def can_make_proxy():
"""Return True if the packages necessary for making a proxy are installed.
This is either voms-clients-cpp (which provides voms-proxy-direct),
or voms-server + dependencies + any voms client.
"""
return core.dependency_is_installed(
"voms-clients-cpp") or server_is_installed()
def test_01_configure_xrootd(self):
core.state['xrootd.is-configured'] = False
core.config['xrootd.security'] = set()
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
# rootdir and resourcename needs to be set early for the default osg-xrootd config
core.config['xrootd.config'] = '/etc/xrootd/config.d/10-osg-test.cfg'
core.config['xrootd.logging-config'] = '/etc/xrootd/config.d/99-logging.cfg'
core.config['xrootd.service-defaults'] = '/etc/sysconfig/xrootd'
core.config['xrootd.multiuser'] = False
core.state['xrootd.backups-exist'] = False
core.state['xrootd.had-failures'] = False
core.config['xrootd.public_subdir'] = "public"
core.config['xrootd.user_subdir'] = core.options.username
core.config['xrootd.vo_subdir'] = voms.VONAME
core.config['xrootd.authfile'] = '/etc/xrootd/Authfile'
self.skip_ok_unless(core.state['user.verified'], "Test user not available")
xrootd_user = pwd.getpwnam("xrootd")
xrootd_config = STANDALONE_XROOTD_CFG_TEXT
if core.dependency_is_installed("voms-clients"):
core.config['xrootd.security'].add("GSI")
if core.PackageVersion("xrootd-scitokens") >= "5":
core.config['xrootd.security'].add("SCITOKENS")
if voms.can_make_proxy():
core.config['xrootd.security'].add("VOMS")
self.skip_ok_unless(core.config['xrootd.security'], "No xrootd security available")
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0o644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0o400)
files.write(core.config['xrootd.logging-config'], XROOTD_LOGGING_CFG_TEXT, owner='xrootd', backup=True, chmod=0o644)
files.write(core.config['xrootd.config'], xrootd_config, owner='xrootd', backup=True, chmod=0o644)
files.write(core.config['xrootd.authfile'], AUTHFILE_TEXT, owner="xrootd", chown=(xrootd_user.pw_uid, xrootd_user.pw_gid), chmod=0o644)
try:
shutil.rmtree(xrootd.ROOTDIR)
except FileNotFoundError:
pass
public_dir = f"{xrootd.ROOTDIR}/{core.config['xrootd.public_subdir']}"
files.safe_makedirs(xrootd.ROOTDIR)
os.chmod(xrootd.ROOTDIR, 0o755)
files.safe_makedirs(public_dir)
os.chmod(public_dir, 0o1777)
user_dir = f"{xrootd.ROOTDIR}/{core.config['xrootd.user_subdir']}"
files.safe_makedirs(user_dir)
os.chmod(user_dir, 0o770)
vo_dir = f"{xrootd.ROOTDIR}/{core.config['xrootd.vo_subdir']}"
files.safe_makedirs(vo_dir)
os.chmod(vo_dir, 0o1777)
core.system(["chown", "-R", "xrootd:xrootd", xrootd.ROOTDIR])
os.chown(user_dir, core.state["user.uid"], xrootd_user.pw_gid)
core.check_system(["find", xrootd.ROOTDIR, "-ls"], f"Couldn't dump contents of {xrootd.ROOTDIR}")
core.state['xrootd.backups-exist'] = True
core.state['xrootd.is-configured'] = True
def server_is_installed():
"""Return True if the dependencies for setting up and using VOMS are installed.
EL7 requires a minimum version of the voms-server package to get the service file fix from SOFTWARE-2357.
"""
for dep in 'voms-server', 'voms-clients', 'voms-mysql-plugin', mysql.client_rpm(
), mysql.server_rpm():
if not core.dependency_is_installed(dep):
return False
return True
def test_01_set_config(self):
port = core.config['gsisshd.port'] = '2222'
core.state['gsisshd.can-run'] = (
not (core.el_release() >= 7 and core.state['selinux.mode']
and not core.dependency_is_installed("/usr/sbin/semanage")))
self.skip_ok_unless(
core.state['gsisshd.can-run'],
"Can't run with SELinux on EL >= 7 without semanage")
files.write(SSHD_CONFIG,
SSHD_CONFIG_TEXT % {'port': port},
owner='gsissh',
chmod=0o600)
def is_installed():
"""Return True if the dependencies for setting up and using VOMS are installed.
EL7 requires a minimum version of the voms-server package to get the service file fix from SOFTWARE-2357.
"""
for dep in 'voms-server', 'voms-clients', 'voms-mysql-plugin', mysql.client_rpm(), mysql.server_rpm():
if not core.dependency_is_installed(dep):
return False
# TODO: drop this check when 3.3 is completely EOL
if core.el_release() >= 7:
if core.PackageVersion('voms-server') < '2.0.12-3.2':
core.log_message("voms-server installed but too old (missing SOFTWARE-2357 fix)")
return False
return True
def is_installed():
"""Return True if the dependencies for setting up and using VOMS are installed.
EL7 requires a minimum version of the voms-server package to get the service file fix from SOFTWARE-2357.
"""
for dep in 'voms-server', 'voms-clients', 'voms-mysql-plugin', mysql.client_rpm(
), mysql.server_rpm():
if not core.dependency_is_installed(dep):
return False
# TODO: drop this check when 3.3 is completely EOL
if core.el_release() >= 7:
epoch, _, version, release, _ = core.get_package_envra('voms-server')
if core.version_compare((epoch, version, release), '2.0.12-3.2') < 0:
core.log_message(
"voms-server installed but too old (missing SOFTWARE-2357 fix)"
)
return False
return True