%define url $URL$
%define name sfa
-%define version 0.9
-%define taglevel 10
+%define version 1.0
+%define taglevel 1
%define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
%global python_sitearch %( python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)" )
Group: Applications/System
BuildRequires: make
-Requires: python
+Requires: python >= 2.5
Requires: m2crypto
+Requires: xmlsec1-openssl-devel
Requires: libxslt-python
Requires: python-ZSI
# xmlbuilder depends on lxml
Requires: python-lxml
-
+Requires: python-setuptools
+Requires: python-dateutil
+
# python 2.5 has uuid module added, for python 2.4 we still need it.
# we can't really check for if we can load uuid as a python module,
# it'll be installed by "devel.pkgs". we have the epel repository so
# python-uuid will be provided. but we can test for the python
# version.
-%define has_py24 %( python -c "import sys;sys.exit(sys.version_info[0:2] == (2,4))" 2> /dev/null; echo $? )
-%if %has_py24
-Requires: python-uuid
-%endif
+# %define has_py24 %( python -c "import sys;sys.exit(sys.version_info[0:2] == (2,4))" 2> /dev/null; echo $? )
+# %if %has_py24
+#
+# this also didn't work very well. I'll just check for distroname - baris
+#%if %{distroname} == "centos5"
+#Requires: python-uuid
+#%endif
%package cm
Summary: the SFA wrapper around MyPLC's NodeManager
%files
# sfa and sfatables depend each other.
+%{_bindir}/sfa-server.py*
/etc/sfatables/*
%{python_sitelib}/*
-/usr/bin/keyconvert
+%{_bindir}/keyconvert.py*
/var/www/html/wsdl/*.wsdl
%files cm
%config (noreplace) /etc/sfa/aggregates.xml
%config (noreplace) /etc/sfa/registries.xml
/etc/init.d/sfa
+/etc/sfa/pl.rng
%{_bindir}/sfa-config-tty
%{_bindir}/sfa-import-plc.py*
%{_bindir}/sfa-clean-peer-records.py*
%{_bindir}/sfa-nuke-plc.py*
-%{_bindir}/sfa-server.py*
%{_bindir}/gen-sfa-cm-config.py*
+%{_bindir}/sfa-ca.py*
%files client
%config (noreplace) /etc/sfa/sfi_config
-%{_bindir}/sfi.py*
+%{_bindir}/sfi*
%{_bindir}/getNodes.py*
%{_bindir}/getRecord.py*
%{_bindir}/setRecord.py*
%files sfatables
%{_bindir}/sfatables
-%pre plc
-[ -f %{_sysconfdir}/init.d/sfa ] && service sfa stop ||:
-
-%pre cm
-[ -f %{_sysconfdir}/init.d/sfa-cm ] && service sfa-cm stop ||:
-
+### sfa-plc installs the 'sfa' service
%post plc
chkconfig --add sfa
+%preun plc
+if [ "$1" = 0 ] ; then
+ /sbin/service sfa stop || :
+ /sbin/chkconfig --del sfa || :
+fi
+
+%postun plc
+[ "$1" -ge "1" ] && service sfa restart
+
+### sfa-cm installs the 'sfa-cm' service
%post cm
chkconfig --add sfa-cm
+
+%preun cm
+if [ "$1" = 0 ] ; then
+ /sbin/service sfa-cm stop || :
+ /sbin/chkconfig --del sfa-cm || :
+fi
+
+%postun cm
+[ "$1" -ge "1" ] && service sfa-cm restart
+
+
+%changelog
+* Mon Oct 04 2010 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-1
+- various bugfixes and cleanup, improved/harmonized logging
+
+* Tue Sep 07 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-16
+- truncate login base of external (ProtoGeni, etc) slices to 20 characters
+ to avoid returning a PLCAPI exception that might confuse users.
+- Enhance PLC aggregate performace by using a better filter when querying SliceTags.
+- fix build errors.
+
+* Tue Aug 24 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-15
+- (Architecture) Credential format changed to match ProtoGENI xml format
+- (Architecture) All interfaces export a new set of methods that are compatible
+ with the ProtoGeni Aggregate spec. These new methods are considered a
+ replacement for the pervious methods exported by the interfaces. All
+ previous methods are still exported and work as normal, but they are
+ considered deprecated and will not be supported in future releases.
+- (Architecture) SFI has been updated to use the new interface methods.
+- (Architecture) Changed keyconvet implementation from c to python.
+- (Architecture) Slice Manager now attempts looks for a delegated credential
+ provided by the client before using its own server credential.
+- (Archiceture) Slice Interface no longers stores cache of resources on disk.
+ This cache now exists only in memory and is cleared when service is restarted
+ or cache lifetime is exceeded.
+- (Performance) SliceManager sends request to Aggregates in parallel instead
+ of sequentially.
+- (Bug fix) SFA tickets now support the new rspec format.
+- (Bug fix) SFI only uses cahced credential if they aren't expired.
+- (Bug fix) Cerdential delegation modified to work with new credential format.
+- (Enhancement) SFI -a --aggregatge option now sends requests directly to the
+ Aggregate instead of relaying through the Slice Manager.
+- (Enhancement) Simplified caching. Accociated a global cache instance with
+ the api handler on every new server request, making it easier to access the
+ cache and use in more general ways.
+
%changelog
+* Mon Oct 04 2010 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-1
+- various bugfixes and cleanup, improved/harmonized logging
+
+* Thu May 11 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-11
+- SfaServer now uses a pool of threads to handle requests concurrently
+- sfa.util.rspec no longer used to process/manage rspecs (deprecated). This is now handled by sfa.plc.network and is not backwards compatible
+- PIs can now get a slice credential for any slice at their site without having to be a member of the slice
+- Registry records for federated peers (defined in registries.xml, aggregates.xml) updated when sfa service is started
+- Interfaces will try to fetch and install gids from peers listed in registries.xml/aggregates.xml if gid is not found in /etc/sfa/trusted_roots dir
+- Component manager does not install gid files if slice already has them
+- Server automatically fetches and installs peer certificats (defined in registries/aggregates.xml) when service is restarted.
+- fix credential verification exploit (verify that the trusted signer is a parent of the object it it signed)
+- made it easier for root authorities to sign their sub's certifiacate using the sfa-ca.py (sfa/server/sfa-ca.py) tool
+
* Thu Jan 21 2010 anil vengalil <avengali@sophia.inria.fr> - sfa-0.9-10
- This tag is quite same as the previous one (sfa-0.9-9) except that the vini and max aggregate managers are also updated for urn support. Other features are:
- - sfa-config-tty now has the same features like plc-config-tty
git://git.onelab.eu / sfa.git / blobdiff