[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Freeipmi-devel] Re: [llnl-devel] How to enable users on the BMC
|
From: |
Anand Babu |
|
Subject: |
[Freeipmi-devel] Re: [llnl-devel] How to enable users on the BMC |
|
Date: |
Tue, 23 Dec 2003 16:29:48 -0800 |
|
User-agent: |
Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux) |
Albert has already fixed the bug. Ian will patch his bmc utility and
upload the source tar ball.
-ab
>Albert,
>I can't quite figure out your changes. AB is working on it, but I was
>hoping to apply them myself. Can you send a diff to bmc-make-user.c ?
>Here is what I came up with, but it doesn't work.
>brian
> Hey Ian,
>
> I figured it out and I was able to enable a user on one of our test
> nodes and was able to successfully power status that node with that user.
>
> The bug is in your bmc-make-user program.
>
> If you take a look at the set-user-password command on 18.27 of the IPMI
> spec, you need to execute the set-user-password command TWICE.
>
> One time, you set the user-password by setting the second byte of the
> command 0x02...
>
> Then, you have to call set-user-password again, setting the second byte
> of the command to 0x01.
>
> Here's what I did to make it work on our system (after I used your
> bmc-make-user command to setup a user):
>
>
> net_fn_t net_fn;
> u_int8_t pkt[20];
>
> net_fn.fn = IPMI_NET_FN_APP_RQ;
> net_fn.lun = IPMI_BMC_IPMB_LUN_BMC;
>
> pkt[0] = ipmi_netfn2byte (net_fn);
> pkt[1] = IPMI_CMD_SET_USER_PASSWORD_CMD;
> pkt[2] = 0x02;
> pkt[3] = 0x01;
> // no need to put data in password buffer
>
> if (ipmi_kcs_write (pkt, 20) == -1)
> {
> printf("Error writing cmd\n");
> exit(1);
> }
>
> if (ipmi_kcs_read (pkt, 3) == -1)
> {
> printf("Error reading cmd\n");
> exit(1);
> }
>
> if (pkt[2] != IPMI_COMMAND_SUCCESS)
> {
> printf("Command did not succeed\n");
> exit(1);
> }
>
> Al
>
> --
> Albert Chu
> address@hidden
> Lawrence Livermore National Laboratory
>
> ----- Original Message -----
> From: Albert Chu <address@hidden>
> Date: Tuesday, December 23, 2003 1:25 pm
> Subject: [llnl-devel] enabling BMC users
>
>> Hey Ian,
>>
>> I got some of your code. I've been playing with it. I tried the "get
>> user access command" for the user we use to power off/power on our
>> testcluster. And the results I got were:
>>
>> bit 7 - reserved
>> bit 6 - user access available during call-in or callback direction
>> communication
>> bit 5 - user enabled for link authentication
>> bit 4 - user disabled for IPMI messaging
>> bit3-0: 0xF (no access).
>>
>> This is a username that we definitely use on our test cluster. So
>> needless to say, the data I got back was surprising. So perhaps
>> the set
>> user access command isn't the right command to use?
>>
>> I'll keep playing around, see what I can come up with. Let me know
>> howthings are going for you.
>>
>> Al
>>
>>
>>
>>
>>
>> --
>> Albert Chu
>> address@hidden
>> Lawrence Livermore National Laboratory
>>
>>
>> _______________________________________________
>> llnl-devel mailing list
>> address@hidden
>> http://californiadigital.com/cgi-bin/mailman/listinfo/llnl-devel
>>
>
>
> _______________________________________________
> llnl-devel mailing list
> address@hidden
> http://californiadigital.com/cgi-bin/mailman/listinfo/llnl-devel
>
>_______________________________________________
>llnl-devel mailing list
>address@hidden
>http://californiadigital.com/cgi-bin/mailman/listinfo/llnl-devel
--
Anand Babu
CaliforniaDigital.com
46832 Lakeview Blvd
Fremont, CA 94538
Office# +1-510-651-8811
Cell# +1-510-396-0717
Home# +1-510-894-0586
Fax# +1-510-651-8844
Free as in Freedom <www.gnu.org>