def uploadProxy(self, proxy=False, useDNAsUserName=False): """ Upload a proxy to myproxy service. proxy param can be: : Default -> use current proxy : string -> upload file specified as proxy : X509Chain -> use chain """ retVal = File.multiProxyArgument(proxy) if not retVal['OK']: return retVal proxyDict = retVal['Value'] chain = proxyDict['chain'] proxyLocation = proxyDict['file'] timeLeft = int(chain.getRemainingSecs()['Value'] / 3600) cmdArgs = ['-n'] cmdArgs.append('-s "%s"' % self._secServer) cmdArgs.append('-c "%s"' % (timeLeft - 1)) cmdArgs.append('-t "%s"' % self._secMaxProxyHours) cmdArgs.append('-C "%s"' % proxyLocation) cmdArgs.append('-y "%s"' % proxyLocation) if useDNAsUserName: cmdArgs.append('-d') else: retVal = self._getUsername(chain) if not retVal['OK']: File.deleteMultiProxy(proxyDict) return retVal mpUsername = retVal['Value'] cmdArgs.append('-l "%s"' % mpUsername) mpEnv = self._getExternalCmdEnvironment() #Hack to upload properly mpEnv['GT_PROXY_MODE'] = 'old' cmd = "myproxy-init %s" % " ".join(cmdArgs) result = shellCall(self._secCmdTimeout, cmd, env=mpEnv) File.deleteMultiProxy(proxyDict) if not result['OK']: errMsg = "Call to myproxy-init failed: %s" % retVal['Message'] return S_ERROR(errMsg) status, output, error = result['Value'] # Clean-up files if status: errMsg = "Call to myproxy-init failed" extErrMsg = 'Command: %s; StdOut: %s; StdErr: %s' % (cmd, result, error) return S_ERROR("%s %s" % (errMsg, extErrMsg)) return S_OK()
def uploadProxy(self, proxy=False, useDNAsUserName=False): """ Upload a proxy to myproxy service. proxy param can be: : Default -> use current proxy : string -> upload file specified as proxy : X509Chain -> use chain """ retVal = File.multiProxyArgument(proxy) if not retVal["OK"]: return retVal proxyDict = retVal["Value"] chain = proxyDict["chain"] proxyLocation = proxyDict["file"] timeLeft = int(chain.getRemainingSecs()["Value"] / 3600) cmdArgs = ["-n"] cmdArgs.append('-s "%s"' % self._secServer) cmdArgs.append('-c "%s"' % (timeLeft - 1)) cmdArgs.append('-t "%s"' % self._secMaxProxyHours) cmdArgs.append('-C "%s"' % proxyLocation) cmdArgs.append('-y "%s"' % proxyLocation) if useDNAsUserName: cmdArgs.append("-d") else: retVal = self._getUsername(chain) if not retVal["OK"]: File.deleteMultiProxy(proxyDict) return retVal mpUsername = retVal["Value"] cmdArgs.append('-l "%s"' % mpUsername) mpEnv = self._getExternalCmdEnvironment() # Hack to upload properly mpEnv["GT_PROXY_MODE"] = "old" cmd = "myproxy-init %s" % " ".join(cmdArgs) result = shellCall(self._secCmdTimeout, cmd, env=mpEnv) File.deleteMultiProxy(proxyDict) if not result["OK"]: errMsg = "Call to myproxy-init failed: %s" % retVal["Message"] return S_ERROR(errMsg) status, output, error = result["Value"] # Clean-up files if status: errMsg = "Call to myproxy-init failed" extErrMsg = "Command: %s; StdOut: %s; StdErr: %s" % (cmd, result, error) return S_ERROR("%s %s" % (errMsg, extErrMsg)) return S_OK()
def renewProxy(self, proxyToBeRenewed=False, minLifeTime=3600, newProxyLifeTime=43200, proxyToConnect=False): """ Renew a proxy using the ProxyManager Arguments: proxyToBeRenewed : proxy to renew minLifeTime : if proxy life time is less than this, renew. Skip otherwise newProxyLifeTime : life time of new proxy proxyToConnect : proxy to use for connecting to the service """ retVal = File.multiProxyArgument(proxyToBeRenewed) if not retVal['Value']: return retVal proxyToRenewDict = retVal['Value'] secs = proxyToRenewDict['chain'].getRemainingSecs()['Value'] if secs > minLifeTime: File.deleteMultiProxy(proxyToRenewDict) return S_OK() if not proxyToConnect: proxyToConnectDict = {'chain': False, 'tempFile': False} else: retVal = File.multiProxyArgument(proxyToConnect) if not retVal['Value']: File.deleteMultiProxy(proxyToRenewDict) return retVal proxyToConnectDict = retVal['Value'] userDN = proxyToRenewDict['chain'].getIssuerCert( )['Value'].getSubjectDN()['Value'] retVal = proxyToRenewDict['chain'].getDIRACGroup() if not retVal['OK']: File.deleteMultiProxy(proxyToRenewDict) File.deleteMultiProxy(proxyToConnectDict) return retVal userGroup = retVal['Value'] limited = proxyToRenewDict['chain'].isLimitedProxy()['Value'] voms = VOMS() retVal = voms.getVOMSAttributes(proxyToRenewDict['chain']) if not retVal['OK']: File.deleteMultiProxy(proxyToRenewDict) File.deleteMultiProxy(proxyToConnectDict) return retVal vomsAttrs = retVal['Value'] if vomsAttrs: retVal = self.downloadVOMSProxy( userDN, userGroup, limited=limited, requiredTimeLeft=newProxyLifeTime, requiredVOMSAttribute=vomsAttrs[0], proxyToConnect=proxyToConnectDict['chain']) else: retVal = self.downloadProxy( userDN, userGroup, limited=limited, requiredTimeLeft=newProxyLifeTime, proxyToConnect=proxyToConnectDict['chain']) File.deleteMultiProxy(proxyToRenewDict) File.deleteMultiProxy(proxyToConnectDict) if not retVal['OK']: return retVal chain = retVal['Value'] if not proxyToRenewDict['tempFile']: return chain.dumpAllToFile(proxyToRenewDict['file']) return S_OK(chain)
def getDelegatedProxy(self, proxyChain, lifeTime=604800, useDNAsUserName=False): """ Get delegated proxy from MyProxy server return S_OK( X509Chain ) / S_ERROR """ #TODO: Set the proxy coming in proxyString to be the proxy to use #Get myproxy username diracgroup:diracuser retVal = File.multiProxyArgument(proxyChain) if not retVal['OK']: return retVal proxyDict = retVal['Value'] chain = proxyDict['chain'] proxyLocation = proxyDict['file'] retVal = self._generateTemporalFile() if not retVal['OK']: File.deleteMultiProxy(proxyDict) return retVal newProxyLocation = retVal['Value'] # myproxy-get-delegation works only with environment variables cmdEnv = self._getExternalCmdEnvironment() if self._secRunningFromTrustedHost: cmdEnv['X509_USER_CERT'] = self._secCertLoc cmdEnv['X509_USER_KEY'] = self._secKeyLoc if 'X509_USER_PROXY' in cmdEnv: del cmdEnv['X509_USER_PROXY'] else: cmdEnv['X509_USER_PROXY'] = proxyLocation cmdArgs = [] cmdArgs.append("-s '%s'" % self._secServer) cmdArgs.append("-t '%s'" % (int(lifeTime / 3600))) cmdArgs.append("-a '%s'" % proxyLocation) cmdArgs.append("-o '%s'" % newProxyLocation) if useDNAsUserName: cmdArgs.append('-d') else: retVal = self._getUsername(chain) if not retVal['OK']: File.deleteMultiProxy(proxyDict) return retVal mpUsername = retVal['Value'] cmdArgs.append('-l "%s"' % mpUsername) cmd = "myproxy-logon %s" % " ".join(cmdArgs) gLogger.verbose("myproxy-logon command:\n%s" % cmd) result = shellCall(self._secCmdTimeout, cmd, env=cmdEnv) File.deleteMultiProxy(proxyDict) if not result['OK']: errMsg = "Call to myproxy-logon failed: %s" % result['Message'] File.deleteMultiProxy(proxyDict) return S_ERROR(errMsg) status, output, error = result['Value'] # Clean-up files if status: errMsg = "Call to myproxy-logon failed" extErrMsg = 'Command: %s; StdOut: %s; StdErr: %s' % (cmd, result, error) File.deleteMultiProxy(proxyDict) return S_ERROR("%s %s" % (errMsg, extErrMsg)) chain = X509Chain() retVal = chain.loadProxyFromFile(newProxyLocation) if not retVal['OK']: File.deleteMultiProxy(proxyDict) return S_ERROR( "myproxy-logon failed when reading delegated file: %s" % retVal['Message']) File.deleteMultiProxy(proxyDict) return S_OK(chain)
def getInfo(self, proxyChain, useDNAsUserName=False): """ Get info from myproxy server return S_OK( { 'username' : myproxyusername, 'owner' : owner DN, 'timeLeft' : secs left } ) / S_ERROR """ #TODO: Set the proxy coming in proxyString to be the proxy to use #Get myproxy username diracgroup:diracuser retVal = File.multiProxyArgument(proxyChain) if not retVal['OK']: return retVal proxyDict = retVal['Value'] chain = proxyDict['chain'] proxyLocation = proxyDict['file'] # myproxy-get-delegation works only with environment variables cmdEnv = self._getExternalCmdEnvironment() if self._secRunningFromTrustedHost: cmdEnv['X509_USER_CERT'] = self._secCertLoc cmdEnv['X509_USER_KEY'] = self._secKeyLoc if 'X509_USER_PROXY' in cmdEnv: del cmdEnv['X509_USER_PROXY'] else: cmdEnv['X509_USER_PROXY'] = proxyLocation cmdArgs = [] cmdArgs.append("-s '%s'" % self._secServer) if useDNAsUserName: cmdArgs.append('-d') else: retVal = self._getUsername(chain) if not retVal['OK']: File.deleteMultiProxy(proxyDict) return retVal mpUsername = retVal['Value'] cmdArgs.append('-l "%s"' % mpUsername) cmd = "myproxy-info %s" % " ".join(cmdArgs) gLogger.verbose("myproxy-info command:\n%s" % cmd) result = shellCall(self._secCmdTimeout, cmd, env=cmdEnv) File.deleteMultiProxy(proxyDict) if not result['OK']: errMsg = "Call to myproxy-info failed: %s" % result['Message'] File.deleteMultiProxy(proxyDict) return S_ERROR(errMsg) status, output, error = result['Value'] # Clean-up files if status: errMsg = "Call to myproxy-info failed" extErrMsg = 'Command: %s; StdOut: %s; StdErr: %s' % (cmd, result, error) return S_ERROR("%s %s" % (errMsg, extErrMsg)) infoDict = {} usernameRE = re.compile("username\s*:\s*(\S*)") ownerRE = re.compile("owner\s*:\s*(\S*)") timeLeftRE = re.compile("timeleft\s*:\s*(\S*)") for line in List.fromChar(output, "\n"): match = usernameRE.search(line) if match: infoDict['username'] = match.group(1) match = ownerRE.search(line) if match: infoDict['owner'] = match.group(1) match = timeLeftRE.search(line) if match: try: fields = List.fromChar(match.group(1), ":") fields.reverse() secsLeft = 0 for iP in range(len(fields)): if iP == 0: secsLeft += int(fields[iP]) elif iP == 1: secsLeft += int(fields[iP]) * 60 elif iP == 2: secsLeft += int(fields[iP]) * 3600 infoDict['timeLeft'] = secsLeft except Exception, x: print x
def setVOMSAttributes( self, proxy, attribute = None, vo = None ): """ Sets voms attributes to a proxy """ if not vo: return S_ERROR( "No vo specified, and can't get default in the configuration" ) retVal = File.multiProxyArgument( proxy ) if not retVal[ 'OK' ]: return retVal proxyDict = retVal[ 'Value' ] chain = proxyDict[ 'chain' ] proxyLocation = proxyDict[ 'file' ] secs = chain.getRemainingSecs()[ 'Value' ] - 300 if secs < 0: return S_ERROR( "Proxy length is less that 300 secs" ) hours = int( secs / 3600 ) mins = int( ( secs - hours * 3600 ) / 60 ) retVal = self._generateTemporalFile() if not retVal[ 'OK' ]: File.deleteMultiProxy( proxyDict ) return retVal newProxyLocation = retVal[ 'Value' ] cmdArgs = [] if chain.isLimitedProxy()[ 'Value' ]: cmdArgs.append( '-limited' ) cmdArgs.append( '-cert "%s"' % proxyLocation ) cmdArgs.append( '-key "%s"' % proxyLocation ) cmdArgs.append( '-out "%s"' % newProxyLocation ) if attribute and attribute != 'NoRole': cmdArgs.append( '-voms "%s:%s"' % ( vo, attribute ) ) else: cmdArgs.append( '-voms "%s"' % vo ) cmdArgs.append( '-valid "%s:%s"' % ( hours, mins ) ) tmpDir = False vomsesPath = self.getVOMSESLocation() if vomsesPath: cmdArgs.append( '-vomses "%s"' % vomsesPath ) if not Os.which('voms-proxy-init'): return S_ERROR("Missing voms-proxy-init") cmd = 'voms-proxy-init %s' % " ".join( cmdArgs ) result = shellCall( self._secCmdTimeout, cmd ) if tmpDir: shutil.rmtree( tmpDir ) File.deleteMultiProxy( proxyDict ) if not result['OK']: self._unlinkFiles( newProxyLocation ) return S_ERROR( 'Failed to call voms-proxy-init: %s' % result['Message'] ) status, output, error = result['Value'] if status: self._unlinkFiles( newProxyLocation ) return S_ERROR( 'Failed to set VOMS attributes. Command: %s; StdOut: %s; StdErr: %s' % ( cmd, output, error ) ) newChain = X509Chain() retVal = newChain.loadProxyFromFile( newProxyLocation ) self._unlinkFiles( newProxyLocation ) if not retVal[ 'OK' ]: return S_ERROR( "Can't load new proxy: %s" % retVal[ 'Message' ] ) return S_OK( newChain )
def getDelegatedProxy(self, proxyChain, lifeTime=604800, useDNAsUserName=False): """ Get delegated proxy from MyProxy server return S_OK( X509Chain ) / S_ERROR """ # TODO: Set the proxy coming in proxyString to be the proxy to use # Get myproxy username diracgroup:diracuser retVal = File.multiProxyArgument(proxyChain) if not retVal["OK"]: return retVal proxyDict = retVal["Value"] chain = proxyDict["chain"] proxyLocation = proxyDict["file"] retVal = self._generateTemporalFile() if not retVal["OK"]: File.deleteMultiProxy(proxyDict) return retVal newProxyLocation = retVal["Value"] # myproxy-get-delegation works only with environment variables cmdEnv = self._getExternalCmdEnvironment() if self._secRunningFromTrustedHost: cmdEnv["X509_USER_CERT"] = self._secCertLoc cmdEnv["X509_USER_KEY"] = self._secKeyLoc if "X509_USER_PROXY" in cmdEnv: del cmdEnv["X509_USER_PROXY"] else: cmdEnv["X509_USER_PROXY"] = proxyLocation cmdArgs = [] cmdArgs.append("-s '%s'" % self._secServer) cmdArgs.append("-t '%s'" % (int(lifeTime / 3600))) cmdArgs.append("-a '%s'" % proxyLocation) cmdArgs.append("-o '%s'" % newProxyLocation) if useDNAsUserName: cmdArgs.append("-d") else: retVal = self._getUsername(chain) if not retVal["OK"]: File.deleteMultiProxy(proxyDict) return retVal mpUsername = retVal["Value"] cmdArgs.append('-l "%s"' % mpUsername) cmd = "myproxy-logon %s" % " ".join(cmdArgs) gLogger.verbose("myproxy-logon command:\n%s" % cmd) result = shellCall(self._secCmdTimeout, cmd, env=cmdEnv) File.deleteMultiProxy(proxyDict) if not result["OK"]: errMsg = "Call to myproxy-logon failed: %s" % result["Message"] File.deleteMultiProxy(proxyDict) return S_ERROR(errMsg) status, output, error = result["Value"] # Clean-up files if status: errMsg = "Call to myproxy-logon failed" extErrMsg = "Command: %s; StdOut: %s; StdErr: %s" % (cmd, result, error) File.deleteMultiProxy(proxyDict) return S_ERROR("%s %s" % (errMsg, extErrMsg)) chain = X509Chain() retVal = chain.loadProxyFromFile(newProxyLocation) if not retVal["OK"]: File.deleteMultiProxy(proxyDict) return S_ERROR("myproxy-logon failed when reading delegated file: %s" % retVal["Message"]) File.deleteMultiProxy(proxyDict) return S_OK(chain)
def getInfo(self, proxyChain, useDNAsUserName=False): """ Get info from myproxy server return S_OK( { 'username' : myproxyusername, 'owner' : owner DN, 'timeLeft' : secs left } ) / S_ERROR """ # TODO: Set the proxy coming in proxyString to be the proxy to use # Get myproxy username diracgroup:diracuser retVal = File.multiProxyArgument(proxyChain) if not retVal["OK"]: return retVal proxyDict = retVal["Value"] chain = proxyDict["chain"] proxyLocation = proxyDict["file"] # myproxy-get-delegation works only with environment variables cmdEnv = self._getExternalCmdEnvironment() if self._secRunningFromTrustedHost: cmdEnv["X509_USER_CERT"] = self._secCertLoc cmdEnv["X509_USER_KEY"] = self._secKeyLoc if "X509_USER_PROXY" in cmdEnv: del cmdEnv["X509_USER_PROXY"] else: cmdEnv["X509_USER_PROXY"] = proxyLocation cmdArgs = [] cmdArgs.append("-s '%s'" % self._secServer) if useDNAsUserName: cmdArgs.append("-d") else: retVal = self._getUsername(chain) if not retVal["OK"]: File.deleteMultiProxy(proxyDict) return retVal mpUsername = retVal["Value"] cmdArgs.append('-l "%s"' % mpUsername) cmd = "myproxy-info %s" % " ".join(cmdArgs) gLogger.verbose("myproxy-info command:\n%s" % cmd) result = shellCall(self._secCmdTimeout, cmd, env=cmdEnv) File.deleteMultiProxy(proxyDict) if not result["OK"]: errMsg = "Call to myproxy-info failed: %s" % result["Message"] File.deleteMultiProxy(proxyDict) return S_ERROR(errMsg) status, output, error = result["Value"] # Clean-up files if status: errMsg = "Call to myproxy-info failed" extErrMsg = "Command: %s; StdOut: %s; StdErr: %s" % (cmd, result, error) return S_ERROR("%s %s" % (errMsg, extErrMsg)) infoDict = {} usernameRE = re.compile("username\s*:\s*(\S*)") ownerRE = re.compile("owner\s*:\s*(\S*)") timeLeftRE = re.compile("timeleft\s*:\s*(\S*)") for line in List.fromChar(output, "\n"): match = usernameRE.search(line) if match: infoDict["username"] = match.group(1) match = ownerRE.search(line) if match: infoDict["owner"] = match.group(1) match = timeLeftRE.search(line) if match: try: fields = List.fromChar(match.group(1), ":") fields.reverse() secsLeft = 0 for iP in range(len(fields)): if iP == 0: secsLeft += int(fields[iP]) elif iP == 1: secsLeft += int(fields[iP]) * 60 elif iP == 2: secsLeft += int(fields[iP]) * 3600 infoDict["timeLeft"] = secsLeft except Exception, x: print x
def setVOMSAttributes( self, proxy, attribute = None, vo = None ): """ Sets voms attributes to a proxy """ if not vo: return S_ERROR( "No vo specified, and can't get default in the configuration" ) retVal = File.multiProxyArgument( proxy ) if not retVal[ 'OK' ]: return retVal proxyDict = retVal[ 'Value' ] chain = proxyDict[ 'chain' ] proxyLocation = proxyDict[ 'file' ] secs = chain.getRemainingSecs()[ 'Value' ] - 300 if secs < 0: return S_ERROR( "Proxy length is less that 300 secs" ) hours = int( secs / 3600 ) mins = int( ( secs - hours * 3600 ) / 60 ) retVal = self._generateTemporalFile() if not retVal[ 'OK' ]: File.deleteMultiProxy( proxyDict ) return retVal newProxyLocation = retVal[ 'Value' ] cmdArgs = [] cmdArgs.append( '-cert "%s"' % proxyLocation ) cmdArgs.append( '-key "%s"' % proxyLocation ) cmdArgs.append( '-out "%s"' % newProxyLocation ) if attribute and attribute != 'NoRole': cmdArgs.append( '-voms "%s:%s"' % ( vo, attribute ) ) else: cmdArgs.append( '-voms "%s"' % vo ) cmdArgs.append( '-valid "%s:%s"' % ( hours, mins ) ) tmpDir = False vomsesPath = self.getVOMSESLocation() if vomsesPath: cmdArgs.append( '-vomses "%s"' % vomsesPath ) cmd = 'voms-proxy-init %s' % " ".join( cmdArgs ) result = shellCall( self._secCmdTimeout, cmd ) if tmpDir: shutil.rmtree( tmpDir ) File.deleteMultiProxy( proxyDict ) if not result['OK']: self._unlinkFiles( newProxyLocation ) return S_ERROR( 'Failed to call voms-proxy-init' ) status, output, error = result['Value'] if status: self._unlinkFiles( newProxyLocation ) return S_ERROR( 'Failed to set VOMS attributes. Command: %s; StdOut: %s; StdErr: %s' % ( cmd, output, error ) ) newChain = X509Chain() retVal = newChain.loadProxyFromFile( newProxyLocation ) self._unlinkFiles( newProxyLocation ) if not retVal[ 'OK' ]: return S_ERROR( "Can't load new proxy: %s" % retVal[ 'Message' ] ) return S_OK( newChain )
def renewProxy( self, proxyToBeRenewed = False, minLifeTime = 3600, newProxyLifeTime = 43200, proxyToConnect = False ): """ Renew a proxy using the ProxyManager Arguments: proxyToBeRenewed : proxy to renew minLifeTime : if proxy life time is less than this, renew. Skip otherwise newProxyLifeTime : life time of new proxy proxyToConnect : proxy to use for connecting to the service """ retVal = File.multiProxyArgument( proxyToBeRenewed ) if not retVal[ 'Value' ]: return retVal proxyToRenewDict = retVal[ 'Value' ] secs = proxyToRenewDict[ 'chain' ].getRemainingSecs()[ 'Value' ] if secs > minLifeTime: File.deleteMultiProxy( proxyToRenewDict ) return S_OK() if not proxyToConnect: proxyToConnectDict = { 'chain': False, 'tempFile': False } else: retVal = File.multiProxyArgument( proxyToConnect ) if not retVal[ 'Value' ]: File.deleteMultiProxy( proxyToRenewDict ) return retVal proxyToConnectDict = retVal[ 'Value' ] userDN = proxyToRenewDict[ 'chain' ].getIssuerCert()[ 'Value' ].getSubjectDN()[ 'Value' ] retVal = proxyToRenewDict[ 'chain' ].getDIRACGroup() if not retVal[ 'OK' ]: File.deleteMultiProxy( proxyToRenewDict ) File.deleteMultiProxy( proxyToConnectDict ) return retVal userGroup = retVal[ 'Value' ] limited = proxyToRenewDict[ 'chain' ].isLimitedProxy()[ 'Value' ] voms = VOMS() retVal = voms.getVOMSAttributes( proxyToRenewDict[ 'chain' ] ) if not retVal[ 'OK' ]: File.deleteMultiProxy( proxyToRenewDict ) File.deleteMultiProxy( proxyToConnectDict ) return retVal vomsAttrs = retVal[ 'Value' ] if vomsAttrs: retVal = self.downloadVOMSProxy( userDN, userGroup, limited = limited, requiredTimeLeft = newProxyLifeTime, requiredVOMSAttribute = vomsAttrs[0], proxyToConnect = proxyToConnectDict[ 'chain' ] ) else: retVal = self.downloadProxy( userDN, userGroup, limited = limited, requiredTimeLeft = newProxyLifeTime, proxyToConnect = proxyToConnectDict[ 'chain' ] ) File.deleteMultiProxy( proxyToRenewDict ) File.deleteMultiProxy( proxyToConnectDict ) if not retVal[ 'OK' ]: return retVal chain = retVal['Value'] if not proxyToRenewDict[ 'tempFile' ]: return chain.dumpAllToFile( proxyToRenewDict[ 'file' ] ) return S_OK( chain )