def pre_config(self): info("PRE-config actions.") self.pkgtool.install(pkgs=["ntp"]) info("<ntp> installed.") runcmd("mount -o remount,acl,user_xattr /") info("Enabled ACLs and Extended Attribute Support in /") info("END of PRE-config actions.")
def pre_install(self): info("PRE-install actions.") try: pwd.getpwnam("storm") except KeyError: runcmd("/usr/sbin/adduser -M storm") info("users storm and gridhttps added") info("END of PRE-install actions.")
def issue_cert(self, hostname=system.fqdn, hash="1024", key_prv=None, key_pub=None): """Issues a cert. hostname: CN value. key_prv: Alternate path to store the certificate's private key. key_pub: Alternate path to store the certificate's public key. """ with lcd(self.workspace): runcmd( ("openssl req -newkey rsa:%s -nodes -sha1 -keyout " "cert.key -keyform PEM -out cert.req -outform PEM " "-subj '/DC=%s/DC=%s/CN=%s'" % (hash, self.domain_comp_country, self.domain_comp, hostname))) runcmd(("openssl x509 -req -in cert.req -CA ca.pem -CAkey ca.key " "-CAcreateserial -out cert.crt -days 1")) if key_prv: runcmd("cp cert.key %s" % key_prv) info("Private key stored in '%s'." % key_prv) if key_pub: runcmd("cp cert.crt %s" % key_pub) info("Public key stored in '%s'." % key_pub)
def runcmd(self, cmd, chdir=None, fail_check=True, log_to_file=True): logfile = None if log_to_file: logfile = self.logfile r = runcmd(cmd, chdir=chdir, fail_check=fail_check, logfile=logfile) return r
def create(self, trusted_ca_dir=None): """Creates the CA public and private key. trusted_ca_dir: if set, it will copy the CA public key and the signing policy file under the trusted CA directory. """ runcmd("mkdir -p %s" % self.workspace) with lcd(self.workspace): subject = "/DC=%s/DC=%s/CN=%s" % ( self.domain_comp_country, self.domain_comp, self.common_name) runcmd(("openssl req -x509 -nodes -days 1 -newkey rsa:2048 " "-out ca.pem -outform PEM -keyout ca.key -subj " "'%s'" % subject)) if trusted_ca_dir: hash = runcmd("openssl x509 -noout -hash -in ca.pem") runcmd("cp ca.pem %s" % os.path.join(trusted_ca_dir, '.'.join([hash, '0']))) with open( os.path.join(trusted_ca_dir, '.'.join([hash, "signing_policy"])), 'w') as f: f.writelines([ "access_id_CA\tX509\t'%s'\n" % subject, "pos_rights\tglobus\tCA:sign\n", "cond_subjects\tglobus\t'\"/DC=%s/DC=%s/*\"'\n" % (self.domain_comp_country, self.domain_comp) ])
def yum(action, pkgs=None): if pkgs: r = runcmd("yum -y %s %s" % (action, " ".join(pkgs))) else: r = runcmd("yum -y %s" % action) return r
def _enable_repo(self, repofile): runcmd("wget %s -O %s" % (repofile, os.path.join(self.REPOPATH[system.distname], os.path.basename(repofile))))