from sfa.client.return_value import ReturnValue
# after http://www.erlenstar.demon.co.uk/unix/faq_2.html
from sfa.client.return_value import ReturnValue
# after http://www.erlenstar.demon.co.uk/unix/faq_2.html
- # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
- logdir='/var/log/httpd'
+ # xxx fixme - this is just to make sure that nothing gets stupidly lost -
+ # should use devnull
+ logdir = '/var/log/httpd'
- if not os.path.isdir(logdir): os.mkdir('/var/log/httpd')
- crashlog = os.open('%s/sfa_access_log'%logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
+ if not os.path.isdir(logdir):
+ os.mkdir('/var/log/httpd')
+ crashlog = os.open('%s/sfa_access_log' % logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
# There should be a gid file in /etc/sfa/trusted_roots for every
# peer registry found in in the registries.xml config file. If there
# are any missing gids, request a new one from the peer registry.
# There should be a gid file in /etc/sfa/trusted_roots for every
# peer registry found in in the registries.xml config file. If there
# are any missing gids, request a new one from the peer registry.
- print>>sys.stderr, " \r\n \r\n \t=============================================== install_peer_certs server_key_file %s server_cert_file %s"%(server_key_file,server_cert_file)
- api = SfaApi(key_file = server_key_file, cert_file = server_cert_file)
+ api = SfaApi(key_file=server_key_file, cert_file=server_cert_file)
registries = Registries()
aggregates = Aggregates()
interfaces = dict(registries.items() + aggregates.items())
registries = Registries()
aggregates = Aggregates()
interfaces = dict(registries.items() + aggregates.items())
- interface = interfaces[new_hrn].server_proxy(server_key_file, server_cert_file, timeout=30)
+ interface = interfaces[new_hrn].server_proxy(
+ server_key_file, server_cert_file, timeout=30)
trusted_gids = ReturnValue.get_value(interface.get_trusted_certs())
if trusted_gids:
# the gid we want should be the first one in the list,
trusted_gids = ReturnValue.get_value(interface.get_trusted_certs())
if trusted_gids:
# the gid we want should be the first one in the list,
gid.save_to_file(gid_filename, save_parents=True)
message = "installed trusted cert for %s" % new_hrn
# log the message
api.logger.info(message)
except:
message = "interface: %s\tunable to install trusted gid for %s" % \
gid.save_to_file(gid_filename, save_parents=True)
message = "installed trusted cert for %s" % new_hrn
# log the message
api.logger.info(message)
except:
message = "interface: %s\tunable to install trusted gid for %s" % \
api.logger.log_exc(message)
# doesnt matter witch one
update_cert_records(peer_gids)
api.logger.log_exc(message)
# doesnt matter witch one
update_cert_records(peer_gids)
def update_cert_records(gids):
"""
Make sure there is a record in the registry for the specified gids.
Removes old records from the db.
"""
# import db stuff here here so this module can be loaded by PlcComponentApi
def update_cert_records(gids):
"""
Make sure there is a record in the registry for the specified gids.
Removes old records from the db.
"""
# import db stuff here here so this module can be loaded by PlcComponentApi
- record = dbsession.query(RegRecord).filter_by(hrn=hrn, type=type,pointer=-1).first()
+ record = dbsession.query(RegRecord).filter_by(
+ hrn=hrn, type=type, pointer=-1).first()
- record = RegRecord (dict= {'type':type,
- 'hrn': hrn,
- 'authority': get_authority(hrn),
- 'gid': gid.save_to_string(save_parents=True),
- })
+ record = RegRecord(dict={'type': type,
+ 'hrn': hrn,
+ 'authority': get_authority(hrn),
+ 'gid': gid.save_to_string(save_parents=True),
+ })
def main():
# Generate command line parser
parser = OptionParser(usage="sfa-start.py [options]")
parser.add_option("-r", "--registry", dest="registry", action="store_true",
def main():
# Generate command line parser
parser = OptionParser(usage="sfa-start.py [options]")
parser.add_option("-r", "--registry", dest="registry", action="store_true",
parser.add_option("-s", "--slicemgr", dest="sm", action="store_true",
parser.add_option("-s", "--slicemgr", dest="sm", action="store_true",
parser.add_option("-a", "--aggregate", dest="am", action="store_true",
parser.add_option("-a", "--aggregate", dest="am", action="store_true",
parser.add_option("-c", "--component", dest="cm", action="store_true",
parser.add_option("-c", "--component", dest="cm", action="store_true",
parser.add_option("-t", "--trusted-certs", dest="trusted_certs", action="store_true",
parser.add_option("-t", "--trusted-certs", dest="trusted_certs", action="store_true",
parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
# ge the server's key and cert
hierarchy = Hierarchy()
auth_info = hierarchy.get_interface_auth_info()
server_key_file = auth_info.get_privkey_filename()
# ge the server's key and cert
hierarchy = Hierarchy()
auth_info = hierarchy.get_interface_auth_info()
server_key_file = auth_info.get_privkey_filename()
- server_cert_file = auth_info.get_gid_filename()
- print>>sys.stderr, " \r\n \t\t\t\t\t SFA-START MAIN auth_info %s server_key_file %s server_cert_file %s "%(auth_info, server_key_file,server_cert_file)
+ server_cert_file = auth_info.get_gid_filename()
+
# ensure interface cert is present in trusted roots dir
trusted_roots = TrustedRoots(config.get_trustedroots_dir())
trusted_roots.add_gid(GID(filename=server_cert_file))
# ensure interface cert is present in trusted roots dir
trusted_roots = TrustedRoots(config.get_trustedroots_dir())
trusted_roots.add_gid(GID(filename=server_cert_file))
- r = Registry("", config.SFA_REGISTRY_PORT, server_key_file, server_cert_file)
+ r = Registry("", config.SFA_REGISTRY_PORT,
+ server_key_file, server_cert_file)
- a = Aggregate("", config.SFA_AGGREGATE_PORT, server_key_file, server_cert_file)
+ a = Aggregate("", config.SFA_AGGREGATE_PORT,
+ server_key_file, server_cert_file)
- c = Component("", config.component_port, server_key_file, server_cert_file)
+ c = Component("", config.component_port,
+ server_key_file, server_cert_file)
# c = Component("", config.SFA_COMPONENT_PORT, server_key_file, server_cert_file)
c.start()
# c = Component("", config.SFA_COMPONENT_PORT, server_key_file, server_cert_file)
c.start()