Add scripts and templates to manage the mount and umount of the workspace.

smartgears/r_connector/defaults/main.yml

@@ -9,6 +9,8 @@ r_connector_filename: '{{ r_connector_name }}-{{ r_connector_ver }}.{{ r_connect
 r_connector_usershome: /home/
 r_connector_userconfig: userconfig.csv
 r_connector_adduserscript: /usr/local/bin/rusersadd
+r_connector_workspace_unmount: /usr/local/bin/rconnector_unmount
+r_connector_workspace_mountpoint: workspace
 r_connector_rstudio_cookie_key: /var/lib/rstudio-server/secure-cookie-key
 r_connector_rprofile_svn_url: 'http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/data-analysis/RConfiguration/RStudioConfiguration'
 r_connector_rprofile_filename: '.Rprofile'

smartgears/r_connector/tasks/main.yml

@@ -8,13 +8,16 @@
       notify: Restart smartgears 
 
     - name: Remove the packages required to enable the LDAP PAM authentication
-      become: False
+      become_user: root
       apt: pkg={{ item }} state=absent
       with_items: '{{ r_connector_deb_pkgs }}'
 
-    - name: Remove the connector raddusers script
-      become: False
-      file: dest={{ r_connector_adduserscript }} state=absent
+    - name: Remove the connector raddusers and rconnector_unmount scripts
+      become_user: root
+      file: dest={{ item }} state=absent
+      with_items:
+        - '{{ r_connector_adduserscript }}'
+        - '{{ r_connector_workspace_unmount }}'
 
     - name: Remove the RConfiguration repo
       file: dest={{ r_connector_rprofile_path }} state=absent
@@ -29,7 +32,7 @@
 
 - block:
     - name: Get the R Connector war
-      maven_artifact: artifact_id={{ r_connector_name }} version={{ r_connector_ver | default('latest') }} group_id={{ r_connector_group_id }} extension={{ r_connector_extension }} repository_url={{ smartgears_global_base_url }} dest={{ smartgears_downloads_dir }}/{{ r_connector_filename }}
+      maven_artifact: artifact_id={{ r_connector_name }} version={{ r_connector_ver | default('latest') }} group_id={{ r_connector_group_id }} extension={{ r_connector_extension }} repository_url={{ smartgears_global_base_url }} dest={{ smartgears_downloads_dir }}/{{ r_connector_filename }} verify_checksum=always
       register: r_connector_download
 
     - name: Remove the installed R connector before upgrading
@@ -58,10 +61,14 @@
       template: src=r-web.xml.j2 dest={{ smartgears_instance_path }}/webapps/{{ r_connector_name }}/WEB-INF/web.xml mode=0440
       notify: Restart smartgears 
 
-    - name: Install the R add users script
+    - name: Install the rconnector add users script
       become_user: root
       template: src=rusersadd.j2 dest={{ r_connector_adduserscript }} owner=root group=root mode=0555
 
+    - name: Install the script that unmounts the remote workspace
+      become_user: root
+      template: src=rconnector_unmount dest={{ r_connector_workspace_unmount }} owner=root group=root mode=0555
+
     - name: Crete the directory that will host the RConfiguration stuff
       become_user: root
       file: dest={{ r_connector_rprofile_base_dir }} owner={{ d4science_user }} group={{ d4science_user }} state=directory

smartgears/r_connector/templates/r-web.xml.j2

@@ -11,6 +11,10 @@
 		<param-name>addUserScript</param-name>
 		<param-value>{{ r_connector_adduserscript }}</param-value>
 	</context-param>
+	<context-param>
+		<param-name>unmountScript</param-name>
+		<param-value>{{ r_connector_workspace_unmount }}</param-value>
+	</context-param>
 	<context-param>
 		<param-name>storedKeyPath</param-name>
 		<param-value>{{ r_connector_rstudio_cookie_key }}</param-value>
@@ -19,6 +23,11 @@
 		<param-name>rStudioAddress</param-name>
 		<param-value>{{ ansible_fqdn }}</param-value>
 	</context-param>
+	<context-param>
+		<param-name>unmountScript</param-name>
+		<param-value>{{ r_connector_workspace_unmount }}</param-value>
+	</context-param>
+
 	<servlet>
     	<servlet-name>org.gcube.data.analysis.rconnector.RConnector</servlet-name>
     </servlet>

smartgears/r_connector/templates/rconnector_unmount

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+WORKSPACE_USER=$1
+RETVAL=0
+RCONNECTOR_WORKSPACE_MOUNTPOINT="{{ r_connector_workspace_mountpoint }}"
+
+MOUNT_WORKSPACE_PID=$( ps auwwx | grep -i java | grep "$WORKSPACE_USER" | grep "$RCONNECTOR_WORKSPACE_MOUNTPOINT" | grep -v sudo | awk '{print $2}' )
+
+if [ ! -z "$MOUNT_WORKSPACE_PID" ] ; then
+    logger "rconnector_unmount: trying to unmount the workspace of the user $WORKSPACE_USER, pid $MOUNT_WORKSPACE_PID"
+    sudo /bin/kill -15 "$MOUNT_WORKSPACE_PID"
+    RETVAL=$?
+    logger "rconnector_unmount: umount result: $RETVAL"
+else
+    logger "rconnector_unmount: no mounted workspace for the user $WORKSPACE_USER"
+fi
+
+exit $RETVAL

smartgears/r_connector/templates/rusersadd.j2

@@ -1,40 +1,72 @@
 #!/bin/bash
-
-USER="$1"
-HDIR="{{ r_connector_usershome }}$USER" 
+DEBUG=1
+if [ $DEBUG -eq 0 ] ; then
+    set -x
+    exec 2>/var/tmp/rusersadd.log
+fi
 # We use logger to log directly to syslog
 LOG_PREFIX="r-connector rusersadd:"
+
+USER="$1"
+GCUBE_TOKEN=
+GCUBE_SCOPES=
+REMOTE_WORKSPACE_MOUNT=0
+if [ $# -ne 3 ] ; then
+    REMOTE_WORKSPACE_MOUNT=1
+    logger "$LOG_PREFIX: this rconnector does not support the remote workspace mount"
+else
+    GCUBE_TOKEN="$2"
+    GCUBE_SCOPES="$3"
+fi
+
+HDIR="{{ r_connector_usershome }}$USER" 
 # 0: allowed
 # 1: not allowed
 ALLOW_LOCAL_USERS=1
 RPROFILE_FILE='{{ r_connector_rprofile_path }}/{{ r_connector_rprofile_filename }}'
+FUSE_INTEGRATION_JAR=/usr/local/lib/sh-fuse-integration-1.0.0-SNAPSHOT-jar-with-dependencies.jar
+WORKSPACE_MOUNT_DIR="$HDIR/{{ r_connector_workspace_mountpoint }}"
 
-if [ -d $HDIR ] ; then
-    if id -u $USER >/dev/null 2>&1
+workspace_mount () {
+    if [ $REMOTE_WORKSPACE_MOUNT -eq 0 ] ; then
+        {{ r_connector_workspace_unmount }} "$USER"
+        logger "$LOG_PREFIX: Trying to mount the remote workspace"
+        [ $DEBUG -eq 0 ] && logger "$LOG_PREFIX: Mount command is sudo -u $USER /usr/bin/java -jar $FUSE_INTEGRATION_JAR $GCUBE_TOKEN $GCUBE_SCOPES $WORKSPACE_MOUNT_DIR"
+        sudo /bin/mkdir -p "$WORKSPACE_MOUNT_DIR"
+        sudo /bin/chown "${USER}" "$WORKSPACE_MOUNT_DIR"
+        sudo -u "$USER" /usr/bin/java -jar $FUSE_INTEGRATION_JAR $GCUBE_TOKEN $GCUBE_SCOPES $WORKSPACE_MOUNT_DIR > "/var/tmp/workspace_${USER}.log" 2>&1 &
+    fi
+}
+
+fix_userconfig_perms () {
+    sudo /usr/bin/touch "${HDIR}/{{ r_connector_userconfig }}"
+    sudo /bin/chmod 660 "$HDIR/{{ r_connector_userconfig }}"
+    sudo /bin/chown "${USER}:{{ smartgears_user }}" "$HDIR/{{ r_connector_userconfig }}"
+    sudo /usr/bin/setfacl -m u:${USER}:rw,g:{{ smartgears_user }}:rw $HDIR/{{ r_connector_userconfig }}
+}
+if [ -d "$HDIR" ] ; then
+    if id -u "$USER" >/dev/null 2>&1
     then
         logger "$LOG_PREFIX user $HDIR directory exists. Touching the userconfig.csv file to ensure that it exists with the correct permissions"
-        sudo /usr/bin/touch ${HDIR}/{{ r_connector_userconfig }}
-        sudo /bin/chown ${USER}:{{ smartgears_user }} $HDIR/{{ r_connector_userconfig }}
-        sudo /usr/bin/setfacl -m u:${USER}:rw,g:{{ smartgears_user }}:rw $HDIR/{{ r_connector_userconfig }}
-        sudo /bin/ln -s $RPROFILE_FILE $HDIR/{{ r_connector_rprofile_filename }}
+        fix_userconfig_perms
+        sudo /bin/ln -s "$RPROFILE_FILE" "$HDIR/{{ r_connector_rprofile_filename }}"
+        workspace_mount
         exit 0
     else
         logger "$LOG_PREFIX user $HDIR directory exists but the user not. Aborting."
         exit 1
     fi
 else 
-    if id -u $USER >/dev/null 2>&1
+    if id -u "$USER" >/dev/null 2>&1
     then
         logger "$LOG_PREFIX ldap user $USER first login"
-        sudo /bin/mkdir -p $HDIR
-        sudo /bin/chown -R $USER $HDIR
-        sudo /bin/chmod g-wr,o-rwx $HDIR
-        sudo /usr/bin/touch $HDIR/{{ r_connector_userconfig }}
-        sudo /bin/chmod 660 $HDIR/{{ r_connector_userconfig }}
-        sudo /bin/chown $USER:{{ smartgears_user }} $HDIR/{{ r_connector_userconfig }}
-        sudo /usr/bin/setfacl -m u:${USER}:rw,g:{{ smartgears_user }}:rw $HDIR/{{ r_connector_userconfig }}
-        sudo /bin/chgrp {{ smartgears_user }} $HDIR
-        sudo /bin/ln -s $RPROFILE_FILE $HDIR/{{ r_connector_rprofile_filename }}
+        sudo /bin/mkdir -p "$HDIR"
+        sudo /bin/chown -R "$USER" "$HDIR"
+        sudo /bin/chmod g-wr,o-rwx "$HDIR"
+        fix_userconfig_perms
+        sudo /bin/chgrp {{ smartgears_user }} "$HDIR"
+        sudo /bin/ln -s "$RPROFILE_FILE" "$HDIR/{{ r_connector_rprofile_filename }}"
+        workspace_mount
         exit 0
     else
         logger "$LOG_PREFIX user $USER does not exist locally and is not an ldap user"
@@ -43,13 +75,11 @@ else
             exit 1
         else
             logger "$LOG_PREFIX non ldap users allowed, adding the user $USER locally"
-            sudo /usr/sbin/useradd -m -s /bin/false -g {{ smartgears_user }} $USER
-            sudo /bin/chmod g+ws $HDIR
-            sudo /usr/bin/touch $HDIR/{{ r_connector_userconfig }}
-            sudo /bin/chmod 660 $HDIR/{{ r_connector_userconfig }}
-            sudo /usr/bin/setfacl -m g:{{ smartgears_user }}:rw $HDIR/{{ r_connector_userconfig }}
-            sudo /bin/chgrp -R {{ smartgears_user }} $HDIR
-            sudo /bin/ln -s $RPROFILE_FILE $HDIR/{{ r_connector_rprofile_filename }}
+            sudo /usr/sbin/useradd -m -s /bin/false -g {{ smartgears_user }} "$USER"
+            sudo /bin/chmod g+ws "$HDIR"
+            fix_userconfig_perms
+            sudo /bin/chgrp -R {{ smartgears_user }} "$HDIR"
+            sudo /bin/ln -s "$RPROFILE_FILE" "$HDIR/{{ r_connector_rprofile_filename }}"
             exit 0
         fi
     fi