def test_01_start_xrootd(self):
core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid'
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
core.config['xrootd.config'] = '/etc/xrootd/xrootd-clustered.cfg'
core.config['xrootd.gsi'] = "ON"
core.state['xrootd.started-server'] = False
core.state['xrootd.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
core.skip_ok_unless_installed('xrootd', by_dependency=True)
user = pwd.getpwnam("xrootd")
if core.config['xrootd.gsi'] == "ON":
core.skip_ok_unless_installed('globus-proxy-utils')
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0400)
lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms')
if all([core.rpm_is_installed(x) for x in lcmaps_packages]):
core.log_message("Using xrootd-lcmaps authentication")
sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5'
else:
core.log_message("Using XRootD mapfile authentication")
sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile'
files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'],
owner="xrootd",
chown=(user.pw_uid, user.pw_gid))
files.append(core.config['xrootd.config'], XROOTD_CFG_TEXT % sec_protocol, owner='xrootd', backup=True)
authfile = '/etc/xrootd/auth_file'
files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.backups-exist'] = True
def test_02_user(self):
core.state['system.wrote_mapfile'] = False
if core.options.skiptests:
core.skip('no user needed')
return
try:
password_entry = pwd.getpwnam(core.options.username)
except KeyError as e:
self.fail("User '%s' should exist but does not" %
core.options.username)
self.assert_(
password_entry.pw_dir != '/',
"User '%s' has home directory at '/'" % (core.options.username))
self.assert_(
os.path.isdir(password_entry.pw_dir),
"User '%s' missing a home directory at '%s'" %
(core.options.username, password_entry.pw_dir))
cert_path = os.path.join(password_entry.pw_dir, '.globus',
'usercert.pem')
core.config['user.cert_subject'], core.config[
'user.cert_issuer'] = certificate_info(cert_path)
# Add user to mapfile
files.append(
core.config['system.mapfile'],
'"%s" %s\n' %
(core.config['user.cert_subject'], password_entry.pw_name),
owner='user')
core.state['system.wrote_mapfile'] = True
os.chmod(core.config['system.mapfile'], 0o644)
def test_05_start_tomcat(self):
core.skip_ok_unless_installed(tomcat.pkgname())
core.state['tomcat.started'] = False
catalina_log = tomcat.catalinafile()
initial_stat = core.get_stat(catalina_log)
tomcat_sentinel = r'Server startup in \d+ ms'
# Bump log level
core.config['tomcat.logging-conf'] = os.path.join(tomcat.sysconfdir(), 'logging.properties')
files.append(core.config['tomcat.logging-conf'], 'org.apache.catalina.level = %s\n' % 'FINER',
owner='tomcat', backup=True)
old_str = "1catalina.org.apache.juli.FileHandler.prefix = catalina."
repl_str = ("1catalina.org.apache.juli.FileHandler.prefix = catalina\n"
"1catalina.org.apache.juli.FileHandler.rotatable = false")
files.replace(core.config['tomcat.logging-conf'], old_str, repl_str,
owner='tomcat', backup=False)
service.check_start(tomcat.pkgname())
if core.options.nightly:
timeout = 3600.0
else:
timeout = 1200.0
line, gap = core.monitor_file(catalina_log, initial_stat, tomcat_sentinel, timeout)
self.assert_(line is not None, 'Tomcat did not start within the %d min window' % int(timeout/60))
core.state['tomcat.started'] = True
core.log_message('Tomcat started after %.1f seconds' % gap)
def test_03_generate_user_cert(self):
core.state['general.user_cert_created'] = False
core.state['system.wrote_mapfile'] = False
if core.options.skiptests:
core.skip('no user needed')
return
self.skip_bad_unless(
core.state['user.verified'],
"User doesn't exist, has HOME=/, or is missing HOME")
# Set up certificate
globus_dir = os.path.join(core.state['user.pwd'].pw_dir, '.globus')
core.state['user.cert_path'] = os.path.join(globus_dir, 'usercert.pem')
test_ca = CA.load(core.config['certs.test-ca'])
if not os.path.exists(core.state['user.cert_path']):
test_ca.usercert(core.options.username, core.options.password)
core.state['general.user_cert_created'] = True
(core.config['user.cert_subject'],
core.config['user.cert_issuer']) = certificate_info(
core.state['user.cert_path'])
# Add user to mapfile
files.append(
core.config['system.mapfile'],
'"%s" %s\n' %
(core.config['user.cert_subject'], core.state['user.pwd'].pw_name),
owner='user')
core.state['system.wrote_mapfile'] = True
os.chmod(core.config['system.mapfile'], 0o644)
def test_03_configure_multiuser(self):
core.skip_ok_unless_installed('xrootd-multiuser')
core.config['xrootd.multiuser'] = "******"
# We need both multiuser and gsi part to test multiuser
if core.config['xrootd.multiuser'] == "ON" and core.config['xrootd.gsi'] == "ON":
xrootd_multiuser_conf = "xrootd.fslib libXrdMultiuser.so default"
files.append(core.config['xrootd.config'], xrootd_multiuser_conf, owner='xrootd', backup=False)
def setup_cvmfs():
command = ('mkdir', '-p', '/tmp/cvmfs')
core.system(command, False)
files.write("/etc/cvmfs/default.local", CVMFS_CONFIG, owner='cvmfs', chmod=0o644)
# Dump autofs debug output to /var/log/messages or journalctl
files.append("/etc/sysconfig/autofs", 'OPTIONS="-d"\n', owner='cvmfs')
def test_01_start_gatekeeper(self):
core.config[
'globus.gk-lockfile'] = '/var/lock/subsys/globus-gatekeeper'
core.state['globus.started-gk'] = False
if not core.rpm_is_installed('globus-gatekeeper'):
core.skip('not installed')
return
if os.path.exists(core.config['globus.gk-lockfile']):
core.skip('apparently running')
return
# DEBUG: Set up gatekeeper debugging
core.config[
'jobmanager-config'] = '/etc/globus/globus-gram-job-manager.conf'
conf_path = core.config['jobmanager-config']
files.append(conf_path,
'-log-levels TRACE|DEBUG|FATAL|ERROR|WARN|INFO\n',
owner='globus')
files.append(
conf_path,
'-log-pattern /var/log/globus/gram_$(LOGNAME)_$(DATE).log\n',
backup=False)
if not os.path.exists('/var/log/globus'):
os.mkdir('/var/log/globus')
os.chmod('/var/log/globus', 0777)
command = ('service', 'globus-gatekeeper', 'start')
stdout, _, fail = core.check_system(command, 'Start Globus gatekeeper')
self.assert_(stdout.find('FAILED') == -1, fail)
self.assert_(os.path.exists(core.config['globus.gk-lockfile']),
'Globus gatekeeper run lock file missing')
core.state['globus.started-gk'] = True
def test_02_configure_hdfs(self):
core.skip_ok_unless_installed('xrootd-hdfs')
hdfs_config = "ofs.osslib /usr/lib64/libXrdHdfs.so"
if core.PackageVersion('xrootd') < '1:4.9.0':
files.append(core.config['xrootd.config'], hdfs_config, backup=False)
else:
files.append(core.config['xrootd.config-extra'], hdfs_config, backup=False)
def test_03_configure_multiuser(self):
core.skip_ok_unless_installed('xrootd-multiuser','globus-proxy-utils', by_dependency=True)
xrootd_multiuser_conf = "xrootd.fslib libXrdMultiuser.so default"
if core.PackageVersion('xrootd') < '1:4.9.0':
files.append(core.config['xrootd.config'], xrootd_multiuser_conf, owner='xrootd', backup=False)
else:
files.append(core.config['xrootd.config-extra'], xrootd_multiuser_conf, owner='xrootd', backup=False)
core.config['xrootd.multiuser'] = True
def test_003_setup_grid_mapfile(self):
if core.missing_rpm('rsv'):
return
# Register the cert in the gridmap file
cert_subject = core.certificate_info(core.config['rsv.certfile'])[0]
files.append(core.config['system.mapfile'],
'"%s" rsv\n' % (cert_subject),
owner='rsv')
def test_05_configure_multiuser(self):
core.skip_ok_unless_installed('xrootd-multiuser', by_dependency=True)
xrootd_multiuser_conf = "ofs.osslib ++ libXrdMultiuser.so\n" \
"ofs.ckslib ++ libXrdMultiuser.so\n"
if os.path.exists("/etc/xrootd/config.d/60-osg-multiuser.cfg"):
core.log_message("Not adding XRootD multiuser config, already exists")
else:
files.append(core.config['xrootd.config'], xrootd_multiuser_conf, owner='xrootd', backup=False)
core.config['xrootd.multiuser'] = True
def test_06_configure_scitokens(self):
self.skip_ok_unless("SCITOKENS" in core.config['xrootd.security'], "Not using SciTokens for XRootD")
scitokens_conf_path = "/etc/xrootd/scitokens.conf"
files.write(scitokens_conf_path, SCITOKENS_CONF_TEXT, owner='xrootd', chmod=0o644)
if os.path.exists("/etc/xrootd/config.d/50-osg-scitokens.cfg"):
core.log_message("Not adding XRootD SciTokens config, already exists")
else:
files.append(core.config['xrootd.config'],
XROOTD5_SCITOKENS_CFG_TXT % scitokens_conf_path,
backup=False)
def test_02_xrootd_policy(self):
core.skip_ok_unless_installed('xrootd-lcmaps', *self.required_rpms)
files.append(core.config['lcmaps.db'],
'''xrootd_policy:
verifyproxynokey -> banfile
banfile -> banvomsfile | bad
banvomsfile -> gridmapfile | bad
gridmapfile -> good | vomsmapfile
vomsmapfile -> good | defaultmapfile
defaultmapfile -> good | bad
''',
backup=False)
def test_03_configure_multiuser(self):
core.skip_ok_unless_installed('xrootd-multiuser',
'globus-proxy-utils',
by_dependency=True)
if core.PackageVersion("xrootd-multiuser") < "1.0.0-0":
xrootd_multiuser_conf = "xrootd.fslib libXrdMultiuser.so default"
else:
xrootd_multiuser_conf = "ofs.osslib ++ libXrdMultiuser.so\n" \
"ofs.ckslib ++ libXrdMultiuser.so"
files.append(core.config['xrootd.config'],
xrootd_multiuser_conf,
owner='xrootd',
backup=False)
core.config['xrootd.multiuser'] = True
def test_02_create_secrets(self):
core.skip_ok_unless_installed('xrootd', 'xrootd-scitokens', by_dependency=True)
core.config['xrootd.tpc.macaroon-secret-1'] = '/etc/xrootd/macaroon-secret-1'
core.config['xrootd.tpc.macaroon-secret-2'] = '/etc/xrootd/macaroon-secret-2'
core.check_system(["openssl", "rand", "-base64", "-out",
core.config['xrootd.tpc.macaroon-secret-1'], "64"], "Creating symmetric key")
core.check_system(["openssl", "rand", "-base64", "-out",
core.config['xrootd.tpc.macaroon-secret-2'], "64"], "Creating symmetric key")
files.append(core.config['xrootd.tpc.config-1'],
"macaroons.secretkey %s"%(core.config['xrootd.tpc.macaroon-secret-1']),
owner='xrootd', backup=False)
files.append(core.config['xrootd.tpc.config-2'],
"macaroons.secretkey %s"%(core.config['xrootd.tpc.macaroon-secret-2']),
owner='xrootd', backup=False)
def test_09_config_user_vo_map(self):
# Configurations for the user_vo_map
core.skip_ok_unless_installed('osg-info-services')
core.skip_ok_unless_one_installed(*self.possible_rpms)
user_vo_map_file = '/var/lib/osg/user-vo-map'
core.config['osg-info-services.user-vo-map'] = user_vo_map_file
if files.filesBackedup(user_vo_map_file, 'root'):
files.append(core.config['osg-info-services.user-vo-map'],
core.options.username + ' mis',
backup=False)
else:
files.append(core.config['osg-info-services.user-vo-map'],
core.options.username + ' mis',
owner='root')
# append creates files with 0600 by default so fix that
os.chmod(user_vo_map_file, 0644)
def test_01_start_xrootd(self):
core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid'
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
core.config['xrootd.gsi'] = "ON"
core.state['xrootd.started-server'] = False
core.state['xrootd.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
vdt_pw = pwd.getpwnam(core.options.username)
core.config['certs.usercert'] = os.path.join(vdt_pw.pw_dir, '.globus', 'usercert.pem')
core.skip_ok_unless_installed('xrootd', by_dependency=True)
# Determine xrootd package name
if core.rpm_is_installed('xrootd4'):
core.config['xrootd.package'] = 'xrootd4'
elif core.rpm_is_installed('xrootd'):
core.config['xrootd.package'] = 'xrootd'
user = pwd.getpwnam("xrootd")
if core.config['xrootd.gsi'] == "ON":
core.skip_ok_unless_installed('globus-proxy-utils')
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0400)
cfgfile = '/etc/xrootd/xrootd-clustered.cfg'
files.append(cfgfile, XROOTD_CFG_TEXT, owner='xrootd', backup=True)
authfile = '/etc/xrootd/auth_file'
files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid))
files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'],
owner="xrootd",
chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.backups-exist'] = True
if core.el_release() < 7:
stdout, _, fail = core.check_system(('service', 'xrootd', 'start'), 'Start Xrootd server')
self.assert_('FAILED' not in stdout, fail)
self.assert_(os.path.exists(core.config['xrootd.pid-file']), 'Xrootd server PID file missing')
else:
core.check_system(('systemctl', 'start', 'xrootd@clustered'), 'Start Xrootd server')
core.check_system(('systemctl', 'status', 'xrootd@clustered'), 'Verify status of Xrootd server')
core.state['xrootd.started-server'] = True
def test_01_start_xrootd(self):
core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid'
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
core.config['xrootd.config'] = '/etc/xrootd/xrootd-clustered.cfg'
core.config['xrootd.config-extra'] = '/etc/xrootd/config.d/99-osg-test.cfg'
core.config['xrootd.port'] = XROOTD_PORT
core.config['xrootd.multiuser'] = False
core.state['xrootd.started-server'] = False
core.state['xrootd.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
core.skip_ok_unless_installed('xrootd', by_dependency=True)
user = pwd.getpwnam("xrootd")
core.skip_ok_unless_installed('globus-proxy-utils')
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0o644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0o400)
lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms')
if all([core.rpm_is_installed(x) for x in lcmaps_packages]):
core.log_message("Using xrootd-lcmaps authentication")
sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5'
if core.PackageVersion('xrootd-lcmaps') >= '1.4.0':
sec_protocol += ',--policy,authorize_only'
else:
core.log_message("Using XRootD mapfile authentication")
sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile'
files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'],
owner="xrootd",
chown=(user.pw_uid, user.pw_gid))
if core.PackageVersion('xrootd') < '1:4.9.0':
files.append(core.config['xrootd.config'],
XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.port']),
owner='xrootd', backup=True)
else:
files.write(core.config['xrootd.config-extra'],
XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.port']),
owner='xrootd', backup=True, chmod=0o644)
authfile = '/etc/xrootd/auth_file'
files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.backups-exist'] = True
def test_01_start_xrootd(self):
core.config['xrootd.pid-file']='/var/run/xrootd/xrootd-default.pid'
core.config['certs.hostcert'] = '/etc/grid-security/hostcert.pem'
core.config['certs.hostkey'] = '/etc/grid-security/hostkey.pem'
core.config['certs.xrootdcert']='/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey']='/etc/grid-security/xrd/xrdkey.pem'
core.config['xrootd.gsi']="ON"
core.state['xrootd.started-server'] = False
if not core.rpm_is_installed('xrootd-server'):
core.skip('not installed')
return
user=pwd.getpwnam("xrootd")
if core.config['xrootd.gsi'] == "ON":
self.install_cert('certs.xrootdcert', 'certs.hostcert',
'xrootd', 0644)
self.install_cert('certs.xrootdkey', 'certs.hostkey',
'xrootd', 0400)
cfgfile='/etc/xrootd/xrootd-clustered.cfg'
cfgtext='cms.space min 2g 5g\n'
cfgtext=cfgtext+'xrootd.seclib /usr/lib64/libXrdSec.so\n'
cfgtext=cfgtext+'sec.protocol /usr/lib64 gsi -certdir:/etc/grid-security/certificates -cert:/etc/grid-security/xrd/xrdcert.pem -key:/etc/grid-security/xrd/xrdkey.pem -crl:3 -gridmap:/etc/grid-security/xrd/xrdmapfile --gmapopt:10 --gmapto:0\n'
cfgtext=cfgtext+'acc.authdb /etc/xrootd/auth_file\n'
cfgtext=cfgtext+'ofs.authorize\n'
files.append(cfgfile,cfgtext,owner='xrootd',backup=True)
authfile='/etc/xrootd/auth_file'
files.write(authfile,'u * /tmp lr\nu = /tmp/@=/ a\nu xrootd /tmp a\n',owner="xrootd")
os.chown(authfile, user.pw_uid, user.pw_gid)
files.write("/etc/grid-security/xrd/xrdmapfile","\"/O=Grid/OU=GlobusTest/OU=VDT/CN=VDT Test\" vdttest",owner="xrootd")
os.chown("/etc/grid-security/xrd/xrdmapfile",
user.pw_uid, user.pw_gid)
command = ('service', 'xrootd', 'start')
if core.el_release() != 6:
stdout, stderr, fail = core.check_system(command, 'Start Xrootd server')
self.assert_(stdout.find('FAILED') == -1, fail)
self.assert_(os.path.exists(core.config['xrootd.pid-file']),
'xrootd server PID file missing')
core.state['xrootd.started-server'] = True
else:
stdout, stderr, fail = core.check_system(command, 'Start Xrootd server',exit=1)
self.assert_(stdout.find('OK') == -1, fail)
def test_03_configure_authentication(self):
core.skip_ok_unless_installed('condor', 'htcondor-ce', 'htcondor-ce-client')
# Configure condor-ce to use the gridmap file and set up PBS and Condor routes
core.config['condor-ce.condor-ce-cfg'] = '/etc/condor-ce/config.d/99-osgtest.condor-ce.conf'
condor_contents = """GRIDMAP = /etc/grid-security/grid-mapfile
ALL_DEBUG=D_FULLDEBUG
JOB_ROUTER_ENTRIES = \\
[ \\
GridResource = "batch pbs"; \\
TargetUniverse = 9; \\
name = "Local_PBS"; \\
Requirements = target.osgTestPBS =?= true; \\
] \\
[ \\
TargetUniverse = 5; \\
name = "Local_Condor"; \\
]
JOB_ROUTER_SCHEDD2_SPOOL=/var/lib/condor/spool
JOB_ROUTER_SCHEDD2_NAME=$(FULL_HOSTNAME)
JOB_ROUTER_SCHEDD2_POOL=$(FULL_HOSTNAME):9618
"""
files.write(core.config['condor-ce.condor-ce-cfg'],
condor_contents,
owner='condor-ce',
chmod=0644)
# lcmaps needs to know to use the gridmap file instead of GUMS
core.config['condor-ce.lcmapsdb'] = '/etc/lcmaps.db'
lcmaps_contents = """
authorize_only:
gridmapfile -> good | bad
"""
files.append(core.config['condor-ce.lcmapsdb'], lcmaps_contents, owner='condor-ce')
# Add host DN to condor_mapfile
if core.options.hostcert:
core.config['condor-ce.condorce_mapfile'] = '/etc/condor-ce/condor_mapfile'
condor_mapfile_contents = files.read('/usr/share/osg-test/test_condorce_mapfile')
files.write(core.config['condor-ce.condorce_mapfile'],
condor_mapfile_contents,
owner='condor-ce',
chmod=0644)
def test_03_install_mapfile(self):
core.state['system.wrote_mapfile'] = False
try:
pwd_entry = pwd.getpwnam(core.options.username)
except KeyError:
core.skip('no user')
return
if pwd_entry.pw_dir == '/':
core.skip('no user home dir')
return
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
user_dn, user_cert_issuer = core.certificate_info(cert_path)
existed_prior = os.path.exists(core.config['system.mapfile'])
files.append(core.config['system.mapfile'],
'"%s" %s\n' % (user_dn, pwd_entry.pw_name),
owner='user')
if not existed_prior:
core.state['system.wrote_mapfile'] = True
os.chmod(core.config['system.mapfile'], 0644)
def test_01_start_gatekeeper(self):
core.config['globus-gatekeeper.started-service'] = False
core.state['globus-gatekeeper.running'] = False
core.skip_ok_unless_installed('globus-gatekeeper')
if not service.is_running('globus-gatekeeper'):
# DEBUG: Set up gatekeeper debugging
core.config['jobmanager-config'] = '/etc/globus/globus-gram-job-manager.conf'
conf_path = core.config['jobmanager-config']
files.append(conf_path, '-log-levels TRACE|DEBUG|FATAL|ERROR|WARN|INFO\n', owner='globus')
files.append(conf_path, '-log-pattern /var/log/globus/gram_$(LOGNAME)_$(DATE).log\n', backup=False)
if not os.path.exists('/var/log/globus'):
os.mkdir('/var/log/globus')
os.chmod('/var/log/globus', 0777)
service.start('globus-gatekeeper')
core.state['globus-gatekeeper.running'] = service.is_running('globus-gatekeeper')
self.assert_(core.state['globus-gatekeeper.running'], 'globus-gatekeeper failed to start')
def test_02_user(self):
core.state['system.wrote_mapfile'] = False
if core.options.skiptests:
core.skip('no user needed')
return
try:
password_entry = pwd.getpwnam(core.options.username)
except KeyError as e:
self.fail("User '%s' should exist but does not" % core.options.username)
self.assert_(password_entry.pw_dir != '/', "User '%s' has home directory at '/'" % (core.options.username))
self.assert_(os.path.isdir(password_entry.pw_dir),
"User '%s' missing a home directory at '%s'" % (core.options.username, password_entry.pw_dir))
cert_path = os.path.join(password_entry.pw_dir, '.globus', 'usercert.pem')
core.config['user.cert_subject'], core.config['user.cert_issuer'] = certificate_info(cert_path)
# Add user to mapfile
files.append(core.config['system.mapfile'], '"%s" %s\n' %
(core.config['user.cert_subject'], password_entry.pw_name),
owner='user')
core.state['system.wrote_mapfile'] = True
os.chmod(core.config['system.mapfile'], 0o644)
def test_05_start_tomcat(self):
core.skip_ok_unless_installed(tomcat.pkgname())
core.state['tomcat.started'] = False
catalina_log = tomcat.catalinafile()
initial_stat = core.get_stat(catalina_log)
tomcat_sentinel = r'Server startup in \d+ ms'
# Bump log level
core.config['tomcat.logging-conf'] = os.path.join(
tomcat.sysconfdir(), 'logging.properties')
files.append(core.config['tomcat.logging-conf'],
'org.apache.catalina.level = %s\n' % 'FINER',
owner='tomcat',
backup=True)
old_str = "1catalina.org.apache.juli.FileHandler.prefix = catalina."
repl_str = ("1catalina.org.apache.juli.FileHandler.prefix = catalina\n"
"1catalina.org.apache.juli.FileHandler.rotatable = false")
files.replace(core.config['tomcat.logging-conf'],
old_str,
repl_str,
owner='tomcat',
backup=False)
service.check_start(tomcat.pkgname())
if core.options.nightly:
timeout = 3600.0
else:
timeout = 1200.0
line, gap = core.monitor_file(catalina_log, initial_stat,
tomcat_sentinel, timeout)
self.assert_(
line is not None, 'Tomcat did not start within the %d min window' %
int(timeout / 60))
core.state['tomcat.started'] = True
core.log_message('Tomcat started after %.1f seconds' % gap)
def test_02_configure_hdfs(self):
core.skip_ok_unless_installed('xrootd-hdfs')
hdfs_config = "ofs.osslib /usr/lib64/libXrdHdfs.so"
files.append(core.config['xrootd.config'], hdfs_config, backup=False)
def test_003_setup_grid_mapfile(self):
core.skip_ok_unless_installed('rsv')
# Register the cert in the gridmap file
cert_subject = cagen.certificate_info(core.config['rsv.certfile'])[0]
files.append(core.config['system.mapfile'], '"%s" rsv\n' % (cert_subject), owner='rsv')
def test_02_configure_hdfs(self):
core.skip_ok_unless_installed('xrootd-hdfs')
hdfs_config = "ofs.osslib /usr/lib64/libXrdHdfs.so"
files.append(core.config['xrootd.config'], hdfs_config, backup=False)
def test_003_setup_grid_mapfile(self):
core.skip_ok_unless_installed('rsv')
# Register the cert in the gridmap file
cert_subject = cagen.certificate_info(core.config['rsv.certfile'])[0]
files.append(core.config['system.mapfile'], '"%s" rsv\n' % (cert_subject), owner='rsv')
def test_03_configure_multiuser(self):
core.skip_ok_unless_installed('xrootd-multiuser', 'globus-proxy-utils', by_dependency=True)
xrootd_multiuser_conf = "xrootd.fslib libXrdMultiuser.so default"
files.append(core.config['xrootd.config'], xrootd_multiuser_conf, owner='xrootd', backup=False)
core.config['xrootd.multiuser'] = True
class TestUser(osgunittest.OSGTestCase):
def test_01_add_user(self):
core.state['general.user_added'] = False
core.state['general.user_cert_created'] = False
# Bail out if this step is not needed
if not core.options.adduser:
core.skip('not requested')
return
try:
pwd.getpwnam(core.options.username)
except KeyError:
pass # expected
else:
core.skip('user exists')
return
# Add
home_dir = core.config['user.home']
if not os.path.isdir(home_dir):
os.mkdir(home_dir)
# SSH requires that the user have a password - even if password
# auth is disabled. Set a random password for the vdttest user
password = encrypted_password(random_string(16))
command = ('useradd', '--base-dir', home_dir, '--password', password,
'--shell', '/bin/sh', core.options.username)
core.check_system(command, 'Add user %s' % core.options.username)
core.state['general.user_added'] = True
# Set up directories
user = pwd.getpwnam(core.options.username)
os.chown(user.pw_dir, user.pw_uid, user.pw_gid)
os.chmod(user.pw_dir, 0755)
# Set up certificate
globus_dir = os.path.join(user.pw_dir, '.globus')
user_cert = os.path.join(globus_dir, 'usercert.pem')
test_ca = CA.load(core.config['certs.test-ca'])
if not os.path.exists(user_cert):
test_ca.usercert(core.options.username, core.options.password)
core.state['general.user_cert_created'] = True
def test_02_user(self):
core.state['system.wrote_mapfile'] = False
if core.options.skiptests:
core.skip('no user needed')
return
try:
password_entry = pwd.getpwnam(core.options.username)
except KeyError, e:
self.fail("User '%s' should exist but does not" %
core.options.username)
self.assert_(
password_entry.pw_dir != '/',
"User '%s' has home directory at '/'" % (core.options.username))
self.assert_(
os.path.isdir(password_entry.pw_dir),
"User '%s' missing a home directory at '%s'" %
(core.options.username, password_entry.pw_dir))
cert_path = os.path.join(password_entry.pw_dir, '.globus',
'usercert.pem')
core.config['user.cert_subject'], core.config[
'user.cert_issuer'] = certificate_info(cert_path)
# Add user to mapfile
files.append(
core.config['system.mapfile'],
'"%s" %s\n' %
(core.config['user.cert_subject'], password_entry.pw_name),
owner='user')
core.state['system.wrote_mapfile'] = True
os.chmod(core.config['system.mapfile'], 0644)
def test_07_config_gip_file(self):
core.skip_ok_unless_installed('osg-info-services')
core.skip_ok_unless_one_installed(*self.possible_rpms)
core.config['osg-info-services.gip-file'] = '/etc/osg/config.d/30-gip.ini'
files.append(core.config['osg-info-services.gip-file'],
"[Subcluster fermicloud osg test]\n",
owner='root')
files.append(core.config['osg-info-services.gip-file'],
"name = fermicloud osg test\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"node_count = 1\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"ram_mb = 4110\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"swap_mb = 4000\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"cpu_model = Dual-Core AMD Opteron(tm) Processor 2216\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"cpu_vendor = AMD\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"cpu_speed_mhz = 2400\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"cpus_per_node = 2\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"cores_per_node = 2\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"inbound_network = FALSE\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"outbound_network = TRUE\n",
backup=False)
files.append(core.config['osg-info-services.gip-file'],
"cpu_platform = x86_64\n",
backup=False)