Hi,
Out of interest - does anyone know why Atlas has this mystery '24' in
the configuration ?
Other VOs seem to make do without.
Cheers,
Daniela
---------- Forwarded message ----------
From: EGI BROADCAST <[log in to unmask]>
Date: 7 October 2013 15:06
Subject: [ EGI BROADCAST ] IMPORTANT - ATLAS VOMS configuration to be updated
To: Site administrators/UKI-LT2-UCL-HEP <[log in to unmask]>
---------------------------------------------------------------------------------------------------------------
EGI BROADCAST TOOL : https://operations-portal.egi.eu/broadcast
---------------------------------------------------------------------------------------------------------------
Publication from : litmaath <[log in to unmask]>
Targets : Site administrators/UKI-LT2-UCL-HEP
<[log in to unmask]>
----------------------------------------------------------------------------------------------------------------
Dear EGI site admins,
this message is important for sites supporting the ATLAS VO.
ATLAS have a VOMS server vo.racf.bnl.gov whose host DN recently has changed,
causing proxies signed by that server to be refused by grid services.
The VOMS server was therefore switched off for the time being, until all
relevant grid services have been reconfigured with the updated details.
On services that are VOMS-aware, please ensure the following file has
the given content:
-----------------------------------------------------------------------------
$ cat /etc/grid-security/vomsdir/atlas/vo.racf.bnl.gov.lsc
/DC=com/DC=DigiCert-Grid/O=Open Science Grid/OU=Services/CN=vo.racf.bnl.gov
/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1
-----------------------------------------------------------------------------
Some services (e.g. UI, WN, VOBOX, WMS) also have files like the following
to be corrected (line folded for readability):
-----------------------------------------------------------------------------
$ cat /etc/vomses/atlas-vo.racf.bnl.gov | fold -w 62
"atlas" "vo.racf.bnl.gov" "15003" "/DC=com/DC=DigiCert-Grid/O=
Open Science Grid/OU=Services/CN=vo.racf.bnl.gov" "atlas" "24"
-----------------------------------------------------------------------------
Sites using YAIM please apply these site-info.def definitions:
-----------------------------------------------------------------------------
VO_ATLAS_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/atlas?/atlas/'
VO_ATLAS_VOMSES="\
'atlas lcg-voms.cern.ch 15001 \
/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch atlas 24' \
'atlas voms.cern.ch 15001 \
/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch atlas 24' \
'atlas vo.racf.bnl.gov 15003 \
/DC=com/DC=DigiCert-Grid/O=Open Science Grid/OU=Services/CN=vo.racf.bnl.gov \
atlas 24' \
"
VO_ATLAS_VOMS_CA_DN="\
'/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
'/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
'/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1' \
"
-----------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------
link to this broadcast :
https://operations-portal.egi.eu/broadcast/archive/id/1022
----------------------------------------------------------------------------------------------------------------
--
Sent from the pit of despair
-----------------------------------------------------------
[log in to unmask]
HEP Group/Physics Dep
Imperial College
London, SW7 2BW
Tel: +44-(0)20-75947810
http://www.hep.ph.ic.ac.uk/~dbauer/
|