def proxy_info(self, msg): voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy') command = ('voms-proxy-info', '-all') stdout = core.check_system(command, 'Run voms-proxy-info', user=True)[0] self.assert_(('/%s/Role=NULL' % (core.config['voms.vo'])) in stdout, msg)
def test_08_voms_proxy_check(self): """ Check generated proxies to make sure that they use the same signing algorithm as the certificate """ voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy') pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') # Note: We're only looking for the "Signature Algorithm" line which has the same output format # regardless of openssl version. command = ['openssl', 'x509', '-in', cert_path, '-text'] signature_re = re.compile(r'Signature Algorithm:\s+(\w+)\s') stdout = core.check_system(command, 'Check X.509 certificate algorithm', user=True)[0] match = signature_re.search(stdout) if match is None: self.fail("Can't find user cert's signing algorithm") cert_algorithm = match.group(1) command[3] = os.path.join('/', 'tmp', "x509up_u%s" % pwd_entry[2]) stdout = core.check_system(command, 'Check X.509 proxy algorithm', user=True)[0] match = signature_re.search(stdout) if match is None: self.fail("Can't find proxy's signing algorithm") proxy_algorithm = match.group(1) self.assertEqual(cert_algorithm, proxy_algorithm) core.state['proxy.valid'] = True
def test_03_remove_vo(self): voms.skip_ok_unless_installed() # Really remove database -- the voms-admin-configure command above does # not actually destroy the mysql database. voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername']) voms.destroy_voms_conf(core.config['voms.vo'])
def test_03_remove_vo(self): voms.skip_ok_unless_installed() # Really remove database -- the voms-admin-configure command above does # not actually destroy the mysql database. voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername']) voms.destroy_voms_conf(core.config['voms.vo'])
def test_05_create_vo(self): voms.skip_ok_unless_installed() voms.create_vo(vo=core.config['voms.vo'], dbusername=core.config['voms.dbusername'], dbpassword='******', vomscert=core.config['certs.vomscert'], vomskey=core.config['certs.vomskey'])
def test_05_create_vo(self): voms.skip_ok_unless_installed() voms.create_vo(vo=core.config['voms.vo'], dbusername=core.config['voms.dbusername'], dbpassword='******', vomscert=core.config['certs.vomscert'], vomskey=core.config['certs.vomskey'])
def proxy_info(self, msg): voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy') command = ('voms-proxy-info', '-all') stdout = core.check_system(command, 'Run voms-proxy-info', user=True)[0] self.assert_(('/%s/Role=NULL' % (core.config['voms.vo'])) in stdout, msg)
def test_08_advertise(self): voms.skip_ok_unless_installed() voms.advertise_lsc(core.config['voms.vo'], core.config['certs.hostcert']) files.preserve('/etc/vomses', owner='voms') voms.advertise_vomses(core.config['voms.vo'], core.config['certs.hostcert']) core.system('ls -ldF /etc/*vom*', shell=True) core.system(('find', '/etc/grid-security/vomsdir', '-ls'))
def test_02_install_voms_certs(self): voms.skip_ok_unless_installed() vomscert = core.config['certs.vomscert'] vomskey = core.config['certs.vomskey'] self.skip_ok_if(core.check_file_and_perms(vomscert, 'voms', 0o644) and core.check_file_and_perms(vomskey, 'voms', 0o400), 'VOMS cert exists and has proper permissions') core.install_cert('certs.vomscert', 'certs.hostcert', 'voms', 0o644) core.install_cert('certs.vomskey', 'certs.hostkey', 'voms', 0o400)
def test_02_install_voms_certs(self): voms.skip_ok_unless_installed() vomscert = core.config['certs.vomscert'] vomskey = core.config['certs.vomskey'] self.skip_ok_if(core.check_file_and_perms(vomscert, 'voms', 0o644) and core.check_file_and_perms(vomskey, 'voms', 0o400), 'VOMS cert exists and has proper permissions') core.install_cert('certs.vomscert', 'certs.hostcert', 'voms', 0o644) core.install_cert('certs.vomskey', 'certs.hostkey', 'voms', 0o400)
def test_08_advertise(self): voms.skip_ok_unless_installed() voms.advertise_lsc(core.config['voms.vo'], core.config['certs.hostcert']) files.preserve('/etc/vomses', owner='voms') voms.advertise_vomses(core.config['voms.vo'], core.config['certs.hostcert']) core.system('ls -ldF /etc/*vom*', shell=True) core.system(('find', '/etc/grid-security/vomsdir', '-ls'))
def test_04_bad_voms_proxy_init(self): voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.added-user']) command = ('voms-proxy-init', '-voms', core.config['voms.vo'] + ':/Bogus') password = core.options.password + '\n' status, stdout, _ = core.system(command, True, password) self.assertNotEqual(status, 0, 'voms-proxy-init fails on bad group') self.assert_('Unable to satisfy' in stdout, 'voms-proxy-init failure message')
def test_01_add_user(self): core.state['voms.added-user'] = False voms.skip_ok_unless_installed() pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') voms.add_user(core.config['voms.vo'], cert_path) core.state['voms.added-user'] = True
def test_05_create_vo(self): voms.skip_ok_unless_installed() use_voms_admin = core.rpm_is_installed('voms-admin-server') voms.create_vo(vo=core.config['voms.vo'], dbusername=core.config['voms.dbusername'], dbpassword='******', vomscert=core.config['certs.vomscert'], vomskey=core.config['certs.vomskey'], use_voms_admin=use_voms_admin)
def test_06_rfc_voms_proxy_init(self): core.state['voms.got-proxy'] = False voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.added-user']) command = ('voms-proxy-init', '-voms', core.config['voms.vo'], '-rfc') password = core.options.password + '\n' core.check_system(command, 'Run voms-proxy-init', user=True, stdin=password) core.state['voms.got-proxy'] = True
def test_01_add_user(self): core.state['voms.added-user'] = False voms.skip_ok_unless_installed() pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') voms.add_user(core.config['voms.vo'], cert_path) core.state['voms.added-user'] = True
def test_04_bad_voms_proxy_init(self): voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.added-user']) command = ('voms-proxy-init', '-voms', core.config['voms.vo'] + ':/Bogus') password = core.options.password + '\n' status, stdout, _ = core.system(command, True, password) self.assertNotEqual(status, 0, 'voms-proxy-init fails on bad group') self.assert_('Unable to satisfy' in stdout, 'voms-proxy-init failure message')
def test_06_rfc_voms_proxy_init(self): core.state['voms.got-proxy'] = False voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.added-user']) command = ('voms-proxy-init', '-voms', core.config['voms.vo'], '-rfc') password = core.options.password + '\n' core.check_system(command, 'Run voms-proxy-init', user=True, stdin=password) core.state['voms.got-proxy'] = True
def test_09_start_voms(self): core.state['voms.started-server'] = False voms.skip_ok_unless_installed() self.skip_ok_if(os.path.exists(core.config['voms.lock-file']), 'apparently running') if core.el_release() < 7: core.config['voms_service'] = 'voms' else: core.config['voms_service'] = 'voms@' + core.config['voms.vo'] service.check_start(core.config['voms_service']) core.state['voms.started-server'] = True
def test_09_start_voms(self): core.state['voms.started-server'] = False voms.skip_ok_unless_installed() self.skip_ok_if(os.path.exists(core.config['voms.lock-file']), 'apparently running') if core.el_release() < 7: core.config['voms_service'] = 'voms' else: core.config['voms_service'] = 'voms@' + core.config['voms.vo'] service.check_start(core.config['voms_service']) core.state['voms.started-server'] = True
def test_01_add_user(self): core.state['voms.added-user'] = False voms.skip_ok_unless_installed() pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') use_voms_admin = False if core.rpm_is_installed('voms-admin-server') and core.rpm_is_installed('voms-admin-client'): self.skip_bad_unless(core.state['tomcat.started']) use_voms_admin = True voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin) core.state['voms.added-user'] = True
def test_03_remove_vo(self): voms.skip_ok_unless_installed() if core.rpm_is_installed('voms-admin-server'): # Ask VOMS Admin to remove VO command = ('voms-admin-configure', 'remove', '--vo', core.config['voms.vo'], '--undeploy-database') stdout, _, fail = core.check_system(command, 'Remove VO') self.assert_('Database undeployed correctly!' in stdout, fail) self.assert_(' succesfully removed.' in stdout, fail) # Really remove database -- the voms-admin-configure command above does # not actually destroy the mysql database. voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername']) voms.destroy_voms_conf(core.config['voms.vo'])
def test_03_remove_vo(self): voms.skip_ok_unless_installed() if core.rpm_is_installed('voms-admin-server'): # Ask VOMS Admin to remove VO command = ('voms-admin-configure', 'remove', '--vo', core.config['voms.vo'], '--undeploy-database') stdout, _, fail = core.check_system(command, 'Remove VO') self.assert_('Database undeployed correctly!' in stdout, fail) self.assert_(' succesfully removed.' in stdout, fail) # Really remove database -- the voms-admin-configure command above does # not actually destroy the mysql database. voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername']) voms.destroy_voms_conf(core.config['voms.vo'])
def test_01_add_user(self): core.state['voms.added-user'] = False voms.skip_ok_unless_installed() pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') use_voms_admin = False if core.rpm_is_installed( 'voms-admin-server') and core.rpm_is_installed( 'voms-admin-client'): self.skip_bad_unless(core.state['tomcat.started']) use_voms_admin = True voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin) core.state['voms.added-user'] = True
def test_08_voms_proxy_check(self): """ Check generated proxies to make sure that they use the same signing algorithm as the certificate """ voms.skip_ok_unless_installed() self.skip_bad_unless(core.state['voms.got-proxy'], 'no proxy') pwd_entry = pwd.getpwnam(core.options.username) cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem') command = ['openssl', 'x509', '-in', cert_path, '-text'] signature_re = re.compile(r'Signature Algorithm:\s+(\w+)\s') stdout = core.check_system(command, 'Check X.509 certificate algorithm', user=True)[0] match = signature_re.search(stdout) if match is None: self.fail("Can't find user cert's signing algorithm") cert_algorithm = match.group(1) command[3] = os.path.join('/', 'tmp', "x509up_u%s" % pwd_entry[2]) stdout = core.check_system(command, 'Check X.509 proxy algorithm', user=True)[0] match = signature_re.search(stdout) if match is None: self.fail("Can't find proxy's signing algorithm") proxy_algorithm = match.group(1) self.assertEqual(cert_algorithm, proxy_algorithm)
def test_01_stop_voms(self): voms.skip_ok_unless_installed() self.skip_ok_unless(core.state['voms.started-server'], 'did not start server') service.check_stop(core.config['voms_service'])
def test_02_restore_vomses(self): voms.skip_ok_unless_installed() voms.destroy_lsc(core.config['voms.vo']) files.restore('/etc/vomses', 'voms')
def test_01_stop_voms(self): voms.skip_ok_unless_installed() self.skip_ok_unless(core.state['voms.started-server'], 'did not start server') service.check_stop(core.config['voms_service'])
def test_02_restore_vomses(self): voms.skip_ok_unless_installed() voms.destroy_lsc(core.config['voms.vo']) files.restore('/etc/vomses', 'voms')