Dylan's Main Page

DHCP updates


Larry and Kevin Only!

This document is only for Larry and Kevin. Anyone else can read it if they feel like wasting time... nothing secret here, but this isn't for you...

You Should Already Be Set Up

If Dylan hasn't already set you up with gpg, cvs and a copy of the dhcp files from cvs, get him.

Background

The new DHCP config system uses CVS to distribute the files and GPG to ensure that they were written by the good guys. CVS has a "repository" on arthur, and you work on copies that you download to your local system. You then use gpg to sign the file you've changed, so the dhcp servers will know it's legit.

My scripts on the DHCP servers will send emails to all of us whenever anything happens. If Dylan makes a change, he, Larry and Kevin will get an email. If Dylan forgets to sign the dhcpd.hosts file, he, Larry and Kevin will get an email.

How to Make a DHCP Change

The Steps

  1. Update your local copy
  2. Make your changes
  3. Commit the changed file
  4. Make a new signature
  5. Commit the new signature
  6. Watch your email for 5 minutes

Update your local copy

You absolutely always have to do this first. This ensures that the local copy you're working on has any changes made by anyone else. If you forget this step, CVS is usually smart enough to merge your changes, but you don't really want CVS to have to be smart.

  1. open windows explorer
  2. go to the dhcp directory
  3. right-click anywhere in the directory
  4. select "CVS Update" from the right-click menu
  5. when prompted for a password, use your Arthur password

Make your changes

Open the dhcpd.hosts file in your editor of choice and make the changes you want.

Commit the Changed File

  1. right-click dhcpd.hosts
  2. select "CVS Commit" from the right-click menu
  3. New: Type a small note about the changes you made
  4. New: click OK
  5. when prompted for a password, use your Arthur password

Make a new signature

New Method

The old system broke down for Kevin, and this is the new system. Make sure you have gpg.exe somewhere in your execution path. If in doubt, search for gpg.exe and copy it to C:\windows\system32. This new method involves a batch file called signit.bat that I've added to the CVS repository. That means it will show up in your working directory the next time you do a CVS "Update"

  1. Double click on signit.bat.
  2. A dos box will pop up and ask you for your GPG key. Enter it.
  3. Verify your signature
    1. Right click on dhcp.hosts.asc
    2. Float your mouse over GPGee
    3. Click on Verify/Decrypt
  4. Continue from Commit the new signature.

If this doesn't work, contact me and I should be able to help you get things set up correctly so it will work.

Old Method - Might not work

  1. New: delete dhcpd.hosts.asc
  2. right-click dhcpd.hosts
  3. hover your mouse over "GPGee"
  4. select "sign" from the GPGee submenu

This will open the GPGee file signing utility.

  1. Make sure your signing key is listed as "Signing Keys"
  2. Make sure the Encryption Options are "None"
  3. Make sure that the only Signing Option selected is "Detached"
  4. Make sure that the only Misc. Option selected is "Text Output (ASCII Armor)"
  5. click OK
  6. when prompted for a password, use your GPG Key password

Commit the new signature

  1. right-click dhcpd.hosts.asc
  2. select "CVS Commit" from the right-click menu
  3. New: don't bother writing a comment (DO bother when you commit the dhcp.hosts file though!)
  4. New: click OK
  5. when prompted for a password, use your Arthur password

Watch your email for 5 minutes

When the DHCP servers process your files, they will send us all email saying how things went. Do NOT make changes and then walk away without reading an email from both servers saying things worked.

Because the DHCP servers check for changes every 5 minutes regardless of what you are doing, it might check in the 20 seconds between when you committed the dhcpd.hosts file and when you commit the dhcpd.hosts.asc file. If that is the case, it will send us email complaining about it. Then, 5 minutes later (assuming you've uploaded a proper signature ) it will send us another email saying everything is fine.

If you change dhcpd.hosts and forget to upload a new dhcpd.hosts.asc, we will each get an email every 5 minutes.

Troubleshooting

Bad Signature

If you get a bad signature message, try the following:

  1. Update your local copy following the directions above
  2. delete the dhcp.hosts.asc file
  3. sign the dhcp.hosts file following the directions above
  4. commit the dhcp.hosts.asc file following the directions above
  5. keep watching your email

CVS Won't Accept Changes

If you make changes, but CVS refuses to accept them, try this.

  1. Change the name of dhcp.hosts to dhcp.hosts.tmp
  2. Update your local copy following the directions above. This will fetch a new copy of dhcp.hosts from the repository.
  3. Erase the new dhcp.hosts
  4. Change the name of dhcp.hosts.tmp back to dhcp.hosts. You should see the CVS flag turn yellow.
  5. commit the dhcp.hosts file following the directions above
  6. sign the dhcp.hosts file following the directions above
  7. commit the dhcp.hosts.asc file following the directions above
  8. keep watching your email

Updated Thu Oct 26 17:27:50 PDT 2006

Dylan's Main Page