#!/bin/sh if [ $# != 5 ] then echo "usage: $0 " >&2 exit 1 fi GLEXEC="$1" PROXY="$2" SANDBOX="$3" MAX_GLEXEC_ERRORS="$4" MIN_GLEXEC_RETRY_DELAY="$5" # move the condor-owned sandbox aside to make way for the job's # mv "$SANDBOX" "$SANDBOX.condor" # tar up the contents of the sandbox and pipe them over to # a process running as the job owner via glexec # SH=`readlink -f /bin/sh` GLEXEC_CLIENT_CERT="$SANDBOX.condor/$PROXY" export GLEXEC_CLIENT_CERT # prevent glexec from creating a proxy in /tmp that is not cleaned up GLEXEC_TARGET_PROXY=/dev/null export GLEXEC_TARGET_PROXY glexec_errors=0 while [ 1 ]; do tar -C "$SANDBOX.condor" -c . | \ "$GLEXEC" "$SH" -c "install -m 755 -d \"$SANDBOX\" && tar -C \"$SANDBOX\" -x" glexec_rc=$? if [ $glexec_rc -eq 0 ]; then break elif [ $glexec_rc -ne 202 ] && [ $glexec_rc -ne 203 ]; then # Either a non-transient glexec error, or an error from the command # we are asking glexec to run. exit 2 fi # This _could_ be a transient issue, such as a communication error with GUMS, # so retry up to some limit. glexec_errors=$(( $glexec_errors + 1 )) if [ $glexec_errors -gt $MAX_GLEXEC_ERRORS ]; then exit 3 fi # truncated exponential backoff # sleep for X * min(100,1+random_number_in_range(0,glexec_errors-1)) delay_rand=$(( (1 + 0x0$(hexdump -n 4 -e '"%4x\n"' /dev/urandom) % $glexec_errors) % 100 )) delay=$(( $MIN_GLEXEC_RETRY_DELAY * $delay_rand )) echo "Glexec exited with status $glexec_rc; retrying in $delay seconds." >&2 sleep $delay done # now get rid of everything in the condor-owned sandbox except # the proxy # for FILE in "$SANDBOX.condor"/* "$SANDBOX.condor"/.* do if [ "$FILE" = "$SANDBOX.condor/." ] then continue fi if [ "$FILE" = "$SANDBOX.condor/.." ] then continue fi if [ "$FILE" = "$SANDBOX.condor/$PROXY" ] then continue fi rm -rf "$FILE" done