Servidores centros secundaria

apaga_clientes > /dev/null

/sbin/apaga_clientes

apaga_clientes

#!/bin/bash

#Ejecuta un "poweroff -fp" todos los hosts, ya sean portatiles o clientes

# ligeros que esten conectados en esa clase en ese instante.

#

#Basado en el script ejecutaenhosts de Ricardo Salgado Cid

#IESO Galisteo

#

#No usamos --system-dns, ya que no nos interesa el nombre de las maquinas

#y asi nmap es mucho mas rápido.

listahosts=$(nmap -oG - -sP 192.168.0.200-253 | grep -v '^#' | tr -d '()' | awk '{print $2}' | sort)

if [ -z "$listahosts" ]; then

echo "No se ha encontrado ninguna maquina conectada"

exit 0

else

echo "Se apagaran $(echo $listahosts | tr " " "\n" | wc -l ) maquina/s"

fi

for ip in $listahosts

do

echo "Apagando $ip"

ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 -o ServerAliveCountMax=2 -o ServerAliveInterval=10 -i /var/lib/portatil/.ssh/id_rsa root@$ip "poweroff -fp" &

done

echo -n "Esperando a que terminen los procesos "

for job in $(jobs -p)

do

echo -n "."

wait $job

done

echo "Hecho!"

# Remove some system services that don't make sense in live sessions.

# The user can add more items by declaring space separated RM_SYSTEM_SERVICES

# or RM_THIN_SYSTEM_SERVICES lists in lts.conf. The RM_THIN_SYSTEM_SERVICES list

# is ignored by fat clients.

# KEEP_SYSTEM_SERVICES is a space separated whitelist of services.

allowed_services() {

local service description

echo "$@" | while read service description; do

case " $KEEP_SYSTEM_SERVICES " in

*" $service "*)

;;

*)

echo -n " $service"

;;

esac

done

}

# $RM_SYSTEM_SERVICES are removed for all clients

rm_services="$RM_SYSTEM_SERVICES $(allowed_services "

alsa-restore # Restore sound card(s') mixer state(s)

alsa-store # Save sound card(s') mixer state(s)

exim4 # exim4 Mail Transport Agent

grub-common # Record successful boot for GRUB

lightdm # Light Display Manager

modemmanager # Modem manager

nbd-client # Network Block Device client (we use nbd-disconnect)

plymouth-stop # Hide the splash screen

rfkill-store # Store software rfkill state

tty2 # Getty

tty3 # Getty

tty4 # Getty

tty5 # Getty

tty6 # Getty

unattended-upgrades # Check if unattended upgrades are being applied

urandom # Save and restore random seed between restarts

ureadahead # Read required files in advance

ureadahead-other # Read required files in advance for other mountpoints

")"

# $RM_THIN_SYSTEM_SERVICES are removed for thin clients

if ! boolean_is_true "$LTSP_FATCLIENT"; then

rm_services="$rm_services $RM_THIN_SYSTEM_SERVICES $(allowed_services "

acpid # ACPI daemon

apparmor # AppArmor initialization

apport # Automatic crash report generation

atd # Deferred execution scheduler

bluetooth # Bluetooth daemon

brltty # Braille terminal driver

cups # CUPS Printing spooler and server

kerneloops # Collects and submits kernel crash signatures

network-manager # Network connection manager

ufw # Uncomplicated Firewall

upstart-socket-bridge # Bridge socket events into upstart

")"

# For low RAM thin clients, disable whatever isn't essential for booting

memtotal=$(sed -n 's/MemTotal: *\([0-9]*\) .*/\1/p' /proc/meminfo)

memtotal=$(($memtotal / 1024))

RM_RAM_THRESHOLD=${RM_RAM_THRESHOLD:-128}

if [ "$memtotal" -le "$RM_RAM_THRESHOLD" ]; then

rm_services="$rm_services $RM_LOW_RAM_SERVICES $(allowed_services "

anacron # anac(h)ronistic cron

dbus # D-Bus system message bus

cron # Regular background program processing daemon

rsyslog # System logging daemon

tty1 # Getty

upstart-udev-bridge # Bridge udev events into upstart

")"

fi

fi

# We don't need NFS-related services if we're not using nfs

if ! grep -q nfs /etc/fstab; then

rm_services="$rm_services $(allowed_services "

idmapd # NFSv4 id <-> name mapper

portmap # RPC portmapper replacement

rpcbind-boot # RPC portmapper replacement

")"

fi

for service in $rm_services; do

rm -f /etc/rc?.d/???"$service" "/etc/init.d/$service" "/etc/init/$service.conf"

done

Modificacion 24/03/2015

Alfonso Pastor

IES Virgen de Guadalupe

-Se incluye la instalación de avahi-daemon, ya que no está en la imagen de los

thinclients wheezy. Sin avahi-daemon el nmap con --system-dns no funciona en

thinclients y no pueden recuperarse sus nombres.

-Se crea un script apaga_clientes que envia "poweroff -fp" a todos los clientes

conectados en el rango 192.168.0.200-254. Usa nmap sin --system-dns de forma que

es mucho mas rápido que hacerlo desde ejecutaenhosts.

-Se modidifican los scripts:

apagado

compruebaprofe

halt-terminales

para que hagan uso de apaga_clientes

#################################################################

# Como tenemos dos tareas para controlar el apagado de terminales

# nos quedamos con la que viene en los nuevos servidores de aula

# pero modificada con el apagado de utilaula

################################################################

file {

"/root/.ssh/known_hosts":

ensure => absent,

file {

"/etc/init.d/halt-terminales":

owner => root, group => root, mode => 755,

source => "puppet:///modules/ltsp_wheezy_utilaula/halt-terminales",

notify => Exec[crear-enlaces-ejecucion];

exec { "crear-enlaces-ejecucion":

path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",

command => "update-rc.d halt-terminales defaults",

require => File["/etc/init.d/halt-terminales"],

unless => "ls /etc/rc6.d/K??halt-terminales";

}

#################################################################

package { "nmap":

ensure => latest,

}

user { "portatil":

uid => '900',

ensure => present,

home => '/var/lib/portatil',

managehome => true,

shell => '/bin/bash',

}

file {

"/var/lib/portatil/.ssh":

ensure => directory, owner => portatil, group => portatil, mode => 700,

require => User["portatil"] ;

"id-rsa":

path => "/var/lib/portatil/.ssh/id_rsa",

owner => portatil, group => portatil, mode => 600,

require => File["/var/lib/portatil/.ssh"],

source => "puppet://puppetinstituto/files/portatil-prof/id_rsa";

"id_rsa.pub":

path => "/var/lib/portatil/.ssh/id_rsa.pub",

owner => portatil, group => portatil, mode => 644,

require => File["/var/lib/portatil/.ssh"],

source => "puppet://puppetinstituto/files/portatil-prof/id_rsa.pub";

"/sbin/conectahost":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/conectahost";

"/sbin/listahosts":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/listahosts";

"/sbin/ejecutaenhosts":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/ejecutaenhosts";

"/sbin/arreglosportatil":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/arreglosportatil";

"/sbin/apagado":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/apagado";

"/sbin/reinicio":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/reinicio";

"/sbin/compruebaprofe":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/compruebaprofe";

"/sbin/apaga_clientes":

owner => root, group => root, mode => 750,

source => "puppet:///modules/ltsp_wheezy_utilaula/apaga_clientes";

"/opt/ltsp/i386/root/.ssh":

owner => root, group => root, mode => 755,

ensure => directory,

before => File["/opt/ltsp/i386/root/.ssh/authorized_keys2"];

"/opt/ltsp/i386/root/.ssh/authorized_keys2":

owner => root, group => root, mode => 600,

source => "/var/lib/portatil/.ssh/id_rsa.pub",

notify => Exec["crear-imagen-utilaula"];

#Limitamos el acceso a nmap

"/usr/bin/nmap":

owner => root, group => root, mode => 750;

#Solo si se quieren apagar los terminales/portatiles si no hay profesor

"/etc/cron.d/croncompruebaprofe":

owner => root, group => root, mode => 644,

source => "puppet:///modules/ltsp_wheezy_utilaula/croncompruebaprofe";

#En la imagen de los thinclients no viene avahi-daemon y es necesario para poder saber el nombre de los clientes

#desde el servidor de aula (prefijo .local) desde utilaula o al hacer un ping/ssh.

exec { "instala_avahi_thinclient":

path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",

command => "chroot /opt/ltsp/i386 apt-get -y install avahi-daemon",

#No se incluye el montaje de proc en el comando. Si se pone daba problemas en la instalacion del paquete.

unless => "chroot /opt/ltsp/i386 dpkg -l | grep avahi-daemon grep ^ii",

notify => Exec["crear-imagen-utilaula"]

}

#Actualizamos este script para evitar que borre avahi-daemon de la imagen

#de los thinclients.

file {"/opt/ltsp/i386/usr/share/ltsp/init-ltsp.d/50-rm-system-services":

owner => root, group => root, mode => 644,

source => "puppet:///modules/ltsp_wheezy_utilaula/50-rm-system-services",

notify => Exec["crear-imagen-utilaula"]

}

exec { "crear-imagen-utilaula":

command => "/root/prepara-imagen-thinclient",

refreshonly => true;

}

} # Fin clase