- Timestamp:
- Oct 5, 2011 5:11:01 PM (13 years ago)
- Branches:
- compt_changes, info-ops, master
- Children:
- b6a6206
- Parents:
- 53b5c18
- git-author:
- Ted Faber <faber@…> (10/05/11 17:10:01)
- git-committer:
- Ted Faber <faber@…> (10/05/11 17:11:01)
- Location:
- fedd
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/access_to_abac.py
r53b5c18 rf3898f7 82 82 ''' 83 83 right_side_str = '\s*,\s*\(\s*%s\s*,\s*%s\s*,\s*%s\s*\)' % \ 84 ( id_same_str, id_same_str,id_same_str)84 (proj_same_str, id_same_str,id_same_str) 85 85 86 86 m = re.match(right_side_str, l) … … 319 319 fedid_str = 'fedid:([0-9a-fA-F]{40})' 320 320 id_str = '[a-zA-Z][\w_-]*' 321 proj_str = '[a-zA-Z][\w_/-]*' 321 322 path_str = '[a-zA-Z_/\.-]+' 322 323 id_any_str = '(%s|<any>)' % id_str 324 proj_any_str = '(%s|<any>)' % proj_str 323 325 id_same_str = '(%s|<same>)' % id_str 326 proj_same_str = '(%s|<same>)' % proj_str 324 327 left_side_str = '\(\s*%s\s*,\s*%s\s*,\s*%s\s*\)' % \ 325 (fedid_str, id_any_str, id_any_str)328 (fedid_str, proj_any_str, id_any_str) 326 329 right_side_str = '(%s)(\s*,\s*\(.*\))?' % (id_str) 327 330 line_re = re.compile('%s\s*->\s*%s' % (left_side_str, right_side_str)) -
fedd/exp_access_db.py
r53b5c18 rf3898f7 52 52 q_start = """ 53 53 SELECT 54 g.uid, g.pid, 54 g.uid, 55 CASE g.gid 56 WHEN g.pid THEN g.pid 57 ELSE CONCAT(g.pid, '/', g.gid) 58 END, 55 59 CONCAT('-----BEGIN CERTIFICATE-----\\n', 56 60 s.cert, … … 59 63 FROM group_membership g INNER JOIN user_sslcerts s 60 64 ON g.uid = s.uid 61 WHERE revoked is NULL AND g.pid = g.gid65 WHERE revoked is NULL 62 66 """ 63 67 q_end =""" -
fedd/fedd_to_abac.py
r53b5c18 rf3898f7 65 65 comment_re = re.compile('^\s*#|^$') 66 66 fedid_str = 'fedid:([0-9a-fA-F]{40})' 67 id_str = '[a-zA-Z][\w _-]*'67 id_str = '[a-zA-Z][\w/_-]*' 68 68 single_re = re.compile('\s*%s\s*->\s*(%s)' % (fedid_str, id_str)) 69 69 double_re = re.compile('\s*%s\s*->\s*\((%s)\s*,\s*(%s)\)' % \ … … 109 109 (creds_dir or 'new_cert_dir', id.name, i) 110 110 111 cid = Creddy.ID(cert)112 cid.load_privkey(key)113 cattr = Creddy.Attribute(cid, r, 3600 * 24 * 365 * 10)114 cattr.principal(k)115 111 116 112 if debug: … … 118 114 (cert, key, r, k, cf) 119 115 else: 116 cid = Creddy.ID(cert) 117 cid.load_privkey(key) 118 cattr = Creddy.Attribute(cid, r, 3600 * 24 * 365 * 10) 119 cattr.principal(k) 120 120 cattr.bake() 121 121 cattr.write_name(cf) -
fedd/federation/emulab_access.py
r53b5c18 rf3898f7 937 937 vchars_re = '[^' + string.ascii_letters + string.digits + '-]' 938 938 939 self.state_lock.acquire() 940 if aid in self.allocation: 941 proj = self.allocation[aid].get('project', None) 942 if not proj: 943 proj = self.allocation[aid].get('sproject', None) 944 self.state_lock.release() 945 946 if not proj: 947 raise service_error(service_error.internal, 948 "Can't find project for %s" %aid) 949 939 950 for a in attrs: 940 951 if a['attribute'] in configs: … … 954 965 ename = a['value'] 955 966 956 # Names longer than the emulab max are discarder 957 if ename and len(ename) <= self.max_name_len: 967 # Names longer than the emulab max are discarded 968 # Projects with a group require nonce experiment names as well 969 if ename and len(ename) <= self.max_name_len and '/' not in proj: 958 970 # Clean up the experiment name so that emulab will accept it. 959 971 ename = re.sub(vchars_re, '-', ename) … … 976 988 self.state_lock.acquire() 977 989 if aid in self.allocation: 978 proj = self.allocation[aid].get('project', None)979 if not proj:980 proj = self.allocation[aid].get('sproject', None)981 990 user = self.allocation[aid].get('user', None) 982 991 self.allocation[aid]['experiment'] = ename … … 995 1004 self.write_state() 996 1005 self.state_lock.release() 997 998 if not proj:999 raise service_error(service_error.internal,1000 "Can't find project for %s" %aid)1001 1006 1002 1007 if not user: … … 1095 1100 certfile, tmpdir) 1096 1101 1102 if '/' in proj: proj, gid = proj.split('/') 1103 else: gid = None 1104 1105 1097 1106 # Set up userconf and seer if needed 1098 1107 self.configure_userconf(services, tmpdir) … … 1112 1121 debug=self.create_debug, log=alloc_log, boss=self.boss, 1113 1122 cert=self.xmlrpc_cert) 1114 rv = starter(self, ename, proj, user, expfile, tmpdir )1123 rv = starter(self, ename, proj, user, expfile, tmpdir, gid=gid) 1115 1124 except service_error, e: 1116 1125 err = e … … 1164 1173 raise service_error(service_error.internal, 1165 1174 "Can't find project for %s" % aid) 1175 else: 1176 if '/' in proj: proj, gid = proj.split('/') 1177 else: gid = None 1166 1178 1167 1179 if not user: … … 1173 1185 stopper = self.stop_segment(keyfile=self.ssh_privkey_file, 1174 1186 debug=self.create_debug, boss=self.boss, cert=self.xmlrpc_cert) 1175 stopper(self, user, proj, ename )1187 stopper(self, user, proj, ename, gid) 1176 1188 return { 'allocID': req['allocID'], 'proof': proof.to_dict() } -
fedd/federation/emulab_segment.py
r53b5c18 rf3898f7 93 93 return state 94 94 95 def make_null_experiment(self, pid, eid, tmpdir ):95 def make_null_experiment(self, pid, eid, tmpdir, gid=None): 96 96 """ 97 97 Create a null copy of the experiment so that we capture any logs there … … 115 115 'wait': True 116 116 } 117 if gid is not None: 118 params['group'] = gid 117 119 if self.log: 118 120 self.log.info("[make_null_experiment]: Creating experiment") -
fedd/federation/local_emulab_segment.py
r53b5c18 rf3898f7 58 58 return True 59 59 60 def __call__(self, parent, eid, pid, user, tclfile, tmpdir, timeout=0): 60 def __call__(self, parent, eid, pid, user, tclfile, tmpdir, timeout=0, 61 gid=None): 61 62 """ 62 63 Start a sub-experiment on a federant. … … 70 71 71 72 if state == 'none': 72 if not self.make_null_experiment(pid, eid, tmpdir ):73 if not self.make_null_experiment(pid, eid, tmpdir, gid): 73 74 return False 74 75 … … 102 103 emulab_segment.__init__(self, boss=boss, cert=cert) 103 104 104 def __call__(self, parent, user, pid, eid ):105 def __call__(self, parent, user, pid, eid, gid=None): 105 106 """ 106 107 Stop a sub experiment by calling swapexp on the federant 107 108 """ 109 108 110 self.log.info("[stop_segment]: Stopping %s" % eid) 109 111 rv = False -
fedd/federation/proxy_emulab_segment.py
r53b5c18 rf3898f7 158 158 159 159 160 def make_null_experiment(self, user, host, pid, eid, tmpdir ):160 def make_null_experiment(self, user, host, pid, eid, tmpdir, gid=None): 161 161 """ 162 162 Create a null copy of the experiment so that we capture any logs there … … 164 164 startexp 165 165 """ 166 167 if gid is not None: gparam = '-g %s' % gid 168 else: gparam = '' 169 166 170 try: 167 171 f = open("%s/null.tcl" % tmpdir, "w") … … 179 183 if not self.ssh_cmd(user, host, 180 184 ("/usr/testbed/bin/startexp -i -f -w -p %s " + 181 "-e %s null.tcl") % (pid, eid), "startexp",185 "-e %s %s null.tcl") % (pid, eid, gparam), "startexp", 182 186 timeout=60 * 10): 183 187 return False … … 276 280 277 281 278 def __call__(self, parent, eid, pid, user, tclfile, tmpdir, timeout=0): 282 def __call__(self, parent, eid, pid, user, tclfile, tmpdir, timeout=0, 283 gid=None): 279 284 """ 280 285 Start a sub-experiment on a federant. … … 294 299 # Put a dummy in place to capture logs, and establish an experiment 295 300 # directory. 296 if not self.make_null_experiment(user, host, pid, eid, tmpdir ):301 if not self.make_null_experiment(user, host, pid, eid, tmpdir, gid): 297 302 return False 298 303 … … 325 330 proxy_segment.__init__(self, log=log, keyfile=keyfile, debug=debug) 326 331 327 def __call__(self, parent, user, pid, eid ):332 def __call__(self, parent, user, pid, eid, gid=None): 328 333 """ 329 334 Stop a sub experiment by calling swapexp on the federant
Note: See TracChangeset
for help on using the changeset viewer.