ++ run_as_root=True, check_exit_code=0) ++ ++ if CONF.send_arp_for_ha and CONF.send_arp_for_ha_count > 0: ++ send_arp_for_ip(floating_ip, device, CONF.send_arp_for_ha_count) ++ ++ ++def unbind_floating_ip(floating_ip, device): ++ """Unbind a public IP from public interface.""" ++ _execute('ifconfig', device, str(floating_ip) + '/32', 'delete', ++ run_as_root=True, check_exit_code=0) ++ ++ ++def ensure_metadata_ip(): ++ """Sets up local metadata IP.""" ++ _execute('ifconfig', 'lo0', 'alias', '169.254.169.254/32', ++ run_as_root=True, check_exit_code=0) ++ ++ ++def ensure_vpn_forward(public_ip, port, private_ip): ++ """Sets up forwarding rules for vlan.""" ++ firewall_manager.add_rule("pass in proto udp " ++ "from any to %s port 1194 " % ++ (private_ip)) ++ firewall_manager.add_rule("rdr proto udp from any to %s port %s -> " ++ "%s port 1194" % ++ (public_ip, port, private_ip)) ++ firewall_manager.apply() ++ ++ ++def ensure_floating_forward(floating_ip, fixed_ip, device, network): ++ """Ensure floating IP forwarding rule.""" ++ firewall_manager.ensure_floating_rules(floating_ip, fixed_ip, device) ++ if device != network['bridge']: ++ firewall_manager.ensure_in_network_traffic_rules(fixed_ip, network) ++ firewall_manager.apply() ++ ++ ++def remove_floating_forward(floating_ip, fixed_ip, device, network): ++ """Remove forwarding for floating IP.""" ++ firewall_manager.remove_floating_rules(floating_ip, fixed_ip, device) ++ if device != network['bridge']: ++ firewall_manager.remove_in_network_traffic_rules(fixed_ip, network) ++ firewall_manager.apply() ++ ++ ++def clean_conntrack(fixed_ip): ++ pass ++ ++ ++def _enable_ipv4_forwarding(): ++ sysctl_key = 'net.inet.ip.forwarding' ++ stdout, stderr = _execute('sysctl', '-n', sysctl_key) ++ if stdout.strip() is not '1': ++ _execute('sysctl', '%s=1' % sysctl_key, run_as_root=True) ++ ++ ++@utils.synchronized('lock_gateway', external=True) ++def initialize_gateway_device(dev, network_ref): ++ if not network_ref: ++ return ++ ++ _enable_ipv4_forwarding() ++ ++ # NOTE(vish): The ip for dnsmasq has to be the first address on the ++ # bridge for it to respond to requests properly ++ try: ++ prefix = network_ref.cidr.prefixlen ++ except AttributeError: ++ prefix = network_ref['cidr'].rpartition('/')[2] ++ ++ full_ip = '%s/%s' % (network_ref['dhcp_server'], prefix) ++ new_ip_params = [['inet', full_ip, 'broadcast', network_ref['broadcast']]] ++ old_ip_params = [] ++ out, err = _execute('ifconfig', dev) ++ for line in out.split('\n'): ++ fields = line.split() ++ if fields and fields[0] == 'inet': ++ old_ip_params.append(fields) ++ if _address_to_cidr(fields[1], fields[3]) != full_ip: ++ new_ip_params.append(fields) ++ if not old_ip_params or _address_to_cidr(old_ip_params[0][1], old_ip_params[0][3]) != full_ip: ++ old_routes = [] ++ result = _execute('netstat', '-nrW', '-f', 'inet') ++ if result: ++ out, err = result ++ for line in out.split('\n'): ++ fields = line.split() ++ if len(fields) > 6 and (fields[6] == dev) and ('G' in fields[2]): ++ old_routes.append(fields) ++ _execute('route', '-q', 'delete', fields[0], fields[1], ++ run_as_root=True) ++ for ip_params in old_ip_params: ++ _execute(*_ifconfig_tail_cmd(dev, ip_params, 'delete'), ++ run_as_root=True) ++ for ip_params in new_ip_params: ++ _execute(*_ifconfig_tail_cmd(dev, ip_params, 'add'), ++ run_as_root=True) ++ ++ for fields in old_routes: ++ _execute('route', '-q', 'add', fields[0], fields[1], ++ run_as_root=True) ++ if CONF.send_arp_for_ha and CONF.send_arp_for_ha_count > 0: ++ send_arp_for_ip(network_ref['dhcp_server'], dev, ++ CONF.send_arp_for_ha_count) ++ if CONF.use_ipv6: ++ _execute('ifconfig', dev, 'inet6', network_ref['cidr_v6'], ++ run_as_root=True) ++ ++ ++def get_dhcp_leases(context, network_ref): ++ """Return a network's hosts config in dnsmasq leasefile format.""" ++ hosts = [] ++ host = None ++ if network_ref['multi_host']: ++ host = CONF.host ++ for fixedip in objects.FixedIPList.get_by_network(context, ++ network_ref, ++ host=host): ++ # NOTE(cfb): Don't return a lease entry if the IP isn't ++ # already leased ++ if fixedip.leased: ++ hosts.append(_host_lease(fixedip)) ++ ++ return '\n'.join(hosts) ++ ++ ++def get_dhcp_hosts(context, network_ref, fixedips): ++ """Get network's hosts config in dhcp-host format.""" ++ hosts = [] ++ macs = set() ++ for fixedip in fixedips: ++ if fixedip.allocated: ++ if fixedip.virtual_interface.address not in macs: ++ hosts.append(_host_dhcp(fixedip)) ++ macs.add(fixedip.virtual_interface.address) ++ return '\n'.join(hosts) ++ ++ ++def get_dns_hosts(context, network_ref): ++ """Get network's DNS hosts in hosts format.""" ++ hosts = [] ++ for fixedip in objects.FixedIPList.get_by_network(context, network_ref): ++ if fixedip.allocated: ++ hosts.append(_host_dns(fixedip)) ++ return '\n'.join(hosts) ++ ++ ++def _add_dnsmasq_accept_rules(dev): ++ """Allow DHCP and DNS traffic through to dnsmasq.""" ++ for port in [67, 53]: ++ for proto in ['udp', 'tcp']: ++ firewall_manager.add_rule("pass in on %s inet proto %s " ++ "from any to any port %s" % ++ (dev, proto, port)) ++ firewall_manager.apply() ++ ++ ++def _remove_dnsmasq_accept_rules(dev): ++ """Remove DHCP and DNS traffic allowed through to dnsmasq.""" ++ for port in [67, 53]: ++ for proto in ['udp', 'tcp']: ++ firewall_manager.remove_rule("pass in on %s inet proto %s " ++ "from any to any port %s" % ++ (dev, proto, port)) ++ firewall_manager.apply() ++ ++ ++def get_dhcp_opts(context, network_ref, fixedips): ++ """Get network's hosts config in dhcp-opts format.""" ++ gateway = network_ref['gateway'] ++ # NOTE(vish): if we are in multi-host mode and we are not sharing ++ # addresses, then we actually need to hand out the ++ # dhcp server address as the gateway. ++ if network_ref['multi_host'] and not (network_ref['share_address'] or ++ CONF.share_dhcp_address): ++ gateway = network_ref['dhcp_server'] ++ hosts = [] ++ if CONF.use_single_default_gateway: ++ for fixedip in fixedips: ++ if fixedip.allocated: ++ vif_id = fixedip.virtual_interface_id ++ if fixedip.default_route: ++ hosts.append(_host_dhcp_opts(vif_id, gateway)) ++ else: ++ hosts.append(_host_dhcp_opts(vif_id)) ++ else: ++ hosts.append(_host_dhcp_opts(None, gateway)) ++ return '\n'.join(hosts) ++ ++ ++def release_dhcp(dev, address, mac_address): ++ if device_exists(dev): ++ try: ++ utils.execute('dhcp_release', dev, address, mac_address, ++ run_as_root=True) ++ except processutils.ProcessExecutionError: ++ raise exception.NetworkDhcpReleaseFailed(address=address, ++ mac_address=mac_address) ++ ++ ++def update_dhcp(context, dev, network_ref): ++ conffile = _dhcp_file(dev, 'conf') ++ host = None ++ if network_ref['multi_host']: ++ host = CONF.host ++ fixedips = objects.FixedIPList.get_by_network(context, ++ network_ref, ++ host=host) ++ write_to_file(conffile, get_dhcp_hosts(context, network_ref, fixedips)) ++ restart_dhcp(context, dev, network_ref, fixedips) ++ ++ ++def update_dns(context, dev, network_ref): ++ hostsfile = _dhcp_file(dev, 'hosts') ++ host = None ++ if network_ref['multi_host']: ++ host = CONF.host ++ fixedips = objects.FixedIPList.get_by_network(context, ++ network_ref, ++ host=host) ++ write_to_file(hostsfile, get_dns_hosts(context, network_ref)) ++ restart_dhcp(context, dev, network_ref, fixedips) ++ ++ ++def kill_dhcp(dev): ++ pid = _dnsmasq_pid_for(dev) ++ if pid: ++ # Check that the process exists and looks like a dnsmasq process ++ conffile = _dhcp_file(dev, 'conf') ++ if is_pid_cmdline_correct(pid, conffile.split('/')[-1]): ++ _execute('kill', '-9', pid, run_as_root=True) ++ else: ++ LOG.debug('Pid %d is stale, skip killing dnsmasq', pid) ++ _remove_dnsmasq_accept_rules(dev) ++ ++ ++# NOTE(ja): Sending a HUP only reloads the hostfile, so any ++# configuration options (like dchp-range, vlan, ...) ++# aren't reloaded. ++@utils.synchronized('dnsmasq_start') ++def restart_dhcp(context, dev, network_ref, fixedips): ++ """(Re)starts a dnsmasq server for a given network. ++ ++ If a dnsmasq instance is already running then send a HUP ++ signal causing it to reload, otherwise spawn a new instance. ++ ++ """ ++ conffile = _dhcp_file(dev, 'conf') ++ ++ optsfile = _dhcp_file(dev, 'opts') ++ write_to_file(optsfile, get_dhcp_opts(context, network_ref, fixedips)) ++ os.chmod(optsfile, 0o644) ++ ++ # Make sure dnsmasq can actually read it (it setuid()s to "nobody") ++ os.chmod(conffile, 0o644) ++ ++ pid = _dnsmasq_pid_for(dev) ++ ++ # if dnsmasq is already running, then tell it to reload ++ if pid: ++ if is_pid_cmdline_correct(pid, conffile.split('/')[-1]): ++ try: ++ _execute('kill', '-HUP', pid, run_as_root=True) ++ _add_dnsmasq_accept_rules(dev) ++ return ++ except Exception as exc: ++ LOG.error(_LE('kill -HUP dnsmasq threw %s'), exc) ++ else: ++ LOG.debug('Pid %d is stale, relaunching dnsmasq', pid) ++ ++ cmd = ['env', ++ 'CONFIG_FILE=%s' % jsonutils.dumps(CONF.dhcpbridge_flagfile), ++ 'NETWORK_ID=%s' % str(network_ref['id']), ++ 'dnsmasq', ++ '--strict-order', ++ '--bind-interfaces', ++ '--conf-file=%s' % CONF.dnsmasq_config_file, ++ '--pid-file=%s' % _dhcp_file(dev, 'pid'), ++ '--dhcp-optsfile=%s' % _dhcp_file(dev, 'opts'), ++ '--listen-address=%s' % network_ref['dhcp_server'], ++ '--except-interface=lo', ++ '--dhcp-range=set:%s,%s,static,%s,%ss' % ++ (network_ref['label'], ++ network_ref['dhcp_start'], ++ network_ref['netmask'], ++ CONF.dhcp_lease_time), ++ '--dhcp-lease-max=%s' % len(netaddr.IPNetwork(network_ref['cidr'])), ++ '--dhcp-hostsfile=%s' % _dhcp_file(dev, 'conf'), ++ '--dhcp-script=%s' % CONF.dhcpbridge, ++ '--no-hosts', ++ '--leasefile-ro'] ++ ++ # dnsmasq currently gives an error for an empty domain, ++ # rather than ignoring. So only specify it if defined. ++ if CONF.dhcp_domain: ++ cmd.append('--domain=%s' % CONF.dhcp_domain) ++ ++ dns_servers = CONF.dns_server ++ if CONF.use_network_dns_servers: ++ if network_ref.get('dns1'): ++ dns_servers.append(network_ref.get('dns1')) ++ if network_ref.get('dns2'): ++ dns_servers.append(network_ref.get('dns2')) ++ if network_ref['multi_host']: ++ cmd.append('--addn-hosts=%s' % _dhcp_file(dev, 'hosts')) ++ if dns_servers: ++ cmd.append('--no-resolv') ++ for dns_server in dns_servers: ++ cmd.append('--server=%s' % dns_server) ++ ++ _execute(*cmd, run_as_root=True) ++ ++ _add_dnsmasq_accept_rules(dev) ++ ++ ++@utils.synchronized('radvd_start') ++def update_ra(context, dev, network_ref): ++ conffile = _ra_file(dev, 'conf') ++ conf_str = """ ++interface %s ++{ ++ AdvSendAdvert on; ++ MinRtrAdvInterval 3; ++ MaxRtrAdvInterval 10; ++ prefix %s ++ { ++ AdvOnLink on; ++ AdvAutonomous on; ++ }; ++}; ++""" % (dev, network_ref['cidr_v6']) ++ write_to_file(conffile, conf_str) ++ ++ # Make sure radvd can actually read it (it setuid()s to "nobody") ++ os.chmod(conffile, 0o644) ++ ++ pid = _ra_pid_for(dev) ++ ++ # if radvd is already running, then tell it to reload ++ if pid: ++ if is_pid_cmdline_correct(pid, conffile): ++ try: ++ _execute('kill', pid, run_as_root=True) ++ except Exception as exc: ++ LOG.error(_LE('killing radvd threw %s'), exc) ++ else: ++ LOG.debug('Pid %d is stale, relaunching radvd', pid) ++ ++ cmd = ['radvd', ++ '-C', '%s' % _ra_file(dev, 'conf'), ++ '-p', '%s' % _ra_file(dev, 'pid')] ++ ++ _execute(*cmd, run_as_root=True) ++ ++ ++def _host_lease(fixedip): ++ """Return a host string for an address in leasefile format.""" ++ timestamp = timeutils.utcnow() ++ seconds_since_epoch = calendar.timegm(timestamp.utctimetuple()) ++ return '%d %s %s %s *' % (seconds_since_epoch + CONF.dhcp_lease_time, ++ fixedip.virtual_interface.address, ++ fixedip.address, ++ fixedip.instance.hostname or '*') ++ ++ ++def _host_dhcp_network(vif_id): ++ return 'NW-%s' % vif_id ++ ++ ++def _host_dhcp(fixedip): ++ """Return a host string for an address in dhcp-host format.""" ++ # NOTE(cfb): dnsmasq on linux only supports 64 characters in the hostname ++ # field (LP #1238910). Since the . counts as a character we need ++ # to truncate the hostname to only 63 characters. ++ hostname = fixedip.instance.hostname ++ if len(hostname) > 63: ++ LOG.warning(_LW('hostname %s too long, truncating.'), hostname) ++ hostname = fixedip.instance.hostname[:2] + '-' +\ ++ fixedip.instance.hostname[-60:] ++ if CONF.use_single_default_gateway: ++ net = _host_dhcp_network(fixedip.virtual_interface_id) ++ return '%s,%s.%s,%s,net:%s' % (fixedip.virtual_interface.address, ++ hostname, ++ CONF.dhcp_domain, ++ fixedip.address, ++ net) ++ else: ++ return '%s,%s.%s,%s' % (fixedip.virtual_interface.address, ++ hostname, ++ CONF.dhcp_domain, ++ fixedip.address) ++ ++ ++def _host_dns(fixedip): ++ return '%s\t%s.%s' % (fixedip.address, ++ fixedip.instance.hostname, ++ CONF.dhcp_domain) ++ ++ ++def _host_dhcp_opts(vif_id=None, gateway=None): ++ """Return an empty gateway option.""" ++ values = [] ++ if vif_id is not None: ++ values.append(_host_dhcp_network(vif_id)) ++ # NOTE(vish): 3 is the dhcp option for gateway. ++ values.append('3') ++ if gateway: ++ values.append('%s' % gateway) ++ return ','.join(values) ++ ++ ++def _execute(*cmd, **kwargs): ++ """Wrapper around utils._execute for fake_network.""" ++ if CONF.fake_network: ++ LOG.debug('FAKE NET: %s', ' '.join(map(str, cmd))) ++ return 'fake', 0 ++ else: ++ return utils.execute(*cmd, **kwargs) ++ ++ ++def device_exists(device): ++ """Check if ethernet device exists.""" ++ try: ++ _execute('ifconfig', device, run_as_root=True, check_exit_code=[0]) ++ except processutils.ProcessExecutionError: ++ return False ++ else: ++ return True ++ ++ ++def _dhcp_file(dev, kind): ++ """Return path to a pid, leases, hosts or conf file for a bridge/device.""" ++ fileutils.ensure_tree(CONF.networks_path) ++ return os.path.abspath('%s/nova-%s.%s' % (CONF.networks_path, ++ dev, ++ kind)) ++ ++ ++def _ra_file(dev, kind): ++ """Return path to a pid or conf file for a bridge/device.""" ++ fileutils.ensure_tree(CONF.networks_path) ++ return os.path.abspath('%s/nova-ra-%s.%s' % (CONF.networks_path, ++ dev, ++ kind)) ++ ++ ++def _dnsmasq_pid_for(dev): ++ """Returns the pid for prior dnsmasq instance for a bridge/device. ++ ++ Returns None if no pid file exists. ++ ++ If machine has rebooted pid might be incorrect (caller should check). ++ ++ """ ++ pid_file = _dhcp_file(dev, 'pid') ++ ++ if os.path.exists(pid_file): ++ try: ++ with open(pid_file, 'r') as f: ++ return int(f.read()) ++ except (ValueError, IOError): ++ return None ++ ++ ++def _ra_pid_for(dev): ++ """Returns the pid for prior radvd instance for a bridge/device. ++ ++ Returns None if no pid file exists. ++ ++ If machine has rebooted pid might be incorrect (caller should check). ++ ++ """ ++ pid_file = _ra_file(dev, 'pid') ++ ++ if os.path.exists(pid_file): ++ with open(pid_file, 'r') as f: ++ return int(f.read()) ++ ++ ++def _address_to_cidr(address, hexmask): ++ """Produce a CIDR format address/netmask.""" ++ netmask = socket.inet_ntoa(struct.pack(">I", int(hexmask, 16))) ++ ip_cidr = netaddr.IPNetwork("%s/%s" % (address, netmask)) ++ return str(ip_cidr) ++ ++ ++def _ifconfig_tail_cmd(netif, params, action): ++ """Construct ifconfig command""" ++ cmd = ['ifconfig', netif] ++ cmd.extend(params) ++ cmd.extend([action]) ++ return cmd ++ ++ ++def _set_device_mtu(dev, mtu=None): ++ """Set the device MTU.""" ++ if mtu: ++ utils.execute('ifconfig', dev, 'mtu', mtu, ++ run_as_root=True, check_exit_code=0) ++ ++ ++def _ovs_vsctl(args): ++ full_args = ['ovs-vsctl', '--timeout=%s' % CONF.ovs_vsctl_timeout] + args ++ try: ++ return utils.execute(*full_args, run_as_root=True) ++ except Exception as e: ++ LOG.error(_LE("Unable to execute %(cmd)s. Exception: %(exception)s"), ++ {'cmd': full_args, 'exception': e}) ++ raise exception.OvsConfigurationFailure(inner_exception=e) ++ ++ ++def _create_ovs_vif_cmd(bridge, dev, iface_id, mac, ++ instance_id, interface_type=None): ++ cmd = ['--', '--if-exists', 'del-port', dev, '--', ++ 'add-port', bridge, dev, ++ '--', 'set', 'Interface', dev, ++ 'external-ids:iface-id=%s' % iface_id, ++ 'external-ids:iface-status=active', ++ 'external-ids:attached-mac=%s' % mac, ++ 'external-ids:vm-uuid=%s' % instance_id] ++ if interface_type: ++ cmd += ['type=%s' % interface_type] ++ return cmd ++ ++ ++def create_ovs_vif_port(bridge, dev, iface_id, mac, instance_id, ++ mtu=None, interface_type=None): ++ _ovs_vsctl(_create_ovs_vif_cmd(bridge, dev, iface_id, ++ mac, instance_id, ++ interface_type)) ++ # Note at present there is no support for setting the ++ # mtu for vhost-user type ports. ++ if interface_type != network_model.OVS_VHOSTUSER_INTERFACE_TYPE: ++ _set_device_mtu(dev, mtu) ++ else: ++ LOG.debug("MTU not set on %(interface_name)s interface " ++ "of type %(interface_type)s.", ++ {'interface_name': dev, ++ 'interface_type': interface_type}) ++ ++ ++def delete_ovs_vif_port(bridge, dev, delete_dev=True): ++ _ovs_vsctl(['--', '--if-exists', 'del-port', bridge, dev]) ++ if delete_dev: ++ delete_net_dev(dev) ++ ++ ++def create_tap_dev(dev, mac_address=None): ++ if not device_exists(dev): ++ utils.execute('ifconfig', 'tap', 'create', 'name', dev, ++ run_as_root=True, check_exit_code=[0]) ++ if mac_address: ++ utils.execute('ifconfig', dev, 'ether', mac_address, ++ run_as_root=True, check_exit_code=[0]) ++ utils.execute('ifconfig', dev, 'up', ++ run_as_root=True, check_exit_code=[0]) ++ ++ ++def delete_net_dev(dev): ++ """Delete a network device only if it exists.""" ++ if device_exists(dev): ++ try: ++ utils.execute('ifconfig', dev, 'destroy', ++ run_as_root=True, check_exit_code=0) ++ LOG.debug("Net device removed: '%s'", dev) ++ except processutils.ProcessExecutionError: ++ with excutils.save_and_reraise_exception(): ++ LOG.error(_LE("Failed removing net device: '%s'"), dev) ++ ++ ++def delete_bridge_dev(dev): ++ """Delete a network bridge.""" ++ if device_exists(dev): ++ try: ++ utils.execute('ifconfig', dev, 'down', run_as_root=True) ++ utils.execute('ifconfig', dev, 'destroy', run_as_root=True) ++ except processutils.ProcessExecutionError: ++ with excutils.save_and_reraise_exception(): ++ LOG.error(_LE("Failed removing bridge device: '%s'"), dev) ++ ++ ++# Similar to compute virt layers, the FreeBSD network node ++# code uses a flexible driver model to support different ways ++# of creating ethernet interfaces and attaching them to the network. ++# In the case of a network host, these interfaces ++# act as gateway/dhcp/vpn/etc. endpoints not VM interfaces. ++interface_driver = None ++ ++ ++def _get_interface_driver(): ++ global interface_driver ++ if not interface_driver: ++ interface_driver = importutils.import_object( ++ CONF.freebsdnet_interface_driver) ++ return interface_driver ++ ++ ++def plug(network, mac_address, gateway=True): ++ return _get_interface_driver().plug(network, mac_address, gateway) ++ ++ ++def unplug(network): ++ return _get_interface_driver().unplug(network) ++ ++ ++def get_dev(network): ++ return _get_interface_driver().get_dev(network) ++ ++ ++class FreeBSDNetInterfaceDriver(object): ++ """Abstract class that defines generic network host API ++ for all FreeBSD interface drivers. ++ """ ++ ++ def plug(self, network, mac_address): ++ """Create FreeBSD device, return device name.""" ++ raise NotImplementedError() ++ ++ def unplug(self, network): ++ """Destroy FreeBSD device, return device name.""" ++ raise NotImplementedError() ++ ++ def get_dev(self, network): ++ """Get device name.""" ++ raise NotImplementedError() ++ ++ ++# plugs interfaces using FreeBSD Bridge ++class FreeBSDBridgeInterfaceDriver(FreeBSDNetInterfaceDriver): ++ ++ def plug(self, network, mac_address, gateway=True): ++ vlan = network.get('vlan') ++ if vlan is not None: ++ iface = CONF.vlan_interface or network['bridge_interface'] ++ FreeBSDBridgeInterfaceDriver.ensure_vlan_bridge( ++ vlan, ++ network['bridge'], ++ iface, ++ network, ++ mac_address, ++ network.get('mtu')) ++ iface = 'vlan%s' % vlan ++ else: ++ iface = CONF.flat_interface or network['bridge_interface'] ++ FreeBSDBridgeInterfaceDriver.ensure_bridge( ++ network['bridge'], ++ iface, ++ network, gateway) ++ ++ if network['share_address'] or CONF.share_dhcp_address: ++ isolate_dhcp_address(iface, network['dhcp_server']) ++ # NOTE(vish): applying here so we don't get a lock conflict ++ firewall_manager.apply() ++ return network['bridge'] ++ ++ def unplug(self, network, gateway=True): ++ vlan = network.get('vlan') ++ if vlan is not None: ++ iface = 'vlan%s' % vlan ++ FreeBSDBridgeInterfaceDriver.remove_vlan_bridge(vlan, ++ network['bridge']) ++ else: ++ iface = CONF.flat_interface or network['bridge_interface'] ++ FreeBSDBridgeInterfaceDriver.remove_bridge(network['bridge'], ++ gateway) ++ ++ if network['share_address'] or CONF.share_dhcp_address: ++ remove_isolate_dhcp_address(iface, network['dhcp_server']) ++ ++ firewall_manager.apply() ++ return self.get_dev(network) ++ ++ def get_dev(self, network): ++ return network['bridge'] ++ ++ @staticmethod ++ def ensure_vlan_bridge(vlan_num, bridge, bridge_interface, ++ net_attrs=None, mac_address=None, ++ mtu=None): ++ """Create a vlan and bridge unless they already exist.""" ++ interface = FreeBSDBridgeInterfaceDriver.ensure_vlan(vlan_num, ++ bridge_interface, mac_address, ++ mtu) ++ FreeBSDBridgeInterfaceDriver.ensure_bridge(bridge, interface, net_attrs) ++ return interface ++ ++ @staticmethod ++ def remove_vlan_bridge(vlan_num, bridge): ++ """Delete a bridge and vlan.""" ++ FreeBSDBridgeInterfaceDriver.remove_bridge(bridge) ++ FreeBSDBridgeInterfaceDriver.remove_vlan(vlan_num) ++ ++ @staticmethod ++ @utils.synchronized('lock_vlan', external=True) ++ def ensure_vlan(vlan_num, bridge_interface, mac_address=None, mtu=None, ++ interface=None): ++ """Create a vlan unless it already exists.""" ++ if interface is None: ++ interface = 'vlan%s' % vlan_num ++ if not device_exists(interface): ++ LOG.debug('Starting VLAN interface %s', interface) ++ out, err = _execute('ifconfig', 'vlan', 'create', ++ 'vlan', vlan_num, ++ 'vlandev', bridge_interface, ++ 'name', interface, ++ run_as_root=True) ++ if err and 'File exists' not in err: ++ msg = _('Failed to add vlan: %s') % err ++ raise exception.NovaException(msg) ++ # (danwent) the bridge will inherit this address, so we want to ++ # make sure it is the value set from the NetworkManager ++ if mac_address: ++ _execute('ifconfig', interface, 'ether', mac_address, ++ run_as_root=True) ++ _execute('ifconfig',interface, 'up', ++ run_as_root=True) ++ # NOTE(vish): set mtu every time to ensure that changes to mtu get ++ # propagated ++ _set_device_mtu(interface, mtu) ++ return interface ++ ++ @staticmethod ++ @utils.synchronized('lock_vlan', external=True) ++ def remove_vlan(vlan_num): ++ """Delete a vlan.""" ++ vlan_interface = 'vlan%s' % vlan_num ++ delete_net_dev(vlan_interface) ++ ++ @staticmethod ++ @utils.synchronized('lock_bridge', external=True) ++ def ensure_bridge(bridge, interface, net_attrs=None, gateway=True, ++ filtering=True): ++ """Create a bridge unless it already exists. ++ ++ :param interface: the interface to create the bridge on. ++ :param net_attrs: dictionary with attributes used to create bridge. ++ :param gateway: whether or not the bridge is a gateway. ++ :param filtering: whether or not to create filters on the bridge. ++ ++ If net_attrs is set, it will add the net_attrs['gateway'] to the bridge ++ using net_attrs['broadcast'] and net_attrs['cidr']. It will also add ++ the ip_v6 address specified in net_attrs['cidr_v6'] if use_ipv6 is set. ++ ++ The code will attempt to move any IPs that already exist on the ++ interface onto the bridge and reset the default gateway if necessary. ++ ++ """ ++ if not device_exists(bridge): ++ LOG.debug('Starting Bridge %s', bridge) ++ out, err = _execute('ifconfig', 'bridge', 'create', 'name', bridge, ++ check_exit_code=False, run_as_root=True) ++ if err and 'File exists' not in err: ++ msg = _('Failed to add bridge: %s') % err ++ raise exception.NovaException(msg) ++ ++ _execute('ifconfig', bridge, 'up', run_as_root=True) ++ ++ if interface: ++ LOG.debug('Adding interface %(interface)s to bridge %(bridge)s', ++ {'interface': interface, 'bridge': bridge}) ++ out, err = _execute('ifconfig', bridge, 'addm', interface, ++ check_exit_code=False, run_as_root=True) ++ if err and 'File exists' not in err: ++ msg = _('Failed to add interface: %s') % err ++ raise exception.NovaException(msg) ++ ++ # NOTE(apmelton): Linux bridge's default behavior is to use the ++ # lowest mac of all plugged interfaces. This isn't a problem when ++ # it is first created and the only interface is the bridged ++ # interface. But, as instance interfaces are plugged, there is a ++ # chance for the mac to change. So, set it here so that it won't ++ # change in the future. ++ if not CONF.fake_network: ++ interface_addrs = netifaces.ifaddresses(interface) ++ interface_mac = interface_addrs[netifaces.AF_LINK][0]['addr'] ++ _execute('ifconfig', bridge, 'ether', interface_mac, ++ run_as_root=True) ++ ++ out, err = _execute('ifconfig', interface, 'up', ++ check_exit_code=False, run_as_root=True) ++ ++ # NOTE(vish): This will break if there is already an ip on the ++ # interface, so we move any ips to the bridge ++ # NOTE(danms): We also need to copy routes to the bridge so as ++ # not to break existing connectivity on the interface ++ old_routes = [] ++ out, err = _execute('netstat', '-nrW', '-f', 'inet') ++ for line in out.split('\n'): ++ fields = line.split() ++ if len(fields) > 6 and (fields[6] == interface) and ('G' in fields[2]): ++ old_routes.append(fields) ++ _execute('route', '-q', 'delete', fields[0], fields[1], ++ run_as_root=True) ++ out, err = _execute('ifconfig', interface) ++ for line in out.split('\n'): ++ fields = line.split() ++ if fields and fields[0] == 'inet': ++ _execute(*_ifconfig_tail_cmd(interface, fields, 'delete'), ++ run_as_root=True) ++ _execute(*_ifconfig_tail_cmd(bridge, fields, 'add'), ++ run_as_root=True) ++ for fields in old_routes: ++ _execute('route', '-q', 'add', fields[0], fields[1], ++ run_as_root=True) ++ ++ if filtering: ++ # Don't forward traffic unless we were told to be a gateway ++ if gateway: ++ firewall_manager.ensure_gateway_rules(bridge) ++ else: ++ firewall_manager.ensure_bridge_rules(bridge) ++ ++ @staticmethod ++ @utils.synchronized('lock_bridge', external=True) ++ def remove_bridge(bridge, gateway=True, filtering=True): ++ """Delete a bridge.""" ++ if not device_exists(bridge): ++ return ++ else: ++ if filtering: ++ if gateway: ++ firewall_manager.remove_gateway_rules(bridge) ++ else: ++ firewall_manager.remove_bridge_rules(bridge) ++ delete_bridge_dev(bridge) ++ ++ ++def isolate_dhcp_address(interface, address): ++ # block arp traffic to address across the interface ++ firewall_manager.ensure_dhcp_isolation(interface, address) ++ ++ ++def remove_isolate_dhcp_address(interface, address): ++ # block arp traffic to address across the interface ++ firewall_manager.remove_dhcp_isolation(interface, address) ++ ++ ++# plugs interfaces using Open vSwitch ++class FreeBSDOVSInterfaceDriver(FreeBSDNetInterfaceDriver): ++ ++ def plug(self, network, mac_address, gateway=True): ++ dev = self.get_dev(network) ++ if not device_exists(dev): ++ bridge = CONF.freebsdnet_ovs_integration_bridge ++ _ovs_vsctl(['--', '--may-exist', 'add-port', bridge, dev, ++ '--', 'set', 'Interface', dev, 'type=internal', ++ '--', 'set', 'Interface', dev, ++ 'external-ids:iface-id=%s' % dev, ++ '--', 'set', 'Interface', dev, ++ 'external-ids:iface-status=active', ++ '--', 'set', 'Interface', dev, ++ 'external-ids:attached-mac=%s' % mac_address]) ++ _execute('ifconfig', dev, 'ether', mac_address, run_as_root=True) ++ _set_device_mtu(dev, network.get('mtu')) ++ _execute('ifconfig', dev, 'up', run_as_root=True) ++ if not gateway: ++ # If we weren't instructed to act as a gateway then add the ++ # appropriate flows to block all non-dhcp traffic. ++ _execute('ovs-ofctl', ++ 'add-flow', bridge, 'priority=1,actions=drop', ++ run_as_root=True) ++ _execute('ovs-ofctl', 'add-flow', bridge, ++ 'udp,tp_dst=67,dl_dst=%s,priority=2,actions=normal' % ++ mac_address, run_as_root=True) ++ # .. and make sure iptbles won't forward it as well. ++ firewall_manager.ensure_bridge_rules(bridge) ++ else: ++ firewall_manager.ensure_gateway_rules(bridge) ++ ++ return dev ++ ++ def unplug(self, network): ++ dev = self.get_dev(network) ++ bridge = CONF.freebsdnet_ovs_integration_bridge ++ _ovs_vsctl(['--', '--if-exists', 'del-port', bridge, dev]) ++ return dev ++ ++ def get_dev(self, network): ++ dev = 'gw-' + str(network['uuid'][0:11]) ++ return dev ++ ++ ++# plugs interfaces using FreeBSD Bridge when using NeutronManager ++class NeutronFreeBSDBridgeInterfaceDriver(FreeBSDNetInterfaceDriver): ++ ++ BRIDGE_NAME_PREFIX = 'brq' ++ GATEWAY_INTERFACE_PREFIX = 'gw-' ++ ++ def plug(self, network, mac_address, gateway=True): ++ dev = self.get_dev(network) ++ bridge = self.get_bridge(network) ++ if not gateway: ++ # If we weren't instructed to act as a gateway then add the ++ # appropriate flows to block all non-dhcp traffic. ++ # .. and make sure iptbles won't forward it as well. ++ firewall_manager.ensure_bridge_rules(bridge) ++ return bridge ++ else: ++ firewall_manager.ensure_gateway_rules(bridge) ++ ++ create_tap_dev(dev, mac_address) ++ ++ if not device_exists(bridge): ++ LOG.debug("Starting bridge %s ", bridge) ++ utils.execute('ifconfig', 'bridge', 'create', 'name', bridge, run_as_root=True) ++ utils.execute('ifconfig', bridge, 'ether', mac_address, run_as_root=True) ++ utils.execute('ifconfig', bridge, 'up', run_as_root=True) ++ LOG.debug("Done starting bridge %s", bridge) ++ ++ full_ip = '%s/%s' % (network['dhcp_server'], ++ network['cidr'].rpartition('/')[2]) ++ utils.execute('ifconfig', bridge, full_ip, 'add', run_as_root=True) ++ ++ return dev ++ ++ def unplug(self, network): ++ dev = self.get_dev(network) ++ if not device_exists(dev): ++ return None ++ else: ++ delete_net_dev(dev) ++ return dev ++ ++ def get_dev(self, network): ++ dev = self.GATEWAY_INTERFACE_PREFIX + str(network['uuid'][0:11]) ++ return dev ++ ++ def get_bridge(self, network): ++ bridge = self.BRIDGE_NAME_PREFIX + str(network['uuid'][0:11]) ++ return bridge ++ ++ ++class FirewallManager(object): ++ def __init__(self, execute=_execute): ++ self.execute = execute ++ self.apply_deferred = False ++ self.anchor = 'org.openstack/%s' % get_binary_name() ++ self.rules = { ++ "translation": [], ++ "filtering": [] ++ } ++ self.is_dirty = False ++ ++ def _get_rule_section(self, rule): ++ LOG.warning("processing rule: %s" % rule) ++ head, tail = rule.split(' ', 1) ++ if head in ('nat', 'rdr'): ++ return 'translation' ++ elif head in ('pass', 'block'): ++ return 'filtering' ++ else: ++ return None ++ ++ def add_rule(self, rule): ++ cleaned_rule = rule.strip() ++ section = self._get_rule_section(cleaned_rule) ++ if section: ++ if cleaned_rule not in self.rules[section]: ++ self.rules[section].append(cleaned_rule) ++ self.is_dirty = True ++ LOG.warning("Added rule to %s: %s", section, cleaned_rule) ++ ++ def remove_rule(self, rule): ++ cleaned_rule = rule.strip() ++ section = self._get_rule_section(cleaned_rule) ++ LOG.warning("Removing rule from %s: %s", section, cleaned_rule) ++ if section: ++ try: ++ self.rules[section].remove(cleaned_rule) ++ self.is_dirty = True ++ except: ++ pass ++ ++ def defer_apply_on(self): ++ self.apply_deferred = True ++ ++ def defer_apply_off(self): ++ self.apply_deferred = False ++ self.apply() ++ ++ def dirty(self): ++ return self.is_dirty ++ ++ def apply(self): ++ if self.apply_deferred: ++ return ++ if self.dirty(): ++ self._apply() ++ else: ++ LOG.debug("Skipping apply due to lack of new rules") ++ ++ @utils.synchronized('pfctl', external=True) ++ def _apply(self): ++ all_lines = [] ++ all_lines.extend(self.rules['translation']) ++ all_lines.extend(self.rules['filtering']) ++ all_lines.extend(["\n"]) ++ ++ self.is_dirty = False ++ self.execute("pfctl", "-a", self.anchor, "-f", "-", ++ process_input="\n".join(all_lines), ++ run_as_root=True) ++ LOG.warning("FirewallManager.apply completed with success") ++ ++ def get_gateway_rules(self, bridge): ++ LOG.warning("FirewallManager.get_gateway_rules: " ++ "Please configure rules in pf.conf") ++ return [] ++ ++ def ensure_gateway_rules(self, bridge): ++ for rule in self.get_gateway_rules(bridge): ++ self.add_rule(rule) ++ ++ def remove_gateway_rules(self, bridge): ++ for rule in self.get_gateway_rules(bridge): ++ self.remove_rule(rule) ++ ++ def ensure_bridge_rules(self, bridge): ++ LOG.warning("FirewallManager.ensure_bridge_rules: " ++ "Please configure rules in pf.conf") ++ ++ def remove_bridge_rules(self, bridge): ++ LOG.warning("FirewallManager.remove_bridge_rules: " ++ "Please configure rules in pf.conf") ++ ++ def ensure_dhcp_isolation(self, interface, address): ++ LOG.warning("FirewallManager.ensure_dhcp_isolation: " ++ "DHCP isolation is not yet implemented") ++ ++ def remove_dhcp_isolation(self, interface, address): ++ LOG.warning("FirewallManager.remove_dhcp_isolation: " ++ "DHCP isolation is not yet implemented") ++ ++ def ensure_in_network_traffic_rules(self, fixed_ip, network): ++ LOG.warning("FirewallManager.ensure_in_network_traffic_rules: " ++ "Please configure rules in pf.conf") ++ ++ def remove_in_network_traffic_rules(self, fixed_ip, network): ++ LOG.warning("FirewallManager.remove_in_network_traffic_rules: " ++ "Please configure rules in pf.conf") ++ ++ def floating_forward_rules(self, floating_ip, fixed_ip, device): ++ rules = [] ++ rules.append("rdr inet from any to %s -> %s" % (floating_ip, fixed_ip)) ++ ++ return rules ++ ++ def ensure_floating_rules(self, floating_ip, fixed_ip, device): ++ for rule in self.floating_forward_rules(floating_ip, fixed_ip, device): ++ self.add_rule(rule) ++ ++ def remove_floating_rules(self, floating_ip, fixed_ip, device): ++ for rule in self.floating_forward_rules(floating_ip, fixed_ip, device): ++ self.remove_rule(rule) ++ ++ def add_snat_rule(self, ip_range, is_external=False): ++ if CONF.routing_source_ip: ++ if is_external: ++ if CONF.force_snat_range: ++ snat_range = CONF.force_snat_range ++ else: ++ snat_range = [] ++ else: ++ snat_range = ['0.0.0.0/0'] ++ for dest_range in snat_range: ++ if not is_external and CONF.public_interface: ++ firewall_manager.add_rule("nat on %s inet from %s to %s -> %s" % ++ (CONF.public_interface, ++ ip_range, ++ dest_range, ++ CONF.routing_source_ip)) ++ else: ++ firewall_manager.add_rule("nat inet from %s to %s -> %s" % ++ (ip_range, ++ dest_range, ++ CONF.routing_source_ip)) ++ firewall_manager.apply() ++ ++ ++firewall_manager = FirewallManager() ++ ++ ++def get_firewall_manager(): ++ return firewall_manager +-- +2.8.1 + Property changes on: head/emulators/py-nova/files/06-freebsd-net.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-api.in =================================================================== --- head/emulators/py-nova/files/nova-api.in (nonexistent) +++ head/emulators/py-nova/files/nova-api.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_api +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_api: +# +# nova_api_enable="YES" +# +# nova_api_enable (bool): +# Set it to "YES" to enable nova_api. +# Default is "NO". +# +# nova_api_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_api_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_api_logdir}/nova-api.log" +# + +. /etc/rc.subr + +name=nova_api +rcvar=nova_api_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-api.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_api_enable:="NO"} +: ${nova_api_logdir:="/var/log/nova"} +: ${nova_api_args:="--log-file ${nova_api_logdir}/nova-api.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-api ${nova_api_args}" + +nova_precmd() { + mkdir -p ${nova_api_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-api.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-cells.in =================================================================== --- head/emulators/py-nova/files/nova-cells.in (nonexistent) +++ head/emulators/py-nova/files/nova-cells.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_cells +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_cells: +# +# nova_cells_enable="YES" +# +# nova_cells_enable (bool): +# Set it to "YES" to enable nova_cells. +# Default is "NO". +# +# nova_cells_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_cells_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_cells_logdir}/nova-cells.log" +# + +. /etc/rc.subr + +name=nova_cells +rcvar=nova_cells_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-cells.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_cells_enable:="NO"} +: ${nova_cells_logdir:="/var/log/nova"} +: ${nova_cells_args:="--log-file ${nova_cells_logdir}/nova-cells.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-cells ${nova_cells_args}" + +nova_precmd() { + mkdir -p ${nova_cells_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-cells.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-cert.in =================================================================== --- head/emulators/py-nova/files/nova-cert.in (nonexistent) +++ head/emulators/py-nova/files/nova-cert.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_cert +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_cert: +# +# nova_cert_enable="YES" +# +# nova_cert_enable (bool): +# Set it to "YES" to enable nova_cert. +# Default is "NO". +# +# nova_cert_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_cert_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_cert_logdir}/nova-cert.log" +# + +. /etc/rc.subr + +name=nova_cert +rcvar=nova_cert_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-cert.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_cert_enable:="NO"} +: ${nova_cert_logdir:="/var/log/nova"} +: ${nova_cert_args:="--log-file ${nova_cert_logdir}/nova-cert.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-cert ${nova_cert_args}" + +nova_precmd() { + mkdir -p ${nova_cert_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-cert.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-compute.conf.sample =================================================================== --- head/emulators/py-nova/files/nova-compute.conf.sample (nonexistent) +++ head/emulators/py-nova/files/nova-compute.conf.sample (revision 428837) @@ -0,0 +1,15 @@ +[DEFAULT] +compute_driver=libvirt.LibvirtDriver +force_raw_images = True +use_cow_images = False + +[libvirt] +virt_type=qemu + +# Force using PHY driver for Xen hypervisor +force_xen_phy=True + +# Disable CPU tracking when using QEMU driver. +# Change this option to True when using Xen driver. +online_cpu_tracking=False + Property changes on: head/emulators/py-nova/files/nova-compute.conf.sample ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-compute.in =================================================================== --- head/emulators/py-nova/files/nova-compute.in (nonexistent) +++ head/emulators/py-nova/files/nova-compute.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_compute +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_compute: +# +# nova_compute_enable="YES" +# +# nova_compute_enable (bool): +# Set it to "YES" to enable nova_compute. +# Default is "NO". +# +# nova_compute_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_compute_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_compute_logdir}/nova-compute.log" +# + +. /etc/rc.subr + +name=nova_compute +rcvar=nova_compute_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-compute.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_compute_enable:="NO"} +: ${nova_compute_logdir:="/var/log/nova"} +: ${nova_compute_args:="--log-file ${nova_compute_logdir}/nova-compute.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-compute ${nova_compute_args}" + +nova_precmd() { + mkdir -p ${nova_compute_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-compute.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-conductor.in =================================================================== --- head/emulators/py-nova/files/nova-conductor.in (nonexistent) +++ head/emulators/py-nova/files/nova-conductor.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_conductor +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_conductor: +# +# nova_conductor_enable="YES" +# +# nova_conductor_enable (bool): +# Set it to "YES" to enable nova_conductor. +# Default is "NO". +# +# nova_conductor_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_conductor_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_conductor_logdir}/nova-conductor.log" +# + +. /etc/rc.subr + +name=nova_conductor +rcvar=nova_conductor_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-conductor.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_conductor_enable:="NO"} +: ${nova_conductor_logdir:="/var/log/nova"} +: ${nova_conductor_args:="--log-file ${nova_conductor_logdir}/nova-conductor.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-conductor ${nova_conductor_args}" + +nova_precmd() { + mkdir -p ${nova_conductor_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-conductor.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-consoleauth.in =================================================================== --- head/emulators/py-nova/files/nova-consoleauth.in (nonexistent) +++ head/emulators/py-nova/files/nova-consoleauth.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_consoleauth +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_consoleauth: +# +# nova_consoleauth_enable="YES" +# +# nova_consoleauth_enable (bool): +# Set it to "YES" to enable nova_consoleauth. +# Default is "NO". +# +# nova_consoleauth_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_consoleauth_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_consoleauth_logdir}/nova-consoleauth.log" +# + +. /etc/rc.subr + +name=nova_consoleauth +rcvar=nova_consoleauth_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-consoleauth.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_consoleauth_enable:="NO"} +: ${nova_consoleauth_logdir:="/var/log/nova"} +: ${nova_consoleauth_args:="--log-file ${nova_consoleauth_logdir}/nova-consoleauth.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-consoleauth ${nova_consoleauth_args}" + +nova_precmd() { + mkdir -p ${nova_consoleauth_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-consoleauth.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-network.in =================================================================== --- head/emulators/py-nova/files/nova-network.in (nonexistent) +++ head/emulators/py-nova/files/nova-network.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_network +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_network: +# +# nova_network_enable="YES" +# +# nova_network_enable (bool): +# Set it to "YES" to enable nova_network. +# Default is "NO". +# +# nova_network_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_network_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_network_logdir}/nova-network.log" +# + +. /etc/rc.subr + +name=nova_network +rcvar=nova_network_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-network.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_network_enable:="NO"} +: ${nova_network_logdir:="/var/log/nova"} +: ${nova_network_args:="--log-file ${nova_network_logdir}/nova-network.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-network ${nova_network_args}" + +nova_precmd() { + mkdir -p ${nova_network_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-network.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-scheduler.in =================================================================== --- head/emulators/py-nova/files/nova-scheduler.in (nonexistent) +++ head/emulators/py-nova/files/nova-scheduler.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_scheduler +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_scheduler: +# +# nova_scheduler_enable="YES" +# +# nova_scheduler_enable (bool): +# Set it to "YES" to enable nova_scheduler. +# Default is "NO". +# +# nova_scheduler_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_scheduler_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_scheduler_logdir}/nova-scheduler.log" +# + +. /etc/rc.subr + +name=nova_scheduler +rcvar=nova_scheduler_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-scheduler.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_scheduler_enable:="NO"} +: ${nova_scheduler_logdir:="/var/log/nova"} +: ${nova_scheduler_args:="--log-file ${nova_scheduler_logdir}/nova-scheduler.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-scheduler ${nova_scheduler_args}" + +nova_precmd() { + mkdir -p ${nova_scheduler_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-scheduler.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova-serialproxy.in =================================================================== --- head/emulators/py-nova/files/nova-serialproxy.in (nonexistent) +++ head/emulators/py-nova/files/nova-serialproxy.in (revision 428837) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: nova_serialproxy +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable nova_serialproxy: +# +# nova_serialproxy_enable="YES" +# +# nova_serialproxy_enable (bool): +# Set it to "YES" to enable nova_serialproxy. +# Default is "NO". +# +# nova_serialproxy_logdir (str): +# Set it to chagge log directory +# Default is "/var/log/nova" +# +# nova_serialproxy_args (str): +# Set it to change command line arguments. +# Default is "--log-file ${nova_serialproxy_logdir}/nova-serialproxy.log" +# + +. /etc/rc.subr + +name=nova_serialproxy +rcvar=nova_serialproxy_enable + +PATH=%%PREFIX%%/bin:%%PREFIX%%/sbin:$PATH + +pidfile="/var/run/nova-serialproxy.pid" +procname="%%PREFIX%%/bin/python2.7" + +start_precmd=nova_precmd + +load_rc_config $name + +: ${nova_serialproxy_enable:="NO"} +: ${nova_serialproxy_logdir:="/var/log/nova"} +: ${nova_serialproxy_args:="--log-file ${nova_serialproxy_logdir}/nova-serialproxy.log"} + +command="/usr/sbin/daemon" +command_args="-f -p ${pidfile} nova-serialproxy ${nova_serialproxy_args}" + +nova_precmd() { + mkdir -p ${nova_serialproxy_logdir} +} + +run_rc_command "$1" Property changes on: head/emulators/py-nova/files/nova-serialproxy.in ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/files/nova.conf.sample =================================================================== --- head/emulators/py-nova/files/nova.conf.sample (nonexistent) +++ head/emulators/py-nova/files/nova.conf.sample (revision 428837) @@ -0,0 +1,80 @@ +[DEFAULT] +dhcpbridge_flagfile=/usr/local/etc/nova/nova.conf +dhcpbridge=/usr/local/bin/nova-dhcpbridge +log-dir=/var/log/nova +state_path=/var/lib/nova +force_dhcp_release=False +verbose=True +ec2_private_dns_show_ip=True +enabled_apis=osapi_compute,metadata +rpc_backend = rabbit +auth_strategy = keystone +my_ip = 192.168.1.10 +use_neutron = False +firewall_driver = nova.virt.firewall.NoopFirewallDriver +use_ipv6 = False + +osapi_compute_listen="0.0.0.0" +osapi_compute_listen_port=8774 + +network_driver=nova.network.freebsd_net +libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtGenericVIFDriver +freebsdnet_interface_driver=nova.network.freebsd_net.FreeBSDBridgeInterfaceDriver +l3_lib=nova.network.l3.FreeBSDNetL3 +network_api_class=nova.network.api.API +security_group_api=nova +network_manager=nova.network.manager.FlatDHCPManager +network_size=254 +allow_same_net_traffic=False +multi_host=True +send_arp_for_ha=False +share_dhcp_address=True +# specify nic for public +public_interface=em0 +# specify any name you like for bridge +flat_network_bridge=br100 +flat_interface=tap0 + +[vnc] +enabled = False + +[glance] +api_servers = http://controller:9292 + +[keystone_authtoken] +auth_uri = http://controller:5000 +auth_url = http://controller:35357 +memcached_servers = controller:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = nova +password = nova + +[oslo_messaging_rabbit] +rabbit_host = controller +rabbit_userid = openstack +rabbit_password = RABBIT_PASS + +[api_database] +connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api + +[database] +connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova + +[oslo_concurrency] +lock_path=/var/lock/nova + +[libvirt] +use_virtio_for_bridges=True + +# add this options when using QEMU +cpu_mode=none + +[wsgi] +api_paste_config=/usr/local/etc/nova/api-paste.ini + +[serial_console] +# Enable serial console when using QEMU driver +enabled=True Property changes on: head/emulators/py-nova/files/nova.conf.sample ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/pkg-descr =================================================================== --- head/emulators/py-nova/pkg-descr (nonexistent) +++ head/emulators/py-nova/pkg-descr (revision 428837) @@ -0,0 +1,5 @@ +OpenStack Nova provides a cloud computing fabric controller, supporting a wide +variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), +Hyper-V, VMware, XenServer and OpenStack Ironic. + +WWW: http://openstack.org/nova Property changes on: head/emulators/py-nova/pkg-descr ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/pkg-message =================================================================== --- head/emulators/py-nova/pkg-message (nonexistent) +++ head/emulators/py-nova/pkg-message (revision 428837) @@ -0,0 +1,47 @@ +Please note that this is a development version of nova. +Many features are not available. + +Currently nova works on FreeBSD 11 and supports QEMU and Xen. + +Common issues: +- Security groups are not implemented +- ARP spoofing, DHCP isolation protection are not implemented +- Nova services work from the root user +- No IPv6 support + +QEMU issues: +- Need to enable serialconsole (TCP) +- Need to disable online CPU tracking +- Cannot mount cinder volumes + +Xen issues: +- Live snapshots doesn't work +- No support for cinder volume hot-plugging +- XENBUS delay (5 min) when using qemu driver and COW images +- Some linux images cannot be booted + +Nova requires procfs to be mounted. +Please add this line to /etc/fstab: +proc /proc procfs rw 0 0 + +Also devel/libvirt port should be installed with enabled QEMU +backend or qemu tools installed separately. + +Directory to keep VM data should be created manually +# su -m nova -c "mkdir /var/lib/nova/instances" + +For proper networking enable PF +# sysrc pf_enable="YES" +# sysrc pflog_enable="YES" +# sysrc gateway_enable="YES" + +/etc/pf.conf should contain: +rdr-anchor "org.openstack/*" +nat-anchor "org.openstack/*" +anchor "org.openstack/*" + +To boot images on Xen please specify glance metadata properties +glance image-update b1216ff6-23ec-4a08-baee-43994760158a \ + --property hypervisor_type=xen \ + --property vm_mode=hvm \ + --property hw_disk_bus=xen Property changes on: head/emulators/py-nova/pkg-message ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/emulators/py-nova/pkg-plist =================================================================== --- head/emulators/py-nova/pkg-plist (nonexistent) +++ head/emulators/py-nova/pkg-plist (revision 428837) @@ -0,0 +1,18 @@ +@owner nova +@dir %%ETCDIR%% +%%ETCDIR%%/release.sample +@sample %%ETCDIR%%/nova.conf.sample +@sample %%ETCDIR%%/nova-compute.conf.sample +@sample %%ETCDIR%%/logging.conf.sample +%%ETCDIR%%/README-nova.conf.txt +%%ETCDIR%%/api-paste.ini +%%ETCDIR%%/cells.json +@sample %%ETCDIR%%/nova-config-generator.conf.sample +@sample %%ETCDIR%%/nova-policy-generator.conf.sample +%%ETCDIR%%/policy.json +@owner root +@sample %%ETCDIR%%/rootwrap.conf.sample +@dir %%ETCDIR%%/rootwrap.d +%%ETCDIR%%/rootwrap.d/api-metadata.filters +%%ETCDIR%%/rootwrap.d/compute.filters +%%ETCDIR%%/rootwrap.d/network.filters Property changes on: head/emulators/py-nova/pkg-plist ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property