Skip to main content
Jump to: navigation, search

EMF Build Server Setup

Revision as of 19:16, 14 January 2008 by Codeslave.ca.ibm.com (Talk | contribs) (CVS configuration)

EMF Build Server Setup

You will need to be root for most of these tasks.

Install OS

Installation began with Ubuntu Server 6.06LTS, for x86. Very simple and straight forward. I partitioned the drive 36.4G drive like this:

sdb1   Boot, NC   Primary   Linux ext3   10000.01M
sdb2              Primary   Linux swap    1000.00M
sdb3              Primary   Linux ext3   25391.44M

Install via apt-get

apt-get install apache2 perl5 curl cvs sun-java6-jdk
apt-get install php5 php5-cgi php5-cli php5-curl 
apt-get install zip unzip tar bzip2 sudo screen sendmail
apt-get install openssh-server ccrypt tofrodos
apt-get install vim vim-common vim-scripts vim-gtk
apt-get install libgtk2.0-common libgtk2.0-0 libgtk2.0-bin
apt-get install xserver-xorg-core xvfb xserver-xorg-driver-vesa xrgb \
  xserver-xorg xserver-xorg-input-mouse xfs xkill xlsfonts xlsclients \
  xinit xinitrc xkeyboard-config kbd xserver-xorg-input-kbd xkbutils

Install & symlink

Set default editor to vim

  • If you prefer vim to nano, you'll have to do this:
export EDITOR=vim
  - or - 
cd /etc/alternative; rm -f editor; ln -s /usr/bin/vim editor

Recreate ssh keys

  • If upgrading from an existing server, you can copy the old server's ssh keys so that the server will "look" the same to users connecting via ssh.
cp /mnt/sda1/etc/ssh/* /etc/ssh/

Set a static IP address

/etc/network/interfaces

# The loopback interface
auto lo
iface lo inet loopback

# The first network card - this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
auto eth0
iface eth0 inet static
address 9.xx.yyy.zzz
netmask 255.255.254.0
network 9.xx.yyy.0
broadcast 9.xx.yyy.255
gateway 9.xx.yyy.1

Add bootable partitions to grub loader

/boot/grub/menu.lst

default         0
timeout         5

title           Ubuntu, kernel 2.6.15-26-server
root            (hd1,0)
kernel          /boot/vmlinuz-2.6.15-26-server root=/dev/sdb1 ro quiet splash
initrd          /boot/initrd.img-2.6.15-26-server
savedefault
boot

title           Ye Old Debian on sda1, kernel 2.4.25, no initrd
root            (hd0,0)
kernel          /boot/vmlinuz-2.4.25 root=/dev/sda1
boot

Fix web user (www-data)

  • Add group 'www':
addgroup www
  • Edit /etc/group. Add www group:

/etc/group

www:x:1008:www-data,user1,user2,user3,...
  • Edit /etc/passwd. Change users' home directories and shell:

/etc/passwd

www-data:x:33:33:www-data:/home/www-data:/bin/sh
  • Edit /etc/sudoers to let you run commands and switch to the web user w/o needing a password. Add the following lines:

/etc/sudoers

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Members of the www group can sudo to www-data
%www            ALL = (www-data) NOPASSWD: ALL
  • Switch to the web user. You should NOT be prompted for a password.
sudo -u www-data bash
  • Create an ssh key, WITH NO PASSPHRASE. Store in ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub:
ssh-keygen -b 2048 -t rsa
  • Copy contents of ~/.ssh/id_rsa.pub into ~/.ssh/authorized_keys file for user on dev.eclipse.org who will be running builds. This is so that the web user can commit changes to cvs (tagging, updating map files) for I, M, S & R builds. This is only required for EMF builds.
  • Test by ssh'ing to dev.eclipse.org, where _username_ should be replaced with your actual username:
ssh _username_@dev.eclipse.org
  • Run newgrp www so that when new files are created, they will use the group id www instead of www-data:
newgrp www
  • Set umask 022 so that files will be created with group write perms 664 (see #/etc/bashrc):
umask 022
  • Set the remote shell connection method for CVS to be ssh instead of the default rsh (see #/etc/bashrc):
export CVS_RSH=/usr/bin/ssh
  • Set an ANT_HOME and JAVA_HOME, and add ant to the PATH (see #/etc/bashrc):
export ANT_HOME=/opt/apache-ant-1.6
export JAVA_HOME=/opt/sun-java2-5.0
export PATH=${PATH}:${ANT_HOME}/bin
  • Switch to the root user.
  • Replace /etc/bashrc with this:

/etc/bashrc

[ -f ~/.alias ] && . ~/.alias

# set PATH so it includes user's private bin if it exists
if [ -d ~/bin ] ; then
    PATH=~/bin:"${PATH}"
fi

umask 022
export GREP_OPTIONS='--color=auto'
export GTK2_RC_FILES=$HOME/.gtkrc-2.0
export KDEDIR=/usr
export QTDIR=/usr/share/qt3
export EDITOR=vi
export LC_ALL=C; #for perl

norm="\033[0;39m";grey="\033[1;30m";green="\033[1;32m";brown="\033[0;33m";
yellow="\033[1;33m";blue="\033[1;34m";cyan="\033[1;36m";red="\033[1;31m";

ucol=$grey;
hcol=$yellow;
rcol=$red;

if [ $UID -eq 0 ]; then # root
  prompt="\! $rcol\]\u@$hcol\h$norm:\$(pwd)\\[$norm\]\n$rcol#$norm ";  fcol=$brown;
else
  prompt="\! $ucol\]\u@$hcol\h$norm:\$(pwd)\\[$norm\]\n$ucol\$$norm "; fcol=$ucol;
fi

# If this is an xterm set the title to user@host:dir
case $TERM in
 xterm*)
  export PS1=$prompt"\[\e]30;\u@\H\a\]"
  export PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD}\007"'
  ;;
 *)
  export PS1=$prompt
  ;;
esac
  • Add the following to .bashrc and .bash_profile files:

~/.bashrc

[ -f /etc/bashrc ] && . /etc/bashrc

~/.bash_profile

[ -f ~/.bashrc ] && . ~/.bashrc

  • Copy both .bashrc and .bash_profile into /etc/skel, so that new users will get these files in their home dirs.

Change Apache's default web dir

  • For consistency w/ other servers, edit /etc/apache2/sites-enabled/000-default and set Apache's default DocumentRoot to /var/www/html instead of /var/www.

Set up web content

  • Copy content from an existing server partition or else extract from CVS:
mkdir -p /home/www-data/build/modeling; cd /home/www-data/build/modeling;
cvs -d :pserver:anonymous@dev.eclipse.org:/cvsroot/modeling -q co -d scripts releng-common/tools/scripts
mkdir -p /var/www/html; cd /var/www/html; 
cvs -d :pserver:anonymous@dev.eclipse.org:/cvsroot/org.eclipse -q co -d modeling www/modeling
cvs -d :pserver:anonymous@dev.eclipse.org:/cvsroot/org.eclipse -q co -d eclipse.org-common www/eclipse.org-common

Fix permissions & ownership

  • Create a script called /usr/local/bin/wwwup, which does this:
#!/bin/bash

# update cvs
cd /var/www/html/modeling; cvs -q up -Pd;
cd /var/www/html/eclipse.org-common; cvs -q up -Pd;

# fix perms/groups
cd /var/www/html; find . -type f -exec chmod 664 {} \;
cd /var/www/html; find . -type d -exec chmod 2775 {} \;
cd /var/www/html; find . -exec chown www-data:www {} \;

# fix perms/groups
cd /home/www-data/build; find . -type f -exec chmod 664 {} \;
cd /home/www-data/build; find . -type d -exec chmod 2775 {} \;
cd /home/www-data/build; find . -exec chown www-data:www {} \;

# make scripts executable
cd /home/www-data/build/modeling/scripts; find . -type f -name "*.sh" -exec chmod 755 {} \;
  • Make the script executable, then run it:
chmod 775 /usr/local/bin/wwwup;
wwwup

Fix hostname

  • Ensure your /etc/hosts file contains something a line such as this, so that the server knows its own name:
127.0.0.1     localhost
9.xx.yyy.zzz  emf.torolab.ibm.com emf

Set up Build's Web UI

  • Clone existing web UI, then fix server name, version, branch, JDK requirement, email address & username:
cd /var/www/html/modeling/emft/
cp -r mwe newComponent;
vi newComponent/build/_common.php 
$ cat _common.php
<?php
require_once ("../../../includes/buildServer-common.php");

$options = array (
       "BaseBuilderBranch" => "v20070614",

       "BranchAndJDK" => array (
               "emft.eclipse.org=------------,------------",
               "0.7.0=HEAD,/opt/sun-java2-5.0",

               "build.eclipse.org=------------,------------",
               "0.7.0=HEAD,/opt/public/common/ibm-java2-ppc-50"
       ),

       "Mapfile_Rule_Default" => 0, // 0: "Use Map, No Tagging=use-false" or 1:"Generate Map, No Tagging=gen-false"

       "EmailDefault" => "someone@company.net", // prefil email contact box with comma-sep'd list

       "Users" => array("username", "username", null) /* build user, eclipse cvs user, IES cvs user */
);
?>
  • Create folder where builds will be produced
mkdir /home/www-data/build/modeling/emft/newComponent/downloads/drops
  • If the above new /build/ folder was created outside the web root and committed to CVS, update web UI in web path:
cd /var/www/html/modeling/emft/;
cvs -q up -Pd newComponent;
$isBuildServer = $_SERVER["SERVER_NAME"] = "127.0.0.1" || (preg_match("/^(emft|build)\.eclipse\.org$/", $_SERVER["SERVER_NAME"])) || $isEMFserver;
  • Check the website, http://servername/modeling/emft/newComponent/build/

Password Protection w/ .htaccess

  • If you require .htaccess security, put an .htaccess file in the /build/ folder like this one:
AuthName "Build Server Password Required"
AuthUserFile /path/to/password/file
AuthGroupFile /dev/null
AuthType Basic
require user authorizedUsername
  • Then create a password file in /path/to/password/file. You can use htpasswd to generate the password.
authorizedUsername:lXfv8s4tra.qI
  • Set permissions on the password file:
 chmod 444 /path/to/password/file
 chown www-data:www-data /path/to/password/file
  • Check the website, http://servername/modeling/emft/newComponent/build/ -- this time, you should be prompted for a password. Depending on your browser, you may have to close & reopen it.

Run a build

From the build page, http://servername/modeling/emft/newComponent/build/, fire a build.

Check the build log while it's running or after it completes. If you see any messages such as permission denied or the following, something is amiss.

Debugging tips

execvp: Permission denied
  • Shell scripts must contain unix line endings. Run dos2unix to make sure, if copying them from a non-unix filesystem.
  • Shell scripts /home/www-data/build/emft/scripts/*.sh must be executable. See #Fix permissions & ownership.




  • Directories, eg. /home/www-data/build/emft/jet/downloads/drops/1.0.0 must be writable by the web user (or group www). See #Fix permissions & ownership.




eclipse.org: Connection refused
cvs [checkout aborted]: end of file from server (consult above messages if any)
  • CVS connection refusals are the result of not being able to automatically ssh as the web user to _username_@dev.eclipse.org. This

could be a problem with ssh keys (see above - #Fix web user (www-data)) or the method CVS uses to connect (rsh instead of ssh - see #/etc/bashrc).




  • For any compilation-related problems, missing file problems, or other issues not touched upon in this document, see EMFT_Procedures.

Display build logs, details & test results

Builds - including unpublished Nightly builds - are listed on the downloads page here: http://emf.torolab.ibm.com/modeling/emf/downloads/.

Published builds are located here: http://downloads.eclipse.org/modeling/emf/downloads/.

Add additional users

  • As root, run:
adduser -p newuserpassword newuser
  • Then copy .bashrc, .bash_profile, and .alias from an existing user to the new user's home dir (if /etc/skel is not used).
 cp /home/user/.bashrc /home/user/.bash_profile /home/user/.alias /home/newuser
  • Fix permissions on copied files
 chown newuser:newuser /home/newuser/.bashrc /home/newuser/.bash_profile /home/newuser/.alias

Install & configure mysql server 5

  • Install
 apt-get install mysql-server-5.0 mysql-client-5.0

CVS configuration

  • Install
apt-get install cvs
  • Create cvs group
vi /etc/group
  • Add the following line (or similar), listing all the users to have CVS access, then exit and save (ESC, :wq)
cvs:x:115:user1,user2,user3,...
  • Create CVSROOT
cd /home; ln -s /var/lib/cvs
  • Set permissions
cd /home/cvs
chgrp -R cvs .
chmod -R 2775 . CVSROOT
  • Edit /home/cvs/CVSROOT/config; add or change LockDir to be:
LockDir=/var/lock/cvs
  • Create lock dir and set permissions
mkdir /var/lock/cvs
chgrp cvs /var/lock/cvs
chmod g+s /var/lock/cvs

See Also

Additional info and configuration steps are listed in EMFT Build Server Setup.

Back to the top