def test_03_create_user_proxy(self):
# if the utils are not present, it won't work anyhow, so might as well skip the test
if not core.rpm_is_installed('globus-proxy-utils'):
core.skip('globus-proxy-utils not installed')
return
# ...and also skip if there is no glexec
if not core.rpm_is_installed('glexec'):
core.skip('not installed')
return
# OK, software is present, now just check it previous tests did create the proxy already so
# we don't do it twice
command = ('grid-proxy-info','-f',self.__user_proxy_path)
status, stdout, stderr = core.system(command, True)
if int(status)!=0: # no proxy found for some reason, try to construct a new one
command = ('grid-proxy-init','-out',self.__user_proxy_path)
password = core.options.password + '\n'
status, stdout, stderr = core.system(command, True, password)
self.assert_(status==0, 'grid-proxy-init for user '+core.options.username+' has failed even though globus-proxy-util was present')
# we need to have the right permissions on that proxy for glexec to agree to work,
# and the easiest way is to copy the file
command = ('/bin/cp', self.__user_proxy_path, self.__glexec_client_cert)
status, stdout, stderr = core.system(command)
os.environ['GLEXEC_CLIENT_CERT']=self.__glexec_client_cert
def test_05_glexec_proxy_cleanup(self):
# if the utils are not present, it won't work anyhow, so might as well skip the test
if not core.rpm_is_installed('globus-proxy-utils'):
core.skip('globus-proxy-utils not installed')
return
if not core.rpm_is_installed('glexec'):
core.skip('not installed')
return
try:
status = os.unlink(self.__glexec_client_cert)
except:
pass
def test_01_add_user(self):
core.state['voms.added-user'] = False
voms.skip_ok_unless_installed()
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
use_voms_admin = False
if core.rpm_is_installed('voms-admin-server') and core.rpm_is_installed('voms-admin-client'):
self.skip_bad_unless(core.state['tomcat.started'])
use_voms_admin = True
voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin)
core.state['voms.added-user'] = True
def test_01_condor_run_pbs(self):
core.skip_ok_unless_installed('condor')
core.skip_ok_unless_installed('blahp', by_dependency=True)
core.skip_ok_unless_installed('torque-mom',
'torque-server',
'torque-scheduler',
by_dependency=True)
self.skip_bad_unless(core.state['jobs.env-set'],
'job environment not set')
self.skip_bad_unless(service.is_running('condor'),
'condor not running')
self.skip_bad_unless(service.is_running('pbs_server'),
'pbs not running')
command = ('condor_run', '-u', 'grid', '-a', 'grid_resource=pbs', '-a',
'periodic_remove=JobStatus==5', '/bin/env')
# Figure out whether the installed BLAHP package is the same as or later
# than "blahp-1.18.11.bosco-4.osg*" (in the RPM sense), because it's the
# first build in which the job environments are correctly passed to PBS.
# The 'condor-blahp' rpm obsoletes 'blahp' in 9.5.0 (SOFTWARE-4964)
blahp_pbs_has_env_vars = (
core.rpm_is_installed('condor-blahp')
or core.PackageVersion('blahp') >= '1.18.11.bosco-4.osg')
self.run_job_in_tmp_dir(command,
'condor_run a Condor job',
verify_environment=blahp_pbs_has_env_vars)
def setUp(self):
core.skip_ok_unless_installed("osg-xrootd-standalone",
by_dependency=True)
self.skip_ok_if(core.rpm_is_installed("xcache"),
"xcache configs conflict with xrootd tests")
self.skip_ok_unless(core.config['xrootd.security'],
"no xrootd security available")
def test_01_start_xrootd(self):
core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid'
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
core.config['xrootd.config'] = '/etc/xrootd/xrootd-clustered.cfg'
core.config['xrootd.gsi'] = "ON"
core.state['xrootd.started-server'] = False
core.state['xrootd.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
core.skip_ok_unless_installed('xrootd', by_dependency=True)
user = pwd.getpwnam("xrootd")
if core.config['xrootd.gsi'] == "ON":
core.skip_ok_unless_installed('globus-proxy-utils')
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0400)
lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms')
if all([core.rpm_is_installed(x) for x in lcmaps_packages]):
core.log_message("Using xrootd-lcmaps authentication")
sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5'
else:
core.log_message("Using XRootD mapfile authentication")
sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile'
files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'],
owner="xrootd",
chown=(user.pw_uid, user.pw_gid))
files.append(core.config['xrootd.config'], XROOTD_CFG_TEXT % sec_protocol, owner='xrootd', backup=True)
authfile = '/etc/xrootd/auth_file'
files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.backups-exist'] = True
def test_01_start_gatekeeper(self):
core.config[
'globus.gk-lockfile'] = '/var/lock/subsys/globus-gatekeeper'
core.state['globus.started-gk'] = False
if not core.rpm_is_installed('globus-gatekeeper'):
core.skip('not installed')
return
if os.path.exists(core.config['globus.gk-lockfile']):
core.skip('apparently running')
return
# DEBUG: Set up gatekeeper debugging
core.config[
'jobmanager-config'] = '/etc/globus/globus-gram-job-manager.conf'
conf_path = core.config['jobmanager-config']
files.append(conf_path,
'-log-levels TRACE|DEBUG|FATAL|ERROR|WARN|INFO\n',
owner='globus')
files.append(
conf_path,
'-log-pattern /var/log/globus/gram_$(LOGNAME)_$(DATE).log\n',
backup=False)
if not os.path.exists('/var/log/globus'):
os.mkdir('/var/log/globus')
os.chmod('/var/log/globus', 0777)
command = ('service', 'globus-gatekeeper', 'start')
stdout, _, fail = core.check_system(command, 'Start Globus gatekeeper')
self.assert_(stdout.find('FAILED') == -1, fail)
self.assert_(os.path.exists(core.config['globus.gk-lockfile']),
'Globus gatekeeper run lock file missing')
core.state['globus.started-gk'] = True
def test_03_selinux(self):
if not core.options.selinux:
return
self.skip_bad_unless(core.rpm_is_installed('libselinux-utils'), 'missing SELinux utils')
if core.state['selinux.mode'] == 'permissive':
core.check_system(('setenforce', 'Permissive'), 'set selinux mode to permissive')
def setUp(self):
core.skip_ok_unless_installed("osg-xrootd-standalone",
by_dependency=True)
if core.rpm_is_installed("xcache"):
self.skip_ok_if(
core.PackageVersion("xcache") >= "1.0.2",
"xcache 1.0.2+ configs conflict with xrootd tests")
def test_03_selinux(self):
if not core.options.selinux:
return
self.skip_bad_unless(core.rpm_is_installed('libselinux-utils'), 'missing SELinux utils')
if core.state['selinux.mode'] == 'permissive':
core.check_system(('setenforce', 'Permissive'), 'set selinux mode to permissive')
def test_01_configure_xrootd(self):
core.config['xrootd.tpc.config-1'] = '/etc/xrootd/xrootd-third-party-copy-1.cfg'
core.config['xrootd.tpc.config-2'] = '/etc/xrootd/xrootd-third-party-copy-2.cfg'
core.config['xrootd.tpc.http-port1'] = HTTP_PORT1
core.config['xrootd.tpc.http-port2'] = HTTP_PORT2
core.state['xrootd.started-http-server-1'] = False
core.state['xrootd.started-http-server-2'] = False
core.state['xrootd.tpc.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
core.skip_ok_unless_installed('globus-proxy-utils', 'xrootd', 'xrootd-scitokens', by_dependency=True)
user = pwd.getpwnam("xrootd")
lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms')
if all([core.rpm_is_installed(x) for x in lcmaps_packages]):
core.log_message("Using xrootd-lcmaps authentication")
sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5'
sec_protocol += ',--policy,authorize_only'
else:
core.log_message("Using XRootD mapfile authentication")
sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile'
files.write(core.config['xrootd.tpc.config-1'],
XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.tpc.http-port1'], core.config['xrootd.tpc.http-port1']),
owner='xrootd', backup=True, chown=(user.pw_uid, user.pw_gid))
files.write(core.config['xrootd.tpc.config-2'],
XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.tpc.http-port2'], core.config['xrootd.tpc.http-port2']),
owner='xrootd', backup=True, chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.tpc.backups-exist'] = True
def setUp(self):
core.skip_ok_unless_installed("osg-xrootd-standalone",
by_dependency=True)
self.skip_ok_if(core.rpm_is_installed("xcache"),
"xcache configs conflict with xrootd tests")
self.skip_ok_unless(core.state['xrootd.is-configured'],
"xrootd is not configured")
def test_01_configure_xrootd(self):
core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid'
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
if core.rpm_is_installed('osg-xrootd-standalone'):
# rootdir and resourcename needs to be set early for the default osg-xrootd config
core.config['xrootd.config'] = '/etc/xrootd/config.d/10-osg-test.cfg'
else:
core.config['xrootd.config'] = '/etc/xrootd/config.d/99-osg-test.cfg'
core.config['xrootd.service-defaults'] = '/etc/sysconfig/xrootd'
core.config['xrootd.multiuser'] = False
core.state['xrootd.started-server'] = False
core.state['xrootd.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
core.skip_ok_unless_installed('xrootd', 'globus-proxy-utils', by_dependency=True)
user = pwd.getpwnam("xrootd")
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0o644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0o400)
if core.rpm_is_installed('osg-xrootd-standalone'):
core.log_message("Using osg-xrootd configuration")
xrootd_config = META_XROOTD_CFG_TEXT
else:
lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms')
if all([core.rpm_is_installed(x) for x in lcmaps_packages]):
core.log_message("Using xrootd-lcmaps authentication")
sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:loglevel=5,policy=authorize_only'
else:
core.log_message("Using XRootD mapfile authentication")
sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile'
files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'],
owner="xrootd",
chown=(user.pw_uid, user.pw_gid))
xrootd_config = XROOTD_CFG_TEXT % sec_protocol
files.write(core.config['xrootd.config'], xrootd_config, owner='xrootd', backup=True, chmod=0o644)
if core.el_release() < 7:
files.write(core.config['xrootd.service-defaults'], SYSCONFIG_TEXT,
owner="xrootd", chown=(user.pw_uid, user.pw_gid), chmod=0o644)
authfile = '/etc/xrootd/auth_file'
files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.backups-exist'] = True
def setUp(self):
core.skip_ok_unless_installed("stash-origin",
"stash-cache",
"stashcache-client",
by_dependency=True)
if core.rpm_is_installed("xcache"):
self.skip_ok_if(
core.PackageVersion("xcache") < "1.0.2", "needs xcache 1.0.2+")
def test_05_start_tomcat(self):
if not core.rpm_is_installed(tomcat.pkgname()):
core.skip('not installed')
return
service.start('tomcat',
init_script=tomcat.pkgname(),
sentinel_file=tomcat.pidfile())
def test_02_define_user_proxy_path(self):
if not core.rpm_is_installed('glexec'):
core.skip('not installed')
return
command = ('/usr/bin/id','-u')
status, stdout, stderr = core.system(command, True)
TestGlexec.__uid = stdout.rstrip()
TestGlexec.__user_proxy_path = '/tmp/x509up_u'+self.__uid
def test_01_setup_cvmfs(self):
if not core.rpm_is_installed('cvmfs'):
core.skip('not installed')
return
self.setup_fuse()
self.setup_automount()
self.setup_cvmfs()
def test_01_add_user(self):
core.state['voms.added-user'] = False
voms.skip_ok_unless_installed()
pwd_entry = pwd.getpwnam(core.options.username)
cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
use_voms_admin = False
if core.rpm_is_installed(
'voms-admin-server') and core.rpm_is_installed(
'voms-admin-client'):
self.skip_bad_unless(core.state['tomcat.started'])
use_voms_admin = True
voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin)
core.state['voms.added-user'] = True
def test_01_fix_symlinks(self):
if core.rpm_is_installed('jdk') and \
(java.is_openjdk_installed() or java.is_openjdk_devel_installed()):
# We regenerate these symlinks via alternatives so it's unnecessary to back them up
command = ('rm', '-f', '/usr/bin/java', '/usr/bin/javac', '/usr/bin/javadoc', '/usr/bin/jar')
core.check_system(command, 'Remove old symlinks')
command = ['yum', 'reinstall', '-y', java.JAVA_RPM, java.JAVAC_RPM]
yum.retry_command(command)
def test_02_install_packages(self):
core.state['install.success'] = False
core.state['install.installed'] = []
core.state['install.updated'] = []
core.state['install.replace'] = []
core.state['install.orphaned'] = []
core.state['install.os_updates'] = []
# Install packages
core.state['install.transaction_ids'] = set()
fail_msg = ''
pkg_repo_dict = OrderedDict(
(x, core.options.extrarepos) for x in core.options.packages)
# HACK: Install x509-scitokens-issuer-client out of development (SOFTWARE-3649)
x509_scitokens_issuer_packages = [
'xrootd-scitokens', 'osg-tested-internal'
]
for pkg in x509_scitokens_issuer_packages:
if pkg in pkg_repo_dict:
pkg_repo_dict["x509-scitokens-issuer-client"] = [
"osg-development"
]
break
# Special case: htcondor-ce-collector on EL8 needs mod_auth_oidc, only avaiable in a module
if "htcondor-ce-collector" in pkg_repo_dict:
if core.el_release() > 7:
core.check_system(
["dnf", "-y", "module", "enable", "mod_auth_openidc"],
"Enable mod_auth_openidc module")
for pkg, repos in pkg_repo_dict.items():
# Do not try to re-install packages
if core.rpm_is_installed(pkg):
continue
# Attempt installation
command = ['yum', '-y']
command += ['--enablerepo=%s' % x for x in repos]
command += ['install', pkg]
retry_fail, _, stdout, _ = yum.retry_command(command)
if retry_fail == '': # the command succeeded
core.state['install.transaction_ids'].add(
yum.get_transaction_id())
if not pkg.startswith("/"):
# ^^ rpm --verify doesn't work if you asked for a file instead of a package
command = ('rpm', '--verify', pkg)
core.check_system(command, 'Verify %s' % (pkg))
yum.parse_output_for_packages(stdout)
fail_msg += retry_fail
if fail_msg:
self.fail(fail_msg)
core.state['install.success'] = True
def test_01_selinux(self):
if not core.options.selinux:
return
self.skip_bad_unless(core.rpm_is_installed('policycoreutils') and
core.rpm_is_installed('libselinux-utils'),
'missing SELinux utils')
stdout, _, _ = core.check_system(('sestatus',), 'acquire current selinux mode')
try:
core.state['selinux.mode'] = re.search(r'Current mode:\s*(\w*)', stdout, re.MULTILINE).group(1)
if core.state['selinux.mode'] == 'permissive':
core.check_system(('setenforce', '1'), 'set selinux mode to enforcing')
except AttributeError:
# If 'Current mode' doesn't appear, SELinux is probably in disabled mode
# and we cannot enable it via command-line utilities
core.state['selinux.mode'] = ''
self.fail("SELinux disabled: cannot enable SELinux from disabled mode")
def test_01_start_xrootd(self):
core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid'
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
core.config['xrootd.gsi'] = "ON"
core.state['xrootd.started-server'] = False
core.state['xrootd.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
vdt_pw = pwd.getpwnam(core.options.username)
core.config['certs.usercert'] = os.path.join(vdt_pw.pw_dir, '.globus', 'usercert.pem')
core.skip_ok_unless_installed('xrootd', by_dependency=True)
# Determine xrootd package name
if core.rpm_is_installed('xrootd4'):
core.config['xrootd.package'] = 'xrootd4'
elif core.rpm_is_installed('xrootd'):
core.config['xrootd.package'] = 'xrootd'
user = pwd.getpwnam("xrootd")
if core.config['xrootd.gsi'] == "ON":
core.skip_ok_unless_installed('globus-proxy-utils')
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0400)
cfgfile = '/etc/xrootd/xrootd-clustered.cfg'
files.append(cfgfile, XROOTD_CFG_TEXT, owner='xrootd', backup=True)
authfile = '/etc/xrootd/auth_file'
files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid))
files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'],
owner="xrootd",
chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.backups-exist'] = True
if core.el_release() < 7:
stdout, _, fail = core.check_system(('service', 'xrootd', 'start'), 'Start Xrootd server')
self.assert_('FAILED' not in stdout, fail)
self.assert_(os.path.exists(core.config['xrootd.pid-file']), 'Xrootd server PID file missing')
else:
core.check_system(('systemctl', 'start', 'xrootd@clustered'), 'Start Xrootd server')
core.check_system(('systemctl', 'status', 'xrootd@clustered'), 'Verify status of Xrootd server')
core.state['xrootd.started-server'] = True
def test_03_configure_ce(self):
core.skip_ok_unless_installed('condor', 'htcondor-ce', 'htcondor-ce-client')
# Set up Condor, PBS, and Slurm routes
# Leave the GRIDMAP knob in tact to verify that it works with the LCMAPS VOMS plugin
core.config['condor-ce.condor-ce-cfg'] = '/etc/condor-ce/config.d/99-osgtest.condor-ce.conf'
# Add host DN to condor_mapfile
if core.options.hostcert:
core.config['condor-ce.condorce_mapfile'] = '/etc/condor-ce/condor_mapfile.osg-test'
hostcert_dn, _ = cagen.certificate_info(core.config['certs.hostcert'])
mapfile_contents = files.read('/etc/condor-ce/condor_mapfile')
mapfile_contents.insert(0, re.sub(r'([/=\.])', r'\\\1', "GSI \"^%s$\" " % hostcert_dn) + \
"%[email protected]\n" % core.get_hostname())
files.write(core.config['condor-ce.condorce_mapfile'],
mapfile_contents,
owner='condor-ce',
chmod=0o644)
else:
core.config['condor-ce.condorce_mapfile'] = '/etc/condor-ce/condor_mapfile'
condor_contents = """GRIDMAP = /etc/grid-security/grid-mapfile
CERTIFICATE_MAPFILE = %s
ALL_DEBUG=D_FULLDEBUG
JOB_ROUTER_DEFAULTS = $(JOB_ROUTER_DEFAULTS) [set_default_maxMemory = 128;]
JOB_ROUTER_ENTRIES = \\
[ \\
GridResource = "batch pbs"; \\
TargetUniverse = 9; \\
name = "Local_PBS"; \\
Requirements = target.osgTestBatchSystem =?= "pbs"; \\
] \\
[ \\
GridResource = "batch slurm"; \\
TargetUniverse = 9; \\
name = "Local_Slurm"; \\
Requirements = target.osgTestBatchSystem =?= "slurm"; \\
] \\
[ \\
TargetUniverse = 5; \\
name = "Local_Condor"; \\
Requirements = (target.osgTestBatchSystem =!= "pbs" && target.osgTestBatchSystem =!= "slurm"); \\
]
JOB_ROUTER_SCHEDD2_SPOOL=/var/lib/condor/spool
JOB_ROUTER_SCHEDD2_NAME=$(FULL_HOSTNAME)
JOB_ROUTER_SCHEDD2_POOL=$(FULL_HOSTNAME):9618
""" % core.config['condor-ce.condorce_mapfile']
if core.rpm_is_installed('htcondor-ce-view'):
condor_contents += "\nDAEMON_LIST = $(DAEMON_LIST), CEVIEW, GANGLIAD, SCHEDD"
core.config['condor-ce.view-port'] = condor.ce_config_val('HTCONDORCE_VIEW_PORT')
files.write(core.config['condor-ce.condor-ce-cfg'],
condor_contents,
owner='condor-ce',
chmod=0o644)
def test_01_stop_xrootd(self):
if core.config['xrootd.gsi'] == "ON" and core.state['xrootd.backups-exist']:
files.restore(core.config['xrootd.config'], "xrootd")
files.restore('/etc/xrootd/auth_file', "xrootd")
if not core.rpm_is_installed('xrootd-lcmaps'):
files.restore('/etc/grid-security/xrd/xrdmapfile', "xrootd")
core.skip_ok_unless_installed('xrootd', by_dependency=True)
self.skip_ok_if(core.state['xrootd.started-server'], 'did not start server')
service.check_stop(core.config['xrootd_service'])
def test_01_selinux(self):
core.state['selinux.mode'] = None
if not core.options.selinux:
return
self.skip_bad_unless(core.rpm_is_installed('policycoreutils') and
core.rpm_is_installed('libselinux-utils'),
'missing SELinux utils')
stdout, _, _ = core.check_system(('sestatus',), 'acquire current selinux mode')
try:
core.state['selinux.mode'] = re.search(r'Current mode:\s*(\w*)', stdout, re.MULTILINE).group(1)
if core.state['selinux.mode'] == 'permissive':
core.check_system(('setenforce', 'Enforcing'), 'set selinux mode to enforcing')
except AttributeError:
# If 'Current mode' doesn't appear, SELinux is probably in disabled mode
# and we cannot enable it via command-line utilities
core.state['selinux.mode'] = ''
self.fail("SELinux disabled: cannot enable SELinux from disabled mode")
def test_01_grid_proxy_init(self):
if not core.rpm_is_installed('globus-proxy-utils'):
core.skip()
return
command = ('grid-proxy-init', '-debug')
password = core.options.password + '\n'
core.check_system(command,
'Run grid-proxy-init',
user=True,
stdin=password)
def setUp(self):
self.skip_ok_if(core.rpm_is_installed("xcache"),
"xcache configs conflict with xrootd tests")
core.skip_ok_unless_installed("xrootd",
"xrootd-client",
"osg-xrootd-standalone",
by_dependency=True)
self.skip_ok_unless(core.state['xrootd.is-configured'],
"xrootd is not configured")
self.skip_bad_unless_running(core.config['xrootd_service'])
def test_05_create_vo(self):
voms.skip_ok_unless_installed()
use_voms_admin = core.rpm_is_installed('voms-admin-server')
voms.create_vo(vo=core.config['voms.vo'],
dbusername=core.config['voms.dbusername'],
dbpassword='******',
vomscert=core.config['certs.vomscert'],
vomskey=core.config['certs.vomskey'],
use_voms_admin=use_voms_admin)
def test_02_start_cvmfs(self):
core.state['cvmfs.started-server'] = False
if not core.rpm_is_installed('cvmfs'):
core.skip('not installed')
return
command = ('service', 'cvmfs', 'restartautofs')
stdout, stderr, fail = core.check_system(command, 'Start cvmfs server')
self.assert_(stdout.find('FAILED') == -1, fail)
core.state['cvmfs.started-server'] = True
def test_03_configure_ce(self):
core.skip_ok_unless_installed('condor', 'htcondor-ce',
'htcondor-ce-client')
# Set up Condor, PBS, and Slurm routes
# Leave the GRIDMAP knob in tact to verify that it works with the LCMAPS VOMS plugin
core.config[
'condor-ce.condor-ce-cfg'] = '/etc/condor-ce/config.d/99-osgtest.condor-ce.conf'
condor_contents = """GRIDMAP = /etc/grid-security/grid-mapfile
ALL_DEBUG=D_CAT D_ALWAYS:2
JOB_ROUTER_DEFAULTS = $(JOB_ROUTER_DEFAULTS) [set_default_maxMemory = 128;]
JOB_ROUTER_ENTRIES = \\
[ \\
GridResource = "batch pbs"; \\
TargetUniverse = 9; \\
name = "Local_PBS"; \\
Requirements = target.osgTestBatchSystem =?= "pbs"; \\
] \\
[ \\
GridResource = "batch slurm"; \\
TargetUniverse = 9; \\
name = "Local_Slurm"; \\
Requirements = target.osgTestBatchSystem =?= "slurm"; \\
] \\
[ \\
TargetUniverse = 5; \\
name = "Local_Condor"; \\
Requirements = (target.osgTestBatchSystem =!= "pbs" && target.osgTestBatchSystem =!= "slurm"); \\
]
JOB_ROUTER_SCHEDD2_SPOOL=/var/lib/condor/spool
JOB_ROUTER_SCHEDD2_NAME=$(FULL_HOSTNAME)
JOB_ROUTER_SCHEDD2_POOL=$(FULL_HOSTNAME):9618
AUTH_SSL_SERVER_CERTFILE = /etc/grid-security/hostcert.pem
AUTH_SSL_SERVER_KEYFILE = /etc/grid-security/hostkey.pem
AUTH_SSL_SERVER_CADIR = /etc/grid-security/certificates
AUTH_SSL_SERVER_CAFILE =
AUTH_SSL_CLIENT_CERTFILE = /etc/grid-security/hostcert.pem
AUTH_SSL_CLIENT_KEYFILE = /etc/grid-security/hostkey.pem
AUTH_SSL_CLIENT_CADIR = /etc/grid-security/certificates
AUTH_SSL_CLIENT_CAFILE =
"""
if core.rpm_is_installed('htcondor-ce-view'):
condor_contents += "\nDAEMON_LIST = $(DAEMON_LIST), CEVIEW, GANGLIAD, SCHEDD"
core.config['condor-ce.view-port'] = condor.ce_config_val(
'HTCONDORCE_VIEW_PORT')
files.write(core.config['condor-ce.condor-ce-cfg'],
condor_contents,
owner='condor-ce',
chmod=0o644)
def test_03_start_xrootd(self):
if core.rpm_is_installed("xrootd-multiuser"):
core.config['xrootd_tpc_service_1'] = "xrootd-privileged@third-party-copy-1"
core.config['xrootd_tpc_service_2'] = "xrootd-privileged@third-party-copy-2"
else:
core.config['xrootd_tpc_service_1'] = "xrootd@third-party-copy-1"
core.config['xrootd_tpc_service_2'] = "xrootd@third-party-copy-2"
service.check_start(core.config['xrootd_tpc_service_1'], min_up_time = 5)
service.check_start(core.config['xrootd_tpc_service_2'], min_up_time = 5)
core.state['xrootd.started-http-server-1'] = True
core.state['xrootd.started-http-server-2'] = True
def test_02_install_voms_certs(self):
if not core.rpm_is_installed('voms-server'):
core.skip('VOMS not installed')
return
vomscert = core.config['certs.vomscert']
vomskey = core.config['certs.vomskey']
if self.check_file_and_perms(vomscert, 'voms',
0644) and self.check_file_and_perms(
vomskey, 'voms', 0400):
core.skip('VOMS cert exists and has proper permissions')
return
def test_03_install_http_certs(self):
if not core.rpm_is_installed('voms-admin-server'):
core.skip('VOMS Admin not installed')
return
httpcert = core.config['certs.httpcert']
httpkey = core.config['certs.httpkey']
if self.check_file_and_perms(httpcert, 'tomcat',
0644) and self.check_file_and_perms(
httpkey, 'tomcat', 0400):
core.skip('HTTP cert exists and has proper permissions')
return
def test_02_restore_config(self):
core.skip_ok_unless_installed('condor', 'htcondor-ce', 'htcondor-ce-client', 'htcondor-ce-condor')
if core.rpm_is_installed('gums-service'):
files.restore(core.config['condor-ce.lcmapsdb'], 'condor-ce.gums')
files.restore(core.config['condor-ce.gsi-authz'], 'condor-ce')
files.restore(core.config['condor-ce.gums-properties'], 'condor-ce')
files.restore(core.config['condor-ce.condor-cfg'], 'condor-ce')
files.restore(core.config['condor-ce.condor-ce-cfg'], 'condor-ce')
files.restore(core.config['condor-ce.lcmapsdb'], 'condor-ce')
if core.options.hostcert:
files.restore(core.config['condor-ce.condorce_mapfile'], 'condor-ce')
def test_01_stop_xrootd(self):
if core.config['xrootd.gsi'] == "ON" and core.state[
'xrootd.backups-exist']:
files.restore(core.config['xrootd.config'], "xrootd")
files.restore('/etc/xrootd/auth_file', "xrootd")
if not core.rpm_is_installed('xrootd-lcmaps'):
files.restore('/etc/grid-security/xrd/xrdmapfile', "xrootd")
core.skip_ok_unless_installed('xrootd', by_dependency=True)
self.skip_ok_if(core.state['xrootd.started-server'],
'did not start server')
service.check_stop(core.config['xrootd_service'])
def test_02_remove_vo_webapp(self):
if not core.rpm_is_installed('voms-admin-server'):
core.skip('not installed')
return
if not core.state['voms.installed-vo-webapp']:
core.skip('did not start webapp')
return
command = ('service', 'voms-admin', 'stop')
core.check_system(command, 'Uninstall VOMS Admin webapp(s)')
self.assert_(not os.path.exists(core.config['voms.vo-webapp']),
'VOMS Admin VO context file still exists')
def setUp(self):
core.skip_ok_unless_installed("stashcache-origin-server",
"stashcache-cache-server",
"stashcache-client",
by_dependency=True)
if core.rpm_is_installed('xcache'):
origin_service = "xrootd@stash-origin"
cache_service = "xrootd@stash-cache"
else:
origin_service = "xrootd@stashcache-origin-server"
cache_service = "xrootd@stashcache-cache-server"
self.skip_bad_unless_running(origin_service, cache_service)
def test_01_stop_gridftp(self):
if not core.rpm_is_installed('globus-gridftp-server-progs'):
core.skip('not installed')
return
if core.state['gridftp.started-server'] == False:
core.skip('did not start server')
return
command = ('service', 'globus-gridftp-server', 'stop')
stdout, _, fail = core.check_system(command, 'Stop GridFTP server')
self.assert_(stdout.find('FAILED') == -1, fail)
self.assert_(not os.path.exists(core.config['gridftp.pid-file']),
'GridFTP server PID file still present')
def test_01_stop_xrootd(self):
if core.state['xrootd.backups-exist']:
if core.PackageVersion('xrootd') < '1:4.9.0':
files.restore(core.config['xrootd.config'], "xrootd")
else:
files.restore(core.config['xrootd.config-extra'], "xrootd")
files.restore('/etc/xrootd/auth_file', "xrootd")
if not core.rpm_is_installed('xrootd-lcmaps'):
files.restore('/etc/grid-security/xrd/xrdmapfile', "xrootd")
core.skip_ok_unless_installed('xrootd', by_dependency=True)
self.skip_ok_if(core.state['xrootd.started-server'], 'did not start server')
service.check_stop(core.config['xrootd_service'])
files.remove(core.config['xrootd.tmp-dir'], force=True)
def test_01_set_config(self):
port = core.config['gsisshd.port'] = '2222'
core.state['gsisshd.can-run'] = (
not (core.el_release() >= 7 and core.state['selinux.mode']
and not core.rpm_is_installed('policycoreutils-python')))
self.skip_ok_unless(
core.state['gsisshd.can-run'],
"Can't run with SELinux on EL >= 7 without policycoreutils-python")
files.write(SSHD_CONFIG,
SSHD_CONFIG_TEXT % {'port': port},
owner='gsissh',
chmod=0600)
def test_01_set_config(self):
port = core.config['gsisshd.port'] = '2222'
core.state['gsisshd.can-run'] = (not (
core.el_release() >= 7 and
core.state['selinux.mode'] and
not core.rpm_is_installed('policycoreutils-python')))
self.skip_ok_unless(core.state['gsisshd.can-run'],
"Can't run with SELinux on EL >= 7 without policycoreutils-python")
files.write(
SSHD_CONFIG,
SSHD_CONFIG_TEXT % {'port': port},
owner='gsissh',
chmod=0o600)
def test_03_remove_vo(self):
voms.skip_ok_unless_installed()
if core.rpm_is_installed('voms-admin-server'):
# Ask VOMS Admin to remove VO
command = ('voms-admin-configure', 'remove',
'--vo', core.config['voms.vo'],
'--undeploy-database')
stdout, _, fail = core.check_system(command, 'Remove VO')
self.assert_('Database undeployed correctly!' in stdout, fail)
self.assert_(' succesfully removed.' in stdout, fail)
# Really remove database -- the voms-admin-configure command above does
# not actually destroy the mysql database.
voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername'])
voms.destroy_voms_conf(core.config['voms.vo'])
def lockfile_path():
"""The path to the condor lockfile (EL5 and EL6 only)
Returns None on EL7.
"""
if core.el_release() >= 7:
return None
condor_lockfile = '/var/lock/subsys/condor_master'
# The name of the lockfile changed in 7.8.8
if core.rpm_is_installed('condor'):
condor_version = core.get_package_envra('condor')[2]
condor_version_split = condor_version.split('.')
if condor_version_split >= ['7', '8', '8']:
condor_lockfile = '/var/lock/subsys/condor'
return condor_lockfile
def test_01_start_xrootd(self):
core.config['xrootd.pid-file'] = '/var/run/xrootd/xrootd-default.pid'
core.config['certs.xrootdcert'] = '/etc/grid-security/xrd/xrdcert.pem'
core.config['certs.xrootdkey'] = '/etc/grid-security/xrd/xrdkey.pem'
core.config['xrootd.config'] = '/etc/xrootd/xrootd-clustered.cfg'
core.config['xrootd.config-extra'] = '/etc/xrootd/config.d/99-osg-test.cfg'
core.config['xrootd.port'] = XROOTD_PORT
core.config['xrootd.multiuser'] = False
core.state['xrootd.started-server'] = False
core.state['xrootd.backups-exist'] = False
self.skip_ok_unless(core.options.adduser, 'user not created')
core.skip_ok_unless_installed('xrootd', by_dependency=True)
user = pwd.getpwnam("xrootd")
core.skip_ok_unless_installed('globus-proxy-utils')
core.install_cert('certs.xrootdcert', 'certs.hostcert', 'xrootd', 0o644)
core.install_cert('certs.xrootdkey', 'certs.hostkey', 'xrootd', 0o400)
lcmaps_packages = ('lcmaps', 'lcmaps-db-templates', 'xrootd-lcmaps', 'vo-client', 'vo-client-lcmaps-voms')
if all([core.rpm_is_installed(x) for x in lcmaps_packages]):
core.log_message("Using xrootd-lcmaps authentication")
sec_protocol = '-authzfun:libXrdLcmaps.so -authzfunparms:--loglevel,5'
if core.PackageVersion('xrootd-lcmaps') >= '1.4.0':
sec_protocol += ',--policy,authorize_only'
else:
core.log_message("Using XRootD mapfile authentication")
sec_protocol = '-gridmap:/etc/grid-security/xrd/xrdmapfile'
files.write("/etc/grid-security/xrd/xrdmapfile", "\"%s\" vdttest" % core.config['user.cert_subject'],
owner="xrootd",
chown=(user.pw_uid, user.pw_gid))
if core.PackageVersion('xrootd') < '1:4.9.0':
files.append(core.config['xrootd.config'],
XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.port']),
owner='xrootd', backup=True)
else:
files.write(core.config['xrootd.config-extra'],
XROOTD_CFG_TEXT % (sec_protocol, core.config['xrootd.port']),
owner='xrootd', backup=True, chmod=0o644)
authfile = '/etc/xrootd/auth_file'
files.write(authfile, AUTHFILE_TEXT, owner="xrootd", chown=(user.pw_uid, user.pw_gid))
core.state['xrootd.backups-exist'] = True
def test_02_install_packages(self):
core.state['install.success'] = False
core.state['install.installed'] = []
core.state['install.updated'] = []
core.state['install.replace'] = []
core.state['install.orphaned'] = []
core.state['install.os_updates'] = []
# Install packages
core.state['install.transaction_ids'] = []
fail_msg = ''
pkg_repo_dict = OrderedDict((x, core.options.extrarepos) for x in core.options.packages)
# FIXME: Install slurm out of contrib if we're running 'All' tests until
# SOFTWARE-1733 gives us a generalized solution
if 'osg-tested-internal' in pkg_repo_dict or 'slurm' in pkg_repo_dict:
pkg_repo_dict.update(dict((x, ['osg-development']) for x in core.SLURM_PACKAGES))
for pkg, repos in pkg_repo_dict.items():
# Do not try to re-install packages
if core.rpm_is_installed(pkg):
continue
# Attempt installation
command = ['yum', '-y']
command += ['--enablerepo=%s' % x for x in repos]
command += ['install', pkg]
retry_fail, _, stdout, _ = yum.retry_command(command)
if retry_fail == '': # the command succeeded
core.state['install.transaction_ids'].append(yum.get_transaction_id())
command = ('rpm', '--verify', pkg)
core.check_system(command, 'Verify %s' % (pkg))
yum.parse_output_for_packages(stdout)
fail_msg += retry_fail
if fail_msg:
self.fail(fail_msg)
core.state['install.success'] = True
def test_02_install_packages(self):
core.state['install.success'] = False
core.state['install.installed'] = []
core.state['install.updated'] = []
core.state['install.replace'] = []
core.state['install.orphaned'] = []
core.state['install.os_updates'] = []
# Install packages
core.state['install.transaction_ids'] = []
fail_msg = ''
for package in core.options.packages:
# Do not try to re-install packages
if core.rpm_is_installed(package):
continue
# Attempt installation
command = ['yum', '-y']
for repo in core.options.extrarepos:
command.append('--enablerepo=%s' % repo)
command += ['install', package]
retry_fail, status, stdout, stderr = yum.retry_command(command)
if retry_fail == '': # the command succeeded
if core.el_release() >= 6:
# RHEL 6 does not have the rollback option, so store the
# transaction IDs so we can undo each transaction in the
# proper order
core.state['install.transaction_ids'].append(yum.get_transaction_id())
command = ('rpm', '--verify', package)
core.check_system(command, 'Verify %s' % (package))
yum.parse_output_for_packages(stdout)
fail_msg += retry_fail
if fail_msg:
self.fail(fail_msg)
core.state['install.success'] = True
def is_openjdk_devel_installed():
if core.rpm_is_installed(JAVAC_RPM):
return True
return False
