Exemple #1
0
    def _enable_xacml(self):
        """
        Enable authorization services using xacml protocol
        """

        self.log("Updating " + GSI_AUTHZ_LOCATION, level=logging.INFO)

        gsi_contents = "globus_mapping liblcas_lcmaps_gt4_mapping.so lcmaps_callout\n"
        if not utilities.atomic_write(GSI_AUTHZ_LOCATION, gsi_contents):
            self.log("Error while writing to " + GSI_AUTHZ_LOCATION,
                     level=logging.ERROR)
            raise exceptions.ConfigureError("Error while writing to " +
                                            GSI_AUTHZ_LOCATION)

        self.log("Updating " + GUMS_CLIENT_LOCATION, level=logging.INFO)
        location_re = re.compile("^gums.location=.*$", re.MULTILINE)
        authz_re = re.compile("^gums.authz=.*$", re.MULTILINE)
        if not validation.valid_file(GUMS_CLIENT_LOCATION):
            gums_properties = "gums.location=https://%s:8443" % (self.options['gums_host'].value)
            gums_properties += "/gums/services/GUMSAdmin\n"
            gums_properties += "gums.authz=https://%s:8443" % (self.options['gums_host'].value)
            gums_properties += "/gums/services/GUMSXACMLAuthorizationServicePort"
        else:
            gums_properties = open(GUMS_CLIENT_LOCATION).read()
            replacement = "gums.location=https://%s:8443" % (self.options['gums_host'].value)
            replacement += "/gums/services/GUMSAdmin"
            gums_properties = location_re.sub(replacement, gums_properties)
            replacement = "gums.authz=https://%s:8443" % (self.options['gums_host'].value)
            replacement += "/gums/services/GUMSXACMLAuthorizationServicePort"
            gums_properties = authz_re.sub(replacement, gums_properties)
        utilities.atomic_write(GUMS_CLIENT_LOCATION, gums_properties)
Exemple #2
0
    def _update_lcmaps_file(self, gums=True):
        """
        Update lcmaps file and give appropriate messages if lcmaps.db.rpmnew exists
        """
        warning_message = """It appears that you've updated the lcmaps RPM and the
configuration has changed.
If you have ever edited /etc/lcmaps.db by hand (most people don't), then you
should:
   1. Edit /etc/lcmaps.db.rpmnew to make your changes again
   2. mv /etc/lcmaps.db.rpmnew /etc/lcmaps.db
If you haven't edited /etc/lcmaps.db by hand, then you can just use the new
configuration:
   1. mv /etc/lcmaps.db.rpmnew /etc/lcmaps.db"""

        files_to_update = [LCMAPS_DB_LOCATION]
        rpmnew_file = LCMAPS_DB_LOCATION + ".rpmnew"
        if validation.valid_file(rpmnew_file):
            self.log(warning_message, level=logging.WARNING)
            files_to_update.append(rpmnew_file)

        for lcmaps_db_file in files_to_update:
            self.log("Updating " + lcmaps_db_file, level=logging.INFO)
            lcmaps_db = open(lcmaps_db_file).read()

            lcmaps_db = self._update_lcmaps_text(lcmaps_db, gums, self.options['gums_host'].value)

            utilities.atomic_write(lcmaps_db_file, lcmaps_db)
Exemple #3
0
    def _configure_condor_cron_ids(self):
        """Ensure UID/GID of cndrcron user is valid and is in the condor-cron configs
        :raise ConfigFailed: if modifying condor-cron configs failed

        """
        # check the uid/gid in the condor_ids file
        condor_id_fname = "/etc/condor-cron/config.d/condor_ids"
        ids = open(condor_id_fname, "r", encoding="latin-1").read()
        id_regex = re.compile(r'^\s*CONDOR_IDS\s+=\s+(\d+)\.(\d+).*',
                              re.MULTILINE)
        condor_ent = pwd.getpwnam('cndrcron')
        match = id_regex.search(ids)
        if ((match is not None)
                and (((int(match.group(1)) != condor_ent.pw_uid) or
                      (int(match.group(2)) != condor_ent.pw_gid)))):
            self.log("Condor-cron uid/gid not correct, correcting",
                     level=logging.ERROR)
            (ids, count) = id_regex.subn(
                "CONDOR_IDS  = %s.%s" % (condor_ent.pw_uid, condor_ent.pw_gid),
                ids, 1)
            if count == 0:
                self.log(
                    "Can't correct condor-cron uid/gid, please double check",
                    level=logging.ERROR)
            if not utilities.atomic_write(
                    condor_id_fname, ids, encoding="latin-1"):
                raise exceptions.ConfigureError
        elif match is None:
            ids += "CONDOR_IDS = %d.%d\n" % (condor_ent.pw_uid,
                                             condor_ent.pw_gid)
            if not utilities.atomic_write(
                    condor_id_fname, ids, encoding="latin-1"):
                raise exceptions.ConfigureError
Exemple #4
0
    def _write_lcmaps_file(self):
        old_lcmaps_contents = utilities.read_file(LCMAPS_DB_LOCATION,
                                                  default='')
        if old_lcmaps_contents and 'THIS FILE WAS WRITTEN BY OSG-CONFIGURE' not in old_lcmaps_contents:
            backup_path = LCMAPS_DB_LOCATION + '.pre-configure'
            self.log("Backing up %s to %s" % (LCMAPS_DB_LOCATION, backup_path),
                     level=logging.WARNING)
            if not utilities.atomic_write(backup_path, old_lcmaps_contents):
                msg = "Unable to back up old lcmaps.db to %s" % backup_path
                self.log(msg, level=logging.ERROR)
                raise exceptions.ConfigureError(msg)

        self.log("Writing " + LCMAPS_DB_LOCATION, level=logging.INFO)
        if self.authorization_method == 'xacml':
            lcmaps_template_fn = 'lcmaps.db.gums'
        elif self.authorization_method == 'gridmap' or self.authorization_method == 'local-gridmap':
            lcmaps_template_fn = 'lcmaps.db.gridmap'
        elif self.authorization_method == 'vomsmap':
            if self.all_fqans:
                lcmaps_template_fn = 'lcmaps.db.vomsmap.allfqans'
            else:
                lcmaps_template_fn = 'lcmaps.db.vomsmap'
        else:
            assert False

        lcmaps_template_path = os.path.join(LCMAPS_DB_TEMPLATES_LOCATION,
                                            lcmaps_template_fn)

        if not validation.valid_file(lcmaps_template_path):
            msg = "lcmaps.db template file not found at %s; ensure lcmaps-db-templates >= 1.6.6-1.8" \
                  " is installed or set edit_lcmaps_db=False" % lcmaps_template_path
            self.log(msg, level=logging.ERROR)
            raise exceptions.ConfigureError(msg)

        old_lcmaps_contents = utilities.read_file(LCMAPS_DB_LOCATION,
                                                  default='')
        if old_lcmaps_contents and 'THIS FILE WAS WRITTEN BY OSG-CONFIGURE' not in old_lcmaps_contents:
            backup_path = LCMAPS_DB_LOCATION + '.pre-configure'
            self.log("Backing up %s to %s" % (LCMAPS_DB_LOCATION, backup_path),
                     level=logging.WARNING)
            try:
                shutil.copy2(LCMAPS_DB_LOCATION, backup_path)
            except EnvironmentError as err:
                msg = "Unable to back up old lcmaps.db: " + str(err)
                self.log(msg, level=logging.ERROR)
                raise exceptions.ConfigureError(msg)

        lcmaps_contents = utilities.read_file(lcmaps_template_path)
        lcmaps_contents = (
            "# THIS FILE WAS WRITTEN BY OSG-CONFIGURE AND WILL BE OVERWRITTEN ON FUTURE RUNS\n"
            "# Set edit_lcmaps_db = False in the [%s] section of your OSG configuration to\n"
            "# keep your changes.\n" % self.config_section +
            lcmaps_contents.replace('@GUMSHOST@',
                                    str(self.options['gums_host'].value)))
        if not utilities.atomic_write(LCMAPS_DB_LOCATION, lcmaps_contents):
            msg = "Error while writing to " + LCMAPS_DB_LOCATION
            self.log(msg, level=logging.ERROR)
            raise exceptions.ConfigureError(msg)
Exemple #5
0
 def write_blah_disable_wn_proxy_renewal_to_blah_config(self):
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         contents = utilities.add_or_replace_setting(
             contents,
             "blah_disable_wn_proxy_renewal",
             "yes",
             quote_value=True)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
Exemple #6
0
 def set_pbs_pro_in_blah_config(self):
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         new_value = "yes" if self.opt_val('pbs_flavor') == "pro" else "no"
         contents = utilities.add_or_replace_setting(contents,
                                                     "pbs_pro",
                                                     new_value,
                                                     quote_value=False)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
Exemple #7
0
 def write_lsf_confpath_to_blah_config(self):
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         contents = utilities.add_or_replace_setting(
             contents,
             'lsf_confpath',
             self.options['lsf_conf'].value,
             quote_value=True)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
 def write_blah_disable_wn_proxy_renewal_to_blah_config(self):
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         for option, value in [("blah_disable_wn_proxy_renewal", "yes"),
                               ("blah_delegate_renewed_proxies", "no"),
                               ("blah_disable_limited_proxy", "yes")]:
             contents = utilities.add_or_replace_setting(contents, option, value,
                                                         quote_value=True)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
 def write_htcondor_ce_sentinel(self):
     if self.htcondor_gateway_enabled and utilities.ce_installed():
         contents = utilities.read_file(
             self.HTCONDOR_CE_CONFIG_FILE,
             default="# This file is managed by osg-configure\n")
         contents = utilities.add_or_replace_setting(contents,
                                                     "OSG_CONFIGURED",
                                                     "true",
                                                     quote_value=False)
         utilities.atomic_write(self.HTCONDOR_CE_CONFIG_FILE, contents)
Exemple #10
0
 def write_gridmap_to_htcondor_ce_config(self):
     contents = utilities.read_file(HTCONDOR_CE_CONFIG_FILE,
                                    default="# This file is managed by osg-configure\n")
     if self.options['authorization_method'].value == 'xacml':
         # Remove GRIDMAP setting
         contents = re.sub(r'(?m)^\s*GRIDMAP\s*=.*?$[\n]?', "", contents)
     else:
         contents = utilities.add_or_replace_setting(contents, "GRIDMAP", "/etc/grid-security/grid-mapfile",
                                                     quote_value=False)
     utilities.atomic_write(HTCONDOR_CE_CONFIG_FILE, contents)
Exemple #11
0
    def configure(self, attributes):
        """
        Setup basic osg/vdt services
        """

        self.log("NetworkConfiguration.configure started")
        status = True

        header = "# This file is automatically generated by osg-configure\n"
        header += "# based on the settings in the [Network] section, please\n"
        header += "# make changes there instead of manually editing this file\n"
        source_settings_sh = ''
        source_settings_csh = ''
        port_settings_sh = ''
        port_settings_csh = ''
        if not utilities.blank(self.options['source_range'].value):
            source_settings_sh = "export GLOBUS_TCP_SOURCE_RANGE_STATE_FILE=%s\n" % \
                                 self.options['source_state_file'].value
            source_settings_sh += "export GLOBUS_TCP_SOURCE_RANGE=%s\n" % \
                                  self.options['source_range'].value
            source_settings_csh = "setenv GLOBUS_TCP_SOURCE_RANGE_STATE_FILE %s\n" % \
                                  self.options['source_state_file'].value
            source_settings_csh += "setenv GLOBUS_TCP_SOURCE_RANGE %s\n" % \
                                   self.options['source_range'].value
        if not utilities.blank(self.options['port_range'].value):
            port_settings_sh = "export GLOBUS_TCP_PORT_RANGE_STATE_FILE=%s\n" % \
                               self.options['port_state_file'].value
            port_settings_sh += "export GLOBUS_TCP_PORT_RANGE=%s\n" % \
                                self.options['port_range'].value
            port_settings_csh = "setenv GLOBUS_TCP_PORT_RANGE_STATE_FILE %s\n" % \
                                self.options['port_state_file'].value
            port_settings_csh += "setenv GLOBUS_TCP_PORT_RANGE %s\n" % \
                                 self.options['port_range'].value
        contents = "#!/bin/sh\n" + header + source_settings_sh + port_settings_sh
        filename = os.path.join('/', 'var', 'lib', 'osg', 'globus-firewall')
        if not utilities.atomic_write(filename, contents):
            self.log("Error writing to %s" % filename,
                     level=logging.ERROR)
            status = False
        filename = os.path.join('/', 'etc', 'profile.d', 'osg.sh')
        if not utilities.atomic_write(filename, contents):
            self.log("Error writing to %s" % filename,
                     level=logging.ERROR)
            status = False
        contents = "#!/bin/csh\n" + header + source_settings_csh + port_settings_csh
        filename = os.path.join('/', 'etc', 'profile.d', 'osg.csh')
        if not utilities.atomic_write(filename, contents):
            self.log("Error writing to %s" % filename,
                     level=logging.ERROR)
            status = False

        self.log("NetworkConfiguration.configure completed")
        return status
Exemple #12
0
    def _write_route_config_vars(self):
        """
        Write condor-ce config attributes for the bosco job route. Sets values for:
        - BOSCO_RMS
        - BOSCO_ENDPOINT

        """
        contents = utilities.read_file(self.HTCONDOR_CE_CONFIG_FILE,
                                       default="# This file is managed by osg-configure\n")
        contents = utilities.add_or_replace_setting(contents, "BOSCO_RMS", self.options['batch'].value,
                                                    quote_value=False)
        contents = utilities.add_or_replace_setting(contents, "BOSCO_ENDPOINT", self.options['endpoint'].value,
                                                    quote_value=False)
        utilities.atomic_write(self.HTCONDOR_CE_CONFIG_FILE, contents)
Exemple #13
0
    def setup_gram_config(self):
        """
        Populate the gram config file with correct values

        Returns True if successful, False otherwise
        """
        buf = open(LSFConfiguration.GRAM_CONFIG_FILE).read()
        for binfile in ['bsub', 'bqueues', 'bjobs', 'bhist', 'bacct', 'bkill']:
            bin_location = os.path.join(self.lsf_bin_location, binfile)
            if validation.valid_file(bin_location):
                buf = utilities.add_or_replace_setting(buf, binfile, 'bin_location')

        if self.options['seg_enabled'].value:
            if (self.options['log_directory'].value is None or
                    not validation.valid_directory(self.options['log_directory'].value)):
                mesg = "%s is not a valid directory location " % self.options['log_directory'].value
                mesg += "for lsf log files"
                self.log(mesg,
                         section=self.config_section,
                         option='log_directory',
                         level=logging.ERROR)
                return False

            buf = utilities.add_or_replace_setting(buf, 'log_path', self.options['log_directory'].value)

        buf = utilities.add_or_replace_setting(buf, 'lsf_profile', self.options['lsf_profile'].value)

        if not utilities.atomic_write(LSFConfiguration.GRAM_CONFIG_FILE, buf):
            return False
        return True
Exemple #14
0
    def setup_gram_config(self):
        """
        Populate the gram config file with correct values

        Returns True if successful, False otherwise
        """
        contents = open(PBSConfiguration.GRAM_CONFIG_FILE).read()
        for binfile in ['qsub', 'qstat', 'qdel']:
            bin_location = os.path.join(self.pbs_bin_location, binfile)
            if validation.valid_file(bin_location):
                contents = utilities.add_or_replace_setting(contents, binfile, bin_location)

        if self.options['pbs_server'].value != '':
            contents = utilities.add_or_replace_setting(contents, 'pbs_default', self.options['pbs_server'].value)

        if self.options['seg_enabled'].value:
            if (self.options['log_directory'].value is None or
                    not validation.valid_directory(self.options['log_directory'].value)):
                mesg = "%s is not a valid directory location " % self.options['log_directory'].value
                mesg += "for pbs log files"
                self.log(mesg,
                         section=self.config_section,
                         option='log_directory',
                         level=logging.ERROR)
                return False

            contents = utilities.add_or_replace_setting(contents, 'log_path', self.options['log_directory'].value)

        if not utilities.atomic_write(PBSConfiguration.GRAM_CONFIG_FILE, contents):
            return False

        return True
    def _write_ce_collector_attributes_file(self, attributes_file):
        """Write config file that contains the osg attributes for the
        CE-Collector to advertise

        """
        schedd_attrs_list = ["$(SCHEDD_ATTRS)"]
        attributes_file_lines = []

        for name, value in [
            ('OSG_Resource', self.osg_resource),
            ('OSG_ResourceGroup', self.osg_resource_group),
            ('OSG_BatchSystems', ",".join(self.enabled_batch_systems))
        ]:
            attributes_file_lines.append("%s = %s" % (name, utilities.classad_quote(value)))
            schedd_attrs_list.append(name)

        if self.resource_catalog:
            attributes_file_lines.append(self.resource_catalog.compose_text())
            schedd_attrs_list.append('OSG_ResourceCatalog')

        attributes_file_contents = (
            "# Do not edit - file generated by osg-configure\n"
            + "\n".join(attributes_file_lines) + "\n"
            + "SCHEDD_ATTRS = " + " ".join(schedd_attrs_list) + "\n"
        )

        return utilities.atomic_write(attributes_file, attributes_file_contents)
    def _write_ce_collector_attributes_file(self, attributes_file):
        """Write config file that contains the osg attributes for the
        CE-Collector to advertise

        """
        schedd_attrs_list = ["$(SCHEDD_ATTRS)"]
        attributes_file_lines = []

        for name, value in [('OSG_Resource', self.osg_resource),
                            ('OSG_ResourceGroup', self.osg_resource_group),
                            ('OSG_BatchSystems',
                             ",".join(self.enabled_batch_systems))]:
            attributes_file_lines.append(
                "%s = %s" % (name, utilities.classad_quote(value)))
            schedd_attrs_list.append(name)

        if self.resource_catalog:
            attributes_file_lines.append(self.resource_catalog.compose_text())
            schedd_attrs_list.append('OSG_ResourceCatalog')

        attributes_file_contents = (
            "# Do not edit - file generated by osg-configure\n" +
            "\n".join(attributes_file_lines) + "\n" + "SCHEDD_ATTRS = " +
            " ".join(schedd_attrs_list) + "\n")

        return utilities.atomic_write(attributes_file,
                                      attributes_file_contents)
 def write_binpaths_to_blah_config(self, jobmanager, submit_binpath):
     """
     Change the *_binpath variables in /etc/blah.config for the given
     jobmanager to point to the locations specified by the user in the
     config for that jobmanager. Does not do anything if /etc/blah.config
     is missing (e.g. if blahp is not installed).
     :param jobmanager: The name of a job manager that has a _binpath
       variable in /etc/blah.config
     :param submit_binpath: The fully-qualified path to the submit
       executables for that jobmanager
     """
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         contents = utilities.add_or_replace_setting(contents, jobmanager + "_binpath", submit_binpath,
                                                     quote_value=False)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
Exemple #18
0
    def _configure_slurm_probe(self):
        """
        Do SLURM probe specific configuration
        """
        config_location = GRATIA_CONFIG_FILES['slurm']
        buf = file(config_location).read()

        settings = self._probe_config['slurm']
        if not validation.valid_file(settings['db_pass']):
            self.log("Slurm DB password file not present",
                     level=logging.ERROR,
                     option='db_pass',
                     section='SLURM')
            return True

        buf = self.replace_setting(buf, 'SlurmDbHost', settings['db_host'])
        buf = self.replace_setting(buf, 'SlurmDbPort', settings['db_port'])
        buf = self.replace_setting(buf, 'SlurmDbUser', settings['db_user'])
        buf = self.replace_setting(buf, 'SlurmDbPasswordFile',
                                   settings['db_pass'])
        buf = self.replace_setting(buf, 'SlurmDbName', settings['db_name'])
        buf = self.replace_setting(buf, 'SlurmCluster', settings['cluster'])
        buf = self.replace_setting(buf, 'SlurmLocation', settings['location'])

        if not utilities.atomic_write(config_location, buf):
            return False
        return True
 def write_binpaths_to_blah_config(self, jobmanager, submit_binpath):
     """
     Change the *_binpath variables in /etc/blah.config for the given
     jobmanager to point to the locations specified by the user in the
     config for that jobmanager. Does not do anything if /etc/blah.config
     is missing (e.g. if blahp is not installed).
     :param jobmanager: The name of a job manager that has a _binpath
       variable in /etc/blah.config
     :param submit_binpath: The fully-qualified path to the submit
       executables for that jobmanager
     """
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         contents = utilities.add_or_replace_setting(contents, jobmanager + "_binpath", submit_binpath,
                                                     quote_value=True)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
Exemple #20
0
    def _configure_slurm_probe(self):
        """
        Do SLURM probe specific configuration
        """
        config_location = GRATIA_CONFIG_FILES['slurm']
        buf = file(config_location).read()

        settings = self._probe_config['slurm']
        if not validation.valid_file(settings['db_pass']):
            self.log("Slurm DB password file not present",
                     level=logging.ERROR,
                     option='db_pass',
                     section='SLURM')
            return True

        buf = self.replace_setting(buf, 'SlurmDbHost', settings['db_host'])
        buf = self.replace_setting(buf, 'SlurmDbPort', settings['db_port'])
        buf = self.replace_setting(buf, 'SlurmDbUser', settings['db_user'])
        buf = self.replace_setting(buf, 'SlurmDbPasswordFile', settings['db_pass'])
        buf = self.replace_setting(buf, 'SlurmDbName', settings['db_name'])
        buf = self.replace_setting(buf, 'SlurmCluster', settings['cluster'])
        buf = self.replace_setting(buf, 'SlurmLocation', settings['location'])

        if not utilities.atomic_write(config_location, buf):
            return False
        return True
Exemple #21
0
    def setup_gram_config(self):
        """
        Populate the gram config file with correct values

        Returns True if successful, False otherwise
        """
        buf = open(LSFConfiguration.GRAM_CONFIG_FILE).read()
        for binfile in ['bsub', 'bqueues', 'bjobs', 'bhist', 'bacct', 'bkill']:
            bin_location = os.path.join(self.lsf_bin_location, binfile)
            if validation.valid_file(bin_location):
                buf = utilities.add_or_replace_setting(buf, binfile,
                                                       'bin_location')

        if self.options['seg_enabled'].value:
            if (self.options['log_directory'].value is None
                    or not validation.valid_directory(
                        self.options['log_directory'].value)):
                mesg = "%s is not a valid directory location " % self.options[
                    'log_directory'].value
                mesg += "for lsf log files"
                self.log(mesg,
                         section=self.config_section,
                         option='log_directory',
                         level=logging.ERROR)
                return False

            buf = utilities.add_or_replace_setting(
                buf, 'log_path', self.options['log_directory'].value)

        buf = utilities.add_or_replace_setting(
            buf, 'lsf_profile', self.options['lsf_profile'].value)

        if not utilities.atomic_write(LSFConfiguration.GRAM_CONFIG_FILE, buf):
            return False
        return True
Exemple #22
0
    def _configure_pbs_probe(self):
        """
        Do pbs probe specific configuration
        """
        if (self._probe_config['pbs']['accounting_log_directory'] is None or
                self._probe_config['pbs']['accounting_log_directory'] == ''):
            return True
        accounting_dir = self._probe_config['pbs']['accounting_log_directory']
        if not validation.valid_directory(accounting_dir):
            self.log(
                "PBS accounting log not present, PBS gratia probe not configured",
                level=logging.ERROR,
                option='accounting_log_directory',
                section='PBS')
            return True

        config_location = GRATIA_CONFIG_FILES['pbs']
        buf = file(config_location).read()
        buf = self.replace_setting(buf,
                                   'pbsAcctLogDir',
                                   accounting_dir,
                                   xml_file=False)
        buf = self.replace_setting(buf, 'lrmsType', 'pbs', xml_file=False)
        if not utilities.atomic_write(config_location, buf):
            return False
        return True
Exemple #23
0
    def setup_gram_config(self):
        """
        Populate the gram config file with correct values

        Returns True if successful, False otherwise
        """
        buf = open(SGEConfiguration.GRAM_CONFIG_FILE).read()

        for binfile in ['qsub', 'qstat', 'qdel', 'qconf']:
            bin_location = os.path.join(self.options['sge_bin_location'].value, binfile)
            if validation.valid_file(bin_location):
                buf = utilities.add_or_replace_setting(buf, binfile, bin_location)

        for setting in ['sge_cell', 'sge_root', 'sge_config']:
            buf = utilities.add_or_replace_setting(buf, setting, self.options[setting].value)

        if self.options['seg_enabled'].value:
            buf = utilities.add_or_replace_setting(buf, 'log_path', self.options['log_file'].value)

        if self.options['default_queue'].value != '':
            buf = utilities.add_or_replace_setting(buf, 'default_queue', self.options['default_queue'].value)

            if self.options['validate_queues'].value:
                buf = utilities.add_or_replace_setting(buf, 'validate_queues', 'yes', quote_value=False)
            else:
                buf = utilities.add_or_replace_setting(buf, 'validate_queues', 'no', quote_value=False)

        if self.options['available_queues'].value != '':
            buf = utilities.add_or_replace_setting(buf, 'available_queues', self.options['available_queues'].value)

        if not utilities.atomic_write(SGEConfiguration.GRAM_CONFIG_FILE, buf):
            return False
        return True
Exemple #24
0
    def setup_htcondor_ce_config(self):
        """
        Populate the config file that tells htcondor-ce where the condor
        pool is and where the spool directory is.

        Returns True if successful, False otherwise
        """
        if not utilities.rpm_installed('htcondor-ce'):
            self.log("Unable to configure htcondor-ce for Condor: htcondor-ce not installed", level=logging.ERROR)
            return False

        def get_condor_ce_config_val(variable):
            return utilities.get_condor_config_val(variable, executable='condor_ce_config_val', quiet_undefined=True)

        # Get values for the settings we want to update. We can get the
        # values from condor_config_val; in the case of JOB_ROUTER_SCHEDD2_NAME,
        # we have FULL_HOSTNAME as a fallback in case SCHEDD_NAME is missing.
        # We also get the current / default value from condor_ce_config_val;
        # only update the setting in case the value from
        # condor_config_val is different from the value from condor_ce_config_val.
        condor_ce_config = {}
        for condor_ce_config_key, condor_config_keys in [
            ('JOB_ROUTER_SCHEDD2_NAME', ['SCHEDD_NAME', 'FULL_HOSTNAME']),
            ('JOB_ROUTER_SCHEDD2_POOL', ['COLLECTOR_HOST']),
            ('JOB_ROUTER_SCHEDD2_SPOOL', ['SPOOL'])]:

            condor_config_value = None
            for condor_config_value in (utilities.get_condor_config_val(k, quiet_undefined=True) for k in
                                        condor_config_keys):
                if condor_config_value:
                    break

            condor_ce_config_value = get_condor_ce_config_val(condor_ce_config_key)
            if not (condor_config_value or condor_ce_config_value):
                self.log("Unable to determine value for %s from %s and default not set; check your Condor config" %
                         (condor_ce_config_key, ' or '.join(condor_config_keys)), level=logging.ERROR)
                return False
            elif not condor_config_value:
                continue  # can't set anything for this

            # Special case for JOB_ROUTER_SCHEDD2_POOL: append port if necessary (SOFTWARE-1744)
            if condor_ce_config_key == 'JOB_ROUTER_SCHEDD2_POOL':
                condor_collector_port = (utilities.get_condor_config_val('COLLECTOR_PORT', quiet_undefined=True)
                                         or '9618')
                condor_config_value = self._add_port_if_necessary(condor_config_value, condor_collector_port)

            if not condor_ce_config_value or condor_ce_config_value != condor_config_value:
                condor_ce_config[condor_ce_config_key] = condor_config_value

        if condor_ce_config:
            buf = utilities.read_file(JobManagerConfiguration.HTCONDOR_CE_CONFIG_FILE,
                                      default="# This file is managed by osg-configure\n")
            for key, value in condor_ce_config.items():
                buf = utilities.add_or_replace_setting(buf, key, value, quote_value=False)

            if not utilities.atomic_write(JobManagerConfiguration.HTCONDOR_CE_CONFIG_FILE, buf):
                return False

        return True
Exemple #25
0
 def _configure_sge_probe(self):
     """
     Do SGE probe specific configuration
     """
     accounting_path = self._probe_config['sge']['sge_accounting_file']
     config_location = GRATIA_CONFIG_FILES['sge']
     buf = file(config_location).read()
     buf = self.replace_setting(buf, 'SGEAccountingFile', accounting_path)
     if not utilities.atomic_write(config_location, buf):
         return False
     return True
Exemple #26
0
 def _configure_sge_probe(self):
     """
     Do SGE probe specific configuration
     """
     accounting_path = self._probe_config['sge']['sge_accounting_file']
     config_location = GRATIA_CONFIG_FILES['sge']
     buf = file(config_location).read()
     buf = self.replace_setting(buf, 'SGEAccountingFile', accounting_path)
     if not utilities.atomic_write(config_location, buf):
         return False
     return True
Exemple #27
0
 def _disable_callout(self):
     """
     Enable authorization using gridmap files
     """
     self.log("Updating " + GSI_AUTHZ_LOCATION, level=logging.INFO)
     gsi_contents = "#globus_mapping liblcas_lcmaps_gt4_mapping.so lcmaps_callout\n"
     if not utilities.atomic_write(GSI_AUTHZ_LOCATION, gsi_contents):
         self.log("Error while writing to " + GSI_AUTHZ_LOCATION,
                  level=logging.ERROR)
         raise exceptions.ConfigureError("Error while writing to " +
                                         GSI_AUTHZ_LOCATION)
Exemple #28
0
    def _set_lcmaps_callout(self, enable):
        self.log("Updating " + GSI_AUTHZ_LOCATION, level=logging.INFO)

        if enable:
            gsi_contents = "globus_mapping liblcas_lcmaps_gt4_mapping.so lcmaps_callout\n"
        else:
            gsi_contents = "#globus_mapping liblcas_lcmaps_gt4_mapping.so lcmaps_callout\n"
        if not utilities.atomic_write(GSI_AUTHZ_LOCATION, gsi_contents):
            msg = "Error while writing to " + GSI_AUTHZ_LOCATION
            self.log(msg, level=logging.ERROR)
            raise exceptions.ConfigureError(msg)
Exemple #29
0
    def edit_ssh_config(self, ssh_key_loc, local_user_home, local_user_name):
        # Add a section to .ssh/config for this host
        config_path = os.path.join(local_user_home, ".ssh", "config")
        #  Split the entry point by the "@"
        endpoint_user_name, endpoint_host = self.options[
            "endpoint"].value.split('@')
        host_config = """
Host %(endpoint_host)s
    HostName %(endpoint_host)s
    User %(endpoint_user_name)s
    IdentityFile %(ssh_key_loc)s
""" % locals()
        text_to_add = "%s%s%s" % (self.SSH_CONFIG_SECTION_BEGIN, host_config,
                                  self.SSH_CONFIG_SECTION_END)
        if not os.path.exists(config_path):
            utilities.atomic_write(config_path, text_to_add)
            return

        config_contents = ""
        with open(config_path, "r", encoding="latin-1") as f:
            config_contents = f.read()

        section_re = re.compile(
            r"%s.+?%s" % (re.escape(self.SSH_CONFIG_SECTION_BEGIN),
                          re.escape(self.SSH_CONFIG_SECTION_END)),
            re.MULTILINE | re.DOTALL)
        host_re = re.compile(r"^\s*Host\s+%s\s*$" % re.escape(endpoint_host),
                             re.MULTILINE)

        if section_re.search(config_contents):
            config_contents = section_re.sub(text_to_add, config_contents)
            self.logger.debug("osg-configure section found in %s", config_path)
        elif host_re.search(config_contents):
            self.logger.info(
                "Host %s already found in %s but not in an osg-configure section. Not modifying it.",
                endpoint_host, config_path)
            return
        else:
            config_contents += "\n" + text_to_add

        utilities.atomic_write(config_path, config_contents)
Exemple #30
0
    def _configure_htcondor_ce_probe(self):
        """
        Do HTCondor-CE probe specific configuration
        Set to suppress grid local jobs (pre-routed jobs)
        """
        config_location = GRATIA_CONFIG_FILES['htcondor-ce']
        buf = file(config_location).read()
        buf = self.replace_setting(buf, 'SuppressGridLocalRecords', '1')

        if not utilities.atomic_write(config_location, buf):
            return False
        return True
 def _configure_htcondor_ce_probe(self):
     """
     Do HTCondor-CE probe specific configuration
     Set to suppress grid local jobs (pre-routed jobs)
     """
     config_location = GRATIA_CONFIG_FILES['htcondor-ce']
     buf = file(config_location).read()
     buf = self.replace_setting(buf, 'SuppressGridLocalRecords', '1')
     
     if not utilities.atomic_write(config_location, buf):
         return False
     return True
Exemple #32
0
    def _make_subscription(self, probe, probe_file, probe_host, site, hostname):
        """
        Check to see if a given probe has the correct subscription and if not
        make it.
        """

        self.log("GratiaConfiguration._make_subscription started")

        if self._subscription_present(probe_file, probe_host):
            self.log("Subscription found %s probe, returning" % probe)
            self.log("GratiaConfiguration._make_subscription completed")
            return True

        if probe == 'gridftp':
            probe = 'gridftp-transfer'

        try:
            buf = open(probe_file).read()
            buf = re.sub(r'(\s*)ProbeName\s*=.*',
                         r'\1ProbeName="' + "%s:%s" % (probe, hostname) + '"',
                         buf,
                         1)
            buf = re.sub(r'(\s*)SiteName\s*=.*',
                         r'\1SiteName="' + site + '"',
                         buf,
                         1)
            buf = re.sub(r'(\s*)Grid\s*=.*',
                         r'\1Grid="' + self.grid_group + '"',
                         buf,
                         1)
            buf = re.sub(r'(\s*)EnableProbe\s*=.*',
                         r'\1EnableProbe="1"',
                         buf,
                         1)
            for var in ['SSLHost', 'SOAPHost', 'SSLRegistrationHost', 'CollectorHost']:
                buf = re.sub(r'(\s*)' + var + r'\s*=.*',
                             r'\1' + var + '="' + probe_host + '"',
                             buf,
                             1)

            if not utilities.atomic_write(probe_file, buf, mode=420):
                self.log("Error while configuring gratia probes: " +
                         "can't write to %s" % probe_file,
                         level=logging.ERROR)
                raise exceptions.ConfigureError("Error configuring gratia")
        except(IOError, OSError):
            self.log("Error while configuring gratia probes",
                     exception=True,
                     level=logging.ERROR)
            raise exceptions.ConfigureError("Error configuring gratia")

        self.log("GratiaConfiguration._make_subscription completed")
        return True
Exemple #33
0
    def _configure_condor_probe(self):
        """
        Do condor probe specific configuration
        """

        config_location = GRATIA_CONFIG_FILES['condor']
        buf = file(config_location).read()
        settings = self._probe_config['condor']
        buf = self.replace_setting(buf, 'CondorLocation', settings['condor_location'])
        buf = self.replace_setting(buf, 'CondorConfig', settings['condor_config'])
        if not utilities.atomic_write(config_location, buf):
            return False
        return True
Exemple #34
0
 def update_gums_client_location(self):
     self.log("Updating " + GUMS_CLIENT_LOCATION, level=logging.INFO)
     location_re = re.compile("^gums.location=.*$", re.MULTILINE)
     authz_re = re.compile("^gums.authz=.*$", re.MULTILINE)
     if not validation.valid_file(GUMS_CLIENT_LOCATION):
         gums_properties = "gums.location=https://%s:8443" % (
             self.options['gums_host'].value)
         gums_properties += "/gums/services/GUMSAdmin\n"
         gums_properties += "gums.authz=https://%s:8443" % (
             self.options['gums_host'].value)
         gums_properties += "/gums/services/GUMSXACMLAuthorizationServicePort"
     else:
         gums_properties = open(GUMS_CLIENT_LOCATION).read()
         replacement = "gums.location=https://%s:8443" % (
             self.options['gums_host'].value)
         replacement += "/gums/services/GUMSAdmin"
         gums_properties = location_re.sub(replacement, gums_properties)
         replacement = "gums.authz=https://%s:8443" % (
             self.options['gums_host'].value)
         replacement += "/gums/services/GUMSXACMLAuthorizationServicePort"
         gums_properties = authz_re.sub(replacement, gums_properties)
     utilities.atomic_write(GUMS_CLIENT_LOCATION, gums_properties)
Exemple #35
0
    def _configure_condor_probe(self):
        """
        Do condor probe specific configuration
        """

        config_location = GRATIA_CONFIG_FILES['condor']
        buf = open(config_location, "r", encoding="latin-1").read()
        settings = self._probe_config['condor']
        buf = self.replace_setting(buf, 'CondorLocation', settings['condor_location'])
        buf = self.replace_setting(buf, 'CondorConfig', settings['condor_config'])
        if not utilities.atomic_write(config_location, buf):
            return False
        return True
Exemple #36
0
    def setup_blah_config(self):
        """
        Populate blah.config with correct values

        Return True if successful, False otherwise
        """
        if os.path.exists(self.BLAH_CONFIG):
            contents = utilities.read_file(self.BLAH_CONFIG)
            contents = utilities.add_or_replace_setting(contents, "sge_rootpath", self.options['sge_root'].value,
                                                        quote_value=True)
            contents = utilities.add_or_replace_setting(contents, "sge_cellname", self.options['sge_cell'].value,
                                                        quote_value=True)
            return utilities.atomic_write(self.BLAH_CONFIG, contents)
        return False
Exemple #37
0
    def _subscribe_probe_to_remote_host(
            self, probe, probe_file, remote_host, local_resource, local_host):
        """Subscribe the given probe to the given remote host if necessary --
        this means:
        - Enable the probe
        - Set the local host name in the probe config (in ProbeName)
        - Set the local resource name (in SiteName)
        - Set the grid group (in Grid)
        - Set the *Host settings to the the remote host

        Check to see if a given probe has the correct subscription and if not
        make it.
        """

        self.log("GratiaConfiguration._subscribe_probe_to_remote_host started")

        # XXX This just checks EnableProbe and SOAPHost; should we check the other *Host
        # settings or are we using SOAPHost as a "don't configure me" sentinel?
        # -mat 2/19/21
        if self._subscription_present(probe_file, remote_host):
            self.log("Subscription found %s probe, returning" % probe)
            self.log("GratiaConfiguration._subscribe_probe_to_remote_host completed")
            return True

        if probe == 'gridftp':
            probe = 'gridftp-transfer'

        try:
            buf = open(probe_file, "r", encoding="latin-1").read()
            buf = self.replace_setting(buf, 'ProbeName', "%s:%s" % (probe, local_host))
            buf = self.replace_setting(buf, 'SiteName', local_resource)
            buf = self.replace_setting(buf, 'Grid', self.grid_group)
            buf = self.replace_setting(buf, 'EnableProbe', '1')
            for var in ['SSLHost', 'SOAPHost', 'SSLRegistrationHost', 'CollectorHost']:
                buf = self.replace_setting(buf, var, remote_host)

            if not utilities.atomic_write(probe_file, buf, mode=0o644):
                self.log("Error while configuring gratia probes: " +
                         "can't write to %s" % probe_file,
                         level=logging.ERROR)
                raise exceptions.ConfigureError("Error configuring gratia")
        except OSError:
            self.log("Error while configuring gratia probes",
                     exception=True,
                     level=logging.ERROR)
            raise exceptions.ConfigureError("Error configuring gratia")

        self.log("GratiaConfiguration._subscribe_probe_to_remote_host completed")
        return True
Exemple #38
0
    def _update_lcmaps_file(self):
        """
        Update lcmaps file and give appropriate messages if lcmaps.db.rpmnew exists
        """

        self.log("Updating " + LCMAPS_DB_LOCATION, level=logging.INFO)
        lcmaps_db = open(LCMAPS_DB_LOCATION).read()
        endpoint_re = re.compile(r'^\s*"--endpoint\s+https://.*/gums/services.*"\s*$',
                                 re.MULTILINE)
        replacement = "             \"--endpoint https://%s:8443" % (self.options['gums_host'].value)
        replacement += "/gums/services/GUMSXACMLAuthorizationServicePort\""
        lcmaps_db = endpoint_re.sub(replacement, lcmaps_db)
        utilities.atomic_write(LCMAPS_DB_LOCATION, lcmaps_db)

        rpmnew_file = LCMAPS_DB_LOCATION + ".rpmnew"
        warning_message = """It appears that you've updated the lcmaps RPM and the
configuration has changed. 
If you have ever edited /etc/lcmaps.db by hand (most people don't), then you 
should:
   1. Edit /etc/lcmaps.db.rpmnew to make your changes again
   2. mv /etc/lcmaps.db.rpmnew /etc/lcmaps.db
If you haven't edited /etc/lcmaps.db by hand, then you can just use the new 
configuration:
   1. mv /etc/lcmaps.db.rpmnew /etc/lcmaps.db"""
        if validation.valid_file(rpmnew_file):
            self.log(warning_message, level=logging.WARNING)
        else:
            return

        lcmaps_db = open(rpmnew_file).read()
        endpoint_re = re.compile(r'^\s*"--endpoint\s+https://.*/gums/services.*"\s*$',
                                 re.MULTILINE)
        replacement = "             \"--endpoint https://%s:8443" % (self.options['gums_host'].value)
        replacement += "/gums/services/GUMSXACMLAuthorizationServicePort\""
        lcmaps_db = endpoint_re.sub(replacement, lcmaps_db)
        utilities.atomic_write(rpmnew_file, lcmaps_db)
Exemple #39
0
    def _make_subscription(self, probe, probe_file, probe_host, site,
                           hostname):
        """
        Check to see if a given probe has the correct subscription and if not
        make it.
        """

        self.log("GratiaConfiguration._make_subscription started")

        if self._subscription_present(probe_file, probe_host):
            self.log("Subscription found %s probe, returning" % probe)
            self.log("GratiaConfiguration._make_subscription completed")
            return True

        if probe == 'gridftp':
            probe = 'gridftp-transfer'

        try:
            buf = open(probe_file).read()
            buf = re.sub(r'(\s*)ProbeName\s*=.*',
                         r'\1ProbeName="' + "%s:%s" % (probe, hostname) + '"',
                         buf, 1)
            buf = re.sub(r'(\s*)SiteName\s*=.*', r'\1SiteName="' + site + '"',
                         buf, 1)
            buf = re.sub(r'(\s*)Grid\s*=.*',
                         r'\1Grid="' + self.grid_group + '"', buf, 1)
            buf = re.sub(r'(\s*)EnableProbe\s*=.*', r'\1EnableProbe="1"', buf,
                         1)
            for var in [
                    'SSLHost', 'SOAPHost', 'SSLRegistrationHost',
                    'CollectorHost'
            ]:
                buf = re.sub(r'(\s*)' + var + r'\s*=.*',
                             r'\1' + var + '="' + probe_host + '"', buf, 1)

            if not utilities.atomic_write(probe_file, buf, mode=420):
                self.log("Error while configuring gratia probes: " +
                         "can't write to %s" % probe_file,
                         level=logging.ERROR)
                raise exceptions.ConfigureError("Error configuring gratia")
        except (IOError, OSError):
            self.log("Error while configuring gratia probes",
                     exception=True,
                     level=logging.ERROR)
            raise exceptions.ConfigureError("Error configuring gratia")

        self.log("GratiaConfiguration._make_subscription completed")
        return True
Exemple #40
0
    def setup_gram_config(self):
        """
        Populate the gram config file with correct values

        Returns True if successful, False otherwise
        """
        contents = open(SlurmConfiguration.GRAM_CONFIG_FILE).read()
        for binfile in ['qsub', 'qstat', 'qdel']:
            bin_location = os.path.join(self.slurm_bin_location, binfile)
            if validation.valid_file(bin_location):
                contents = utilities.add_or_replace_setting(contents, binfile, bin_location)

        if not utilities.atomic_write(SlurmConfiguration.GRAM_CONFIG_FILE, contents):
            return False

        return True
    def _write_ce_collector_file(self, info_services_file):
        """Write CE-Collector configuration file which specifies which
        host(s) to forward ads to

        """
        view_hosts = []
        for host in self.ce_collectors:
            if ':' not in host:
                view_hosts.append("%s:%d" % (host, HTCONDOR_CE_COLLECTOR_PORT))
            else:
                view_hosts.append(host)
        info_services_file_contents = """\
# Do not edit - file generated by osg-configure
CONDOR_VIEW_HOST = %s
""" % ",".join(view_hosts)

        return utilities.atomic_write(info_services_file, info_services_file_contents)
    def _write_ce_collector_file(self, info_services_file):
        """Write CE-Collector configuration file which specifies which
        host(s) to forward ads to

        """
        view_hosts = []
        for host in self.ce_collectors:
            if host.find(':') == -1:
                view_hosts.append("%s:%d" % (host, HTCONDOR_CE_COLLECTOR_PORT))
            else:
                view_hosts.append(host)
        info_services_file_contents = """\
# Do not edit - file generated by osg-configure
CONDOR_VIEW_HOST = %s
""" % ",".join(view_hosts)

        return utilities.atomic_write(info_services_file, info_services_file_contents)
Exemple #43
0
    def setup_gram_config(self):
        """
        Populate the gram config file with correct values

        Returns True if successful, False otherwise
        """
        buf = open(SGEConfiguration.GRAM_CONFIG_FILE).read()

        for binfile in ['qsub', 'qstat', 'qdel', 'qconf']:
            bin_location = os.path.join(self.options['sge_bin_location'].value,
                                        binfile)
            if validation.valid_file(bin_location):
                buf = utilities.add_or_replace_setting(buf, binfile,
                                                       bin_location)

        for setting in ['sge_cell', 'sge_root', 'sge_config']:
            buf = utilities.add_or_replace_setting(buf, setting,
                                                   self.options[setting].value)

        if self.options['seg_enabled'].value:
            buf = utilities.add_or_replace_setting(
                buf, 'log_path', self.options['log_file'].value)

        if self.options['default_queue'].value != '':
            buf = utilities.add_or_replace_setting(
                buf, 'default_queue', self.options['default_queue'].value)

            if self.options['validate_queues'].value:
                buf = utilities.add_or_replace_setting(buf,
                                                       'validate_queues',
                                                       'yes',
                                                       quote_value=False)
            else:
                buf = utilities.add_or_replace_setting(buf,
                                                       'validate_queues',
                                                       'no',
                                                       quote_value=False)

        if self.options['available_queues'].value != '':
            buf = utilities.add_or_replace_setting(
                buf, 'available_queues',
                self.options['available_queues'].value)

        if not utilities.atomic_write(SGEConfiguration.GRAM_CONFIG_FILE, buf):
            return False
        return True
Exemple #44
0
    def _configure_lsf_probe(self):
        """
        Do lsf probe specific configuration
        """
        if (self._probe_config['lsf']['log_directory'] is None
                or self._probe_config['lsf']['log_directory'] == ''):
            self.log(
                "LSF accounting log directory not given, LSF gratia probe not configured",
                level=logging.ERROR,
                option='log_directory',
                section='LSF')
            return True
        log_directory = self._probe_config['lsf']['log_directory']
        if not validation.valid_directory(log_directory):
            self.log(
                "LSF accounting log not present, LSF gratia probe not configured",
                level=logging.ERROR,
                option='log_directory',
                section='LSF')
            return True
        config_location = GRATIA_CONFIG_FILES['lsf']
        buf = file(config_location).read()
        buf = self.replace_setting(buf,
                                   'lsfAcctLogDir',
                                   log_directory,
                                   xml_file=False)

        # setup lsfBinDir
        if (self._probe_config['lsf']['lsf_location'] is None
                or self._probe_config['lsf']['lsf_location'] == ''):
            self.log("LSF location not given, lsf gratia probe not configured",
                     level=logging.ERROR,
                     option='lsf_location',
                     section='LSF')
            return True
        lsf_bin_dir = os.path.join(self._probe_config['lsf']['lsf_location'],
                                   'bin')
        buf = self.replace_setting(buf,
                                   'lsfBinDir',
                                   lsf_bin_dir,
                                   xml_file=False)
        buf = self.replace_setting(buf, 'lrmsType', 'lsf', xml_file=False)
        if not utilities.atomic_write(config_location, buf):
            return False
        return True
Exemple #45
0
    def setup_gram_config(self):
        """
        Populate the gram config file with correct values

        Returns True if successful, False otherwise
        """

        buf = open(CondorConfiguration.GRAM_CONFIG_FILE).read()
        for binfile in ['condor_submit', 'condor_rm']:
            bin_location = os.path.join(self.condor_bin_location, binfile)
            if validation.valid_file(bin_location):
                buf = utilities.add_or_replace_setting(buf, binfile, bin_location)
        if not utilities.blank(self.options['condor_config'].value):
            buf = utilities.add_or_replace_setting(buf, 'condor_config', self.options['condor_config'].value)

        if not utilities.atomic_write(CondorConfiguration.GRAM_CONFIG_FILE, buf):
            return False

        return True
Exemple #46
0
    def _configure_pbs_probe(self):
        """
        Do pbs probe specific configuration
        """
        if (self._probe_config['pbs']['accounting_log_directory'] is None or
                    self._probe_config['pbs']['accounting_log_directory'] == ''):
            return True
        accounting_dir = self._probe_config['pbs']['accounting_log_directory']
        if not validation.valid_directory(accounting_dir):
            self.log("PBS accounting log not present, PBS gratia probe not configured",
                     level=logging.ERROR,
                     option='accounting_log_directory',
                     section='PBS')
            return True

        config_location = GRATIA_CONFIG_FILES['pbs']
        buf = file(config_location).read()
        buf = self.replace_setting(buf, 'pbsAcctLogDir', accounting_dir, xml_file=False)
        buf = self.replace_setting(buf, 'lrmsType', 'pbs', xml_file=False)
        if not utilities.atomic_write(config_location, buf):
            return False
        return True
    def _make_subscription(self, probe, probe_file, probe_host, site, hostname):
        """
        Check to see if a given probe has the correct subscription and if not
        make it.
        """

        self.log("GratiaConfiguration._make_subscription started")

        if self._subscription_present(probe_file, probe_host):
            self.log("Subscription found %s probe, returning" % probe)
            self.log("GratiaConfiguration._make_subscription completed")
            return True

        if probe == 'gridftp':
            probe = 'gridftp-transfer'

        try:
            buf = open(probe_file).read()
            buf = self.replace_setting(buf, 'ProbeName', "%s:%s" % (probe, hostname))
            buf = self.replace_setting(buf, 'SiteName', site)
            buf = self.replace_setting(buf, 'Grid', self.grid_group)
            buf = self.replace_setting(buf, 'EnableProbe', '1')
            for var in ['SSLHost', 'SOAPHost', 'SSLRegistrationHost', 'CollectorHost']:
                buf = self.replace_setting(buf, var, probe_host)

            if not utilities.atomic_write(probe_file, buf, mode=420):
                self.log("Error while configuring gratia probes: " +
                         "can't write to %s" % probe_file,
                         level=logging.ERROR)
                raise exceptions.ConfigureError("Error configuring gratia")
        except(IOError, OSError):
            self.log("Error while configuring gratia probes",
                     exception=True,
                     level=logging.ERROR)
            raise exceptions.ConfigureError("Error configuring gratia")

        self.log("GratiaConfiguration._make_subscription completed")
        return True
Exemple #48
0
    def _configure_lsf_probe(self):
        """
        Do lsf probe specific configuration
        """
        if (self._probe_config['lsf']['log_directory'] is None or
                    self._probe_config['lsf']['log_directory'] == ''):
            self.log("LSF accounting log directory not given, LSF gratia probe not configured",
                     level=logging.ERROR,
                     option='log_directory',
                     section='LSF')
            return True
        log_directory = self._probe_config['lsf']['log_directory']
        if not validation.valid_directory(log_directory):
            self.log("LSF accounting log not present, LSF gratia probe not configured",
                     level=logging.ERROR,
                     option='log_directory',
                     section='LSF')
            return True
        config_location = GRATIA_CONFIG_FILES['lsf']
        buf = file(config_location).read()
        buf = self.replace_setting(buf, 'lsfAcctLogDir', log_directory, xml_file=False)

        # setup lsfBinDir
        if (self._probe_config['lsf']['lsf_location'] is None or
                    self._probe_config['lsf']['lsf_location'] == ''):
            self.log("LSF location not given, lsf gratia probe not configured",
                     level=logging.ERROR,
                     option='lsf_location',
                     section='LSF')
            return True
        lsf_bin_dir = os.path.join(self._probe_config['lsf']['lsf_location'], 'bin')
        buf = self.replace_setting(buf, 'lsfBinDir', lsf_bin_dir, xml_file=False)
        buf = self.replace_setting(buf, 'lrmsType', 'lsf', xml_file=False)
        if not utilities.atomic_write(config_location, buf):
            return False
        return True
 def write_blah_disable_wn_proxy_renewal_to_blah_config(self):
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         contents = utilities.add_or_replace_setting(contents, "blah_disable_wn_proxy_renewal", "yes",
                                                     quote_value=False)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
    def create_missing_service_cert_key(self, service_cert, service_key, user):
        """Copy the host cert and key to a service cert and key with the
        appropriate permissions if the service cert and key do not already
        exist. If they already exist, nothing is done. If only one of them
        exists, this method returns with an error. Parent directories are
        created as needed.

        :param service_cert: Path to the service certificate to create
        :type service_cert: str
        :param service_key: Path to the service private key to create
        :type service_key: str
        :param user: The name of the user that will own the cert and key
        :type user: str

        :return: True if service_cert and service_key are both created or already present, False otherwise

        """
        user_pwd = pwd.getpwnam(user)
        if not user_pwd:
            self.log("%r user not found, cannot create service cert/key with correct permissions" % user,
                     level=logging.ERROR)
            return False

        if os.path.isfile(service_cert) and os.path.isfile(service_key):
            self.log("%s and %s both exist; not creating them" % (service_cert, service_key),
                     level=logging.INFO)
        elif os.path.isfile(service_cert) and not os.path.isfile(service_key):
            self.log("%s exists but %s does not! Either remove the cert or copy the matching key" % (service_cert,
                                                                                                     service_key),
                     level=logging.ERROR)
            return False
        elif os.path.isfile(service_key) and not os.path.isfile(service_cert):
            self.log("%s exists but %s does not! Either remove the key or copy the matching cert" % (service_key,
                                                                                                     service_cert),
                     level=logging.ERROR)
            return False
        else:
            for from_path, to_path, mode in [[HOSTCERT_PATH, service_cert, int('644', 8)],
                                             [HOSTKEY_PATH, service_key, int('600', 8)]]:
                # Create dirs for the cert/key if they don't exist
                parent_dir = os.path.abspath(os.path.dirname(to_path))
                try:
                    os.makedirs(parent_dir)
                except OSError, err:
                    if err.errno != errno.EEXIST:
                        self.log("Could not create directory %s" % parent_dir, exception=err, level=logging.ERROR)
                        return False
                try:
                    os.chown(parent_dir, user_pwd.pw_uid, user_pwd.pw_gid)
                except EnvironmentError, err:
                    self.log("Could not set ownership of %s" % parent_dir, exception=err, level=logging.ERROR)
                    return False
                from_fh = open(from_path, 'rb')
                success = utilities.atomic_write(to_path, from_fh.read(), mode=mode)
                from_fh.close()
                if not success:
                    self.log("Could not copy %s to %s" % (from_path, to_path), level=logging.ERROR)
                    return False
                try:
                    os.chown(to_path, user_pwd.pw_uid, user_pwd.pw_gid)
                except EnvironmentError, err:
                    self.log("Could not set ownership of %s" % to_path, exception=err, level=logging.ERROR)
                    return False
        Returns:
        True if config successfully updated
        """
        if filename is None:
            return False

        try:
            contents = open(filename).read()
        except EnvironmentError, err:
            self.log(self.MISSING_JOBMANAGER_CONF_MSG % (filename, err), level=logging.ERROR)
            return False

        if contents.startswith('accept_limited,'):
            contents = contents.replace('accept_limited,', '', 1)
            if utilities.atomic_write(filename, contents):
                return True
            else:
                self.log('Error disabling accept_limited',
                         level=logging.ERROR)
                return False

        if ',accept_limited' in contents:
            contents = contents.replace(',accept_limited', '', 1)
            if utilities.atomic_write(filename, contents):
                return True
            else:
                self.log('Error disabling accept_limited',
                         level=logging.ERROR)
                return False
Exemple #52
0
 def write_lsf_confpath_to_blah_config(self):
     if os.path.exists(self.BLAH_CONFIG):
         contents = utilities.read_file(self.BLAH_CONFIG)
         contents = utilities.add_or_replace_setting(contents, 'lsf_confpath', self.options['lsf_conf'].value,
                                                     quote_value=True)
         utilities.atomic_write(self.BLAH_CONFIG, contents)
 def write_htcondor_ce_sentinel(self):
     if self.htcondor_gateway_enabled:
         contents = utilities.read_file(self.HTCONDOR_CE_CONFIG_FILE,
                                        default="# This file is managed by osg-configure\n")
         contents = utilities.add_or_replace_setting(contents, "OSG_CONFIGURED", "true", quote_value=False)
         utilities.atomic_write(self.HTCONDOR_CE_CONFIG_FILE, contents)