-Copyright (c) 2008 Board of Trustees, Princeton University
+Copyright (c) 2008-2013 Board of Trustees, Princeton University
+Copyright (c) 2010-2013 INRIA, Institut National d'Informatique et Automatique
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and/or hardware specification (the “Work”) to
#
# overwritten by the specfile
DESTDIR="/"
-
+PREFIX=/usr
##########
all: python wsdl
sed -e "s,@VERSIONTAG@,$(VERSIONTAG),g" -e "s,@SCMURL@,$(SCMURL),g" sfa/util/version.py.in > $@
xmlbuilder-install:
- cd xmlbuilder-0.9 && python setup.py install --root=$(DESTDIR) && cd -
+ cd xmlbuilder-0.9 && python setup.py install --prefix=$(PREFIX) --root=$(DESTDIR) && cd -
rm -rf $(DESTDIR)/usr/lib*/python*/site-packages/*egg-info
# postinstall steps - various cleanups and tweaks for a nicer rpm
python-install:
- python setup.py install --root=$(DESTDIR)
+ python setup.py install --prefix=$(PREFIX) --root=$(DESTDIR)
chmod 444 $(DESTDIR)/etc/sfa/default_config.xml
rm -rf $(DESTDIR)/usr/lib*/python*/site-packages/*egg-info
rm -rf $(DESTDIR)/usr/lib*/python*/site-packages/sfa/storage/migrations
.PHONY: wsdl wsdl-install wsdl-clean
+##########
+debian: version
+ $(MAKE) -f Makefile.debian debian
+debian.clean:
+ $(MAKE) -f Makefile.debian clean
+
##########
tests-install:
mkdir -p $(DESTDIR)/usr/share/sfa/tests
synclib: synccheck
+$(RSYNC) --relative ./sfa/ --exclude migrations $(SSHURL)/usr/lib\*/python2.\*/site-packages/
+synclibdeb: synccheck
+ +$(RSYNC) --relative ./sfa/ --exclude migrations $(SSHURL)/usr/share/pyshared/
syncbin: synccheck
+$(RSYNC) $(BINS) $(SSHURL)/usr/bin/
syncinit: synccheck
# full-fledged
sync: synclib syncbin syncinit syncconfig syncrestart
+syncdeb: synclibdeb syncbin syncinit syncconfig syncrestart
# 99% of the time this is enough
syncfast: synclib syncrestart
--- /dev/null
+PROJECT=sfa
+VERSION=$(shell python -c "from sfa.util.version import version_tag; print version_tag" | sed -e s,-,.,)
+DATE=$(shell date -u +"%a, %d %b %Y %T")
+DEBIAN_TARBALL=../$(PROJECT)_$(VERSION).orig.tar.bz2
+
+debian: debian/changelog debian.source debian.package
+
+force:
+
+debian/changelog: debian/changelog.in
+ sed -e "s|@VERSION@|$(VERSION)|" -e "s|@DATE@|$(DATE)|" debian/changelog.in > debian/changelog
+
+# TARBALL is passed from the main build (/build/Makefile) to the 'make debian' call
+debian.source: force
+ rsync -a $(TARBALL) $(DEBIAN_TARBALL)
+
+debian.package:
+ debuild -uc -us -b
+
+debian.clean:
+ $(MAKE) -f debian/rules clean
+ rm -rf build/ MANIFEST ../*.tar.gz ../*.dsc ../*.build
+ find . -name '*.pyc' -delete
+
--- /dev/null
+sfa (@VERSION@) UNRELEASED; urgency=low
+
+ * Initial release.
+
+ -- Thierry Parmentelat <thierry.parmentelat@inria.fr> @DATE@ +0000
--- /dev/null
+Source: sfa
+Maintainer: Thierry Parmentelat <Thierry.Parmentelat@inria.fr>
+Section: misc
+Priority: optional
+Standards-Version: 3.9.2
+Build-Depends: devscripts, debhelper (>=7.0.50~), debconf, dpatch, python-setuptools, make
+
+Package: sfa
+Architecture: any
+Depends: postgresql (>= 8.2), python-psycopg2, python-sqlalchemy, python-migrate, uuid-runtime
+Description: Server-side for SFA, generic implementation derived from PlanetLab
+
+Package: sfa-common
+Architecture: any
+Depends: python (>= 2.7), python-openssl (>= 0.7), python-m2crypto, python-dateutil, python-lxml, python-libxslt1, python-zsi
+Description: Python libraries for SFA, generic implementation derived from PlanetLab
+
+Package: sfa-flashpolicy
+Architecture: any
+Depends: sfa-common
+Description: SFA support for flash clients
+
+Package: sfa-client
+Architecture: any
+Depends: sfa-common
+Description: sfi, the SFA experimenter-side CLI
+
+Package: sfa-plc
+Architecture: any
+Depends: sfa-common
+Description: the SFA layer around MyPLC
+
+Package: sfa-federica
+Architecture: any
+Depends: sfa-common
+Description: the SFA layer around Federica
+
+Package: sfa-nitos
+Architecture: any
+Depends: sfa-common
+Description: the SFA layer around NITOS
+
+Package: sfa-dummy
+Architecture: any
+Depends: sfa-common
+Description: the SFA layer around a Dummy Testbed
+
+Package: sfa-sfatables
+Architecture: any
+Depends: sfa-common
+Description: sfatables policy tool for SFA
+
+Package: sfa-xmlbuilder
+Architecture: any
+Provides: python-xmlbuilder
+Description: third-party xmlbuilder tool
+
+Package: sfa-tests
+Architecture: any
+Depends: sfa-common
+Description: unit tests suite for SFA
+
--- /dev/null
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+%:
+ dh $@
--- /dev/null
+etc/sfa/sfi_config
+usr/bin/sfi*.py*
+usr/bin/sfi
+usr/bin/get*.py*
+usr/bin/setRecord.py*
+usr/bin/sfascan.py*
+usr/bin/sfascan
+usr/bin/sfadump.py*
--- /dev/null
+usr/lib*/python*/site-packages/sfa/__init__.py*
+usr/lib*/python*/site-packages/sfa/trust
+usr/lib*/python*/site-packages/sfa/storage
+usr/lib*/python*/site-packages/sfa/util
+usr/lib*/python*/site-packages/sfa/server
+usr/lib*/python*/site-packages/sfa/methods
+usr/lib*/python*/site-packages/sfa/generic
+usr/lib*/python*/site-packages/sfa/managers
+usr/lib*/python*/site-packages/sfa/importer
+usr/lib*/python*/site-packages/sfa/rspecs
+usr/lib*/python*/site-packages/sfa/client
--- /dev/null
+usr/lib*/python*/site-packages/sfa/dummy
--- /dev/null
+usr/lib*/python*/site-packages/sfa/federica
--- /dev/null
+usr/bin/sfa_flashpolicy.py*
+etc/sfa/sfa_flashpolicy_config.xml
--- /dev/null
+usr/lib*/python*/site-packages/sfa/nitos
--- /dev/null
+usr/lib*/python*/site-packages/sfa/planetlab
+usr/lib*/python*/site-packages/sfa/openstack
+etc/sfa/pl.rng
+etc/sfa/credential.xsd
+etc/sfa/top.xsd
+etc/sfa/sig.xsd
+etc/sfa/xml.xsd
+etc/sfa/protogeni-rspec-common.xsd
+etc/sfa/topology
--- /dev/null
+etc/sfatables/*
+usr/bin/sfatables
+usr/lib*/python*/site-packages/sfatables
--- /dev/null
+usr/share/sfa/tests
--- /dev/null
+usr/lib*/python*/site-packages/xmlbuilder
--- /dev/null
+usr/bin/sfa-start.py*
+usr/bin/sfaadmin.py*
+usr/bin/sfaadmin
+usr/bin/keyconvert.py*
+usr/bin/sfa-config-tty
+usr/bin/sfa-config
+etc/sfa/default_config.xml
+etc/sfa/aggregates.xml
+etc/sfa/registries.xml
+etc/init.d/sfa
+etc/init.d/functions.sfa
+usr/share/sfa/migrations
+usr/share/sfa/examples
+var/www/html/wsdl/*.wsdl
--- /dev/null
+#!/bin/bash
+# this file is not used yet
+# I take it the idea was to implement
+# something like chkconfig sfa on
+
+update-rc.d sfa defaults
--- /dev/null
+3.0 (quilt)
--- /dev/null
+# -*-Shell-script-*-
+#
+# Thierry, jan 17 2013
+# this file was put together by Jordan to provide the same interface as
+# /etc/init.d/functions on fedora systems
+# (probably is extracted from one of the fedora releases as is, not sure about that)
+#
+# we unconditionnally ship this as /etc/init.d/functions.sfa,
+# and then our own initscript (init.d/sfa) does source that
+# conditionnally, i.e. when run on debian systems
+####################
+#
+# functions This file contains functions to be used by most or all
+# shell scripts in the /etc/init.d directory.
+#
+
+TEXTDOMAIN=initscripts
+
+# Make sure umask is sane
+umask 022
+
+# Set up a default search path.
+PATH="/sbin:/usr/sbin:/bin:/usr/bin"
+export PATH
+
+if [ $PPID -ne 1 -a -z "$SYSTEMCTL_SKIP_REDIRECT" ] && \
+ ( /bin/mountpoint -q /cgroup/systemd || /bin/mountpoint -q /sys/fs/cgroup/systemd ) ; then
+ case "$0" in
+ /etc/init.d/*|/etc/rc.d/init.d/*)
+ _use_systemctl=1
+ ;;
+ esac
+fi
+
+systemctl_redirect () {
+ local s
+ local prog=${1##*/}
+ local command=$2
+
+ case "$command" in
+ start)
+ s=$"Starting $prog (via systemctl): "
+ ;;
+ stop)
+ s=$"Stopping $prog (via systemctl): "
+ ;;
+ reload|try-reload)
+ s=$"Reloading $prog configuration (via systemctl): "
+ ;;
+ restart|try-restart|condrestart)
+ s=$"Restarting $prog (via systemctl): "
+ ;;
+ esac
+
+ action "$s" /bin/systemctl $command "$prog.service"
+}
+
+# Get a sane screen width
+[ -z "${COLUMNS:-}" ] && COLUMNS=80
+
+#if [ -z "${CONSOLETYPE:-}" ]; then
+# if [ -r "/dev/stderr" ]; then
+# CONSOLETYPE="$(/sbin/consoletype < /dev/stderr)"
+# else
+# CONSOLETYPE="$(/sbin/consoletype)"
+# fi
+#fi
+
+if [ -z "${NOLOCALE:-}" ] && [ -z "${LANGSH_SOURCED:-}" ] && [ -f /etc/sysconfig/i18n ] ; then
+ . /etc/profile.d/lang.sh 2>/dev/null
+ # avoid propagating LANGSH_SOURCED any further
+ unset LANGSH_SOURCED
+fi
+
+# Read in our configuration
+if [ -z "${BOOTUP:-}" ]; then
+ if [ -f /etc/sysconfig/init ]; then
+ . /etc/sysconfig/init
+ else
+ # This all seem confusing? Look in /etc/sysconfig/init,
+ # or in /usr/doc/initscripts-*/sysconfig.txt
+ BOOTUP=color
+ RES_COL=60
+ MOVE_TO_COL="echo -en \\033[${RES_COL}G"
+ SETCOLOR_SUCCESS="echo -en \\033[1;32m"
+ SETCOLOR_FAILURE="echo -en \\033[1;31m"
+ SETCOLOR_WARNING="echo -en \\033[1;33m"
+ SETCOLOR_NORMAL="echo -en \\033[0;39m"
+ LOGLEVEL=1
+ fi
+ if [ "$CONSOLETYPE" = "serial" ]; then
+ BOOTUP=serial
+ MOVE_TO_COL=
+ SETCOLOR_SUCCESS=
+ SETCOLOR_FAILURE=
+ SETCOLOR_WARNING=
+ SETCOLOR_NORMAL=
+ fi
+fi
+
+# Interpret escape sequences in an fstab entry
+fstab_decode_str() {
+ fstab-decode echo "$1"
+}
+
+# Check if any of $pid (could be plural) are running
+checkpid() {
+ local i
+
+ for i in $* ; do
+ [ -d "/proc/$i" ] && return 0
+ done
+ return 1
+}
+
+__readlink() {
+ ls -bl "$@" 2>/dev/null| awk '{ print $NF }'
+}
+
+__fgrep() {
+ s=$1
+ f=$2
+ while read line; do
+ if strstr "$line" "$s"; then
+ echo $line
+ return 0
+ fi
+ done < $f
+ return 1
+}
+
+# __umount_loop awk_program fstab_file first_msg retry_msg umount_args
+# awk_program should process fstab_file and return a list of fstab-encoded
+# paths; it doesn't have to handle comments in fstab_file.
+__umount_loop() {
+ local remaining sig=
+ local retry=3 count
+
+ remaining=$(LC_ALL=C awk "/^#/ {next} $1" "$2" | sort -r)
+ while [ -n "$remaining" -a "$retry" -gt 0 ]; do
+ if [ "$retry" -eq 3 ]; then
+ action "$3" fstab-decode umount $5 $remaining
+ else
+ action "$4" fstab-decode umount $5 $remaining
+ fi
+ count=4
+ remaining=$(LC_ALL=C awk "/^#/ {next} $1" "$2" | sort -r)
+ while [ "$count" -gt 0 ]; do
+ [ -z "$remaining" ] && break
+ count=$(($count-1))
+ # jordan # usleep 500000
+ sleep 0.5
+ remaining=$(LC_ALL=C awk "/^#/ {next} $1" "$2" | sort -r)
+ done
+ [ -z "$remaining" ] && break
+ fstab-decode /sbin/fuser -k -m $sig $remaining >/dev/null
+ sleep 3
+ retry=$(($retry -1))
+ sig=-9
+ done
+}
+
+# Similar to __umount loop above, specialized for loopback devices
+__umount_loopback_loop() {
+ local remaining devremaining sig=
+ local retry=3
+
+ remaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $2}' /proc/mounts)
+ devremaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $1}' /proc/mounts)
+ while [ -n "$remaining" -a "$retry" -gt 0 ]; do
+ if [ "$retry" -eq 3 ]; then
+ action $"Unmounting loopback filesystems: " \
+ fstab-decode umount $remaining
+ else
+ action $"Unmounting loopback filesystems (retry):" \
+ fstab-decode umount $remaining
+ fi
+ for dev in $devremaining ; do
+ losetup $dev > /dev/null 2>&1 && \
+ action $"Detaching loopback device $dev: " \
+ losetup -d $dev
+ done
+ remaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $2}' /proc/mounts)
+ devremaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $1}' /proc/mounts)
+ [ -z "$remaining" ] && break
+ fstab-decode /sbin/fuser -k -m $sig $remaining >/dev/null
+ sleep 3
+ retry=$(($retry -1))
+ sig=-9
+ done
+}
+
+# __proc_pids {program} [pidfile]
+# Set $pid to pids from /var/run* for {program}. $pid should be declared
+# local in the caller.
+# Returns LSB exit code for the 'status' action.
+__pids_var_run() {
+ local base=${1##*/}
+ local pid_file=${2:-/var/run/$base.pid}
+
+ pid=
+ if [ -f "$pid_file" ] ; then
+ local line p
+
+ [ ! -r "$pid_file" ] && return 4 # "user had insufficient privilege"
+ while : ; do
+ read line
+ [ -z "$line" ] && break
+ for p in $line ; do
+ [ -z "${p//[0-9]/}" ] && [ -d "/proc/$p" ] && pid="$pid $p"
+ done
+ done < "$pid_file"
+
+ if [ -n "$pid" ]; then
+ return 0
+ fi
+ return 1 # "Program is dead and /var/run pid file exists"
+ fi
+ return 3 # "Program is not running"
+}
+
+# Output PIDs of matching processes, found using pidof
+__pids_pidof() {
+ pidof -c -o $$ -o $PPID -o %PPID -x "$1" || \
+ pidof -c -o $$ -o $PPID -o %PPID -x "${1##*/}"
+# jordan # pidof -c -m -o $$ -o $PPID -o %PPID -x "$1" || \
+# jordan # pidof -c -m -o $$ -o $PPID -o %PPID -x "${1##*/}"
+}
+
+
+# A function to start a program.
+daemon() {
+ # Test syntax.
+ local gotbase= force= nicelevel corelimit
+ local pid base= user= nice= bg= pid_file=
+ local cgroup=
+ nicelevel=0
+ while [ "$1" != "${1##[-+]}" ]; do
+ case $1 in
+ '') echo $"$0: Usage: daemon [+/-nicelevel] {program}"
+ return 1;;
+ --check)
+ base=$2
+ gotbase="yes"
+ shift 2
+ ;;
+ --check=?*)
+ base=${1#--check=}
+ gotbase="yes"
+ shift
+ ;;
+ --user)
+ user=$2
+ shift 2
+ ;;
+ --user=?*)
+ user=${1#--user=}
+ shift
+ ;;
+ --pidfile)
+ pid_file=$2
+ shift 2
+ ;;
+ --pidfile=?*)
+ pid_file=${1#--pidfile=}
+ shift
+ ;;
+ --force)
+ force="force"
+ shift
+ ;;
+ [-+][0-9]*)
+ nice="nice -n $1"
+ shift
+ ;;
+ *) echo $"$0: Usage: daemon [+/-nicelevel] {program}"
+ return 1;;
+ esac
+ done
+
+ # Save basename.
+ [ -z "$gotbase" ] && base=${1##*/}
+
+ # See if it's already running. Look *only* at the pid file.
+ __pids_var_run "$base" "$pid_file"
+
+ [ -n "$pid" -a -z "$force" ] && return
+
+ # make sure it doesn't core dump anywhere unless requested
+ corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}"
+
+ # if they set NICELEVEL in /etc/sysconfig/foo, honor it
+ [ -n "${NICELEVEL:-}" ] && nice="nice -n $NICELEVEL"
+
+ # if they set CGROUP_DAEMON in /etc/sysconfig/foo, honor it
+ if [ -n "${CGROUP_DAEMON}" ]; then
+ if [ ! -x /bin/cgexec ]; then
+ echo -n "Cgroups not installed"; warning
+ echo
+ else
+ cgroup="/bin/cgexec";
+ for i in $CGROUP_DAEMON; do
+ cgroup="$cgroup -g $i";
+ done
+ fi
+ fi
+
+ # Echo daemon
+ [ "${BOOTUP:-}" = "verbose" -a -z "${LSB:-}" ] && echo -n " $base"
+
+ # And start it up.
+ if [ -z "$user" ]; then
+ $cgroup $nice /bin/bash -c "$corelimit >/dev/null 2>&1 ; $*"
+ else
+ $cgroup $nice runuser -s /bin/bash $user -c "$corelimit >/dev/null 2>&1 ; $*"
+ fi
+
+ [ "$?" -eq 0 ] && success $"$base startup" || failure $"$base startup"
+}
+
+# A function to stop a program.
+killproc() {
+ local RC killlevel= base pid pid_file= delay
+
+ RC=0; delay=3
+ # Test syntax.
+ if [ "$#" -eq 0 ]; then
+ echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]"
+ return 1
+ fi
+ if [ "$1" = "-p" ]; then
+ pid_file=$2
+ shift 2
+ fi
+ if [ "$1" = "-d" ]; then
+ delay=$2
+ shift 2
+ fi
+
+
+ # check for second arg to be kill level
+ [ -n "${2:-}" ] && killlevel=$2
+
+ # Save basename.
+ base=${1##*/}
+
+ # Find pid.
+ __pids_var_run "$1" "$pid_file"
+ RC=$?
+ if [ -z "$pid" ]; then
+ if [ -z "$pid_file" ]; then
+ pid="$(__pids_pidof "$1")"
+ else
+ [ "$RC" = "4" ] && { failure $"$base shutdown" ; return $RC ;}
+ fi
+ fi
+
+ # Kill it.
+ if [ -n "$pid" ] ; then
+ [ "$BOOTUP" = "verbose" -a -z "${LSB:-}" ] && echo -n "$base "
+ if [ -z "$killlevel" ] ; then
+ if checkpid $pid 2>&1; then
+ # TERM first, then KILL if not dead
+ kill -TERM $pid >/dev/null 2>&1
+ sleep 0.1
+ # jordan # usleep 100000
+ if checkpid $pid && sleep 1 &&
+ checkpid $pid && sleep $delay &&
+ checkpid $pid ; then
+ kill -KILL $pid >/dev/null 2>&1
+ sleep 0.1
+ # jordan # usleep 100000
+ fi
+ fi
+ checkpid $pid
+ RC=$?
+ [ "$RC" -eq 0 ] && failure $"$base shutdown" || success $"$base shutdown"
+ RC=$((! $RC))
+ # use specified level only
+ else
+ if checkpid $pid; then
+ kill $killlevel $pid >/dev/null 2>&1
+ RC=$?
+ [ "$RC" -eq 0 ] && success $"$base $killlevel" || failure $"$base $killlevel"
+ elif [ -n "${LSB:-}" ]; then
+ RC=7 # Program is not running
+ fi
+ fi
+ else
+ if [ -n "${LSB:-}" -a -n "$killlevel" ]; then
+ RC=7 # Program is not running
+ else
+ failure $"$base shutdown"
+ RC=0
+ fi
+ fi
+
+ # Remove pid file if any.
+ if [ -z "$killlevel" ]; then
+ rm -f "${pid_file:-/var/run/$base.pid}"
+ fi
+ return $RC
+}
+
+# A function to find the pid of a program. Looks *only* at the pidfile
+pidfileofproc() {
+ local pid
+
+ # Test syntax.
+ if [ "$#" = 0 ] ; then
+ echo $"Usage: pidfileofproc {program}"
+ return 1
+ fi
+
+ __pids_var_run "$1"
+ [ -n "$pid" ] && echo $pid
+ return 0
+}
+
+# A function to find the pid of a program.
+pidofproc() {
+ local RC pid pid_file=
+
+ # Test syntax.
+ if [ "$#" = 0 ]; then
+ echo $"Usage: pidofproc [-p pidfile] {program}"
+ return 1
+ fi
+ if [ "$1" = "-p" ]; then
+ pid_file=$2
+ shift 2
+ fi
+ fail_code=3 # "Program is not running"
+
+ # First try "/var/run/*.pid" files
+ __pids_var_run "$1" "$pid_file"
+ RC=$?
+ if [ -n "$pid" ]; then
+ echo $pid
+ return 0
+ fi
+
+ [ -n "$pid_file" ] && return $RC
+ __pids_pidof "$1" || return $RC
+}
+
+status() {
+ local base pid lock_file= pid_file=
+
+ # Test syntax.
+ if [ "$#" = 0 ] ; then
+ echo $"Usage: status [-p pidfile] {program}"
+ return 1
+ fi
+ if [ "$1" = "-p" ]; then
+ pid_file=$2
+ shift 2
+ fi
+ if [ "$1" = "-l" ]; then
+ lock_file=$2
+ shift 2
+ fi
+ base=${1##*/}
+
+ if [ "$_use_systemctl" = "1" ]; then
+ systemctl status ${0##*/}.service
+ return $?
+ fi
+
+ # First try "pidof"
+ __pids_var_run "$1" "$pid_file"
+ RC=$?
+ if [ -z "$pid_file" -a -z "$pid" ]; then
+ pid="$(__pids_pidof "$1")"
+ fi
+ if [ -n "$pid" ]; then
+ echo $"${base} (pid $pid) is running..."
+ return 0
+ fi
+
+ case "$RC" in
+ 0)
+ echo $"${base} (pid $pid) is running..."
+ return 0
+ ;;
+ 1)
+ echo $"${base} dead but pid file exists"
+ return 1
+ ;;
+ 4)
+ echo $"${base} status unknown due to insufficient privileges."
+ return 4
+ ;;
+ esac
+ if [ -z "${lock_file}" ]; then
+ lock_file=${base}
+ fi
+ # See if /var/lock/subsys/${lock_file} exists
+ if [ -f /var/lock/subsys/${lock_file} ]; then
+ echo $"${base} dead but subsys locked"
+ return 2
+ fi
+ echo $"${base} is stopped"
+ return 3
+}
+
+echo_success() {
+ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
+ echo -n "["
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_SUCCESS
+ echo -n $" OK "
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
+ echo -n "]"
+ echo -ne "\r"
+ return 0
+}
+
+echo_failure() {
+ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
+ echo -n "["
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_FAILURE
+ echo -n $"FAILED"
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
+ echo -n "]"
+ echo -ne "\r"
+ return 1
+}
+
+echo_passed() {
+ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
+ echo -n "["
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
+ echo -n $"PASSED"
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
+ echo -n "]"
+ echo -ne "\r"
+ return 1
+}
+
+echo_warning() {
+ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
+ echo -n "["
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
+ echo -n $"WARNING"
+ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
+ echo -n "]"
+ echo -ne "\r"
+ return 1
+}
+
+# Inform the graphical boot of our current state
+update_boot_stage() {
+ if [ -x /usr/bin/plymouth ]; then
+ /usr/bin/plymouth --update="$1"
+ fi
+ return 0
+}
+
+# Log that something succeeded
+success() {
+ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_success
+ return 0
+}
+
+# Log that something failed
+failure() {
+ local rc=$?
+ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_failure
+ [ -x /usr/bin/plymouth ] && /usr/bin/plymouth --details
+ return $rc
+}
+
+# Log that something passed, but may have had errors. Useful for fsck
+passed() {
+ local rc=$?
+ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_passed
+ return $rc
+}
+
+# Log a warning
+warning() {
+ local rc=$?
+ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_warning
+ return $rc
+}
+
+# Run some action. Log its output.
+action() {
+ local STRING rc
+
+ STRING=$1
+ echo -n "$STRING "
+ shift
+ "$@" && success $"$STRING" || failure $"$STRING"
+ rc=$?
+ echo
+ return $rc
+}
+
+# returns OK if $1 contains $2
+strstr() {
+ [ "${1#*$2*}" = "$1" ] && return 1
+ return 0
+}
+
+# Confirm whether we really want to run this service
+confirm() {
+ [ -x /usr/bin/plymouth ] && /usr/bin/plymouth --hide-splash
+ while : ; do
+ echo -n $"Start service $1 (Y)es/(N)o/(C)ontinue? [Y] "
+ read answer
+ if strstr $"yY" "$answer" || [ "$answer" = "" ] ; then
+ return 0
+ elif strstr $"cC" "$answer" ; then
+ rm -f /var/run/confirm
+ [ -x /usr/bin/plymouth ] && /usr/bin/plymouth --show-splash
+ return 2
+ elif strstr $"nN" "$answer" ; then
+ return 1
+ fi
+ done
+}
+
+# resolve a device node to its major:minor numbers in decimal or hex
+get_numeric_dev() {
+(
+ fmt="%d:%d"
+ if [ "$1" = "hex" ]; then
+ fmt="%x:%x"
+ fi
+ ls -lH "$2" | awk '{ sub(/,/, "", $5); printf("'"$fmt"'", $5, $6); }'
+) 2>/dev/null
+}
+
+# Check whether file $1 is a backup or rpm-generated file and should be ignored
+is_ignored_file() {
+ case "$1" in
+ *~ | *.bak | *.orig | *.rpmnew | *.rpmorig | *.rpmsave)
+ return 0
+ ;;
+ esac
+ return 1
+}
+
+# Evaluate shvar-style booleans
+is_true() {
+ case "$1" in
+ [tT] | [yY] | [yY][eE][sS] | [tT][rR][uU][eE])
+ return 0
+ ;;
+ esac
+ return 1
+}
+
+# Evaluate shvar-style booleans
+is_false() {
+ case "$1" in
+ [fF] | [nN] | [nN][oO] | [fF][aA][lL][sS][eE])
+ return 0
+ ;;
+ esac
+ return 1
+}
+
+key_is_random() {
+ [ "$1" = "/dev/urandom" -o "$1" = "/dev/hw_random" \
+ -o "$1" = "/dev/random" ]
+}
+
+find_crypto_mount_point() {
+ local fs_spec fs_file fs_vfstype remaining_fields
+ local fs
+ while read fs_spec fs_file remaining_fields; do
+ if [ "$fs_spec" = "/dev/mapper/$1" ]; then
+ echo $fs_file
+ break;
+ fi
+ done < /etc/fstab
+}
+
+# Because of a chicken/egg problem, init_crypto must be run twice. /var may be
+# encrypted but /var/lib/random-seed is needed to initialize swap.
+init_crypto() {
+ local have_random dst src key opt mode owner params makeswap skip arg opt
+ local param value rc ret mke2fs mdir prompt mount_point
+
+ ret=0
+ have_random=$1
+ while read dst src key opt; do
+ [ -z "$dst" -o "${dst#\#}" != "$dst" ] && continue
+ [ -b "/dev/mapper/$dst" ] && continue;
+ if [ "$have_random" = 0 ] && key_is_random "$key"; then
+ continue
+ fi
+ if [ -n "$key" -a "x$key" != "xnone" ]; then
+ if test -e "$key" ; then
+ owner=$(ls -l $key | (read a b owner rest; echo $owner))
+ if ! key_is_random "$key"; then
+ mode=$(ls -l "$key" | cut -c 5-10)
+ if [ "$mode" != "------" ]; then
+ echo $"INSECURE MODE FOR $key"
+ fi
+ fi
+ if [ "$owner" != root ]; then
+ echo $"INSECURE OWNER FOR $key"
+ fi
+ else
+ echo $"Key file for $dst not found, skipping"
+ ret=1
+ continue
+ fi
+ else
+ key=""
+ fi
+ params=""
+ makeswap=""
+ mke2fs=""
+ skip=""
+ # Parse the src field for UUID= and convert to real device names
+ if [ "${src%%=*}" == "UUID" ]; then
+ src=$(/sbin/blkid -t "$src" -l -o device)
+ elif [ "${src/^\/dev\/disk\/by-uuid\/}" != "$src" ]; then
+ src=$(__readlink $src)
+ fi
+ # Is it a block device?
+ [ -b "$src" ] || continue
+ # Is it already a device mapper slave? (this is gross)
+ devesc=${src##/dev/}
+ devesc=${devesc//\//!}
+ for d in /sys/block/dm-*/slaves ; do
+ [ -e $d/$devesc ] && continue 2
+ done
+ # Parse the options field, convert to cryptsetup parameters and
+ # contruct the command line
+ while [ -n "$opt" ]; do
+ arg=${opt%%,*}
+ opt=${opt##$arg}
+ opt=${opt##,}
+ param=${arg%%=*}
+ value=${arg##$param=}
+
+ case "$param" in
+ cipher)
+ params="$params -c $value"
+ if [ -z "$value" ]; then
+ echo $"$dst: no value for cipher option, skipping"
+ skip="yes"
+ fi
+ ;;
+ size)
+ params="$params -s $value"
+ if [ -z "$value" ]; then
+ echo $"$dst: no value for size option, skipping"
+ skip="yes"
+ fi
+ ;;
+ hash)
+ params="$params -h $value"
+ if [ -z "$value" ]; then
+ echo $"$dst: no value for hash option, skipping"
+ skip="yes"
+ fi
+ ;;
+ verify)
+ params="$params -y"
+ ;;
+ swap)
+ makeswap=yes
+ ;;
+ tmp)
+ mke2fs=yes
+ esac
+ done
+ if [ "$skip" = "yes" ]; then
+ ret=1
+ continue
+ fi
+ if [ -z "$makeswap" ] && cryptsetup isLuks "$src" 2>/dev/null ; then
+ if key_is_random "$key"; then
+ echo $"$dst: LUKS requires non-random key, skipping"
+ ret=1
+ continue
+ fi
+ if [ -n "$params" ]; then
+ echo "$dst: options are invalid for LUKS partitions," \
+ "ignoring them"
+ fi
+ if [ -n "$key" ]; then
+ /sbin/cryptsetup -d $key luksOpen "$src" "$dst" <&1 2>/dev/null && success || failure
+ rc=$?
+ else
+ mount_point="$(find_crypto_mount_point $dst)"
+ [ -n "$mount_point" ] || mount_point=${src##*/}
+ prompt=$(printf $"%s is password protected" "$mount_point")
+ plymouth ask-for-password --prompt "$prompt" --command="/sbin/cryptsetup luksOpen -T1 $src $dst" <&1
+ rc=$?
+ fi
+ else
+ [ -z "$key" ] && plymouth --hide-splash
+ /sbin/cryptsetup $params ${key:+-d $key} create "$dst" "$src" <&1 2>/dev/null && success || failure
+ rc=$?
+ [ -z "$key" ] && plymouth --show-splash
+ fi
+ if [ $rc -ne 0 ]; then
+ ret=1
+ continue
+ fi
+ if [ -b "/dev/mapper/$dst" ]; then
+ if [ "$makeswap" = "yes" ]; then
+ mkswap "/dev/mapper/$dst" 2>/dev/null >/dev/null
+ fi
+ if [ "$mke2fs" = "yes" ]; then
+ if mke2fs "/dev/mapper/$dst" 2>/dev/null >/dev/null \
+ && mdir=$(mktemp -d /tmp/mountXXXXXX); then
+ mount "/dev/mapper/$dst" "$mdir" && chmod 1777 "$mdir"
+ umount "$mdir"
+ rmdir "$mdir"
+ fi
+ fi
+ fi
+ done < /etc/crypttab
+ return $ret
+}
+
+# A sed expression to filter out the files that is_ignored_file recognizes
+__sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
+
+if [ "$_use_systemctl" = "1" ]; then
+ if [ "x$1" = xstart -o \
+ "x$1" = xstop -o \
+ "x$1" = xrestart -o \
+ "x$1" = xreload -o \
+ "x$1" = xtry-restart -o \
+ "x$1" = xforce-reload -o \
+ "x$1" = xcondrestart ] ; then
+
+ systemctl_redirect $0 $1
+ exit $?
+ fi
+fi
#!/bin/bash
#
-# sfa Wraps PLCAPI into the SFA compliant API
+# sfa
+# Provides a generic SFA wrapper based on the initial PlanetLab Implementation
#
# hopefully right after plc
# chkconfig: 2345 61 39
#
-# description: Wraps PLCAPI into the SFA compliant API
-#
+### BEGIN INIT INFO
+# Provides: sfa
+# Required-Start: postgresql
+# Required-Stop: postgresql
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: An implementation of the SFA Architecture
+### END INIT INFO
+
+####################
+# borrowed from postgresql
+function debian_get_postgresql_versions () {
+ versions=()
+ for v in `ls /usr/lib/postgresql/ 2>/dev/null`; do
+ if [ -x /usr/lib/postgresql/$v/bin/pg_ctl ] && [ ! -x /etc/init.d/postgresql-$v ]; then
+ versions+=($v)
+ fi
+ done
+ if [[ ${#versions[*]} == "0" ]]; then
+ echo "E: Missing postgresql installation. Aborting."
+ exit
+ fi
+ if [[ ${#versions[*]} != "1" ]]; then
+ echo "E: Too many postgresql versions installed. Aborting."
+ exit
+ fi
+ pgver=${versions[0]}
+}
+
+####################
+if [ -f /etc/redhat-release ] ; then
+ # source function library
+ . /etc/init.d/functions
+ PGDATA=/var/lib/pgsql/data/
+ PGWATCH=postmaster
+ PGLOCK=/var/lock/subsys/postgresql
+ SFALOCK=/var/lock/subsys/sfa-start.pid
+elif [ -f /etc/debian_version ] ; then
+ . /etc/init.d/functions.sfa
+ debian_get_postgresql_versions
+ PGDATA=/etc/postgresql/$pgver/main/
+ PGWATCH=postgres
+ PGLOCK=/var/run/postgresql/$pgver-main.pid
+ SFALOCK=/var/run/sfa-start.pid
+else
+ echo "initscript can only handle redhat/fedora or debian/ubuntu systems"
+ exit 1
+fi
+
-# source function library
-. /etc/init.d/functions
-# Default locations
-PGDATA=/var/lib/pgsql/data
postgresql_conf=$PGDATA/postgresql.conf
-pghba_conf=$PGDATA/pg_hba.conf
+pg_hba_conf=$PGDATA/pg_hba.conf
postgresql_sysconfig=/etc/sysconfig/pgsql
# SFA consolidated (merged) config file
function postgresql_check () {
# wait until postmaster is up and running - or 10s max
- if status postmaster >& /dev/null && [ -f /var/lock/subsys/postgresql ] ; then
+ if status $PGWATCH >& /dev/null && [ -f $PGLOCK ] ; then
# The only way we can be sure is if we can access it
for i in $(seq 1 10) ; do
# Must do this as the postgres user initially (before we
# Regenerate the main configuration file from default values
# overlaid with site-specific and current values.
- # Thierry -- 2007-07-05 : values in plc_config.xml are *not* taken into account here
files=( $sfa_default_config $sfa_local_config )
for file in "${files[@]}" ; do
if [ -n "$force" -o $file -nt $sfa_whole_config ] ; then
if [ -n "$force" -o $sfa_whole_config -nt /etc/sfa/sfa_config.sh ] ; then
sfa-config --shell $sfa_default_config $sfa_local_config > /etc/sfa/sfa_config.sh
fi
-# if [ -n "$force" -o $sfa_whole_config -nt /etc/sfa/php/sfa_config.php ] ; then
-# mkdir -p /etc/sfa/php
-# plc-config --php $sfa_whole_config >/etc/sfa/php/sfa_config.php
-# fi
# [re]generate the sfa_component_config
# this is a server-side thing but produces a file that somehow needs to be pushed
# only if enabled
[ "$SFA_DB_ENABLED" == 1 -o "$SFA_DB_ENABLED" == True ] || return
- if ! rpm -q myplc >& /dev/null; then
+ if [ ! -f /etc/myplc-release ] ; then
######## standalone deployment - no colocated myplc
######## /var/lib/pgsql/data/pg_hba.conf
# Disable access to all DBs from all hosts
- sed -i -e '/^\(host\|local\)/d' $pghba_conf
+ sed -i -e '/^\(host\|local\)/d' $pg_hba_conf
# Enable passwordless localhost access
- echo "local all all trust" >>$pghba_conf
+ echo "local all all trust" >>$pg_hba_conf
# grant access
(
echo "host $SFA_DB_NAME $SFA_DB_USER 127.0.0.1/32 password"
[ -n "$registry_ip" ] && echo "host $SFA_DB_NAME $SFA_DB_USER ${registry_ip}/32 password"
- ) >>$pghba_conf
+ ) >>$pg_hba_conf
if [ "$SFA_GENERIC_FLAVOUR" == "openstack" ] ; then
- [ -n "$registry_ip" ] && echo "host nova nova ${registry_ip}/32 password" >> $pghba_conf
+ [ -n "$registry_ip" ] && echo "host nova nova ${registry_ip}/32 password" >> $pg_hba_conf
fi
# Fix ownership (sed -i changes it)
- chown postgres:postgres $postgresql_conf $pghba_conf
+ chown postgres:postgres $postgresql_conf $pg_hba_conf
######## compute a password if needed
if [ -z "$SFA_DB_PASSWORD" ] ; then
######## Start up the server
# not too nice, but.. when co-located with myplc we'll let it start/stop postgresql
- if ! rpm -q myplc >& /dev/null ; then
+ if [ ! -f /etc/myplc-release ] ; then
echo STARTING...
service postgresql start >& /dev/null
fi
check
fi
check
- # mention sfaadmin.py instead of just sfaadmin for people who do not install through rpm
+ # mention sfaadmin.py instead of just sfaadmin for safety
sfaadmin.py reg sync_db
MESSAGE=$"SFA: Checking for PostgreSQL server"
[ "$SFA_DB_ENABLED" == 1 -o "$SFA_DB_ENABLED" == True ] || return
# not too nice, but.. when co-located with myplc we'll let it start/stop postgresql
- if ! rpm -q myplc >& /dev/null ; then
+ if [ ! -f /etc/myplc-release ] ; then
service postgresql stop >& /dev/null
check
MESSAGE=$"Stopping PostgreSQL server"
[ "$SFA_FLASHPOLICY_ENABLED" == 1 ] && \
action "Flash Policy Server" daemon /usr/bin/sfa_flashpolicy.py --file="$SFA_FLASHPOLICY_CONFIG_FILE" --port=$SFA_FLASHPOLICY_PORT -d
- touch /var/lock/subsys/sfa-start.py
+ touch $SFALOCK
}
function stop() {
action $"Shutting down SFA" killproc sfa-start.py
+# a possible alternative reads; esp. as we remove lock manually below
+# echo $"Shutting down SFA" ; pkill '^sfa-start'
db_stop
- rm -f /var/lock/subsys/sfa-start.py
+ rm -f $SFALOCK
}
reload) reload force ;;
restart) stop; start ;;
condrestart)
- if [ -f /var/lock/subsys/sfa-start.py ]; then
+ if [ -f $SFALOCK ]; then
stop
start
fi
;;
status)
status sfa-start.py
+# possible alternative for debian
+# pids=$(pgrep '^sfa-start'); [ -n "$pids" ] && ps $pids
+
RETVAL=$?
;;
dbdump)
import shutil
from distutils.core import setup
+from sfa.util.version import version_tag
+
scripts = glob("clientbin/*.py") + \
[
'config/sfa-config-tty',
'config/sfa-config',
- 'config/gen-sfa-cm-config.py',
+# 'config/gen-sfa-cm-config.py',
'sfa/server/sfa-start.py',
- 'sfa/server/sfa_component_setup.py',
+# 'sfa/server/sfa_component_setup.py',
'sfatables/sfatables',
'keyconvert/keyconvert.py',
'flashpolicy/sfa_flashpolicy.py',
'sfatables/processors',
]
-initscripts = [ 'sfa', 'sfa-cm' ]
+initscripts = [ 'sfa' ]
+if not os.path.isfile('/etc/redhat-release'): initscripts.append('functions.sfa')
data_files = [ ('/etc/sfa/', [ 'config/aggregates.xml',
'config/registries.xml',
setup(name='sfa',
packages = packages,
data_files = data_files,
- scripts = scripts)
+ scripts = scripts,
+ url="http://svn.planet-lab.org/wiki/SFATutorial",
+ author="Thierry Parmentelat, Tony Mack, Scott Baker",
+ author_email="thierry.parmentelat@inria.fr, tmack@princeton.cs.edu, smbaker@gmail.com",
+ version=version_tag)
%define name sfa
%define version 2.1
-%define taglevel 22
+%define taglevel 23
%define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
%global python_sitearch %( python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)" )
Distribution: PlanetLab %{plrelease}
URL: %{SCMURL}
-Summary: the SFA python libraries
+Summary: Server-side for SFA, generic implementation derived from PlanetLab
Group: Applications/System
BuildRequires: make
+BuildRequires: python-setuptools
-Requires: python >= 2.5
-Requires: pyOpenSSL >= 0.7
-Requires: m2crypto
-Requires: xmlsec1-openssl-devel
-Requires: libxslt-python
-Requires: python-ZSI
-# for uuidgen - used in db password generation
-# on f8 this actually comes with e2fsprogs, go figure
-Requires: util-linux-ng
-# xmlbuilder depends on lxml
-Requires: python-lxml
-Requires: python-setuptools
-Requires: python-dateutil
# for the registry
Requires: postgresql >= 8.2, postgresql-server >= 8.2
Requires: postgresql-python
Requires: python-migrate
# the eucalyptus aggregate uses this module
Requires: python-xmlbuilder
+# for uuidgen - used in db password generation
+# on f8 this actually comes with e2fsprogs, go figure
+Requires: util-linux-ng
+# and the SFA libraries of course
+Requires: sfa-common
-# python 2.5 has uuid module added, for python 2.4 we still need it.
-# we can't really check for if we can load uuid as a python module,
-# it'll be installed by "devel.pkgs". we have the epel repository so
-# python-uuid will be provided. but we can test for the python
-# version.
-# %define has_py24 %( python -c "import sys;sys.exit(sys.version_info[0:2] == (2,4))" 2> /dev/null; echo $? )
-# %if %has_py24
-#
-# this also didn't work very well. I'll just check for distroname - baris
-#%if %{distroname} == "centos5"
-#Requires: python-uuid
-#%endif
-
-%package flashpolicy
-Summary: SFA support for flash clients
+%package common
+Summary: Python libraries for SFA, generic implementation derived from PlanetLab
Group: Applications/System
-Requires: sfa
+Requires: python >= 2.7
+Requires: pyOpenSSL >= 0.7
+Requires: m2crypto
+Requires: python-dateutil
+Requires: python-lxml
+Requires: libxslt-python
+Requires: python-ZSI
+Requires: xmlsec1-openssl-devel
%package client
-Summary: the SFA experimenter-side CLI
+Summary: sfi, the SFA experimenter-side CLI
Group: Applications/System
-Requires: sfa
+Requires: sfa-common
Requires: pyOpenSSL >= 0.7
%package plc
Group: Applications/System
Requires: sfa
-%package cm
-Summary: the SFA layer around MyPLC NodeManager
+%package flashpolicy
+Summary: SFA support for flash clients
Group: Applications/System
Requires: sfa
-Requires: pyOpenSSL >= 0.6
%package federica
Summary: the SFA layer around Federica
%package tests
Summary: unit tests suite for SFA
Group: Applications/System
-Requires: sfa
+Requires: sfa-common
-%description
-This package provides the python libraries for the PlanetLab implementation of SFA
+%description
+This package provides the registry, aggregate manager and slice
+managers for SFA. In most cases it is advisable to install additional
+package for a given testbed, like e.g. sfa-plc for a PlanetLab tesbed.
-%description flashpolicy
-This package provides support for adobe flash client applications.
+%description common
+This package contains the python libraries for SFA both client and server-side.
%description client
This package provides the client side of the SFA API, in particular
This package implements the SFA interface which serves as a layer
between the existing PlanetLab interfaces and the SFA API.
-%description cm
-This package implements the SFA interface which serves as a layer
-between the existing PlanetLab NodeManager interfaces and the SFA API.
+%description flashpolicy
+This package provides support for adobe flash client applications.
%description federica
The SFA driver for FEDERICA.
rm -rf $RPM_BUILD_ROOT
%files
-%{python_sitelib}/sfa/__init__.py*
-%{python_sitelib}/sfa/trust
-%{python_sitelib}/sfa/storage
-%{python_sitelib}/sfa/util
-%{python_sitelib}/sfa/server
-%{python_sitelib}/sfa/methods
-%{python_sitelib}/sfa/generic
-%{python_sitelib}/sfa/managers
-%{python_sitelib}/sfa/importer
-%{python_sitelib}/sfa/rspecs
-%{python_sitelib}/sfa/client
/etc/init.d/sfa
%{_bindir}/sfa-start.py*
%{_bindir}/sfaadmin.py*
/usr/share/sfa/examples
/var/www/html/wsdl/*.wsdl
-%files flashpolicy
-%{_bindir}/sfa_flashpolicy.py*
-/etc/sfa/sfa_flashpolicy_config.xml
+%files common
+%{python_sitelib}/sfa/__init__.py*
+%{python_sitelib}/sfa/trust
+%{python_sitelib}/sfa/storage
+%{python_sitelib}/sfa/util
+%{python_sitelib}/sfa/server
+%{python_sitelib}/sfa/methods
+%{python_sitelib}/sfa/generic
+%{python_sitelib}/sfa/managers
+%{python_sitelib}/sfa/importer
+%{python_sitelib}/sfa/rspecs
+%{python_sitelib}/sfa/client
%files client
%config (noreplace) /etc/sfa/sfi_config
/etc/sfa/xml.xsd
/etc/sfa/protogeni-rspec-common.xsd
/etc/sfa/topology
-%{_bindir}/gen-sfa-cm-config.py*
-%files cm
-/etc/init.d/sfa-cm
-%{_bindir}/sfa_component_setup.py*
-# cron jobs here
+%files flashpolicy
+%{_bindir}/sfa_flashpolicy.py*
+/etc/sfa/sfa_flashpolicy_config.xml
%files federica
%{python_sitelib}/sfa/federica
%postun
[ "$1" -ge "1" ] && { service sfa dbdump ; service sfa restart ; }
-### sfa-cm installs the 'sfa-cm' service
-%post cm
-chkconfig --add sfa-cm
-
-%preun cm
-if [ "$1" = 0 ] ; then
- /sbin/service sfa-cm stop || :
- /sbin/chkconfig --del sfa-cm || :
-fi
-
-%postun cm
-[ "$1" -ge "1" ] && service sfa-cm restart || :
+#### sfa-cm installs the 'sfa-cm' service
+#%post cm
+#chkconfig --add sfa-cm
+#
+#%preun cm
+#if [ "$1" = 0 ] ; then
+# /sbin/service sfa-cm stop || :
+# /sbin/chkconfig --del sfa-cm || :
+#fi
+#
+#%postun cm
+#[ "$1" -ge "1" ] && service sfa-cm restart || :
%changelog
+* Sun Jan 20 2013 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.1-23
+- minor fix in registry
+- fix for sfi gid, use clientbootstrap
+- support for debians and ubuntus (packaging and initscript)
+- deprecated cm package altogether
+- pl flavour, minor fix for tags
+- various fixes for the dummy flavour
+
* Sun Dec 16 2012 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.1-22
- suited (and required) to run with plcapi-5.1-5 b/c of changes to AddPerson
- tweaks in nitos importer
self.print_help()
sys.exit(1)
target_hrn = args[0]
- gid = self.registry().CreateGid(self.my_credential_string, target_hrn, self.client_bootstrap.my_gid_string())
+ my_gid_string = open(self.client_bootstrap.my_gid()).read()
+ gid = self.registry().CreateGid(self.my_credential_string, target_hrn, my_gid_string)
if options.file:
filename = options.file
else:
result.extend(mylist)
for item in mylist:
for key in myfilter.keys():
- if myfilter[key] != item[key]:
- result.remove(item)
- break
+ if 'ids' in key:
+ pass
+ else:
+ if myfilter[key] != item[key]:
+ result.remove(item)
+ break
return result
try:
for user in DB['users_list']:
if param['user_id'] == user['user_id']:
- user['keys'].append(param['key'])
+ if 'keys' in user.keys():
+ user['keys'].append(param['key'])
+ else:
+ user['keys'] = [param['key']]
return True
return False
except:
slice = slices[0]
# sort slivers by node id
- slice_nodes = self.driver.shell.GetNodes({'node_ids': slice['node_ids']})
+ slice_nodes = []
+ if 'node_ids' in slice.keys():
+ slice_nodes = self.driver.shell.GetNodes({'node_ids': slice['node_ids']})
for node in slice_nodes:
slivers[node['node_id']] = node
# if we are dealing with a slice that has no node just return
# and empty list
if slice_xrn:
- if not slice or not slice['node_ids']:
+ if not slice or 'node_ids' not in slice.keys() or not slice['node_ids']:
return []
filter = {}
def update_relation (self, subject_type, target_type, relation_name, subject_id, target_ids):
# hard-wire the code for slice/user for now, could be smarter if needed
if subject_type =='slice' and target_type == 'user' and relation_name == 'researcher':
- subject=self.shell.GetSlices (subject_id)[0]
+ subject=self.shell.GetSlices ({'slice_id': subject_id})[0]
+ if 'user_ids' not in subject.keys():
+ subject['user_ids'] = []
current_target_ids = subject['user_ids']
add_target_ids = list ( set (target_ids).difference(current_target_ids))
del_target_ids = list ( set (current_target_ids).difference(target_ids))
requested_attributes = rspec.version.get_slice_attributes()
# ensure slice record exists
- slice = slices.verify_slice(slice_hrn, slice_record, peer, sfa_peer, options=options)
+ slice = slices.verify_slice(slice_hrn, slice_record, sfa_peer, options=options)
# ensure user records exists
- users = slices.verify_users(slice_hrn, slice, users, peer, sfa_peer, options=options)
+ #users = slices.verify_users(slice_hrn, slice, users, sfa_peer, options=options)
# add/remove slice from nodes
requested_slivers = []
hostname = xrn_to_hostname(node.get('component_id').strip())
if hostname:
requested_slivers.append(hostname)
- nodes = slices.verify_slice_nodes(slice, requested_slivers, peer)
+ requested_slivers_ids = []
+ for hostname in requested_slivers:
+ node_id = self.shell.GetNodes({'hostname': hostname})[0]['node_id']
+ requested_slivers_ids.append(node_id)
+ nodes = slices.verify_slice_nodes(slice, requested_slivers_ids)
return aggregate.get_rspec(slice_xrn=slice_urn, version=rspec.version)
return sfa_peer
- def verify_slice_nodes(self, slice, requested_slivers, peer):
-
+ def verify_slice_nodes(self, slice, requested_slivers):
+ if 'node_ids' not in slice.keys():
+ slice['node_ids']=[]
nodes = self.driver.shell.GetNodes({'node_ids': slice['node_ids']})
- current_slivers = [node['hostname'] for node in nodes]
+ current_slivers = [node['node_id'] for node in nodes]
# remove nodes not in rspec
deleted_nodes = list(set(current_slivers).difference(requested_slivers))
- def verify_slice(self, slice_hrn, slice_record, peer, sfa_peer, options={}):
+ def verify_slice(self, slice_hrn, slice_record, sfa_peer, options={}):
slicename = hrn_to_dummy_slicename(slice_hrn)
parts = slicename.split("_")
login_base = parts[0]
return slice
- def verify_users(self, slice_hrn, slice_record, users, peer, sfa_peer, options={}):
+ def verify_users(self, slice_hrn, slice_record, users, sfa_peer, options={}):
users_by_email = {}
users_dict = {}
+ users_by_site = {}
for user in users:
user['urn'] = user['urn'].lower()
hrn, type = urn_to_hrn(user['urn'])
username = get_leaf(hrn)
- login_base = PlXrn(xrn=user['urn']).pl_login_base()
+ login_base = DummyXrn(xrn=user['urn']).dummy_login_base()
user['username'] = username
user['site'] = login_base
# update_existing users
updated_users_list = [user for user in users_dict.values() if user['email'] in \
updated_user_ids]
- self.verify_keys(existing_slice_users, updated_users_list, peer, options)
+ self.verify_keys(existing_slice_users, updated_users_list, options)
added_persons = []
# add new users
'key_ids': added_user.get('key_ids', []),
}
person['person_id'] = self.driver.shell.AddPerson(person)
- if peer:
- person['peer_person_id'] = added_user['person_id']
added_persons.append(person)
# enable the account
return added_persons
- def verify_keys(self, old_users, new_users, peer, options={}):
+ def verify_keys(self, old_users, new_users, options={}):
# existing keys
existing_keys = []
for user in old_users:
sliver_id_parts = leaf.split(':')
name = sliver_id_parts[0]
name = re.sub('[^a-zA-Z0-9_]', '', name)
- return self.pl_login_base() + '_' + name
+ return name
#def hrn_to_pl_authname(hrn):
def dummy_authname (self):
self._normalize()
return self.leaf
- def pl_login_base (self):
+ def dummy_login_base (self):
self._normalize()
if self.type and self.type.startswith('authority'):
base = self.leaf
# anyway the driver should receive an object
# (and then extract __dict__ itself if needed)
print "DO NOT REMOVE ME before driver.update, record=%s"%record
- (pointer, new_key_pointer) = self.driver.update (record.__dict__, new_record.__dict__, hrn, new_key)
- if new_key and new_key_pointer:
+ new_key_pointer = -1
+ try:
+ (pointer, new_key_pointer) = self.driver.update (record.__dict__, new_record.__dict__, hrn, new_key)
+ except:
+ pass
+ if new_key and new_key_pointer:
record.reg_keys=[ RegKey (new_key, new_key_pointer)]
record.gid = gid
- dbsession.commit();
+ dbsession.commit()
# update membership for researchers, pis, owners, operators
self.update_driver_relations (record, new_record)
rspec_node['interfaces'].append(interface)
if_count+=1
- tags = [PLTag(node_tags[tag_id]) for tag_id in node['node_tag_ids']]
+ tags = [PLTag(node_tags[tag_id]) for tag_id in node['node_tag_ids']\
+ if tag_id in node_tags]
rspec_node['tags'] = tags
if node['node_id'] in slivers:
# add sliver info
self.shell.AddPersonKey(pointer, {'key_type' : 'ssh', 'key' : pub_key})
elif type == 'node':
- login_base = PlXrn(xrn=sfa_record['authority'],type='node').pl_login_base()
+ login_base = PlXrn(xrn=sfa_record['authority'],type='authority').pl_login_base()
nodes = self.shell.GetNodes([pl_record['hostname']])
if not nodes:
pointer = self.shell.AddNode(login_base, pl_record)
(config.SFA_DB_USER,config.SFA_DB_PASSWORD,config.SFA_DB_HOST,config.SFA_DB_PORT,dbname)
for url in [ unix_url, tcp_url ] :
try:
+ logger.debug("Trying db URL %s"%url)
self.engine = create_engine (url)
self.check()
self.url=url
except:
pass
self.engine=None
- raise Exception,"Could not connect to database"
-
+ raise Exception,"Could not connect to database %s as %s with psycopg2"%(dbname,config.SFA_DB_USER)
+
# expects boolean True: debug is ON or False: debug is OFF
def debug (self, echo):
+++ /dev/null
-#!/usr/bin/python
-
-plc_ns="http://www.planet-lab.org/sfa"
-version="2009/07"
import time
import pdb
import xml.dom.minidom
-import xml.dom.ext
import apistub
import inspect
from types import *
from optparse import OptionParser
-from sfa.storage.parameter import Parameter,Mixed
+from sfa.storage.parameter import Parameter, Mixed
-import globals
+plc_ns="http://www.planet-lab.org/sfa"
class SoapError(Exception):
def __init__(self, value):
servport_el.setAttribute("binding", "tns:" + name + "_binding")
soapaddress = servport_el.appendChild(self.wsdl.createElement("soap:address"))
- soapaddress.setAttribute("location", "%s/%s" % (globals.plc_ns,service))
+ soapaddress.setAttribute("location", "%s/%s" % (plc_ns,service))
def compute_wsdl_definitions(self):
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
- """ % (self.interface_name(),globals.plc_ns,globals.plc_ns,globals.plc_ns)
+ """ % (self.interface_name(),plc_ns,plc_ns,plc_ns)
self.wsdl = xml.dom.minidom.parseString(wsdl_text_header)
<types>
<xsd:schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="%s/schema"/>
</types>
- </wsdl:definitions> """ % (self.interface_name(),globals.plc_ns, globals.plc_ns, globals.plc_ns, globals.plc_ns)
+ </wsdl:definitions> """ % (self.interface_name(),plc_ns, plc_ns, plc_ns, plc_ns)
self.types = xml.dom.minidom.parseString(wsdl_text_header)
def pretty_print(self):
if (self.wsdl):
- xml.dom.ext.PrettyPrint(self.wsdl)
+ print xml.dom.minidom.Document.toprettyxml(self.wsdl)
else:
- raise Exception("Empty WSDL")
+ raise Exception("Empty WSDL")
def main():
parser = OptionParser()
git://git.onelab.eu / sfa.git / commitdiff