git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
rename xmlrpcprotocol into sfaprotocol
[sfa.git] / sfa / server / sfa-start.py
diff --git a/sfa/server/sfa-start.py b/sfa/server/sfa-start.py
index abe8c00..4f72b67 100755 (executable)
--- a/sfa/server/sfa-start.py
+++ b/sfa/server/sfa-start.py
@@ -39,8 +39,8 @@ from optparse import OptionParser
 from sfa.util.sfalogging import logger
 from sfa.util.xrn import get_authority, hrn_to_urn
 from sfa.util.config import Config
-import sfa.client.xmlrpcprotocol as xmlrpcprotocol
-
+from sfa.trust.gid import GID
+from sfa.trust.trustedroots import TrustedRoots
 from sfa.trust.certificate import Keypair, Certificate
 from sfa.trust.hierarchy import Hierarchy
 from sfa.trust.gid import GID
@@ -60,7 +60,10 @@ def daemon():
     devnull = os.open(os.devnull, os.O_RDWR)
     os.dup2(devnull, 0)
     # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
-    crashlog = os.open('/var/log/httpd/sfa_access_log', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
+    logdir='/var/log/httpd'
+    # when installed in standalone we might not have httpd installed
+    if not os.path.isdir(logdir): os.mkdir('/var/log/httpd')
+    crashlog = os.open('%s/sfa_access_log'%logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
     os.dup2(crashlog, 1)
     os.dup2(crashlog, 2)
 
@@ -132,8 +135,8 @@ def update_cert_records(gids):
     Removes old records from the db.
     """
     # import SfaTable here so this module can be loaded by PlcComponentApi
-    from sfa.util.table import SfaTable
-    from sfa.util.record import SfaRecord
+    from sfa.storage.table import SfaTable
+    from sfa.storage.record import SfaRecord
     if not gids:
         return
     table = SfaTable()
@@ -185,10 +188,13 @@ def main():
 
     # ge the server's key and cert
     hierarchy = Hierarchy()
-    auth_info = hierarchy.get_interface_auth_info() 
+    auth_info = hierarchy.get_interface_auth_info()
     server_key_file = auth_info.get_privkey_filename()
     server_cert_file = auth_info.get_gid_filename()
 
+    # ensure interface cert is present in trusted roots dir
+    trusted_roots = TrustedRoots(config.get_trustedroots_dir())
+    trusted_roots.add_gid(GID(filename=server_cert_file))
     if (options.daemon):  daemon()
     
     if options.trusted_certs:
sfa