JISCMail - LCG-ROLLOUT Archives

Do we really need to change the every single voms files on the nodes? 
Modifying the site-info.def and then executing
"run_function site-info.def config_vomses" shouldn't do the job?

While using vi, this should replace the old DN with the new one in 
site-info.def:
1,$ s/C=CH\/O=CERN\/OU=GRID\/CN=host\//DC=ch\/DC=cern\/OU=computers\/CN=/g

Cheers,
Santanu

Alexander Piavka wrote:
>
> I actaully forgot to change the vomses config files on the UI, now 
> it's ok :)
>
> On Thu, 24 May 2007, Alexander Piavka wrote:
>
>>
>> Hi I have the similar situation while lcg-vomscerts-4.5.0-1 is installed
>>
>> ------------------------------------------------------
>> $ voms-proxy-init --voms dteam
>> Enter GRID pass phrase:
>> Your identity: /C=IL/O=IUCC/OU=CS-BGU/L=Beer-Sheva/CN=Piavka Alexander
>> Cannot find file or dir: /home/piavka/.glite/vomses
>> Creating temporary proxy ................................ Done
>> Contacting lcg-voms.cern.ch:15004 
>> [/C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch] "dteam" Failed
>>
>> Error: Could not establish authenticated connection with the server.
>> GSS Major Status: Unexpected Gatekeeper or Service Name
>> GSS Minor Status Error Chain:
>>
>> an unknown error occurred
>>
>> Trying next server for dteam.
>> Creating temporary proxy ............................................ 
>> Done
>> Contacting voms.cern.ch:15004 
>> [/C=CH/O=CERN/OU=GRID/CN=host/voms.cern.ch] "dteam" Failed
>>
>> Error: Could not establish authenticated connection with the server.
>> GSS Major Status: Unexpected Gatekeeper or Service Name
>> GSS Minor Status Error Chain:
>>
>> an unknown error occurred
>>
>> None of the contacted servers for dteam were capable
>> of returning a valid AC for the user.
>> ------------------------------------------------------
>>
>> On Thu, 24 May 2007, Gon�alo Borges wrote:
>>
>>> Hi All,
>>>
>>> After the first EGEE broadcast (a few days ago) I updated our 
>>> cluster with
>>> the new lcg-voms rpm
>>>
>>> [goncalo@ui01 goncalo]$ rpm -qa | grep lcg-vomscerts
>>> lcg-vomscerts-4.5.0-1
>>>
>>> Then, I updated the "/opt/edg/etc/vomses/dteam-lcg-voms.cern.ch" and
>>> "/opt/glite/etc/vomses/dteam-lcg-voms.cern.ch" files with the proper 
>>> DNs
>>>
>>> [goncalo@ui01 goncalo]$ cat 
>>> /opt/glite/etc/vomses/dteam-lcg-voms.cern.ch
>>> "dteam" "lcg-voms.cern.ch" "15004"
>>> "/DC=ch/DC=cern/OU=computers/lcg-voms.cern.ch" "dteam"
>>> [goncalo@ui01 goncalo]$ cat /opt/edg/etc/vomses/dteam-lcg-voms.cern.ch
>>> "dteam" "lcg-voms.cern.ch" "15004"
>>> "/DC=ch/DC=cern/OU=computers/lcg-voms.cern.ch" "dteam"
>>>
>>> Aftet that, and as warned, I was able to start proxies via 
>>> "voms.cern.ch"
>>> but not via "lcg-voms.cern.ch".
>>>
>>> Today, I tried again, and I was expecting to be able to start 
>>> proxies via
>>> "lcg-voms.cern.ch". However, I'm not able to do it via 
>>> "lcg-voms.cern.ch"
>>> nor "voms.cern.ch"
>>>
>>> ##############
>>> [goncalo@ui01 goncalo]$ voms-proxy-init --debug -voms dteam
>>> Detected Globus version: 22
>>> Unspecified proxy version, settling on Globus version: 2
>>> Number of bits in key :512
>>> Using configuration file /home/csys/goncalo/.edg/vomses
>>> Using configuration directory /opt/edg/etc/vomses
>>> Files being used:
>>> CA certificate file: none
>>> Trusted certificates directory : /etc/grid-security/certificates
>>> Proxy certificate file : /tmp/x509up_u266
>>> User certificate file: /home/csys/goncalo/.globus/usercert.pem
>>> User key file: /home/csys/goncalo/.globus/userkey.pem
>>> Output to /tmp/x509up_u266
>>> Your identity: /C=PT/O=LIPCA/O=LIP/OU=Lisboa/CN=Goncalo Borges
>>> Enter GRID pass phrase:
>>> Creating temporary proxy to /tmp/tmp_x509up_u266_22646 ..++++++++++++
>>> ................++++++++++++
>>> Done
>>> Contacting lcg-voms.cern.ch:15004
>>> [/DC=ch/DC=cern/OU=computers/lcg-voms.cern.ch] "dteam" Error: VERR_COMM
>>> Failed.
>>> Trying next server for dteam.
>>> Creating temporary proxy to /tmp/tmp_x509up_u266_22646
>>> ...............................++++++++++++
>>> ......++++++++++++
>>> Done
>>> Contacting voms.cern.ch:15004 
>>> [/DC=ch/DC=cern/OU=computers/voms.cern.ch]
>>> "dteam" Error: VERR_COMM Failed.
>>> Failed to contact servers for dteam.
>>> #################
>>>
>>> I think I did everything as requested. I'm I missing something? Can
>>> someone check what going wrong?
>>>
>>>
>>> Thanks in advance
>>> Best Regards
>>> Goncalo Borges
>>>
>>>
>>
>> _.-..
>> ,'9 )\)`-.,.--.
>> `-.| Piavlo `.
>> \, Alexander \)
>> `. )._\ (\
>> | // `-,//
>> ] | | //"
>> "" ""
>>
>
> _.-..
> ,'9 )\)`-.,.--.
> `-.| Piavlo `.
> \, Alexander \)
> `. )._\ (\
> |// `-,//
> ]|| //"
> "" ""