From 9512d51ffb73bdaaeca45f41bc596c5209f57634 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= Date: Tue, 4 Sep 2012 11:40:52 +0000 Subject: [PATCH] gLite L&B setup script: - switch yaim to use the (sourced) setup script - GLITE_USER, GLITE_HOST_CERT, GLITE_HOST_KEY not required - GLITE_LB_LOCATION removed - all defaults in the setup script now - added Kerberos support (not launched by default) - detect distribution and use that for the scripts - configuration file in /etc/default or /etc/sysconfig (replacement for the profile.d and site-info.def file) - hide other startup scripts output - more strict check for L&B database, migration for L&B 4 - update msg-config script --- org.glite.lb.harvester/Makefile | 8 +- org.glite.lb.harvester/config/startup | 27 +- org.glite.lb.harvester/examples/test.sh | 2 + org.glite.lb.logger-msg/Makefile | 8 +- org.glite.lb.logger-msg/src/msg-config.in | 1 + org.glite.lb.logger/Makefile | 8 +- org.glite.lb.logger/config/startup | 27 +- org.glite.lb.server/Makefile | 16 +- org.glite.lb.server/config/glite-lb | 77 +++ org.glite.lb.server/config/setup | 554 +++++++++++++++++++++ org.glite.lb.server/config/startup | 41 +- org.glite.lb.server/project/glite-lb-server.spec | 14 +- .../config/functions/config_glite_lb.in | 231 +-------- org.glite.lb/configure | 24 + 14 files changed, 743 insertions(+), 295 deletions(-) create mode 100644 org.glite.lb.server/config/glite-lb create mode 100755 org.glite.lb.server/config/setup diff --git a/org.glite.lb.harvester/Makefile b/org.glite.lb.harvester/Makefile index 46eee6b..a2787e1 100644 --- a/org.glite.lb.harvester/Makefile +++ b/org.glite.lb.harvester/Makefile @@ -42,6 +42,12 @@ LIBS:=-L${stagedir}${prefix}/${libdir} \ -lpthread -lglite_security_gss_${thrflavour} endif +ifeq ($(os_type),debian) +sysdefaultdir=${sysconfdir}/default +else +sysdefaultdir=${sysconfdir}/sysconfig +endif + ifneq ($(GLITE_LB_HARVESTER_WITH_LBU_DB),no) CPPFLAGS:=$(CPPFLAGS) -DWITH_LBU_DB=1 LIBS:=$(LIBS) -lglite_lbu_db @@ -65,7 +71,7 @@ startup: ${top_srcdir}/config/startup if echo "${localstatedir}" | grep 'glite'>/dev/null; then \ glite_var="${localstatedir}"; \ fi; \ - sed -e 's:@glite_prefix@:${sysroot}${prefix}:' -e 's:@glite_etc@:${sysconfdir}:' -e "s:@glite_var@:$$glite_var:" $< > $@ + sed -e 's:@glite_prefix@:${sysroot}${prefix}:g' -e 's:@glite_etc@:${sysconfdir}:g' -e "s:@glite_var@:$$glite_var:g" -e 's:@defaultdir@:${sysdefaultdir}:g' $< > $@ chmod +x $@ check: diff --git a/org.glite.lb.harvester/config/startup b/org.glite.lb.harvester/config/startup index 7081626..0dc078c 100755 --- a/org.glite.lb.harvester/config/startup +++ b/org.glite.lb.harvester/config/startup @@ -25,17 +25,18 @@ # limitations under the License. # -GLITE_LB_LOCATION=${GLITE_LB_LOCATION:-'@glite_prefix@'} -GLITE_LB_LOCATION_ETC=${GLITE_LB_LOCATION_ETC:-'@glite_etc@'} +GLITE_LOCATION=${GLITE_LOCATION:-'@glite_prefix@'} +GLITE_LOCATION_ETC=${GLITE_LOCATION_ETC:-'@glite_etc@'} GLITE_LB_LOCATION_VAR=${GLITE_LB_LOCATION_VAR:-'@glite_var@'} +GLITE_USER=${GLITE_USER:-'glite'} +GLITE_HOME=`getent passwd ${GLITE_USER} | cut -d: -f6` +GLITE_HOST_CERT=${GLITE_HOST_CERT:-"$GLITE_HOME/.certs/hostcert.pem"} +GLITE_HOST_KEY=${GLITE_HOST_KEY:-"$GLITE_HOME/.certs/hostkey.pem"} [ -f /etc/profile.d/grid-env.sh ] && . /etc/profile.d/grid-env.sh [ -f /etc/glite.conf ] && . /etc/glite.conf -[ -f $GLITE_LB_LOCATION_ETC/glite-wms.conf ] && . $GLITE_LB_LOCATION_ETC/glite-wms.conf - -[ -f $GLITE_LB_LOCATION/lb.conf ] && . $GLITE_LB_LOCATION_ETC/lb.conf -[ -f $GLITE_LB_LOCATION_VAR/etc/lb.conf ] && . $GLITE_LB_LOCATION_VAR/etc/lb.conf - +[ -f $GLITE_LOCATION_ETC/glite-wms.conf ] && . $GLITE_LOCATION_ETC/glite-wms.conf +[ -f @defaultdir@/glite-lb ] && . @defaultdir@/glite-lb [ -f $HOME/.glite.conf ] && . $HOME/.glite.conf pidfile=${GLITE_LB_HARVESTER_PIDFILE:-"$GLITE_LB_LOCATION_VAR/glite-lb-harvester.pid"} @@ -44,7 +45,7 @@ lockfile=/var/lock/glite-lb-harvester # database or configuration file needed # (using the file as default) -etc=$GLITE_LB_LOCATION/glite-lb +etc=$GLITE_LOCATION_ETC/glite-lb [ -z "$GLITE_LB_HARVESTER_DBCS" -a -z "$GLITE_LB_HARVESTER_CONFIG" ] && GLITE_LB_HARVESTER_CONFIG=$etc/harvester.conf if [ -n "$GLITE_LB_HARVESTER_CONFIG" ]; then [ ! -d "$etc" ] && mkdir -p "$etc" @@ -158,19 +159,13 @@ status_daemon() start() { - if test -z "$GLITE_USER" ;then - echo 'Error: GLITE_USER is not set' - echo FAILED - return 1 - fi - - log4c="LOG4C_RCPATH='$GLITE_LB_LOCATION_ETC/glite-lb'" + log4c="LOG4C_RCPATH='$GLITE_LOCATION_ETC/glite-lb'" [ -z "$creds" ] && echo $0: WARNING: No credentials specified. Using default lookup which is dangerous. >&2 [ -n "$GLITE_LB_HARVESTER_PORT" ] && port="-p $GLITE_LB_HARVESTER_PORT" - start_daemon glite-lb-harvester "$pidfile" "$GLITE_LB_LOCATION/bin/glite-lb-harvester \ + start_daemon glite-lb-harvester "$pidfile" "$GLITE_LOCATION/bin/glite-lb-harvester \ $creds $conf -i $pidfile -d $level $port --daemon\ $GLITE_LB_HARVESTER_OTHER_OPTIONS" "$HARVESTER_NOTIFSFILE" } diff --git a/org.glite.lb.harvester/examples/test.sh b/org.glite.lb.harvester/examples/test.sh index ec46899..6a9483a 100755 --- a/org.glite.lb.harvester/examples/test.sh +++ b/org.glite.lb.harvester/examples/test.sh @@ -76,6 +76,8 @@ init() { done [ -f /etc/glite.conf ] && . /etc/glite.conf + [ -f /etc/default/glite-lb ] && . /etc/default/glite-lb + [ -f /etc/sysconfig/glite-lb ] && . /etc/sysconfig/glite-lb [ -f $HOME/.glite.conf ] && . $HOME/.glite.conf if [ -n "$GLITE_HOST_CERT" -a -n "$GLITE_HOST_KEY" ] ;then diff --git a/org.glite.lb.logger-msg/Makefile b/org.glite.lb.logger-msg/Makefile index dc0f4fc..309fb62 100644 --- a/org.glite.lb.logger-msg/Makefile +++ b/org.glite.lb.logger-msg/Makefile @@ -90,6 +90,12 @@ else default_flavour=_${nothrflavour} endif +ifeq ($(os_type),debian) +sysdefaultdir=${sysconfdir}/default +else +sysdefaultdir=${sysconfdir}/sysconfig +endif + all compile: ${PLUGIN_LIB} ${EXAMPLES} ${SCRIPTS} ${PLUGIN_LIB}: ${PLUGIN_LOBJS} @@ -135,7 +141,7 @@ install: ${COMPILEXX} -c $< -o $@ %.new: %.in - sed -e 's:@glite_prefix@:${sysroot}${prefix}:' -e 's:@glite_etc@:${sysconfdir}:' $< > $@ + sed -e 's:@glite_prefix@:${sysroot}${prefix}:g' -e 's:@glite_etc@:${sysconfdir}:g' -e 's:@defaultdir@:${sysdefaultdir}:g' $< > $@ clean: rm -rvf .libs/ *.o *.lo ${PLUGIN_LIB} ${MAN_GZ} ${EXAMPLES} ${SCRIPTS} diff --git a/org.glite.lb.logger-msg/src/msg-config.in b/org.glite.lb.logger-msg/src/msg-config.in index d4272d6..cdc6695 100755 --- a/org.glite.lb.logger-msg/src/msg-config.in +++ b/org.glite.lb.logger-msg/src/msg-config.in @@ -1,6 +1,7 @@ #! /bin/bash test -f /etc/profile.d/grid-env.sh && . /etc/profile.d/grid-env.sh +test -f @defaultdir@/glite-lb && . @defaultdir@/glite-lb GLITE_LOCATION=${GLITE_LOCATION:-'@glite_prefix@'} LCG_GFAL_INFOSYS=${LCG_GFAL_INFOSYS:-'lcg-bdii.cern.ch:2170'} diff --git a/org.glite.lb.logger/Makefile b/org.glite.lb.logger/Makefile index b2d4364..97a7800 100644 --- a/org.glite.lb.logger/Makefile +++ b/org.glite.lb.logger/Makefile @@ -69,6 +69,12 @@ ifeq (${os},Linux) DL_LIBS=-ldl endif +ifeq ($(os_type),debian) +sysdefaultdir=${sysconfdir}/default +else +sysdefaultdir=${sysconfdir}/sysconfig +endif + DEBUG:=-g -O0 CFLAGS:=${DEBUG} \ -I${stagedir}${prefix}/include -I${top_srcdir}/src -I${top_srcdir}/interface \ @@ -150,7 +156,7 @@ startup: ${top_srcdir}/config/startup if echo "${localstatedir}" | grep 'glite'>/dev/null; then \ glite_var="${localstatedir}"; \ fi; \ - sed -e 's:@glite_prefix@:${sysroot}${prefix}:' -e 's:@glite_etc@:${sysconfdir}:' -e "s:@glite_var@:$$glite_var:" $< > $@ + sed -e 's:@glite_prefix@:${sysroot}${prefix}:g' -e 's:@glite_etc@:${sysconfdir}:g' -e "s:@glite_var@:$$glite_var:g" -e 's:@defaultdir@:${sysdefaultdir}:g' $< > $@ chmod +x $@ glite-lb-logd: ${LOGD_OBJS} diff --git a/org.glite.lb.logger/config/startup b/org.glite.lb.logger/config/startup index 83b14ca..04dd664 100755 --- a/org.glite.lb.logger/config/startup +++ b/org.glite.lb.logger/config/startup @@ -25,21 +25,22 @@ # limitations under the License. # -GLITE_LB_LOCATION=${GLITE_LB_LOCATION:-'@glite_prefix@'} -GLITE_LB_LOCATION_ETC=${GLITE_LB_LOCATION_ETC:-'@glite_etc@'} +GLITE_LOCATION=${GLITE_LOCATION:-'@glite_prefix@'} +GLITE_LOCATION_ETC=${GLITE_LOCATION_ETC:-'@glite_etc@'} GLITE_LB_LOCATION_VAR=${GLITE_LB_LOCATION_VAR:-'@glite_var@'} +GLITE_USER=${GLITE_USER:-'glite'} +GLITE_HOME=`getent passwd ${GLITE_USER} | cut -d: -f6` +GLITE_HOST_CERT=${GLITE_HOST_CERT:-"$GLITE_HOME/.certs/hostcert.pem"} +GLITE_HOST_KEY=${GLITE_HOST_KEY:-"$GLITE_HOME/.certs/hostkey.pem"} KRB5_KTNAME="FILE:/var/glite/krb5kt_lb" KRB5CCNAME="FILE:/var/glite/krb5cc_lb" -LOG4C_RCPATH="$GLITE_LB_LOCATION_ETC/glite-lb" +LOG4C_RCPATH="$GLITE_LOCATION_ETC/glite-lb" [ -f /etc/profile.d/grid-env.sh ] && . /etc/profile.d/grid-env.sh [ -f /etc/glite.conf ] && . /etc/glite.conf -[ -f $GLITE_LB_LOCATION_ETC/glite-wms.conf ] && . $GLITE_LB_LOCATION_ETC/glite-wms.conf - -[ -f $GLITE_LB_LOCATION_ETC/lb.conf ] && . $GLITE_LB_LOCATION_ETC/lb.conf -[ -f $GLITE_LB_LOCATION_VAR/etc/lb.conf ] && . $GLITE_LB_LOCATION_VAR/etc/lb.conf - +[ -f $GLITE_LOCATION_ETC/glite-wms.conf ] && . $GLITE_LOCATION_ETC/glite-wms.conf +[ -f @defaultdir@/glite-lb ] && . @defaultdir@/glite-lb [ -f $HOME/.glite.conf ] && . $HOME/.glite.conf LL_PIDFILE=${LL_PIDFILE:-$GLITE_LB_LOCATION_VAR/glite-lb-logd.pid} @@ -118,12 +119,6 @@ start() return 0 esac - if test -z "$GLITE_USER" ;then - echo 'Error: GLITE_USER is not set' - echo FAILED - return 1 - fi - if [ -n "$LOG4C_RCPATH" ]; then env="$env LOG4C_RCPATH='$LOG4C_RCPATH'"; fi if [ -n "$KRB5_KTNAME" ]; then env="$env KRB5_KTNAME='$KRB5_KTNAME'"; fi if [ -n "$KRB5CCNAME" ]; then env="$env KRB5CCNAME='$KRB5CCNAME'"; fi @@ -150,10 +145,10 @@ start() mkdir -p /var/glite/log chown $GLITE_USER /var/glite/log (cd /tmp && ls -f /tmp |grep ^dglogd_sock_ |xargs rm -f) - start_daemon "glite-lb-logd" "$LL_PIDFILE" "$GLITE_LB_LOCATION/bin/glite-lb-logd \ + start_daemon "glite-lb-logd" "$LL_PIDFILE" "$GLITE_LOCATION/bin/glite-lb-logd \ -i $LL_PIDFILE $port $sock $fprefix" - start_daemon "glite-lb-interlogd" "$IL_PIDFILE" "$GLITE_LB_LOCATION/bin/glite-lb-interlogd \ + start_daemon "glite-lb-interlogd" "$IL_PIDFILE" "$GLITE_LOCATION/bin/glite-lb-interlogd \ -i $IL_PIDFILE $sock $fprefix" "$IL_SOCKFILE" } diff --git a/org.glite.lb.server/Makefile b/org.glite.lb.server/Makefile index 779d5f2..48c15eb 100644 --- a/org.glite.lb.server/Makefile +++ b/org.glite.lb.server/Makefile @@ -27,14 +27,14 @@ default: all version=${module.version} SOURCES=\ - config/glite-lb-* config/my.cnf config/site-notif.conf config/startup \ + config/glite-lb* config/my.cnf config/*.conf config/startup config/setup \ doc/*.1 doc/*.8 \ interface/*.h \ src/*.c src/*.cpp src/*.h src/*.c.T src/*.l src/*.y src/*.sh src/ws_typemap.dat \ project/.post* project/.pre* \ test/*.cpp test/*.cpp.T test/*.sh test/oneJob.qry test/*.c \ LICENSE Makefile -SOURCES_EXEC=config/startup src/*.sh test/*.sh +SOURCES_EXEC=config/startup config/setup src/*.sh test/*.sh all: compile @@ -60,6 +60,12 @@ else WS_CFLAGS= endif +ifeq ($(os_type),debian) +sysdefaultdir=${sysconfdir}/default +else +sysdefaultdir=${sysconfdir}/sysconfig +endif + GSOAP_FILES_PREFIX:= bk_ws_ YACC=bison -y @@ -301,7 +307,7 @@ EXAMPLES= TESTS=test_coverage test_xml test_query_events test_soap_conv test_query_parse -SCRIPTS=startup glite-lb-server-purge.cron glite-lb-proxy-purge.cron glite-lb-notif-keeper.cron +SCRIPTS=startup setup glite-lb-server-purge.cron glite-lb-proxy-purge.cron glite-lb-notif-keeper.cron glite-lb SCRIPTS_SRC=$(addprefix ${top_srcdir}/config/,${SCRIPTS}) glite-lb-bkserverd: ${NSMAP} ${BKSERVER_OBJS} @@ -322,7 +328,7 @@ ${SCRIPTS}: ${SCRIPTS_SRC} if echo "${localstatedir}" | grep 'glite'>/dev/null; then \ glite_var="${localstatedir}"; \ fi; \ - sed -e 's:@glite_prefix@:${sysroot}${prefix}:' -e 's:@glite_etc@:${sysconfdir}:' -e "s:@glite_var@:$$glite_var:" ${top_srcdir}/config/$@ > $@ + sed -e 's:@glite_prefix@:${sysroot}${prefix}:g' -e 's:@glite_etc@:${sysconfdir}:g' -e "s:@glite_var@:$$glite_var:g" -e 's:@defaultdir@:${sysdefaultdir}:g' ${top_srcdir}/config/$@ > $@ check: compile test.xml test.query test.query_parse -echo check.query not complete yet @@ -435,11 +441,13 @@ install: ${INSTALL} -m 644 ${top_srcdir}/config/site-notif.conf ${DESTDIR}${PREFIX}${sysconfdir}/glite-lb ${INSTALL} -m 755 startup ${DESTDIR}${PREFIX}${sysconfdir}/init.d/glite-lb-bkserverd + ${INSTALL} -m 755 setup ${DESTDIR}${PREFIX}${prefix}/sbin/glite-lb-setup ${INSTALL} -m 644 glite-lb-server-purge.cron ${DESTDIR}${PREFIX}${sysconfdir}/cron.d/glite-lb-server-purge ${INSTALL} -m 644 glite-lb-proxy-purge.cron ${DESTDIR}${PREFIX}${sysconfdir}/cron.d/glite-lb-proxy-purge ${INSTALL} -m 644 glite-lb-notif-keeper.cron ${DESTDIR}${PREFIX}${sysconfdir}/cron.d/glite-lb-notif-keeper ${INSTALL} -m 644 ${top_srcdir}/config/glite-lb-server.logrotate ${DESTDIR}${PREFIX}${sysconfdir}/logrotate.d/glite-lb-server ${INSTALL} -m 644 ${top_srcdir}/config/my.cnf ${DESTDIR}${PREFIX}${sysconfdir}/mysql/conf.d/glite-lb-server.cnf + ${INSTALL} -m 644 glite-lb ${DESTDIR}${PREFIX}${prefix}/share/doc/${package}-${version}/glite-lb mkdir -p ${DESTDIR}${PREFIX}${prefix}/include/${globalprefix}/${lbprefix} (cd ${top_srcdir}/interface && install -m 644 ${HDRS} ${DESTDIR}${PREFIX}${prefix}/include/${globalprefix}/${lbprefix}) diff --git a/org.glite.lb.server/config/glite-lb b/org.glite.lb.server/config/glite-lb new file mode 100644 index 0000000..18daf93 --- /dev/null +++ b/org.glite.lb.server/config/glite-lb @@ -0,0 +1,77 @@ +# +# setting for L&B +# +# copy this file to @defaultdir@ +# + +# +# system settings +# + +#GLITE_LOCATION=@glite_prefix@ +#GLITE_LOCATION_ETC='@glite_etc@' +#GLITE_LB_LOCATION_VAR='@glite_var@' + +# query timeout +GLITE_WMS_QUERY_TIMEOUT=300 +# CA certificates directory +#X509_CERT_DIR='/etc/grid-security/certificates' +# VOMS directory +#X509_VOMS_DIR='/etc/grid-security/vomsdir' +#GLITE_HOST_CERT='/var/glite/.certs/hostcert.pem' +#GLITE_HOST_KEY='/var/glite/.certs/hostkey.pem' + +# +# purge and exports +# + +# purge timeouts +GLITE_LB_EXPORT_PURGE_ARGS='--cleared 2d --aborted 15d --cancelled 15d --other 60d' + +# +# L&B configuration +# + +# L&B service type (server/proxy/both) +#GLITE_LB_TYPE=server +# MSG publish +#GLITE_LB_MSG_BROKER='true' +# PROD - production, TEST-NWOB - testing +#GLITE_LB_MSG_NETWORK='PROD' +#LCG_GFAL_INFOSYS='lcg-bdii.cern.ch:2170' +#GLITE_LB_INDEX_OWNER= +# configure glite-LB to be used with Real Time Monitor (harvester) +#GLITE_LB_RTM_ENABLED='false' +# start-up L&B notifications harvester +#GLITE_LB_HARVESTER_ENABLED='false' + +# +# L&B authorizations (items in list separated by comma) +# + +#GLITE_LB_SUPER_USERS= +#GLITE_LB_WMS_DN= +GLITE_LB_RTM_DN='/C=UK/O=eScience/OU=Imperial/L=Physics/CN=heppc24.hep.ph.ic.ac.uk/Email=janusz.martyniak@imperial.ac.uk' +#GLITE_LB_AUTHZ_ADMIN_ACCESS= +#GLITE_LB_AUTHZ_READ_ALL= +#GLITE_LB_AUTHZ_PURGE= +#GLITE_LB_AUTHZ_STATUS_FOR_MONITORING= +#GLITE_LB_AUTHZ_GET_STATISTICS= +#GLITE_LB_AUTHZ_GRANT_OWNERSHIP= +#GLITE_LB_AUTHZ_REGISTER_JOBS=".*" +#GLITE_LB_AUTHZ_LOG_WMS_EVENTS=".*" +#GLITE_LB_AUTHZ_LOG_CE_EVENTS=".*" +#GLITE_LB_AUTHZ_LOG_GENERAL_EVENTS=".*" + +# +# additional options +# + +# bkserver additional options +#GLITE_LB_SERVER_OTHER_OPTIONS=--greyjobs --html-header @glite_etc@/glite-lb/html-header.html --gridmap-file @glite_etc@/glite-lb/gridmap +# notification interlogger additional options +#GLITE_LB_NOTIF_IL_OTHER_OPTIONS= +# proxy interlogger additional options +#GLITE_LB_PROXY_IL_OTHER_OPTIONS= +# harvester additional options +#GLITE_LB_HARVESTER_OTHER_OPTIONS= diff --git a/org.glite.lb.server/config/setup b/org.glite.lb.server/config/setup new file mode 100755 index 0000000..bf6a546 --- /dev/null +++ b/org.glite.lb.server/config/setup @@ -0,0 +1,554 @@ +#!/bin/sh + +[ -f /etc/profile.d/grid-env.sh ] && . /etc/profile.d/grid-env.sh +[ -f @defaultdir@/glite-lb ] && . @defaultdir@/glite-lb + +GLITE_LOCATION=${GLITE_LOCATION:-'@glite_prefix@'} +GLITE_LOCATION_ETC=${GLITE_LOCATION_ETC:-'@glite_etc@'} +GLITE_USER=${GLITE_USER:-'glite'} +MYSQL_USER=${MYSQL_USER:-'root'} +#MYSQL_PASSWORD= +GLITE_LB_MSG_BROKER=${GLITE_LB_MSG_BROKER:-'true'} +GLITE_LB_MSG_NETWORK=${GLITE_LB_MSG_NETWORK:-'PROD'} +LCG_GFAL_INFOSYS=${LCG_GFAL_INFOSYS:-'lcg-bdii.cern.ch:2170'} +GLITE_LB_RTM_DN=${GLITE_LB_RTM_DN:-'/C=UK/O=eScience/OU=Imperial/L=Physics/CN=heppc24.hep.ph.ic.ac.uk/Email=janusz.martyniak@imperial.ac.uk'} +GLITE_LB_AUTHZ_REGISTER_JOBS=${GLITE_LB_AUTHZ_REGISTER_JOBS:-'.*'} +GLITE_LB_AUTHZ_LOG_WMS_EVENTS=${GLITE_LB_AUTHZ_LOG_WMS_EVENTS:-'.*'} +GLITE_LB_AUTHZ_LOG_CE_EVENTS=${GLITE_LB_AUTHZ_LOG_CE_EVENTS:-'.*'} +GLITE_LB_AUTHZ_LOG_GENERAL_EVENTS=${GLITE_LB_AUTHZ_LOG_GENERAL_EVENTS:-'.*'} + +GLITE_HOME_DIR=`getent passwd ${GLITE_USER} | cut -d: -f6` + + +qecho() { + if test "$quiet" != "1"; then + echo "glite-lb-setup: $@" + fi +} + + +check_mysql_connection() { + # check the mysql connection + MYSQL_ARGS="-u $MYSQL_USER" + if ! mysqladmin ping $MYSQL_ARGS >/tmp/glite-setup.$$ 2>&1; then + if test -n "$MYSQL_PASSWORD" && mysqladmin ping $MYSQL_ARGS -p$MYSQL_PASSWORD 2>/tmp/glite-setup.$$ 2>&1; then + MYSQL_ARGS="$MYSQL_ARGS -p$MYSQL_PASSWORD" + else + return 1 + fi + fi + rm -f /tmp/glite-setup.$$ +} + + +config_glite_lb_authz() { + superusers="$1" + rtm="$2" + wms="$GLITE_LB_WMS_DN" + + authconf="$GLITE_LOCATION_ETC/glite-lb/glite-lb-authz.conf" + + cat < "$authconf".new +resource "LB" { +EOF + for section in ADMIN_ACCESS STATUS_FOR_MONITORING GET_STATISTICS REGISTER_JOBS READ_ALL PURGE GRANT_OWNERSHIP LOG_WMS_EVENTS LOG_CE_EVENTS LOG_GENERAL_EVENTS; do + eval value=\"$`echo GLITE_LB_AUTHZ_$section`\" + case "$section" in + ADMIN_ACCESS) value="$value,$superusers" ;; + GET_STATISTICS) value="$value,$wms" ;; + READ_ALL) value="$value,$wms,$rtm" ;; + PURGE) value="$value,$wms" ;; + LOG_WMS_EVENTS) value="$value,$wms" ;; + esac + value="`echo \"$value\" | tr ',' '\n' | grep -v ^$ | sed 's/\(.*\)/\trule permit {\n\t\tsubject = \"\1\"\n\t}/'`" + cat <> "$authconf".new + +action "$section" { +$value +} +EOF + done + cat <> "$authconf".new + +} +EOF + + # something changed + if test -f "$authconf"; then + diff -w "$authconf" "$authconf".new >/dev/null + if test $? -eq "0"; then + qecho "Authorizations not changed" + else + mv "$authconf" "$authconf".yaimorig + mv "$authconf".new "$authconf" + qecho "Authorizations changed, original authz configuration moved to '$authconf.yaimorig'" + fi + else + mv "$authconf".new "$authconf" + qecho "Authorizations generated ('$authconf')." + fi + + # superusers file deprecated + if test -s "${GLITE_LOCATION_ETC}/LB-super-users"; then + echo "glite-lb-setup: WARNING: found old superusers file '${GLITE_LOCATION_ETC}/LB-super-users', check 'ADMIN_ACCESS' section in glite-lb-authz.conf" + echo "# deprecated file, replaced by ADMIN_ACCESS action in glite-lb-authz.conf" > "${GLITE_LOCATION_ETC}/LB-super-users.old" + cat "${GLITE_LOCATION_ETC}/LB-super-users" >> "${GLITE_LOCATION_ETC}/LB-super-users.old" + rm "${GLITE_LOCATION_ETC}/LB-super-users" + fi +} + + +setup_all() { + setup_db=1 + setup_certs=1 + setup_msg=1 + setup_authz=1 + setup_harvester=1 + setup_bdii=1 + setup_upgrade=1 + setup_startup=1 +} + + +while test -n "$1"; do + case "$1" in + -h|--help|help) + cat <" > /dev/null 2>&1; then + qecho "Database lbserver20 already exists." + exit 0 + fi + rm -f /tmp/glite-setup.$$ + + if test "$setup" != "1"; then + exit 1 + fi +fi + +if test -z "$GLITE_HOME_DIR"; then + echo "glite-lb-setup: ERROR: The home directory of ${GLITE_USER} doesn't exist. Check whether the user ${GLITE_USER} was properly created" + exit 2 +fi + + +# ==== MySQL ==== + +if test "$setup_db" = 1; then + # include MySQL options for L&B server + my_cnf=/etc/mysql/my.cnf + if test ! -f "$my_cnf"; then + my_cnf=/etc/my.cnf + fi + if test -f "$my_cnf"; then + grep '^!includedir\s\+/etc/mysql/conf.d/?' "$my_cnf" >/dev/null 2>&1 + if ! test $? -eq 0; then + echo '!includedir /etc/mysql/conf.d/' >> "$my_cnf" + fi + else + echo "glite-lb-setup: WARNING: $my_cnf not found, check/add following line into MySQL configuration:" + echo "!includedir /etc/mysql/conf.d/" + fi + + # restart for the new options + if test -x /sbin/service; then + out="`/sbin/service mysqld restart 2>&1`" + else + out="`/etc/init.d/mysql restart 2>&1`" + fi + if test $? -ne 0; then + echo "$out" + echo "glite-lb-setup: ERROR: starting MySQL failed" + exit 1 + fi + + if ! check_mysql_connection; then + cat /tmp/glite-setup.$$ + rm -f /tmp/glite-setup.$$ + echo "glite-lb-setup: ERROR: Can't access MySQL database. You may need to set MYSQL_USER and MYSQL_PASSWORD variables." + rm -f /tmp/glite-setup.$$ + error="$error db" + exit 1 + fi + rm -f /tmp/glite-setup.$$ + + if test ! -f $GLITE_LOCATION_ETC/glite-lb/glite-lb-dbsetup.sql; then + echo "glite-lb-setup: ERROR: glite-lb-dbsetup.sql not found (glite-lb-server not installed?)" + error="$error db" + exit 1 + fi + + # check if database exist and setup if necessary + if ! mysqlshow $MYSQL_ARGS | grep "\" > /dev/null 2>&1 || \ + ! mysqlshow $MYSQL_ARGS lbserver20 jobs | grep 'Table: jobs\>'; then + mysql $MYSQL_ARGS -e "CREATE DATABASE lbserver20" + mysql $MYSQL_ARGS -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver IDENTIFIED BY '' WITH GRANT OPTION;" + mysql $MYSQL_ARGS -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver@'$HOSTNAME' IDENTIFIED BY '' WITH GRANT OPTION;" + mysql $MYSQL_ARGS -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver@localhost IDENTIFIED BY '' WITH GRANT OPTION;" + + mysql -u lbserver lbserver20 < $GLITE_LOCATION_ETC/glite-lb/glite-lb-dbsetup.sql + mysql -u lbserver -e "ALTER TABLE short_fields MAX_ROWS=1000000000;" lbserver20 + mysql -u lbserver -e "ALTER TABLE long_fields MAX_ROWS=55000000;" lbserver20 + mysql -u lbserver -e "ALTER TABLE states MAX_ROWS=9500000;" lbserver20 + mysql -u lbserver -e "ALTER TABLE events MAX_ROWS=175000000;" lbserver20 + + qecho "Database lbserver20 created." + else + qecho "Database lbserver20 exists." + fi + + # adjust indexes + # 1) if L&B with local harvester or L&B for Real Time Monitoring ==> lastUpdateTime needed + # 2) if GLITE_LB_INDEX_OWNER specified ==> create owner index + need_reindex=0 + $GLITE_LOCATION/bin/glite-lb-bkindex -d 2>/dev/null | tail -n +3 | head -n -2 | sed 's/\([^,]\)$/\1,/' > /tmp/glite-lb-bkindex.$$ + if test x"$GLITE_LB_RTM_ENABLED" = x"true" -o x"$GLITE_LB_HARVESTER_ENABLED" = x"true"; then + if ! grep 'name = "lastUpdateTime"' /tmp/glite-lb-bkindex.$$ >/dev/null; then + echo '[ type = "system"; name = "lastUpdateTime" ],' >> /tmp/glite-lb-bkindex.$$ + need_reindex=1 + fi + fi + if test x"$GLITE_LB_INDEX_OWNER" = x"true"; then + if ! grep 'name = "owner"' /tmp/glite-lb-bkindex.$$ >/dev/null; then + echo '[ type = "system"; name = "owner" ],' >> /tmp/glite-lb-bkindex.$$ + need_reindex=1 + fi + fi + if test $need_reindex -eq 1; then + $GLITE_LOCATION/bin/glite-lb-bkindex -rv <' > /dev/null 2>&1; then + sh $GLITE_LOCATION_ETC/glite-lb/glite-lb-migrate_db2version40 -s + if test $? -eq 0; then + qecho "Database migrated to L&B 4.x" + else + error="$error db" + fi + fi + fi +fi + + +# ==== certificates ==== + +if test "$setup_certs" = "1"; then + if test ! -d $GLITE_HOME_DIR/.certs; then + mkdir -p $GLITE_HOME_DIR/.certs + chown $GLITE_USER:$GLITE_USER $GLITE_HOME_DIR/.certs + fi + cp -f /etc/grid-security/hostcert.pem /etc/grid-security/hostkey.pem $GLITE_HOME_DIR/.certs/ + if test $? -eq 0; then + chown $GLITE_USER:$GLITE_USER $GLITE_HOME_DIR/.certs/hostcert.pem $GLITE_HOME_DIR/.certs/hostkey.pem + chmod 0644 $GLITE_HOME_DIR/.certs/hostcert.pem + chmod 0400 $GLITE_HOME_DIR/.certs/hostkey.pem + qecho "Certificates copied to $GLITE_HOME_DIR/.certs/" + else + echo "glite-lb-setup: WARNING: Please copy host certificate and key into /etc/grid-security and" + echo " $GLITE_HOME_DIR/.certs/, change the owner of the ones in" + echo " $GLITE_HOME_DIR/.certs/ to $GLITE_USER" + error="$error certs" + fi +fi + + +# ==== messaging ==== + +if test "$setup_msg" = "1"; then + if test -x $GLITE_LOCATION/sbin/glite-lb-msg-config; then + out=`$GLITE_LOCATION/sbin/glite-lb-msg-config $GLITE_LOCATION_ETC/glite-lb/msg.conf 2>&1` + if test $? -eq 0; then + if test -z "$out"; then + out="(no changes)" + fi + qecho "Messaging brokers: $out" + else + echo "glite-lb-setup: ERROR: $out" + error="$error msg" + fi + else + echo "glite-lb-setup: WARNING: MSG plugin for glite-lb-logger not installed (package glite-lb-logger-msg)" + fi +fi + + +# ==== authorizations ==== +if test "$setup_authz" = "1"; then + if test x"$GLITE_LB_RTM_ENABLED" = x"true"; then + config_glite_lb_authz "$GLITE_LB_SUPER_USERS" "$GLITE_LB_RTM_DN" + else + config_glite_lb_authz "$GLITE_LB_SUPER_USERS" "" + fi +fi + + +# ==== harvester ==== + +if test "$setup_harvester" = "1"; then + if test x"$GLITE_LB_HARVESTER_ENABLED" = x"true"; then + if test ! -f $GLITE_LOCATION_ETC/glite-lb/glite-lb-harvester.conf; then + echo $HOSTNAME > $GLITE_LOCATION_ETC/glite-lb/glite-lb-harvester.conf + qecho "Harvester configured" + fi + fi +fi + + +# ==== BDII ==== + +if test "$setup_bdii" = "1"; then + export INFO_SERVICE_CONFIG='/etc/glite/info/service' + if test -x /etc/init.d/bdii; then + if test -f ${INFO_SERVICE_CONFIG}/glite-info-service-lbserver.conf.template -a -f ${INFO_SERVICE_CONFIG}/glite-info-glue2-lbserver.conf.template; then + bdii=1 + else + echo "glite-lb-setup: WARNING: glite-info-provider-service not installed, BDII won't be configured" + fi + else + echo "glite-lb-setup: WARNING: BDII not installed, it won't be configured" + fi + if test "$bdii" = "1"; then + cp ${INFO_SERVICE_CONFIG}/glite-info-service-lbserver.conf.template ${INFO_SERVICE_CONFIG}/glite-info-service-lbserver.conf + cp ${INFO_SERVICE_CONFIG}/glite-info-glue2-lbserver.conf.template ${INFO_SERVICE_CONFIG}/glite-info-glue2-lbserver.conf + cat </var/lib/bdii/gip/provider/glite-info-provider-service-lbserver-wrapper +/usr/bin/glite-info-service ${INFO_SERVICE_CONFIG}/glite-info-service-lbserver.conf $SITE_NAME +/usr/bin/glite-info-glue2-simple ${INFO_SERVICE_CONFIG}/glite-info-glue2-lbserver.conf $SITE_NAME +EOF + chmod +x /var/lib/bdii/gip/provider/glite-info-provider-service-lbserver-wrapper + BDII_PASSWD=`dd if=/dev/random bs=1 count=10 2>/dev/null | base64` + cat << EOF > @defaultdir@/bdii +RUN=yes +SLAPD_CONF= +SLAPD= +BDII_RAM_DISK= +EOF + sed -i "s#.*rootpw.*#rootpw ${BDII_PASSWD}#" /etc/bdii/bdii-slapd.conf + + if test -x /sbin/service; then + out="`/sbin/service bdii restart 2>&1`" + else + out="`/etc/init.d/bdii restart 2>&1`" + fi + if test $? -eq 0; then + qecho "BDII configured" + else + echo "$out" + error="$error bdii" + fi + fi +fi + +# ==== upgrade ==== + +if test "$setup_upgrade" = "1"; then + # upgrade from L&B <= 3.1.1 + # (legacy start-up stuff) + if test -f @glite_etc@/gLiteservice; then + grep -v 'glite-lb-bkserverd' @glite_etc@/gLiteservice > /tmp/gLiteservice + grep -v 'glite-lb-locallogger' @glite_etc@/gLiteservice > /tmp/gLiteservice + mv /tmp/gLiteservice @glite_etc@/gLiteservice + fi + # (old crons) + rm -fv /etc/cron.d/glite-lb-purge.cron /etc/logrotate.d/lb-purger /etc/logrotate.d/lb-lcas +fi + + +# ==== kerberos (experimental) ==== + +if test "$setup_kerberos" = "1"; then + if test ! -f /etc/krb5.keytab; then + echo "glite-lb-setup: ERROR: keytab not found" + kerberos=0 + fi + + if ! test -x `which klist`; then + echo "glite-lb-setup: ERROR: kerberos clients not found" + kerberos=0 + fi + + if test "$kerberos" = "0"; then + error="$error krb" + fi + + if ldd $GLITE_LOCATION/bin/glite-lb-bkserverd | grep libglobus_gssapi_gsi >/dev/null 2>&1; then + echo "glite-lb-setup: ERROR: Kerberos support requires L&B built with Kerberos libraries" + error="$error krb" + kerberos=0 + fi + + if test "$kerberos" != "0"; then + klist --version >/dev/null 2>&1 + if test $? -eq 0; then + #Heimdal + PRINC=`ktutil -k /etc/krb5.keytab list | grep "host/" | head -1 | awk '{print $3}'` + else + #MIT + PRINC=`klist -k | grep "host/" | head -1 | awk '{print $2}'` + fi + + cp /etc/krb5.keytab /var/glite/krb5kt_lb || error="$error krb" + chown glite:glite /var/glite/krb5kt_lb + + cat > /etc/cron.d/glite-lb-ticket </dev/null 2>&1; then + echo "glite-lb-setup: ERROR: GSI mode with kerberos requires L&B built in Heimdal Kerberos implementation" + error="$error krbgsi" + kerberos=0 + fi + if test "$kerberos" != "0"; then + mkdir /etc/gss >/dev/null 2>&1 + echo "gsi 1.3.6.1.4.1.3536.1.1 /usr/lib/libglobus_gssapi_gsi.so.4" > /etc/gss/mech + + qecho "GSI mode with Kerberos configured" + echo "glite-lb-setup: NOTE: tuned Globus and Heimdal Kerberos libraries required for support GSI with Kerberos" + fi +fi + + +# ==== startup ==== + +if test "$setup_startup" = "1"; then + if test ! -x $GLITE_LOCATION/bin/glite-lb-bkserverd; then + echo "glite-lb-setup: ERROR: glite-lb-server not installed" + startup_error=1 + fi + if test ! -x $GLITE_LOCATION/bin/glite-lb-logd; then + echo "glite-lb-setup: ERROR: glite-lb-logger not installed" + startup_error=1 + fi + if test x"$GLITE_LB_HARVESTER_ENABLED" = x"true"; then + if test ! -x $GLITE_LOCATION/bin/glite-lb-harvester; then + echo "glite-lb-setup: ERROR: glite-lb-harvester not installed" + startup_error=1 + fi + fi + if test "$startup_error" = "1"; then + error="$error startup" + fi +fi +if test "$setup_startup" = "1" -a "$startup_error" != "1"; then + if egrep -i "Debian|Ubuntu" /etc/issue >/dev/null; then + update-rc.d glite-lb-bkserverd defaults + update-rc.d glite-lb-locallogger defaults + if test x"$GLITE_LB_HARVESTER_ENABLED" = x"true"; then + update-rc.d glite-lb-harvester defaults + fi + else + /sbin/chkconfig mysqld on + test -z "$bdii" && /sbin/chkconfig bdii on + /sbin/chkconfig glite-lb-bkserverd on + /sbin/chkconfig glite-lb-locallogger on + if test x"$GLITE_LB_HARVETER_ENABLED" = x"true"; then + /sbin/chkconfig glite-lb-harvester on + fi + fi + + startup_error=0 + $GLITE_LOCATION_ETC/init.d/glite-lb-bkserverd restart || startup_error=1 + $GLITE_LOCATION_ETC/init.d/glite-lb-locallogger restart || startup_error=1 + if test x"$GLITE_LB_HARVESTER_ENABLED" = x"true"; then + $GLITE_LOCATION_ETC/init.d/glite-lb-harvester restart || startup_error=1 + else + $GLITE_LOCATION_ETC/init.d/glite-lb-harvester stop >/dev/null + fi + + if test "$startup_error" = "0"; then + qecho "Services started successfully" + else + echo "glite-lb-setup: ERROR: Some services failed to start" + error="$error startup" + fi +fi + + +# ==== the end ==== + +if test -z "$error"; then + exit 0 +else + echo "glite-lb-setup: ERROR: $error" + exit 1 +fi diff --git a/org.glite.lb.server/config/startup b/org.glite.lb.server/config/startup index 95d1dbe..be40f08 100755 --- a/org.glite.lb.server/config/startup +++ b/org.glite.lb.server/config/startup @@ -25,22 +25,23 @@ # limitations under the License. # -GLITE_LB_LOCATION=${GLITE_LB_LOCATION:-'@glite_prefix@'} +GLITE_LOCATION=${GLITE_LOCATION:-'@glite_prefix@'} GLITE_LB_LOCATION_VAR=${GLITE_LB_LOCATION_VAR:-'@glite_var@'} -GLITE_LB_LOCATION_ETC=${GLITE_LB_LOCATION_ETC:-'@glite_etc@'} -GLITE_JP_LOCATION=${GLITE_JP_LOCATION:-$GLITE_LB_LOCATION} +GLITE_LOCATION_ETC=${GLITE_LOCATION_ETC:-'@glite_etc@'} +GLITE_JP_LOCATION=${GLITE_JP_LOCATION:-$GLITE_LOCATION} +GLITE_USER=${GLITE_USER:-'glite'} +GLITE_HOME=`getent passwd ${GLITE_USER} | cut -d: -f6` +GLITE_HOST_CERT=${GLITE_HOST_CERT:-"$GLITE_HOME/.certs/hostcert.pem"} +GLITE_HOST_KEY=${GLITE_HOST_KEY:-"$GLITE_HOME/.certs/hostkey.pem"} KRB5_KTNAME="FILE:/var/glite/krb5kt_lb" KRB5CCNAME="FILE:/var/glite/krb5cc_lb" -LOG4C_RCPATH="$GLITE_LB_LOCATION_ETC/glite-lb" +LOG4C_RCPATH="$GLITE_LOCATION_ETC/glite-lb" [ -f /etc/profile.d/grid-env.sh ] && . /etc/profile.d/grid-env.sh [ -f /etc/glite.conf ] && . /etc/glite.conf -[ -f $GLITE_LB_LOCATION_ETC/glite-wms.conf ] && . $GLITE_LB_LOCATION_ETC/glite-wms.conf - -[ -f $GLITE_LB_LOCATION_ETC/lb.conf ] && . $GLITE_LB_LOCATION_ETC/lb.conf -[ -f $GLITE_LB_LOCATION_VAR/etc/lb.conf ] && . $GLITE_LB_LOCATION_VAR/etc/lb.conf - +[ -f $GLITE_LOCATION_ETC/glite-wms.conf ] && . $GLITE_LOCATION_ETC/glite-wms.conf +[ -f @defaultdir@/glite-lb ] && . @defaultdir@/glite-lb [ -f $HOME/.glite.conf ] && . $HOME/.glite.conf [ -n "$GLITE_LB_SERVER_PIDFILE" ] && BK_PIDFILE=$GLITE_LB_SERVER_PIDFILE || @@ -56,7 +57,7 @@ GLITE_LB_PROXY_FPREFIX=${GLITE_LB_PROXY_FPREFIX:-'/tmp/glite-lbproxy-ilog_events PROXY_IL_PIDFILE=$GLITE_LB_LOCATION_VAR/glite-lb-proxy-interlogd.pid NOTIF_IL_PIDFILE=$GLITE_LB_LOCATION_VAR/glite-lb-notif-interlogd.pid -msgconf="$GLITE_LB_LOCATION_ETC/glite-lb/msg.conf" +msgconf="$GLITE_LOCATION_ETC/glite-lb/msg.conf" if [ -f "$msgconf" ]; then GLITE_LB_NOTIF_IL_OTHER_OPTIONS="$GLITE_LB_NOTIF_IL_OTHER_OPTIONS -F $msgconf" GLITE_LB_SERVER_OTHER_OPTIONS="$GLITE_LB_SERVER_OTHER_OPTIONS -F $msgconf" @@ -155,12 +156,6 @@ status_daemon() start() { - if test -z "$GLITE_USER" ;then - echo 'Error: GLITE_USER is not set' - echo FAILED - return 1 - fi - if [ -n "$LOG4C_RCPATH" ]; then env="$env LOG4C_RCPATH='$LOG4C_RCPATH'"; fi if [ -n "$KRB5_KTNAME" ]; then env="$env KRB5_KTNAME='$KRB5_KTNAME'"; fi if [ -n "$KRB5CCNAME" ]; then env="$env KRB5CCNAME='$KRB5CCNAME'"; fi @@ -180,8 +175,8 @@ start() [ -z "$creds" ] && echo $0: WARNING: No credentials specified. Using default lookup which is dangerous. >&2 - policy="$GLITE_LB_LOCATION_ETC/glite-lb/glite-lb-authz.conf" - lcas_log="LCAS_LOG_FILE='/var/log/glite/glite-lb-server-lcas.log' LCAS_ETC_DIR='$GLITE_LB_LOCATION_ETC/glite-lb'" + policy="$GLITE_LOCATION_ETC/glite-lb/glite-lb-authz.conf" + lcas_log="LCAS_LOG_FILE='/var/log/glite/glite-lb-server-lcas.log' LCAS_ETC_DIR='$GLITE_LOCATION_ETC/glite-lb'" if test -f "$policy"; then # lcas not enabled by default yet policy="--policy '$policy'" @@ -248,14 +243,14 @@ start() ;; esac - start_daemon glite-lb-bkserver "$BK_PIDFILE" "$lcas_log $GLITE_LB_LOCATION/bin/glite-lb-bkserverd \ + start_daemon glite-lb-bkserver "$BK_PIDFILE" "$lcas_log $GLITE_LOCATION/bin/glite-lb-bkserverd \ --notif-il-sock=$GLITE_LB_NOTIF_SOCK \ --notif-il-fprefix=$GLITE_LB_NOTIF_FPREFIX \ $super -i $BK_PIDFILE $port $wport $dumpdir $purgedir $lbreg_maildir $proxy $policy\ $GLITE_LB_SERVER_OTHER_OPTIONS" "/tmp/lb_proxy_serve.sock /tmp/lb_proxy_store.sock" - if test -x $GLITE_LB_LOCATION/bin/glite-lb-notif-interlogd; then - start_daemon glite-lb-notif-interlogd "$NOTIF_IL_PIDFILE" "$GLITE_LB_LOCATION/bin/glite-lb-notif-interlogd \ + if test -x $GLITE_LOCATION/bin/glite-lb-notif-interlogd; then + start_daemon glite-lb-notif-interlogd "$NOTIF_IL_PIDFILE" "$GLITE_LOCATION/bin/glite-lb-notif-interlogd \ -f $GLITE_LB_NOTIF_FPREFIX -s $GLITE_LB_NOTIF_SOCK \ -i $NOTIF_IL_PIDFILE -M 10485760 \ $GLITE_LB_NOTIF_IL_OTHER_OPTIONS" "$GLITE_LB_NOTIF_SOCK" @@ -272,8 +267,8 @@ start() fi if test x"$GLITE_LB_TYPE" = x"proxy" -o x"$GLITE_LB_TYPE" = x"both" ; then - if test -x $GLITE_LB_LOCATION/bin/glite-lb-interlogd; then - start_daemon "glite-lb-interlog for proxy" "$PROXY_IL_PIDFILE" "$GLITE_LB_LOCATION/bin/glite-lb-interlogd \ + if test -x $GLITE_LOCATION/bin/glite-lb-interlogd; then + start_daemon "glite-lb-interlog for proxy" "$PROXY_IL_PIDFILE" "$GLITE_LOCATION/bin/glite-lb-interlogd \ -f $GLITE_LB_PROXY_FPREFIX -s $GLITE_LB_PROXY_SOCK \ -i $PROXY_IL_PIDFILE \ $GLITE_LB_PROXY_IL_OTHER_OPTIONS" "$GLITE_LB_PROXY_SOCK" diff --git a/org.glite.lb.server/project/glite-lb-server.spec b/org.glite.lb.server/project/glite-lb-server.spec index b03a0d4..9bea53d 100644 --- a/org.glite.lb.server/project/glite-lb-server.spec +++ b/org.glite.lb.server/project/glite-lb-server.spec @@ -120,20 +120,16 @@ fi %config(noreplace) /etc/logrotate.d/glite-lb-server %config(noreplace) /etc/mysql/conf.d/glite-lb-server.cnf %config(noreplace) /etc/glite-lb/* -/etc/glite-lb-dbsetup.sql +%config(noreplace) /etc/glite-lb-dbsetup.sql /etc/cron.d/* /etc/glite-lb-index.conf.template /etc/init.d/glite-lb-bkserverd -/usr/include/glite/lb/index.h -/usr/include/glite/lb/lb_authz.h -/usr/include/glite/lb/store.h -/usr/include/glite/lb/srv_perf.h -/usr/bin/glite-lb-bkindex -/usr/bin/glite-lb-mon-db -/usr/bin/glite-lb-bkserverd -/usr/sbin/glite-lb-notif-keeper +/usr/include/glite/lb/* +/usr/bin/* +/usr/sbin/* /usr/share/doc/%{name}-%{version}/ChangeLog /usr/share/doc/%{name}-%{version}/LICENSE +/usr/share/doc/%{name}-%{version}/glite-lb /usr/share/doc/%{name}-%{version}/package.description /usr/share/doc/%{name}-%{version}/package.summary /usr/share/man/man1/glite-lb-mon-db.1.gz diff --git a/org.glite.lb.yaim/config/functions/config_glite_lb.in b/org.glite.lb.yaim/config/functions/config_glite_lb.in index b25ef36..1073968 100644 --- a/org.glite.lb.yaim/config/functions/config_glite_lb.in +++ b/org.glite.lb.yaim/config/functions/config_glite_lb.in @@ -39,8 +39,8 @@ function config_glite_lb_setenv(){ yaimgridenv_set GLITE_LB_EXPORT_PURGE_ARGS "${GLITE_LB_EXPORT_PURGE_ARGS:---cleared 2d --aborted 15d --cancelled 15d --other 60d}" yaimgridenv_set GLITE_LB_EXPORT_JPPS ${GLITE_LB_EXPORT_JPPS:-} - yaimgridenv_set GLITE_LB_LOCATION "${GLITE_LB_LOCATION:-@glite_prefix@}" - yaimgridenv_set GLITE_LB_LOCATION_ETC "${GLITE_LB_LOCATION_ETC:-@glite_etc@}" + yaimgridenv_set GLITE_LOCATION "${GLITE_LOCATION:-@glite_prefix@}" + yaimgridenv_set GLITE_LOCATION_ETC "${GLITE_LOCATION_ETC:-@glite_etc@}" yaimgridenv_set GLITE_LB_LOCATION_VAR "${GLITE_LB_LOCATION_VAR:-@glite_var@}" yaimgridenv_set GLITE_JP_LOCATION "${GLITE_JP_LOCATION:-}" @@ -98,77 +98,6 @@ function config_glite_lb_setenv(){ config_glite_lb_libs_append ${INSTALL_ROOT:-'/opt'}/apr-dev config_glite_lb_libs_append ${INSTALL_ROOT:-'/opt'}/aprutil-dev config_glite_lb_libs_append ${INSTALL_ROOT:-'/opt'}/activemq-cpp-library - - GLITE_LB_RTM_ENABLED="${GLITE_LB_RTM_ENABLED:-false}" - GLITE_LB_MSG_BROKER="${GLITE_LB_MSG_BROKER:-true}" - GLITE_LB_MSG_NETWORK="${GLITE_LB_MSG_NETWORK:-PROD}" - LCG_GFAL_INFOSYS="${LCG_GFAL_INFOSYS:-lcg-bdii.cern.ch:2170}" - - #GLITE_LB_SUPER_USERS="${GLITE_LB_SUPER_USERS:-}" - #GLITE_LB_WMS_DN="${GLITE_LB_WMS_DN:-}" - GLITE_LB_RTM_DN="${GLITE_LB_RTM_DN:-/C=UK/O=eScience/OU=Imperial/L=Physics/CN=heppc24.hep.ph.ic.ac.uk/Email=janusz.martyniak@imperial.ac.uk}" - #GLITE_LB_AUTHZ_ADMIN_ACCESS="${GLITE_LB_AUTHZ_ADMIN_ACCESS:-}" - #GLITE_LB_AUTHZ_READ_ALL="${GLITE_LB_AUTHZ_READ_ALL:-}" - #GLITE_LB_AUTHZ_READ_PURGE="${GLITE_LB_AUTHZ_READ_PURGE:-}" - #GLITE_LB_AUTHZ_STATUS_FOR_MONITORING="${GLITE_LB_AUTHZ_STATUS_FOR_MONITORING:-}" - #GLITE_LB_AUTHZ_GET_STATISTICS="${GLITE_LB_AUTHZ_GET_STATISTICS:-}" - #GLITE_LB_AUTHZ_GRANT_OWNERSHIP="${GLITE_LB_AUTHZ_GRANT_OWNERSHIP:-}" - GLITE_LB_AUTHZ_REGISTER_JOBS="${GLITE_LB_AUTHZ_REGISTER_JOBS:-.*}" - GLITE_LB_AUTHZ_LOG_WMS_EVENTS="${GLITE_LB_AUTHZ_LOG_WMS_EVENTS:-.*}" - GLITE_LB_AUTHZ_LOG_CE_EVENTS="${GLITE_LB_AUTHZ_LOG_CE_EVENTS:-.*}" - GLITE_LB_AUTHZ_LOG_GENERAL_EVENTS="${GLITE_LB_AUTHZ_LOG_GENERAL_EVENTS:-.*}" -} - -function config_glite_lb_authz() { - superusers="$1" - rtm="$2" - wms="$GLITE_LB_WMS_DN" - - authconf="$GLITE_LB_LOCATION_ETC/glite-lb/glite-lb-authz.conf" - - cat < "$authconf".new -resource "LB" { -EOF - for section in ADMIN_ACCESS STATUS_FOR_MONITORING GET_STATISTICS REGISTER_JOBS READ_ALL PURGE GRANT_OWNERSHIP LOG_WMS_EVENTS LOG_CE_EVENTS LOG_GENERAL_EVENTS; do - eval value=\"$`echo GLITE_LB_AUTHZ_$section`\" - case "$section" in - ADMIN_ACCESS) value="$value,$superusers" ;; - GET_STATISTICS) value="$value,$wms" ;; - READ_ALL) value="$value,$wms,$rtm" ;; - PURGE) value="$value,$wms" ;; - LOG_WMS_EVENTS) value="$value,$wms" ;; - esac - value="`echo \"$value\" | tr ',' '\n' | grep -v ^$ | sed 's/\(.*\)/\trule permit {\n\t\tsubject = \"\1\"\n\t}/'`" - cat <> "$authconf".new - -action "$section" { -$value -} -EOF - done - cat <> "$authconf".new - -} -EOF - - # something changed - if test -f "$authconf"; then - diff -w "$authconf" "$authconf".new >/dev/null - if test "$?" != "0"; then - yaimlog WARNING "Original authz configuration moved to '$authconf.yaimorig'" - mv "$authconf" "$authconf".yaimorig - fi - fi - - # superusers file deprecated - if test -s "${GLITE_LB_LOCATION_ETC}/LB-super-users"; then - yaimlog WARNING "Found old superusers file '${GLITE_LB_LOCATION_ETC}/LB-super-users', check 'ADMIN_ACCESS' section in glite-lb-authz.conf" - echo "# deprecated file, replaced by ADMIN_ACCESS action in glite-lb-authz.conf" > "${GLITE_LB_LOCATION_ETC}/LB-super-users.old" - cat "${GLITE_LB_LOCATION_ETC}/LB-super-users" >> "${GLITE_LB_LOCATION_ETC}/LB-super-users.old" - rm "${GLITE_LB_LOCATION_ETC}/LB-super-users" - fi - - mv "$authconf".new "$authconf" } function config_glite_lb() { @@ -198,103 +127,6 @@ function config_glite_lb() { chmod og+rx /var/lib/mysql/ chown mysql:mysql /var/run/mysqld/ - # include MySQL options for L&B server - my_cnf=/etc/mysql/my.cnf - if [ ! -f "$my_cnf" ]; then - my_cnf=/etc/my.cnf - fi - grep '^!includedir\s\+/etc/mysql/conf.d/?' "$my_cnf" >/dev/null 2>&1 - if [ $? != 0 ]; then - echo '!includedir /etc/mysql/conf.d/' >> "$my_cnf" - fi - - if [ -x /sbin/service ]; then - /sbin/chkconfig mysqld on - /sbin/service mysqld restart - else - /etc/init.d/mysql restart - fi - - ls /tmp/mysql.sock > /dev/null 2>&1 - if [ ! $? = 0 ]; then - ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock - fi - - # set mysql password - set_mysql_passwd || return 1 # the function uses $MYSQL_PASSWORD - - # Check if database exist - mysqlshow --password="$MYSQL_PASSWORD" | grep "\" > /dev/null 2>&1 - - if [ ! $? = 0 ]; then - mysql -u root --password="$MYSQL_PASSWORD" -e "CREATE DATABASE lbserver20" - mysql --password="$MYSQL_PASSWORD" lbserver20 < ${GLITE_LB_LOCATION_ETC}/glite-lb/glite-lb-dbsetup.sql - mysql -u root --password="$MYSQL_PASSWORD" -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver IDENTIFIED BY '' WITH GRANT OPTION;" - mysql -u root --password="$MYSQL_PASSWORD" -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver@'$HOSTNAME' IDENTIFIED BY '' WITH GRANT OPTION;" - mysql -u root --password="$MYSQL_PASSWORD" -e "GRANT ALL PRIVILEGES on lbserver20.* to lbserver@localhost IDENTIFIED BY '' WITH GRANT OPTION;" - mysql -u root --password="$MYSQL_PASSWORD" -e "ALTER TABLE short_fields MAX_ROWS=1000000000;" lbserver20 - mysql -u root --password="$MYSQL_PASSWORD" -e "ALTER TABLE long_fields MAX_ROWS=55000000;" lbserver20 - mysql -u root --password="$MYSQL_PASSWORD" -e "ALTER TABLE states MAX_ROWS=9500000;" lbserver20 - mysql -u root --password="$MYSQL_PASSWORD" -e "ALTER TABLE events MAX_ROWS=175000000;" lbserver20 - else - yaimlog WARNING "Database lbserver20 already exists" - fi - - # adjust indexes - # 1) if L&B with local harvester or L&B for Real Time Monitoring ==> lastUpdateTime needed - # 2) if GLITE_LB_INDEX_OWNER specified ==> create/destroy owner index - need_reindex=0 - $GLITE_LB_LOCATION/bin/glite-lb-bkindex -d 2>/dev/null | tail -n +3 | head -n -2 | sed 's/\([^,]\)$/\1,/' > /var/tmp/glite-lb-bkindexes.txt - if [ x"$GLITE_LB_RTM_ENABLED" = x"true" -o x"GLITE_LB_HARVESTER_ENABLED" = x"true" ]; then - # index for querying older jobs by real time monitor - grep '\[ type = "system"; name = "lastUpdateTime" \]' /var/tmp/glite-lb-bkindexes.txt >/dev/null - if [ $? != 0 ]; then - need_reindex=1 - yaimlog INFO "Index 'lastUpdateTime' will be added" - echo '[ type = "system"; name = "lastUpdateTime" ],' >> /var/tmp/glite-lb-bkindexes.txt - fi - fi - if [ x"$GLITE_LB_INDEX_OWNER" = x"true" ]; then - grep 'name = "owner"' /var/tmp/glite-lb-bkindexes.txt >/dev/null - if [ $? != 0 ]; then - need_reindex=1 - yaimlog INFO "Index 'owner' will be added" - echo '[ type = "system"; name = "owner" ],' >> /var/tmp/glite-lb-bkindexes.txt - fi - elif [ x"$GLITE_LB_INDEX_OWNER" = x"false" ]; then - grep 'name = "owner"' /var/tmp/glite-lb-bkindexes.txt >/dev/null - if [ $? = 0 ]; then - need_reindex=1 - yaimlog INFO "Index 'owner' will be deleted" - mv /var/tmp/glite-lb-bkindexes.txt /var/tmp/glite-lb-bkindexes.txt.2 - grep -v 'name = "owner"' /var/tmp/glite-lb-bkindexes.txt.2 > /var/tmp/glite-lb-bkindexes.txt - rm -f /var/tmp/glite-lb-bkindexes.txt.2 - fi - fi - if [ $need_reindex = 1 ]; then - cat << EOF | $GLITE_LB_LOCATION/bin/glite-lb-bkindex -rv -[ - JobIndices = { -`cat /var/tmp/glite-lb-bkindexes.txt` - } -] -EOF - fi - rm -f /var/tmp/glite-lb-bkindexes.txt - - mkdir -p $GLITE_HOME_DIR/.certs - chown $GLITE_USER:$GLITE_USER $GLITE_HOME_DIR/.certs - chmod 0755 $GLITE_HOME_DIR/.certs - cp -f /etc/grid-security/hostcert.pem /etc/grid-security/hostkey.pem $GLITE_HOME_DIR/.certs/ - if [ ! $? = 0 ] ; then - yaimlog WARNING "Please copy host certificate and key into /etc/grid-security and" - yaimlog WARNING " $GLITE_HOME_DIR/.certs/, change the owner of the ones in" - yaimlog WARNING " $GLITE_HOME_DIR/.certs/ to $GLITE_USER" - fi - chown $GLITE_USER:$GLITE_USER $GLITE_HOME_DIR/.certs/hostcert.pem $GLITE_HOME_DIR/.certs/hostkey.pem - chmod 0644 $GLITE_HOME_DIR/.certs/hostcert.pem - chmod 0400 $GLITE_HOME_DIR/.certs/hostkey.pem - # LCAS plugin # config file lcas_libarch=lib @@ -304,63 +136,14 @@ EOF fi fi lcas_plugin="$GLITE_LB_LOCATION/$lcas_libarch/modules/lcas_lb.mod" - echo "pluginname=\"$lcas_plugin\"" > ${GLITE_LB_LOCATION_ETC}/glite-lb/lcas.db - - out="`$GLITE_LB_LOCATION/sbin/glite-lb-msg-config $GLITE_LB_LOCATION_ETC/glite-lb/msg.conf 2>&1`" - ret=$? - if [ $ret -eq 0 ]; then level=INFO; else level=WARNING; fi - if [ -n "$out" -o $ret -ne 0 ]; then - yaimlog $level "$out" - fi - - # upgrade from L&B <= 3.1.1 - # (legacy start-up stuff) - if [ -f @glite_etc@/gLiteservice ] ; then - grep -v 'glite-lb-bkserverd' > /tmp/gLiteservice - mv /tmp/gLiteservice @glite_etc@/gLiteservice - fi - - if [ x"$GLITE_LB_RTM_ENABLED" = x"true" ]; then - config_glite_lb_authz "$GLITE_LB_SUPER_USERS" "$GLITE_LB_RTM_DN" - else - config_glite_lb_authz "$GLITE_LB_SUPER_USERS" "" - fi + echo "pluginname=\"$lcas_plugin\"" > ${GLITE_LOCATION_ETC}/glite-lb/lcas.db - if [ ! -f ${GLITE_LB_LOCATION_ETC}/glite-lb/glite-lb-harvester.conf ]; then - echo $HOSTNAME > ${GLITE_LB_LOCATION_ETC}/glite-lb/glite-lb-harvester.conf - fi - - # upgrade from L&B <= 3.1.1 - rm -fv /etc/cron.d/glite-lb-purge.cron /etc/logrotate.d/lb-purger /etc/logrotate.d/lb-lcas - - # start-up on boot - . @glite_etc@/profile.d/grid-env.sh - if egrep -i "Debian|Ubuntu" /etc/issue >/dev/null; then - update-rc.d glite-lb-bkserverd defaults - update-rc.d glite-lb-locallogger defaults - if [ x"$GLITE_LB_RTM_ENABLED" = x"true" ]; then - update-rc.d glite-lb-harvester defaults - fi - else - /sbin/chkconfig glite-lb-bkserverd on - /sbin/chkconfig glite-lb-locallogger on - if [ x"$GLITE_LB_RTM_ENABLED" = x"true" ]; then - /sbin/chkconfig glite-lb-harvester on - fi - fi - - ${GLITE_LB_LOCATION_ETC}/init.d/glite-lb-bkserverd restart - if [ ! $? = 0 ] ; then - yaimlog ABORT "Service glite-lb-bkserverd failed to start!" + # main L&B setup + . ${GLITE_LOCATION}/sbin/glite-lb-setup yaim + if [ $? != 0 ]; then + yaimlog ABORT "glite-lb-setup failed!" return 1 fi - if [ x"$GLITE_LB_RTM_ENABLED" = x"true" ]; then - ${GLITE_LB_LOCATION_ETC}/init.d/glite-lb-harvester restart - else - ${GLITE_LB_LOCATION_ETC}/init.d/glite-lb-harvester stop - fi - return 0 - } diff --git a/org.glite.lb/configure b/org.glite.lb/configure index 3d43cdb..89e41e1 100755 --- a/org.glite.lb/configure +++ b/org.glite.lb/configure @@ -33,6 +33,7 @@ my $root = $pwd.'/stage'; my $sysroot = ''; my $sysconfdir; my $localstatedir; +my $os_type; my $staged; my $module; my $thrflavour = 'gcc64dbgpthr'; @@ -234,6 +235,7 @@ my @opts = ( 'sysroot:s' => \$sysroot, 'sysconfdir=s' => \$sysconfdir, 'localstatedir=s' => \$localstatedir, + 'os-type=s' => \$os_type, 'lb-tag=s' => \$lb_tag, 'lbjp-common-tag=s' => \$lbjp_tag, 'jp-tag=s' => \$jp_tag, @@ -266,6 +268,7 @@ if (not $sysconfdir) { $sysconfdir = $prefix eq '/usr' ? '/etc' : "$prefix/etc"; if (not $localstatedir) { $localstatedir = $prefix eq '/usr' ? '/var' : "$prefix/var"; } $sysconfdir=~s/\/$//; $localstatedir=~s/\/$//; +if (not $os_type) { $os_type = os_type(); } $externs{'mysql-server'}{prefix}=$externs{mysql}{prefix} if $externs{'mysql-server'}{prefix} eq ''; $externs{'mysql-devel'}{prefix}=$externs{mysql}{prefix} if $externs{'mysql-devel'}{prefix} eq ''; @@ -1353,6 +1356,7 @@ stagedir = $stagedir sysroot = $sysroot sysconfdir = $sysconfdir localstatedir = $localstatedir +os_type = $os_type thrflavour = $thrflavour nothrflavour = $nothrflavour libdir = $libdir @@ -2084,6 +2088,24 @@ sub reshuffle_platforms($$) { } } +sub os_type { + my $ver; + + open FH, '<', '/etc/issue' or return "redhat"; + $_=; + close FH; + + if (/Debian|Ubuntu/i) { return "debian"; } + elsif (/Scientific|Redhat|Centos/i) { return "redhat"; } + elsif (/Fedora/i) { + $ver = `rpm -q --queryformat '%{version}' fedora-release 2>/dev/null`; + if ($ver and $ver >= 15) { return "fedora"; } + else { return "redhat"; } + } else { + return "redhat"; + } +} + sub usage { my @ext = keys %externs; my @myjars = keys %jar; @@ -2097,6 +2119,8 @@ General options (defaults in []): --root=DIR installation root (custom relocation root -> sysroot) [./stage] --sysroot=DIR system root (custom relocation root -> sysroot) [] --sysconfdir=DIR system configuration directory [PREFIX/etc] + --localstatedir=DIR system local status directory [PREFIX/var] + --os-type=DIST system type (debian/redhat/fedora) --staged=module,module,... what is already in PREFIX (specify without org.glite.) --thrflavour=flavour --nothrflavour=flavour threaded and non-treaded flavours [gcc64dbgpthr,gcc64dbg] -- 1.8.2.3