def monitorProxy( self, glexecLocation, pilotProxy, payloadProxy ): """ Monitor the payload proxy and renew as necessary. """ if not os.path.exists( pilotProxy ): return S_ERROR( 'Pilot proxy not found at %s' % pilotProxy ) if not os.path.exists( payloadProxy ): return S_ERROR( 'Payload proxy not found at %s' % payloadProxy ) result = getProxyInfoAsString( payloadProxy ) if not result['OK']: self.log.error( 'Could not get payload proxy info', result ) return result self.log.info( 'Payload proxy information seen from pilot:\n%s' % result['Value'] ) gProxyManager.renewProxy( minLifeTime = self.minProxyTime, newProxyLifeTime = self.defaultProxyTime, proxyToConnect = pilotProxy ) if glexecLocation: self.log.info( 'Rerunning glexec without arguments to renew payload proxy' ) result = self.glexecExecute( None, glexecLocation ) if not result['OK']: self.log.error( result ) else: self.log.info( 'Running without glexec, checking local proxy' ) return S_OK( 'Proxy checked' )
def monitorProxy(self,glexecLocation,pilotProxy,payloadProxy): """ Monitor the payload proxy and renew as necessary. """ if not os.path.exists(pilotProxy): return S_ERROR('Pilot proxy not found at %s' %pilotProxy) if not os.path.exists(payloadProxy): return S_ERROR('Payload proxy not found at %s' %payloadProxy) result = getProxyInfoAsString(payloadProxy) if not result['OK']: self.log.error('Could not get payload proxy info',result) return result self.log.info('Payload proxy information seen from pilot:\n%s' %result['Value']) gProxyManager.renewProxy(minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy) if glexecLocation: self.log.info('Rerunning glexec without arguments to renew payload proxy') result = self.glexecExecute(None,glexecLocation) if not result['OK']: self.log.error(result) else: self.log.info('Running without glexec, checking local proxy') return S_OK('Proxy checked')
def monitorProxy(self,pilotProxy,payloadProxy): """ Monitor the payload proxy and renew as necessary. """ if not pilotProxy: return S_OK('Using server Certificate') if not os.path.exists(pilotProxy): return S_ERROR('Pilot proxy not found at %s' %pilotProxy) if not os.path.exists(payloadProxy): return S_ERROR('Payload proxy not found at %s' %payloadProxy) result = getProxyInfoAsString(payloadProxy) if not result['OK']: self.log.error('Could not get payload proxy info',result) return result self.log.verbose('Payload proxy information:\n%s' %result['Value']) gProxyManager.renewProxy(minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy) return S_OK('Proxy checked')
def _monitorProxy(self, pilotProxy, payloadProxy): """Base class for the monitor and update of the payload proxy, to be used in derived classes for the basic renewal of the proxy, if further actions are necessary they should be implemented there """ retVal = getProxyInfo(payloadProxy) if not retVal['OK']: self.log.error('Could not get payload proxy info', retVal) return retVal self.log.verbose('Payload Proxy information:\n%s' % formatProxyInfoAsString(retVal['Value'])) payloadProxyDict = retVal['Value'] payloadSecs = payloadProxyDict['chain'].getRemainingSecs()['Value'] if payloadSecs > self.minProxyTime: self.log.verbose('No need to renew payload Proxy') return S_OK() # if there is no pilot proxy, assume there is a certificate and try a renewal if not pilotProxy: self.log.info( 'Using default credentials to get a new payload Proxy') return gProxyManager.renewProxy( proxyToBeRenewed=payloadProxy, minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy) # if there is pilot proxy retVal = getProxyInfo(pilotProxy) if not retVal['OK']: return retVal pilotProxyDict = retVal['Value'] if not 'groupProperties' in pilotProxyDict: self.log.error('Invalid Pilot Proxy', 'Group has no properties defined') return S_ERROR('Proxy has no group properties defined') pilotProps = pilotProxyDict['groupProperties'] # if running with a pilot proxy, use it to renew the proxy of the payload if Properties.PILOT in pilotProps or Properties.GENERIC_PILOT in pilotProps: self.log.info('Using Pilot credentials to get a new payload Proxy') return gProxyManager.renewProxy( proxyToBeRenewed=payloadProxy, minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy) # if we are running with other type of proxy check if they are for the same user and group # and copy the pilot proxy if necessary self.log.info('Trying to copy pilot Proxy to get a new payload Proxy') pilotProxySecs = pilotProxyDict['chain'].getRemainingSecs()['Value'] if pilotProxySecs <= payloadSecs: errorStr = 'Pilot Proxy is not longer than payload Proxy' self.log.error(errorStr) return S_ERROR('Can not renew by copy: %s' % errorStr) # check if both proxies belong to the same user and group pilotDN = pilotProxyDict['chain'].getIssuerCert( )['Value'].getSubjectDN()['Value'] retVal = pilotProxyDict['chain'].getDIRACGroup() if not retVal['OK']: return retVal pilotGroup = retVal['Value'] payloadDN = payloadProxyDict['chain'].getIssuerCert( )['Value'].getSubjectDN()['Value'] retVal = payloadProxyDict['chain'].getDIRACGroup() if not retVal['OK']: return retVal payloadGroup = retVal['Value'] if pilotDN != payloadDN or pilotGroup != payloadGroup: errorStr = 'Pilot Proxy and payload Proxy do not have same DN and Group' self.log.error(errorStr) return S_ERROR('Can not renew by copy: %s' % errorStr) if pilotProxyDict.get('hasVOMS', False): return pilotProxyDict['chain'].dumpAllToFile(payloadProxy) attribute = CS.getVOMSAttributeForGroup(payloadGroup) vo = CS.getVOMSVOForGroup(payloadGroup) retVal = VOMS().setVOMSAttributes(pilotProxyDict['chain'], attribute=attribute, vo=vo) if not retVal['OK']: return retVal chain = retVal['Value'] return chain.dumpAllToFile(payloadProxy)
def _monitorProxy(self, pilotProxy, payloadProxy): """Base class for the monitor and update of the payload proxy, to be used in derived classes for the basic renewal of the proxy, if further actions are necessary they should be implemented there """ retVal = getProxyInfo(payloadProxy) if not retVal["OK"]: self.log.error("Could not get payload proxy info", retVal) return retVal self.log.verbose("Payload Proxy information:\n%s" % formatProxyInfoAsString(retVal["Value"])) payloadProxyDict = retVal["Value"] payloadSecs = payloadProxyDict["chain"].getRemainingSecs()["Value"] if payloadSecs > self.minProxyTime: self.log.verbose("No need to renew payload Proxy") return S_OK() # if there is no pilot proxy, assume there is a certificate and try a renewal if not pilotProxy: self.log.info("Using default credentials to get a new payload Proxy") return gProxyManager.renewProxy( proxyToBeRenewed=payloadProxy, minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy, ) # if there is pilot proxy retVal = getProxyInfo(pilotProxy) if not retVal["OK"]: return retVal pilotProxyDict = retVal["Value"] if not "groupProperties" in pilotProxyDict: self.log.error("Invalid Pilot Proxy", "Group has no properties defined") return S_ERROR("Proxy has no group properties defined") pilotProps = pilotProxyDict["groupProperties"] # if running with a pilot proxy, use it to renew the proxy of the payload if Properties.PILOT in pilotProps or Properties.GENERIC_PILOT in pilotProps: self.log.info("Using Pilot credentials to get a new payload Proxy") return gProxyManager.renewProxy( proxyToBeRenewed=payloadProxy, minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy, ) # if we are running with other type of proxy check if they are for the same user and group # and copy the pilot proxy if necessary self.log.info("Trying to copy pilot Proxy to get a new payload Proxy") pilotProxySecs = pilotProxyDict["chain"].getRemainingSecs()["Value"] if pilotProxySecs <= payloadSecs: errorStr = "Pilot Proxy is not longer than payload Proxy" self.log.error(errorStr) return S_ERROR("Can not renew by copy: %s" % errorStr) # check if both proxies belong to the same user and group pilotDN = pilotProxyDict["chain"].getIssuerCert()["Value"].getSubjectDN()["Value"] retVal = pilotProxyDict["chain"].getDIRACGroup() if not retVal["OK"]: return retVal pilotGroup = retVal["Value"] payloadDN = payloadProxyDict["chain"].getIssuerCert()["Value"].getSubjectDN()["Value"] retVal = payloadProxyDict["chain"].getDIRACGroup() if not retVal["OK"]: return retVal payloadGroup = retVal["Value"] if pilotDN != payloadDN or pilotGroup != payloadGroup: errorStr = "Pilot Proxy and payload Proxy do not have same DN and Group" self.log.error(errorStr) return S_ERROR("Can not renew by copy: %s" % errorStr) if pilotProxyDict.get("hasVOMS", False): return pilotProxyDict["chain"].dumpAllToFile(payloadProxy) attribute = CS.getVOMSAttributeForGroup(payloadGroup) vo = CS.getVOMSVOForGroup(payloadGroup) retVal = VOMS().setVOMSAttributes(pilotProxyDict["chain"], attribute=attribute, vo=vo) if not retVal["OK"]: return retVal chain = retVal["Value"] return chain.dumpAllToFile(payloadProxy)
def _monitorProxy(self, payloadProxy=None): """Base class for the monitor and update of the payload proxy, to be used in derived classes for the basic renewal of the proxy, if further actions are necessary they should be implemented there :param str payloadProxy: location of the payload proxy file :returns: S_OK(filename)/S_ERROR """ if not payloadProxy: return S_ERROR("No payload proxy") # This will get the pilot proxy ret = getProxyInfo() if not ret["OK"]: pilotProxy = None else: pilotProxy = ret["Value"]["path"] self.log.notice("Pilot Proxy:", pilotProxy) retVal = getProxyInfo(payloadProxy) if not retVal["OK"]: self.log.error("Could not get payload proxy info", retVal) return retVal self.log.verbose("Payload Proxy information:\n%s" % formatProxyInfoAsString(retVal["Value"])) payloadProxyDict = retVal["Value"] payloadSecs = payloadProxyDict["chain"].getRemainingSecs()["Value"] if payloadSecs > self.minProxyTime: self.log.verbose("No need to renew payload Proxy") return S_OK() # if there is no pilot proxy, assume there is a certificate and try a renewal if not pilotProxy: self.log.info( "Using default credentials to get a new payload Proxy") return gProxyManager.renewProxy( proxyToBeRenewed=payloadProxy, minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy, ) # if there is pilot proxy retVal = getProxyInfo(pilotProxy) if not retVal["OK"]: return retVal pilotProxyDict = retVal["Value"] if "groupProperties" not in pilotProxyDict: self.log.error("Invalid Pilot Proxy", "Group has no properties defined") return S_ERROR("Proxy has no group properties defined") pilotProps = pilotProxyDict["groupProperties"] # if running with a pilot proxy, use it to renew the proxy of the payload if Properties.PILOT in pilotProps or Properties.GENERIC_PILOT in pilotProps: self.log.info("Using Pilot credentials to get a new payload Proxy") return gProxyManager.renewProxy( proxyToBeRenewed=payloadProxy, minLifeTime=self.minProxyTime, newProxyLifeTime=self.defaultProxyTime, proxyToConnect=pilotProxy, ) # if we are running with other type of proxy check if they are for the same user and group # and copy the pilot proxy if necessary self.log.info("Trying to copy pilot Proxy to get a new payload Proxy") pilotProxySecs = pilotProxyDict["chain"].getRemainingSecs()["Value"] if pilotProxySecs <= payloadSecs: errorStr = "Pilot Proxy is not longer than payload Proxy" self.log.error(errorStr) return S_ERROR("Can not renew by copy: %s" % errorStr) # check if both proxies belong to the same user and group pilotDN = pilotProxyDict["chain"].getIssuerCert( )["Value"].getSubjectDN()["Value"] retVal = pilotProxyDict["chain"].getDIRACGroup() if not retVal["OK"]: return retVal pilotGroup = retVal["Value"] payloadDN = payloadProxyDict["chain"].getIssuerCert( )["Value"].getSubjectDN()["Value"] retVal = payloadProxyDict["chain"].getDIRACGroup() if not retVal["OK"]: return retVal payloadGroup = retVal["Value"] if pilotDN != payloadDN or pilotGroup != payloadGroup: errorStr = "Pilot Proxy and payload Proxy do not have same DN and Group" self.log.error(errorStr) return S_ERROR("Can not renew by copy: %s" % errorStr) if pilotProxyDict.get("hasVOMS", False): return pilotProxyDict["chain"].dumpAllToFile(payloadProxy) attribute = Registry.getVOMSAttributeForGroup(payloadGroup) vo = Registry.getVOMSVOForGroup(payloadGroup) retVal = VOMS().setVOMSAttributes(pilotProxyDict["chain"], attribute=attribute, vo=vo) if not retVal["OK"]: return retVal chain = retVal["Value"] return chain.dumpAllToFile(payloadProxy)