def main(): params = Params() Script.registerSwitch("f:", "file=", "File to use as proxy", params.setProxyLocation) Script.registerSwitch("D", "DN", "Use DN as myproxy username", params.setDNAsUsername) Script.addDefaultOptionValue("LogLevel", "always") Script.parseCommandLine() from DIRAC.Core.Security.MyProxy import MyProxy from DIRAC.Core.Security import Locations if not params.proxyLoc: params.proxyLoc = Locations.getProxyLocation() if not params.proxyLoc: print("Can't find any valid proxy") sys.exit(1) print("Uploading proxy file %s" % params.proxyLoc) mp = MyProxy() retVal = mp.uploadProxy(params.proxyLoc, params.dnAsUsername) if not retVal["OK"]: print("Can't upload proxy:") print(" ", retVal["Message"]) sys.exit(1) print("Proxy uploaded") sys.exit(0)
def uploadProxyToMyProxy( params, DNAsUsername ): """ Upload proxy to the MyProxy server """ myProxy = MyProxy() if DNAsUsername: gLogger.verbose( "Uploading pilot proxy with group %s to %s..." % ( params.getDIRACGroup(), myProxy.getMyProxyServer() ) ) else: gLogger.verbose( "Uploading user proxy with group %s to %s..." % ( params.getDIRACGroup(), myProxy.getMyProxyServer() ) ) retVal = myProxy.getInfo( proxyInfo[ 'path' ], useDNAsUserName = DNAsUsername ) if retVal[ 'OK' ]: remainingSecs = ( int( params.getProxyRemainingSecs() / 3600 ) * 3600 ) - 7200 myProxyInfo = retVal[ 'Value' ] if 'timeLeft' in myProxyInfo and remainingSecs < myProxyInfo[ 'timeLeft' ]: gLogger.verbose( " Already uploaded" ) return True retVal = generateProxy( params ) if not retVal[ 'OK' ]: gLogger.error( " There was a problem generating proxy to be uploaded to myproxy: %s" % retVal[ 'Message' ] ) return False retVal = getProxyInfo( retVal[ 'Value' ] ) if not retVal[ 'OK' ]: gLogger.error( " There was a problem generating proxy to be uploaded to myproxy: %s" % retVal[ 'Message' ] ) return False generatedProxyInfo = retVal[ 'Value' ] retVal = myProxy.uploadProxy( generatedProxyInfo[ 'path' ], useDNAsUserName = DNAsUsername ) if not retVal[ 'OK' ]: gLogger.error( " Can't upload to myproxy: %s" % retVal[ 'Message' ] ) return False gLogger.verbose( " Uploaded" ) return True
def renewFromMyProxy(self, userDN, userGroup, lifeTime=False, chain=False): if not lifeTime: lifeTime = 43200 if not self.__useMyProxy: return S_ERROR("myproxy is disabled") #Get the chain if not chain: retVal = self.__getPemAndTimeLeft(userDN, userGroup) if not retVal['OK']: return retVal pemData = retVal['Value'][0] chain = X509Chain() retVal = chain.loadProxyFromString(pemData) if not retVal['OK']: return retVal originChainLifeTime = chain.getRemainingSecs()['Value'] maxMyProxyLifeTime = self.getMyProxyMaxLifeTime() #If we have a chain that's 0.8 of max mplifetime don't ask to mp if originChainLifeTime > maxMyProxyLifeTime * 0.8: self.log.error( "Skipping myproxy download", "user %s %s chain has %s secs and requested %s secs" % (userDN, userGroup, originChainLifeTime, maxMyProxyLifeTime)) return S_OK(chain) lifeTime *= 1.3 if lifeTime > maxMyProxyLifeTime: lifeTime = maxMyProxyLifeTime self.log.error( "Renewing proxy from myproxy", "user %s %s for %s secs" % (userDN, userGroup, lifeTime)) myProxy = MyProxy(server=self.getMyProxyServer()) retVal = myProxy.getDelegatedProxy(chain, lifeTime) if not retVal['OK']: return retVal mpChain = retVal['Value'] retVal = mpChain.getRemainingSecs() if not retVal['OK']: return S_ERROR( "Can't retrieve remaining secs from renewed proxy: %s" % retVal['Message']) mpChainSecsLeft = retVal['Value'] if mpChainSecsLeft < originChainLifeTime: self.log.info( "Chain downloaded from myproxy has less lifetime than the one stored in the db", "\n Downloaded from myproxy: %s secs\n Stored in DB: %s secs" % (mpChainSecsLeft, originChainLifeTime)) return S_OK(chain) retVal = mpChain.getDIRACGroup() if not retVal['OK']: return S_ERROR( "Can't retrieve DIRAC Group from renewed proxy: %s" % retVal['Message']) chainGroup = retVal['Value'] if chainGroup != userGroup: return S_ERROR( "Mismatch between renewed proxy group and expected: %s vs %s" % (userGroup, chainGroup)) retVal = self.storeProxy(userDN, userGroup, mpChain) if not retVal['OK']: self.log.error("Cannot store proxy after renewal", retVal['Message']) retVal = myProxy.getServiceDN() if not retVal['OK']: hostDN = userDN else: hostDN = retVal['Value'] self.logAction("myproxy renewal", hostDN, "host", userDN, userGroup) return S_OK(mpChain)
Script.registerSwitch("f:", "file=", "File to use as proxy", params.setProxyLocation) Script.registerSwitch("D", "DN", "Use DN as myproxy username", params.setDNAsUsername) Script.registerSwitch("i", "version", "Print version", params.showVersion) Script.addDefaultOptionValue("LogLevel", "always") Script.parseCommandLine() from DIRAC.FrameworkSystem.Client.ProxyManagerClient import gProxyManager from DIRAC.Core.Security.MyProxy import MyProxy from DIRAC.Core.Security.X509Chain import X509Chain from DIRAC.Core.Security import Locations, CS if not params.proxyLoc: params.proxyLoc = Locations.getProxyLocation() if not params.proxyLoc: print "Can't find any valid proxy" sys.exit(1) print "Uploading proxy file %s" % params.proxyLoc mp = MyProxy() retVal = mp.uploadProxy(params.proxyLoc, params.dnAsUsername) if not retVal['OK']: print "Can't upload proxy:" print " ", retVal['Message'] sys.exit(1) print "Proxy uploaded" sys.exit(0)