SchoolTool demo server ====================== Downloading and installing all the dependencies might be too high a price to give SchoolTool a try for a casual school software user. The suggested solution is to set up a dedicated SchoolTool demo server wherein separate Schooltool instances will be created in a User Mode Linux virtual machine. These SchoolTool demo instances will be "garbage collected" when they are no longer used (or after a fixed period of time) so the demo server is not starved on resources. Originally the idea was to create a separate UML machine for every demo instance, but the resource cost turned out too big. Since the reason for considering UML was to protect the host machine from SchoolTool instances rather than to protect SchoolTool instances from each other, a single UML machine is sufficient. Architecture ------------ The demo system is running inside a virtual UML machine running Debian. It is reachable from the Internet over a virtual network interface with the help of iptables port forwarding. The demo system consists of the following parts - SchoolTool milestone 5 installed (possibly from the Debian package). - A number of demo installations (e.g. in /srv/schooltool-demo). Each subdirectory corresponds to a single demo instance and is named by the numeric id. Each subdirectory contains the following files: . conf -- config file . Data.fs* -- data files . pid -- pid file (exists only while the server is running, barring crashes) . error.log -- error log file . access.log -- hit log file An instance is said to exist if the conf file exists. Merely testing for the presence of a subdirectory is not enough (the democtl script does not remove files it does not know about, but it always removes the config file). Every demo instance is running with different Unix credentials and on a separate port. The uid, gid and port number can be calculated from the instance number. - A script to manage demo instances (/opt/schooltool-demo/bin/democtl). It accepts the following arguments . start n -- start instance n. Barfs if instance n does not exist. Does nothing if instance n is already running. . stop n -- stop instance n. Barfs if instance n does not exist. Does nothing if instance n is not running. . status n -- check if instance n is running. Prints a status message to stdout. Returns status code 0 if instance n is running or status code 1 if it is not running. . destroy n -- destroy instance n. Stops the instance if it is running. Barfs if instance n does not exist. By 'destroy' I mean that the instance subdirectory is removed. . new -- find an unused instance id, create and start the instance, and print the id. Returns status code 0 on success, 3 when the instance limit is reached, 1 on other errors. If --sampleschool is passed on the command line after 'new', the new instance will have its database copied from the sample school template database. - An init.d script (/etc/init.d/schooltool-demo) that starts all existing instances on system startup and stops them on shutdown. - A cron script (/opt/schooltool-demo/bin/cleanup) that periodically looks for and removes expired demo instances. - A suid-root wrapper (/opt/schooltool-demo/bin/schooltool-new) that can be called by the web application to create a new instance. It wraps 'democtl new'. - A web application for registering new users. On the host system: - An init.d script (/etc/init.d/schooltool-demo) that starts the schooltool-demo UML instance on startup and gracefully stops it on shutdown. Installation ------------ Read INSTALL.txt. Maintencance ------------ In general the system requires little maintenance. It is a good idea to subscribe to and install all the relevant security updates when they appear. You can download them manually and use scp and/or hostfs to transport them into the UML filesystem, or you can use apt-get update; apt-get upgrade. In order to use apt-get directly, you need to add the following lines to /etc/apt/sources.list inside UML: deb http://security.debian.org/ stable/updates main contrib non-free deb http://security.debian.org/ testing/updates main contrib non-free and make sure IP forwarding and masquerading is enabled on the host system (or use a local proxy server by specifying it in /etc/apt/apt.conf inside UML).