From b17702a4b1a54714d4a24a75b675578e9e5712da Mon Sep 17 00:00:00 2001 From: Andre Sailer Date: Tue, 18 Jun 2024 12:46:31 +0200 Subject: [PATCH] sweep: #7675 HTCondorCE: fix HOME for useSSL --- src/DIRAC/Core/Security/Locations.py | 12 ++++++------ .../Computing/HTCondorCEComputingElement.py | 14 +++++++++----- 2 files changed, 15 insertions(+), 11 deletions(-) diff --git a/src/DIRAC/Core/Security/Locations.py b/src/DIRAC/Core/Security/Locations.py index 6e01b51c4da..bbde2d51eda 100644 --- a/src/DIRAC/Core/Security/Locations.py +++ b/src/DIRAC/Core/Security/Locations.py @@ -150,9 +150,9 @@ def getCertificateAndKeyLocation(): if "X509_USER_CERT" in os.environ: if os.path.exists(os.environ["X509_USER_CERT"]): certfile = os.environ["X509_USER_CERT"] - if not certfile: - if os.path.exists(os.environ["HOME"] + "/.globus/usercert.pem"): - certfile = os.environ["HOME"] + "/.globus/usercert.pem" + if not certfile and (home := os.environ.get("HOME")): + if os.path.exists(home + "/.globus/usercert.pem"): + certfile = home + "/.globus/usercert.pem" if not certfile: return False @@ -161,9 +161,9 @@ def getCertificateAndKeyLocation(): if "X509_USER_KEY" in os.environ: if os.path.exists(os.environ["X509_USER_KEY"]): keyfile = os.environ["X509_USER_KEY"] - if not keyfile: - if os.path.exists(os.environ["HOME"] + "/.globus/userkey.pem"): - keyfile = os.environ["HOME"] + "/.globus/userkey.pem" + if not keyfile and (home := os.environ.get("HOME")): + if os.path.exists(home + "/.globus/userkey.pem"): + keyfile = home + "/.globus/userkey.pem" if not keyfile: return False diff --git a/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py b/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py index 9afad72245c..9bd8c007081 100644 --- a/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py +++ b/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py @@ -58,7 +58,7 @@ import uuid from DIRAC import S_ERROR, S_OK, gConfig -from DIRAC.Core.Security.Locations import getCAsLocation, getCertificateAndKeyLocation +from DIRAC.Core.Security.Locations import getCAsLocation from DIRAC.Core.Utilities.File import mkDir from DIRAC.Core.Utilities.List import breakListIntoChunks from DIRAC.Core.Utilities.Subprocess import systemCall @@ -247,14 +247,18 @@ def _executeCondorCommand(self, cmd, keepTokenFile=False): } if self.useSSLSubmission: - if not (certAndKey := getCertificateAndKeyLocation()): - return S_ERROR("You want to use SSL Submission, but no certificate and key are present") + certFile = "/home/dirac/.globus/usercert.pem" + keyFile = "/home/dirac/.globus/userkey.pem" + if not (os.path.exists(certFile) and os.path.exists(keyFile)): + return S_ERROR( + "You want to use SSL Submission, but certificate and key are not present in /home/dirac/.globus/" + ) if not (caFiles := getCAsLocation()): return S_ERROR("You want to use SSL Submission, but no CA files are present") htcEnv = { "_condor_SEC_CLIENT_AUTHENTICATION_METHODS": "SSL", - "_condor_AUTH_SSL_CLIENT_CERTFILE": certAndKey[0], - "_condor_AUTH_SSL_CLIENT_KEYFILE": certAndKey[1], + "_condor_AUTH_SSL_CLIENT_CERTFILE": certFile, + "_condor_AUTH_SSL_CLIENT_KEYFILE": keyFile, "_condor_AUTH_SSL_CLIENT_CADIR": caFiles, "_condor_AUTH_SSL_SERVER_CADIR": caFiles, "_condor_AUTH_SSL_USE_CLIENT_PROXY_ENV_VAR": "false",