Skip to content

Commit 94204f1

Browse files
matyasselmecimatyasselmeci
authored
Merge pull request #146 from jthiltges/pr/condorconfig
Remove condor config.d file from xcache-reporter
2 parents 34ad658 + 48b4fac commit 94204f1

4 files changed

Lines changed: 15 additions & 15 deletions

File tree

Makefile

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -93,9 +93,6 @@ install:
9393
ln -srf $(DESTDIR)/$(INSTALL_XROOTD_DIR)/xrootd-stash-origin.cfg $(DESTDIR)/$(INSTALL_XROOTD_DIR)/xrootd-stash-origin-auth.cfg
9494
mkdir -p $(DESTDIR)/$(INSTALL_XROOTD_DIR)/config.d
9595
install -p -m 0644 $(XROOTD_CONFIGD) $(DESTDIR)/$(INSTALL_XROOTD_DIR)/config.d
96-
# Condor config files
97-
mkdir -p $(DESTDIR)/etc/condor/config.d
98-
install -p -m 0644 configs/xcache/condor/01-xcache-reporter-auth.conf $(DESTDIR)/etc/condor/config.d/01-xcache-reporter-auth.conf
9996
# XCache Consistency Check
10097
mkdir -p $(DESTDIR)/usr/bin
10198
mkdir -p $(DESTDIR)/var/lib/xcache-consistency-check

configs/xcache/condor/01-xcache-reporter-auth.conf

Lines changed: 0 additions & 6 deletions
This file was deleted.

rpm/xcache.spec

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -225,7 +225,6 @@ mkdir -p %{buildroot}%{_sysconfdir}/grid-security/xrd
225225
%{_unitdir}/xcache-reporter.timer
226226
%{_unitdir}/xrootd-renew-proxy.service
227227
%{_unitdir}/xrootd-renew-proxy.timer
228-
%config(noreplace) %{_sysconfdir}/condor/config.d/01-xcache-reporter-auth.conf
229228
%config %{_sysconfdir}/xrootd/config.d/40-xcache-auth.cfg
230229
%config(noreplace) %{_sysconfdir}/xrootd/config.d/90-xcache-logging.cfg
231230
%config(noreplace) %{_sysconfdir}/xrootd/digauth.cfg

src/xcache-reporter

Lines changed: 15 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -166,11 +166,21 @@ def main():
166166
if 'TOOL_DEBUG' not in htcondor.param:
167167
htcondor.param['TOOL_DEBUG'] = "D_ALL D_CATEGORY"
168168

169-
# Check for existence of host cert/key pair
170-
for pki in 'cert', 'key':
171-
pki_path = '/etc/grid-security/host%s.pem' % pki
172-
if not os.path.exists(pki_path):
173-
logging.error('Could not find host %s at %s', pki, pki_path)
169+
# Advertise to the central collector with SSL (SOFTWARE-3940)
170+
htcondor.param['SEC_CLIENT_AUTHENTICATION_METHODS'] = 'SSL'
171+
172+
# Set SSL client config if not defined
173+
if 'AUTH_SSL_CLIENT_CERTFILE' not in htcondor.param:
174+
htcondor.param['AUTH_SSL_CLIENT_CERTFILE'] = '/etc/grid-security/xrd/xrdcert.pem'
175+
if 'AUTH_SSL_CLIENT_KEYFILE' not in htcondor.param:
176+
htcondor.param['AUTH_SSL_CLIENT_KEYFILE'] = '/etc/grid-security/xrd/xrdkey.pem'
177+
if 'AUTH_SSL_CLIENT_CADIR' not in htcondor.param:
178+
htcondor.param['AUTH_SSL_CLIENT_CADIR'] = '/etc/grid-security/certificates'
179+
180+
# Check for existence of xrootd cert/key pair
181+
for certfile in htcondor.param['AUTH_SSL_CLIENT_CERTFILE'], htcondor.param['AUTH_SSL_CLIENT_KEYFILE']:
182+
if not os.path.exists(certfile):
183+
logging.error('Could not find client SSL file %s', certfile)
174184
sys.exit(1)
175185

176186
scr = StashCacheReporter(cache_path=args.cache_path, collectors=args.collectors,

0 commit comments

Comments
 (0)