def main():
params = Params()
Script.registerSwitch("f:", "file=", "File to use as proxy", params.setProxyLocation)
Script.registerSwitch("D", "DN", "Use DN as myproxy username", params.setDNAsUsername)
Script.addDefaultOptionValue("LogLevel", "always")
Script.parseCommandLine()
from DIRAC.Core.Security.MyProxy import MyProxy
from DIRAC.Core.Security import Locations
if not params.proxyLoc:
params.proxyLoc = Locations.getProxyLocation()
if not params.proxyLoc:
print("Can't find any valid proxy")
sys.exit(1)
print("Uploading proxy file %s" % params.proxyLoc)
mp = MyProxy()
retVal = mp.uploadProxy(params.proxyLoc, params.dnAsUsername)
if not retVal["OK"]:
print("Can't upload proxy:")
print(" ", retVal["Message"])
sys.exit(1)
print("Proxy uploaded")
sys.exit(0)
def uploadProxyToMyProxy( params, DNAsUsername ):
""" Upload proxy to the MyProxy server
"""
myProxy = MyProxy()
if DNAsUsername:
gLogger.verbose( "Uploading pilot proxy with group %s to %s..." % ( params.getDIRACGroup(), myProxy.getMyProxyServer() ) )
else:
gLogger.verbose( "Uploading user proxy with group %s to %s..." % ( params.getDIRACGroup(), myProxy.getMyProxyServer() ) )
retVal = myProxy.getInfo( proxyInfo[ 'path' ], useDNAsUserName = DNAsUsername )
if retVal[ 'OK' ]:
remainingSecs = ( int( params.getProxyRemainingSecs() / 3600 ) * 3600 ) - 7200
myProxyInfo = retVal[ 'Value' ]
if 'timeLeft' in myProxyInfo and remainingSecs < myProxyInfo[ 'timeLeft' ]:
gLogger.verbose( " Already uploaded" )
return True
retVal = generateProxy( params )
if not retVal[ 'OK' ]:
gLogger.error( " There was a problem generating proxy to be uploaded to myproxy: %s" % retVal[ 'Message' ] )
return False
retVal = getProxyInfo( retVal[ 'Value' ] )
if not retVal[ 'OK' ]:
gLogger.error( " There was a problem generating proxy to be uploaded to myproxy: %s" % retVal[ 'Message' ] )
return False
generatedProxyInfo = retVal[ 'Value' ]
retVal = myProxy.uploadProxy( generatedProxyInfo[ 'path' ], useDNAsUserName = DNAsUsername )
if not retVal[ 'OK' ]:
gLogger.error( " Can't upload to myproxy: %s" % retVal[ 'Message' ] )
return False
gLogger.verbose( " Uploaded" )
return True
def renewFromMyProxy(self, userDN, userGroup, lifeTime=False, chain=False):
if not lifeTime:
lifeTime = 43200
if not self.__useMyProxy:
return S_ERROR("myproxy is disabled")
#Get the chain
if not chain:
retVal = self.__getPemAndTimeLeft(userDN, userGroup)
if not retVal['OK']:
return retVal
pemData = retVal['Value'][0]
chain = X509Chain()
retVal = chain.loadProxyFromString(pemData)
if not retVal['OK']:
return retVal
originChainLifeTime = chain.getRemainingSecs()['Value']
maxMyProxyLifeTime = self.getMyProxyMaxLifeTime()
#If we have a chain that's 0.8 of max mplifetime don't ask to mp
if originChainLifeTime > maxMyProxyLifeTime * 0.8:
self.log.error(
"Skipping myproxy download",
"user %s %s chain has %s secs and requested %s secs" %
(userDN, userGroup, originChainLifeTime, maxMyProxyLifeTime))
return S_OK(chain)
lifeTime *= 1.3
if lifeTime > maxMyProxyLifeTime:
lifeTime = maxMyProxyLifeTime
self.log.error(
"Renewing proxy from myproxy",
"user %s %s for %s secs" % (userDN, userGroup, lifeTime))
myProxy = MyProxy(server=self.getMyProxyServer())
retVal = myProxy.getDelegatedProxy(chain, lifeTime)
if not retVal['OK']:
return retVal
mpChain = retVal['Value']
retVal = mpChain.getRemainingSecs()
if not retVal['OK']:
return S_ERROR(
"Can't retrieve remaining secs from renewed proxy: %s" %
retVal['Message'])
mpChainSecsLeft = retVal['Value']
if mpChainSecsLeft < originChainLifeTime:
self.log.info(
"Chain downloaded from myproxy has less lifetime than the one stored in the db",
"\n Downloaded from myproxy: %s secs\n Stored in DB: %s secs" %
(mpChainSecsLeft, originChainLifeTime))
return S_OK(chain)
retVal = mpChain.getDIRACGroup()
if not retVal['OK']:
return S_ERROR(
"Can't retrieve DIRAC Group from renewed proxy: %s" %
retVal['Message'])
chainGroup = retVal['Value']
if chainGroup != userGroup:
return S_ERROR(
"Mismatch between renewed proxy group and expected: %s vs %s" %
(userGroup, chainGroup))
retVal = self.storeProxy(userDN, userGroup, mpChain)
if not retVal['OK']:
self.log.error("Cannot store proxy after renewal",
retVal['Message'])
retVal = myProxy.getServiceDN()
if not retVal['OK']:
hostDN = userDN
else:
hostDN = retVal['Value']
self.logAction("myproxy renewal", hostDN, "host", userDN, userGroup)
return S_OK(mpChain)
Script.registerSwitch("f:", "file=", "File to use as proxy",
params.setProxyLocation)
Script.registerSwitch("D", "DN", "Use DN as myproxy username",
params.setDNAsUsername)
Script.registerSwitch("i", "version", "Print version", params.showVersion)
Script.addDefaultOptionValue("LogLevel", "always")
Script.parseCommandLine()
from DIRAC.FrameworkSystem.Client.ProxyManagerClient import gProxyManager
from DIRAC.Core.Security.MyProxy import MyProxy
from DIRAC.Core.Security.X509Chain import X509Chain
from DIRAC.Core.Security import Locations, CS
if not params.proxyLoc:
params.proxyLoc = Locations.getProxyLocation()
if not params.proxyLoc:
print "Can't find any valid proxy"
sys.exit(1)
print "Uploading proxy file %s" % params.proxyLoc
mp = MyProxy()
retVal = mp.uploadProxy(params.proxyLoc, params.dnAsUsername)
if not retVal['OK']:
print "Can't upload proxy:"
print " ", retVal['Message']
sys.exit(1)
print "Proxy uploaded"
sys.exit(0)
def renewFromMyProxy( self, userDN, userGroup, lifeTime = False, chain = False ):
if not lifeTime:
lifeTime = 43200
if not self.__useMyProxy:
return S_ERROR( "myproxy is disabled" )
#Get the chain
if not chain:
retVal = self.__getPemAndTimeLeft( userDN, userGroup )
if not retVal[ 'OK' ]:
return retVal
pemData = retVal[ 'Value' ][0]
chain = X509Chain()
retVal = chain.loadProxyFromString( pemData )
if not retVal[ 'OK' ]:
return retVal
originChainLifeTime = chain.getRemainingSecs()[ 'Value' ]
maxMyProxyLifeTime = self.getMyProxyMaxLifeTime()
#If we have a chain that's 0.8 of max mplifetime don't ask to mp
if originChainLifeTime > maxMyProxyLifeTime * 0.8:
self.log.error( "Skipping myproxy download",
"user %s %s chain has %s secs and requested %s secs" % ( userDN,
userGroup,
originChainLifeTime,
maxMyProxyLifeTime ) )
return S_OK( chain )
lifeTime *= 1.3
if lifeTime > maxMyProxyLifeTime:
lifeTime = maxMyProxyLifeTime
self.log.error( "Renewing proxy from myproxy", "user %s %s for %s secs" % ( userDN, userGroup, lifeTime ) )
myProxy = MyProxy( server = self.getMyProxyServer() )
retVal = myProxy.getDelegatedProxy( chain, lifeTime )
if not retVal[ 'OK' ]:
return retVal
mpChain = retVal[ 'Value' ]
retVal = mpChain.getRemainingSecs()
if not retVal[ 'OK' ]:
return S_ERROR( "Can't retrieve remaining secs from renewed proxy: %s" % retVal[ 'Message' ] )
mpChainSecsLeft = retVal['Value']
if mpChainSecsLeft < originChainLifeTime:
self.log.info( "Chain downloaded from myproxy has less lifetime than the one stored in the db",
"\n Downloaded from myproxy: %s secs\n Stored in DB: %s secs" % ( mpChainSecsLeft, originChainLifeTime ) )
return S_OK( chain )
retVal = mpChain.getDIRACGroup()
if not retVal[ 'OK' ]:
return S_ERROR( "Can't retrieve DIRAC Group from renewed proxy: %s" % retVal[ 'Message' ] )
chainGroup = retVal['Value']
if chainGroup != userGroup:
return S_ERROR( "Mismatch between renewed proxy group and expected: %s vs %s" % ( userGroup, chainGroup ) )
retVal = self.storeProxy( userDN, userGroup, mpChain )
if not retVal[ 'OK' ]:
self.log.error( "Cannot store proxy after renewal", retVal[ 'Message' ] )
retVal = myProxy.getServiceDN()
if not retVal[ 'OK' ]:
hostDN = userDN
else:
hostDN = retVal[ 'Value' ]
self.logAction( "myproxy renewal", hostDN, "host", userDN, userGroup )
return S_OK( mpChain )
params = Params()
Script.registerSwitch("f:", "file=", "File to use as proxy", params.setProxyLocation)
Script.registerSwitch("D", "DN", "Use DN as myproxy username", params.setDNAsUsername)
Script.registerSwitch("i", "version", "Print version", params.showVersion)
Script.addDefaultOptionValue("LogLevel", "always")
Script.parseCommandLine()
from DIRAC.FrameworkSystem.Client.ProxyManagerClient import gProxyManager
from DIRAC.Core.Security.MyProxy import MyProxy
from DIRAC.Core.Security.X509Chain import X509Chain
from DIRAC.Core.Security import Locations, CS
if not params.proxyLoc:
params.proxyLoc = Locations.getProxyLocation()
if not params.proxyLoc:
print "Can't find any valid proxy"
sys.exit(1)
print "Uploading proxy file %s" % params.proxyLoc
mp = MyProxy()
retVal = mp.uploadProxy(params.proxyLoc, params.dnAsUsername)
if not retVal["OK"]:
print "Can't upload proxy:"
print " ", retVal["Message"]
sys.exit(1)
print "Proxy uploaded"
sys.exit(0)
