Ben
On Tue, 28 Jan 2003, Ben Waugh wrote:
> On Tue, 28 Jan 2003, Steve Traylen wrote:
>
> > + The CE:/opt/edg/etc/mkgridmap.conf file should contain
> > a line with the atlas VO server mapped to .atlas
The mkgridmap.conf file on the CE is a completley manual thing.
Just comment out the VO lines that you do not want to support.
The other lines
auth ldap://marianne.in2p3.fr/ou=People,o=testbed,dc=eu-datagrid,dc=org
says that users must also have signed the EDG usage guidelines as well
as being in a VO. I expect you want this line.
auth ldap://grid-vo.nikhef.nl/ou=People,o=gdmpservers,dc=eu-datagrid,dc=org
group ldap://grid-vo.nikhef.nl/ou=apptb,o=gdmpservers,dc=eu-datagrid,dc=org gdmp
These two line give a list of SE's that your SE trusts for the global
gdmp user. You do have to have these to be a part of testbed.
Make sure you have apptb rather than the default devtb.
The format of this file is described in
man /opt/edg/share/man/man1/mkgridmap.1.gz
mkgridmap.conf and /etc/sysconfig/edg are processed by a cron job.
/opt/edg/etc/cron/mkgridmap-cron
to create your /share/grid-security/grid-mapfile
> >
> > + On the SE a GDMP specific grid-mapfile should exist
> > SE:/opt/edg/etc/atlas/grid-mapfile
On the SE there is a cronjob that runs as user
gdmp `crontab -u gdmp -l`
/etc/obj/gdmp start
that creates these files for you.
>
> How are these created? Does it get updated from various VO LDAP servers
> like /share/grid-security/grid-mapfile or is it put in by hand? Our
> site-cfg.h file has lines like
> #define SE_VO_GRIDPP
> #define SE_GDMP_REP_CAT_GRIDPP_PWD clonedkitty
> and
> #define SE_VO_ gridpp:SE_GDMP_AREA/gridpp, [...]
>
> What else is needed? The section on GDMP configuration in the "LCFG
> post-install" notes just says to send the SE host certificate and subject
> to the "SE-apptb" list, which I have done and apparently been added.
"/O=Grid/O=UKHEP/CN=host/pc31.hep.ucl.ac.uk" gdmp
is in my grid-mapfile so this has happend.
Steve
--
Steve Traylen
[log in to unmask]
http://www.gridpp.ac.uk/
|