diff --git a/creation/web_base/cvmfs_helper_funcs.sh b/creation/web_base/cvmfs_helper_funcs.sh index cf6aa7d13..e00dcfb19 100755 --- a/creation/web_base/cvmfs_helper_funcs.sh +++ b/creation/web_base/cvmfs_helper_funcs.sh @@ -416,7 +416,7 @@ has_fuse() { fi fi echo ret_state - [[ "$ret_state" == "yes"]] + [[ "$ret_state" == "yes" ]] return } diff --git a/creation/web_base/glidein_startup.sh b/creation/web_base/glidein_startup.sh index 50313ac23..b5d228e67 100644 --- a/creation/web_base/glidein_startup.sh +++ b/creation/web_base/glidein_startup.sh @@ -1174,6 +1174,10 @@ fetch_file_base() { START=$(date +%s) if [[ "${ffb_file_type}" = "exec:s" ]]; then "${main_dir}/singularity_wrapper.sh" "${ffb_outname}" glidein_config "${ffb_id}" + elif [[ "${ffb_file_type}" = "exec:r" ]]; then + echo "INSIDE EXEC:r BLOCK..." + echo "###### Sourcing $ffb_outname script ############" + . "${ffb_outname}" glidein_config "${ffb_id}" else "${ffb_outname}" glidein_config "${ffb_id}" fi @@ -1317,623 +1321,758 @@ usage() { #################### Execution starts here.... ###################### ##################################################################### -# Variables initialized on top of the file - -# Command line options parsing. Storing all in global variables. -# params will contain the full list of parameters -# -param_XXX YYY will become "XXX YYY" -# TODO: can use an array instead? -params="" - -while [ $# -gt 0 ] -do case "$1" in - -factory) glidein_factory="$2";; - -name) glidein_name="$2";; - -entry) glidein_entry="$2";; - -clientname) client_name="$2";; - -clientgroup) client_group="$2";; - -web) repository_url="$2";; - -proxy) proxy_url="$2";; - -dir) work_dir="$2";; - -sign) sign_id="$2";; - -signtype) sign_type="$2";; - -signentry) sign_entry_id="$2";; - -cluster) condorg_cluster="$2";; - -subcluster) condorg_subcluster="$2";; - -submitcredid) glidein_cred_id="$2";; - -schedd) condorg_schedd="$2";; - -descript) descript_file="$2";; - -descriptentry) descript_entry_file="$2";; - -clientweb) client_repository_url="$2";; - -clientwebgroup) client_repository_group_url="$2";; - -clientsign) client_sign_id="$2";; - -clientsigntype) client_sign_type="$2";; - -clientsigngroup) client_sign_group_id="$2";; - -clientdescript) client_descript_file="$2";; - -clientdescriptgroup) client_descript_group_file="$2";; - -slotslayout) slots_layout="$2";; - -v) operation_mode="$2";; - -multiglidein) multi_glidein="$2";; - -multirestart) multi_glidein_restart="$2";; - -param_*) params="$params $(echo "$1" | awk '{print substr($0,8)}') $2";; - *) (warn "Unknown option $1"; usage) 1>&2; exit 1 -esac -shift 2 -done - -# make sure we have a valid slots_layout -if (echo "x${slots_layout}" | grep -i fixed) >/dev/null 2>&1 ; then - slots_layout="fixed" +printenv GWMS_CVMFS_REEXEC # > /dev/null +status=$? +if [[ "$status" -eq 0 ]]; then + echo ".....(RE)START OF GLIDEIN_STARTUP.SH....." + gwms_cvmfs_reexec=$(printenv GWMS_CVMFS_REEXEC | sed s"/ //g") + echo "GWMS_CVMFS_REEXEC (inside reinvocation) set to $gwms_cvmfs_reexec" + echo "work_dir variable (right after invocation): $work_dir" # should print nothing because the reinvocation is happening through an exec else - slots_layout="partitionable" + # echo "glidein_config set to $glidein_config" + echo ".....START OF GLIDEIN_STARTUP.SH....." + gwms_cvmfs_reexec=$(grep "^GWMS_CVMFS_REEXEC " "${glidein_config}" | cut -d ' ' -f 2-) + echo "GWMS_CVMFS_REEXEC set to $gwms_cvmfs_reexec" fi -#################################### -# Cleaup, print out message and exit -work_dir_created=0 -glide_local_tmp_dir_created=0 - -################ -# Parse and verify arguments - -# allow some parameters to change arguments -# multiglidein GLIDEIN_MULTIGLIDEIN -> multi_glidein -tmp_par=$(params_get_simple GLIDEIN_MULTIGLIDEIN "${params}") -[ -n "${tmp_par}" ] && multi_glidein=${tmp_par} - -case "${operation_mode}" in - nodebug) - sleep_time=1199 - set_debug=0;; - fast) - sleep_time=150 - set_debug=1;; - check) - sleep_time=150 - set -x - set_debug=2;; - *) - sleep_time=1199 - set_debug=1;; -esac - -if [ -z "${descript_file}" ]; then - warn "Missing descript fname." - usage -fi +if [[ -z "$gwms_cvmfs_reexec" ]]; then + # if GWMS_CVMFS_REEXEC is empty, then this script is being invoked the first time; so proceed with usual glidein setup... -if [ -z "${descript_entry_file}" ]; then - warn "Missing descript fname for entry." - usage -fi + # Variables initialized on top of the file -if [ -z "${glidein_name}" ]; then - warn "Missing gliden name." - usage -fi + # Command line options parsing. Storing all in global variables. + # params will contain the full list of parameters + # -param_XXX YYY will become "XXX YYY" + # TODO: can use an array instead? + params="" -if [ -z "${glidein_entry}" ]; then - warn "Missing glidein entry name." - usage -fi + while [ $# -gt 0 ] + do case "$1" in + -factory) glidein_factory="$2";; + -name) glidein_name="$2";; + -entry) glidein_entry="$2";; + -clientname) client_name="$2";; + -clientgroup) client_group="$2";; + -web) repository_url="$2";; + -proxy) proxy_url="$2";; + -dir) work_dir="$2";; + -sign) sign_id="$2";; + -signtype) sign_type="$2";; + -signentry) sign_entry_id="$2";; + -cluster) condorg_cluster="$2";; + -subcluster) condorg_subcluster="$2";; + -submitcredid) glidein_cred_id="$2";; + -schedd) condorg_schedd="$2";; + -descript) descript_file="$2";; + -descriptentry) descript_entry_file="$2";; + -clientweb) client_repository_url="$2";; + -clientwebgroup) client_repository_group_url="$2";; + -clientsign) client_sign_id="$2";; + -clientsigntype) client_sign_type="$2";; + -clientsigngroup) client_sign_group_id="$2";; + -clientdescript) client_descript_file="$2";; + -clientdescriptgroup) client_descript_group_file="$2";; + -slotslayout) slots_layout="$2";; + -v) operation_mode="$2";; + -multiglidein) multi_glidein="$2";; + -multirestart) multi_glidein_restart="$2";; + -param_*) params="$params $(echo "$1" | awk '{print substr($0,8)}') $2";; + *) (warn "Unknown option $1"; usage) 1>&2; exit 1 + esac + shift 2 + done + # make sure we have a valid slots_layout + if (echo "x${slots_layout}" | grep -i fixed) >/dev/null 2>&1 ; then + slots_layout="fixed" + else + slots_layout="partitionable" + fi + + #################################### + # Cleaup, print out message and exit + work_dir_created=0 + glide_local_tmp_dir_created=0 + + ################ + # Parse and verify arguments + + # allow some parameters to change arguments + # multiglidein GLIDEIN_MULTIGLIDEIN -> multi_glidein + tmp_par=$(params_get_simple GLIDEIN_MULTIGLIDEIN "${params}") + [ -n "${tmp_par}" ] && multi_glidein=${tmp_par} + + case "${operation_mode}" in + nodebug) + sleep_time=1199 + set_debug=0;; + fast) + sleep_time=150 + set_debug=1;; + check) + sleep_time=150 + set -x + set_debug=2;; + *) + sleep_time=1199 + set_debug=1;; + esac -if [ -z "${repository_url}" ]; then - warn "Missing Web URL." - usage -fi + if [ -z "${descript_file}" ]; then + warn "Missing descript fname." + usage + fi -repository_entry_url="${repository_url}/entry_${glidein_entry}" + if [ -z "${descript_entry_file}" ]; then + warn "Missing descript fname for entry." + usage + fi -if [ -z "${proxy_url}" ]; then - proxy_url="None" -fi + if [ -z "${glidein_name}" ]; then + warn "Missing gliden name." + usage + fi -if [ "${proxy_url}" = "OSG" ]; then - if [ -z "${OSG_SQUID_LOCATION}" ]; then - # if OSG does not define a Squid, then don't use any - proxy_url="None" - warn "OSG_SQUID_LOCATION undefined, not using any Squid URL" 1>&2 - else - proxy_url="$(echo "${OSG_SQUID_LOCATION}" | awk -F ':' '{if ($2 =="") {print $1 ":3128"} else {print $0}}')" + if [ -z "${glidein_entry}" ]; then + warn "Missing glidein entry name." + usage fi -fi -if [ -z "${sign_id}" ]; then - warn "Missing signature." - usage -fi -if [ -z "${sign_entry_id}" ]; then - warn "Missing entry signature." - usage -fi + if [ -z "${repository_url}" ]; then + warn "Missing Web URL." + usage + fi -if [ -z "${sign_type}" ]; then - sign_type="sha1" -fi + repository_entry_url="${repository_url}/entry_${glidein_entry}" -if [ "${sign_type}" != "sha1" ]; then - warn "Unsupported signtype ${sign_type} found." - usage -fi + if [ -z "${proxy_url}" ]; then + proxy_url="None" + fi -if [ -n "${client_repository_url}" ]; then - # client data is optional, user url as a switch - if [ -z "${client_sign_type}" ]; then - client_sign_type="sha1" + if [ "${proxy_url}" = "OSG" ]; then + if [ -z "${OSG_SQUID_LOCATION}" ]; then + # if OSG does not define a Squid, then don't use any + proxy_url="None" + warn "OSG_SQUID_LOCATION undefined, not using any Squid URL" 1>&2 + else + proxy_url="$(echo "${OSG_SQUID_LOCATION}" | awk -F ':' '{if ($2 =="") {print $1 ":3128"} else {print $0}}')" + fi + fi + + if [ -z "${sign_id}" ]; then + warn "Missing signature." + usage fi - if [ "${client_sign_type}" != "sha1" ]; then - warn "Unsupported clientsigntype ${client_sign_type} found." + if [ -z "${sign_entry_id}" ]; then + warn "Missing entry signature." usage fi - if [ -z "${client_descript_file}" ]; then - warn "Missing client descript fname." + if [ -z "${sign_type}" ]; then + sign_type="sha1" + fi + + if [ "${sign_type}" != "sha1" ]; then + warn "Unsupported signtype ${sign_type} found." usage fi - if [ -n "${client_repository_group_url}" ]; then - # client group data is optional, user url as a switch - if [ -z "${client_group}" ]; then - warn "Missing client group name." + if [ -n "${client_repository_url}" ]; then + # client data is optional, user url as a switch + if [ -z "${client_sign_type}" ]; then + client_sign_type="sha1" + fi + + if [ "${client_sign_type}" != "sha1" ]; then + warn "Unsupported clientsigntype ${client_sign_type} found." usage fi - if [ -z "${client_descript_group_file}" ]; then - warn "Missing client descript fname for group." + if [ -z "${client_descript_file}" ]; then + warn "Missing client descript fname." usage fi - fi -fi -# Generate glidein UUID -if command -v uuidgen >/dev/null 2>&1; then - glidein_uuid="$(uuidgen)" -else - glidein_uuid="$(od -x -w32 -N32 /dev/urandom | awk 'NR==1{OFS="-"; print $2$3,$4,$5,$6,$7$8$9}')" -fi + if [ -n "${client_repository_group_url}" ]; then + # client group data is optional, user url as a switch + if [ -z "${client_group}" ]; then + warn "Missing client group name." + usage + fi -# Print initial variables values (argumants and environment) -startup_time="$(date +%s)" -echo "Starting glidein_startup.sh at $(date) (${startup_time})" - -echo "script_checksum = '$(md5wrapper "$0")'" -echo "debug_mode = '${operation_mode}'" -echo "condorg_cluster = '${condorg_cluster}'" -echo "condorg_subcluster= '${condorg_subcluster}'" -echo "condorg_schedd = '${condorg_schedd}'" -echo "glidein_uuid = '${glidein_uuid}'" -echo "glidein_credential_id = '${glidein_cred_id}'" -echo "glidein_factory = '${glidein_factory}'" -echo "glidein_name = '${glidein_name}'" -echo "glidein_entry = '${glidein_entry}'" -if [ -n "${client_name}" ]; then - # client name not required as it is not used for anything but debug info - echo "client_name = '${client_name}'" -fi -if [ -n "${client_group}" ]; then - echo "client_group = '${client_group}'" -fi -echo "multi_glidein/restart = '${multi_glidein}'/'${multi_glidein_restart}'" -echo "work_dir = '${work_dir}'" -echo "web_dir = '${repository_url}'" -echo "sign_type = '${sign_type}'" -echo "proxy_url = '${proxy_url}'" -echo "descript_fname = '${descript_file}'" -echo "descript_entry_fname = '${descript_entry_file}'" -echo "sign_id = '${sign_id}'" -echo "sign_entry_id = '${sign_entry_id}'" -if [ -n "${client_repository_url}" ]; then - echo "client_web_dir = '${client_repository_url}'" - echo "client_descript_fname = '${client_descript_file}'" - echo "client_sign_type = '${client_sign_type}'" - echo "client_sign_id = '${client_sign_id}'" - if [ -n "${client_repository_group_url}" ]; then - echo "client_web_group_dir = '${client_repository_group_url}'" - echo "client_descript_group_fname = '${client_descript_group_file}'" - echo "client_sign_group_id = '${client_sign_group_id}'" + if [ -z "${client_descript_group_file}" ]; then + warn "Missing client descript fname for group." + usage + fi + fi fi -fi -echo -echo "Running on $(uname -n)" -echo "System: $(uname -a)" -if [ -e '/etc/redhat-release' ]; then - echo "Release: $(cat /etc/redhat-release 2>&1)" -fi -echo "As: $(id)" -echo "PID: $$" -echo - -if [ ${set_debug} -ne 0 ]; then - echo "------- Initial environment ---------------" 1>&2 - env 1>&2 - echo "------- =================== ---------------" 1>&2 -fi -# Before anything else, spawn multiple glideins and wait, if asked to do so -if [[ -n "${multi_glidein}" ]] && [[ -z "${multi_glidein_restart}" ]] && [[ "${multi_glidein}" -gt 1 ]]; then - # start multiple glideins - ON_DIE=0 - trap 'ignore_signal' SIGHUP - trap_with_arg 'on_die_multi' SIGTERM SIGINT SIGQUIT - do_start_all "${multi_glidein}" - # Wait for all glideins and exit 0 - # TODO: Summarize exit codes and status from all child glideins - echo "------ Multi-glidein parent waiting for child processes (${GWMS_MULTIGLIDEIN_CHILDS}) ----------" 1>&2 - wait - echo "------ Exiting multi-glidein parent ----------" 1>&2 - exit 0 -fi - -######################################## -# make sure nobody else can write my files -# In the Grid world I cannot trust anybody -if ! umask 0022; then - early_glidein_failure "Failed in umask 0022" -fi - -######################################## -# Setup OSG and/or Globus -if [ -r "${OSG_GRID}/setup.sh" ]; then - . "${OSG_GRID}/setup.sh" -else - if [ -r "${GLITE_LOCAL_CUSTOMIZATION_DIR}/cp_1.sh" ]; then - . "${GLITE_LOCAL_CUSTOMIZATION_DIR}/cp_1.sh" + # Generate glidein UUID + if command -v uuidgen >/dev/null 2>&1; then + glidein_uuid="$(uuidgen)" + else + glidein_uuid="$(od -x -w32 -N32 /dev/urandom | awk 'NR==1{OFS="-"; print $2$3,$4,$5,$6,$7$8$9}')" + fi + + # Print initial variables values (argumants and environment) + startup_time="$(date +%s)" + echo "Starting glidein_startup.sh at $(date) (${startup_time})" + + echo "script_checksum = '$(md5wrapper "$0")'" + echo "debug_mode = '${operation_mode}'" + echo "condorg_cluster = '${condorg_cluster}'" + echo "condorg_subcluster= '${condorg_subcluster}'" + echo "condorg_schedd = '${condorg_schedd}'" + echo "glidein_uuid = '${glidein_uuid}'" + echo "glidein_credential_id = '${glidein_cred_id}'" + echo "glidein_factory = '${glidein_factory}'" + echo "glidein_name = '${glidein_name}'" + echo "glidein_entry = '${glidein_entry}'" + if [ -n "${client_name}" ]; then + # client name not required as it is not used for anything but debug info + echo "client_name = '${client_name}'" fi -fi - -if [ -z "${GLOBUS_PATH}" ]; then - if [ -z "${GLOBUS_LOCATION}" ]; then - # if GLOBUS_LOCATION not defined, try to guess it - if [ -r "/opt/globus/etc/globus-user-env.sh" ]; then - GLOBUS_LOCATION=/opt/globus - elif [ -r "/osgroot/osgcore/globus/etc/globus-user-env.sh" ]; then - GLOBUS_LOCATION=/osgroot/osgcore/globus - else - warn "GLOBUS_LOCATION not defined and could not guess it." - warn "Looked in:" - warn ' /opt/globus/etc/globus-user-env.sh' - warn ' /osgroot/osgcore/globus/etc/globus-user-env.sh' - warn 'Continuing like nothing happened' + if [ -n "${client_group}" ]; then + echo "client_group = '${client_group}'" + fi + echo "multi_glidein/restart = '${multi_glidein}'/'${multi_glidein_restart}'" + echo "work_dir = '${work_dir}'" + echo "web_dir = '${repository_url}'" + echo "sign_type = '${sign_type}'" + echo "proxy_url = '${proxy_url}'" + echo "descript_fname = '${descript_file}'" + echo "descript_entry_fname = '${descript_entry_file}'" + echo "sign_id = '${sign_id}'" + echo "sign_entry_id = '${sign_entry_id}'" + if [ -n "${client_repository_url}" ]; then + echo "client_web_dir = '${client_repository_url}'" + echo "client_descript_fname = '${client_descript_file}'" + echo "client_sign_type = '${client_sign_type}'" + echo "client_sign_id = '${client_sign_id}'" + if [ -n "${client_repository_group_url}" ]; then + echo "client_web_group_dir = '${client_repository_group_url}'" + echo "client_descript_group_fname = '${client_descript_group_file}'" + echo "client_sign_group_id = '${client_sign_group_id}'" fi fi - - if [ -r "${GLOBUS_LOCATION}/etc/globus-user-env.sh" ]; then - . "${GLOBUS_LOCATION}/etc/globus-user-env.sh" + echo + echo "Running on $(uname -n)" + echo "System: $(uname -a)" + if [ -e '/etc/redhat-release' ]; then + echo "Release: $(cat /etc/redhat-release 2>&1)" + fi + echo "As: $(id)" + echo "PID: $$" + echo + + if [ ${set_debug} -ne 0 ]; then + echo "------- Initial environment ---------------" 1>&2 + env 1>&2 + echo "------- =================== ---------------" 1>&2 + fi + + # Before anything else, spawn multiple glideins and wait, if asked to do so + if [[ -n "${multi_glidein}" ]] && [[ -z "${multi_glidein_restart}" ]] && [[ "${multi_glidein}" -gt 1 ]]; then + # start multiple glideins + ON_DIE=0 + trap 'ignore_signal' SIGHUP + trap_with_arg 'on_die_multi' SIGTERM SIGINT SIGQUIT + do_start_all "${multi_glidein}" + # Wait for all glideins and exit 0 + # TODO: Summarize exit codes and status from all child glideins + echo "------ Multi-glidein parent waiting for child processes (${GWMS_MULTIGLIDEIN_CHILDS}) ----------" 1>&2 + wait + echo "------ Exiting multi-glidein parent ----------" 1>&2 + exit 0 + fi + + ######################################## + # make sure nobody else can write my files + # In the Grid world I cannot trust anybody + if ! umask 0022; then + early_glidein_failure "Failed in umask 0022" + fi + + ######################################## + # Setup OSG and/or Globus + if [ -r "${OSG_GRID}/setup.sh" ]; then + . "${OSG_GRID}/setup.sh" else - warn "GLOBUS_PATH not defined and ${GLOBUS_LOCATION}/etc/globus-user-env.sh does not exist." - warn 'Continuing like nothing happened' + if [ -r "${GLITE_LOCAL_CUSTOMIZATION_DIR}/cp_1.sh" ]; then + . "${GLITE_LOCAL_CUSTOMIZATION_DIR}/cp_1.sh" + fi fi -fi - -[ -n "${X509_USER_PROXY}" ] && set_proxy_fullpath - -num_gct=0 + if [ -z "${GLOBUS_PATH}" ]; then + if [ -z "${GLOBUS_LOCATION}" ]; then + # if GLOBUS_LOCATION not defined, try to guess it + if [ -r "/opt/globus/etc/globus-user-env.sh" ]; then + GLOBUS_LOCATION=/opt/globus + elif [ -r "/osgroot/osgcore/globus/etc/globus-user-env.sh" ]; then + GLOBUS_LOCATION=/osgroot/osgcore/globus + else + warn "GLOBUS_LOCATION not defined and could not guess it." + warn "Looked in:" + warn ' /opt/globus/etc/globus-user-env.sh' + warn ' /osgroot/osgcore/globus/etc/globus-user-env.sh' + warn 'Continuing like nothing happened' + fi + fi -######################################## -# prepare and move to the work directory + if [ -r "${GLOBUS_LOCATION}/etc/globus-user-env.sh" ]; then + . "${GLOBUS_LOCATION}/etc/globus-user-env.sh" + else + warn "GLOBUS_PATH not defined and ${GLOBUS_LOCATION}/etc/globus-user-env.sh does not exist." + warn 'Continuing like nothing happened' + fi + fi -# Replace known keywords: Condor, CONDOR, OSG, TMPDIR, AUTO, . -# Empty $work_dir means PWD (same as ".") -# A custom path could be provided (no "*)" in case) -tmp="${work_dir}" -if [ -z "${work_dir}" ]; then - work_dir="$(pwd)" -else - case "${work_dir}" in - Condor|CONDOR) work_dir="${_CONDOR_SCRATCH_DIR}";; - OSG) work_dir="${OSG_WN_TMP}";; - TMPDIR) work_dir="${TMPDIR}";; - AUTO) automatic_work_dir;; - .) work_dir="$(pwd)";; - esac -fi + [ -n "${X509_USER_PROXY}" ] && set_proxy_fullpath -if [ -z "${work_dir}" ]; then - early_glidein_failure "Unable to identify Startup dir for the glidein ($tmp)." -fi + num_gct=0 -if [ ! -e "${work_dir}" ]; then - early_glidein_failure "Startup dir '${work_dir}' ($tmp) does not exist." -fi -start_dir="$(pwd)" -echo "Started in '${start_dir}' ($tmp)" + ######################################## + # prepare and move to the work directory -work_dir_template="${work_dir}/glide_$(dir_id)XXXXXX" -if ! work_dir="$(mktemp -d "${work_dir_template}")"; then - early_glidein_failure "Cannot create word_dir '${work_dir_template}'" -else - if ! cd "${work_dir}"; then - early_glidein_failure "Work dir '${work_dir}' was created but cannot cd into it." + # Replace known keywords: Condor, CONDOR, OSG, TMPDIR, AUTO, . + # Empty $work_dir means PWD (same as ".") + # A custom path could be provided (no "*)" in case) + tmp="${work_dir}" + if [ -z "${work_dir}" ]; then + work_dir="$(pwd)" else - echo "Running in ${work_dir}" + case "${work_dir}" in + Condor|CONDOR) work_dir="${_CONDOR_SCRATCH_DIR}";; + OSG) work_dir="${OSG_WN_TMP}";; + TMPDIR) work_dir="${TMPDIR}";; + AUTO) automatic_work_dir;; + .) work_dir="$(pwd)";; + esac fi -fi -work_dir_created=1 -# GWMS_SUBDIR defined on top -GWMS_DIR="${work_dir}/$GWMS_SUBDIR" -if ! mkdir "$GWMS_DIR" ; then - early_glidein_failure "Cannot create GWMS_DIR '$GWMS_DIR'" -fi -gwms_lib_dir="${GWMS_DIR}/lib" -if ! mkdir -p "$gwms_lib_dir" ; then - early_glidein_failure "Cannot create lib dir '$gwms_lib_dir'" -fi -gwms_bin_dir="${GWMS_DIR}/bin" -if ! mkdir -p "$gwms_bin_dir" ; then - early_glidein_failure "Cannot create bin dir '$gwms_bin_dir'" -fi -gwms_exec_dir="${GWMS_DIR}/exec" -if ! mkdir -p "$gwms_exec_dir" ; then - early_glidein_failure "Cannot create exec dir '$gwms_exec_dir'" -else - for i in setup prejob postjob cleanup setup_singularity ; do - mkdir -p "$gwms_exec_dir"/$i - done -fi - -# mktemp makes it user readable by definition (ignores umask) -# TODO: MMSEC should this change to increase protection? Since GlExec is gone this should not be needed -if [ -n "${GWMS_MULTIUSER_GLIDEIN}" ]; then - if ! chmod a+rx "${work_dir}"; then - early_glidein_failure "Failed chmod '${work_dir}'" + if [ -z "${work_dir}" ]; then + early_glidein_failure "Unable to identify Startup dir for the glidein ($tmp)." fi -fi -glide_local_tmp_dir_template="/tmp/glide_$(dir_id)$(id -u -n)_XXXXXX" -if ! glide_local_tmp_dir="$(mktemp -d "${glide_local_tmp_dir_template}")"; then - early_glidein_failure "Cannot create temp '${glide_local_tmp_dir_template}'" -fi -glide_local_tmp_dir_created=1 + if [ ! -e "${work_dir}" ]; then + early_glidein_failure "Startup dir '${work_dir}' ($tmp) does not exist." + fi -glide_tmp_dir="${work_dir}/tmp" -if ! mkdir "${glide_tmp_dir}"; then - early_glidein_failure "Cannot create '${glide_tmp_dir}'" -fi + start_dir="$(pwd)" + echo "Started in '${start_dir}' ($tmp)" -if [ -n "${GWMS_MULTIUSER_GLIDEIN}" ]; then - # TODO: MMSEC should this change to increase protection? Since GlExec is gone this should not be needed - # the tmpdirs should be world writable - # This way it will work even if the user spawned by the glidein is different than the glidein user - # This happened in GlExec, outside user stays the same in Singularity - if ! chmod 1777 "${glide_local_tmp_dir}"; then - early_glidein_failure "Failed chmod '${glide_local_tmp_dir}'" + work_dir_template="${work_dir}/glide_$(dir_id)XXXXXX" + if ! work_dir="$(mktemp -d "${work_dir_template}")"; then + early_glidein_failure "Cannot create word_dir '${work_dir_template}'" + else + if ! cd "${work_dir}"; then + early_glidein_failure "Work dir '${work_dir}' was created but cannot cd into it." + else + echo "Running in ${work_dir}" + fi fi + work_dir_created=1 - if ! chmod 1777 "${glide_tmp_dir}"; then - early_glidein_failure "Failed chmod '${glide_tmp_dir}'" + # GWMS_SUBDIR defined on top + GWMS_DIR="${work_dir}/$GWMS_SUBDIR" + if ! mkdir "$GWMS_DIR" ; then + early_glidein_failure "Cannot create GWMS_DIR '$GWMS_DIR'" + fi + gwms_lib_dir="${GWMS_DIR}/lib" + if ! mkdir -p "$gwms_lib_dir" ; then + early_glidein_failure "Cannot create lib dir '$gwms_lib_dir'" + fi + gwms_bin_dir="${GWMS_DIR}/bin" + if ! mkdir -p "$gwms_bin_dir" ; then + early_glidein_failure "Cannot create bin dir '$gwms_bin_dir'" + fi + gwms_exec_dir="${GWMS_DIR}/exec" + if ! mkdir -p "$gwms_exec_dir" ; then + early_glidein_failure "Cannot create exec dir '$gwms_exec_dir'" + else + for i in setup prejob postjob cleanup setup_singularity ; do + mkdir -p "$gwms_exec_dir"/$i + done fi -fi -short_main_dir=main -main_dir="${work_dir}/${short_main_dir}" -if ! mkdir "${main_dir}"; then - early_glidein_failure "Cannot create '${main_dir}'" -fi + # mktemp makes it user readable by definition (ignores umask) + # TODO: MMSEC should this change to increase protection? Since GlExec is gone this should not be needed + if [ -n "${GWMS_MULTIUSER_GLIDEIN}" ]; then + if ! chmod a+rx "${work_dir}"; then + early_glidein_failure "Failed chmod '${work_dir}'" + fi + fi -short_entry_dir=entry_${glidein_entry} -entry_dir="${work_dir}/${short_entry_dir}" -if ! mkdir "${entry_dir}"; then - early_glidein_failure "Cannot create '${entry_dir}'" -fi + glide_local_tmp_dir_template="/tmp/glide_$(dir_id)$(id -u -n)_XXXXXX" + if ! glide_local_tmp_dir="$(mktemp -d "${glide_local_tmp_dir_template}")"; then + early_glidein_failure "Cannot create temp '${glide_local_tmp_dir_template}'" + fi + glide_local_tmp_dir_created=1 -if [ -n "${client_repository_url}" ]; then - short_client_dir=client - client_dir="${work_dir}/${short_client_dir}" - if ! mkdir "$client_dir"; then - early_glidein_failure "Cannot create '${client_dir}'" + glide_tmp_dir="${work_dir}/tmp" + if ! mkdir "${glide_tmp_dir}"; then + early_glidein_failure "Cannot create '${glide_tmp_dir}'" fi - if [ -n "${client_repository_group_url}" ]; then - short_client_group_dir=client_group_${client_group} - client_group_dir="${work_dir}/${short_client_group_dir}" - if ! mkdir "${client_group_dir}"; then - early_glidein_failure "Cannot create '${client_group_dir}'" + if [ -n "${GWMS_MULTIUSER_GLIDEIN}" ]; then + # TODO: MMSEC should this change to increase protection? Since GlExec is gone this should not be needed + # the tmpdirs should be world writable + # This way it will work even if the user spawned by the glidein is different than the glidein user + # This happened in GlExec, outside user stays the same in Singularity + if ! chmod 1777 "${glide_local_tmp_dir}"; then + early_glidein_failure "Failed chmod '${glide_local_tmp_dir}'" + fi + + if ! chmod 1777 "${glide_tmp_dir}"; then + early_glidein_failure "Failed chmod '${glide_tmp_dir}'" fi fi -fi -# Move the token files from condor to glidein workspace -# TODO: compare this w/ setup_x509.sh -# monitoring tokens, Should be using same credentials directory? -mv "${start_dir}/tokens.tgz" . -mv "${start_dir}/url_dirs.desc" . -# idtokens are handled in setup_x509.sh - TODO: remove once verified -#for idtk in ${start_dir}/*.idtoken; do -# if cp "${idtk}" . ; then -# echo "copied idtoken ${idtk} to $(pwd)" -# else -# echo "failed to copy idtoken ${idtk} to $(pwd)" 1>&2 -# fi -#done -#if [ -e "${GLIDEIN_CONDOR_TOKEN}" ]; then -# mkdir -p ticket -# tname="$(basename ${GLIDEIN_CONDOR_TOKEN})" -# cp "${GLIDEIN_CONDOR_TOKEN}" "ticket/${tname}" -# export GLIDEIN_CONDOR_TOKEN="$(pwd)/ticket/${tname}" -#fi - -# Extract and source all the data contained at the end of this script as tarball -extract_all_data - -wrapper_list="${PWD}/wrapper_list.lst" -touch "${wrapper_list}" - -# create glidein_config -glidein_config="${PWD}/glidein_config" -if ! echo > "${glidein_config}"; then - early_glidein_failure "Could not create '${glidein_config}'" -fi -if ! { - echo "# --- glidein_startup vals ---" - echo "GLIDEIN_UUID ${glidein_uuid}" - echo "GLIDEIN_Factory ${glidein_factory}" - echo "GLIDEIN_Name ${glidein_name}" - echo "GLIDEIN_Entry_Name ${glidein_entry}" + short_main_dir=main + main_dir="${work_dir}/${short_main_dir}" + if ! mkdir "${main_dir}"; then + early_glidein_failure "Cannot create '${main_dir}'" + fi - if [ -n "${client_name}" ]; then - # client name not required as it is not used for anything but debug info - echo "GLIDECLIENT_Name ${client_name}" + short_entry_dir=entry_${glidein_entry} + entry_dir="${work_dir}/${short_entry_dir}" + if ! mkdir "${entry_dir}"; then + early_glidein_failure "Cannot create '${entry_dir}'" fi - if [ -n "${client_group}" ]; then - # client group not required as it is not used for anything but debug info - echo "GLIDECLIENT_Group ${client_group}" - fi - echo "GLIDEIN_CredentialIdentifier ${glidein_cred_id}" - echo "CONDORG_CLUSTER ${condorg_cluster}" - echo "CONDORG_SUBCLUSTER ${condorg_subcluster}" - echo "CONDORG_SCHEDD ${condorg_schedd}" - echo "DEBUG_MODE ${set_debug}" - echo "GLIDEIN_STARTUP_PID $$" - echo "GLIDEIN_START_DIR_ORIG ${start_dir}" - echo "GLIDEIN_WORKSPACE_ORIG $(pwd)" - echo "GLIDEIN_WORK_DIR ${main_dir}" - echo "GLIDEIN_ENTRY_WORK_DIR ${entry_dir}" - echo "TMP_DIR ${glide_tmp_dir}" - echo "GLIDEIN_LOCAL_TMP_DIR ${glide_local_tmp_dir}" - echo "PROXY_URL ${proxy_url}" - echo "DESCRIPTION_FILE ${descript_file}" - echo "DESCRIPTION_ENTRY_FILE ${descript_entry_file}" - echo "GLIDEIN_Signature ${sign_id}" - echo "GLIDEIN_Entry_Signature ${sign_entry_id}" if [ -n "${client_repository_url}" ]; then - echo "GLIDECLIENT_WORK_DIR ${client_dir}" - echo "GLIDECLIENT_DESCRIPTION_FILE ${client_descript_file}" - echo "GLIDECLIENT_Signature ${client_sign_id}" + short_client_dir=client + client_dir="${work_dir}/${short_client_dir}" + if ! mkdir "$client_dir"; then + early_glidein_failure "Cannot create '${client_dir}'" + fi + if [ -n "${client_repository_group_url}" ]; then - echo "GLIDECLIENT_GROUP_WORK_DIR ${client_group_dir}" - echo "GLIDECLIENT_DESCRIPTION_GROUP_FILE ${client_descript_group_file}" - echo "GLIDECLIENT_Group_Signature ${client_sign_group_id}" - fi - fi - echo "B64UUENCODE_SOURCE ${PWD}/b64uuencode.source" - echo "ADD_CONFIG_LINE_SOURCE ${PWD}/add_config_line.source" - echo "GET_ID_SELECTORS_SOURCE ${PWD}/get_id_selectors.source" - echo "LOGGING_UTILS_SOURCE ${PWD}/logging_utils.source" - echo "GLIDEIN_PATHS_SOURCE ${PWD}/glidein_paths.source" - echo "WRAPPER_LIST ${wrapper_list}" - echo "SLOTS_LAYOUT ${slots_layout}" - # Add a line saying we are still initializing... - echo "GLIDEIN_INITIALIZED 0" - # ...but be optimist, and leave advertise_only for the actual error handling script - echo "GLIDEIN_ADVERTISE_ONLY 0" - echo "GLIDEIN_CONDOR_TOKEN ${GLIDEIN_CONDOR_TOKEN}" - echo "# --- User Parameters ---" -} >> "${glidein_config}"; then - early_glidein_failure "Failed in updating '${glidein_config}'" -fi -# shellcheck disable=SC2086 -params2file ${params} + short_client_group_dir=client_group_${client_group} + client_group_dir="${work_dir}/${short_client_group_dir}" + if ! mkdir "${client_group_dir}"; then + early_glidein_failure "Cannot create '${client_group_dir}'" + fi + fi + fi -############################################ -# Setup logging -log_init "${glidein_uuid}" "${work_dir}" -# Remove these files, if they are still there -rm -rf tokens.tgz url_dirs.desc tokens -log_setup "${glidein_config}" + # Move the token files from condor to glidein workspace + # TODO: compare this w/ setup_x509.sh + # monitoring tokens, Should be using same credentials directory? + mv "${start_dir}/tokens.tgz" . + mv "${start_dir}/url_dirs.desc" . + # idtokens are handled in setup_x509.sh - TODO: remove once verified + #for idtk in ${start_dir}/*.idtoken; do + # if cp "${idtk}" . ; then + # echo "copied idtoken ${idtk} to $(pwd)" + # else + # echo "failed to copy idtoken ${idtk} to $(pwd)" 1>&2 + # fi + #done + #if [ -e "${GLIDEIN_CONDOR_TOKEN}" ]; then + # mkdir -p ticket + # tname="$(basename ${GLIDEIN_CONDOR_TOKEN})" + # cp "${GLIDEIN_CONDOR_TOKEN}" "ticket/${tname}" + # export GLIDEIN_CONDOR_TOKEN="$(pwd)/ticket/${tname}" + #fi + + # Extract and source all the data contained at the end of this script as tarball + extract_all_data + + wrapper_list="${PWD}/wrapper_list.lst" + touch "${wrapper_list}" + + # create glidein_config + glidein_config="${PWD}/glidein_config" + if ! echo > "${glidein_config}"; then + early_glidein_failure "Could not create '${glidein_config}'" + fi + if ! { + echo "# --- glidein_startup vals ---" + echo "GLIDEIN_UUID ${glidein_uuid}" + echo "GLIDEIN_Factory ${glidein_factory}" + echo "GLIDEIN_Name ${glidein_name}" + echo "GLIDEIN_Entry_Name ${glidein_entry}" + + if [ -n "${client_name}" ]; then + # client name not required as it is not used for anything but debug info + echo "GLIDECLIENT_Name ${client_name}" + fi + if [ -n "${client_group}" ]; then + # client group not required as it is not used for anything but debug info + echo "GLIDECLIENT_Group ${client_group}" + fi + echo "GLIDEIN_CredentialIdentifier ${glidein_cred_id}" + echo "CONDORG_CLUSTER ${condorg_cluster}" + echo "CONDORG_SUBCLUSTER ${condorg_subcluster}" + echo "CONDORG_SCHEDD ${condorg_schedd}" + echo "DEBUG_MODE ${set_debug}" + echo "GLIDEIN_STARTUP_PID $$" + echo "GLIDEIN_START_DIR_ORIG ${start_dir}" + echo "GLIDEIN_WORKSPACE_ORIG $(pwd)" + echo "GLIDEIN_WORK_DIR ${main_dir}" + echo "GLIDEIN_ENTRY_WORK_DIR ${entry_dir}" + echo "TMP_DIR ${glide_tmp_dir}" + echo "GLIDEIN_LOCAL_TMP_DIR ${glide_local_tmp_dir}" + echo "PROXY_URL ${proxy_url}" + echo "DESCRIPTION_FILE ${descript_file}" + echo "DESCRIPTION_ENTRY_FILE ${descript_entry_file}" + echo "GLIDEIN_Signature ${sign_id}" + echo "GLIDEIN_Entry_Signature ${sign_entry_id}" + + if [ -n "${client_repository_url}" ]; then + echo "GLIDECLIENT_WORK_DIR ${client_dir}" + echo "GLIDECLIENT_DESCRIPTION_FILE ${client_descript_file}" + echo "GLIDECLIENT_Signature ${client_sign_id}" + if [ -n "${client_repository_group_url}" ]; then + echo "GLIDECLIENT_GROUP_WORK_DIR ${client_group_dir}" + echo "GLIDECLIENT_DESCRIPTION_GROUP_FILE ${client_descript_group_file}" + echo "GLIDECLIENT_Group_Signature ${client_sign_group_id}" + fi + fi + echo "B64UUENCODE_SOURCE ${PWD}/b64uuencode.source" + echo "ADD_CONFIG_LINE_SOURCE ${PWD}/add_config_line.source" + echo "GET_ID_SELECTORS_SOURCE ${PWD}/get_id_selectors.source" + echo "LOGGING_UTILS_SOURCE ${PWD}/logging_utils.source" + echo "GLIDEIN_PATHS_SOURCE ${PWD}/glidein_paths.source" + echo "WRAPPER_LIST ${wrapper_list}" + echo "SLOTS_LAYOUT ${slots_layout}" + # Add a line saying we are still initializing... + echo "GLIDEIN_INITIALIZED 0" + # ...but be optimist, and leave advertise_only for the actual error handling script + echo "GLIDEIN_ADVERTISE_ONLY 0" + echo "GLIDEIN_CONDOR_TOKEN ${GLIDEIN_CONDOR_TOKEN}" + echo "# --- User Parameters ---" + } >> "${glidein_config}"; then + early_glidein_failure "Failed in updating '${glidein_config}'" + fi + # shellcheck disable=SC2086 + params2file ${params} + + ############################################ + # Setup logging + log_init "${glidein_uuid}" "${work_dir}" + # Remove these files, if they are still there + rm -rf tokens.tgz url_dirs.desc tokens + log_setup "${glidein_config}" + + echo "Downloading files from Factory and Frontend" + log_write "glidein_startup.sh" "text" "Downloading file from Factory and Frontend" "debug" + + ##################################### + # Fetch descript and signature files + + # disable signature check before I get the signature file itself + # check_signature is global + check_signature=0 + + for gs_id in main entry client client_group + do + if [ -z "${client_repository_url}" ]; then + if [ "${gs_id}" = "client" ]; then + # no client file when no cilent_repository + continue + fi + fi + if [ -z "${client_repository_group_url}" ]; then + if [ "${gs_id}" = "client_group" ]; then + # no client group file when no cilent_repository_group + continue + fi + fi -echo "Downloading files from Factory and Frontend" -log_write "glidein_startup.sh" "text" "Downloading file from Factory and Frontend" "debug" + gs_id_work_dir="$(get_work_dir ${gs_id})" -##################################### -# Fetch descript and signature files + # Fetch description file + gs_id_descript_file="$(get_descript_file ${gs_id})" + fetch_file_regular "${gs_id}" "${gs_id_descript_file}" + if ! signature_file_line="$(grep "^signature " "${gs_id_work_dir}/${gs_id_descript_file}")"; then + warn "No signature in description file ${gs_id_work_dir}/${gs_id_descript_file} (wc: $(wc < "${gs_id_work_dir}/${gs_id_descript_file}" 2>/dev/null))." + glidein_exit 1 + fi + signature_file=$(echo "${signature_file_line}" | cut -s -f 2-) + + # Fetch signature file + gs_id_signature="$(get_signature ${gs_id})" + fetch_file_regular "${gs_id}" "${signature_file}" + echo "${gs_id_signature} ${signature_file}" > "${gs_id_work_dir}/signature.sha1.test" + if ! (cd "${gs_id_work_dir}" && sha1sum -c signature.sha1.test) 1>&2 ; then + warn "Corrupted signature file '${gs_id_work_dir}/${signature_file}'." + glidein_exit 1 + fi + # for simplicity use a fixed name for signature file + mv "${gs_id_work_dir}/${signature_file}" "${gs_id_work_dir}/signature.sha1" + done -# disable signature check before I get the signature file itself -# check_signature is global -check_signature=0 + # re-enable for everything else + check_signature=1 -for gs_id in main entry client client_group -do - if [ -z "${client_repository_url}" ]; then - if [ "${gs_id}" = "client" ]; then - # no client file when no cilent_repository - continue + # Now verify the description was not tampered with + # doing it so late should be fine, since nobody should have been able + # to fake the signature file, even if it faked its name in + # the description file + for gs_id in main entry client client_group + do + if [ -z "${client_repository_url}" ]; then + if [ "${gs_id}" = "client" ]; then + # no client file when no cilent_repository + continue + fi fi - fi - if [ -z "${client_repository_group_url}" ]; then - if [ "${gs_id}" = "client_group" ]; then - # no client group file when no cilent_repository_group - continue + if [ -z "${client_repository_group_url}" ]; then + if [ "${gs_id}" = "client_group" ]; then + # no client group file when no cilent_repository_group + continue + fi fi - fi - gs_id_work_dir="$(get_work_dir ${gs_id})" + gs_id_descript_file="$(get_descript_file ${gs_id})" + if ! check_file_signature "${gs_id}" "${gs_id_descript_file}"; then + gs_id_work_dir="$(get_work_dir ${gs_id})" + warn "Corrupted description file ${gs_id_work_dir}/${gs_id_descript_file}." + glidein_exit 1 + fi + done - # Fetch description file - gs_id_descript_file="$(get_descript_file ${gs_id})" - fetch_file_regular "${gs_id}" "${gs_id_descript_file}" - if ! signature_file_line="$(grep "^signature " "${gs_id_work_dir}/${gs_id_descript_file}")"; then - warn "No signature in description file ${gs_id_work_dir}/${gs_id_descript_file} (wc: $(wc < "${gs_id_work_dir}/${gs_id_descript_file}" 2>/dev/null))." + ################################################### + # get last_script, as it is used by the fetch_file + gs_id_work_dir="$(get_work_dir main)" + gs_id_descript_file="$(get_descript_file main)" + last_script="$(grep "^last_script " "${gs_id_work_dir}/${gs_id_descript_file}" | cut -s -f 2-)" + if [ -z "${last_script}" ]; then + warn "last_script not in description file ${gs_id_work_dir}/${gs_id_descript_file}." glidein_exit 1 fi - signature_file=$(echo "${signature_file_line}" | cut -s -f 2-) + #cleanup_script="$(grep "^cleanup_script " "${gs_id_work_dir}/${gs_id_descript_file}" | cut -s -f 2-)" + cleanup_script=$(grep "^GLIDEIN_CLEANUP_SCRIPT " "${glidein_config}" | cut -d ' ' -f 2-) - # Fetch signature file - gs_id_signature="$(get_signature ${gs_id})" - fetch_file_regular "${gs_id}" "${signature_file}" - echo "${gs_id_signature} ${signature_file}" > "${gs_id_work_dir}/signature.sha1.test" - if ! (cd "${gs_id_work_dir}" && sha1sum -c signature.sha1.test) 1>&2 ; then - warn "Corrupted signature file '${gs_id_work_dir}/${signature_file}'." - glidein_exit 1 - fi - # for simplicity use a fixed name for signature file - mv "${gs_id_work_dir}/${signature_file}" "${gs_id_work_dir}/signature.sha1" -done -# re-enable for everything else -check_signature=1 + ############################## + # Fetch all the other files + for gs_file_id in "main file_list" "client preentry_file_list" "client_group preentry_file_list" "client aftergroup_preentry_file_list" "entry file_list" "main precvmfs_file_list" + do + gs_id="$(echo "${gs_file_id}" |awk '{print $1}')" -# Now verify the description was not tampered with -# doing it so late should be fine, since nobody should have been able -# to fake the signature file, even if it faked its name in -# the description file -for gs_id in main entry client client_group -do - if [ -z "${client_repository_url}" ]; then - if [ "${gs_id}" = "client" ]; then - # no client file when no cilent_repository - continue + if [ -z "${client_repository_url}" ]; then + if [ "${gs_id}" = "client" ]; then + # no client file when no client_repository + continue + fi fi - fi - if [ -z "${client_repository_group_url}" ]; then - if [ "${gs_id}" = "client_group" ]; then - # no client group file when no cilent_repository_group - continue + if [ -z "${client_repository_group_url}" ]; then + if [ "${gs_id}" = "client_group" ]; then + # no client group file when no client_repository_group + continue + fi fi - fi - gs_id_descript_file="$(get_descript_file ${gs_id})" - if ! check_file_signature "${gs_id}" "${gs_id_descript_file}"; then - gs_id_work_dir="$(get_work_dir ${gs_id})" - warn "Corrupted description file ${gs_id_work_dir}/${gs_id_descript_file}." - glidein_exit 1 - fi -done + gs_file_list_id="$(echo "${gs_file_id}" |awk '{print $2}')" + + gs_id_work_dir="$(get_work_dir "${gs_id}")" + gs_id_descript_file="$(get_descript_file "${gs_id}")" + + # extract list file name + if ! gs_file_list_line="$(grep "^${gs_file_list_id} " "${gs_id_work_dir}/${gs_id_descript_file}")"; then + if [ -z "${client_repository_group_url}" ]; then + if [ "${gs_file_list_id:0:11}" = "aftergroup_" ]; then + # afterfile_.. files optional when no client_repository_group + continue + fi + fi + warn "No '${gs_file_list_id}' in description file ${gs_id_work_dir}/${gs_id_descript_file}." + glidein_exit 1 + fi + # space+tab separated file with multiple elements (was: awk '{print $2}', not safe for spaces in file name) + gs_file_list="$(echo "${gs_file_list_line}" | cut -s -f 2 | sed -e 's/[[:space:]]*$//')" -################################################### -# get last_script, as it is used by the fetch_file -gs_id_work_dir="$(get_work_dir main)" -gs_id_descript_file="$(get_descript_file main)" -last_script="$(grep "^last_script " "${gs_id_work_dir}/${gs_id_descript_file}" | cut -s -f 2-)" -if [ -z "${last_script}" ]; then - warn "last_script not in description file ${gs_id_work_dir}/${gs_id_descript_file}." - glidein_exit 1 + # fetch list file + fetch_file_regular "${gs_id}" "${gs_file_list}" + + # Fetch files contained in list + # TODO: $file is actually a list, so it cannot be double-quoted (expanding here is needed). Can it be made more robust for linters? for now, just suppress the sc warning here + # shellcheck disable=2086 + while read -r file + do + if [ "${file:0:1}" != "#" ]; then + fetch_file "${gs_id}" $file + fi + done < "${gs_id_work_dir}/${gs_file_list}" + + # Files to go into the GWMS_PATH + if [ "$gs_file_id" = "main at_file_list" ]; then + # setup here to make them available for other setup scripts + add_to_path "$gwms_bin_dir" + # all available now: gwms-python was in main,file_list; condor_chirp is in main,at_file_list + for file in "gwms-python" "condor_chirp" + do + cp "${gs_id_work_dir}/$file" "$gwms_bin_dir"/ + done + cp -r "${gs_id_work_dir}/lib"/* "$gwms_lib_dir"/ + cp "${gs_id_work_dir}/gconfig.py" "$gwms_lib_dir"/python/ + elif [ "$gs_file_id" = "main after_file_list" ]; then + # in case some library has been added/updated + rsync -ar "${gs_id_work_dir}/lib"/ "$gwms_lib_dir"/ + # new knowns binaries? add a loop like above: for file in ... + elif [[ "$gs_file_id" = client* ]]; then + # TODO: gwms25073 this is a workaround until there is an official designation for setup script fragments + [[ -e "${gs_id_work_dir}/setup_prejob.sh" ]] && { cp "${gs_id_work_dir}/setup_prejob.sh" "$gwms_exec_dir"/prejob/ ; chmod a-x "$gwms_exec_dir"/prejob/setup_prejob.sh ; } + fi + done +fi + +if [[ -n "$gwms_cvmfs_reexec" && "$gwms_cvmfs_reexec" == "yes" ]]; then + # gwms_cvmfs_reexec is not empty; meaning this block is being run inside of cvmfsexec environment + echo "======================== control flow is inside reinvocation of glidein_startup.sh ========================" + printenv GLIDEIN_CONFIG > /dev/null + status=$? + if [[ ${status} -eq 0 ]]; then + work_dir=$(printenv GLIDEIN_WORK_DIR | sed "s/ //g") + glidein_config=$(printenv GLIDEIN_CONFIG | sed "s/ //g") + repository_url=$(printenv REPOSITORY_URL | sed "s/ //g") + main_dir=$(printenv GWMS_MAIN_DIR | sed "s/ //g") + last_script=$(printenv LAST_SCRIPT | sed "s/ //g") + check_signature=$(printenv CHECK_SIGNATURE | sed "s/ //g") + startup_time=$(printenv STARTUP_TIME | sed "s/ //g") + cvmfs_config_repo=$(printenv GLIDEIN_CVMFS_CONFIG_REPO | sed "s/ //g") + cvmfs_add_repos=$(printenv GLIDEIN_CVMFS_REPOS | sed "s/ //g") + gwms_cvmfsexec_mode=$(printenv GWMS_CVMFSEXEC_MODE | sed "s/ //g") + client_repository_url=$(printenv CLIENT_REPOSITORY_URL | sed "s/ //g") + client_repository_group_url=$(printenv CLIENT_REPOSITORY_GROUP_URL | sed "s/ //g") + wrapper_list=$(printenv WRAPPER_LIST | sed "s/ //g") + gwms_exec_dir=$(printenv GWMS_EXEC_DIR | sed "s/ //g") + fi + + # re-sourcing the helper script inside of cvmfsexec environment + . "$work_dir"/cvmfs_helper_funcs.sh + + mount_cvmfs_repos $gwms_cvmfsexec_mode $gwms_cvmfs_reexec $cvmfs_config_repo $cvmfs_add_repos + echo "GWMS_IS_CVMFS set to $GWMS_IS_CVMFS (mode 3)" + + # check if the cvmfs repos are still mounted inside of reinvocation + df -h + echo "CVMFS_MOUNT_DIR is $(printenv CVMFS_MOUNT_DIR) in mode 3" + + # re-source all the scripts as it'd have been done during the first invocation of this script + extract_all_data + + log_setup "${glidein_config}" fi -#cleanup_script="$(grep "^cleanup_script " "${gs_id_work_dir}/${gs_id_descript_file}" | cut -s -f 2-)" -cleanup_script=$(grep "^GLIDEIN_CLEANUP_SCRIPT " "${glidein_config}" | cut -d ' ' -f 2-) +echo "*************** BEFORE THE SECOND FOR LOOP ***************" +glidein_debug_options=$(gconfig_get GLIDEIN_DEBUG_OPTIONS "$glidein_config") +glidein_debug_output=$(gconfig_get GLIDEIN_DEBUG_OUTPUT "$glidein_config") +echo "-*-*-*-*-*- glidein_debug_options: $glidein_debug_options -*-*-*-*-*-" +echo "-*-*-*-*-*- glidein_debug_output: $glidein_debug_output -*-*-*-*-*-" +export GLIDEIN_DEBUG_OPTIONS=$glidein_debug_options +export GLIDEIN_DEBUG_OUTPUT=$glidein_debug_output +echo "**********************************************************" -############################## -# Fetch all the other files -for gs_file_id in "main file_list" "client preentry_file_list" "client_group preentry_file_list" "client aftergroup_preentry_file_list" "entry file_list" "main at_file_list" "client file_list" "client_group file_list" "client aftergroup_file_list" "main after_file_list" +for gs_file_id in "main at_file_list" "client file_list" "client_group file_list" "client aftergroup_file_list" "main after_file_list" do - gs_id="$(echo "${gs_file_id}" |awk '{print $1}')" + gs_id="$(echo "${gs_file_id}" |awk '{print $1}')" # one of four possibilities if [ -z "${client_repository_url}" ]; then if [ "${gs_id}" = "client" ]; then @@ -1969,7 +2108,6 @@ do # fetch list file fetch_file_regular "${gs_id}" "${gs_file_list}" - # Fetch files contained in list # TODO: $file is actually a list, so it cannot be double-quoted (expanding here is needed). Can it be made more robust for linters? for now, just suppress the sc warning here # shellcheck disable=2086