|
Software Developers Kit
Technical White Paper
Customization Overview 5
User Accounts / Passwords 7
Server Setup Wizard 9
Network Configurations 10
Custom Image Backup 11
Software Upgrades Support 12
General System Architecture / Layout 13
Customizing the Firewall 16
Templatized Configuration Files 18
Triggers 23
Useful Files 30
LCD Panel
Customization 31
By TAIS Computer System Engineering
Published 9/2002
The Toshiba Magnia SG20
is a multi-function server appliance, designed to provide ease of use
and a friendly setup and management environment for the end user. It
is based on Red Hat Linux 7.31. Because the Magnia SG20 is an
appliance, it contains the Red Hat 7.3 RPMs needed to provide its feature
set, as well as a variety of tools that allow direct access and modification
of the system for more experienced users. It does not contain
the entire suite of Red Hat 7.3 RPMs.
The Magnia SG20 provides a number of features targeted for small workgroups, remote offices and small business. These features are configurable through its administrative web interface, and include:
When customizing a Magnia SG20 image
to create a new preinstall image for your customers, it is important
to assure the preset factory configuration is not modified. Doing
so can result in a custom image shipped from the Toshiba factory to
your end users with modifications which may result in increased service
calls and a reduced initial customer satisfaction with his new system.
This white paper outlines some basic areas of which you should be aware,
and provides some techniques for customizing the system while maintaining
Magnia SG20s customer out of box experience.
The Magnia SG20 uses a proprietary web based interface and a set of middleware tools to allow the end user to manage the system. The internal mechanisms of this middleware use some unique methods of managing system configurations, such as templatized configuration files, and triggers. Direct modification of configuration files is not recommended. This document contains information on the internal management techniques and how you might take advantage of them during your application integration process.
Overview
Before beginning the process of customizing
a Magnia SG20 image, you may wish to capture the clean, unmodified image
on another hard disk. This will allow you to re-install a factory
fresh image if you need to restart the integration process. See
the section on custom image backup for more information on how to do
this.
Generally, the process of installing a custom application involves three basic steps:
Accessing the Magnia SG20
Access to the Magnia SG20 is accomplished
through three mechanisms.
First, for most customization, installation
and modifications, you should directly access the system using Telnet.
This will provide direct access to the system using a shell command
prompt. You can accomplish almost any task from this environment.
To access the Magnia SG20 using telnet,
set up a client computer connected to a private Ethernet port.
Verify you can access the web administration pages using the URL http://192.168.1.1.
Once this has been verified, bring up a command prompt and run Telnet:
telnet 192.168.1.1
When presented by the Linux login prompt,
use the account telnetuser with the default password toshiba2.
Once at a shell prompt, you can switch to the root account using the
su command.
Once at a root command prompt, you can proceed to install, recompile or modify software as required for your application integration.
Copying Software to the Magnia SG20
Once you have access to the Magnia
SG20, you will need to copy your application to the system, as well
as possible additional Linux support software such as databases or other
tools. There are two main ways of copying new software to the
Magnia SG20.
To copy files using FTP, invoke a command
prompt from any client attached to the Magnia SG20 built in Ethernet
switch. When prompted, log in to FTP as an anonymous user (the
default Magnia SG20 configuration only allows anonymous access).
Use normal FTP commands to copy files to the incoming directory.
Once these files are transferred, use telnet to browse to the /home/ftp/incoming
directory. You can then move and use these files as needed.
To copy files using file sharing, connect a client to the Magnia SG20 local network and browse the network neighborhood. The Magnia SG20 will appear in workgroup saworkgroup and will have the (default) computer name of myserver. Navigate to the share named public. Copy files to this directory, then use telnet to move and use these files within Linux as needed. The public share is mapped to the directory /home/public on the Magnia SG20.
Modifying the Magnia SG20 GUI
Once your application is installed
and running on the Magnia SG20, you may wish to provide additional links
or methods of accessing your application web interface. There
are several ways of accomplishing this:
More detail on this type of modification is included in another document.
Listing Installed Linux Packages
To determine the list of Linux packages
installed on your copy of the Magnia SG20 preinstall image, use the
RPM command. This will allow you to determine what revision of
each package has been installed on your working system. Use the
following command to list the installed RPMs:
rpm qa
Default accounts and Passwords
The Magnia SG20 is delivered to the end user with three predefined accounts. These accounts are:
All these accounts are assigned a default
password of toshiba when delivered from the factory. Changing
this password is not recommended, as it can make it difficult or impossible
for the end user to log in and administer the system.
Recommendation: Do not change the passwords of the system from the default.
Initial Account Creation
In order to assure that default password
for critical privileged accounts such as applianceadmin are changed
from the default, the Magnia SG20 uses a specific mechanism to update
the password on server initialization. When the user creates the first
user account, the password to all three predefined accounts are changed
to the password of this first account.
An example scenario is for the user
to open his new Magnia SG20, turn it on, and connect a PC to the built
in network. He would then run the Setup CD to configure his client
PC. During the Setup CD setup process, the Setup CD software creates
a new level 3 account for him on the server (for example, jsmith).
The user also selects a password at this time (for example maxmoney1).
This process changes the predefined accounts passwords to be maxmoney1.
This process of assigning the initial
user account password to the three predefined accounts takes place only
on the first user account creation. Subsequent user account creation
will not affect the predefined privileged account passwords.
This process will take place when creating
an account using either the Magnia SG20 Setup CD, or using the Administrative
Web interface.
Recommendation: Do not create a new user on your Magnia SG20 using the Setup CD or the Administrative Web interface. Use the existing applianceadmin account for access to the Web Administration or for file system access (network neighborhood). Use the existing telnet and root accounts for access to the system using telnet. Direct modifications to the system internals can be accomplished using these accounts.
When the Magnia SG20 is delivered from
the factory, it is internally flagged as an unconfigured, or uninitialized
system. When the Setup CD is run on a client connected to the
Magnia SG20, it will check to see if the server is in its unconfigured,
uninitialized state. If it is connected to an uninitialized system,
the Setup CD will (upon completion of the client setup) invoke the Server
Setup Wizard.
Server Setup Wizard
Once the user has completed the Server
Setup Wizard, the system is flagged as no longer uninitialized, and
subsequently the Server Setup Wizard will no longer be presented to
the end user.
Recommendation: Do not run the Client Setup CD. This will cause the Server Setup Wizard to be invoked, and the system will no longer be flagged as uninitialized.
The Magnia SG20 is delivered with the
Internet (public) connection set to none. This allows the user
to configure the system to their personal ISP requirements (Cable, DSL,
modem).
When customizing the Magnia SG20, it
may be desirable to configure the system to allow Internet or corporate
LAN access. This can be done, but you should be aware that after
changing networking configurations, they should be returned to their
original state prior to shipping an image back to Toshiba. Failure
to do so may result in unintended preset networking configurations being
delivered to your end users.
If it is necessary to configure the
public network for Internet or LAN access, the best method is to use
the Corporate LAN or Cable Modem option. This option can be
reset to none with little impact on the system.
Configuring public network access using
the phone modem or DSL is less desirable. Some settings, such
as phone number or user account / password, can be cached and may become
part of your final customized image (this is an ease of use feature
of the Magnia SG20 UI). This can result in the end user seeing
your account (the password will be masked) if they configure modem access.
Recommendation: Avoid changing the
networking configuration of the Magnia SG20 system while you are creating
the custom image. If you require Internet or LAN access, use the
Corporate LAN or Cable Modem option. Reset the configuration
to None before shipping the customized image.
There are numerous other networking configuration options that may be changed while implementing a custom image. These can include:
These settings can be safely changed, and then reset back to their factory defaults if required. You can even change these settings to your own preferred setting for shipment if desired.
When implementing the custom image,
it is easy to make a mistake and need to restore the system to a factory
original state, or to recover from an earlier version of your custom
image. The easiest and best way to accomplish this is to take
the original Magnia SG20 SDK preinstall image, and create a copy of
it prior to doing any work using the disk snapshot feature.
Second Disk Snapshot
The disk snapshot feature will take
a complete snapshot of the entire disk and place it on the secondary
disk in the second slot of the Magnia SG20. Work can then proceed;
if you need to go back to the original image for any reason, simply
switch the primary and secondary disks and boot from the snapshot backup.
With an additional hard disk, you can
also take periodic snapshots to preserve your image in case you need
to return to an earlier version during your customization process.
Recommendation: Take a snapshot of the original factory image before beginning work on a second disk. If needed, take periodic snapshots of your work on a third disk.
The standard retail version of the
Magnia SG20 is supported with a Software Upgrades site that allows end
users to view, download and apply new features and fixes. This
site services only customers using the standard Toshiba preinstall image.
Because Toshiba does not control the
changes or configuration of your preinstall image, each system integrator
will have their own Software Upgrades site. Toshiba may occasionally
inform you of a software upgrade available on the standard site which
you might wish to make available to end users with your custom image.
It is then up to you to decide whether Toshiba should deploy the upgrade
for your customers.
In order to provide an Upgrade Site specific to your preinstall images, Toshiba will edit a file on your image to point to this custom site before release to the factory. If you wish to retest your image after this change or if you do not want Toshiba to make this change, please inform your Toshiba sales person.
The Magnia SG20 is partitioned in the
following manner:
Partition |
Description |
Size |
/ |
Root (system) partition, non-volatile |
1 GB |
/var |
Scratch file partition, email, log files and other temporary data |
1.2 GB |
/home |
User data |
Expands to fill remaining amount of disk |
Swap Partition |
Swap area for memory pages |
120 MB |
The /home partition is where all user
data is placed. It contains some infrastructure for the support
of the Magnia SG20 system, but very little. User private data
and the public share, as well as user posted Intranet information are
stored here. The /home directory contains the following subdirectories:
Directory |
Description |
/home/backups |
This directory is used as a temporary location for data backup processing. |
/home/docs |
Documents posted for viewing using the Magnia SG20 preinstalled intranet are placed here. |
/home/ftp |
This directory contains the FTP applications sub directories, such as incoming and public. |
/home/intranet |
This directory is a pre-mapped location for a customized intranet. You can reach it using the URL http://myserver/intranet. You can easily create your own intranet site by placing the web pages here. |
/home/public |
This directory is the open, public directory in which users can share files. |
/home/users |
This directory contains the individual private subdirectories for each user with an account on the system. |
The Magnia SG20 system user interface,
middleware and configuration are placed almost entirely in the /sa2
directory. The user interface and management general architecture
is displayed below:
The file system reflects these elements
in its directory organization:
Directory |
Description |
/sa2/templates |
This directory contains the configuration file templates that are used to regenerate the system configuration files. |
/sa2/lang |
The HTML and other files used to generate the actual Magnia SG20 user interface are contained in this directory. Because the Magnia SG20 can support multiple languages, this area of the system is separated in to various language directory trees. The /sa2/lang/en tree is used to support English. |
/sa2/triggers |
This directory contains the trigger scripts invoked to perform system reconfiguration and other maintenance. |
/sa2/firewall |
This directory contains definition files for special firewall rules. By adding new directories and files here, you can add your own optional firewall rules. |
/sa2/conf |
All the Magnia SG20 specific configuration files are contained here. These configuration files are specific to the Magnia SG20 implementation. These configuration files do not replace the standard Linux configuration files. The primary configuration file of interest is main.conf, which is the central place where most configuration items from the user interface are placed. |
/sa2/lib |
This directory contains Perl and other modules used as general routines to support the CGI code and other Perl programs. |
/sa2/web |
The Perl, Java script, graphics and other web-based CGI code driving the Magnia SG20 are contained here. Web sites represented here are:
|
/sa2/firewall |
This directory contains subdirectories for each custom firewall rule. Each subdirectory corresponds to firewall rule the user can enable or disable through the advanced firewall settings option in the web administration UI. |
/sa2/log |
This directory contains logs specific to features implemented in the Magnia SG20 user interface. The logs in this directory do not replace the standard Linux application logs, typically contained in /var. |
/sa2/bin |
This directory contains general utility scripts and programs used by the Magnia SG20 to interface with the Linux system and the system hardware. |
/sa2/upgrades |
The upgrades directory contains information about the current state of the systems software upgrades. As this area is downloaded from, and communicates with the Toshiba Software Upgrades site, it is a good idea not to modify it. If your preinstall image is sent to the Toshiba factory, Toshiba will change a file in this directory to point to a custom software upgrade web site for your company. |
The Magnia SG20 is a Linux IP Tables
based firewall. The default configuration for the firewall is
established in the firewall template in /sa2/templates/etc/rc.d/init.d/iptables.
In addition, there are custom firewall rules defined which the user
can select or deselect as desired. These rules are accessible
through the web based remote administration screens, in the advanced
firewall page. These rules can be checked on or off (the default
is off). These custom rules open holes in the firewall for items
such as FTP access, Cisco VPN pass through, and Internet gaming.
Adding custom firewall rules in this area is the preferred method for
customization of the Magnia SG20 firewall.
Modifying
the firewall rules is not recommended unless you are experienced with
IP Tables and firewall definitions. Inappropriate rules added
to the firewall can result in your system becoming completely inaccessible,
requiring the disk be returned to the factory for re-imaging.
Use care when establishing new firewall rules.
Recommendation: take a disk snapshot
before changing or adding custom firewall rules, so that you can restore
the system if needed.
Adding a custom firewall rule that
can be selected and deselected using the web administration is simple.
By simply creating a new directory under the /sa2/firewall directory,
and placing several simple files in this directory, a new user selectable
firewall rule is added to the user interface.
To add a new custom firewall rule,
connect to the SG20 as root using telnet, and perform the following
steps.
/sa2/firewall/vpnport500
[% IF firewall.enabled -%]
# allow Sonic VPN clients through
# Note that port 500 is the source port, not destination port.
$IPTABLES -A FORWARD -p udp -s ANY/0 --sport 500 -i $INTIF -o $EXTIF -j
ACCEPT
[% END -%]
en=Custom VPN Client
The en= indicates this text description
is used for any English based display. For other languages, you
can specify sp, de, it, fr, and du for Spanish, German, Italian, French
and Spanish. If a language is invoked on the user interface, and
there is no corresponding language text in the description file, English
will be used as the default.
70
client
Once these steps have been performed,
a new selectable firewall rule will be added to the user interface.
A very easy way to get started with a new firewall rule is to use on of the existing firewall rule directories. Simply copy it and its contents to a new directory name, and then begin modification of the individual files to change the rules display name and IP Tables rule.
Many of the configuration files in
the Magnia SG20 are managed using templates. With this methodology,
a set of templates for each configuration file is maintained.
Then, when a change is made to the configuration file by the Magnia
SG20 user interface or other mechanism, the configuration file is regenerated
using these templates.
The Perl based middleware and CGI code
interfaces may need to modify the system configuration files(as when
a user is added or a configuration changed). When a change has
been made, a trigger is invoked, which will regenerate the corresponding
system configuration file using the configuration file templates.
Because these templatized configuration
files are regenerated periodically, changes to the files must be made
in the templates, not in the file itself. Changing the configuration
file directly will not work.
Templates are stored in /sa2/templates.
Each files templates are located under this directory based on the
files location in the system. For example, the /etc/passwd template
files are located in /sa2/templates/etc/passwd. The contents of
this directory are shown below.
05system |
15ftp |
15postgress |
footer |
10static |
15mysql |
20dynamic |
header |
As you can see, the configuration file
may be broken up in to several templates. Each template represents
one part of the configuration file, and the order in which they are
used is determined by the alphabetical sorting order of the template
file name. This is why a two-digit number, which determines its
placement within the final configuration file when it is regenerated,
precedes each template file name.
To place added elements in the configuration
file, such as a new user in the password file, you can add a new template
file in the configuration files template directory. Add the text
desired for placement in the configuration file in a new template file.
The file name should contain two leading digits that will determine
your additions placement within the regenerated configuration file.
Note that adding a template file will
not necessarily cause the configuration file to be regenerated.
Regeneration of a configuration file from its templates is only performed
when the system determines there has been a change requested by the
user in the user interface (in some cases system events may cause a
file to be regenerated, but this is rare). For example, the password
files are not regenerated unless the user adds, deletes or modifies
a user account using the web administrative user interface.
Configuration changes can be announced to the system using triggers. Triggers are the Magnia SG20s method of assuring whatever actions are appropriate for a configuration change are taken. Execution of a trigger will cause the appropriate configuration files to be regenerated. Please see the separate section of this document describing triggers for more detail.
The following configuration files are
templatized, and should not be modified directly. This list is
current as of the time of writing. Please check your system for
the actual list.
Directory |
File |
/etc |
aliases |
crontab | |
dhcpd.conf | |
ftpaccess | |
group | |
htgroup | |
htpasswd | |
inittab | |
named.conf | |
passwd | |
pptpd.conf | |
printcap | |
shadow | |
sysctl.conf | |
userdb | |
wvdial | |
/etc/atalk |
atalkd.conf |
netatalk.conf | |
/etc/fetchmail |
fetchmail |
/etc/httpd/conf |
httpd.admin |
httpd.intranet | |
/etc/isdn |
ibod.cf |
/etc/mail |
access |
genericstable | |
local-host-names | |
sendmail.mc | |
virtusertable | |
/etc/mgetty+sendfax |
login.config |
mgetty.config | |
/etc/ppp |
chap-secrets |
ioptions | |
ioptions.dialin | |
pap-secrets | |
pppoe.conf | |
/etc/ppp/peers |
dialin |
pptp | |
/etc/rc.d/init.d |
dhcpd |
iptables | |
named | |
network | |
pcmcia | |
/etc/samba |
smb.conf |
smbpasswd | |
/etc/squid |
squid.conf |
/etc/sysconfig |
clock |
ipchains | |
iptables.sh | |
network | |
/etc/sysconfig/network-scripts |
ifcfg-ethn |
ifdown-ippp | |
ifdown-ppp | |
ifup-ippp | |
ifup-post | |
ifup-ppp | |
/etc/sysconfig/tsb/tsb_ap_proc |
channel |
distance_between_aps | |
dtim_period | |
enable_encryption | |
enable_macfilter | |
key1 | |
key2 | |
key3 | |
key4 | |
keys | |
mac_accept | |
multicast_rate | |
network_name | |
reject_any | |
station_name | |
transmit_key_id | |
/etc/xinet.d |
ipop3 |
telnet | |
wu-ftpd | |
/sa2/conf |
lcdkbd.conf |
/sa2/web/admin |
htaccess |
/sa2/sbin |
ifdown-local |
ifup | |
ifup-local | |
/var/named |
domain |
domain.rev | |
/var/spool/cron |
root |
The template processor has both a Perl object-oriented interface and a command line wrapper. Each of these take two parameters: filename and mode.
The usage statement of the proctmpl
command-line wrapper is:
usage:
/sa2/bin/template -f <filename> -m <octal mode> -o <owner>
Output from the command-line wrapper is generated to STDOUT so a redirect is required to overwrite the current configuration file.
Where filename is the name of the actual
file you want to generate. Call it like this:
[/sa2/bin]#
./template -f /etc/sysconfig/ipchains -m 700 o root > /etc/sysconfig/ipchains
The perl object interface works like
this:
use
SA::Template;
my
$tmpl = new SA::Template;
$tmpl->process('/etc/sysconfig/ipchains', '0700') or
die "Couldn't process firewall";
$tmpl->process('/etc/sysconfig/network', '0700') or
die "Couldn't process network globals";
This will take the template files contained in the relative path under /sa2/templates/, concatenate them, and process the concatenated value using the Template Toolkit and the values contained in the /sa2/conf/main.conf.
There are a couple of different methods
of having services or scripts run at boot time. The Magnia SG20
supports the standard RC boot scripts common on several Linux and Unix
distributions. Depending on when your service or script needs
to be run during the boot sequence, you can use two methods of execution:
If you are starting daemon or application
processes at boot time, you need to make sure that they are shutdown
properly when an orderly shutdown is started on the SG20. You
should create an RC script for starting and stopping your daemon processes.
There are several examples in the /etc/rc.d/init.d directory on the
SG20 of scripts that stop and start daemon tasks.
A simple and straightforward example
of an application start and stop script is the /etc/rc.d/init.d/snmpd
startup script. This script starts and stops the SNMPD system
daemon on the SG20. As in this example, if your startup script
creates an empty file in /var/lock/subsys/ then your startup script
will also get called with a stop argument when the system is shutting
down. It is recommended that you implement code in your start/stop
script to handle the stop parameter and shut down your application tasks
in an orderly manner. This will help avoid possible killing of
the application tasks and loss of data when the system is shutdown.
You need to make sure that all of your running tasks and daemons are stopped when your startup script is called with a stop command. Your start / stop script should send signals to your application and daemon tasks, arranging for an orderly shutdown and cleanup of temporary files. Tasks that are not shutdown in an orderly manner at this time will be terminated by the operating system during the last stage of system shutdown.
The internal middleware supporting
the web administration and internal operations of the Magnia SG20 are
based on a trigger mechanism. Triggers are scripts (or sets of
scripts) that are executed when certain events occur on the system.
Though triggers may perform other tasks, the two primary tasks performed
are typically the regeneration of templatized configuration files, and
the stopping and starting of various related system services.
Magnia SG20 trigger scripts are written in Perl.
Events that cause triggers to be executed
usually involve any detected change in the state or configuration of
a specific system area or service. For example, the networking
triggers may be executed when there is a change in the IP address of
the public port (such as when a DHCP address is acquired). Triggers
are also executed when a change is made through the web administration
user interface. For example, adding or deleting a user could execute
the mod_users trigger to regenerate various password and user configuration
files.
Triggers can be useful when integrating your application in the Magnia SG20 system.
The core of the trigger mechanism is a series of directories, one per trigger (named after the trigger), that are organized under /sa2/triggers. These directories may be nested as deeply as desired for organization purposes, but the trigger name will be the portion of the directory path relative to /sa2/triggers. Each directory contains scripts that execute actions that are tied to the trigger. The actions will most likely include, but are not limited to, regenerating the template files for each dependent application, then restarting the dependent service. The scripts in each trigger directory should be indexed by zero-padded numeric string in a manner similar to the templates. The scripts will be executed in the order that ls l [0-9]* produces, so the filename of each script must start with a number.
Trigger Interface
The most common use of triggers when
creating custom applications is to assure that templatized configuration
changes are applied to the system after modification. In this
case, executing the proper trigger from the command line is all that
is needed. The usage statement of the trigger command is:
usage: trigger <trigger
name> <args>
Use it like this:
[/sa2/bin]# ./trigger network/mod_config
If you are writing custom Perl code
and need to execute a trigger, you can do so using the trigger object.
The Perl object oriented interface works like this:
use SA::Trigger;
my
$trigger = new SA::Trigger;
$trigger->(network/mod_config) or
die
Couldnt trigger mod_config\n;
The code above will sort the scripts
in the /sa2/triggers/network/mod_config directory, execute them one-by-one,
wait for exit status, and return an exit status to the caller.
It is important to note that trigger scripts should always return 0
unless there is a serious failure. If a trigger script returns
anything other than 0, the trigger script execution chain is stopped
and the return code is passed back to the caller.
The trigger parameter correlates to
the pre-defined trigger directory under the /sa2/triggers directory.
args are passed directly on the argv stack to the action scripts beneath
that directory which might need to do their jobs in a more granular
way, i.e. you might design a trigger called network/mod_config and
pass it the name of the interface on argv so that it only has to do
the work correlating to the change of that specific interface.
Or you might design a trigger called add_user and pass it the username
so that the relevant configuration and password files would not have
to be regenerated in their entirety; only the information relating to
that user would need to be added.
However, every action script should assume it could be fired by a trigger without any data and should be designed in such a way that in this instance, it regerates all of its configuration files and restarts all services that use those files. The developer must be very careful not to fire recursive events! Also, the developer must know (most likely through consulting the centralized configuration file through SA::Config) whether or not his service is enabled and whether or not he needs to fire given the change that was made, i.e. if the vpn only needs to reload if the external interface was changed and doesnt need to fire if the internal interface is changed, the developer is responsible for acting accordingly to keep the execution time of an trigger to a minimum.
Manually executing a trigger
A trigger can be executed directly
by executing the trigger command from a shell command line. This
can be useful when you have modified a configuration file template,
and want to execute the trigger that will process the template, regenerate
the configuration file, and restart any associated services. Invoke
a trigger using the syntax trigger <trigger name>. For
example,
trigger
mod_samba
Or
trigger
network/mod_dialin
Remember that some triggers will restart networking services, which may disconnect your telnet session.
Adding trigger scripts
You can add your own trigger, which can be useful if you wish to perform an application specific action as a result of a triggering condition. For example, if your application needs to know when the public port IP address has changed, you could add a script in the network/mod_ip trigger directory. Your script will be executed when the system public IP address is changed, along with any other triggers in this directory.
Triggers Implemented
The following list of triggers is accurate
as of the time of writing, and can help provide understanding of how
this mechanism is used. Verify the triggers on your system for
any recent changes.
Trigger |
Associated configuration files |
Triggering Events |
disktwo/autodetect |
System boot | |
disktwo/crontab |
UI change | |
disktwo/detect |
System boot | |
disktwo/mirror |
UI execution or scheduled mirror | |
disktwo/setconfig |
UI change | |
disktwo/status |
UI refresh | |
firstboot |
All templatized files |
Installation firstboot only |
fullrestore |
UI execution of full restore | |
mod_apache |
/etc/httpd/conf/httpd.admin /etc/httpd/conf/httpd.intranet |
UI change |
mod_country |
UI change | |
mod_crontab |
/var/spool/cron/root |
UI change |
mod_email |
/etc/mail/sendmail.mc |
UI change |
mod_firewall |
/etc/sysconfig/iptables.sh |
UI change, Network change |
mod_health_contactinfo |
UI change | |
mod_lcd |
/sa2/conf/lcdkbd.conf |
UI change |
mod_lcd/locale |
UI change | |
mod_lcd/restart |
UI change | |
mod_samba |
/etc/samba/smb.conf |
Samba Workgroup change, firewall change, public IP address change if firewall is down |
mod_security |
/sa2/web/admin/htaccess |
UI change |
mod_syslang |
UI change | |
mod_time |
/etc/sysconfig/clock |
UI change |
mod_users |
/etc/passwd /etc/htpasswd /etc/ppp/chap-secrets |
Add/Remove system user |
mod_wireless |
/etc/sysconfig/tsb/tsb_app_proc/channel |
UI change to wireless card settings, fullrestore trigger |
modem_event |
Modem status change | |
mondisk |
Harddrive status change | |
monhw/hw_err |
Hardware error detected | |
monhw/hw_limit |
Hardware limit exceeded | |
monhw/hw_ok |
Hardware status returns to OK state | |
monhw/hw_remote |
Remote Health monitoring report status | |
monhw/remote_notification |
Remote Health monitoring error notification | |
network/bring_down |
Stopping of any network interface | |
network/enable_isdn |
UI change | |
network/mod_dialin |
/etc/ppp/ioptions.dialin |
UI change |
network/mod_ipsec |
/etc/ipsec.conf |
UI change |
network/mod_proxy |
/etc/squid/squid.conf |
UI change |
network/mod_staticip |
/etc/named.conf var/named/domain.rev |
UI change of private IP address |
network/bringup |
Starting of any network interface | |
network/mod_config |
/etc/sysctl.conf |
Any network setting modification |
network/mod_ip |
/etc/ipsec.conf |
IP address change for public port |
network/mod_pptp |
/etc/inittab |
UI change to pptp VPN settings |
network/mod_snmp |
/etc/snmp/snmp.conf |
UI change to SNMP settings |
remote_health |
System Health Report | |
shutdown |
Shutdown of system | |
started |
Boot time startup scripts | |
started/lcdmsg |
Boot time LCD initialization | |
starting |
Boot time startup scripts | |
status_backup |
Backup completion status | |
status_restore |
Restore completion status | |
upgrades/autocheck |
Auto check cron job for server upgrades | |
upgrades/config |
UI change of upgrade autocheck settings | |
upgrades/current_rpms |
UI execution of Upgrade check | |
upgrades/finish |
Completion of Upgrade installation | |
upgrades/init |
System installation run only once. | |
upgrades/Newcat |
New upgrade catalog received | |
upgrades/Start |
Start of a system upgrade | |
upgrades/Status |
Status query of system upgrade progress | |
users/admin_reset |
Reset of admin user password |
There are several useful files in the
Magnia SG20. While not all of these files are ones that will help
your application integration process, they contain useful information.
File |
Contents |
/sa2/conf/BUILDINFO |
This file contains the current Magnia SG20 release number. This number is combined with the build version number and displayed on the LCD panel. |
/sa2/BUILDVERSION |
This file contains the build number of the current release. |
/sa2/conf/main.conf |
While this file contains too many fields to describe here, it is a good place to go if you want to retrieve some information about the current system configuration. Its contents are reasonably self-explanatory. |
/sa2/conf/system.conf |
This file contains several items of primary interest. The system serial number is extracted and placed in this file each time the system boots. Thus, the serial number in this file should be a reliable way of uniquely identifying the specific unit. This can be useful when implementing licensing. |
/sa2/RPMVERSIONS |
This file contains a list of all software packages installed on the system. |
Recommendation: Place your applications initials (and possibly version number) in the BUILDVERSION file. This will help users and Toshiba support to identify systems running your special version of the Magnia SG20 software. Remember that this text must fit in the 16 character LCD window (along with the other build information).
The Toshiba Magnia SG20 contains a built-in, easy to read and use LCD panel. This display is normally used to present information to the user concerning the system status and operations. Messages include items such as:
The LCD panel and the items it displays
are controlled by the internal operating system of the SG20. Because
the internal software controls the LCD panel, it is easy to add and
modify what it displays. No modifications to the system firmware
are required.
This section covers a general description of the LCD panel operation, its interface, the software controlling message display, and how to display information on the panel directly without using the Magnia SG20 provided software. There are two methods to interact with the Magnia SG20 LCD panel. When using the Magnia SG20 preinstalled software, interaction with the LCD panel is direct, through the LCD daemon. If using your own software preinstall image that does not include the Magnia SG20 software for LCD management, you can create your own programs and procedures to interact with the LCD panel and the system buttons.
The Magnia SG20 contains two main boards.
The PC motherboard contains most of the controllers and interfaces normally
associated with a PC, including the CPU, IDE controllers, serial and
parallel port controllers, etc. A second board, the mezzanine
board, contains some additional components such as the internal built
in Ethernet switch and the system LCD firmware.
Communications to the LCD display are
transmitted from the operating system software running on the main system
board through the COM1 serial port. The LCD controller firmware
listens to the serial port and displays most characters sent through
this serial port.
The LCD panel display is a two-line
display. Each line can display up to 16 characters.
In addition to display and control of the LCD panel, the LCD firmware monitors and reports the button presses of the LCD select button and the soft power button, both located on the front of the Magnia SG20.
It is possible to interact directly
with the Magnia SG20 LCD panel without using the supplied LCD control
software. This can be useful when a different operating system
has been loaded on the SG20 (such as a generic Linux system, or DOS).
Please note that the techniques described in this section are for use on operating systems other than the one normally supplied with the Magnia SG20 by Toshiba. The standard Magnia SG20 software contains a Linux daemon that controls and monitors the LCD and system buttons. Therefore, attempts to control the LCD panel or receive button press information on the standard Magnia SG20 operating system installation will conflict with the LCD control daemon.
Direct LCD message display
Because characters sent to the LCD COM1 port are automatically displayed on the LCD screen, it is very easy to display your own messages. For example, on DOS, the command:
echo Hello World > COM1
Will cause the characters Hello World to appear on the LCD panel. The equivalen Linux command is:
echo hello world > /dev/ttyS0
More complicated strings, controlling
wrapping on the two LCD lines and spacing are available. The following
table shows the characters that are accepted for printing and formatting
as part of the message text on the LCD panel.
Received Character |
Name |
Operation |
|
A-Z, a-z, 0-9 |
ASCII printable code. |
Display character at the current cursor position and advance cursor to the next location. Scroll line as needed. |
|
SP = |
Space char |
Advance the cursor to the next cursor position and scroll as needed. |
|
NL := \n |
Newline |
Advance the cursor to the next line, scrolling as needed. |
|
CR := \r |
Carriage return |
Return the cursor to the first column on the current row. |
|
ESC |
Escape |
Prepare for the next received char as a command code. |
LCD Control Codes
In addition to direct transmission
of characters to the LCD, there are several special command sequences
that can be sent to the LCD controller. These sequences are designed
to ease formatting and manipulation of the LCD display. All command
sequences begin with the escape character, and are following by a character
indicating a specific action.
The table below shows the available
escape command sequences and their use.
Received Character |
Name |
Operation |
H |
Home the cursor. | |
X |
Clear the display. | |
B |
Turn on backlight | |
b |
Turn off backlight | |
<sec>q |
Power down the system in <sec> seconds. Should only be sent at end of shutdown sequence. |
Examples of the use of these commands
appear below:
To send the LCD cursor to the top row, far left character position:
echo n e \033H > /dev/ttyS0
To clear the LCD display:
echo n e \033X > /dev/ttyS0
To turn off the backlight of the LCD display:
echo n e \033b > /dev/ttyS0
To shut the power of the system off in 10 seconds:
echo n e \03310q > /dev/ttyS0
Please note that issuance of the power off command illustrated above should not be issued unless the operating system is being shut down in an orderly manner. Sufficient time should be given for the OS to complete its shutdown procedures.
Button Status Codes
The LCD controller also monitors and
reports whenever one of the control buttons on the Magnia SG20 is pressed.
These buttons include the LCD scroll button located directly adjacent
to the LCD panel and the power down button located on the front of the
Magnia SG20 and to the right of the LCD panel.
Button status information is sent in
on the internal COM1 port.
Status values sent across the COM1
port are listed below. No preceding escape or other characters
are sent from the LCD controller to the motherboard.
Transmitted Character |
Name |
Operation |
P |
Power |
Power button pressed. |
S |
Select |
Select button pressed. |
Because these characters are sent across
the COM1 port without a CR/LF, it may be necessary to write specific
code to monitor the incoming characters. This code should place
the device in a raw mode in order to receive characters as soon as they
are sent, so that they are not buffered. While this can be accomplished
using command line level instructions, it is significantly better to
write a program to monitor and process these commands.
While command / shell scripts can be used to send information to the LCD for display with ease, monitoring and responding to button commands is best handled in a program specifically written for the purpose.
If you wish to add custom LCD messages
when using a Toshiba Magnia SG20 preinstall, you need to integrate your
messaging in to the internal messaging management system. The
internal queuing system manages the display of LCD messages, their positioning,
translation and cycling through the multiple messages available for
display using the LCD scroll button.
There is an LCD/KBD Daemon (LCDKBD)
used to coordinate client application access to the LCD/KB micro-controller
sub-system. This is a Linux daemon that runs at system startup and is
used by client applications to queue messages to display on the LCD
panel. Client applications do not directly communicate to the device.
Direct Command Line Interface
The command line interface to the LCD/KB
port is used for direct display of messages on the LCD panel. The following
describes the command line interface for script access.
setlcd [<cmd>
[<data>]] <text>
Where -<text> is an ASCII text string with NL (\n) & CR (\r) support.
Where -<cmd> is described by
the following:
Cmd |
Description |
Comment |
-clear |
Clear the display |
Clear display and homes the cursor. |
-home |
Home the cursor. |
Move to the row=1, col=1 position. |
-home2 |
Move cursor to second row. |
Move to the row=2, col=1 position. |
-col <col> |
Move the cursor to the column position |
Move the col to <col>. |
-row <row> |
Move the row to the row position |
Move the row to < row >. |
Note that because this command bypasses the message queuing system, it is reserved for use by the LCDKBD and for debugging.
Queued LCD Messages
Under normal circumstances, all LCD
messages are displayed and managed by the lcdkbd daemon. This daemon
takes messages that should be displayed on the LCD panel and places
them in a queue. Because there are multiple messages available
for display on the LCD panel, the LCD scroll button on the front of
the machine is used to communicate with the lcdkbd daemon.
When the lcdkbd daemon detects a button
press, it will cycle through the various messages in the message queue.
Some messages can be forced to the top of the queue, placing the message
on the LCD without requiring the user press the LCD button. This
technique is used for urgent messages such as alerts. Messages
can also be displayed for one time only. This type of message
appears on the LCD until the user presses the LCD scroll button, and
is then removed from the message queue so that it does not appear again.
Use the Perl object ShowMsg to tell the lcdkbd daemon to display specific messages on the LCD panel, as described below.
Adding LCD Messages
Because the contents of the LCD display
are managed by the lcdkbd daemon, display of new messages involves creating
a new message definition in an LCD message definition file. Once
defined properly, the LCD message can be displayed on the LCD panel
by sending the lcdkbd daemon an instruction. Use the following
procedure to add your own LCD message to the display message queue.
newmsg.desc=Acme Application Messages
newmsg.name=ACME
newmsg.readonly=0
newmsg.hidden=0
newmsg.msgup=-center Acme App center Running
newmsg.msgdown=-center Acme App center Not Running
newmsg.msgalert=-ontop -center Acme App center %s Error
newmsg.msgmail=-ontop -onetime
center Acme App center Check Mail
See the section below for more
information on these fields and their operation.
use SA;
use SA::LCD::Disp;
my $objDisp = SA::LCD::Disp->new();
$objDisp->ShowMsg(newmsg.msgmail);
exit(0);
This script would place the message
Acme App, and Check Mail on the first and second lines of the LCD
panel.
Here is an example of how to display
an LCD message that incorporates dynamic text, as in the newmsg.msgalert
LCD message above:
$objDisp->ShowMsg(newmsg.msgalert,
Download);
trigger mod_lcd
LCD Message Display Options
The LCD message definition files contained
in the /sa2/lang/en/lcdmsg directory contain a variety of options for
the messages displayed. The message definition file example given
above outlines these options. The fields and options contained
in this file are described here by using this example. Fields
are defined by the name of the message with a specific configuration
parameter suffix. In the example above, the message name is newmsg,
so the description field in this file is newmsg.desc.
newmsg.desc=Acme Application
Messages
The desc portion is the configuration
field parameter indicating the text description of the LCD message.
This text description will appear on the LCD configuration page in the
web administration user interface that allows the user to select which
LCD messages they wish to appear.
LCD Configuration Screen
The name suffix provides and internal
name used by the Magnia SG20 middleware to help identify the message
being displayed or configured.
newmsg.name=ACME
In this case, the name given to the
message is ACME.
newmsg.readonly=0
The readonly field specifies whether
the user will be allowed to change the LCD setting. In the default
LCD configuration screen, the IP address display, and time of day are
always checked and cannot be unchecked by the user. To allow the
user to deselect this LCD message from displaying on the LCD panel,
set the readonly field to 0. To prevent the user from deselecting
this message and force the message to always display, set the readonly
field to 0.
newmsg.hidden=0
The hidden field specifies whether
the LCD message appears on the configuration screen. Some messages,
such as health monitoring, do not even appear on the user LCD configuration
screen, and are always displayed. To prevent a message from appearing
on the configuration screen, set the hidden field to 1. To present
the message on the user configuration screen, set the hidden field to
0.
newmsg.msgup=-center Acme App center Running
newmsg.msgdown=-center Acme App center Not Running
newmsg.msgalert=-ontop -center Acme App center %s Error
newmsg.msgmail=-ontop -onetime
center Acme App center Check Mail
A single LCD message can have several
states, or sub-messages. For example, the backup message may
present the backup status as Not Performed, Started or Completed.
Only one of these messages can be displayed on the LCD panel at a time.
If the Started message is displayed, and then later the Completed
message is displayed, the Completed message will replace the Started
message.
In this example, the Acme App message
will display Acme App on the first LCD line. The second line
will be Running, Not Running, Error or Check Mail.
The following formatting options are available:
This document is for informational purposes
only. TOSHIBA MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS
DOCUMENT.
Ó 2002 Toshiba America Information Systems. All rights reserved.