1 | #!/usr/local/bin/python |
---|
2 | |
---|
3 | import os,sys |
---|
4 | import stat # for chmod constants |
---|
5 | import re |
---|
6 | import random |
---|
7 | import string |
---|
8 | import copy |
---|
9 | import pickle |
---|
10 | import logging |
---|
11 | import subprocess |
---|
12 | import traceback |
---|
13 | |
---|
14 | from threading import * |
---|
15 | from M2Crypto.SSL import SSLError |
---|
16 | |
---|
17 | from emulab_access import access as emulab_access |
---|
18 | |
---|
19 | from util import * |
---|
20 | from deter import fedid, generate_fedid |
---|
21 | from authorizer import authorizer, abac_authorizer |
---|
22 | from service_error import service_error |
---|
23 | from remote_service import xmlrpc_handler, soap_handler, service_caller |
---|
24 | from proof import proof as access_proof |
---|
25 | |
---|
26 | import httplib |
---|
27 | import tempfile |
---|
28 | from urlparse import urlparse |
---|
29 | |
---|
30 | from deter import topdl |
---|
31 | import list_log |
---|
32 | import containers_segment |
---|
33 | |
---|
34 | |
---|
35 | # Make log messages disappear if noone configures a fedd logger |
---|
36 | class nullHandler(logging.Handler): |
---|
37 | def emit(self, record): pass |
---|
38 | |
---|
39 | fl = logging.getLogger("fedd.access") |
---|
40 | fl.addHandler(nullHandler()) |
---|
41 | |
---|
42 | class access(emulab_access): |
---|
43 | """ |
---|
44 | The implementation of access control based on mapping users to projects. |
---|
45 | |
---|
46 | Users can be mapped to existing projects or have projects created |
---|
47 | dynamically. This implements both direct requests and proxies. |
---|
48 | """ |
---|
49 | |
---|
50 | max_name_len = 19 |
---|
51 | |
---|
52 | def __init__(self, config=None, auth=None): |
---|
53 | """ |
---|
54 | Initializer. Pulls parameters out of the ConfigParser's access section. |
---|
55 | """ |
---|
56 | emulab_access.__init__(self, config, auth) |
---|
57 | |
---|
58 | self.containerize = config.get('access', 'containerize') |
---|
59 | |
---|
60 | # Segment creation is where most of the differences are. |
---|
61 | self.start_segment = containers_segment.start_segment |
---|
62 | self.stop_segment = containers_segment.stop_segment |
---|
63 | self.info_segment = containers_segment.info_segment |
---|
64 | |
---|
65 | # These are subroutines for StartSegment |
---|
66 | def generate_ns2(self, topo, expfn, softdir, connInfo): |
---|
67 | """ |
---|
68 | Benito is expecting a topdl file, so this routine is misnamed. It does |
---|
69 | clean up the topdl, removing elements containers doesn't understand and |
---|
70 | writing out the file. |
---|
71 | """ |
---|
72 | # Main line of generate_ns2 |
---|
73 | t = topo.clone() |
---|
74 | |
---|
75 | # Weed out the things we aren't going to instantiate: Segments, portal |
---|
76 | # substrates, and portal interfaces. (The copy in the for loop allows |
---|
77 | # us to delete from e.elements in side the for loop). While we're |
---|
78 | # touching all the elements, we also adjust paths from the original |
---|
79 | # testbed to local testbed paths |
---|
80 | for e in [e for e in t.elements]: |
---|
81 | if isinstance(e, topdl.Segment): |
---|
82 | t.elements.remove(e) |
---|
83 | if not isinstance(e, topdl.Computer): continue |
---|
84 | if e.get_attribute('portal'): |
---|
85 | e.set_attribute('containers:node_type', 'embedded_pnode') |
---|
86 | # Fix software paths |
---|
87 | for s in getattr(e, 'software', []): |
---|
88 | s.location = re.sub("^.*/", softdir, s.location) |
---|
89 | |
---|
90 | t.substrates = [ s.clone() for s in t.substrates ] |
---|
91 | t.incorporate_elements() |
---|
92 | |
---|
93 | # Write it out |
---|
94 | expfile = topdl.topology_to_xml(t, top='experiment') |
---|
95 | try: |
---|
96 | f = open(expfn, "w") |
---|
97 | print >>f, expfile |
---|
98 | f.close() |
---|
99 | except EnvironmentError: |
---|
100 | raise service_error(service_error.internal, |
---|
101 | "Cannot write experiment file %s: %s" % (expfn,e)) |
---|