Hi Kostas,
from what I've seen on my system. There is no drawback. If edg-mkgridmap
program can't access a voms server the grid-mapfile remains unchanged
for that particular voms (the old entries remain in the grid-mapfile and
the new don't get in).
However in the cron job with && in the middle the conversion to kpwd is
bound not to be executed if only one of the voms/ldap servers fails
because that's the error code edg-mkgridmap returns.
cheers
alessandra
Kostas Georgiou wrote:
> On Wed, Jul 19, 2006 at 01:10:22PM +0100, Owen Synge wrote:
>
>> On Wed, 19 Jul 2006 12:28:07 +0100
>> Alessandra Forti <[log in to unmask]> wrote:
>>
>>> Hi Greig,
>>>
>>> it has always been both edg-mkgridmap and grid-mapfile2dcache-kpwd in
>>> the same cron since lcg-2_4_0 and there has always been a && between
>>> the two commands not a ;
>>>
>>> cheers
>>> alessandra
>> Yes I changed that because
>>
>> /opt/edg/sbin/edg-mkgridmap --output=/etc/grid-security/grid-mapfile --safe
>>
>> quite often returns non 0 return codes particularly when a VOMS server
>> is down which is quite frequent. Also the command
>>
>> /opt/d-cache/bin/grid-mapfile2dcache-kpwd
>>
>> does not take long to run.
>
> Is the gridmap file updated at all if edg-mkgridmap returns non zero? If it
> isn't then there is no point running grid-mapfile2dcache-kpwd. If it is the
> question is are parts of the gridmap file missing because of the failure?
>
> Is it possible that edg-mkgridmap might fail in a bad way and leave the gridmap
> file empty or will it keep the older information, in the former case it might
> be unwise to try to update dcache.kpwd from an empty gridmap file. On the other
> hand if edg-mkgridmap failed in a bad way you have other problems to worry about.
>
> Kostas
--
*******************************************
* Dr Alessandra Forti *
* Technical Coordinator - NorthGrid Tier2 *
* http://www.hep.man.ac.uk/u/aforti *
*******************************************
|