From 20f695515a711a1385aea4100de04dc9a25ac043 Mon Sep 17 00:00:00 2001 From: cheatfate Date: Wed, 26 Aug 2020 09:42:26 +0300 Subject: [PATCH] Fix localtestnet simulation. --- beacon_chain/beacon_node.nim | 46 +++------------------------ beacon_chain/keystore_management.nim | 45 ++++++++++++++++++++++++-- beacon_chain/nimbus_binary_common.nim | 2 +- scripts/launch_local_testnet.sh | 5 ++- 4 files changed, 52 insertions(+), 46 deletions(-) diff --git a/beacon_chain/beacon_node.nim b/beacon_chain/beacon_node.nim index f8cdf4d84..a100f1b45 100644 --- a/beacon_chain/beacon_node.nim +++ b/beacon_chain/beacon_node.nim @@ -898,47 +898,6 @@ proc createPidFile(filename: string) = gPidFile = filename addQuitProc proc {.noconv.} = discard io2.removeFile(gPidFile) -proc checkDataDir(conf: BeaconNodeConf) = - ## Checks `conf.dataDir`. - ## If folder exists, procedure will check it for access and - ## permissions `0750 (rwxr-x---)`, if folder do not exists it will be created - ## with permissions `0750 (rwxr-x---)`. - let dataDir = string(conf.dataDir) - when defined(posix): - let amask = {AccessFlags.Read, AccessFlags.Write, AccessFlags.Execute} - if fileAccessible(dataDir, amask): - let gmask = {UserRead, UserWrite, UserExec, GroupRead, GroupExec} - let pmask = {OtherRead, OtherWrite, OtherExec, GroupWrite} - let pres = getPermissionsSet(dataDir) - if pres.isErr(): - fatal "Could not check data folder permissions", - data_dir = dataDir, errorCode = $pres.error, - errorMsg = ioErrorMsg(pres.error) - quit QuitFailure - let insecurePermissions = pres.get() * pmask - if insecurePermissions != {}: - fatal "Data folder has insecure permissions", - data_dir = dataDir, - insecure_permissions = $insecurePermissions, - current_permissions = pres.get().toString(), - required_permissions = gmask.toString() - quit QuitFailure - else: - let res = createPath(dataDir, 0o750) - if res.isErr(): - fatal "Could not create data folder", data_dir = dataDir, - errorMsg = ioErrorMsg(res.error), errorCode = $res.error - quit QuitFailure - elif defined(windows): - let res = createPath(dataDir, 0o750) - if res.isErr(): - fatal "Could not create data folder", data_dir = dataDir, - errorMsg = ioErrorMsg(res.error), errorCode = $res.error - quit QuitFailure - else: - fatal "Unsupported operation system" - quit QuitFailure - proc initializeNetworking(node: BeaconNode) {.async.} = await node.network.startListening() @@ -1136,7 +1095,10 @@ programMain: # This is ref so we can mutate it (to erase it) after the initial loading. stateSnapshotContents: ref string - checkDataDir(config) + if not(checkAndCreateDataDir(config)): + # We are unable to access/create data folder or data folder's + # permissions are insecure. + quit QuitFailure setupLogging(config.logLevel, config.logFile) diff --git a/beacon_chain/keystore_management.nim b/beacon_chain/keystore_management.nim index f28b93205..3446ae090 100644 --- a/beacon_chain/keystore_management.nim +++ b/beacon_chain/keystore_management.nim @@ -1,9 +1,9 @@ import std/[os, strutils, terminal, wordwrap], - chronicles, chronos, web3, stint, json_serialization, stew/byteutils, + chronicles, chronos, web3, stint, json_serialization, serialization, blscurve, eth/common/eth_types, eth/keys, confutils, bearssl, spec/[datatypes, digest, crypto, keystore], - stew/io2, libp2p/crypto/crypto as lcrypto, + stew/[byteutils, io2], libp2p/crypto/crypto as lcrypto, nimcrypto/utils as ncrutils, conf, ssz/merkleization, network_metadata @@ -36,6 +36,47 @@ const template echo80(msg: string) = echo wrapWords(msg, 80) +proc checkAndCreateDataDir*(dataDir: string): bool = + ## Checks `conf.dataDir`. + ## If folder exists, procedure will check it for access and + ## permissions `0750 (rwxr-x---)`, if folder do not exists it will be created + ## with permissions `0750 (rwxr-x---)`. + when defined(posix): + let amask = {AccessFlags.Read, AccessFlags.Write, AccessFlags.Execute} + if fileAccessible(dataDir, amask): + let gmask = {UserRead, UserWrite, UserExec, GroupRead, GroupExec} + let pmask = {OtherRead, OtherWrite, OtherExec, GroupWrite} + let pres = getPermissionsSet(dataDir) + if pres.isErr(): + fatal "Could not check data folder permissions", + data_dir = dataDir, errorCode = $pres.error, + errorMsg = ioErrorMsg(pres.error) + return false + let insecurePermissions = pres.get() * pmask + if insecurePermissions != {}: + fatal "Data folder has insecure permissions", + data_dir = dataDir, + insecure_permissions = $insecurePermissions, + current_permissions = pres.get().toString(), + required_permissions = gmask.toString() + return false + else: + let res = createPath(dataDir, 0o750) + if res.isErr(): + fatal "Could not create data folder", data_dir = dataDir, + errorMsg = ioErrorMsg(res.error), errorCode = $res.error + return false + return true + elif defined(windows): + let res = createPath(dataDir, 0o750) + if res.isErr(): + fatal "Could not create data folder", data_dir = dataDir, + errorMsg = ioErrorMsg(res.error), errorCode = $res.error + return false + else: + fatal "Unsupported operation system" + return false + proc loadKeystore(validatorsDir, secretsDir, keyName: string, nonInteractive: bool): Option[ValidatorPrivKey] = let diff --git a/beacon_chain/nimbus_binary_common.nim b/beacon_chain/nimbus_binary_common.nim index 113ddd7b9..d5c172d09 100644 --- a/beacon_chain/nimbus_binary_common.nim +++ b/beacon_chain/nimbus_binary_common.nim @@ -9,7 +9,7 @@ import # Standard library - tables, random, strutils, os, typetraits, + tables, random, strutils, typetraits, # Nimble packages chronos, confutils/defs, diff --git a/scripts/launch_local_testnet.sh b/scripts/launch_local_testnet.sh index 14c974517..39ae6e9a3 100755 --- a/scripts/launch_local_testnet.sh +++ b/scripts/launch_local_testnet.sh @@ -213,6 +213,7 @@ if [[ $USE_GANACHE == "0" ]]; then BOOTSTRAP_IP="127.0.0.1" ./build/beacon_node createTestnet \ + --data-dir="${DATA_DIR}" \ --deposits-file="${DEPOSITS_FILE}" \ --total-validators=${TOTAL_VALIDATORS} \ --last-user-validator=${USER_VALIDATORS} \ @@ -316,10 +317,11 @@ fi VALIDATORS_PER_VALIDATOR=$(( (SYSTEM_VALIDATORS / NODES_WITH_VALIDATORS) / 2 )) VALIDATOR_OFFSET=$((SYSTEM_VALIDATORS / 2)) BOOTSTRAP_ENR="${DATA_DIR}/node${BOOTSTRAP_NODE}/beacon_node.enr" +NETWORK_KEYFILE="../network_key.json" for NUM_NODE in $(seq 0 $(( NUM_NODES - 1 ))); do if [[ ${NUM_NODE} == ${BOOTSTRAP_NODE} ]]; then - BOOTSTRAP_ARG="--netkey-file=network_key.json --insecure-netkey-password=true" + BOOTSTRAP_ARG="--netkey-file=${NETWORK_KEYFILE} --insecure-netkey-password=true" else BOOTSTRAP_ARG="--bootstrap-file=${BOOTSTRAP_ENR}" # Wait for the master node to write out its address file @@ -339,6 +341,7 @@ for NUM_NODE in $(seq 0 $(( NUM_NODES - 1 ))); do # The first $NODES_WITH_VALIDATORS nodes split them equally between them, after skipping the first $USER_VALIDATORS. NODE_DATA_DIR="${DATA_DIR}/node${NUM_NODE}" rm -rf "${NODE_DATA_DIR}" + mkdir -m 0750 -p "${NODE_DATA_DIR}" mkdir -p "${NODE_DATA_DIR}/validators" mkdir -p "${NODE_DATA_DIR}/secrets"