def __prepareSecurityDetails(self): """ Obtains the connection details for the client """ try: clientDN, clientGroup, clientUserName = self.__getOwnerGroupDN( 'ProductionManager') gLogger.debug("Getting proxy for %s %s" % (clientGroup, clientDN)) res = gProxyManager.downloadVOMSProxy(clientDN, clientGroup) if not res['OK']: return res chain = res['Value'] base = "" base = gConfig.getValue( "Systems/DataManagement/boincInstance/Services/StorageElementProxy/BasePath" ) proxyBase = "%s/proxies" % base mkDir(proxyBase) proxyLocation = "%s/proxies/%s-%s" % (base, clientUserName, clientGroup) gLogger.debug("Obtained proxy chain, dumping to %s." % proxyLocation) res = gProxyManager.dumpProxyToFile(chain, proxyLocation) if not res['OK']: return res gLogger.debug("Updating environment.") os.environ['X509_USER_PROXY'] = res['Value'] return res except Exception as error: exStr = "__getConnectionDetails: Failed to get client connection details." gLogger.exception(exStr, '', error) return S_ERROR(exStr)
def getProxyFileForCloud(ce): """Get a file with the proxy to be used to connect to the given cloud endpoint :param ce: cloud endpoint object :return: S_OK/S_ERROR, value is the path to the proxy file """ vo = ce.parameters.get("VO") cloudDN = None cloudGroup = None if vo: result = findGenericCloudCredentials(vo=vo) if not result["OK"]: return result cloudDN, cloudGroup = result["Value"] cloudUser = ce.parameters.get("GenericCloudUser") if cloudUser: result = Registry.getDNForUsername(cloudUser) if not result["OK"]: return result cloudDN = result["Value"][0] cloudGroup = ce.parameters.get("GenericCloudGroup", cloudGroup) if cloudDN and cloudGroup: result = gProxyManager.getPilotProxyFromDIRACGroup( cloudDN, cloudGroup, 3600) if not result["OK"]: return result proxy = result["Value"] result = gProxyManager.dumpProxyToFile(proxy) return result else: return S_ERROR("Could not find generic cloud credentials")
def __prepareSecurityDetails(self): """Obtains the connection details for the client""" try: credDict = self.getRemoteCredentials() clientDN = credDict["DN"] clientUsername = credDict["username"] clientGroup = credDict["group"] gLogger.debug("Getting proxy for %s@%s (%s)" % (clientUsername, clientGroup, clientDN)) res = gProxyManager.downloadVOMSProxy(clientDN, clientGroup) if not res["OK"]: return res chain = res["Value"] proxyBase = "%s/proxies" % BASE_PATH mkDir(proxyBase) proxyLocation = "%s/proxies/%s-%s" % (BASE_PATH, clientUsername, clientGroup) gLogger.debug("Obtained proxy chain, dumping to %s." % proxyLocation) res = gProxyManager.dumpProxyToFile(chain, proxyLocation) if not res["OK"]: return res gLogger.debug("Updating environment.") os.environ["X509_USER_PROXY"] = res["Value"] return res except Exception as error: exStr = "__getConnectionDetails: Failed to get client connection details." gLogger.exception(exStr, "", error) return S_ERROR(exStr)
def __prepareSecurityDetails(self): """ Obtains the connection details for the client """ try: credDict = self.getRemoteCredentials() clientDN = credDict['DN'] clientUsername = credDict['username'] clientGroup = credDict['group'] gLogger.debug("Getting proxy for %s@%s (%s)" % (clientUsername, clientGroup, clientDN)) res = gProxyManager.downloadVOMSProxy(clientDN, clientGroup) if not res['OK']: return res chain = res['Value'] proxyBase = "%s/proxies" % BASE_PATH if not os.path.exists(proxyBase): os.makedirs(proxyBase) proxyLocation = "%s/proxies/%s-%s" % (BASE_PATH, clientUsername, clientGroup) gLogger.debug("Obtained proxy chain, dumping to %s." % proxyLocation) res = gProxyManager.dumpProxyToFile(chain, proxyLocation) if not res['OK']: return res gLogger.debug("Updating environment.") os.environ['X509_USER_PROXY'] = res['Value'] return res except Exception, error: exStr = "__getConnectionDetails: Failed to get client connection details." gLogger.exception(exStr, '', error) return S_ERROR(exStr)
def __prepareSecurityDetails(self): """ Obtains the connection details for the client """ try: credDict = self.getRemoteCredentials() clientDN = credDict['DN'] clientUsername = credDict['username'] clientGroup = credDict['group'] gLogger.debug( "Getting proxy for %s@%s (%s)" % ( clientUsername, clientGroup, clientDN ) ) res = gProxyManager.downloadVOMSProxy( clientDN, clientGroup ) if not res['OK']: return res chain = res['Value'] proxyBase = "%s/proxies" % BASE_PATH if not os.path.exists(proxyBase): os.makedirs(proxyBase) proxyLocation = "%s/proxies/%s-%s" % ( BASE_PATH, clientUsername, clientGroup ) gLogger.debug("Obtained proxy chain, dumping to %s." % proxyLocation) res = gProxyManager.dumpProxyToFile( chain, proxyLocation ) if not res['OK']: return res gLogger.debug("Updating environment.") os.environ['X509_USER_PROXY'] = res['Value'] return res except Exception, error: exStr = "__getConnectionDetails: Failed to get client connection details." gLogger.exception( exStr, '', error ) return S_ERROR(exStr)
def getShifterProxy(shifterType, fileName=False): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs(os.path.dirname(fileName)) except OSError: pass opsHelper = Operations() userName = opsHelper.getValue(cfgPath('Shifter', shifterType, 'User'), '') if not userName: return S_ERROR("No shifter User defined for %s" % shifterType) result = CS.getDNForUsername(userName) if not result['OK']: return result userDN = result['Value'][0] result = CS.findDefaultGroupForDN(userDN) if not result['OK']: return result defaultGroup = result['Value'] userGroup = opsHelper.getValue(cfgPath('Shifter', shifterType, 'Group'), defaultGroup) vomsAttr = CS.getVOMSAttributeForGroup(userGroup) if vomsAttr: gLogger.info("Getting VOMS [%s] proxy for shifter %s@%s (%s)" % (vomsAttr, userName, userGroup, userDN)) result = gProxyManager.downloadVOMSProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) else: gLogger.info("Getting proxy for shifter %s@%s (%s)" % (userName, userGroup, userDN)) result = gProxyManager.downloadProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) if not result['OK']: return result chain = result['Value'] result = gProxyManager.dumpProxyToFile(chain, destinationFile=fileName) if not result['OK']: return result fileName = result['Value'] return S_OK({ 'DN': userDN, 'username': userName, 'group': userGroup, 'chain': chain, 'proxyFile': fileName })
def getShifterProxy(shifterType, fileName=False): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs(os.path.dirname(fileName)) except: pass shifterSection = "/Operations/Shifter/%s" % shifterType userName = gConfig.getValue('%s/User' % shifterSection, '') if not userName: return S_ERROR("No shifter defined in %s/User" % shifterSection) result = CS.getDNForUsername(userName) if not result['OK']: return result userDN = result['Value'][0] userGroup = gConfig.getValue('%s/Group' % shifterSection, CS.getDefaultUserGroup()) vomsAttr = CS.getVOMSAttributeForGroup(userGroup) if vomsAttr: gLogger.info("Getting VOMS [%s] proxy for shifter %s@%s (%s)" % (vomsAttr, userName, userGroup, userDN)) result = gProxyManager.downloadVOMSProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) else: gLogger.info("Getting proxy for shifter %s@%s (%s)" % (userName, userGroup, userDN)) result = gProxyManager.downloadProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) if not result['OK']: return result chain = result['Value'] result = gProxyManager.dumpProxyToFile(chain, destinationFile=fileName) if not result['OK']: return result fileName = result['Value'] return S_OK({ 'DN': userDN, 'username': userName, 'group': userGroup, 'chain': chain, 'proxyFile': fileName })
def _prepareProxy(self): """Set the environment variable X509_USER_PROXY""" if not self.proxy: result = getProxyInfo() if not result["OK"]: return S_ERROR("No proxy available") if "path" in result["Value"]: os.environ["X509_USER_PROXY"] = result["Value"]["path"] return S_OK() else: result = gProxyManager.dumpProxyToFile(self.proxy, requiredTimeLeft=self.minProxyTime) if not result["OK"]: return result os.environ["X509_USER_PROXY"] = result["Value"] self.log.debug("Set proxy variable X509_USER_PROXY to %s" % os.environ["X509_USER_PROXY"]) return S_OK()
def _prepareProxy( self ): """ Set the environment variable X509_USER_PROXY """ if not self.proxy: result = getProxyInfo() if not result['OK']: return S_ERROR( "No proxy available" ) if "path" in result['Value']: os.environ['X509_USER_PROXY'] = result['Value']['path'] return S_OK() else: result = gProxyManager.dumpProxyToFile( self.proxy ) if not result['OK']: return result os.environ['X509_USER_PROXY'] = result['Value'] gLogger.debug("Set proxy variable X509_USER_PROXY to %s" % os.environ['X509_USER_PROXY']) return S_OK()
def _prepareProxy(self): """ Set the environment variable X509_USER_PROXY """ if not self.proxy: result = getProxyInfo() if not result['OK']: return S_ERROR("No proxy available") if "path" in result['Value']: os.environ['X509_USER_PROXY'] = result['Value']['path'] return S_OK() else: result = gProxyManager.dumpProxyToFile(self.proxy, requiredTimeLeft=self.minProxyTime) if not result['OK']: return result os.environ['X509_USER_PROXY'] = result['Value'] gLogger.debug("Set proxy variable X509_USER_PROXY to %s" % os.environ['X509_USER_PROXY']) return S_OK()
def executeGridCommand(proxy, cmd, gridEnvScript=None): """ Execute cmd tuple after sourcing GridEnv """ currentEnv = dict(os.environ) if not gridEnvScript: # if not passed as argument, use default from CS Helpers gridEnvScript = Local.gridEnv() if gridEnvScript: command = gridEnvScript.split() ret = sourceEnv(10, command) if not ret["OK"]: return S_ERROR("Failed sourcing GridEnv: %s" % ret["Message"]) gridEnv = ret["outputEnv"] # # Preserve some current settings if they are there # if "X509_VOMS_DIR" in currentEnv: gridEnv["X509_VOMS_DIR"] = currentEnv["X509_VOMS_DIR"] if "X509_CERT_DIR" in currentEnv: gridEnv["X509_CERT_DIR"] = currentEnv["X509_CERT_DIR"] else: gridEnv = currentEnv if not proxy: res = getProxyInfo() if not res["OK"]: return res gridEnv["X509_USER_PROXY"] = res["Value"]["path"] elif isinstance(proxy, str): if os.path.exists(proxy): gridEnv["X509_USER_PROXY"] = proxy else: return S_ERROR("Can not treat proxy passed as a string") else: ret = gProxyManager.dumpProxyToFile(proxy) if not ret["OK"]: return ret gridEnv["X509_USER_PROXY"] = ret["Value"] result = systemCall(120, cmd, env=gridEnv) return result
def executeGridCommand( proxy, cmd, gridEnvScript = None ): """ Execute cmd tuple after sourcing GridEnv """ currentEnv = dict( os.environ ) if not gridEnvScript: # if not passed as argument, use default from CS Helpers gridEnvScript = Local.gridEnv() if gridEnvScript: command = gridEnvScript.split() ret = sourceEnv( 10, command ) if not ret['OK']: return S_ERROR( 'Failed sourcing GridEnv: %s' % ret['Message'] ) gridEnv = ret['outputEnv'] # # Preserve some current settings if they are there # if currentEnv.has_key( 'X509_VOMS_DIR' ): gridEnv['X509_VOMS_DIR'] = currentEnv['X509_VOMS_DIR'] if currentEnv.has_key( 'X509_CERT_DIR' ): gridEnv['X509_CERT_DIR'] = currentEnv['X509_CERT_DIR'] else: gridEnv = currentEnv if not proxy: res = getProxyInfo() if not res['OK']: return res gridEnv['X509_USER_PROXY' ] = res['Value']['path'] elif type( proxy ) in types.StringTypes: if os.path.exists( proxy ): gridEnv[ 'X509_USER_PROXY' ] = proxy else: return S_ERROR( 'Can not treat proxy passed as a string' ) else: ret = gProxyManager.dumpProxyToFile( proxy ) if not ret['OK']: return ret gridEnv[ 'X509_USER_PROXY' ] = ret['Value'] result = systemCall( 120, cmd, env = gridEnv ) return result
def executeGridCommand(proxy, cmd, gridEnvScript=None): """ Execute cmd tuple after sourcing GridEnv """ currentEnv = dict(os.environ) if not gridEnvScript: # if not passed as argument, use default from CS Helpers gridEnvScript = Local.gridEnv() if gridEnvScript: command = gridEnvScript.split() ret = sourceEnv(10, command) if not ret['OK']: return S_ERROR('Failed sourcing GridEnv: %s' % ret['Message']) gridEnv = ret['outputEnv'] # # Preserve some current settings if they are there # if currentEnv.has_key('X509_VOMS_DIR'): gridEnv['X509_VOMS_DIR'] = currentEnv['X509_VOMS_DIR'] if currentEnv.has_key('X509_CERT_DIR'): gridEnv['X509_CERT_DIR'] = currentEnv['X509_CERT_DIR'] else: gridEnv = currentEnv if not proxy: res = getProxyInfo() if not res['OK']: return res gridEnv['X509_USER_PROXY'] = res['Value']['path'] elif type(proxy) in types.StringTypes: if os.path.exists(proxy): gridEnv['X509_USER_PROXY'] = proxy else: return S_ERROR('Can not treat proxy passed as a string') else: ret = gProxyManager.dumpProxyToFile(proxy) if not ret['OK']: return ret gridEnv['X509_USER_PROXY'] = ret['Value'] result = systemCall(120, cmd, env=gridEnv) return result
def executeGridCommand( proxy, cmd, gridEnvScript = None ): """ Execute cmd tuple after sourcing GridEnv """ currentEnv = dict( os.environ ) if gridEnvScript: ret = sourceEnv( 10, [gridEnvScript] ) if not ret['OK']: return S_ERROR( 'Failed sourcing GridEnv: %s' % ret['Message'] ) gridEnv = ret['outputEnv'] # # Preserve some current settings if they are there # if currentEnv.has_key( 'X509_VOMS_DIR' ): gridEnv['X509_VOMS_DIR'] = currentEnv['X509_VOMS_DIR'] if currentEnv.has_key( 'X509_CERT_DIR' ): gridEnv['X509_CERT_DIR'] = currentEnv['X509_CERT_DIR'] else: gridEnv = currentEnv dumpedProxy = False if not proxy: res = getProxyInfo() if not res['OK']: return res gridEnv['X509_USER_PROXY' ] = res['Value']['path'] elif type( proxy ) in types.StringTypes: if os.path.exists( proxy ): gridEnv[ 'X509_USER_PROXY' ] = proxy else: return S_ERROR( 'Can not treat proxy passed as a string' ) else: ret = gProxyManager.dumpProxyToFile( proxy ) if not ret['OK']: return ret gridEnv[ 'X509_USER_PROXY' ] = ret['Value'] dumpedProxy = True result = systemCall( 120, cmd, env = gridEnv ) if dumpedProxy: # If proxy is stored in a file, delete it, gProxyManager fails to reuse it. # Once the gProxyManager is fixed, this file removal can be dropped os.unlink( gridEnv[ 'X509_USER_PROXY' ] ) return result
def getShifterProxy( shifterType, fileName = False ): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs( os.path.dirname( fileName ) ) except OSError: pass opsHelper = Operations() userName = opsHelper.getValue( cfgPath( 'Shifter', shifterType, 'User' ), '' ) if not userName: return S_ERROR( "No shifter User defined for %s" % shifterType ) result = CS.getDNForUsername( userName ) if not result[ 'OK' ]: return result userDN = result[ 'Value' ][0] result = CS.findDefaultGroupForDN( userDN ) if not result['OK']: return result defaultGroup = result['Value'] userGroup = opsHelper.getValue( cfgPath( 'Shifter', shifterType, 'Group' ), defaultGroup ) vomsAttr = CS.getVOMSAttributeForGroup( userGroup ) if vomsAttr: gLogger.info( "Getting VOMS [%s] proxy for shifter %s@%s (%s)" % ( vomsAttr, userName, userGroup, userDN ) ) result = gProxyManager.downloadVOMSProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) else: gLogger.info( "Getting proxy for shifter %s@%s (%s)" % ( userName, userGroup, userDN ) ) result = gProxyManager.downloadProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) if not result[ 'OK' ]: return result chain = result[ 'Value' ] result = gProxyManager.dumpProxyToFile( chain, destinationFile = fileName ) if not result[ 'OK' ]: return result fileName = result[ 'Value' ] return S_OK( { 'DN' : userDN, 'username' : userName, 'group' : userGroup, 'chain' : chain, 'proxyFile' : fileName } )
def getShifterProxy( shifterType, fileName = False ): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs( os.path.dirname( fileName ) ) except: pass shifterSection = "/Operations/Shifter/%s" % shifterType userName = gConfig.getValue( '%s/User' % shifterSection, '' ) if not userName: return S_ERROR( "No shifter defined in %s/User" % shifterSection ) result = CS.getDNForUsername( userName ) if not result[ 'OK' ]: return result userDN = result[ 'Value' ][0] userGroup = gConfig.getValue( '%s/Group' % shifterSection, CS.getDefaultUserGroup() ) vomsAttr = CS.getVOMSAttributeForGroup( userGroup ) if vomsAttr: gLogger.info( "Getting VOMS [%s] proxy for shifter %s@%s (%s)" % ( vomsAttr, userName, userGroup, userDN ) ) result = gProxyManager.downloadVOMSProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) else: gLogger.info( "Getting proxy for shifter %s@%s (%s)" % ( userName, userGroup, userDN ) ) result = gProxyManager.downloadProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) if not result[ 'OK' ]: return result chain = result[ 'Value' ] result = gProxyManager.dumpProxyToFile( chain, destinationFile = fileName ) if not result[ 'OK' ]: return result fileName = result[ 'Value' ] return S_OK( { 'DN' : userDN, 'username' : userName, 'group' : userGroup, 'chain' : chain, 'proxyFile' : fileName } )
def setProxy(self, proxy, valid=0): """Take existing proxy, and extract group name. Then create new proxy for the cloud pilot user bound to the same group with the lifetime set to the value specified in the CE config. :return: S_OK() or S_ERROR(error string) """ # Store original proxy for FedCloud submission/auth # We write this to a file as that's the format we need ret = gProxyManager.dumpProxyToFile(proxy) if not ret["OK"]: self.log.error("Failed to write proxy file", "for %s: %s" % (self.ceName, ret["Message"])) self._origProxy = ret["Value"] # For a driver refresh to reload the proxy self._getDriver(refresh=True) # we deliberately log extra errors here, # as the return value is not always checked res = getProxyInfo(proxy, disableVOMS=True) if not res["OK"]: self.log.error("getProxyInfo failed", res["Message"]) return S_ERROR("getProxyInfo did not return OK: %s" % str(res)) info = res["Value"] if not "group" in info: self.log.error("No group found in proxy") return S_ERROR("No group found in proxy") if not "identity" in info: self.log.error("No user DN (identity) found in proxy") return S_ERROR("No user DN (identity) found in proxy") pilotGroup = info["group"] pilotDN = info["identity"] opsHelper = Operations(group=pilotGroup) self._cloudDN = opsHelper.getValue("Pilot/GenericCloudDN", pilotDN) self._cloudGroup = pilotGroup if not self._renewCloudProxy(): self.log.error("Failed to renew proxy.") return S_ERROR("Failed to renew proxy.") return S_OK()
def executeGridCommand(proxy, cmd, gridEnvScript=None): """ Execute cmd tuple after sourcing GridEnv """ currentEnv = dict(os.environ) if gridEnvScript: ret = sourceEnv(10, [gridEnvScript]) if not ret["OK"]: return S_ERROR("Failed sourcing GridEnv: %s" % ret["Message"]) gridEnv = ret["outputEnv"] # # Preserve some current settings if they are there # if currentEnv.has_key("X509_VOMS_DIR"): gridEnv["X509_VOMS_DIR"] = currentEnv["X509_VOMS_DIR"] if currentEnv.has_key("X509_CERT_DIR"): gridEnv["X509_CERT_DIR"] = currentEnv["X509_CERT_DIR"] else: gridEnv = currentEnv if not proxy: res = getProxyInfo() if not res["OK"]: return res gridEnv["X509_USER_PROXY"] = res["Value"]["path"] elif type(proxy) in types.StringTypes: if os.path.exists(proxy): gridEnv["X509_USER_PROXY"] = proxy else: return S_ERROR("Can not treat proxy passed as a string") else: ret = gProxyManager.dumpProxyToFile(proxy) if not ret["OK"]: return ret gridEnv["X509_USER_PROXY"] = ret["Value"] result = systemCall(120, cmd, env=gridEnv) return result