This file is indexed.

/usr/sbin/myproxy-server-setup is in myproxy-admin 5.9-6.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
#!/usr/bin/perl -w

# myproxy-server-setup: interactive myproxy-server installer

use File::Temp qw(tempdir);
use IPC::Open3;

$CONFIG = "/etc/myproxy-server.config";

$tmpdir = tempdir(CLEANUP => 1);

&checksanity();
&checkcerts();
&setupconfig();
&setupboot();
&startserver();
&testserver();

exit 0;

sub checksanity {
    die "must be run as root, stopped" if ($>);
    die "\$GLOBUS_LOCATION not defined, stopped"
        if (!defined $ENV{'GLOBUS_LOCATION'});
	chomp($gpi = `which grid-proxy-init 2>/dev/null`);
	die "grid-proxy-init not in PATH, stopped" if (!(-x $gpi));
	chomp($gpd = `which grid-proxy-destroy 2>/dev/null`);
	die "grid-proxy-destroy not in PATH, stopped" if (!(-x $gpd));
	chomp($mps = `which myproxy-server 2>/dev/null`);
	die "myproxy-server not in PATH, stopped" if (!(-x $mps));
}

sub checkcerts {
    if (defined $ENV{'X509_USER_CERT'}) {
        $hostcert = $ENV{'X509_USER_CERT'};
    } else {
        $hostcert = "/etc/grid-security/hostcert.pem";
    }
    if (defined $ENV{'X509_USER_KEY'}) {
        $hostkey = $ENV{'X509_USER_KEY'};
    } else {
        $hostkey = "/etc/grid-security/hostkey.pem";
    }
    if (!-e $hostcert && !-e $hostkey) {
        die "no host credentials found, stopped";
    }
    $cmd = "$gpi -debug -verify -cert $hostcert -key $hostkey -out $tmpdir/p";
    ($exitstatus, $output) = &runcmd($cmd, undef);
    system("$gpd $tmpdir/p >/dev/null 2>&1");
    if ($exitstatus) {
        print STDERR "Problem with host credentials:\n$output\n";
        exit 1;
    }
}

sub setupconfig {
  if (-e $CONFIG) {
    print "Existing $CONFIG not modified.\n";
  } else {
    open(CONF, ">$CONFIG") || die "failed to open $CONFIG, stopped";
    print CONF "# Default policy written by myproxy-server-setup.\n";
    print CONF "accepted_credentials  \"*\"\n";
    print CONF "authorized_retrievers \"*\"\n";
    print CONF "default_retrievers    \"*\"\n";
    print CONF "authorized_renewers   \"*\"\n";
    print CONF "default_renewers      \"none\"\n";
    print CONF "authorized_key_retrievers \"*\"\n";
    print CONF "default_key_retrievers    \"none\"\n";
    print CONF "trusted_retrievers    \"*\"\n";
    print CONF "default_trusted_retrievers \"none\"\n";
    print CONF "cert_dir /etc/grid-security/certificates\n";
    close(CONF);
    print "Wrote a default myproxy-server configuration to $CONFIG.\n";
  }
}

sub setupboot {
  if (-e "/etc/init.d/myproxy") {
    print "Existing /etc/init.d/myproxy not modified.\n";
  } elsif (-e "/etc/rc.d/init.d/myproxy") {
    print "Existing /etc/rc.d/init.d/myproxy not modified.\n"
  } elsif (-d "/etc/init.d") {
    $initdir = "/etc/init.d";
  } elsif (-d "/etc/rc.d/init.d") {
    $initdir = "/etc/rc.d/init.d";
  } else {
    print "No init.d directory found.  Manual installation of myproxy init script required.\n";
  }
  if (defined $initdir) {
    $IN = "$ENV{'GLOBUS_LOCATION'}/share/myproxy/etc.init.d.myproxy";
    open(IN) || die "failed to open $IN, stopped";
    open(OUT, ">$initdir/myproxy") ||
      die "failed to open $initdir/myproxy, stopped";
    while (<IN>) {
      if (/GLOBUS_LOCATION=/) {
        print OUT "GLOBUS_LOCATION=\"$ENV{'GLOBUS_LOCATION'}\"\n";
      } else {
        print OUT;
      }
    }
    close(IN);
    close(OUT);
    chmod(0755, "$initdir/myproxy");
    print "Installed $initdir/myproxy.\n";
    if (-x "/sbin/chkconfig") {
      $chkconfig = "/sbin/chkconfig";
    } elsif (-x "/usr/sbin/chkconfig") {
      $chkconfig = "/usr/sbin/chkconfig";
    } else {
      chomp($chkconfig = `which chkconfig 2>/dev/null`);
    }
    if (-x "/sbin/update-rc.d") {
      $updatercd = "/sbin/update-rc.d";
    } elsif (-x "/usr/sbin/update-rc.d") {
      $updatercd = "/usr/sbin/update-rc.d";
    } else {
      chomp($updatercd = `which update-rc.d 2>/dev/null`);
    }
    if (-x $chkconfig) {
      system("$chkconfig --add myproxy");
    } elsif (-x $updatercd) {
      system("update-rc.d myproxy defaults");
    } else {
      print "Manual configuration of rc.d links may be required.\n";
    }
  }
}

sub startserver {
  if (defined $initdir && -x "$initdir/myproxy") {
    system("$initdir/myproxy start") &&
      die "failed to start myproxy-server, stopped";
  } else {
    print "Starting myproxy-server.\n";
    system("myproxy-server") &&
      die "failed to start myproxy-server, stopped";
  }
}

sub testserver {
  print "Running myproxy-server tests...\n";
  delete $ENV{'$COG_INSTALL_PATH'};
  $ENV{'X509_USER_PROXY'} = "$tmpdir/p";
  $cmd = "$gpi -cert $hostcert -key $hostkey -out $ENV{'X509_USER_PROXY'}";
  system("$cmd >/dev/null 2>&1");
  ($exitstatus, $output) = &runcmd("myproxy-test", undef);
  system("$gpd $ENV{'X509_USER_PROXY'} >/dev/null 2>&1");
  if ($exitstatus) {
    print STDERR "myproxy-test failed:\n$output\n";
    exit 1;
  } else {
    print "Success!\n";
  }
}

sub runcmd {
    local($command, $input) = @_;

    $pid = open3(*Writer, *Reader, '', "exec $command") ||
      die "failed to run $command";
    print Writer $input if (defined($input));
    close(Writer);
    @output = <Reader>;
    close(Reader);
    waitpid($pid, 0);
    $exitstatus = $?;
    $output = join('', @output);

    return ($exitstatus, $output);
}