glprobe.sh 8.08 KB
Newer Older
Andrea Sciaba's avatar
Andrea Sciaba committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
#! /bin/bash

function add2buffer {
    echo $1
}

function do_print {
    echo "summary: $1"
}

# Change to test directory
cd `dirname $0`

# parse arguments
verbosity="1"
while getopts  "v:H:t:" flag
do
  case "$flag" in
      v) verbosity=$OPTARG;;
      H) host=$OPTARG;;
      t) timeout=$OPTARG;;
  esac
done

exitcode=$NAG_OK

# Print environment information
now="`date -u +'%F %T'` UTC"
currdir=$PWD
host=`uname -n`
pilotid=`/usr/bin/id`
add2buffer "Ran at $now on host $host as user:"
add2buffer "$pilotid" 

# Check that $X509_USER_PROXY points to an existing file
if [ -z "$X509_USER_PROXY" ]; then
    do_print "Error: X509_USER_PROXY is not defined"
    exit $NAG_CRITICAL
fi

if [ -f "$X509_USER_PROXY" ]; then
    add2buffer "X509_USER_PROXY=$X509_USER_PROXY"
else
    do_print "Error: X509_USER_PROXY points to a non existing location"
    exit $NAG_CRITICAL
fi

# workaround to suppress voms errors on OSG
export VOMS_PROXY_INFO_DONT_VERIFY_AC="1"

dn=`voms-proxy-info --identity`
fqan=`voms-proxy-info --fqan | head -1`
add2buffer "DN: $dn"
add2buffer "Primary FQAN: $fqan"

# Set the CMS environment
if [ -n "$OSG_APP" ] ; then
    SW_DIR=$OSG_APP/cmssoft/cms
    [ -f $OSG_GRID/setup.sh ] && source $OSG_GRID/setup.sh
    add2buffer "OSG_APP/cmssoft/cms=$OSG_APP/cmssoft/cms"
elif [ -n "$VO_CMS_SW_DIR" ]; then
    SW_DIR=$VO_CMS_SW_DIR
    add2buffer "VO_CMS_SW_DIR=$VO_CMS_SW_DIR"
else
    do_print "Error: Neither VO_CMS_SW_DIR nor OSG_APP defined"
    exit $NAG_CRITICAL
fi

if [ ! -f $SW_DIR/cmsset_default.sh ]; then
    do_print "Error: cmssw setup file $SW_DIR/cmsset_default.sh not existing"
    exit $NAG_CRITICAL
fi
add2buffer "CMS configuration file: $SW_DIR/cmsset_default.sh"

export SCRAM_ARCH=slc5_amd64_gcc434
source $SW_DIR/cmsset_default.sh
err=$?
if [ $err != 0 ]; then
    do_print "Error: CMS software initialisation script cmsset_default.sh failed"
    exit $NAG_CRITICAL
fi

if [ -z $CMS_PATH ]; then
    do_print "Error: CMS_PATH not defined"
    exit $NAG_CRITICAL
fi

if [ ! -d $CMS_PATH ] ; then
    do_print "Error: CMS_PATH directory $CMS_PATH not existing"
    exit $NAG_CRITICAL
fi

# Parse the local config file and find site name
if [ ! -d $CMS_PATH/SITECONF/local/JobConfig ] ; then
    do_print "Error: JobConfig directory $CMS_PATH/SITECONF/local/JobConfig not existing"
    exit $NAG_CRITICAL
fi

ConfigFile=${CMS_PATH}/SITECONF/local/JobConfig/site-local-config.xml
if [ ! -f $ConfigFile ] ; then
    do_print "Error: Local Configuration file site-local-config.xml not existing"
    exit $NAG_CRITICAL
fi
add2buffer "Local configuration file: $ConfigFile"

grep -q "site name" $ConfigFile
err=$?
if [ $err != 0 ] ; then
    do_print "Error: site name string missing in config file"
    exit $NAG_CRITICAL
fi

siteName=`grep "site name" $ConfigFile | grep -v "subsite name" | cut -d'"' -f2`
add2buffer "Site name: $siteName"

tier=`grep "site name" $ConfigFile | grep -v "subsite name" | cut -d'"' -f2 | cut -d '_' -f1`
if [ "x$tier" == "xT1" ]; then
    mv -f $currdir/payloadproxy-t1 $currdir/payloadproxy
    rm -f $currdir/payloadproxy-t2
    add2buffer "Using t1access role for the payload"
else
    mv -f $currdir/payloadproxy-t2 $currdir/payloadproxy
    rm -f $currdir/payloadproxy-t1
    add2buffer "Using standard cms proxy for the payload"
fi

# Check that the payload proxy is available
if [ -f "$currdir/payloadproxy" ]; then
    chmod 600 $currdir/payloadproxy
    export GLEXEC_CLIENT_CERT=$currdir/payloadproxy
    add2buffer "GLEXEC_CLIENT_CERT: $GLEXEC_CLIENT_CERT"
else
    do_print "Error: payloadproxy not found"
    exit $NAG_CRITICAL
fi

# finding the glexec environment
glexec=${OSG_GLEXEC_LOCATION:-${GLEXEC_LOCATION:-${GLITE_LOCATION:-/usr}}/sbin/glexec}
if [ -f "$glexec" ]; then
    add2buffer "Using glexec at $glexec"
    glexec_ver=`$glexec -v`
    add2buffer "$glexec_ver"
else
    do_print "Error: No files found at $glexec"
    exit $NAG_CRITICAL
fi
glexecdir=`dirname $glexec`

# workaround for glexev older than 0.7
export GLEXEC_SOURCE_PROXY=${GLEXEC_CLIENT_CERT}
add2buffer "GLEXEC_SOURCE_PROXY: $GLEXEC_SOURCE_PROXY"
export GLEXEC_TARGET_PROXY="/tmp/x509up_u`id -u`.glexec.${RANDOM}"
add2buffer "GLEXEC_TARGET_PROXY: $GLEXEC_TARGET_PROXY"

# run a bare glexec test and verify that the uid/gid is changed
payloadid=`$glexec /usr/bin/id`
err=$?
if [ $err -ne 0 ]; then
    do_print "Error: error $err executing $glexec getting payload uid/gid"
    exit $NAG_CRITICAL
fi

if [ -z "$payloadid" ]; then
    do_print "Error: /usr/bin/id returned an empty string for the payload"
    exit $NAG_CRITICAL
fi

if [ "X$payloadid" == "X$pilotid" ]; then
    add2buffer "Warning: Same /usr/bin/id for payload and pilot"
    exitcode=$NAG_WARNING
fi
add2buffer "Payload id: $payloadid"

# find mkgltempdir and create a termporary directory for payload execution
if [ -f "$glexecdir/mkgltempdir" ]; then
    mkgltempdir=$glexecdir/mkgltempdir
else
    mkgltempdir=$currdir/mkgltempdir
fi
add2buffer "Using mkgltempdir at $mkgltempdir"

stickydir=`$mkgltempdir`
err=$?
if [ $err -ne 0 ]; then
    do_print "Warning: error $err executing $mkgltempdir"
    exit $NAG_WARNING
fi
add2buffer "stickydir: $stickydir"
tmpdir=`dirname $stickydir`

# find glexec_wrapenv.pl and define GLEXEC_ENV
if [ -f "$glexecdir/glexec_wrapenv.pl" ]; then
    glexec_wrapenv=$glexecdir/glexec_wrapenv.pl
else
    glexec_wrapenv=$currdir/glexec_wrapenv.pl
fi
add2buffer "Using glexec_wrapenv.pl at $glexec_wrapenv"
export GLEXEC_ENV=`$glexec_wrapenv`
err=$?
if [ $err -ne 0 ]; then
    add2buffer "Warning: error $err executing $glexec_wrapenv"
    exitcode=$NAG_WARNING
fi

# find glexec_unwrapenv.pl
if [ -f $glexecdir/glexec_unwrapenv.pl ]; then
    glexec_unwrapenv=$glexecdir/glexec_unwrapenv.pl
else
   cp $currdir/glexec_unwrapenv.pl $tmpdir
   $glexec /bin/cp $tmpdir/glexec_unwrapenv.pl $stickydir
   rm $tmpdir/glexec_unwrapenv.pl
Andrea Sciaba's avatar
Andrea Sciaba committed
212
   glexec_unwrapenv=$stickydir/glexec_unwrapenv.pl
Andrea Sciaba's avatar
Andrea Sciaba committed
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
fi
add2buffer "using glexec_unwrapenv.pl at $glexec_unwrapenv"

# run glexec and verify that the proxy is changed
payloaddn=`$glexec $glexec_unwrapenv -- voms-proxy-info -subject`
err=$?
if [ $err -ne 0 ]; then
    add2buffer "Warning: error $err executing $glexec getting payload DN"
    exitcode=$NAG_WARNING
fi
add2buffer "Payload proxy info - DN: $payloaddn"

if [ -z "$payloaddn" ]; then
    do_print "Error: voms-proxy-info returned an empty string for the subject"
    exitcode=$NAG_WARNING
fi

payloadfqan=`$glexec $glexec_unwrapenv -- voms-proxy-info -fqan | head -1`
err=$?
if [ $err -ne 0 ]; then
    add2buffer "Warning: error $err executing $glexec getting payload fqan"
    exitcode=$NAG_WARNING
fi

if [ -z "$payloadfqan" ]; then
    add2buffer "Warning: voms-proxy-info  returned an empty string for the primary fqan"
    exitcode=$NAG_WARNING
fi
add2buffer "Primary FQAN:            $payloadfqan"

if [ "X$payloaddn$payloadfqan" == "X$dn$fqan"  ]; then
    add2buffer "Warning: Same DN/FQAN for pilot and payload"
    exitcode=$NAG_WARNING
fi

# copy the payload executable to the payload execution directory
cp $currdir/payload.sh $tmpdir
chmod 755 $tmpdir/payload.sh
$glexec /bin/cp $tmpdir/payload.sh $stickydir
rm $tmpdir/payload.sh

# create a job wrapper and copy it to the payload execution directory
cat > $tmpdir/wrapper.sh << EOF
#! /bin/bash
cd $stickydir
./payload.sh > payload.out 2> payload.err
# Make the output readable by the pilot
chmod a+rx .
chmod a+r ./*
EOF
chmod 755 $tmpdir/wrapper.sh
$glexec /bin/cp $tmpdir/wrapper.sh $stickydir
rm $tmpdir/wrapper.sh

# execute the payload (payload identity) and move the output to the current directory
$glexec $glexec_unwrapenv -- $stickydir/wrapper.sh
err=$?
if [ $err -eq 0 ]; then
    cp $stickydir/payload.out $currdir
    cp $stickydir/payload.err $currdir
else 
    add2buffer "Warning: error $err executing the payload"
    exitcode=$NAG_WARNING
fi

# cleanup the execution directory tree
$glexec /bin/rm $stickydir/*
$mkgltempdir -r $stickydir

# Print payload output
add2buffer "payload.out:"
cat $currdir/payload.out
add2buffer "payload.err:"
cat $currdir/payload.err
add2buffer "Test finished"

# exit
if [ $exitcode -ne 0 ]; then
    do_print "Warning: execution contains warnings"
else
    do_print "Success"
fi
exit $exitcode