I have tried and it... is not ready yet... YES, it works !!
Then, may I ask, how a .dteam mapped user will be associated with a
site's delta001-050 user, designed for dteam duties ? If it happens,
it's all right, I really wouldn't like to know... You have a translation
table, don't you ? But how would you know that delta007 is a .dteam
member in the first place ( I mean from YAIM's site definition files ).
Oliver KEEBLE wrote:
>A couple of comments;
>
>There is a yaim bug (fixed for next time) which affects VOMS-only VOs -
>the sgm account is not properly mapped. A workaround is to set the
>following variable
>
>VO_GEANT4_SGM="x"
>
>which will ensure your sgm user is mapped (via the VOMS server). It will
>also result in a spurious but harmless ldap entry in mkgridmap.conf (the
>"x").
>
>More generally, we cannot mandate that the users on a site are named
>after the VO - some sites operate a different policy. We also cannot
>mandate that pool accounts all have 3 digit suffices (or similar). At
>the moment, yaim does not fully handle VOs whose name terminates in a
>digit. As discussed, it will still work, so long as you don't introduce
>a VO called geant5...
>
>
>Oliver.
>
>Oliver Keeble Information Technology Department
>[log in to unmask] CERN
>+41 22 76 72360 CH-1211 Geneva 23
>
>
>Dan Schrager wrote:
>
>
>>It's geant4001-geant4050, geant4sgm, group geant4.
>>
>>The sgm user did not map right for now, however.
>>
>>
>>David Garcia Aristegui wrote:
>>
>>
>>
>>>Hello, a quick question. You wrote "the mapped users I've defined are
>>>geant4001-geant4050 and geant4sgm. The group is geant4". Is this
>>>correct finally, or the pool account you have is geant001-geant050?
>>>
>>>Thank you in advanced.
>>>
>>>
>>>Dan Schrager wrote:
>>>
>>>
>>>
>>>>I am a yaim "compliant" site.
>>>>yaim should maybe fix a small inconsistency: the "root" for all names
>>>>should be the vo's name as defined in the VOS="atlas ... geant4" line.
>>>>anyway jobs do run well for geant4 here :-)
>>>>
>>>>Patricia Mendez Lorenzo wrote:
>>>>
>>>>
>>>>
>>>>>Hello Dan,
>>>>>
>>>>>The vo is called geant4 because geant4 is the name of the community
>>>>>and geant4 should not cause any problem
>>>>>in any configuration file. only geant has other meanings, so it is
>>>>>important to realize that we speak abuot geant4 and
>>>>>not about geant. It is not the 1st case with numbers inside the
>>>>>name of the VO, for example na48 is another example.
>>>>>
>>>>>The grid-mapfile can read .geant4. Actually in other sites .geant4
>>>>>appears inside the grid-mapfiles.
>>>>>
>>>>>at least what we realized at cern is the number of characters
>>>>>included in the pool accounts. i think 8 characters is the
>>>>>maximal. geant4001has 9.
>>>>>
>>>>>Patricia
>>>>>
>>>>>El 06/12/2005, a las 23:30, Dan Schrager escribió:
>>>>>
>>>>>
>>>>>
>>>>>>why don't you call the vo geant ?
>>>>>>why the grid-mapfile doesn't read .geant4 ?
>>>>>>who cares about the range of mapped users, 4001-4050 is as good as
>>>>>>001-050 ?
>>>>>>
>>>>>>Patricia Mendez Lorenzo wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>>Hello,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>VOS="atlas alice lhcb cms dteam sixt zeus see geant4"
>>>>>>>>
>>>>>>>>VO_GEANT4_SW_DIR=$VO_SW_DIR/geant4
>>>>>>>>VO_GEANT4_DEFAULT_SE=$SE_HOST
>>>>>>>>VO_GEANT4_VOMS_SERVERS="vomss://lcg-voms.cern.ch:8443/voms/
>>>>>>>>geant4?/ geant4"
>>>>>>>>VO_GEANT4_STORAGE_DIR=$CE_CLOSE_SE1_ACCESS_POINT/geant4
>>>>>>>>VO_GEANT4_QUEUES="geant4"
>>>>>>>>
>>>>>>>>The mapped users I've defined are geant4001-geant4050 and
>>>>>>>>geant4sgm. The group is geant4.
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>This could couse a problems, because the accounts are seen going
>>>>>>>from 4001 to 4050 (the "4" is counted
>>>>>>>as part od the number account). So I would suggest to define the
>>>>>>>pool accounts from geant001 unti geant050 (without the
>>>>>>>number 4), the sgm account, the same: geantsgm. and yes, the name
>>>>>>>of the vo is geant4.
>>>>>>>I can check a submission to WEIZMANN with the geant4 certificate.
>>>>>>>i let yoou know.
>>>>>>>
>>>>>>>Patricia
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>Could you please confirm that it is all right ?
>>>>>>>>
>>>>>>>>I have noticed however that in the /etc/grid-security/grid-
>>>>>>>>mapfile there are two new geant(4) users that are mapped to
>>>>>>>>.geant -- WITHOUT A 4--
>>>>>>>>Is this OK ?
>>>>>>>>
>>>>>>>>The 4 seems a problem for me. Is it ? Could any of the geant4
>>>>>>>>certificate holders submit a job to WEIZMANN-LCG2 and tell me
>>>>>>>>whether the results are OK ?
>>>>>>>>
>>>>>>>>Regards,
>>>>>>>>Dan
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>+++++++++++++++++++++++++++++++++++++++++++
>>>>>>>This Mail Was Scanned By Mail-seCure System
>>>>>>>at the Tel-Aviv University CC.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>+++++++++++++++++++++++++++++++++++++++++++
>>>>>This Mail Was Scanned By Mail-seCure System
>>>>>at the Tel-Aviv University CC.
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>+++++++++++++++++++++++++++++++++++++++++++
>>>This Mail Was Scanned By Mail-seCure System
>>>at the Tel-Aviv University CC.
>>>
>>>
>>
>>
>>
>
> +++++++++++++++++++++++++++++++++++++++++++
> This Mail Was Scanned By Mail-seCure System
> at the Tel-Aviv University CC.
>
>
|