Changeset 2214 for TI12-security


Ignore:
Timestamp:
27/02/07 16:10:40 (13 years ago)
Author:
pjkersha
Message:

python/share/ndg-aa: fixed for tests with DEWS running on glue.

python/share/Makefile: auto-generates ndg-sm, ndg-log, ndg-gk and ndg-ca from ndg-aa.
ndg-aa is now a template file for the others.

python/ndg.security.common/ndg/security/common/AttCert.py: changed namespace to
urn:ndg:security:attributeCertificate

python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg:
tests for DEWS.

Location:
TI12-security/trunk/python
Files:
1 added
7 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/AttCert.py

    r2178 r2214  
    9393    # certificate 
    9494    __validProvenanceSettings = ('original', 'mapped') 
    95     namespace = "urn:ndg.security" 
     95    namespace = "urn:ndg:security:attributeCertificate" 
    9696 
    9797    #_________________________________________________________________________     
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/attAuthorityClientTest.cfg

    r2178 r2214  
    1111# setting for test6GetMappedAttCert 
    1212uri = http://localhost:5000/AttributeAuthority 
    13 #uri = http://glue.badc.rl.ac.uk:42000/AttributeAuthority 
     13uri = http://glue.badc.rl.ac.uk:41000/AttributeAuthority 
    1414 
    1515# X.509 certificate for Attribute Authority - to verify the signature of 
  • TI12-security/trunk/python/share/ndg-aa

    r2186 r2214  
    3131tacFilePath=${prefixDir}/${srvSubDir}/server-config.tac 
    3232 
     33# Set a specific location for the properties file if required 
     34#export NDGSEC_AA_PROPFILEPATH= 
     35 
    3336serviceName=${0##*/} 
    3437 
     
    4245# process listing 
    4346prog=/usr/local/NDG/bin/twistd 
     47 
     48# Specify python for status() to search when looking for an existing process 
     49# running 
     50statCheckProg=/usr/local/NDG/bin/python 
     51 
    4452args="-u ${uid} -g ${gid} --syslog --prefix=${serviceName} \ 
    4553--pidfile=${pidFilePath} -oy ${tacFilePath}" 
     
    9098     
    9199        mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     100         
     101        # Put in placeholder so as not to upset twistd when it looks for it 
     102        # on shutdown 
     103        touch /tmp/${serviceName}.pid 
     104        chown ${uid}:${gid} /tmp/${serviceName}.pid 
    92105         
    93106        touch /var/lock/subsys/${serviceName}         
     
    144157    fi 
    145158 
    146     # Remove pid file if any. 
     159    # Remove pid and lock files if any. 
    147160    rm -f /var/run/${serviceName}.pid 
    148  
     161    rm -f /var/lock/subsys/${serviceName} 
     162     
    149163    echo 
    150164} 
     
    164178     
    165179    # Get pid from "/var/run/*.pid" file 
     180    local pidFound= 
    166181    if [ -f $pidFilePath ] ; then 
    167182        read pid < $pidFilePath 
     
    170185            return 
    171186        fi 
     187        pidFound=Yes 
    172188    fi 
    173189 
    174190    # look for pid in listing 
    175     local pidFound= 
    176     for i in `pidof -o $$ -o $PPID -o %PPID -x "${prog}"`; do 
     191    for i in `pidof -o $$ -o $PPID -o %PPID -x "${statCheckProg}"`; do 
    177192        [[ $i = $pid ]] && pidFound=Yes && break; 
    178193    done 
     
    180195    if [ -n "$pidFound" ]; then 
    181196        echo $"$prog (pid $pid) is running..." 
    182         return 
    183         
     197 
    184198    elif [ -f /var/lock/subsys/${serviceName} ]; then 
    185         echo $"$prog dead but subsys locked and pid file $pidFilePath exists" 
    186         return 
     199        echo $"$prog is dead but subsys locked" 
     200 
     201    elif [ -f /var/run/${serviceName}.pid ]; then 
     202        echo $"$prog is dead but pid file $pidFilePath exists" 
    187203    else 
    188         echo $"$prog dead but pid file $pidFilePath exists"    
     204        echo $"$prog is dead" 
    189205    fi 
    190206} 
  • TI12-security/trunk/python/share/ndg-ca

    r2186 r2214  
    2828# set tacFilePath directly 
    2929prefixDir=$(dirname $(dirname $(type -p python))) 
    30 srvSubDir=lib/site-packages/ndg/security/server/ca 
     30srvSubDir=lib/site-packages/ndg/security/server/CertificateAuthority 
    3131tacFilePath=${prefixDir}/${srvSubDir}/server-config.tac 
     32 
     33# Set a specific location for the properties file if required 
     34#export NDGSEC_AA_PROPFILEPATH= 
    3235 
    3336serviceName=${0##*/} 
     
    4245# process listing 
    4346prog=/usr/local/NDG/bin/twistd 
     47 
     48# Specify python for status() to search when looking for an existing process 
     49# running 
     50statCheckProg=/usr/local/NDG/bin/python 
     51 
    4452args="-u ${uid} -g ${gid} --syslog --prefix=${serviceName} \ 
    4553--pidfile=${pidFilePath} -oy ${tacFilePath}" 
     
    8189    RETVAL=$? 
    8290    if [ $RETVAL = 0 ]; then     
    83         # Use root privilege to move pid file to correct location - put wait  
    84         # in to give twistd some leaway 
    85         i=0 
    86         while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
    87             sleep 1;  
    88             let "i++";  
    89         done 
    90                  
    91         mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     91        # Use root privilege to move pid file to correct location - put wait  
     92        # in to give twistd some leaway 
     93        i=0 
     94        while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
     95            sleep 1;  
     96            let "i++";  
     97        done 
     98     
     99        mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     100         
     101        # Put in placeholder so as not to upset twistd when it looks for it 
     102        # on shutdown 
     103        touch /tmp/${serviceName}.pid 
     104        chown ${uid}:${gid} /tmp/${serviceName}.pid 
    92105         
    93106        touch /var/lock/subsys/${serviceName}         
     
    144157    fi 
    145158 
    146     # Remove pid file if any. 
     159    # Remove pid and lock files if any. 
    147160    rm -f /var/run/${serviceName}.pid 
    148  
     161    rm -f /var/lock/subsys/${serviceName} 
     162     
    149163    echo 
    150164} 
     
    164178     
    165179    # Get pid from "/var/run/*.pid" file 
     180    local pidFound= 
    166181    if [ -f $pidFilePath ] ; then 
    167182        read pid < $pidFilePath 
     
    170185            return 
    171186        fi 
     187        pidFound=Yes 
    172188    fi 
    173189 
    174190    # look for pid in listing 
    175     local pidFound= 
    176     for i in `pidof -o $$ -o $PPID -o %PPID -x "${prog}"`; do 
     191    for i in `pidof -o $$ -o $PPID -o %PPID -x "${statCheckProg}"`; do 
    177192        [[ $i = $pid ]] && pidFound=Yes && break; 
    178193    done 
     
    180195    if [ -n "$pidFound" ]; then 
    181196        echo $"$prog (pid $pid) is running..." 
    182         return 
    183         
     197 
    184198    elif [ -f /var/lock/subsys/${serviceName} ]; then 
    185         echo $"$prog dead but subsys locked and pid file $pidFilePath exists" 
    186         return 
     199        echo $"$prog is dead but subsys locked" 
     200 
     201    elif [ -f /var/run/${serviceName}.pid ]; then 
     202        echo $"$prog is dead but pid file $pidFilePath exists" 
    187203    else 
    188         echo $"$prog dead but pid file $pidFilePath exists"    
     204        echo $"$prog is dead" 
    189205    fi 
    190206} 
  • TI12-security/trunk/python/share/ndg-gk

    r2186 r2214  
    3131tacFilePath=${prefixDir}/${srvSubDir}/server-config.tac 
    3232 
     33# Set a specific location for the properties file if required 
     34#export NDGSEC_AA_PROPFILEPATH= 
     35 
    3336serviceName=${0##*/} 
    3437 
     
    4245# process listing 
    4346prog=/usr/local/NDG/bin/twistd 
     47 
     48# Specify python for status() to search when looking for an existing process 
     49# running 
     50statCheckProg=/usr/local/NDG/bin/python 
     51 
    4452args="-u ${uid} -g ${gid} --syslog --prefix=${serviceName} \ 
    4553--pidfile=${pidFilePath} -oy ${tacFilePath}" 
     
    8189    RETVAL=$? 
    8290    if [ $RETVAL = 0 ]; then     
    83         # Use root privilege to move pid file to correct location - put wait  
    84         # in to give twistd some leaway 
    85         i=0 
    86         while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
    87             sleep 1;  
    88             let "i++";  
    89         done 
    90                  
    91         mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     91        # Use root privilege to move pid file to correct location - put wait  
     92        # in to give twistd some leaway 
     93        i=0 
     94        while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
     95            sleep 1;  
     96            let "i++";  
     97        done 
     98     
     99        mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     100         
     101        # Put in placeholder so as not to upset twistd when it looks for it 
     102        # on shutdown 
     103        touch /tmp/${serviceName}.pid 
     104        chown ${uid}:${gid} /tmp/${serviceName}.pid 
    92105         
    93106        touch /var/lock/subsys/${serviceName}         
     
    144157    fi 
    145158 
    146     # Remove pid file if any. 
     159    # Remove pid and lock files if any. 
    147160    rm -f /var/run/${serviceName}.pid 
    148  
     161    rm -f /var/lock/subsys/${serviceName} 
     162     
    149163    echo 
    150164} 
     
    164178     
    165179    # Get pid from "/var/run/*.pid" file 
     180    local pidFound= 
    166181    if [ -f $pidFilePath ] ; then 
    167182        read pid < $pidFilePath 
     
    170185            return 
    171186        fi 
     187        pidFound=Yes 
    172188    fi 
    173189 
    174190    # look for pid in listing 
    175     local pidFound= 
    176     for i in `pidof -o $$ -o $PPID -o %PPID -x "${prog}"`; do 
     191    for i in `pidof -o $$ -o $PPID -o %PPID -x "${statCheckProg}"`; do 
    177192        [[ $i = $pid ]] && pidFound=Yes && break; 
    178193    done 
     
    180195    if [ -n "$pidFound" ]; then 
    181196        echo $"$prog (pid $pid) is running..." 
    182         return 
    183         
     197 
    184198    elif [ -f /var/lock/subsys/${serviceName} ]; then 
    185         echo $"$prog dead but subsys locked and pid file $pidFilePath exists" 
    186         return 
     199        echo $"$prog is dead but subsys locked" 
     200 
     201    elif [ -f /var/run/${serviceName}.pid ]; then 
     202        echo $"$prog is dead but pid file $pidFilePath exists" 
    187203    else 
    188         echo $"$prog dead but pid file $pidFilePath exists"    
     204        echo $"$prog is dead" 
    189205    fi 
    190206} 
  • TI12-security/trunk/python/share/ndg-log

    r2186 r2214  
    11#!/bin/bash 
    22# 
    3 # SysV init script for NDG Security Log Service 
     3# SysV init script for NDG Security Log 
    44# 
    55# P J Kershaw 
     
    3131tacFilePath=${prefixDir}/${srvSubDir}/server-config.tac 
    3232 
     33# Set a specific location for the properties file if required 
     34#export NDGSEC_AA_PROPFILEPATH= 
     35 
    3336serviceName=${0##*/} 
    3437 
     
    4245# process listing 
    4346prog=/usr/local/NDG/bin/twistd 
     47 
     48# Specify python for status() to search when looking for an existing process 
     49# running 
     50statCheckProg=/usr/local/NDG/bin/python 
     51 
    4452args="-u ${uid} -g ${gid} --syslog --prefix=${serviceName} \ 
    4553--pidfile=${pidFilePath} -oy ${tacFilePath}" 
     
    8189    RETVAL=$? 
    8290    if [ $RETVAL = 0 ]; then     
    83         # Use root privilege to move pid file to correct location - put wait  
    84         # in to give twistd some leaway 
    85         i=0 
    86         while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
    87             sleep 1;  
    88             let "i++";  
    89         done 
    90                  
    91         mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     91        # Use root privilege to move pid file to correct location - put wait  
     92        # in to give twistd some leaway 
     93        i=0 
     94        while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
     95            sleep 1;  
     96            let "i++";  
     97        done 
     98     
     99        mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     100         
     101        # Put in placeholder so as not to upset twistd when it looks for it 
     102        # on shutdown 
     103        touch /tmp/${serviceName}.pid 
     104        chown ${uid}:${gid} /tmp/${serviceName}.pid 
    92105         
    93106        touch /var/lock/subsys/${serviceName}         
     
    144157    fi 
    145158 
    146     # Remove pid file if any. 
     159    # Remove pid and lock files if any. 
    147160    rm -f /var/run/${serviceName}.pid 
    148  
     161    rm -f /var/lock/subsys/${serviceName} 
     162     
    149163    echo 
    150164} 
     
    164178     
    165179    # Get pid from "/var/run/*.pid" file 
     180    local pidFound= 
    166181    if [ -f $pidFilePath ] ; then 
    167182        read pid < $pidFilePath 
     
    170185            return 
    171186        fi 
     187        pidFound=Yes 
    172188    fi 
    173189 
    174190    # look for pid in listing 
    175     local pidFound= 
    176     for i in `pidof -o $$ -o $PPID -o %PPID -x "${prog}"`; do 
     191    for i in `pidof -o $$ -o $PPID -o %PPID -x "${statCheckProg}"`; do 
    177192        [[ $i = $pid ]] && pidFound=Yes && break; 
    178193    done 
     
    180195    if [ -n "$pidFound" ]; then 
    181196        echo $"$prog (pid $pid) is running..." 
    182         return 
    183         
     197 
    184198    elif [ -f /var/lock/subsys/${serviceName} ]; then 
    185         echo $"$prog dead but subsys locked and pid file $pidFilePath exists" 
    186         return 
     199        echo $"$prog is dead but subsys locked" 
     200 
     201    elif [ -f /var/run/${serviceName}.pid ]; then 
     202        echo $"$prog is dead but pid file $pidFilePath exists" 
    187203    else 
    188         echo $"$prog dead but pid file $pidFilePath exists"    
     204        echo $"$prog is dead" 
    189205    fi 
    190206} 
  • TI12-security/trunk/python/share/ndg-sm

    r2186 r2214  
    3131tacFilePath=${prefixDir}/${srvSubDir}/server-config.tac 
    3232 
     33# Set a specific location for the properties file if required 
     34#export NDGSEC_AA_PROPFILEPATH= 
     35 
    3336serviceName=${0##*/} 
    3437 
     
    4245# process listing 
    4346prog=/usr/local/NDG/bin/twistd 
     47 
     48# Specify python for status() to search when looking for an existing process 
     49# running 
     50statCheckProg=/usr/local/NDG/bin/python 
     51 
    4452args="-u ${uid} -g ${gid} --syslog --prefix=${serviceName} \ 
    4553--pidfile=${pidFilePath} -oy ${tacFilePath}" 
     
    8189    RETVAL=$? 
    8290    if [ $RETVAL = 0 ]; then     
    83         # Use root privilege to move pid file to correct location - put wait  
    84         # in to give twistd some leaway 
    85         i=0 
    86         while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
    87             sleep 1;  
    88             let "i++";  
    89         done 
    90                  
    91         mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     91        # Use root privilege to move pid file to correct location - put wait  
     92        # in to give twistd some leaway 
     93        i=0 
     94        while [ ! -f /tmp/${serviceName}.pid ] && [ "$i" -lt 10 ]; do  
     95            sleep 1;  
     96            let "i++";  
     97        done 
     98     
     99        mv /tmp/${serviceName}.pid /var/run/${serviceName}.pid 
     100         
     101        # Put in placeholder so as not to upset twistd when it looks for it 
     102        # on shutdown 
     103        touch /tmp/${serviceName}.pid 
     104        chown ${uid}:${gid} /tmp/${serviceName}.pid 
    92105         
    93106        touch /var/lock/subsys/${serviceName}         
     
    144157    fi 
    145158 
    146     # Remove pid file if any. 
     159    # Remove pid and lock files if any. 
    147160    rm -f /var/run/${serviceName}.pid 
    148  
     161    rm -f /var/lock/subsys/${serviceName} 
     162     
    149163    echo 
    150164} 
     
    164178     
    165179    # Get pid from "/var/run/*.pid" file 
     180    local pidFound= 
    166181    if [ -f $pidFilePath ] ; then 
    167182        read pid < $pidFilePath 
     
    170185            return 
    171186        fi 
     187        pidFound=Yes 
    172188    fi 
    173189 
    174190    # look for pid in listing 
    175     local pidFound= 
    176     for i in `pidof -o $$ -o $PPID -o %PPID -x "${prog}"`; do 
     191    for i in `pidof -o $$ -o $PPID -o %PPID -x "${statCheckProg}"`; do 
    177192        [[ $i = $pid ]] && pidFound=Yes && break; 
    178193    done 
     
    180195    if [ -n "$pidFound" ]; then 
    181196        echo $"$prog (pid $pid) is running..." 
    182         return 
    183         
     197 
    184198    elif [ -f /var/lock/subsys/${serviceName} ]; then 
    185         echo $"$prog dead but subsys locked and pid file $pidFilePath exists" 
    186         return 
     199        echo $"$prog is dead but subsys locked" 
     200 
     201    elif [ -f /var/run/${serviceName}.pid ]; then 
     202        echo $"$prog is dead but pid file $pidFilePath exists" 
    187203    else 
    188         echo $"$prog dead but pid file $pidFilePath exists"    
     204        echo $"$prog is dead" 
    189205    fi 
    190206} 
Note: See TracChangeset for help on using the changeset viewer.