Add submit pol wrapper

This merge fixes issue #12 (closed) adding a python wrapper script around the bash scripts that start GPFS policy runs. Argument validation is strict within the Python script to ensure no improper commands are run with elevated privileges. Also made changes to file organization.

The bash scripts are kept in the same directory with the python script for now. As part of this merge request, the following changes should be made after the merge occurs, the local repo is synced, and the sudo privileges for run-submit-pol-job.py are added for select users:

1. Permissions and ownership for submit-pol-job and run-mmpol.sh should be set to -r-x------ root:root
2. Permissions and ownership for run-submit-pol-job.py should be set to -r-xr-x--- root:atlab.
   • Absolutely critical that no write permissions are allowed on the Python script to avoid someone changing the file to run unintended commands with elevated privileges.

See #12 (closed) for a more complete view of the proposed directory structure and corresponding permissions

assigned to @jpr

assigned to @mhanby and unassigned @jpr

assigned to @jpr and unassigned @mhanby

assigned to @mdefende and unassigned @jpr

requested review from @jpr

requested review from @mhanby and removed review request for @jpr

requested review from @jpr and removed review request for @mhanby

The current iteration of submit-pol-job is only written to run either list-path-external or list-path-dirplus policies. Any other policies would need to be run via a different script.

I'd like to keep the shell scripts as user-friendly for Ops as possible. Having to write a separate script to run policies other than those two is not close to that.

Instead, should move the declaration of the policy path to the Python file, limiting the options to just the two mentioned policies. The path to the policy script is then passed to submit-pol-job as text. This would allow Ops to continue to use submit-pol-job as a generic wrapper for run-mmpol.sh using any policy they deem necessary

This is done in the most recent commits.

submit-pol-job now takes the -P|--policy argument, a path to the policy file.

run-submit-pol-job.py hard-codes the policy paths. The policy file can only be changed with the --with-dirs flag. Defaults to ./policy-def/list-path-external

added 2 commits

• 7a62f02e - add option to run any policy file so Ops is not restricted to only...
• aec5e342 - set the policy file to either list-path-external or list-path-dirplus, then...

Compare with previous version

added 1 commit

• cbb2a739 - fix typo

Compare with previous version

merged

mentioned in commit f78e856e