--- /dev/null
+build/*
+*.pyc
\ No newline at end of file
# (*) otherwise, entering through the root context
# make sync PLCHOST=testbox1.inria.fr GUEST=vplc03.inria.fr
+PLCHOST ?= testplc.onelab.eu
+
ifdef GUEST
ifdef PLCHOST
SSHURL:=root@$(PLCHOST):/vservers/$(GUEST)
%define name sfa
%define version 1.0
-%define taglevel 0
+%define taglevel 1
%define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
%global python_sitearch %( python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)" )
%changelog
+* Mon Oct 04 2010 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-1
+- various bugfixes and cleanup, improved/harmonized logging
+
* Tue Sep 07 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-16
- truncate login base of external (ProtoGeni, etc) slices to 20 characters
to avoid returning a PLCAPI exception that might confuse users.
cache and use in more general ways.
%changelog
+* Mon Oct 04 2010 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-1
+- various bugfixes and cleanup, improved/harmonized logging
+
* Thu May 11 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-11
- SfaServer now uses a pool of threads to handle requests concurrently
- sfa.util.rspec no longer used to process/manage rspecs (deprecated). This is now handled by sfa.plc.network and is not backwards compatible
from StringIO import StringIO
from types import StringTypes, ListType
from optparse import OptionParser
+import zlib
+import logging
+
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import Credential
from sfa.util.sfaticket import SfaTicket
-from sfa.util.record import *
-from sfa.util.namespace import *
+from sfa.util.record import SfaRecord, UserRecord, SliceRecord, NodeRecord, AuthorityRecord
+from sfa.util.namespace import get_leaf, get_authority, hrn_to_urn
from sfa.util.xmlrpcprotocol import ServerException
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
from sfa.util.config import Config
-import zlib
+from sfa.util.sfalogging import console_logger
+
AGGREGATE_PORT=12346
CM_PORT=12346
class Sfi:
- slicemgr = None
- registry = None
- user = None
- authority = None
- options = None
- hashrequest = False
+ def __init__ (self):
+ self.slicemgr = None
+ self.registry = None
+ self.user = None
+ self.authority = None
+ self.options = None
+ self.hashrequest = False
+ self.logger=console_logger
def create_cmd_parser(self, command, additional_cmdargs=None):
cmdargs = {"list": "name",
cmdargs.update(additional_cmdargs)
if command not in cmdargs:
- print "Invalid command\n"
- print "Commands: ",
- for key in cmdargs.keys():
- print key + ",",
- print ""
+ msg="Invalid command\n"
+ msg+="Commands: "
+ msg += ','.join(cmdargs.keys())
+ self.logger.critical(msg)
sys.exit(2)
parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
try:
config = Config (config_file)
except:
- print "Failed to read configuration file", config_file
- print "Make sure to remove the export clauses and to add quotes"
+ self.logger.critical("Failed to read configuration file %s"%config_file)
+ self.logger.info("Make sure to remove the export clauses and to add quotes")
if not self.options.verbose:
- print "Re-run with -v for more details"
+ self.logger.info("Re-run with -v for more details")
else:
- traceback.print_exc()
+ self.logger.log_exc("Could not read config file %s"%config_file)
sys.exit(1)
errors = 0
elif hasattr(config, "SFI_SM"):
sm_url = config.SFI_SM
else:
- print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file
+ self.logger.error("You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file)
errors += 1
# Set Registry URL
elif hasattr(config, "SFI_REGISTRY"):
reg_url = config.SFI_REGISTRY
else:
- print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file
+ self.logger.errors("You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file)
errors += 1
elif hasattr(config, "SFI_USER"):
self.user = config.SFI_USER
else:
- print "You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file
+ self.logger.errors("You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file)
errors += 1
# Set authority HRN
elif hasattr(config, "SFI_AUTH"):
self.authority = config.SFI_AUTH
else:
- print "You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file
+ self.logger.error("You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file)
errors += 1
if errors:
self.cert_file = cert_file
self.cert = Certificate(filename=cert_file)
# Establish connection to server(s)
- if self.options.verbose : print "Contacting Registry at:", reg_url
+ self.logger.info("Contacting Registry at: %s"%reg_url)
self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options.debug)
- if self.options.verbose : print "Contacting Slice Manager at:", sm_url
+ self.logger.info("Contacting Slice Manager at: %s"%sm_url)
self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options.debug)
return
if (os.path.isfile(file)):
return file
else:
- print "Key file", file, "does not exist"
+ self.logger.error("Key file %s does not exist"%file)
sys.exit(-1)
return
cert.set_pubkey(k)
cert.set_issuer(k, self.user)
cert.sign()
- if self.options.verbose :
- print "Writing self-signed certificate to", file
+ self.logger.info("Writing self-signed certificate to %s"%file)
cert.save_to_file(file)
return file
if args:
hrn = args[0]
gid = self._get_gid(hrn)
- print gid.save_to_string(save_parents=True)
+ self.logger.debug("Sfi.get_gid-> %s",gid.save_to_string(save_parents=True))
return gid
def _get_gid(self, hrn=None):
if not records:
raise RecordNotFound(args[0])
gid = GID(string=records[0]['gid'])
- if self.options.verbose:
- print "Writing gid to ", gidfile
+ self.logger.info("Writing gid to %s"%gidfile)
gid.save_to_file(filename=gidfile)
return gid
def get_auth_cred(self):
if not self.authority:
- print "no authority specified. Use -a or set SF_AUTH"
+ self.logger.critical("no authority specified. Use -a or set SF_AUTH")
sys.exit(-1)
file = os.path.join(self.options.sfi_dir, get_leaf("authority") + ".cred")
return self.get_cred(file, 'authority', self.authority)
cred_str = self.registry.get_credential(user_cred, type, hrn)
if not cred_str:
- print "Failed to get %s credential" % (type)
+ self.logger.critical("Failed to get %s credential" % type)
sys.exit(-1)
cred = Credential(string=cred_str)
cred.save_to_file(file, save_parents=True)
- if self.options.verbose:
- print "Writing %s credential to %s" %(type, file)
+ self.logger.info("Writing %s credential to %s" %(type, file))
return cred
if (os.path.isfile(file)):
return file
else:
- print "No such rspec file", rspec
+ self.logger.critical("No such rspec file"%rspec)
sys.exit(1)
def get_record_file(self, record):
if (os.path.isfile(file)):
return file
else:
- print "No such registry record file", record
+ self.logger.critical("No such registry record file %s"%record)
sys.exit(1)
def load_publickey_string(self, fn):
records = self.registry.Resolve(hrn, user_cred)
records = filter_records('node', records)
if not records:
- print "No such component:", opts.component
+ self.logger.warning("No such component:%r"% opts.component)
record = records[0]
return self.get_server(record['hostname'], CM_PORT, self.key_file, \
#==========================================================================
def dispatch(self, command, cmd_opts, cmd_args):
- getattr(self, command)(cmd_opts, cmd_args)
+ return getattr(self, command)(cmd_opts, cmd_args)
# list entires in named authority registry
def list(self, opts, args):
slice_cred = self.get_slice_cred(opts.delegate_slice)
cred = self.delegate_cred(slice_cred, delegee_hrn)
else:
- print "Must specify either --user or --slice <hrn>"
+ self.logger.warning("Must specify either --user or --slice <hrn>")
return
delegated_cred = Credential(string=cred)
object_hrn = delegated_cred.get_gid_object().get_hrn()
delegated_cred.save_to_file(dest_fn, save_parents=True)
- print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
+ self.logger.info("delegated credential for %s to %s and wrote to %s"%(object_hrn, delegee_hrn,dest_fn))
def delegate_cred(self, object_cred, hrn):
# the gid and hrn of the object we are delegating
object_hrn = object_gid.get_hrn()
if not object_cred.get_privileges().get_all_delegate():
- print "Error: Object credential", object_hrn, "does not have delegate bit set"
+ self.logger.error("Object credential %s does not have delegate bit set"%object_hrn)
return
# the delegating user's gid
trusted_certs = self.registry.get_trusted_certs()
for trusted_cert in trusted_certs:
cert = Certificate(string=trusted_cert)
- print cert.get_subject()
+ self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject())
return
def aggregates(self, opts, args):
server = self.get_server_from_opts(opts)
ticket_string = server.GetTicket(slice_urn, creds, rspec, [])
file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
- print "writing ticket to ", file
+ self.logger.info("writing ticket to %s"%file)
ticket = SfaTicket(string=ticket_string)
ticket.save_to_file(filename=file, save_parents=True)
connections = {}
for hostname in hostnames:
try:
- print "Calling redeem_ticket at %(hostname)s " % locals(),
+ self.logger.info("Calling redeem_ticket at %(hostname)s " % locals())
server = self.get_server(hostname, CM_PORT, self.key_file, \
self.cert_file, self.options.debug)
server.RedeemTicket(ticket.save_to_string(save_parents=True), slice_cred)
- print "Success"
+ self.logger.info("Success")
except socket.gaierror:
- print "Failed:",
- print "Componet Manager not accepting requests"
+ self.logger.error("redeem_ticket failed: Component Manager not accepting requests")
except Exception, e:
- print "Failed:", e.message
+ self.logger.log_exc(e.message)
return
# delete named slice
server = self.get_server_from_opts(opts)
return server.Shutdown(slice_urn, creds)
+
#
# Main: parse arguments and dispatch to command
#
parser = self.create_parser()
(options, args) = parser.parse_args()
self.options = options
-
+
+ if self.options.verbose: self.logger.setLevel(logging.DEBUG)
if options.hashrequest:
self.hashrequest = True
if len(args) <= 0:
- print "No command given. Use -h for help."
- return - 1
+ self.logger.critical("No command given. Use -h for help.")
+ return -1
command = args[0]
(cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
- if self.options.verbose :
- print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
- options.sfi_dir, options.user,
- options.auth)
- print "Command %s" % command
- if command in ("resources"):
- print "resources cmd_opts %s" % cmd_opts.format
- elif command in ("list", "show", "remove"):
- print "cmd_opts.type %s" % cmd_opts.type
- print "cmd_args %s" % cmd_args
-
+
self.set_servers()
+ self.logger.info("Command %s" % command)
+ self.logger.info("dir %s, user %s, auth %s, reg %s, sm %s" % (
+ self. options.sfi_dir, self.options.user,self.options.auth,
+ self.options.registry, self.options.sm))
+ if command in ("resources"):
+ self.logger.debug("resources cmd_opts %s" % cmd_opts.format)
+ elif command in ("list", "show", "remove"):
+ self.logger.debug("cmd_opts.type %s" % cmd_opts.type)
+ self.logger.debug('cmd_args %s',cmd_args)
+
try:
self.dispatch(command, cmd_opts, cmd_args)
except KeyError:
- raise
- print "Command not found:", command
+ self.logger.critical ("Unknown command %s"%command)
sys.exit(1)
return
print >> sys.stderr, "FAILED: on node %s: %s=%s" % (node, name, value)
print command.rspec
-
-
-
print >> sys.stderr, "FAILED: on node %s: %s=%s" % (node, name, value)
print command.rspec
-
-
-
from sfa.util.faults import *
from sfa.util.storage import *
from sfa.util.policy import Policy
-from sfa.util.debug import log
from sfa.server.aggregate import Aggregates
from sfa.server.registry import Registries
from sfa.util.faults import *
from sfa.util.policy import Policy
from sfa.util.record import *
from sfa.util.sfaticket import SfaTicket
-from sfa.util.debug import log
from sfa.plc.slices import Slices
from sfa.trust.credential import Credential
import sfa.plc.peers as peers
from sfa.util.record import *
from sfa.util.sfaticket import SfaTicket
from sfa.server.registry import Registries
-from sfa.util.debug import log
from sfa.plc.slices import Slices
import sfa.plc.peers as peers
from sfa.managers.vini.vini_network import *
from sfa.trust.credential import Credential
from sfa.util.threadmanager import ThreadManager
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
-from sfa.util.debug import log
import sfa.plc.peers as peers
from copy import copy
return merged_rspec
def renew_slice(api, xrn, creds, expiration_time):
+ hrn, type = urn_to_hrn(xrn)
+
# get the callers hrn
valid_cred = api.auth.checkCredentials(creds, 'renewesliver', hrn)[0]
caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
aggregate_rspecs[aggregate_hrn] = rspec
# get the callers hrn
- valid_cred = api.auth.checkCredentials(creds, 'getticket', hrn)[0]
+ valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0]
caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
# attempt to use delegated credential first
def delete_slice(api, xrn, creds):
+ hrn, type = urn_to_hrn(xrn)
+
# get the callers hrn
valid_cred = api.auth.checkCredentials(creds, 'deletesliver', hrn)[0]
caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
return 1
def start_slice(api, xrn, creds):
+ hrn, type = urn_to_hrn(xrn)
+
# get the callers hrn
valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0]
caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
return 1
def stop_slice(api, xrn, creds):
+ hrn, type = urn_to_hrn(xrn)
+
# get the callers hrn
valid_cred = api.auth.checkCredentials(creds, 'stopslice', hrn)[0]
caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
return slices
# get the callers hrn
- valid_cred = api.auth.checkCredentials(creds, 'listslices', hrn)[0]
+ valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0]
caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
# attempt to use delegated credential first
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
from sfa.util.sfatablesRuntime import run_sfatables
-import sys
from sfa.trust.credential import Credential
class CreateSliver(Method):
allocated = manager.create_slice(self.api, slice_xrn, creds, rspec, users)
return rspec
-
from sfa.util.namespace import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
-from sfa.util.debug import log
from sfa.trust.credential import Credential
class GetCredential(Method):
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
from sfa.util.record import SfaRecord
-from sfa.util.debug import log
from sfa.trust.certificate import Certificate
class GetSelfCredential(Method):
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
from sfa.util.record import SfaRecord
-from sfa.util.debug import log
from sfa.trust.auth import Auth
from sfa.trust.gid import create_uuid
from sfa.trust.credential import Credential
from sfa.util.parameter import Parameter, Mixed
from sfa.util.record import SfaRecord
from sfa.util.table import SfaTable
-from sfa.util.debug import log
from sfa.trust.auth import Auth
from sfa.trust.gid import create_uuid
from sfa.trust.credential import Credential
from sfa.util.namespace import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
-from sfa.util.debug import log
from sfa.trust.credential import Credential
class Remove(Method):
from sfa.trust.auth import Auth
from sfa.util.record import SfaRecord
from sfa.util.table import SfaTable
-from sfa.util.debug import log
from sfa.trust.credential import Credential
from types import StringTypes
from sfa.util.namespace import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
-from sfa.util.debug import log
from sfa.trust.credential import Credential
from sfa.util.record import SfaRecord
from sfa.util.faults import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
-from sfa.util.debug import log
from sfa.trust.credential import Credential
class Update(Method):
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
from sfa.util.record import SfaRecord
-from sfa.util.debug import log
from sfa.methods.GetSelfCredential import GetSelfCredential
class get_self_credential(GetSelfCredential):
-
-### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/reset_slices.py $
-
from sfa.util.faults import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
from sfa.trust.auth import Auth
from sfa.trust.credential import Credential
+
class get_trusted_certs(Method):
"""
@param cred credential string specifying the rights of the caller
# If cred is not specified just return the gid for this interface.
# This is true when when a peer is attempting to initiate federation
# with this interface
- print cred
+ self.api.logger.debug("get_trusted_certs: %r"%cred)
if not cred:
gid_strings = []
for gid in self.api.auth.trusted_cert_list:
from sfa.util.parameter import Parameter, Mixed
from sfa.util.record import SfaRecord
from sfa.util.table import SfaTable
-from sfa.util.debug import log
from sfa.trust.auth import Auth
from sfa.trust.gid import create_uuid
from sfa.trust.credential import Credential
from sfa.trust.auth import Auth
from sfa.util.record import SfaRecord
from sfa.util.table import SfaTable
-from sfa.util.debug import log
from sfa.trust.credential import Credential
from types import StringTypes
import string
import xmlrpclib
-import sfa.util.sfalogging
+from sfa.util.sfalogging import sfa_logger
from sfa.trust.auth import Auth
from sfa.util.config import *
from sfa.util.faults import *
-from sfa.util.debug import *
from sfa.trust.rights import *
from sfa.trust.credential import *
from sfa.trust.certificate import *
self.hrn = self.config.SFA_INTERFACE_HRN
self.time_format = "%Y-%m-%d %H:%M:%S"
- self.logger=sfa.util.sfalogging.logger
+ self.logger=sfa_logger
def getPLCShell(self):
self.plauth = {'Username': self.config.SFA_PLC_USER,
import string
import xmlrpclib
-import sfa.util.sfalogging
+from sfa.util.sfalogging import sfa_logger
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
from sfa.trust.auth import Auth
from sfa.util.config import *
from sfa.util.faults import *
-from sfa.util.debug import *
from sfa.trust.rights import *
from sfa.trust.credential import *
from sfa.trust.certificate import *
self.hrn = self.config.SFA_INTERFACE_HRN
self.time_format = "%Y-%m-%d %H:%M:%S"
- self.logger=sfa.util.sfalogging.logger
+ self.logger=sfa_logger
def getPLCShell(self):
self.plauth = {'Username': self.config.SFA_PLC_USER,
def getCredential(self):
"""
- Retrun a valid credential for this interface.
+ Return a valid credential for this interface.
"""
if self.interface in ['registry']:
return self.getCredentialFromLocalRegistry()
self.hostname = iface['hostname']
self.primary = iface['is_primary']
- """
- Just print out bwlimit right now
- """
def toxml(self, xml):
+ """
+ Just print out bwlimit right now
+ """
if self.bwlimit:
with xml.bw_limit(units="kbps"):
xml << str(self.bwlimit / 1000)
import xmlrpclib
class RemoteShell:
- def __init__(self):
+ def __init__(self,logger):
self.servers = {}
+ self.logger=logger
def call(self, name, pl_auth, *args):
key = pl_auth["Url"] + "#" + pl_auth["Username"]
if not (key in self.servers):
+ self.logger.info("Connecting to PLCAPI at url %s"%pl_auth['Url'])
server = xmlrpclib.Server(pl_auth["Url"], verbose = 0, allow_none=True)
#server.AdmAuthCheck(pl_auth)
server.AuthCheck(pl_auth)
#!/usr/bin/python
#
-### $Id$
-### $URL$
-#
##
# Import PLC records into the SFA database. It is indended that this tool be
# run once to create SFA records that reflect the current state of the
import getopt
import sys
import tempfile
-import logging.handlers
import logging
+
from sfa.util.record import *
from sfa.util.table import SfaTable
from sfa.util.namespace import *
from sfa.trust.hierarchy import *
from sfa.plc.api import *
from sfa.trust.gid import create_uuid
-from sfa.plc.sfaImport import *
-from sfa.util.report import trace, error
+from sfa.plc.sfaImport import sfaImport
def process_options():
- global hrn
(options, args) = getopt.getopt(sys.argv[1:], '', [])
for opt in options:
f.close()
def main():
- # setup the logger
- LOGFILE='/var/log/sfa_import_plc.log'
- logging.basicConfig(level=logging.INFO,
- format='%(asctime)s - %(message)s',
- filename=LOGFILE)
- rotate_handler = logging.handlers.RotatingFileHandler(LOGFILE, maxBytes=1000000, backupCount=5)
- logger = logging.getLogger()
- logger.addHandler(rotate_handler)
-
+
process_options()
config = Config()
if not config.SFA_REGISTRY_ENABLED:
root_auth = config.SFA_REGISTRY_ROOT_AUTH
interface_hrn = config.SFA_INTERFACE_HRN
keys_filename = config.config_path + os.sep + 'person_keys.py'
- sfaImporter = sfaImport(logger)
+ sfaImporter = sfaImport()
+ if config.SFA_API_DEBUG: sfaImporter.logger.setLevel(logging.DEBUG)
shell = sfaImporter.shell
plc_auth = sfaImporter.plc_auth
- AuthHierarchy = sfaImporter.AuthHierarchy
- TrustedRoots = sfaImporter.TrustedRoots
table = SfaTable()
if not table.exists():
if not root_auth == interface_hrn:
sfaImporter.create_top_level_auth_records(interface_hrn)
- trace("Import: adding " + interface_hrn + " to trusted list", logger)
- authority = AuthHierarchy.get_auth_info(interface_hrn)
- TrustedRoots.add_gid(authority.get_gid_object())
+ sfaImporter.logger.info("Import: adding " + interface_hrn + " to trusted list")
+ authority = sfaImporter.AuthHierarchy.get_auth_info(interface_hrn)
+ sfaImporter.TrustedRoots.add_gid(authority.get_gid_object())
if ".vini" in interface_hrn and interface_hrn.endswith('vini'):
# create a fake internet2 site first
sfaImporter.delete_record(record_hrn, type)
# save pub keys
- trace('Import: saving current pub keys', logger)
+ sfaImporter.logger.info('Import: saving current pub keys')
save_keys(keys_filename, person_keys)
if __name__ == "__main__":
from sfa.trust.hierarchy import *
from sfa.util.record import *
from sfa.util.table import SfaTable
+from sfa.util.sfalogging import sfa_import_logger
def process_options():
def main():
process_options()
- print "Purging SFA records from database"
+ sfa_import_logger.info("Purging SFA records from database")
table = SfaTable()
table.sfa_records_purge()
import sys
import tempfile
+from sfa.util.sfalogging import sfa_import_logger
from sfa.util.record import *
from sfa.util.table import SfaTable
from sfa.util.namespace import *
from sfa.util.config import Config
-from sfa.util.report import trace, error
from sfa.trust.certificate import convert_public_key, Keypair
from sfa.trust.trustedroot import *
from sfa.trust.hierarchy import *
from sfa.trust.gid import create_uuid
-def un_unicode(str):
+def _un_unicode(str):
if isinstance(str, unicode):
return str.encode("ascii", "ignore")
else:
return str
-def cleanup_string(str):
+def _cleanup_string(str):
# pgsql has a fit with strings that have high ascii in them, so filter it
# out when generating the hrns.
tmp = ""
tmp = tmp + c
str = tmp
- str = un_unicode(str)
+ str = _un_unicode(str)
str = str.replace(" ", "_")
str = str.replace(".", "_")
str = str.replace("(", "_")
class sfaImport:
- def __init__(self, logger=None):
- self.logger = logger
+ def __init__(self):
+ self.logger = sfa_import_logger
self.AuthHierarchy = Hierarchy()
self.config = Config()
self.TrustedRoots = TrustedRootList(Config.get_trustedroots_dir(self.config))
self.shell = None
if "Url" in self.plc_auth:
from sfa.plc.remoteshell import RemoteShell
- self.shell = RemoteShell()
+ self.shell = RemoteShell(self.logger)
else:
import PLC.Shell
self.shell = PLC.Shell.Shell(globals = globals())
def create_top_level_auth_records(self, hrn):
- AuthHierarchy = self.AuthHierarchy
urn = hrn_to_urn(hrn, 'authority')
# make sure parent exists
parent_hrn = get_authority(hrn)
self.create_top_level_auth_records(parent_hrn)
# create the authority if it doesnt already exist
- if not AuthHierarchy.auth_exists(urn):
- trace("Import: creating top level authorites", self.logger)
- AuthHierarchy.create_auth(urn)
+ if not self.AuthHierarchy.auth_exists(urn):
+ self.logger.info("Import: creating top level authorites")
+ self.AuthHierarchy.create_auth(urn)
# create the db record if it doesnt already exist
- auth_info = AuthHierarchy.get_auth_info(hrn)
+ auth_info = self.AuthHierarchy.get_auth_info(hrn)
table = SfaTable()
auth_record = table.find({'type': 'authority', 'hrn': hrn})
if not auth_record:
auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=-1)
auth_record['authority'] = get_authority(auth_record['hrn'])
- trace("Import: inserting authority record for " + hrn, self.logger)
+ self.logger.info("Import: inserting authority record for " + hrn)
table.insert(auth_record)
def import_person(self, parent_hrn, person):
- AuthHierarchy = self.AuthHierarchy
hrn = email_to_hrn(parent_hrn, person['email'])
# ASN.1 will have problems with hrn's longer than 64 characters
if len(hrn) > 64:
hrn = hrn[:64]
- trace("Import: importing person " + hrn, self.logger)
+ self.logger.info("Import: importing person " + hrn)
key_ids = []
if 'key_ids' in person and person['key_ids']:
key_ids = person["key_ids"]
pkey = Keypair(create=True)
else:
# the user has no keys
- trace(" person " + hrn + " does not have a PL public key", self.logger)
+ self.logger.info(" person " + hrn + " does not have a PL public key")
# if a key is unavailable, then we still need to put something in the
# user's GID. So make one up.
pkey = Keypair(create=True)
# create the gid
urn = hrn_to_urn(hrn, 'user')
- person_gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey)
+ person_gid = self.AuthHierarchy.create_gid(urn, create_uuid(), pkey)
table = SfaTable()
person_record = SfaRecord(hrn=hrn, gid=person_gid, type="user", pointer=person['person_id'])
person_record['authority'] = get_authority(person_record['hrn'])
if not existing_records:
table.insert(person_record)
else:
- trace("Import: %s exists, updating " % hrn, self.logger)
+ self.logger.info("Import: %s exists, updating " % hrn)
existing_record = existing_records[0]
person_record['record_id'] = existing_record['record_id']
table.update(person_record)
def import_slice(self, parent_hrn, slice):
- AuthHierarchy = self.AuthHierarchy
slicename = slice['name'].split("_",1)[-1]
- slicename = cleanup_string(slicename)
+ slicename = _cleanup_string(slicename)
if not slicename:
- error("Import_Slice: failed to parse slice name " + slice['name'], self.logger)
+ self.logger.error("Import_Slice: failed to parse slice name " + slice['name'])
return
hrn = parent_hrn + "." + slicename
- trace("Import: importing slice " + hrn, self.logger)
+ self.logger.info("Import: importing slice " + hrn)
pkey = Keypair(create=True)
urn = hrn_to_urn(hrn, 'slice')
- slice_gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey)
+ slice_gid = self.AuthHierarchy.create_gid(urn, create_uuid(), pkey)
slice_record = SfaRecord(hrn=hrn, gid=slice_gid, type="slice", pointer=slice['slice_id'])
slice_record['authority'] = get_authority(slice_record['hrn'])
table = SfaTable()
if not existing_records:
table.insert(slice_record)
else:
- trace("Import: %s exists, updating " % hrn, self.logger)
+ self.logger.info("Import: %s exists, updating " % hrn)
existing_record = existing_records[0]
slice_record['record_id'] = existing_record['record_id']
table.update(slice_record)
def import_node(self, parent_hrn, node):
- AuthHierarchy = self.AuthHierarchy
nodename = node['hostname'].split(".")[0]
- nodename = cleanup_string(nodename)
+ nodename = _cleanup_string(nodename)
if not nodename:
- error("Import_node: failed to parse node name " + node['hostname'], self.logger)
+ self.logger.error("Import_node: failed to parse node name " + node['hostname'])
return
hrn = parent_hrn + "." + nodename
- trace("Import: importing node " + hrn, self.logger)
+ self.logger.info("Import: importing node " + hrn)
# ASN.1 will have problems with hrn's longer than 64 characters
if len(hrn) > 64:
hrn = hrn[:64]
node_record = table.find({'type': 'node', 'hrn': hrn})
pkey = Keypair(create=True)
urn = hrn_to_urn(hrn, 'node')
- node_gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey)
+ node_gid = self.AuthHierarchy.create_gid(urn, create_uuid(), pkey)
node_record = SfaRecord(hrn=hrn, gid=node_gid, type="node", pointer=node['node_id'])
node_record['authority'] = get_authority(node_record['hrn'])
existing_records = table.find({'hrn': hrn, 'type': 'node', 'pointer': node['node_id']})
if not existing_records:
table.insert(node_record)
else:
- trace("Import: %s exists, updating " % hrn, self.logger)
+ self.logger.info("Import: %s exists, updating " % hrn)
existing_record = existing_records[0]
node_record['record_id'] = existing_record['record_id']
table.update(node_record)
def import_site(self, parent_hrn, site):
- AuthHierarchy = self.AuthHierarchy
shell = self.shell
plc_auth = self.plc_auth
sitename = site['login_base']
- sitename = cleanup_string(sitename)
+ sitename = _cleanup_string(sitename)
print 'importing site %s' % sitename
hrn = parent_hrn + "." + sitename
# Hardcode 'internet2' into the hrn for sites hosting
hrn = ".".join([parent_hrn, "internet2", sitename])
urn = hrn_to_urn(hrn, 'authority')
- trace("Import: importing site " + hrn, self.logger)
+ self.logger.info("Import: importing site " + hrn)
# create the authority
- if not AuthHierarchy.auth_exists(urn):
- AuthHierarchy.create_auth(urn)
+ if not self.AuthHierarchy.auth_exists(urn):
+ self.AuthHierarchy.create_auth(urn)
- auth_info = AuthHierarchy.get_auth_info(urn)
+ auth_info = self.AuthHierarchy.get_auth_info(urn)
table = SfaTable()
auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=site['site_id'])
if not existing_records:
table.insert(auth_record)
else:
- trace("Import: %s exists, updating " % hrn, self.logger)
+ self.logger.info("Import: %s exists, updating " % hrn)
existing_record = existing_records[0]
auth_record['record_id'] = existing_record['record_id']
table.update(auth_record)
table = SfaTable()
record_list = table.find({'type': type, 'hrn': hrn})
for record in record_list:
- trace("Import: Removing record %s %s" % (type, hrn), self.logger)
+ self.logger.info("Import: Removing record %s %s" % (type, hrn))
table.remove(record)
from sfa.util.record import SfaRecord
from sfa.util.policy import Policy
from sfa.util.prefixTree import prefixTree
-from sfa.util.debug import log
MAXINT = 2L**31-1
from sfa.util.faults import *
from sfa.util.storage import *
from sfa.util.policy import Policy
-from sfa.util.debug import log
from sfa.server.aggregate import Aggregates
from sfa.server.registry import Registries
from sfa.util.faults import *
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
import sfa.util.soapprotocol as soapprotocol
-
# GeniLight client support is optional
try:
from egeni.geniLight_client import *
except:
message = "interface: %s\tunable to install trusted gid for %s" % \
(self.api.interface, new_hrn)
- self.api.logger.info(message)
- traceback.print_exc()
+ self.api.logger.log_exc(message)
# reload the trusted certs list
self.api.auth.load_trusted_certs()
defined in the config file (registries.xml). Removes old records from
the db.
"""
- # import SfaTable here so this module can be loaded by CompoenetAPI
+ # import SfaTable here so this module can be loaded by ComponentAPI
from sfa.util.table import SfaTable
if not gids:
return
from mod_python import apache
from sfa.plc.api import SfaAPI
-from sfa.util.debug import log
+from sfa.util.sfalogging import sfa_logger
api = SfaAPI(interface='aggregate')
-class unbuffered:
- """\r
- Write to /var/log/httpd/error_log. See\r
-\r
- http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp\r
- """\r
-\r
- def write(self, data):\r
- sys.stderr.write(data)\r
- sys.stderr.flush()\r
-\r
-#log = unbuffered()
-
def handler(req):
try:
if req.method != "POST":
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- print >> log, err, traceback.format_exc()
+ sfa_logger.log_exc('%r'%err)
return apache.HTTP_INTERNAL_SERVER_ERROR
import traceback
import xmlrpclib
from mod_python import apache
-from sfa.util.debug import log
+
from sfa.plc.api import SfaAPI
+from sfa.util.sfalogging import sfa_logger
api = SfaAPI(interface='registry')
-class unbuffered:
- """\r
- Write to /var/log/httpd/error_log. See\r
-\r
- http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp\r
- """\r
-\r
- def write(self, data):\r
- sys.stderr.write(data)\r
- sys.stderr.flush()\r
-\r
-#log = unbuffered()
-
def handler(req):
try:
if req.method != "POST":
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- print >> log, err, traceback.format_exc()
+ sfa_logger.log_exc('%r'%err)
return apache.HTTP_INTERNAL_SERVER_ERROR
from mod_python import apache
from sfa.plc.api import SfaAPI
-from sfa.util.debug import log
+from sfa.util.sfalogging import sfa_logger
api = SfaAPI(interface='slicemgr')
-class unbuffered:
- """\r
- Write to /var/log/httpd/error_log. See\r
-\r
- http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp\r
- """\r
-\r
- def write(self, data):\r
- sys.stderr.write(data)\r
- sys.stderr.flush()\r
-\r
-#log = unbuffered()
-
def handler(req):
try:
if req.method != "POST":
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- print >> log, err, traceback.format_exc()
+ sfa_logger.log_exc('%r'%err)
return apache.HTTP_INTERNAL_SERVER_ERROR
from ApiExceptionCodes import *
-VerboseExceptions = False
-
-def EnableVerboseExceptions(x=True):
- global VerboseExceptions
- VerboseExceptions = x
-
class ExceptionUnmarshaller(xmlrpclib.Unmarshaller):
def close(self):
- try:\r
- return xmlrpclib.Unmarshaller.close(self)\r
- except xmlrpclib.Fault, e:\r
- # if the server tagged some traceback info onto the end of the\r
- # exception text, then print it out on the client.\r
-\r
- if "\nFAULT_TRACEBACK:" in e.faultString:\r
- parts = e.faultString.split("\nFAULT_TRACEBACK:")\r
- e.faultString = parts[0]\r
- if VerboseExceptions:\r
- print "\n|Server Traceback:", "\n|".join(parts[1].split("\n"))\r
-\r
- raise e\r
-\r
+ try:
+ return xmlrpclib.Unmarshaller.close(self)
+ except xmlrpclib.Fault, e:
+ # if the server tagged some traceback info onto the end of the
+ # exception text, then print it out on the client.
+
+ if "\nFAULT_TRACEBACK:" in e.faultString:
+ parts = e.faultString.split("\nFAULT_TRACEBACK:")
+ e.faultString = parts[0]
+ if BaseClient.VerboseExceptions:
+ print "\n|Server Traceback:", "\n|".join(parts[1].split("\n"))
+
+ raise e
+
class ExceptionReportingTransport(xmlrpclib.Transport):
def make_connection(self, host):
- import httplib\r
- if host.startswith("https:"):\r
- return httplib.HTTPS(host)\r
- else:\r
- return httplib.HTTP(host)\r
-\r
- def getparser(self):\r
- unmarshaller = ExceptionUnmarshaller()\r
- parser = xmlrpclib.ExpatParser(unmarshaller)\r
+ import httplib
+ if host.startswith("https:"):
+ return httplib.HTTPS(host)
+ else:
+ return httplib.HTTP(host)
+
+ def getparser(self):
+ unmarshaller = ExceptionUnmarshaller()
+ parser = xmlrpclib.ExpatParser(unmarshaller)
return parser, unmarshaller
class BaseClient():
+
+ VerboseExceptions = False
+
def __init__(self, url):
self.url = url
self.server = xmlrpclib.ServerProxy(self.url, ExceptionReportingTransport())
def noop(self, value):
return self.server.noop(value)
+
+ @staticmethod
+ def EnableVerboseExceptions(x=True):
+ BaseClient.VerboseExceptions = x
+
import xmlrpclib
from mod_python import apache
+from sfa.util.logging import sfa_logger
from API import RemoteApi
api = RemoteApi()
-class unbuffered:
- """\r
- Write to /var/log/httpd/error_log. See\r
-\r
- http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp\r
- """\r
-\r
- def write(self, data):\r
- sys.stderr.write(data)\r
- sys.stderr.flush()\r
-\r
-#log = unbuffered()
-
def handler(req):
try:
if req.method != "POST":
except Exception, err:
# Log error in /var/log/httpd/(ssl_)?error_log
- print >> log, err, traceback.format_exc()
+ sfa_logger.log_exc("%r"%e)
return apache.HTTP_INTERNAL_SERVER_ERROR
import sys
import traceback
-from BaseClient import BaseClient, EnableVerboseExceptions
+from BaseClient import BaseClient
from AuthenticatedClient import AuthenticatedClient
-EnableVerboseExceptions(True)
+BaseClient.EnableVerboseExceptions(True)
HOST = "localhost"
URL = "http://" + HOST + "/TESTAPI/"
from sfa.util.config import Config
from sfa.trust.certificate import Keypair
from sfa.trust.hierarchy import Hierarchy
-from sfa.util.report import trace, error
from sfa.server.registry import Registries
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
import socket
##
# TCP ports for the three servers
-registry_port=12345
-aggregate_port=12346
-slicemgr_port=12347
+#registry_port=12345
+#aggregate_port=12346
+#slicemgr_port=12347
+### xxx todo not in the config yet
component_port=12346
import os, os.path
import sys
from optparse import OptionParser
+import logging
+
+from sfa.util.sfalogging import sfa_logger
from sfa.trust.trustedroot import TrustedRootList
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.util.config import Config
-from sfa.util.report import trace
from sfa.plc.api import SfaAPI
from sfa.server.registry import Registries
from sfa.server.aggregate import Aggregates
devnull = os.open(os.devnull, os.O_RDWR)
os.dup2(devnull, 0)
# xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
- crashlog = os.open('/var/log/sfa.daemon', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
+ crashlog = os.open('/var/log/httpd/sfa_access_log', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
os.dup2(crashlog, 1)
os.dup2(crashlog, 2)
if not os.path.exists(key_file):
# if it doesnt exist then this is probably a fresh interface
# with no records. Generate a random keypair for now
- trace("server's public key not found in %s" % key_file)
- trace("generating a random server key pair")
+ sfa_logger.debug("server's public key not found in %s" % key_file)
+ sfa_logger.debug("generating a random server key pair")
key = Keypair(create=True)
key.save_to_file(server_key_file)
cert = Certificate(subject=subject)
aggregates.sync_interfaces()
def main():
- # xxx get rid of globals - name consistently CamelCase or under_score
- global AuthHierarchy
- global TrustedRoots
- global registry_port
- global aggregate_port
- global slicemgr_port
-
# Generate command line parser
parser = OptionParser(usage="sfa-server [options]")
parser.add_option("-r", "--registry", dest="registry", action="store_true",
parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
help="Run as daemon.", default=False)
(options, args) = parser.parse_args()
-
+ if options.verbose: sfa_logger.setLevel(logging.DEBUG)
config = Config()
+ if config.SFA_API_DEBUG: sfa_logger.setLevel(logging.DEBUG)
hierarchy = Hierarchy()
server_key_file = os.path.join(hierarchy.basedir, "server.key")
server_cert_file = os.path.join(hierarchy.basedir, "server.cert")
# start registry server
if (options.registry):
from sfa.server.registry import Registry
- r = Registry("", registry_port, server_key_file, server_cert_file)
+ r = Registry("", config.SFA_REGISTRY_PORT, server_key_file, server_cert_file)
r.start()
# start aggregate manager
if (options.am):
from sfa.server.aggregate import Aggregate
- a = Aggregate("", aggregate_port, server_key_file, server_cert_file)
+ a = Aggregate("", config.SFA_AGGREGATE_PORT, server_key_file, server_cert_file)
a.start()
# start slice manager
if (options.sm):
from sfa.server.slicemgr import SliceMgr
- s = SliceMgr("", slicemgr_port, server_key_file, server_cert_file)
+ s = SliceMgr("", config.SFA_SM_PORT, server_key_file, server_cert_file)
s.start()
if (options.cm):
from sfa.server.component import Component
- c = Component("", component_port, server_key_file, server_cert_file)
+ c = Component("", config.component_port, server_key_file, server_cert_file)
+# c = Component("", config.SFA_COMPONENT_PORT, server_key_file, server_cert_file)
c.start()
if __name__ == "__main__":
- main()
+ try:
+ main()
+ except:
+ sfa_logger.log_exc_critical("SFA server is exiting")
#
-#import sfa.util.sfalogging
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import Credential
from sfa.trust.trustedroot import TrustedRootList
import M2Crypto
from M2Crypto import X509
-import sfa.util.sfalogging
+from sfa.util.sfalogging import sfa_logger
from sfa.util.namespace import urn_to_hrn
from sfa.util.faults import *
try:
k.load_pubkey_from_file(ssl_fn)
except:
- traceback.print_exc()
+ sfa_logger.log_exc("convert_public_key caught exception")
k = None
# remove the temporary files
# if this cert is signed by a trusted_cert, then we are set
for trusted_cert in trusted_certs:
if self.is_signed_by_cert(trusted_cert):
- sfa.util.sfalogging.logger.debug("Cert %s signed by trusted cert %s", self.get_subject(), trusted_cert.get_subject())
+ sfa_logger.debug("Cert %s signed by trusted cert %s", self.get_subject(), trusted_cert.get_subject())
# verify expiration of trusted_cert ?
if not trusted_cert.cert.has_expired():
return trusted_cert
else:
- sfa.util.sfalogging.logger.debug("Trusted cert %s is expired", trusted_cert.get_subject())
+ sfa_logger.debug("Trusted cert %s is expired", trusted_cert.get_subject())
# if there is no parent, then no way to verify the chain
if not self.parent:
- #print self.get_subject(), "has no parent"
+ sfa_logger.debug("%r has no parent"%self.get_subject())
raise CertMissingParent(self.get_subject())
# if it wasn't signed by the parent...
if not self.is_signed_by_cert(self.parent):
- #print self.get_subject(), "is not signed by parent"
+ sfa_logger.debug("%r is not signed by parent"%self.get_subject())
return CertNotSignedByParent(self.get_subject())
# if the parent isn't verified...
from xml.dom.minidom import Document, parseString
from dateutil.parser import parse
-import sfa.util.sfalogging
+from sfa.util.sfalogging import sfa_logger
from sfa.trust.certificate import Keypair
from sfa.trust.credential_legacy import CredentialLegacy
from sfa.trust.rights import *
trusted_cert_objects.append(GID(filename=f))
ok_trusted_certs.append(f)
except Exception, exc:
- sfa.util.sfalogging.logger.error("Failed to load trusted cert from %s: %r", f, exc)
+ sfa_logger.error("Failed to load trusted cert from %s: %r", f, exc)
trusted_certs = ok_trusted_certs
# Use legacy verification if this is a legacy credential
# Maybe should be (hrn, type) = urn_to_hrn(root_cred_signer.get_urn())
root_cred_signer_type = root_cred_signer.get_type()
if (root_cred_signer_type == 'authority'):
- #sfa.util.sfalogging.logger.debug('Cred signer is an authority')
+ #sfa_logger.debug('Cred signer is an authority')
# signer is an authority, see if target is in authority's domain
hrn = root_cred_signer.get_hrn()
if root_target_gid.get_hrn().startswith(hrn):
import xmlrpclib
import uuid
-import sfa.util.sfalogging
+from sfa.util.sfalogging import sfa_logger
from sfa.trust.certificate import Certificate
from sfa.util.namespace import *
Certificate.__init__(self, create, subject, string, filename)
if subject:
- sfa.util.sfalogging.logger.debug("Creating GID for subject: %s" % subject)
+ sfa_logger.debug("Creating GID for subject: %s" % subject)
if uuid:
self.uuid = int(uuid)
if hrn:
if self.parent:
# make sure the parent's hrn is a prefix of the child's hrn
if not self.get_hrn().startswith(self.parent.get_hrn()):
- #print self.get_hrn(), " ", self.parent.get_hrn()
- raise GidParentHrn("This cert %s HRN doesnt start with parent HRN %s" % (self.get_hrn(), self.parent.get_hrn()))
+ raise GidParentHrn("This cert HRN %s doesnt start with parent HRN %s" % (self.get_hrn(), self.parent.get_hrn()))
else:
# make sure that the trusted root's hrn is a prefix of the child's
trusted_gid = GID(string=trusted_root.save_to_string())
import os
-from sfa.util.report import *
+from sfa.util.sfalogging import sfa_logger
from sfa.trust.certificate import Keypair
from sfa.trust.credential import *
from sfa.trust.gid import GID, create_uuid
def create_auth(self, xrn, create_parents=False):
hrn, type = urn_to_hrn(xrn)
- trace("Hierarchy: creating authority: " + hrn)
+ sfa_logger.debug("Hierarchy: creating authority: " + hrn)
# create the parent authority if necessary
parent_hrn = get_authority(hrn)
pass
if os.path.exists(privkey_filename):
- print "using existing key", privkey_filename, "for authority", hrn
+ sfa_logger.debug("using existing key %r for authority %r"%(privkey_filename,hrn))
pkey = Keypair(filename = privkey_filename)
else:
pkey = Keypair(create = True)
# @param xrn the human readable name of the authority to create (urn will be converted to hrn).
def get_auth_info(self, xrn):
-
- #trace("Hierarchy: getting authority: " + hrn)
hrn, type = urn_to_hrn(xrn)
+ sfa_logger.debug("Hierarchy: getting authority: " + hrn)
if not self.auth_exists(hrn):
raise MissingAuthority(hrn)
from pprint import pformat
from sfa.util.faults import *
-from sfa.util.debug import *
+from sfa.util.sfalogging import sfa_logger
if not psycopg2:
is8bit = re.compile("[\x80-\xff]").search
if not params:
if self.debug:
- print >> log,'execute0',query
+ sfa_logger.debug('execute0 %r'%query)
cursor.execute(query)
elif isinstance(params,dict):
if self.debug:
- print >> log,'execute-dict: params',params,'query',query%params
+ sfa_logger.debug('execute-dict: params=[%r] query=[%r]'%(params,query%params))
cursor.execute(query,params)
elif isinstance(params,tuple) and len(params)==1:
if self.debug:
- print >> log,'execute-tuple',query%params[0]
+ sfa_logger.debug('execute-tuple %r'%(query%params[0]))
cursor.execute(query,params[0])
else:
param_seq=(params,)
if self.debug:
for params in param_seq:
- print >> log,'executemany',query%params
+ sfa_logger.debug('executemany %r'%(query%params))
cursor.executemany(query, param_seq)
(self.rowcount, self.description, self.lastrowid) = \
(cursor.rowcount, cursor.description, cursor.lastrowid)
except:
pass
uuid = commands.getoutput("uuidgen")
- print >> log, "Database error %s:" % uuid
- print >> log, e
- print >> log, "Query:"
- print >> log, query
- print >> log, "Params:"
- print >> log, pformat(params)
+ sfa_logger.error("Database error %s:" % uuid)
+ sfa_logger.error("Exception=%r"%e)
+ sfa_logger.error("Query=%r"%query)
+ sfa_logger.error("Params=%r"%pformat(params))
+ sfa_logger.log_exc("PostgreSQL.execute caught exception")
raise SfaDBError("Please contact support: %s" % str(e))
return cursor
import string
import xmlrpclib
-import sfa.util.sfalogging
+from sfa.util.sfalogging import sfa_logger
from sfa.trust.auth import Auth
from sfa.util.config import *
from sfa.util.faults import *
-from sfa.util.debug import *
from sfa.trust.credential import *
from sfa.trust.certificate import *
from sfa.util.namespace import *
self.credential = None
self.source = None
self.time_format = "%Y-%m-%d %H:%M:%S"
- self.logger=sfa.util.sfalogging.logger
+ self.logger=sfa_logger
# load registries
from sfa.server.registry import Registries
except SfaFault, fault:
result = fault
except Exception, fault:
- traceback.print_exc(file = log)
+ sfa_logger.log_exc("BaseAPI.handle has caught Exception")
result = SfaAPIError(fault)
import SimpleHTTPServer
import SimpleXMLRPCServer
from OpenSSL import SSL
+
+from sfa.util.sfalogging import sfa_logger
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import *
from sfa.util.faults import *
from sfa.plc.api import ComponentAPI
from sfa.util.server import verify_callback, ThreadedServer
-from sfa.util.debug import log
##
# internal error, report as HTTP server error
self.send_response(500)
self.end_headers()
- traceback.print_exc()
+ sfa_logger.log_exc("componentserver.SecureXMLRpcRequestHandler.do_POST")
else:
# got a valid XML RPC response
self.send_response(200)
import os.path
import traceback
-from sfa.util.debug import log
-
class Config:
"""
Parse the bash/Python/PHP version of the configuration file. Very
+++ /dev/null
-### $Id$
-### $URL$
-
-import time
-import sys
-import syslog
-
-class unbuffered:
- """
- Write to /var/log/httpd/error_log. See
-
- http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp
- """
-
- def write(self, data):
- sys.stderr.write(data)
- sys.stderr.flush()
-
-log = unbuffered()
-
-def profile(callable):
- """
- Prints the runtime of the specified callable. Use as a decorator, e.g.,
-
- @profile
- def foo(...):
- ...
-
- Or, equivalently,
-
- def foo(...):
- ...
- foo = profile(foo)
-
- Or inline:
-
- result = profile(foo)(...)
- """
-
- def wrapper(*args, **kwds):
- start = time.time()
- result = callable(*args, **kwds)
- end = time.time()
- args = map(str, args)
- args += ["%s = %s" % (name, str(value)) for (name, value) in kwds.items()]
- print >> log, "%s (%s): %f s" % (callable.__name__, ", ".join(args), end - start)
- return result
-
- return wrapper
-
-if __name__ == "__main__":
- def sleep(seconds = 1):
- time.sleep(seconds)
-
- sleep = profile(sleep)
-
- sleep(1)
clip_part += " ORDER BY " + ",".join(sorts)
if clips:
clip_part += " " + " ".join(clips)
-# print 'where_part=',where_part,'clip_part',clip_part
return (where_part,clip_part)
import xmlrpclib
-import sfa.util.sfalogging
+from sfa.util.sfalogging import sfa_logger
from sfa.util.faults import *
from sfa.util.parameter import Parameter, Mixed, python_type, xmlrpc_type
from sfa.trust.auth import Auth
-#from sfa.util.debug import profile, log
# we inherit object because we use new-style classes for legacy methods
class Method (object):
runtime = time.time() - start
if self.api.config.SFA_API_DEBUG or hasattr(self, 'message'):
- msg=getattr(self,'message',"method %s completed"%methodname)
- sfa.util.sfalogging.logger.info(msg)
- # XX print to some log file
- # print >> log, "some output"
+ msg=getattr(self,'message',"method %s completed in %02f s"%(methodname,runtime))
+ sfa_logger.info(msg)
return result
# Prepend caller and method name to expected faults
fault.faultString = caller + ": " + self.name + ": " + fault.faultString
runtime = time.time() - start
-# if self.api.config.SFA_API_DEBUG:
-# traceback.print_exc()
- sfa.util.sfalogging.log_exc("Method %s raised an exception"%self.name)
+ sfa_logger.log_exc("Method %s raised an exception"%self.name)
raise fault
import os
from sfa.util.storage import *
-from sfa.util.debug import log
class Policy(SimpleStorage):
from sfa.trust.gid import *
-import sfa.util.report
from sfa.util.rspec import *
from sfa.util.parameter import *
from sfa.util.namespace import *
+++ /dev/null
-def trace(x, logger=None):
- if logger:
- logger.info(x)
- else:
- print x
-
-def error(x, logger=None):
- if logger:
- logger.error(x)
- else:
- print x
from lxml import etree
from StringIO import StringIO
+from sfa.util.sfalogging import sfa_logger
class RSpec:
except Exception, e:
# logging.debug("%s: web file not found" % xsdURI)
# logging.debug("Using local file %s" % self.xsd")
- print e
- print "Can't find %s on the web. Continuing." % xsdURI
+ sfa_logger.log_exc("rspec.parseXSD: can't find %s on the web. Continuing." % xsdURI)
if not schemaDom:
if os.path.exists(xsdURI):
# logging.debug("using local copy.")
- print "Using local %s" % xsdURI
+ sfa_logger.debug("rspec.parseXSD: Using local %s" % xsdURI)
schemaDom = minidom.parse(xsdURI)
else:
- raise Exception("Can't find xsd locally")
+ raise Exception("rspec.parseXSD: can't find xsd locally")
self.schemaDict = self.toDict(schemaDom.childNodes[0])
from OpenSSL import SSL
from Queue import Queue
-#import sfa.util.sfalogging
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.credential import *
from sfa.util.faults import *
from sfa.plc.api import SfaAPI
from sfa.util.cache import Cache
-#from sfa.util.debug import log
##
# Verification callback for pyOpenSSL. We do our own checking of keys because
# we have our own authentication spec. Thus we disable several of the normal
except Exception, fault:
# This should only happen if the module is buggy
# internal error, report as HTTP server error
- traceback.print_exc()
+ sfa_error.log_exc("server.do_POST")
response = self.api.prepare_response(fault)
#self.send_response(500)
#self.end_headers()
-import logging
+#!/usr/bin/python
+
import os
import traceback
+import logging, logging.handlers
+
+# a logger that can handle tracebacks
+class _SfaLogger:
+ def __init__ (self,logfile=None,loggername=None,level=logging.INFO):
+ # default is to locate loggername from the logfile if avail.
+ if not logfile:
+ loggername='console'
+ handler=logging.StreamHandler()
+ handler.setFormatter(logging.Formatter("%(message)s"))
+ else:
+ if not loggername:
+ loggername=os.path.basename(logfile)
+ try:
+ handler=logging.handlers.RotatingFileHandler(logfile,maxBytes=1000000, backupCount=5)
+ except IOError:
+ # This is usually a permissions error becaue the file is
+ # owned by root, but httpd is trying to access it.
+ tmplogfile=os.getenv("TMPDIR", "/tmp") + os.path.sep + os.path.basename(logfile)
+ handler=logging.handlers.RotatingFileHandler(tmplogfile,maxBytes=1000000, backupCount=5)
+ handler.setFormatter(logging.Formatter("%(asctime)s - %(levelname)s - %(message)s"))
+
+ self.logger=logging.getLogger(loggername)
+ self.logger.setLevel(level)
+ self.logger.addHandler(handler)
-#SFA access log initialization
-TMPDIR = os.getenv("TMPDIR", "/tmp")
-SFA_HTTPD_ACCESS_LOGFILE = TMPDIR + "/" + 'sfa_httpd_access.log'
-SFA_ACCESS_LOGFILE='/var/log/sfa_access.log'
-logger=logging.getLogger()
-#logger.setLevel(logging.INFO)
-logger.setLevel(logging.DEBUG)
-
-try:
- logfile=logging.FileHandler(SFA_ACCESS_LOGFILE)
-except IOError:
- # This is usually a permissions error becaue the file is
- # owned by root, but httpd is trying to access it.
- logfile=logging.FileHandler(SFA_HTTPD_ACCESS_LOGFILE)
+ def setLevel(self,level):
+ self.logger.setLevel(level)
+
+ ####################
+ def wrap(fun):
+ def wrapped(self,msg,*args,**kwds):
+ native=getattr(self.logger,fun.__name__)
+ return native(msg,*args,**kwds)
+ #wrapped.__doc__=native.__doc__
+ return wrapped
+
+ @wrap
+ def critical(): pass
+ @wrap
+ def error(): pass
+ @wrap
+ def warning(): pass
+ @wrap
+ def info(): pass
+ @wrap
+ def debug(): pass
+
+ # logs an exception - use in an except statement
+ def log_exc(self,message):
+ self.error("%s BEG TRACEBACK"%message+"\n"+traceback.format_exc().strip("\n"))
+ self.error("%s END TRACEBACK"%message)
-formatter = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s")
-logfile.setFormatter(formatter)
-logger.addHandler(logfile)
-def get_sfa_logger():
- return logger
-
-# logs an exception - use in an except statement
-def log_exc(message):
- logger.error("%s BEG TRACEBACK"%message+"\n"+traceback.format_exc().strip("\n"))
- logger.error("%s END TRACEBACK"%message)
+ def log_exc_critical(self,message):
+ self.critical("%s BEG TRACEBACK"%message+"\n"+traceback.format_exc().strip("\n"))
+ self.critical("%s END TRACEBACK"%message)
+ # for investigation purposes, can be placed anywhere
+ def log_stack(self,message):
+ to_log="".join(traceback.format_stack())
+ self.debug("%s BEG STACK"%message+"\n"+to_log)
+ self.debug("%s END STACK"%message)
-# for investigation purposes, can be placed anywhere
-def log_stack(message):
- to_log="".join(traceback.format_stack())
- logger.debug("%s BEG STACK"%message+"\n"+to_log)
- logger.debug("%s END STACK"%message)
+sfa_logger=_SfaLogger(logfile='/var/log/sfa.log')
+sfa_import_logger=_SfaLogger(logfile='/var/log/sfa_import.log')
+console_logger=_SfaLogger()
+
+########################################
+import time
+
+def profile(logger):
+ """
+ Prints the runtime of the specified callable. Use as a decorator, e.g.,
+
+ @profile(logger)
+ def foo(...):
+ ...
+ """
+ def logger_profile(callable):
+ def wrapper(*args, **kwds):
+ start = time.time()
+ result = callable(*args, **kwds)
+ end = time.time()
+ args = map(str, args)
+ args += ["%s = %s" % (name, str(value)) for (name, value) in kwds.items()]
+ # should probably use debug, but then debug is not always enabled
+ logger.info("PROFILED %s (%s): %.02f s" % (callable.__name__, ", ".join(args), end - start))
+ return result
+ return wrapper
+ return logger_profile
+
+
+if __name__ == '__main__':
+ print 'testing sfalogging into logger.log'
+ logger=_SfaLogger('logger.log')
+ logger.critical("logger.critical")
+ logger.error("logger.error")
+ logger.warning("logger.warning")
+ logger.info("logger.info")
+ logger.debug("logger.debug")
+ logger.setLevel(logging.DEBUG)
+ logger.debug("logger.debug again")
+ @profile(console_logger)
+ def sleep(seconds = 1):
+ time.sleep(seconds)
+
+ console_logger.info('console.info')
+ sleep(0.5)
+ console_logger.setLevel(logging.DEBUG)
+ sleep(0.25)
#
# TODO: Use existing PLC database methods? or keep this separate?
-import report
import pgdb
from sfa.util.PostgreSQL import *
from sfa.trust.gid import *
from sfa.util.record import *
-from sfa.util.debug import *
from sfa.util.config import *
from sfa.util.filter import *