From: František Dvořák <valtri@civ.zcu.cz>
Date: Wed, 31 Mar 2010 10:56:24 +0000 (+0000)
Subject: Config files moved to /opt/glite/etc/lb (log4c, lcas, auth policy, DB, scripts, ... 
X-Git-Tag: glite-lbjp-common_R_2_0_2_1~2
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=6d82223f06bba2c62160ec96523e181bec272e90;p=jra1mw.git

Config files moved to /opt/glite/etc/lb (log4c, lcas, auth policy, DB, scripts, ...).
LCAS:
 - log rotate more often (chatty)
 - log levels from L&B log4c config file
 - disabled for now
---

diff --git a/org.glite.lb.logger/config/startup b/org.glite.lb.logger/config/startup
index 12bfc26..16515e9 100755
--- a/org.glite.lb.logger/config/startup
+++ b/org.glite.lb.logger/config/startup
@@ -80,7 +80,7 @@ start()
 	[ -n "$GLITE_LB_IL_SOCK" ] && sock="--socket $GLITE_LB_IL_SOCK"
 	[ -n "$GLITE_LB_IL_FPREFIX" ] && fprefix="--file-prefix $GLITE_LB_IL_FPREFIX"
 
-	log4c="LOG4C_RCPATH='$GLITE_LOCATION/etc'"
+	log4c="LOG4C_RCPATH='$GLITE_LOCATION/etc/lb'"
 
 	mkdir -p /var/glite/log 
 	chown $GLITE_USER /var/glite/log
diff --git a/org.glite.lb.server/Makefile b/org.glite.lb.server/Makefile
index cd82975..d0d2374 100644
--- a/org.glite.lb.server/Makefile
+++ b/org.glite.lb.server/Makefile
@@ -341,7 +341,7 @@ stage: compile
 	$(MAKE) install PREFIX=${stagedir} DOSTAGE=yes
 
 install:
-	-mkdir -p ${PREFIX}/bin ${PREFIX}/etc ${PREFIX}/etc/init.d ${PREFIX}/interface
+	-mkdir -p ${PREFIX}/bin ${PREFIX}/etc/lb ${PREFIX}/etc/init.d ${PREFIX}/interface
 	-mkdir -p ${PREFIX}/share/doc/${package}-${version}
 	-mkdir -p ${PREFIX}/share/man/man1
 	-mkdir -p ${PREFIX}/${libdir}
@@ -358,9 +358,9 @@ install:
 	ln -sf liblcas_lb.so ${PREFIX}/${libdir}/modules/lcas_lb.mod
 
 	for f in dbsetup.sql index.conf.template; do \
-		${INSTALL} -m 644 ${top_srcdir}/config/"glite-lb-$$f" ${PREFIX}/etc; \
+		${INSTALL} -m 644 ${top_srcdir}/config/"glite-lb-$$f" ${PREFIX}/etc/lb; \
 	done
-	${INSTALL} -m 755 ${top_srcdir}/config/glite-lb-migrate_db2version20 ${PREFIX}/etc
+	${INSTALL} -m 755 ${top_srcdir}/config/glite-lb-migrate_db2version20 ${PREFIX}/etc/lb
 
 	${INSTALL} -m 755 ${top_srcdir}/config/startup ${PREFIX}/etc/init.d/glite-lb-bkserverd
 
diff --git a/org.glite.lb.server/config/startup b/org.glite.lb.server/config/startup
index 4d15f83..9603aa4 100755
--- a/org.glite.lb.server/config/startup
+++ b/org.glite.lb.server/config/startup
@@ -127,12 +127,13 @@ start()
 		fi
 	fi
 
-	log4c="LOG4C_RCPATH='$GLITE_LOCATION/etc'"
+	log4c="LOG4C_RCPATH='$GLITE_LOCATION/etc/lb'"
 
-	policy="$GLITE_LOCATION/etc/glite-lb-authz.conf"
-	lcas_log="LCAS_LOG_FILE='/var/log/glite/glite-lb-lcas.log'"
+	policy="$GLITE_LOCATION/etc/lb/glite-lb-authz.conf"
+	lcas_log="LCAS_LOG_FILE='/var/log/glite/glite-lb-lcas.log' LCAS_ETC_DIR='/opt/glite/etc/lb'"
 	if test -f "$policy"; then
-		policy="--enable-lcas --policy '$policy'"
+		# lcas not enabled by default yet
+		policy="--policy '$policy'"
 	else
 		unset policy
 		unset lcas_log
@@ -172,10 +173,6 @@ start()
 		[ -n "$GLITE_LB_EXPORT_JPPS" ] && jpps="--jpps $GLITE_LB_EXPORT_JPPS"
 	fi
 
-	if test -r "$GLITE_LOCATION/etc/LB-super-users"; then
-		super="--super-users-file $GLITE_LOCATION/etc/LB-super-users"
-	fi
-
 	[ -z "$creds" ] && echo $0: WARNING: No credentials specified. Using default lookup which is dangerous. >&2
 
 	[ -n "$GLITE_LB_SERVER_PORT" ] && port="-p $GLITE_LB_SERVER_PORT"
diff --git a/org.glite.lb.server/src/bkserverd.c b/org.glite.lb.server/src/bkserverd.c
index eb6ceb4..589c870 100644
--- a/org.glite.lb.server/src/bkserverd.c
+++ b/org.glite.lb.server/src/bkserverd.c
@@ -567,6 +567,27 @@ int main(int argc, char *argv[])
 		return 1;
 	}
 
+	if (enable_lcas) {
+		char s[3];
+
+		switch (glite_common_log_get_priority(LOG_CATEGORY_LB_AUTHZ)) {
+		case LOG_PRIORITY_FATAL:
+		case LOG_PRIORITY_ERROR:
+		case LOG_PRIORITY_WARN:
+			i = 0;
+			break;
+		case LOG_PRIORITY_INFO:
+			i = 1;
+			break;
+		case LOG_PRIORITY_DEBUG:
+			i = 2;
+			break;
+		default:
+			i = 0;
+		}
+		snprintf(s, 3, "%d", i);
+		setenv("LCAS_DEBUG_LEVEL", s, 1);
+	}
 
 	if (mode & SERVICE_SERVER) {
 		if (check_mkdir(dumpStorage)){
diff --git a/org.glite.lb.yaim/config/functions/config_glite_lb b/org.glite.lb.yaim/config/functions/config_glite_lb
index 26fd445..055c356 100644
--- a/org.glite.lb.yaim/config/functions/config_glite_lb
+++ b/org.glite.lb.yaim/config/functions/config_glite_lb
@@ -54,13 +54,14 @@ function config_glite_lb_authz() {
 
 	superusers="`echo \"$superusers\"| grep -v ^$ | tr ',' '\n' | sed 's/\(.*\)/\t\tsubject = \"\1\"/'`"
 	rtm="`echo \"$rtm\"| grep -v ^$ | tr ',' '\n' | sed 's/\(.*\)/\t\tsubject = \"\1\"/'`"
+	authconf="$GLITE_LOCATION/etc/lb/glite-lb-authz.conf"
 
-	cat <<EOF > "$GLITE_LOCATION/etc/glite-lb-authz.conf.new"
+	cat <<EOF > "$authconf".new
 resource "LB" {
 
 EOF
 	if test ! -z "$superusers"; then
-		cat <<EOF >> "$GLITE_LOCATION/etc/glite-lb-authz.conf.new"
+		cat <<EOF >> "$authconf".new
 action "ADMIN_ACCESS" {
 	rule permit {
 $superusers
@@ -71,7 +72,7 @@ EOF
 	fi
 
 	if test ! -z "$rtm"; then
-		cat <<EOF >> "$GLITE_LOCATION/etc/glite-lb-authz.conf.new"
+		cat <<EOF >> "$authconf".new
 action "STATUS_FOR_MONITORING" {
 	rule permit {
 $rtm
@@ -81,7 +82,7 @@ $rtm
 EOF
 	fi
 
-	cat <<EOF >> "$GLITE_LOCATION/etc/glite-lb-authz.conf.new"
+	cat <<EOF >> "$authconf".new
 action "REGISTER_JOBS" {
         rule permit {
                 subject = ".*"
@@ -109,11 +110,11 @@ action "LOG_GENERAL_EVENTS" {
 }
 EOF
 	# something changed
-	if test -f "$GLITE_LOCATION/etc/glite-lb-authz.conf"; then
-		diff -w "$GLITE_LOCATION/etc/glite-lb-authz.conf" "$GLITE_LOCATION/etc/glite-lb-authz.conf.new" >/dev/null
+	if test -f "$authconf"; then
+		diff -w "$authconf" "$authconf".new >/dev/null
 		if test "$?" != "0"; then
-			yaimlog WARNING "Original authz configuration moved to '$GLITE_LOCATION/etc/glite-lb-authz.conf.yaimorig'"
-			mv "$GLITE_LOCATION/etc/glite-lb-authz.conf" "$GLITE_LOCATION/etc/glite-lb-authz.conf.yaimorig"
+			yaimlog WARNING "Original authz configuration moved to '$authconf.yaimorig'"
+			mv "$authconf" "$authconf".yaimorig
 		fi
 	fi
 
@@ -125,7 +126,7 @@ EOF
 		rm "${GLITE_LOCATION}/etc/LB-super-users"
 	fi
 
-	mv "$GLITE_LOCATION/etc/glite-lb-authz.conf.new" "$GLITE_LOCATION/etc/glite-lb-authz.conf"
+	mv "$authconf".new "$authconf"
 }
 
 function config_glite_lb() {
@@ -194,7 +195,7 @@ function config_glite_lb() {
 
   if [ ! $? = 0 ]; then
     mysql -u root --password="$MYSQL_PASSWORD" -e "CREATE DATABASE lbserver20"
-    mysql --password="$MYSQL_PASSWORD" lbserver20 < ${INSTALL_ROOT}/glite/etc/glite-lb-dbsetup.sql
+    mysql --password="$MYSQL_PASSWORD" lbserver20 < ${INSTALL_ROOT}/glite/etc/lb/glite-lb-dbsetup.sql
     mysql -u root --password="$MYSQL_PASSWORD" -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver IDENTIFIED BY '' WITH GRANT OPTION;"
     mysql -u root --password="$MYSQL_PASSWORD" -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver@'$HOSTNAME' IDENTIFIED BY '' WITH GRANT OPTION;"
     mysql -u root --password="$MYSQL_PASSWORD" -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver@localhost IDENTIFIED BY '' WITH GRANT OPTION;"
@@ -300,15 +301,14 @@ EOF
     fi
   fi
   lcas_plugin="$GLITE_LOCATION/$lcas_libarch/modules/lcas_lb.mod"
-  mkdir -p /opt/glite/etc/lcas
-  echo "pluginname=\"$lcas_plugin\"" > /opt/glite/etc/lcas/lcas.db
+  echo "pluginname=\"$lcas_plugin\"" > ${INSTALL_ROOT}/etc/lb/lcas.db
   # log file
   logfile=/var/log/glite/glite-lb-lcas.log
   touch $logfile
   chown $GLITE_USER:$GLITE_USER $logfile
-  cat > /etc/logrotate.d/lcas <<EOF
+  cat > /etc/logrotate.d/lb-lcas <<EOF
 $logfile {
-    weekly
+    daily
     compress
     rotate 4
     missingok
@@ -331,8 +331,8 @@ EOF
     config_glite_lb_authz "$GLITE_LB_SUPER_USERS" ""
   fi
 
-  if [ ! -f ${GLITE_LOCATION}/etc/glite-lb-harvester.conf ]; then
-    echo $HOSTNAME > ${GLITE_LOCATION}/etc/glite-lb-harvester.conf
+  if [ ! -f ${GLITE_LOCATION}/etc/lb/glite-lb-harvester.conf ]; then
+    echo $HOSTNAME > ${GLITE_LOCATION}/etc/lb/glite-lb-harvester.conf
   fi
 
   . /opt/glite/etc/profile.d/grid-env.sh
diff --git a/org.glite.lbjp-common.log/Makefile b/org.glite.lbjp-common.log/Makefile
index 4ea1015..24acb1a 100644
--- a/org.glite.lbjp-common.log/Makefile
+++ b/org.glite.lbjp-common.log/Makefile
@@ -67,8 +67,8 @@ install: compile
 	mkdir -p ${PREFIX}/share/doc/${package}-${version}
 	${INSTALL} -m 644 ${top_srcdir}/LICENSE ${PREFIX}/share/doc/${package}-${version}
 	${INSTALL} -m 644 ${top_srcdir}/README ${PREFIX}/share/doc/${package}-${version}
-	mkdir -p ${PREFIX}/etc
-	${INSTALL} -m 644 ${top_srcdir}/config/log4crc ${PREFIX}/etc/log4crc
+	mkdir -p ${PREFIX}/etc/lb
+	${INSTALL} -m 644 ${top_srcdir}/config/log4crc ${PREFIX}/etc/lb/log4crc
 	${INSTALL} -m 644 ${top_srcdir}/config/log4crc ${PREFIX}/share/doc/${package}-${version}/log4crc.example-production
 	${INSTALL} -m 644 ${top_srcdir}/config/log4crc.debugging ${PREFIX}/share/doc/${package}-${version}/log4crc.example-debugging
 	mkdir -p ${PREFIX}/${libdir}
diff --git a/org.glite.lbjp-common.log/config/log4crc b/org.glite.lbjp-common.log/config/log4crc
index 38ffe36..16343fa 100644
--- a/org.glite.lbjp-common.log/config/log4crc
+++ b/org.glite.lbjp-common.log/config/log4crc
@@ -23,6 +23,7 @@
         <!-- category name="LB.LOGD" priority="debug" appender="stderr"/-->
         <!-- category name="LB.INTERLOGD" priority="debug" appender="stderr"/-->
         <!-- category name="LB.SERVER" priority="debug" appender="stderr"/-->
+        <!-- category name="LB.AUTHZ" priority="debug" appender="syslog"/-->
         <!-- category name="LB.HARVESTER" priority="*" appender="syslog"/-->
 
         <!-- default appenders ===================================== -->
diff --git a/org.glite.lbjp-common.log/src/log.h b/org.glite.lbjp-common.log/src/log.h
index 057f0d9..1479d77 100644
--- a/org.glite.lbjp-common.log/src/log.h
+++ b/org.glite.lbjp-common.log/src/log.h
@@ -39,6 +39,7 @@ extern "C" {
 #define LOG_CATEGORY_LB_SERVER_REQUEST	"LB.SERVER.REQUEST"
 #define LOG_CATEGORY_LB_HARVESTER	"LB.HARVESTER"
 #define LOG_CATEGORY_LB_HARVESTER_DB    "LB.HARVESTER.DB"
+#define LOG_CATEGORY_LB_AUTHZ           "LB.AUTHZ"
 
 /* default priorities
  * - follow LOG4C_PRIORITY_* defined in <log4c/priority.h>