def test_03_create_user_proxy(self): # if the utils are not present, it won't work anyhow, so might as well skip the test if not core.rpm_is_installed('globus-proxy-utils'): core.skip('globus-proxy-utils not installed') return # ...and also skip if there is no glexec if not core.rpm_is_installed('glexec'): core.skip('not installed') return # OK, software is present, now just check it previous tests did create the proxy already so # we don't do it twice command = ('grid-proxy-info','-f',self.__user_proxy_path) status, stdout, stderr = core.system(command, True) if int(status)!=0: # no proxy found for some reason, try to construct a new one command = ('grid-proxy-init','-out',self.__user_proxy_path) password = core.options.password + '\n' status, stdout, stderr = core.system(command, True, password) self.assert_(status==0, 'grid-proxy-init for user '+core.options.username+' has failed even though globus-proxy-util was present') # we need to have the right permissions on that proxy for glexec to agree to work, # and the easiest way is to copy the file command = ('/bin/cp', self.__user_proxy_path, self.__glexec_client_cert) status, stdout, stderr = core.system(command) os.environ['GLEXEC_CLIENT_CERT']=self.__glexec_client_cert
def test_05_glexec_proxy_cleanup(self): # if the utils are not present, it won't work anyhow, so might as well skip the test if not core.rpm_is_installed('globus-proxy-utils'): core.skip('globus-proxy-utils not installed') return if not core.rpm_is_installed('glexec'): core.skip('not installed') return try: status = os.unlink(self.__glexec_client_cert) except: pass
def test_01_add_user(self): core.state['voms.added-user'] = False voms.skip_ok_unless_installed() pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') use_voms_admin = False if core.rpm_is_installed('voms-admin-server') and core.rpm_is_installed('voms-admin-client'): self.skip_bad_unless(core.state['tomcat.started']) use_voms_admin = True voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin) core.state['voms.added-user'] = True
def test_01_condor_run_pbs(self): core.skip_ok_unless_installed('condor') core.skip_ok_unless_installed('blahp', by_dependency=True) core.skip_ok_unless_installed('torque-mom', 'torque-server', 'torque-scheduler', by_dependency=True) self.skip_bad_unless(core.state['jobs.env-set'], 'job environment not set') self.skip_bad_unless(service.is_running('condor'), 'condor not running') self.skip_bad_unless(service.is_running('pbs_server'), 'pbs not running') command = ('condor_run', '-u', 'grid', '-a', 'grid_resource=pbs', '-a', 'periodic_remove=JobStatus==5', '/bin/env') # Figure out whether the installed BLAHP package is the same as or later # than "blahp-1.18.11.bosco-4.osg*" (in the RPM sense), because it's the # first build in which the job environments are correctly passed to PBS. # The 'condor-blahp' rpm obsoletes 'blahp' in 9.5.0 (SOFTWARE-4964) blahp_pbs_has_env_vars = ( core.rpm_is_installed('condor-blahp') or core.PackageVersion('blahp') >= '1.18.11.bosco-4.osg') self.run_job_in_tmp_dir(command, 'condor_run a Condor job', verify_environment=blahp_pbs_has_env_vars)
def setUp(self): core.skip_ok_unless_installed("osg-xrootd-standalone", by_dependency=True) self.skip_ok_if(core.rpm_is_installed("xcache"), "xcache configs conflict with xrootd tests") self.skip_ok_unless(core.config['xrootd.security'], "no xrootd security available")
def test_01_start_xrootd(self): core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid' core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem' core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem' core.config['xrootd.config'] = '/etc/xrootd/xrootd-clustered.cfg' core.config['xrootd.gsi'] = "ON" core.state['xrootd.started-server'] = False core.state['xrootd.backups-exist'] = False self.skip_ok_unless(core.options.adduser, 'user not created') core.skip_ok_unless_installed('xrootd', by_dependency=True) user = pwd.getpwnam("xrootd") if core.config['xrootd.gsi'] == "ON": core.skip_ok_unless_installed('globus-proxy-utils') core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0644) core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0400) lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms') if all([core.rpm_is_installed(x) for x in lcmaps_packages]): core.log_message("Using xrootd-lcmaps authentication") sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5' else: core.log_message("Using XRootD mapfile authentication") sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile' files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'], owner="xrootd", chown=(user.pw_uid, user.pw_gid)) files.append(core.config['xrootd.config'], XROOTD_CFG_TEXT % sec_protocol, owner='xrootd', backup=True) authfile = '/etc/xrootd/auth_file' files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid)) core.state['xrootd.backups-exist'] = True
def test_01_start_gatekeeper(self): core.config[ 'globus.gk-lockfile'] = '/var/lock/subsys/globus-gatekeeper' core.state['globus.started-gk'] = False if not core.rpm_is_installed('globus-gatekeeper'): core.skip('not installed') return if os.path.exists(core.config['globus.gk-lockfile']): core.skip('apparently running') return # DEBUG: Set up gatekeeper debugging core.config[ 'jobmanager-config'] = '/etc/globus/globus-gram-job-manager.conf' conf_path = core.config['jobmanager-config'] files.append(conf_path, '-log-levels TRACE|DEBUG|FATAL|ERROR|WARN|INFO\n', owner='globus') files.append( conf_path, '-log-pattern /var/log/globus/gram_$(LOGNAME)_$(DATE).log\n', backup=False) if not os.path.exists('/var/log/globus'): os.mkdir('/var/log/globus') os.chmod('/var/log/globus', 0777) command = ('service', 'globus-gatekeeper', 'start') stdout, _, fail = core.check_system(command, 'Start Globus gatekeeper') self.assert_(stdout.find('FAILED') == -1, fail) self.assert_(os.path.exists(core.config['globus.gk-lockfile']), 'Globus gatekeeper run lock file missing') core.state['globus.started-gk'] = True
def test_03_selinux(self): if not core.options.selinux: return self.skip_bad_unless(core.rpm_is_installed('libselinux-utils'), 'missing SELinux utils') if core.state['selinux.mode'] == 'permissive': core.check_system(('setenforce', 'Permissive'), 'set selinux mode to permissive')
def setUp(self): core.skip_ok_unless_installed("osg-xrootd-standalone", by_dependency=True) if core.rpm_is_installed("xcache"): self.skip_ok_if( core.PackageVersion("xcache") >= "1.0.2", "xcache 1.0.2+ configs conflict with xrootd tests")
def test_03_selinux(self): if not core.options.selinux: return self.skip_bad_unless(core.rpm_is_installed('libselinux-utils'), 'missing SELinux utils') if core.state['selinux.mode'] == 'permissive': core.check_system(('setenforce', 'Permissive'), 'set selinux mode to permissive')
def test_01_configure_xrootd(self): core.config['xrootd.tpc.config-1'] = '/etc/xrootd/xrootd-third-party-copy-1.cfg' core.config['xrootd.tpc.config-2'] = '/etc/xrootd/xrootd-third-party-copy-2.cfg' core.config['xrootd.tpc.http-port1'] = HTTP_PORT1 core.config['xrootd.tpc.http-port2'] = HTTP_PORT2 core.state['xrootd.started-http-server-1'] = False core.state['xrootd.started-http-server-2'] = False core.state['xrootd.tpc.backups-exist'] = False self.skip_ok_unless(core.options.adduser, 'user not created') core.skip_ok_unless_installed('globus-proxy-utils', 'xrootd', 'xrootd-scitokens', by_dependency=True) user = pwd.getpwnam("xrootd") lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms') if all([core.rpm_is_installed(x) for x in lcmaps_packages]): core.log_message("Using xrootd-lcmaps authentication") sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5' sec_protocol += ',--policy,authorize_only' else: core.log_message("Using XRootD mapfile authentication") sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile' files.write(core.config['xrootd.tpc.config-1'], XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.tpc.http-port1'], core.config['xrootd.tpc.http-port1']), owner='xrootd', backup=True, chown=(user.pw_uid, user.pw_gid)) files.write(core.config['xrootd.tpc.config-2'], XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.tpc.http-port2'], core.config['xrootd.tpc.http-port2']), owner='xrootd', backup=True, chown=(user.pw_uid, user.pw_gid)) core.state['xrootd.tpc.backups-exist'] = True
def setUp(self): core.skip_ok_unless_installed("osg-xrootd-standalone", by_dependency=True) self.skip_ok_if(core.rpm_is_installed("xcache"), "xcache configs conflict with xrootd tests") self.skip_ok_unless(core.state['xrootd.is-configured'], "xrootd is not configured")
def test_01_configure_xrootd(self): core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid' core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem' core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem' if core.rpm_is_installed('osg-xrootd-standalone'): # rootdir and resourcename needs to be set early for the default osg-xrootd config core.config['xrootd.config'] = '/etc/xrootd/config.d/10-osg-test.cfg' else: core.config['xrootd.config'] = '/etc/xrootd/config.d/99-osg-test.cfg' core.config['xrootd.service-defaults'] = '/etc/sysconfig/xrootd' core.config['xrootd.multiuser'] = False core.state['xrootd.started-server'] = False core.state['xrootd.backups-exist'] = False self.skip_ok_unless(core.options.adduser, 'user not created') core.skip_ok_unless_installed('xrootd', 'globus-proxy-utils', by_dependency=True) user = pwd.getpwnam("xrootd") core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0o644) core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0o400) if core.rpm_is_installed('osg-xrootd-standalone'): core.log_message("Using osg-xrootd configuration") xrootd_config = META_XROOTD_CFG_TEXT else: lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms') if all([core.rpm_is_installed(x) for x in lcmaps_packages]): core.log_message("Using xrootd-lcmaps authentication") sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:loglevel=5,policy=authorize_only' else: core.log_message("Using XRootD mapfile authentication") sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile' files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'], owner="xrootd", chown=(user.pw_uid, user.pw_gid)) xrootd_config = XROOTD_CFG_TEXT % sec_protocol files.write(core.config['xrootd.config'], xrootd_config, owner='xrootd', backup=True, chmod=0o644) if core.el_release() < 7: files.write(core.config['xrootd.service-defaults'], SYSCONFIG_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid), chmod=0o644) authfile = '/etc/xrootd/auth_file' files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid)) core.state['xrootd.backups-exist'] = True
def setUp(self): core.skip_ok_unless_installed("stash-origin", "stash-cache", "stashcache-client", by_dependency=True) if core.rpm_is_installed("xcache"): self.skip_ok_if( core.PackageVersion("xcache") < "1.0.2", "needs xcache 1.0.2+")
def test_05_start_tomcat(self): if not core.rpm_is_installed(tomcat.pkgname()): core.skip('not installed') return service.start('tomcat', init_script=tomcat.pkgname(), sentinel_file=tomcat.pidfile())
def test_02_define_user_proxy_path(self): if not core.rpm_is_installed('glexec'): core.skip('not installed') return command = ('/usr/bin/id','-u') status, stdout, stderr = core.system(command, True) TestGlexec.__uid = stdout.rstrip() TestGlexec.__user_proxy_path = '/tmp/x509up_u'+self.__uid
def test_01_setup_cvmfs(self): if not core.rpm_is_installed('cvmfs'): core.skip('not installed') return self.setup_fuse() self.setup_automount() self.setup_cvmfs()
def test_01_add_user(self): core.state['voms.added-user'] = False voms.skip_ok_unless_installed() pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') use_voms_admin = False if core.rpm_is_installed( 'voms-admin-server') and core.rpm_is_installed( 'voms-admin-client'): self.skip_bad_unless(core.state['tomcat.started']) use_voms_admin = True voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin) core.state['voms.added-user'] = True
def test_01_fix_symlinks(self): if core.rpm_is_installed('jdk') and \ (java.is_openjdk_installed() or java.is_openjdk_devel_installed()): # We regenerate these symlinks via alternatives so it's unnecessary to back them up command = ('rm', '-f', '/usr/bin/java', '/usr/bin/javac', '/usr/bin/javadoc', '/usr/bin/jar') core.check_system(command, 'Remove old symlinks') command = ['yum', 'reinstall', '-y', java.JAVA_RPM, java.JAVAC_RPM] yum.retry_command(command)
def test_02_install_packages(self): core.state['install.success'] = False core.state['install.installed'] = [] core.state['install.updated'] = [] core.state['install.replace'] = [] core.state['install.orphaned'] = [] core.state['install.os_updates'] = [] # Install packages core.state['install.transaction_ids'] = set() fail_msg = '' pkg_repo_dict = OrderedDict( (x, core.options.extrarepos) for x in core.options.packages) # HACK: Install x509-scitokens-issuer-client out of development (SOFTWARE-3649) x509_scitokens_issuer_packages = [ 'xrootd-scitokens', 'osg-tested-internal' ] for pkg in x509_scitokens_issuer_packages: if pkg in pkg_repo_dict: pkg_repo_dict["x509-scitokens-issuer-client"] = [ "osg-development" ] break # Special case: htcondor-ce-collector on EL8 needs mod_auth_oidc, only avaiable in a module if "htcondor-ce-collector" in pkg_repo_dict: if core.el_release() > 7: core.check_system( ["dnf", "-y", "module", "enable", "mod_auth_openidc"], "Enable mod_auth_openidc module") for pkg, repos in pkg_repo_dict.items(): # Do not try to re-install packages if core.rpm_is_installed(pkg): continue # Attempt installation command = ['yum', '-y'] command += ['--enablerepo=%s' % x for x in repos] command += ['install', pkg] retry_fail, _, stdout, _ = yum.retry_command(command) if retry_fail == '': # the command succeeded core.state['install.transaction_ids'].add( yum.get_transaction_id()) if not pkg.startswith("/"): # ^^ rpm --verify doesn't work if you asked for a file instead of a package command = ('rpm', '--verify', pkg) core.check_system(command, 'Verify %s' % (pkg)) yum.parse_output_for_packages(stdout) fail_msg += retry_fail if fail_msg: self.fail(fail_msg) core.state['install.success'] = True
def test_01_selinux(self): if not core.options.selinux: return self.skip_bad_unless(core.rpm_is_installed('policycoreutils') and core.rpm_is_installed('libselinux-utils'), 'missing SELinux utils') stdout, _, _ = core.check_system(('sestatus',), 'acquire current selinux mode') try: core.state['selinux.mode'] = re.search(r'Current mode:\s*(\w*)', stdout, re.MULTILINE).group(1) if core.state['selinux.mode'] == 'permissive': core.check_system(('setenforce', '1'), 'set selinux mode to enforcing') except AttributeError: # If 'Current mode' doesn't appear, SELinux is probably in disabled mode # and we cannot enable it via command-line utilities core.state['selinux.mode'] = '' self.fail("SELinux disabled: cannot enable SELinux from disabled mode")
def test_01_start_xrootd(self): core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid' core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem' core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem' core.config['xrootd.gsi'] = "ON" core.state['xrootd.started-server'] = False core.state['xrootd.backups-exist'] = False self.skip_ok_unless(core.options.adduser, 'user not created') vdt_pw = pwd.getpwnam(core.options.username) core.config['certs.usercert'] = os.path.join(vdt_pw.pw_dir, '.globus', 'usercert.pem') core.skip_ok_unless_installed('xrootd', by_dependency=True) # Determine xrootd package name if core.rpm_is_installed('xrootd4'): core.config['xrootd.package'] = 'xrootd4' elif core.rpm_is_installed('xrootd'): core.config['xrootd.package'] = 'xrootd' user = pwd.getpwnam("xrootd") if core.config['xrootd.gsi'] == "ON": core.skip_ok_unless_installed('globus-proxy-utils') core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0644) core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0400) cfgfile = '/etc/xrootd/xrootd-clustered.cfg' files.append(cfgfile, XROOTD_CFG_TEXT, owner='xrootd', backup=True) authfile = '/etc/xrootd/auth_file' files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid)) files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'], owner="xrootd", chown=(user.pw_uid, user.pw_gid)) core.state['xrootd.backups-exist'] = True if core.el_release() < 7: stdout, _, fail = core.check_system(('service', 'xrootd', 'start'), 'Start Xrootd server') self.assert_('FAILED' not in stdout, fail) self.assert_(os.path.exists(core.config['xrootd.pid-file']), 'Xrootd server PID file missing') else: core.check_system(('systemctl', 'start', 'xrootd@clustered'), 'Start Xrootd server') core.check_system(('systemctl', 'status', 'xrootd@clustered'), 'Verify status of Xrootd server') core.state['xrootd.started-server'] = True
def test_03_configure_ce(self): core.skip_ok_unless_installed('condor', 'htcondor-ce', 'htcondor-ce-client') # Set up Condor, PBS, and Slurm routes # Leave the GRIDMAP knob in tact to verify that it works with the LCMAPS VOMS plugin core.config['condor-ce.condor-ce-cfg'] = '/etc/condor-ce/config.d/99-osgtest.condor-ce.conf' # Add host DN to condor_mapfile if core.options.hostcert: core.config['condor-ce.condorce_mapfile'] = '/etc/condor-ce/condor_mapfile.osg-test' hostcert_dn, _ = cagen.certificate_info(core.config['certs.hostcert']) mapfile_contents = files.read('/etc/condor-ce/condor_mapfile') mapfile_contents.insert(0, re.sub(r'([/=\.])', r'\\\1', "GSI \"^%s$\" " % hostcert_dn) + \ "%[email protected]\n" % core.get_hostname()) files.write(core.config['condor-ce.condorce_mapfile'], mapfile_contents, owner='condor-ce', chmod=0o644) else: core.config['condor-ce.condorce_mapfile'] = '/etc/condor-ce/condor_mapfile' condor_contents = """GRIDMAP = /etc/grid-security/grid-mapfile CERTIFICATE_MAPFILE = %s ALL_DEBUG=D_FULLDEBUG JOB_ROUTER_DEFAULTS = $(JOB_ROUTER_DEFAULTS) [set_default_maxMemory = 128;] JOB_ROUTER_ENTRIES = \\ [ \\ GridResource = "batch pbs"; \\ TargetUniverse = 9; \\ name = "Local_PBS"; \\ Requirements = target.osgTestBatchSystem =?= "pbs"; \\ ] \\ [ \\ GridResource = "batch slurm"; \\ TargetUniverse = 9; \\ name = "Local_Slurm"; \\ Requirements = target.osgTestBatchSystem =?= "slurm"; \\ ] \\ [ \\ TargetUniverse = 5; \\ name = "Local_Condor"; \\ Requirements = (target.osgTestBatchSystem =!= "pbs" && target.osgTestBatchSystem =!= "slurm"); \\ ] JOB_ROUTER_SCHEDD2_SPOOL=/var/lib/condor/spool JOB_ROUTER_SCHEDD2_NAME=$(FULL_HOSTNAME) JOB_ROUTER_SCHEDD2_POOL=$(FULL_HOSTNAME):9618 """ % core.config['condor-ce.condorce_mapfile'] if core.rpm_is_installed('htcondor-ce-view'): condor_contents += "\nDAEMON_LIST = $(DAEMON_LIST), CEVIEW, GANGLIAD, SCHEDD" core.config['condor-ce.view-port'] = condor.ce_config_val('HTCONDORCE_VIEW_PORT') files.write(core.config['condor-ce.condor-ce-cfg'], condor_contents, owner='condor-ce', chmod=0o644)
def test_01_stop_xrootd(self): if core.config['xrootd.gsi'] == "ON" and core.state['xrootd.backups-exist']: files.restore(core.config['xrootd.config'], "xrootd") files.restore('/etc/xrootd/auth_file', "xrootd") if not core.rpm_is_installed('xrootd-lcmaps'): files.restore('/etc/grid-security/xrd/xrdmapfile', "xrootd") core.skip_ok_unless_installed('xrootd', by_dependency=True) self.skip_ok_if(core.state['xrootd.started-server'], 'did not start server') service.check_stop(core.config['xrootd_service'])
def test_01_selinux(self): core.state['selinux.mode'] = None if not core.options.selinux: return self.skip_bad_unless(core.rpm_is_installed('policycoreutils') and core.rpm_is_installed('libselinux-utils'), 'missing SELinux utils') stdout, _, _ = core.check_system(('sestatus',), 'acquire current selinux mode') try: core.state['selinux.mode'] = re.search(r'Current mode:\s*(\w*)', stdout, re.MULTILINE).group(1) if core.state['selinux.mode'] == 'permissive': core.check_system(('setenforce', 'Enforcing'), 'set selinux mode to enforcing') except AttributeError: # If 'Current mode' doesn't appear, SELinux is probably in disabled mode # and we cannot enable it via command-line utilities core.state['selinux.mode'] = '' self.fail("SELinux disabled: cannot enable SELinux from disabled mode")
def test_01_grid_proxy_init(self): if not core.rpm_is_installed('globus-proxy-utils'): core.skip() return command = ('grid-proxy-init', '-debug') password = core.options.password + '\n' core.check_system(command, 'Run grid-proxy-init', user=True, stdin=password)
def setUp(self): self.skip_ok_if(core.rpm_is_installed("xcache"), "xcache configs conflict with xrootd tests") core.skip_ok_unless_installed("xrootd", "xrootd-client", "osg-xrootd-standalone", by_dependency=True) self.skip_ok_unless(core.state['xrootd.is-configured'], "xrootd is not configured") self.skip_bad_unless_running(core.config['xrootd_service'])
def test_05_create_vo(self): voms.skip_ok_unless_installed() use_voms_admin = core.rpm_is_installed('voms-admin-server') voms.create_vo(vo=core.config['voms.vo'], dbusername=core.config['voms.dbusername'], dbpassword='******', vomscert=core.config['certs.vomscert'], vomskey=core.config['certs.vomskey'], use_voms_admin=use_voms_admin)
def test_02_start_cvmfs(self): core.state['cvmfs.started-server'] = False if not core.rpm_is_installed('cvmfs'): core.skip('not installed') return command = ('service', 'cvmfs', 'restartautofs') stdout, stderr, fail = core.check_system(command, 'Start cvmfs server') self.assert_(stdout.find('FAILED') == -1, fail) core.state['cvmfs.started-server'] = True
def test_03_configure_ce(self): core.skip_ok_unless_installed('condor', 'htcondor-ce', 'htcondor-ce-client') # Set up Condor, PBS, and Slurm routes # Leave the GRIDMAP knob in tact to verify that it works with the LCMAPS VOMS plugin core.config[ 'condor-ce.condor-ce-cfg'] = '/etc/condor-ce/config.d/99-osgtest.condor-ce.conf' condor_contents = """GRIDMAP = /etc/grid-security/grid-mapfile ALL_DEBUG=D_CAT D_ALWAYS:2 JOB_ROUTER_DEFAULTS = $(JOB_ROUTER_DEFAULTS) [set_default_maxMemory = 128;] JOB_ROUTER_ENTRIES = \\ [ \\ GridResource = "batch pbs"; \\ TargetUniverse = 9; \\ name = "Local_PBS"; \\ Requirements = target.osgTestBatchSystem =?= "pbs"; \\ ] \\ [ \\ GridResource = "batch slurm"; \\ TargetUniverse = 9; \\ name = "Local_Slurm"; \\ Requirements = target.osgTestBatchSystem =?= "slurm"; \\ ] \\ [ \\ TargetUniverse = 5; \\ name = "Local_Condor"; \\ Requirements = (target.osgTestBatchSystem =!= "pbs" && target.osgTestBatchSystem =!= "slurm"); \\ ] JOB_ROUTER_SCHEDD2_SPOOL=/var/lib/condor/spool JOB_ROUTER_SCHEDD2_NAME=$(FULL_HOSTNAME) JOB_ROUTER_SCHEDD2_POOL=$(FULL_HOSTNAME):9618 AUTH_SSL_SERVER_CERTFILE = /etc/grid-security/hostcert.pem AUTH_SSL_SERVER_KEYFILE = /etc/grid-security/hostkey.pem AUTH_SSL_SERVER_CADIR = /etc/grid-security/certificates AUTH_SSL_SERVER_CAFILE = AUTH_SSL_CLIENT_CERTFILE = /etc/grid-security/hostcert.pem AUTH_SSL_CLIENT_KEYFILE = /etc/grid-security/hostkey.pem AUTH_SSL_CLIENT_CADIR = /etc/grid-security/certificates AUTH_SSL_CLIENT_CAFILE = """ if core.rpm_is_installed('htcondor-ce-view'): condor_contents += "\nDAEMON_LIST = $(DAEMON_LIST), CEVIEW, GANGLIAD, SCHEDD" core.config['condor-ce.view-port'] = condor.ce_config_val( 'HTCONDORCE_VIEW_PORT') files.write(core.config['condor-ce.condor-ce-cfg'], condor_contents, owner='condor-ce', chmod=0o644)
def test_03_start_xrootd(self): if core.rpm_is_installed("xrootd-multiuser"): core.config['xrootd_tpc_service_1'] = "xrootd-privileged@third-party-copy-1" core.config['xrootd_tpc_service_2'] = "xrootd-privileged@third-party-copy-2" else: core.config['xrootd_tpc_service_1'] = "xrootd@third-party-copy-1" core.config['xrootd_tpc_service_2'] = "xrootd@third-party-copy-2" service.check_start(core.config['xrootd_tpc_service_1'], min_up_time = 5) service.check_start(core.config['xrootd_tpc_service_2'], min_up_time = 5) core.state['xrootd.started-http-server-1'] = True core.state['xrootd.started-http-server-2'] = True
def test_02_install_voms_certs(self): if not core.rpm_is_installed('voms-server'): core.skip('VOMS not installed') return vomscert = core.config['certs.vomscert'] vomskey = core.config['certs.vomskey'] if self.check_file_and_perms(vomscert, 'voms', 0644) and self.check_file_and_perms( vomskey, 'voms', 0400): core.skip('VOMS cert exists and has proper permissions') return
def test_03_install_http_certs(self): if not core.rpm_is_installed('voms-admin-server'): core.skip('VOMS Admin not installed') return httpcert = core.config['certs.httpcert'] httpkey = core.config['certs.httpkey'] if self.check_file_and_perms(httpcert, 'tomcat', 0644) and self.check_file_and_perms( httpkey, 'tomcat', 0400): core.skip('HTTP cert exists and has proper permissions') return
def test_02_restore_config(self): core.skip_ok_unless_installed('condor', 'htcondor-ce', 'htcondor-ce-client', 'htcondor-ce-condor') if core.rpm_is_installed('gums-service'): files.restore(core.config['condor-ce.lcmapsdb'], 'condor-ce.gums') files.restore(core.config['condor-ce.gsi-authz'], 'condor-ce') files.restore(core.config['condor-ce.gums-properties'], 'condor-ce') files.restore(core.config['condor-ce.condor-cfg'], 'condor-ce') files.restore(core.config['condor-ce.condor-ce-cfg'], 'condor-ce') files.restore(core.config['condor-ce.lcmapsdb'], 'condor-ce') if core.options.hostcert: files.restore(core.config['condor-ce.condorce_mapfile'], 'condor-ce')
def test_01_stop_xrootd(self): if core.config['xrootd.gsi'] == "ON" and core.state[ 'xrootd.backups-exist']: files.restore(core.config['xrootd.config'], "xrootd") files.restore('/etc/xrootd/auth_file', "xrootd") if not core.rpm_is_installed('xrootd-lcmaps'): files.restore('/etc/grid-security/xrd/xrdmapfile', "xrootd") core.skip_ok_unless_installed('xrootd', by_dependency=True) self.skip_ok_if(core.state['xrootd.started-server'], 'did not start server') service.check_stop(core.config['xrootd_service'])
def test_02_remove_vo_webapp(self): if not core.rpm_is_installed('voms-admin-server'): core.skip('not installed') return if not core.state['voms.installed-vo-webapp']: core.skip('did not start webapp') return command = ('service', 'voms-admin', 'stop') core.check_system(command, 'Uninstall VOMS Admin webapp(s)') self.assert_(not os.path.exists(core.config['voms.vo-webapp']), 'VOMS Admin VO context file still exists')
def setUp(self): core.skip_ok_unless_installed("stashcache-origin-server", "stashcache-cache-server", "stashcache-client", by_dependency=True) if core.rpm_is_installed('xcache'): origin_service = "xrootd@stash-origin" cache_service = "xrootd@stash-cache" else: origin_service = "xrootd@stashcache-origin-server" cache_service = "xrootd@stashcache-cache-server" self.skip_bad_unless_running(origin_service, cache_service)
def test_01_stop_gridftp(self): if not core.rpm_is_installed('globus-gridftp-server-progs'): core.skip('not installed') return if core.state['gridftp.started-server'] == False: core.skip('did not start server') return command = ('service', 'globus-gridftp-server', 'stop') stdout, _, fail = core.check_system(command, 'Stop GridFTP server') self.assert_(stdout.find('FAILED') == -1, fail) self.assert_(not os.path.exists(core.config['gridftp.pid-file']), 'GridFTP server PID file still present')
def test_01_stop_xrootd(self): if core.state['xrootd.backups-exist']: if core.PackageVersion('xrootd') < '1:4.9.0': files.restore(core.config['xrootd.config'], "xrootd") else: files.restore(core.config['xrootd.config-extra'], "xrootd") files.restore('/etc/xrootd/auth_file', "xrootd") if not core.rpm_is_installed('xrootd-lcmaps'): files.restore('/etc/grid-security/xrd/xrdmapfile', "xrootd") core.skip_ok_unless_installed('xrootd', by_dependency=True) self.skip_ok_if(core.state['xrootd.started-server'], 'did not start server') service.check_stop(core.config['xrootd_service']) files.remove(core.config['xrootd.tmp-dir'], force=True)
def test_01_set_config(self): port = core.config['gsisshd.port'] = '2222' core.state['gsisshd.can-run'] = ( not (core.el_release() >= 7 and core.state['selinux.mode'] and not core.rpm_is_installed('policycoreutils-python'))) self.skip_ok_unless( core.state['gsisshd.can-run'], "Can't run with SELinux on EL >= 7 without policycoreutils-python") files.write(SSHD_CONFIG, SSHD_CONFIG_TEXT % {'port': port}, owner='gsissh', chmod=0600)
def test_01_set_config(self): port = core.config['gsisshd.port'] = '2222' core.state['gsisshd.can-run'] = (not ( core.el_release() >= 7 and core.state['selinux.mode'] and not core.rpm_is_installed('policycoreutils-python'))) self.skip_ok_unless(core.state['gsisshd.can-run'], "Can't run with SELinux on EL >= 7 without policycoreutils-python") files.write( SSHD_CONFIG, SSHD_CONFIG_TEXT % {'port': port}, owner='gsissh', chmod=0o600)
def test_03_remove_vo(self): voms.skip_ok_unless_installed() if core.rpm_is_installed('voms-admin-server'): # Ask VOMS Admin to remove VO command = ('voms-admin-configure', 'remove', '--vo', core.config['voms.vo'], '--undeploy-database') stdout, _, fail = core.check_system(command, 'Remove VO') self.assert_('Database undeployed correctly!' in stdout, fail) self.assert_(' succesfully removed.' in stdout, fail) # Really remove database -- the voms-admin-configure command above does # not actually destroy the mysql database. voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername']) voms.destroy_voms_conf(core.config['voms.vo'])
def lockfile_path(): """The path to the condor lockfile (EL5 and EL6 only) Returns None on EL7. """ if core.el_release() >= 7: return None condor_lockfile = '/var/lock/subsys/condor_master' # The name of the lockfile changed in 7.8.8 if core.rpm_is_installed('condor'): condor_version = core.get_package_envra('condor')[2] condor_version_split = condor_version.split('.') if condor_version_split >= ['7', '8', '8']: condor_lockfile = '/var/lock/subsys/condor' return condor_lockfile
def test_01_start_xrootd(self): core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid' core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem' core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem' core.config['xrootd.config'] = '/etc/xrootd/xrootd-clustered.cfg' core.config['xrootd.config-extra'] = '/etc/xrootd/config.d/99-osg-test.cfg' core.config['xrootd.port'] = XROOTD_PORT core.config['xrootd.multiuser'] = False core.state['xrootd.started-server'] = False core.state['xrootd.backups-exist'] = False self.skip_ok_unless(core.options.adduser, 'user not created') core.skip_ok_unless_installed('xrootd', by_dependency=True) user = pwd.getpwnam("xrootd") core.skip_ok_unless_installed('globus-proxy-utils') core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0o644) core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0o400) lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms') if all([core.rpm_is_installed(x) for x in lcmaps_packages]): core.log_message("Using xrootd-lcmaps authentication") sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5' if core.PackageVersion('xrootd-lcmaps') >= '1.4.0': sec_protocol += ',--policy,authorize_only' else: core.log_message("Using XRootD mapfile authentication") sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile' files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'], owner="xrootd", chown=(user.pw_uid, user.pw_gid)) if core.PackageVersion('xrootd') < '1:4.9.0': files.append(core.config['xrootd.config'], XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.port']), owner='xrootd', backup=True) else: files.write(core.config['xrootd.config-extra'], XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.port']), owner='xrootd', backup=True, chmod=0o644) authfile = '/etc/xrootd/auth_file' files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid)) core.state['xrootd.backups-exist'] = True
def test_02_install_packages(self): core.state['install.success'] = False core.state['install.installed'] = [] core.state['install.updated'] = [] core.state['install.replace'] = [] core.state['install.orphaned'] = [] core.state['install.os_updates'] = [] # Install packages core.state['install.transaction_ids'] = [] fail_msg = '' pkg_repo_dict = OrderedDict((x, core.options.extrarepos) for x in core.options.packages) # FIXME: Install slurm out of contrib if we're running 'All' tests until # SOFTWARE-1733 gives us a generalized solution if 'osg-tested-internal' in pkg_repo_dict or 'slurm' in pkg_repo_dict: pkg_repo_dict.update(dict((x, ['osg-development']) for x in core.SLURM_PACKAGES)) for pkg, repos in pkg_repo_dict.items(): # Do not try to re-install packages if core.rpm_is_installed(pkg): continue # Attempt installation command = ['yum', '-y'] command += ['--enablerepo=%s' % x for x in repos] command += ['install', pkg] retry_fail, _, stdout, _ = yum.retry_command(command) if retry_fail == '': # the command succeeded core.state['install.transaction_ids'].append(yum.get_transaction_id()) command = ('rpm', '--verify', pkg) core.check_system(command, 'Verify %s' % (pkg)) yum.parse_output_for_packages(stdout) fail_msg += retry_fail if fail_msg: self.fail(fail_msg) core.state['install.success'] = True
def test_02_install_packages(self): core.state['install.success'] = False core.state['install.installed'] = [] core.state['install.updated'] = [] core.state['install.replace'] = [] core.state['install.orphaned'] = [] core.state['install.os_updates'] = [] # Install packages core.state['install.transaction_ids'] = [] fail_msg = '' for package in core.options.packages: # Do not try to re-install packages if core.rpm_is_installed(package): continue # Attempt installation command = ['yum', '-y'] for repo in core.options.extrarepos: command.append('--enablerepo=%s' % repo) command += ['install', package] retry_fail, status, stdout, stderr = yum.retry_command(command) if retry_fail == '': # the command succeeded if core.el_release() >= 6: # RHEL 6 does not have the rollback option, so store the # transaction IDs so we can undo each transaction in the # proper order core.state['install.transaction_ids'].append(yum.get_transaction_id()) command = ('rpm', '--verify', package) core.check_system(command, 'Verify %s' % (package)) yum.parse_output_for_packages(stdout) fail_msg += retry_fail if fail_msg: self.fail(fail_msg) core.state['install.success'] = True
def is_openjdk_devel_installed(): if core.rpm_is_installed(JAVAC_RPM): return True return False