def proxy_info(self, msg):
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy')
command = ('voms-proxy-info', '-all')
stdout = core.check_system(command, 'Run voms-proxy-info', user=True)[0]
self.assert_(('/%s/Role=NULL' % (core.config['voms.vo'])) in stdout, msg)
def test_08_voms_proxy_check(self):
"""
Check generated proxies to make sure that they use the same signing
algorithm as the certificate
"""
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy')
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
# Note: We're only looking for the "Signature Algorithm" line which has the same output format
# regardless of openssl version.
command = ['openssl', 'x509', '-in', cert_path, '-text']
signature_re = re.compile(r'Signature Algorithm:\s+(\w+)\s')
stdout = core.check_system(command,
'Check X.509 certificate algorithm',
user=True)[0]
match = signature_re.search(stdout)
if match is None:
self.fail("Can't find user cert's signing algorithm")
cert_algorithm = match.group(1)
command[3] = os.path.join('/', 'tmp', "x509up_u%s" % pwd_entry[2])
stdout = core.check_system(command,
'Check X.509 proxy algorithm',
user=True)[0]
match = signature_re.search(stdout)
if match is None:
self.fail("Can't find proxy's signing algorithm")
proxy_algorithm = match.group(1)
self.assertEqual(cert_algorithm, proxy_algorithm)
core.state['proxy.valid'] = True
def test_03_remove_vo(self):
voms.skip_ok_unless_installed()
# Really remove database -- the voms-admin-configure command above does
# not actually destroy the mysql database.
voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername'])
voms.destroy_voms_conf(core.config['voms.vo'])
def test_03_remove_vo(self):
voms.skip_ok_unless_installed()
# Really remove database -- the voms-admin-configure command above does
# not actually destroy the mysql database.
voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername'])
voms.destroy_voms_conf(core.config['voms.vo'])
def test_05_create_vo(self):
voms.skip_ok_unless_installed()
voms.create_vo(vo=core.config['voms.vo'],
dbusername=core.config['voms.dbusername'],
dbpassword='******',
vomscert=core.config['certs.vomscert'],
vomskey=core.config['certs.vomskey'])
def test_05_create_vo(self):
voms.skip_ok_unless_installed()
voms.create_vo(vo=core.config['voms.vo'],
dbusername=core.config['voms.dbusername'],
dbpassword='******',
vomscert=core.config['certs.vomscert'],
vomskey=core.config['certs.vomskey'])
def proxy_info(self, msg):
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy')
command = ('voms-proxy-info', '-all')
stdout = core.check_system(command, 'Run voms-proxy-info',
user=True)[0]
self.assert_(('/%s/Role=NULL' % (core.config['voms.vo'])) in stdout,
msg)
def test_08_advertise(self):
voms.skip_ok_unless_installed()
voms.advertise_lsc(core.config['voms.vo'], core.config['certs.hostcert'])
files.preserve('/etc/vomses', owner='voms')
voms.advertise_vomses(core.config['voms.vo'], core.config['certs.hostcert'])
core.system('ls -ldF /etc/*vom*', shell=True)
core.system(('find', '/etc/grid-security/vomsdir', '-ls'))
def test_02_install_voms_certs(self):
voms.skip_ok_unless_installed()
vomscert = core.config['certs.vomscert']
vomskey = core.config['certs.vomskey']
self.skip_ok_if(core.check_file_and_perms(vomscert, 'voms', 0o644) and
core.check_file_and_perms(vomskey, 'voms', 0o400),
'VOMS cert exists and has proper permissions')
core.install_cert('certs.vomscert', 'certs.hostcert', 'voms', 0o644)
core.install_cert('certs.vomskey', 'certs.hostkey', 'voms', 0o400)
def test_02_install_voms_certs(self):
voms.skip_ok_unless_installed()
vomscert = core.config['certs.vomscert']
vomskey = core.config['certs.vomskey']
self.skip_ok_if(core.check_file_and_perms(vomscert, 'voms', 0o644) and
core.check_file_and_perms(vomskey, 'voms', 0o400),
'VOMS cert exists and has proper permissions')
core.install_cert('certs.vomscert', 'certs.hostcert', 'voms', 0o644)
core.install_cert('certs.vomskey', 'certs.hostkey', 'voms', 0o400)
def test_08_advertise(self):
voms.skip_ok_unless_installed()
voms.advertise_lsc(core.config['voms.vo'], core.config['certs.hostcert'])
files.preserve('/etc/vomses', owner='voms')
voms.advertise_vomses(core.config['voms.vo'], core.config['certs.hostcert'])
core.system('ls -ldF /etc/*vom*', shell=True)
core.system(('find', '/etc/grid-security/vomsdir', '-ls'))
def test_04_bad_voms_proxy_init(self):
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.added-user'])
command = ('voms-proxy-init', '-voms', core.config['voms.vo'] + ':/Bogus')
password = core.options.password + '\n'
status, stdout, _ = core.system(command, True, password)
self.assertNotEqual(status, 0, 'voms-proxy-init fails on bad group')
self.assert_('Unable to satisfy' in stdout, 'voms-proxy-init failure message')
def test_01_add_user(self):
core.state['voms.added-user'] = False
voms.skip_ok_unless_installed()
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
voms.add_user(core.config['voms.vo'], cert_path)
core.state['voms.added-user'] = True
def test_05_create_vo(self):
voms.skip_ok_unless_installed()
use_voms_admin = core.rpm_is_installed('voms-admin-server')
voms.create_vo(vo=core.config['voms.vo'],
dbusername=core.config['voms.dbusername'],
dbpassword='******',
vomscert=core.config['certs.vomscert'],
vomskey=core.config['certs.vomskey'],
use_voms_admin=use_voms_admin)
def test_06_rfc_voms_proxy_init(self):
core.state['voms.got-proxy'] = False
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.added-user'])
command = ('voms-proxy-init', '-voms', core.config['voms.vo'], '-rfc')
password = core.options.password + '\n'
core.check_system(command, 'Run voms-proxy-init', user=True, stdin=password)
core.state['voms.got-proxy'] = True
def test_01_add_user(self):
core.state['voms.added-user'] = False
voms.skip_ok_unless_installed()
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
voms.add_user(core.config['voms.vo'], cert_path)
core.state['voms.added-user'] = True
def test_04_bad_voms_proxy_init(self):
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.added-user'])
command = ('voms-proxy-init', '-voms',
core.config['voms.vo'] + ':/Bogus')
password = core.options.password + '\n'
status, stdout, _ = core.system(command, True, password)
self.assertNotEqual(status, 0, 'voms-proxy-init fails on bad group')
self.assert_('Unable to satisfy' in stdout,
'voms-proxy-init failure message')
def test_06_rfc_voms_proxy_init(self):
core.state['voms.got-proxy'] = False
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.added-user'])
command = ('voms-proxy-init', '-voms', core.config['voms.vo'], '-rfc')
password = core.options.password + '\n'
core.check_system(command,
'Run voms-proxy-init',
user=True,
stdin=password)
core.state['voms.got-proxy'] = True
def test_09_start_voms(self):
core.state['voms.started-server'] = False
voms.skip_ok_unless_installed()
self.skip_ok_if(os.path.exists(core.config['voms.lock-file']), 'apparently running')
if core.el_release() < 7:
core.config['voms_service'] = 'voms'
else:
core.config['voms_service'] = 'voms@' + core.config['voms.vo']
service.check_start(core.config['voms_service'])
core.state['voms.started-server'] = True
def test_09_start_voms(self):
core.state['voms.started-server'] = False
voms.skip_ok_unless_installed()
self.skip_ok_if(os.path.exists(core.config['voms.lock-file']), 'apparently running')
if core.el_release() < 7:
core.config['voms_service'] = 'voms'
else:
core.config['voms_service'] = 'voms@' + core.config['voms.vo']
service.check_start(core.config['voms_service'])
core.state['voms.started-server'] = True
def test_01_add_user(self):
core.state['voms.added-user'] = False
voms.skip_ok_unless_installed()
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
use_voms_admin = False
if core.rpm_is_installed('voms-admin-server') and core.rpm_is_installed('voms-admin-client'):
self.skip_bad_unless(core.state['tomcat.started'])
use_voms_admin = True
voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin)
core.state['voms.added-user'] = True
def test_03_remove_vo(self):
voms.skip_ok_unless_installed()
if core.rpm_is_installed('voms-admin-server'):
# Ask VOMS Admin to remove VO
command = ('voms-admin-configure', 'remove', '--vo',
core.config['voms.vo'], '--undeploy-database')
stdout, _, fail = core.check_system(command, 'Remove VO')
self.assert_('Database undeployed correctly!' in stdout, fail)
self.assert_(' succesfully removed.' in stdout, fail)
# Really remove database -- the voms-admin-configure command above does
# not actually destroy the mysql database.
voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername'])
voms.destroy_voms_conf(core.config['voms.vo'])
def test_03_remove_vo(self):
voms.skip_ok_unless_installed()
if core.rpm_is_installed('voms-admin-server'):
# Ask VOMS Admin to remove VO
command = ('voms-admin-configure', 'remove',
'--vo', core.config['voms.vo'],
'--undeploy-database')
stdout, _, fail = core.check_system(command, 'Remove VO')
self.assert_('Database undeployed correctly!' in stdout, fail)
self.assert_(' succesfully removed.' in stdout, fail)
# Really remove database -- the voms-admin-configure command above does
# not actually destroy the mysql database.
voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername'])
voms.destroy_voms_conf(core.config['voms.vo'])
def test_01_add_user(self):
core.state['voms.added-user'] = False
voms.skip_ok_unless_installed()
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
use_voms_admin = False
if core.rpm_is_installed(
'voms-admin-server') and core.rpm_is_installed(
'voms-admin-client'):
self.skip_bad_unless(core.state['tomcat.started'])
use_voms_admin = True
voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin)
core.state['voms.added-user'] = True
def test_08_voms_proxy_check(self):
"""
Check generated proxies to make sure that they use the same signing
algorithm as the certificate
"""
voms.skip_ok_unless_installed()
self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy')
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
command = ['openssl', 'x509', '-in', cert_path, '-text']
signature_re = re.compile(r'Signature Algorithm:\s+(\w+)\s')
stdout = core.check_system(command, 'Check X.509 certificate algorithm', user=True)[0]
match = signature_re.search(stdout)
if match is None:
self.fail("Can't find user cert's signing algorithm")
cert_algorithm = match.group(1)
command[3] = os.path.join('/', 'tmp', "x509up_u%s" % pwd_entry[2])
stdout = core.check_system(command, 'Check X.509 proxy algorithm', user=True)[0]
match = signature_re.search(stdout)
if match is None:
self.fail("Can't find proxy's signing algorithm")
proxy_algorithm = match.group(1)
self.assertEqual(cert_algorithm, proxy_algorithm)
def test_01_stop_voms(self):
voms.skip_ok_unless_installed()
self.skip_ok_unless(core.state['voms.started-server'], 'did not start server')
service.check_stop(core.config['voms_service'])
def test_02_restore_vomses(self):
voms.skip_ok_unless_installed()
voms.destroy_lsc(core.config['voms.vo'])
files.restore('/etc/vomses', 'voms')
def test_01_stop_voms(self):
voms.skip_ok_unless_installed()
self.skip_ok_unless(core.state['voms.started-server'],
'did not start server')
service.check_stop(core.config['voms_service'])
def test_02_restore_vomses(self):
voms.skip_ok_unless_installed()
voms.destroy_lsc(core.config['voms.vo'])
files.restore('/etc/vomses', 'voms')
