Bug 1537 – Enhance setup-globus-gatekeeper to be parameterized

Bug 1537 - Enhance setup-globus-gatekeeper to be parameterized

Summary:

Enhance setup-globus-gatekeeper to be parameterized

Status:	RESOLVED FIXED

Product:	GRAM
Component:	gt2 Gatekeeper/Jobmanager
Version:	1.6
Platform:	PC All

Importance:	P2 enhancement
Target Milestone:	3.2
Assigned To:	Joe Bester

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2004-02-12 17:43 by Alain Roy
Modified:	2004-03-04 14:18 (History)

Attachments
Diff (1.04 KB, patch) 2004-03-02 16:04, Alain Roy	Details
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Alain Roy 2004-02-12 17:43:40

Folks in EDG/LCG want the setup-globus-gatekeeper script to be able to be 
parameterized so that when it is called, it can use non-default locations for 
the X509 files. The patch is so straightforward that it's easier to show you 
the patch than describe it in words. 

This is already in the VDT and it is trivial and well-tested. We'd like to not 
distribute a VDT with extra patches on it, so we hope it can become part of an 
upcoming Globus release.

Thanks!

--- globus-2.2.4/gatekeeper/setup/setup-globus-gatekeeper.pl    Fri Dec 21 
03:37:52 2001
+++ vdt-1.1.8-10/gatekeeper/setup/setup-globus-gatekeeper.pl    Sat Jul  5 
00:17:59 2003
@@ -1,3 +1,5 @@
+#!/usr/bin/env perl
+
 my $gpath = $ENV{GPT_LOCATION};
 
 if (!defined($gpath))
@@ -27,11 +29,16 @@
    die "open failed for $gk_conf";
 }
 
+my $x509_cert_dir  = $ENV{X509_CERT_DIR}  || "/etc/grid-
security/certificates";
+my $x509_user_cert = $ENV{X509_USER_CERT} || "/etc/grid-
security/hostcert.pem";
+my $x509_user_key  = $ENV{X509_USER_KEY}  || "/etc/grid-security/hostkey.pem";
+my $gridmap        = $ENV{GRIDMAP}        || "/etc/grid-security/grid-
mapfile";
+
 print CONF <<EOF;
-  -x509_cert_dir /etc/grid-security/certificates
-  -x509_user_cert /etc/grid-security/hostcert.pem
-  -x509_user_key /etc/grid-security/hostkey.pem
-  -gridmap /etc/grid-security/grid-mapfile
+  -x509_cert_dir $x509_cert_dir
+  -x509_user_cert $x509_user_cert
+  -x509_user_key $x509_user_key
+  -gridmap $gridmap
   -home $globusdir
   -e libexec
   -logfile var/globus-gatekeeper.log

------- Comment #1 From Stuart Martin 2004-02-13 11:34:37 -------

Alain,

We are a few days from the 3.2 beta release, so this will not make it in the beta.   However, the changes 
look simple enough that we will try to get them into the 3.2 final release.

-Stu

------- Comment #2 From Charles Bacon 2004-02-18 16:56:19 -------

*** Bug 1571 has been marked as a duplicate of this bug. ***

------- Comment #3 From Joe Bester 2004-03-02 15:39:32 -------

Could you resubmit this patch as an attachment? There are some goofy line 
breaks in this one. 
 
joe

------- Comment #4 From Alain Roy 2004-03-02 16:04:52 -------

Created an attachment (id=329) [details]
Diff

Diff

------- Comment #5 From Joe Bester 2004-03-04 10:48:01 -------

Is there a reason why this was done as environment vars instead of command line 
options? I'm a little conerned that people will be surprised to find the 
gatekeeper configured to use their credential instead of system credentials if 
we use this patch as it is. 

joe

------- Comment #6 From Maarten Litmaath 2004-03-04 13:25:30 -------

Joe,
when EDG asked for setup-globus-gatekeeper to be changed to have the
grid security paths configurable, I proposed using environment variables
and that has turned out to work fine, given the way EDG configures Globus:
by means of a non-interactive script indirectly run from a /etc/rc.d
"service" (yes, it is run after each reboot).
I agree, though, that explicit arguments would be better, so please
go ahead.  They should again default to the standard values.  Thanks.

------- Comment #7 From Joe Bester 2004-03-04 14:18:14 -------

A fix which allows configuration via command line options is committed to the 
3.2 branch and trunk. 
 
joe