 |
 |
Hi Martin, Do you have the right permissions on the /etc/grid-security/gridmapdir directory ? It need to be writable by the "lfcmgr" user. For instance : ls -ld /etc/grid-security/gridmapdir/ drwxrwxr-x 2 root lfcmgr 8192 Sep 2 09:50 /etc/grid-security/gridmapdir/ You can use another directory, as long as you specify it in /etc/sysconfig/lfcdaemon, and that it is writable by "lfcmgr". Cheers, Sophie. PS: you can also use the LFC support mailing list [log in to unmask] ________________________________ From: LHC Computer Grid - Rollout on behalf of Martin Pels Sent: Mon 9/5/2005 4:16 PM To: [log in to unmask] Subject: [LCG-ROLLOUT] LFC: Problem with mapping grid-user to pool account Hi, Recently we installed a local LFC at our site. Unfortunately we are having some problems using it. When I add a user to the grid-mapfile like such: "/O=dutchgrid/O=users/O=sara/CN=Martin Pels" pels I can use LFC after doing a grid-proxy-init as user pels. However, if I add the user to a pool account: "/O=dutchgrid/O=users/O=sara/CN=Martin Pels" .dteam LFC does not give access: [pels@mu11 pels]$ grid-proxy-init Your identity: /O=dutchgrid/O=users/O=sara/CN=Martin Pels Enter GRID pass phrase for this identity: Creating proxy ........................................................... Done Your proxy is valid until: Tue Sep 6 04:05:14 2005 [pels@mu11 pels]$ lfc-ls / /: Could not map principal to username There are dteamXXX users defined in /etc/password, but it seems LFC commands only work when the local user that executes them is mapped to the grid-user in /etc/grid-security/grid-mapfile. How do I get LFC to work with the pool accounts? Regards, Martin Pels SARA Computing & Networking Services High Performance Computing Tel. +31 20 592 3000 http://www.sara.nl <http://www.sara.nl/>