On Thu, May 03, 2007 at 12:00:41AM +0200, Maarten Litmaath, CERN wrote:
>
> > In addition, there will be problems when one sgm or prd user will
> > change/delete files written by another sgm or prd user.
>
> The files and directories also need to be made group-writable.
I think this has to be done for the software tag dirs under
/opt/edg/var/info.
For example after reconfiguration, I have:
[root@ce01 info]# pwd /opt/edg/var/info
[root@ce01 info]# ls -ld atlas
drwxr-xr-x 2 atlassgm001 atlassgm 4096 Feb 20 07:33 atlas
[root@ce01 info]# ls -l atlas
total 4
-rw-r--r-- 1 atlassgm001 atlassgm 268 Feb 20 07:33 atlas.list
And in /opt/glite/yaim/functions/config_gip_vo_tag :
sgmusers=`users_getspecialusers $VO sgm`
sgmuser=`echo $sgmusers | cut -d " " -f 1`
sgmgroup=`id -g $sgmuser`
chown -R ${sgmuser}:${sgmgroup} $dir
chmod -R go-w $dir
So the way it is configured by YAIM, only the SGM user mapped to
the first SGM account will be able to change/publish software tags.
--
Kyriakos Ginis
|