def delete_file(self, fpath):
if (self.username != None) and (self.username != MY_USERNAME):
# use privsep
# do not use rmtree as we do not want root privileges
condorPrivsep.execute(self.username, os.path.dirname(fpath), '/bin/rm', ['rm', "-f", fpath], stdout_fname=None)
else:
# use the native method, if possible
os.unlink(fpath)
def update_x509_proxy_file(entry_name,username,client_id, proxy_data):
proxy_dir=factoryConfig.get_client_proxies_dir(entry_name,username)
fname_short='x509_%s.proxy'%escapeParam(client_id)
fname=os.path.join(proxy_dir,fname_short)
if username!=MY_USERNAME:
# use privsep
# all args go through the environment, so they are protected
update_proxy_env=['HEXDATA=%s'%binascii.b2a_hex(proxy_data),'FNAME=%s'%fname]
for var in ('PATH','LD_LIBRARY_PATH','PYTHON_PATH'):
if os.environ.has_key(var):
update_proxy_env.append('%s=%s'%(var,os.environ[var]))
try:
condorPrivsep.execute(username,factoryConfig.submit_dir,os.path.join(factoryConfig.submit_dir,'update_proxy.py'),['update_proxy.py'],update_proxy_env)
except condorPrivsep.ExeError, e:
raise RuntimeError,"Failed to update proxy %s in %s (user %s): %s"%(client_id,proxy_dir,username,e)
except:
def update_credential_file(username, client_id, proxy_data, request_clientname):
"""
Updates the credential file.
"""
proxy_dir = glideFactoryLib.factoryConfig.get_client_proxies_dir(username)
fname_short = 'credential_%s_%s' % (request_clientname, glideFactoryLib.escapeParam(client_id))
fname = os.path.join(proxy_dir, fname_short)
if username != MY_USERNAME:
# use privsep
# all args go through the environment, so they are protected
update_credential_env = ['HEXDATA=%s' % binascii.b2a_hex(proxy_data), 'FNAME=%s' % fname]
for var in ('PATH', 'LD_LIBRARY_PATH', 'PYTHON_PATH'):
if os.environ.has_key(var):
update_credential_env.append('%s=%s' % (var, os.environ[var]))
try:
condorPrivsep.execute(username, glideFactoryLib.factoryConfig.submit_dir, os.path.join(glideFactoryLib.factoryConfig.submit_dir, 'update_proxy.py'), ['update_proxy.py'], update_credential_env)
except condorPrivsep.ExeError, e:
raise RuntimeError, "Failed to update credential %s in %s (user %s): %s" % (client_id, proxy_dir, username, e)
except:
os.mkdir(self.dir)
except OSError,e:
raise RuntimeError,"Failed to create %s dir: %s"%(self.dir_name,e)
elif self.privsep_mkdir:
try:
# use privsep mkdir, as requested
condorPrivsep.mkdir(base_dir,os.path.basename(self.dir),self.user)
except condorPrivsep.ExeError, e:
raise RuntimeError,"Failed to create %s dir (user %s): %s"%(self.dir_name,self.user,e)
except:
raise RuntimeError,"Failed to create %s dir (user %s): Unknown privsep error"%(self.dir_name,self.user)
else:
try:
# use the execute command
# do not use the mkdir one, as we do not need root privileges
condorPrivsep.execute(self.user,base_dir,'/bin/mkdir',['mkdir',self.dir],stdout_fname=None)
except condorPrivsep.ExeError, e:
raise RuntimeError,"Failed to create %s dir (user %s): %s"%(self.dir_name,self.user,e)
except:
raise RuntimeError,"Failed to create %s dir (user %s): Unknown privsep error"%(self.dir_name,self.user)
return True
def delete_dir(self):
base_dir=os.path.dirname(self.dir)
if not os.path.isdir(base_dir):
raise RuntimeError,"Missing base %s directory %s!"%(self.dir_name,base_dir)
if self.user==MY_USERNAME:
# keep it simple, if possible
shutil.rmtree(self.dir)
elif self.privsep_mkdir:
def submitGlideins(entry_name,schedd_name,username,client_name,nr_glideins,submit_attrs,
x509_proxy_identifier,x509_proxy_security_class,x509_proxy_fname,
client_web, # None means client did not pass one, backwards compatibility
params):
global factoryConfig
submitted_jids=[]
if nr_glideins>factoryConfig.max_submits:
nr_glideins=factoryConfig.max_submits
submit_attrs_arr=[]
for e in submit_attrs:
submit_attrs_arr.append("'"+e+"'")
submit_attrs_str = string.join(submit_attrs_arr," ")
params_arr=[]
for k in params.keys():
params_arr.append(k)
params_arr.append(escapeParam(str(params[k])))
params_str=string.join(params_arr," ")
client_web_arr=[]
if client_web!=None:
client_web_arr=client_web.get_glidein_args()
client_web_str=string.join(client_web_arr," ")
# Allows for retrieving any entry description values
jobDescript=glideFactoryConfig.JobDescript(entry_name)
try:
nr_submitted=0
while (nr_submitted<nr_glideins):
if nr_submitted!=0:
time.sleep(factoryConfig.submit_sleep)
nr_to_submit=(nr_glideins-nr_submitted)
if nr_to_submit>factoryConfig.max_cluster_size:
nr_to_submit=factoryConfig.max_cluster_size
if jobDescript.data.has_key('GlobusRSL'):
glidein_rsl = jobDescript.data['GlobusRSL']
# Replace placeholder for project id
if params.has_key('ProjectId') and 'TG_PROJECT_ID' in glidein_rsl:
glidein_rsl = glidein_rsl.replace('TG_PROJECT_ID', params['ProjectId'])
else:
glidein_rsl = "none"
if username!=MY_USERNAME:
# use privsep
exe_env=['X509_USER_PROXY=%s'%x509_proxy_fname]
# need to push all the relevant env variables through
for var in os.environ.keys():
if ((var in ('PATH','LD_LIBRARY_PATH','X509_CERT_DIR')) or
(var[:8]=='_CONDOR_') or (var[:7]=='CONDOR_')):
if os.environ.has_key(var):
exe_env.append('%s=%s'%(var,os.environ[var]))
try:
submit_out=condorPrivsep.execute(username,factoryConfig.submit_dir,
os.path.join(factoryConfig.submit_dir,factoryConfig.submit_fname),
[factoryConfig.submit_fname,entry_name,client_name,x509_proxy_security_class,x509_proxy_identifier,"%i"%nr_to_submit,glidein_rsl,]+
client_web_arr+submit_attrs+
['--']+params_arr,
exe_env)
except condorPrivsep.ExeError, e:
submit_out=[]
raise RuntimeError, "condor_submit failed (user %s): %s"%(username,e)
except:
submit_out=[]
raise RuntimeError, "condor_submit failed (user %s): Unknown privsep error"%username