Quality Criteria Verification Report ==================================== Product: fts3 Release: fts3.centos7.x86_64-3.4.3 Software Provider: fts3 RT Ticket: 11221 Provider contact: fts3-steering@cern.ch Verifier: Ruben Diez Hours worked: 10min Date: 22/06/2016 Status: Accepted Summary ======= None. Related tickets =============== None. Documentation Criteria ====================== * Release notes: http://fts3-service.web.cern.ch/documentation/releases#qt-release-ui-tabs3 * User Documentation: http://fts3-service.web.cern.ch/documentation/releases#qt-release-ui-tabs3 * API Documentation: http://fts3-service.web.cern.ch/documentation/releases#qt-release-ui-tabs3 * Admin Documentation: http://fts3-service.web.cern.ch/documentation/releases#qt-release-ui-tabs3 * Software License: ASL 2.0 Generic Criteria ================ (Possible Statuses: OK, WARN, FAIL, NA (Not Applicable) or NT (Not Tested)) * Binary Distribution: OK * Upgrade: OK * X.509 Certificate support: OK * SHA-2 Certificates Support: NA * RFC Proxy support: NA * ARGUS Integration: NA * World Writable Files: OK * Passwords in world readable files: OK * GlueSchema 1.3 Support: NA * GlueSchema 2.0 Support: NA * Middleware Version Information: NA * Service Probes: NA * Accounting Records: NA * Bug Tracking System: OK Verification Logs ================= [INFO] Using UMD 4 release repository [INFO] Using UMD verification repository: ['http://admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.sl6.x86_64/3/4/3'] [WARN] No installation type provided: performing installation. [INFO] Metapackage/s selected: + fts-server + fts-client + fts-rest + fts-monitoring + fts-mysql + fts-server-selinux + fts-msg + fts-ext UMD verification tool ===================== Quality criteria: http://egi-qc.github.io Codebase: https://github.com/egi-qc/umd-verification Path locations | | log_path logs | yaim_path etc/yaim | puppet_path etc/puppet Production repositories | | umd_release_pkg http://repository.egi.eu/sw/production/umd/4/centos7/x86_64/base/umd-release-4.0.0-1.el7.noarch.rpm | igtf_repo http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo | epel_release http://mirror.uv.es/mirror/fedora-epel//epel-release-latest-7.noarch.rpm [INFO] Using the following UMD verification repositories + http://admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/ [localhost] local: sudo -E wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo -O /etc/yum.repos.d/EGI-trustanchors.repo [INFO] Repository 'http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo' added [localhost] local: sudo -E yum clean all [localhost] local: sudo -E yum -y makecache fast [localhost] local: sudo -E yum -y install ca-policy-egi-core [INFO] Generating own certificates [localhost] local: sudo -E mkdir -p /root/UMDVerificationOwnCA [localhost] local: sudo -E openssl req -x509 -nodes -days 1 -newkey rsa:2048 -out ca.pem -outform PEM -keyout ca.key -subj '/DC=es/DC=UMDverification/CN=UMDVerificationOwnCA' [localhost] local: sudo -E openssl x509 -noout -hash -in ca.pem [localhost] local: sudo -E cp ca.pem /etc/grid-security/certificates/0d2a3bdd.0 [localhost] local: sudo -E echo "01" > crlnumber [localhost] local: sudo -E touch index.txt [localhost] local: sudo -E openssl ca -config openssl.cnf -gencrl -keyfile ca.key -cert ca.pem -out crl.pem [localhost] local: sudo -E cp crl.pem /etc/grid-security/certificates/0d2a3bdd.r0 [localhost] local: sudo -E openssl req -newkey rsa:2048 -nodes -sha1 -keyout cert.key -keyform PEM -out cert.req -outform PEM -subj '/DC=es/DC=UMDverification/CN=centos7-nova-521.privatevlan.cloud.ifca.es' -config openssl.cnf [localhost] local: sudo -E openssl x509 -req -in cert.req -CA ca.pem -CAkey ca.key -CAcreateserial -extensions v3_req -extfile openssl.cnf -out cert.crt -days 1 [localhost] local: sudo -E chmod 600 cert.key [localhost] local: sudo -E cp cert.key /etc/grid-security/hostkey.pem [INFO] Private key stored in '/etc/grid-security/hostkey.pem' (with 600 perms). [localhost] local: sudo -E cp cert.crt /etc/grid-security/hostcert.pem [INFO] Public key stored in '/etc/grid-security/hostcert.pem'. [[QC_DIST_1: Binary Distribution]] [localhost] local: sudo -E yum -y remove umd-release* [localhost] local: sudo -E /bin/rm -f /etc/yum.repos.d//UMD-* [localhost] local: sudo -E rpm --import http://repository.egi.eu/sw/production/umd/UMD-RPM-PGP-KEY [INFO] Repository key added: http://repository.egi.eu/sw/production/umd/UMD-RPM-PGP-KEY [localhost] local: sudo -E wget http://repository.egi.eu/sw/production/umd/4/centos7/x86_64/base/umd-release-4.0.0-1.el7.noarch.rpm -O /tmp/umd-release-4.0.0-1.el7.noarch.rpm [INFO] Log directory 'logs' has been created. [INFO] UMD release package fetched from http://repository.egi.eu/sw/production/umd/4/centos7/x86_64/base/umd-release-4.0.0-1.el7.noarch.rpm [localhost] local: sudo -E yum -y install /tmp/umd-release-4.0.0-1.el7.noarch.rpm [INFO] UMD release package installed. [localhost] local: sudo -E rm -rf /tmp/repofiles/* [localhost] local: sudo -E wget -P /tmp/repofiles -r --no-parent -R*.html* http://admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/ [FAIL] Could not fetch repository 'http://admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/' See more information in logs (qc_inst_1.stderr). [INFO] Verification repository 'FTS3.fts3.centos7.x86_64.repo' enabled. [localhost] local: sudo -E yum clean all [localhost] local: sudo -E yum -y makecache fast [localhost] local: sudo -E yum repolist [INFO] Using repositories: ['EGI-trustanchors', 'FTS3.fts3.centos7.x86_64 FTS3.fts3.centos7.x86_64', 'UMD-4-base/x86_64', 'UMD-4-updates/x86_64', 'base/7/x86_64', 'epel/x86_64', 'extras/7/x86_64', 'updates/7/x86_64'] [localhost] local: sudo -E yum -y install fts-server fts-client fts-rest fts-monitoring fts-mysql fts-server-selinux fts-msg fts-ext [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-client-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-infosys-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-libs-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-monitoring-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-monitoring-selinux-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-msg-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-mysql-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-python-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-rest-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-rest-cli-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-rest-cloud-storage-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-rest-http-authz-signed-cert-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-rest-oauth2-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-rest-selinux-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-server-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/fts-server-selinux-3.4.3-1.el7.x86_64.rpm [localhost] local: sudo -E rpm -qp --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' /tmp/repofiles/admin-repo.egi.eu/sw/unverified/umd-4.fts3.fts3.centos7.x86_64/3/4/3/python-fts-3.4.0-1.el7.noarch.rpm [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-rest [INFO] 'fts-rest' installed version: '3.4.0-1.el7.noarch' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-rest-oauth2 [INFO] 'fts-rest-oauth2' not installed [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-libs [INFO] 'fts-libs' installed version: '3.4.3-1.el7.x86_64' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-server [INFO] 'fts-server' installed version: '3.4.3-1.el7.x86_64' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-infosys [INFO] 'fts-infosys' not installed [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-rest-cli [INFO] 'fts-rest-cli' not installed [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-rest-selinux [INFO] 'fts-rest-selinux' not installed [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-msg [INFO] 'fts-msg' installed version: '3.4.3-1.el7.x86_64' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-monitoring-selinux [INFO] 'fts-monitoring-selinux' not installed [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-rest-http-authz-signed-cert [INFO] 'fts-rest-http-authz-signed-cert' not installed [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' python-fts [INFO] 'python-fts' installed version: '3.4.0-1.el7.noarch' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-rest-cloud-storage [INFO] 'fts-rest-cloud-storage' not installed [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-mysql [INFO] 'fts-mysql' installed version: '3.4.3-1.el7.x86_64' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-client [INFO] 'fts-client' installed version: '3.4.3-1.el7.x86_64' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-monitoring [INFO] 'fts-monitoring' installed version: '3.4.0-1.el7.noarch' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-server-selinux [INFO] 'fts-server-selinux' installed version: '3.4.3-1.el7.x86_64' [localhost] local: sudo -E rpm -q --queryformat '%{NAME} %{VERSION}-%{RELEASE}.%{ARCH}\n' fts-python [INFO] 'fts-python' not installed [localhost] local: sudo -E yum -q list python-routes globus-gss-assist fts-libs python-nose fts-mysql python-formencode globus-common boost-system globus-gsi-sysconfig boost-atomic python-repoze-lru python-tempita gridsite-libs apr-util globus-gsi-callback selinux-policy fts-server-selinux python-markupsafe is-interface pyOpenSSL soci-mysql python-myghty globus-gass-transfer srm-ifce activemq-cpp gfal2-python httpd-tools globus-ftp-control python-webtest MySQL-python globus-gass-copy boost-thread mailcap canl-c boost-iostreams fts-monitoring gfal2-plugin-srm globus-gsi-cert-utils globus-xio-popen-driver globus-gsi-proxy-core c-ares boost-program-options python-paste-deploy boost-regex m2crypto libicu python-webhelpers fts-server apr python-paste globus-gssapi-gsi fts-rest httpd python-sqlalchemy python-webob soci globus-openssl-module python-django python-simplejson gridsite gfal2-plugin-http gfal2-plugin-gridftp voms davix-libs pugixml python-mako globus-xio python-fts globus-gsi-credential python-beaker python-cherrypy globus-callout selinux-policy-targeted mod_ssl globus-gssapi-error globus-gsi-proxy-ssl globus-io CGSI-gSOAP globus-gsi-openssl-error python-weberror fts-client mod_wsgi boost-python globus-xio-gsi-driver fts-msg libtool-ltdl gfal2 globus-ftp-client python-django-bash-completion gsoap python-paste-script python-pylons boost-filesystem [INFO] Metapackage 'fts-server' installed version: fts-server-3.4.3-1.el7.x86_64 - @FTS3.fts3.centos7.x86_64 [INFO] Metapackage 'fts-client' installed version: fts-client-3.4.3-1.el7.x86_64 - @FTS3.fts3.centos7.x86_64 [INFO] Metapackage 'fts-rest' installed version: fts-rest-3.4.0-1.el7.noarch - @FTS3.fts3.centos7.x86_64 [INFO] Metapackage 'fts-monitoring' installed version: fts-monitoring-3.4.0-1.el7.noarch - @FTS3.fts3.centos7.x86_64 [INFO] Metapackage 'fts-mysql' installed version: fts-mysql-3.4.3-1.el7.x86_64 - @FTS3.fts3.centos7.x86_64 [INFO] Metapackage 'fts-server-selinux' installed version: fts-server-selinux-3.4.3-1.el7.x86_64 - @FTS3.fts3.centos7.x86_64 [INFO] Metapackage 'fts-msg' installed version: fts-msg-3.4.3-1.el7.x86_64 - @FTS3.fts3.centos7.x86_64 [OK] Installation ended successfully. [[QC_SEC_2: SHA-2 Certificates Support]] [localhost] local: sudo -E yum -y install mariadb-server [localhost] local: sudo -E systemctl start mariadb [localhost] local: sudo -E mysql -e "drop database IF EXISTS ftsdb" [localhost] local: sudo -E mysql -e "create database ftsdb" [localhost] local: sudo -E mysql ftsdb < /usr/share/fts-mysql/mysql-schema.sql [localhost] local: sudo -E mysql -e "GRANT ALL ON ftsdb.* TO ora_user@'localhost' IDENTIFIED BY 'ora_pass';" [localhost] local: sudo -E mysql -e "FLUSH PRIVILEGES;" [localhost] local: sudo -E yum -y install mod_ssl [localhost] local: sudo -E yum -y install puppet [localhost] local: sudo -E facter -p puppetversion [localhost] local: sudo -E puppet module install CERNOps-fetchcrl --force [localhost] local: sudo -E puppet module install puppetlabs-firewall --force [localhost] local: sudo -E puppet module install puppetlabs-stdlib --force [localhost] local: sudo -E puppet module install cprice404-inifile --force [localhost] local: sudo -E puppet module install domcleal-augeasproviders --force [localhost] local: sudo -E puppet module install erwbgy-limits --force [localhost] local: sudo -E wget https://github.com/egi-qc/puppet-fts/archive/umd.tar.gz -O /tmp/umd.tar.gz [localhost] local: sudo -E puppet module install /tmp/umd.tar.gz --force [localhost] local: sudo -E mkdir /etc/puppet/hieradata [localhost] local: sudo -E cp etc/puppet/fts.yaml /etc/puppet/hieradata/ [localhost] local: sudo -E puppet config print modulepath [localhost] local: sudo -E puppet apply --modulepath /etc/puppet/modules:/usr/share/puppet/modules etc/puppet/fts.pp --detail-exitcodes [INFO] Puppet execution ended successfully (some warnings though, check logs) [OK] Product services can manage SHA-2 certs. [[QC_SEC_5: World Writable Files]] [localhost] local: sudo -E find / -not \( -path "/proc" -prune \) -not \( -path "/sys" -prune \) -type f -perm -002 -exec ls -l {} \; [OK] Found no world-writable file. [localhost] local: sudo -E yum -y install glue-validator [[QC_INFO_1: GlueSchema 1.3 Support]] [NA] Product does not publish information through BDII. [[QC_INFO_2: GlueSchema 2.0 Support]] [NA] Product does not publish information through BDII. [[QC_INFO_3: Middleware Version Information]] [NA] Product does not publish information through BDII. [[QC_MON_1: Service Probes]] [NA] Product cannot be tested by Nagios. [INFO] No QC-specific ID provided: no specific QC probes will be ran. Archiving artifacts Finished: SUCCESS New Features/Fixed Bugs ======================= None. Additional Info =============== Puppet configuration used: https://github.com/egi-qc/puppet-fts