X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fserver%2Fsfa-start.py;h=fe811ff941b62c56506419cc7a9d60b44ec79998;hb=3cf5c9d8e3f11fa56450c22efdbd6e483c5adda9;hp=abe8c007c944b2c0eb8c0d9aec925f169ef5b764;hpb=5c0e9940d36350e510f2acbe7ad9774fb2048ee4;p=sfa.git

diff --git a/sfa/server/sfa-start.py b/sfa/server/sfa-start.py
index abe8c007..fe811ff9 100755
--- a/sfa/server/sfa-start.py
+++ b/sfa/server/sfa-start.py
@@ -25,10 +25,6 @@
 # TODO: Can all three servers use the same "registry" certificate?
 ##
 
-# TCP ports for the three servers
-#registry_port=12345
-#aggregate_port=12346
-#slicemgr_port=12347
 ### xxx todo not in the config yet
 component_port=12346
 import os, os.path
@@ -39,14 +35,13 @@ from optparse import OptionParser
 from sfa.util.sfalogging import logger
 from sfa.util.xrn import get_authority, hrn_to_urn
 from sfa.util.config import Config
-import sfa.client.xmlrpcprotocol as xmlrpcprotocol
-
+from sfa.trust.gid import GID
+from sfa.trust.trustedroots import TrustedRoots
 from sfa.trust.certificate import Keypair, Certificate
 from sfa.trust.hierarchy import Hierarchy
 from sfa.trust.gid import GID
 
 from sfa.server.sfaapi import SfaApi
-
 from sfa.server.registry import Registries
 from sfa.server.aggregate import Aggregates
 
@@ -60,7 +55,10 @@ def daemon():
     devnull = os.open(os.devnull, os.O_RDWR)
     os.dup2(devnull, 0)
     # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
-    crashlog = os.open('/var/log/httpd/sfa_access_log', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
+    logdir='/var/log/httpd'
+    # when installed in standalone we might not have httpd installed
+    if not os.path.isdir(logdir): os.mkdir('/var/log/httpd')
+    crashlog = os.open('%s/sfa_access_log'%logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
     os.dup2(crashlog, 1)
     os.dup2(crashlog, 2)
 
@@ -131,35 +129,36 @@ def update_cert_records(gids):
     Make sure there is a record in the registry for the specified gids. 
     Removes old records from the db.
     """
-    # import SfaTable here so this module can be loaded by PlcComponentApi
-    from sfa.util.table import SfaTable
-    from sfa.util.record import SfaRecord
+    # import db stuff here here so this module can be loaded by PlcComponentApi
+    from sfa.storage.alchemy import dbsession
+    from sfa.storage.persistentobjs import RegRecord
     if not gids:
         return
-    table = SfaTable()
     # get records that actually exist in the db
     gid_urns = [gid.get_urn() for gid in gids]
     hrns_expected = [gid.get_hrn() for gid in gids]
-    records_found = table.find({'hrn': hrns_expected, 'pointer': -1}) 
+    records_found = dbsession.query(RegRecord).\
+        filter_by(pointer=-1).filter(RegRecord.hrn.in_(hrns_expected)).all()
 
     # remove old records
     for record in records_found:
-        if record['hrn'] not in hrns_expected and \
-            record['hrn'] != self.api.config.SFA_INTERFACE_HRN:
-            table.remove(record)
+        if record.hrn not in hrns_expected and \
+            record.hrn != self.api.config.SFA_INTERFACE_HRN:
+            del record
 
     # TODO: store urn in the db so we do this in 1 query 
     for gid in gids:
         hrn, type = gid.get_hrn(), gid.get_type()
-        record = table.find({'hrn': hrn, 'type': type, 'pointer': -1})
+        record = dbsession.query(RegRecord).filter_by(hrn=hrn, type=type,pointer=-1).first()
         if not record:
-            record = {
-                'hrn': hrn, 'type': type, 'pointer': -1,
-                'authority': get_authority(hrn),
-                'gid': gid.save_to_string(save_parents=True),
-            }
-            record = SfaRecord(dict=record)
-            table.insert(record)
+            record = RegRecord (type=type)
+            record.set_from_dict (
+                { 'hrn': hrn, 
+                  'authority': get_authority(hrn),
+                  'gid': gid.save_to_string(save_parents=True),
+                  })
+            dbsession.add(record)
+    dbsession.commit()
         
 def main():
     # Generate command line parser
@@ -174,21 +173,23 @@ def main():
          help="run component server", default=False)
     parser.add_option("-t", "--trusted-certs", dest="trusted_certs", action="store_true",
          help="refresh trusted certs", default=False)
-    parser.add_option("-v", "--verbose", action="count", dest="verbose", default=0,
-         help="verbose mode - cumulative")
     parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
          help="Run as daemon.", default=False)
     (options, args) = parser.parse_args()
     
     config = Config()
-    if config.SFA_API_DEBUG: pass
+    logger.setLevelFromOptVerbose(config.SFA_API_LOGLEVEL)
+    
 
     # ge the server's key and cert
     hierarchy = Hierarchy()
-    auth_info = hierarchy.get_interface_auth_info() 
+    auth_info = hierarchy.get_interface_auth_info()
     server_key_file = auth_info.get_privkey_filename()
     server_cert_file = auth_info.get_gid_filename()
 
+    # ensure interface cert is present in trusted roots dir
+    trusted_roots = TrustedRoots(config.get_trustedroots_dir())
+    trusted_roots.add_gid(GID(filename=server_cert_file))
     if (options.daemon):  daemon()
     
     if options.trusted_certs: