def monitorProxy( self, glexecLocation, pilotProxy, payloadProxy ):
""" Monitor the payload proxy and renew as necessary.
"""
if not os.path.exists( pilotProxy ):
return S_ERROR( 'Pilot proxy not found at %s' % pilotProxy )
if not os.path.exists( payloadProxy ):
return S_ERROR( 'Payload proxy not found at %s' % payloadProxy )
result = getProxyInfoAsString( payloadProxy )
if not result['OK']:
self.log.error( 'Could not get payload proxy info', result )
return result
self.log.info( 'Payload proxy information seen from pilot:\n%s' % result['Value'] )
gProxyManager.renewProxy( minLifeTime = self.minProxyTime,
newProxyLifeTime = self.defaultProxyTime,
proxyToConnect = pilotProxy )
if glexecLocation:
self.log.info( 'Rerunning glexec without arguments to renew payload proxy' )
result = self.glexecExecute( None, glexecLocation )
if not result['OK']:
self.log.error( result )
else:
self.log.info( 'Running without glexec, checking local proxy' )
return S_OK( 'Proxy checked' )
def monitorProxy(self,glexecLocation,pilotProxy,payloadProxy):
""" Monitor the payload proxy and renew as necessary.
"""
if not os.path.exists(pilotProxy):
return S_ERROR('Pilot proxy not found at %s' %pilotProxy)
if not os.path.exists(payloadProxy):
return S_ERROR('Payload proxy not found at %s' %payloadProxy)
result = getProxyInfoAsString(payloadProxy)
if not result['OK']:
self.log.error('Could not get payload proxy info',result)
return result
self.log.info('Payload proxy information seen from pilot:\n%s' %result['Value'])
gProxyManager.renewProxy(minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy)
if glexecLocation:
self.log.info('Rerunning glexec without arguments to renew payload proxy')
result = self.glexecExecute(None,glexecLocation)
if not result['OK']:
self.log.error(result)
else:
self.log.info('Running without glexec, checking local proxy')
return S_OK('Proxy checked')
def monitorProxy(self,pilotProxy,payloadProxy):
""" Monitor the payload proxy and renew as necessary.
"""
if not pilotProxy:
return S_OK('Using server Certificate')
if not os.path.exists(pilotProxy):
return S_ERROR('Pilot proxy not found at %s' %pilotProxy)
if not os.path.exists(payloadProxy):
return S_ERROR('Payload proxy not found at %s' %payloadProxy)
result = getProxyInfoAsString(payloadProxy)
if not result['OK']:
self.log.error('Could not get payload proxy info',result)
return result
self.log.verbose('Payload proxy information:\n%s' %result['Value'])
gProxyManager.renewProxy(minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy)
return S_OK('Proxy checked')
def _monitorProxy(self, pilotProxy, payloadProxy):
"""Base class for the monitor and update of the payload proxy, to be used in
derived classes for the basic renewal of the proxy, if further actions are
necessary they should be implemented there
"""
retVal = getProxyInfo(payloadProxy)
if not retVal['OK']:
self.log.error('Could not get payload proxy info', retVal)
return retVal
self.log.verbose('Payload Proxy information:\n%s' %
formatProxyInfoAsString(retVal['Value']))
payloadProxyDict = retVal['Value']
payloadSecs = payloadProxyDict['chain'].getRemainingSecs()['Value']
if payloadSecs > self.minProxyTime:
self.log.verbose('No need to renew payload Proxy')
return S_OK()
# if there is no pilot proxy, assume there is a certificate and try a renewal
if not pilotProxy:
self.log.info(
'Using default credentials to get a new payload Proxy')
return gProxyManager.renewProxy(
proxyToBeRenewed=payloadProxy,
minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy)
# if there is pilot proxy
retVal = getProxyInfo(pilotProxy)
if not retVal['OK']:
return retVal
pilotProxyDict = retVal['Value']
if not 'groupProperties' in pilotProxyDict:
self.log.error('Invalid Pilot Proxy',
'Group has no properties defined')
return S_ERROR('Proxy has no group properties defined')
pilotProps = pilotProxyDict['groupProperties']
# if running with a pilot proxy, use it to renew the proxy of the payload
if Properties.PILOT in pilotProps or Properties.GENERIC_PILOT in pilotProps:
self.log.info('Using Pilot credentials to get a new payload Proxy')
return gProxyManager.renewProxy(
proxyToBeRenewed=payloadProxy,
minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy)
# if we are running with other type of proxy check if they are for the same user and group
# and copy the pilot proxy if necessary
self.log.info('Trying to copy pilot Proxy to get a new payload Proxy')
pilotProxySecs = pilotProxyDict['chain'].getRemainingSecs()['Value']
if pilotProxySecs <= payloadSecs:
errorStr = 'Pilot Proxy is not longer than payload Proxy'
self.log.error(errorStr)
return S_ERROR('Can not renew by copy: %s' % errorStr)
# check if both proxies belong to the same user and group
pilotDN = pilotProxyDict['chain'].getIssuerCert(
)['Value'].getSubjectDN()['Value']
retVal = pilotProxyDict['chain'].getDIRACGroup()
if not retVal['OK']:
return retVal
pilotGroup = retVal['Value']
payloadDN = payloadProxyDict['chain'].getIssuerCert(
)['Value'].getSubjectDN()['Value']
retVal = payloadProxyDict['chain'].getDIRACGroup()
if not retVal['OK']:
return retVal
payloadGroup = retVal['Value']
if pilotDN != payloadDN or pilotGroup != payloadGroup:
errorStr = 'Pilot Proxy and payload Proxy do not have same DN and Group'
self.log.error(errorStr)
return S_ERROR('Can not renew by copy: %s' % errorStr)
if pilotProxyDict.get('hasVOMS', False):
return pilotProxyDict['chain'].dumpAllToFile(payloadProxy)
attribute = CS.getVOMSAttributeForGroup(payloadGroup)
vo = CS.getVOMSVOForGroup(payloadGroup)
retVal = VOMS().setVOMSAttributes(pilotProxyDict['chain'],
attribute=attribute,
vo=vo)
if not retVal['OK']:
return retVal
chain = retVal['Value']
return chain.dumpAllToFile(payloadProxy)
def _monitorProxy(self, pilotProxy, payloadProxy):
"""Base class for the monitor and update of the payload proxy, to be used in
derived classes for the basic renewal of the proxy, if further actions are
necessary they should be implemented there
"""
retVal = getProxyInfo(payloadProxy)
if not retVal["OK"]:
self.log.error("Could not get payload proxy info", retVal)
return retVal
self.log.verbose("Payload Proxy information:\n%s" % formatProxyInfoAsString(retVal["Value"]))
payloadProxyDict = retVal["Value"]
payloadSecs = payloadProxyDict["chain"].getRemainingSecs()["Value"]
if payloadSecs > self.minProxyTime:
self.log.verbose("No need to renew payload Proxy")
return S_OK()
# if there is no pilot proxy, assume there is a certificate and try a renewal
if not pilotProxy:
self.log.info("Using default credentials to get a new payload Proxy")
return gProxyManager.renewProxy(
proxyToBeRenewed=payloadProxy,
minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy,
)
# if there is pilot proxy
retVal = getProxyInfo(pilotProxy)
if not retVal["OK"]:
return retVal
pilotProxyDict = retVal["Value"]
if not "groupProperties" in pilotProxyDict:
self.log.error("Invalid Pilot Proxy", "Group has no properties defined")
return S_ERROR("Proxy has no group properties defined")
pilotProps = pilotProxyDict["groupProperties"]
# if running with a pilot proxy, use it to renew the proxy of the payload
if Properties.PILOT in pilotProps or Properties.GENERIC_PILOT in pilotProps:
self.log.info("Using Pilot credentials to get a new payload Proxy")
return gProxyManager.renewProxy(
proxyToBeRenewed=payloadProxy,
minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy,
)
# if we are running with other type of proxy check if they are for the same user and group
# and copy the pilot proxy if necessary
self.log.info("Trying to copy pilot Proxy to get a new payload Proxy")
pilotProxySecs = pilotProxyDict["chain"].getRemainingSecs()["Value"]
if pilotProxySecs <= payloadSecs:
errorStr = "Pilot Proxy is not longer than payload Proxy"
self.log.error(errorStr)
return S_ERROR("Can not renew by copy: %s" % errorStr)
# check if both proxies belong to the same user and group
pilotDN = pilotProxyDict["chain"].getIssuerCert()["Value"].getSubjectDN()["Value"]
retVal = pilotProxyDict["chain"].getDIRACGroup()
if not retVal["OK"]:
return retVal
pilotGroup = retVal["Value"]
payloadDN = payloadProxyDict["chain"].getIssuerCert()["Value"].getSubjectDN()["Value"]
retVal = payloadProxyDict["chain"].getDIRACGroup()
if not retVal["OK"]:
return retVal
payloadGroup = retVal["Value"]
if pilotDN != payloadDN or pilotGroup != payloadGroup:
errorStr = "Pilot Proxy and payload Proxy do not have same DN and Group"
self.log.error(errorStr)
return S_ERROR("Can not renew by copy: %s" % errorStr)
if pilotProxyDict.get("hasVOMS", False):
return pilotProxyDict["chain"].dumpAllToFile(payloadProxy)
attribute = CS.getVOMSAttributeForGroup(payloadGroup)
vo = CS.getVOMSVOForGroup(payloadGroup)
retVal = VOMS().setVOMSAttributes(pilotProxyDict["chain"], attribute=attribute, vo=vo)
if not retVal["OK"]:
return retVal
chain = retVal["Value"]
return chain.dumpAllToFile(payloadProxy)
def _monitorProxy(self, payloadProxy=None):
"""Base class for the monitor and update of the payload proxy, to be used in
derived classes for the basic renewal of the proxy, if further actions are
necessary they should be implemented there
:param str payloadProxy: location of the payload proxy file
:returns: S_OK(filename)/S_ERROR
"""
if not payloadProxy:
return S_ERROR("No payload proxy")
# This will get the pilot proxy
ret = getProxyInfo()
if not ret["OK"]:
pilotProxy = None
else:
pilotProxy = ret["Value"]["path"]
self.log.notice("Pilot Proxy:", pilotProxy)
retVal = getProxyInfo(payloadProxy)
if not retVal["OK"]:
self.log.error("Could not get payload proxy info", retVal)
return retVal
self.log.verbose("Payload Proxy information:\n%s" %
formatProxyInfoAsString(retVal["Value"]))
payloadProxyDict = retVal["Value"]
payloadSecs = payloadProxyDict["chain"].getRemainingSecs()["Value"]
if payloadSecs > self.minProxyTime:
self.log.verbose("No need to renew payload Proxy")
return S_OK()
# if there is no pilot proxy, assume there is a certificate and try a renewal
if not pilotProxy:
self.log.info(
"Using default credentials to get a new payload Proxy")
return gProxyManager.renewProxy(
proxyToBeRenewed=payloadProxy,
minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy,
)
# if there is pilot proxy
retVal = getProxyInfo(pilotProxy)
if not retVal["OK"]:
return retVal
pilotProxyDict = retVal["Value"]
if "groupProperties" not in pilotProxyDict:
self.log.error("Invalid Pilot Proxy",
"Group has no properties defined")
return S_ERROR("Proxy has no group properties defined")
pilotProps = pilotProxyDict["groupProperties"]
# if running with a pilot proxy, use it to renew the proxy of the payload
if Properties.PILOT in pilotProps or Properties.GENERIC_PILOT in pilotProps:
self.log.info("Using Pilot credentials to get a new payload Proxy")
return gProxyManager.renewProxy(
proxyToBeRenewed=payloadProxy,
minLifeTime=self.minProxyTime,
newProxyLifeTime=self.defaultProxyTime,
proxyToConnect=pilotProxy,
)
# if we are running with other type of proxy check if they are for the same user and group
# and copy the pilot proxy if necessary
self.log.info("Trying to copy pilot Proxy to get a new payload Proxy")
pilotProxySecs = pilotProxyDict["chain"].getRemainingSecs()["Value"]
if pilotProxySecs <= payloadSecs:
errorStr = "Pilot Proxy is not longer than payload Proxy"
self.log.error(errorStr)
return S_ERROR("Can not renew by copy: %s" % errorStr)
# check if both proxies belong to the same user and group
pilotDN = pilotProxyDict["chain"].getIssuerCert(
)["Value"].getSubjectDN()["Value"]
retVal = pilotProxyDict["chain"].getDIRACGroup()
if not retVal["OK"]:
return retVal
pilotGroup = retVal["Value"]
payloadDN = payloadProxyDict["chain"].getIssuerCert(
)["Value"].getSubjectDN()["Value"]
retVal = payloadProxyDict["chain"].getDIRACGroup()
if not retVal["OK"]:
return retVal
payloadGroup = retVal["Value"]
if pilotDN != payloadDN or pilotGroup != payloadGroup:
errorStr = "Pilot Proxy and payload Proxy do not have same DN and Group"
self.log.error(errorStr)
return S_ERROR("Can not renew by copy: %s" % errorStr)
if pilotProxyDict.get("hasVOMS", False):
return pilotProxyDict["chain"].dumpAllToFile(payloadProxy)
attribute = Registry.getVOMSAttributeForGroup(payloadGroup)
vo = Registry.getVOMSVOForGroup(payloadGroup)
retVal = VOMS().setVOMSAttributes(pilotProxyDict["chain"],
attribute=attribute,
vo=vo)
if not retVal["OK"]:
return retVal
chain = retVal["Value"]
return chain.dumpAllToFile(payloadProxy)
