Updated dirac-proxy-init

[atsareg]

The functionality now available in proxy-init, dirac-proxy-init and dirac-upload-proxy should be collected altogether in just one command dirac-proxy-init . Other commands will be dropped. The following is to be implemented:

1. dirac-proxy-init is not uploading long proxy to the ProxyManager by default. To upload the long proxy a special -u -- uploadProxy switch must be given;
2. dirac-proxy-init without -u switch must nevertheless check the availability and validity period of the proxy in the ProxyManager and of the user certificate. The output of the command must give a warning message if either the long proxy or certificate or both have validity left less than 1 week;
3. dirac-proxy-init should be able to generate proxy even if there is no local configuration yet defined, e.g. right after installation. This proxy can still be used to access the configuration service with a default group defined on the server;
4. It should be possible to define in the local configuration a default group which will be taken into account if dirac-proxy-init is given without -g switch;

[acasajus]

I don't think dirac-proxy init should check if there's a proxy uploaded. After all, there are groups that don't require the proxy to be uploaded like dirac_admin. The one that should check the proxy is either when submitting a job or one optimizer.

[atsareg]

Users should deal with proxies in a single place. I agree that there are groups for which there is no need to upload proxies. Then this should be a property of the group. If the proxy for a group should be uploaded then this should be checked in dirac-proxy-init and automatically uploaded transparently to the user.

[acasajus]

That cannot be done. We cannot upload a user's proxy without his explicit consent. That was one of the clear runes Marteen told us when we were discussing this stuff with him.

[atsareg]

We were doing it for years now. Nobody complained. If we will start to require explicit consent of the user, we are guaranteed to have problems with users forgetting to do that. In any case the dirac-proxy-init must check if the proxy is uploaded and warn user if it is not although it is supposed to, or if it is uploaded but is close to expiration

[acasajus]

dirac-proxy-init does not check if the user has the proxy uploaded. We could do:

If a special ProxyAutoUpload is defined in the group, dirac-proxy-init can check and notify the user in the cli. If that var has value upload, then query the user if the proxy should be uploaded Y/n.

[graciani]

dirac-proxy-init still misses the possibility to generate VOMS proxies. This is necessary to replace proxy-init.

[acasajus]

Comitted in #216