Hi Elena,
1) yes, exactly as in the script and as you wrote:
voms-proxy-init -cert /etc/grid-security/hostcert.pem -key /etc/grid-security/hostkey.pem
[root@se2 ~]# voms-proxy-info -all
subject : /C=UK/O=eScience/OU=RoyalHollowayLondon/L=Physics/CN=se2.ppgrid1.rhul.ac.uk/CN=proxy
issuer : /C=UK/O=eScience/OU=RoyalHollowayLondon/L=Physics/CN=se2.ppgrid1.rhul.ac.uk
identity : /C=UK/O=eScience/OU=RoyalHollowayLondon/L=Physics/CN=se2.ppgrid1.rhul.ac.uk
type : full legacy globus proxy
strength : 1024
path : /tmp/x509up_u0
timeleft : 11:59:44
key usage : Digital Signature, Key Encipherment, Data Encipherment
2) I suppose you mean the equivalent path on the RHUL SE?
[root@se2 ~]# dpns-getacl /dpm/ppgrid1.rhul.ac.uk/home/atlas/atlasscratchdisk/dumps
# file: /dpm/ppgrid1.rhul.ac.uk/home/atlas/atlasscratchdisk/dumps
# owner: root
# group: root
user::rwx
group::rwx #effective:rwx
group:atlas:rwx #effective:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::rwx
default:group:atlas:rwx
default:mask::rwx
default:other::r-x
________________________________________
From: Testbed Support for GridPP member institutes <[log in to unmask]> on behalf of Elena Korolkova <[log in to unmask]>
Sent: 29 March 2016 16:57
To: [log in to unmask]
Subject: Re: ATLAS dumps update
Hi Simon,
1. do you generate proxy as in script:
voms-proxy-init -cert /etc/grid-security/hostcert.pem -key /etc/grid-security/hostkey.pem?
What does voms-proxy-info -all show?
2. what is an output of the command:
dpns-getacl /dpm/shef.ac.uk/home/atlas/atlasscratchdisk/dumps/?
Many thanks
Elena
On 29 Mar 2016, at 16:49, George, Simon <[log in to unmask]> wrote:
> Hi,
> xrdcp is working at RHUL, with the mapping for the SE host DN as you specify.
> Simon
>
> From: Testbed Support for GridPP member institutes <[log in to unmask]> on behalf of Alessandra Forti <[log in to unmask]>
> Sent: 29 March 2016 16:35
> To: [log in to unmask]
> Subject: Re: ATLAS dumps update
>
> Hi Elena,
>
> in other words you need to check your are mapping the host DN in /etc/lcgdm-mapfile-local (and /etc/grid-mapfile-local?)
>
> how did other people do it? I have rfcp working I'd like not to test xrdcp if other people made it work already.
>
> cheers
> alessandra
>
> On 29/03/2016 15:29, Sam Skipsey wrote:
>> Hi Elena,
>>
>> The mistake you're making here is in assuming that the script is doing what it should do :)
>>
>> xrdcp needs to be given a credential with permissions to write into the directory you're pointing it at. If your credential (without any VOMS roles) has permissions to do that, then this will work. However, the fact that you're getting a Permission Denied means that your bare proxy does not have the required permissions.
>>
>> I would check to see what permission your bare DN has on your DPM server. And then, either give yourself the right permissions, or get the voms-proxy-init to give you a proper ATLAS role (which is what it should be doing in the first place).
>>
>> Sam
>>
>>
>>
>> On Tue, Mar 29, 2016 at 3:10 PM Elena Korolkova <[log in to unmask]> wrote:
>> Hi Sam,
>>
>> the command in script does:
>>
>> voms-proxy-init -cert /etc/grid-security/hostcert.pem -key /etc/grid-security/hostkey.pem.
>>
>> So it shouldn’t be any atlas credential.
>>
>> Then the script does:
>>
>> dpns-mkdir -p ${atlas_path}/atlasgroupdisk/${i}/dumps
>> dpns-setacl -m g:atlas:rwx,m:rwx ${atlas_path}/atlasgroupdisk/${i}/dumps
>>
>>
>> What is I missing here? How can I make it work?
>>
>> Many thanks
>> Elena
>>
>> On 29 Mar 2016, at 15:04, Sam Skipsey <[log in to unmask]> wrote:
>>
>> > Well, xrdcp definitely won't work - it doesn't have permissions (your proxy doesn't seem to have any ATLAS VOMS roles in it?)
>> >
>> > Sam
>> >
>> > On Tue, Mar 29, 2016 at 2:08 PM Elena Korolkova <[log in to unmask]> wrote:
>> > Hi,
>> >
>> > A related question. I don’t have a cron job because I first tried to copy the dump with rfcp command which didn’t work in Sheffield.
>> > Now I’ve switched to xrdcp and it doesn’t work either:
>> >
>> > xrdcp ./${i}-dump_${yesterday} root://${se_hostname}/${atlas_path}/${i}/dumps/dump_${yesterday}
>> > [0B/0B][100%][==================================================][0B/s]
>> > Run: [ERROR] Server responded with an error: [3010] Unable to create /dpm/shef.ac.uk/home/atlas/atlasscratchdisk/dumps/dump_20160328; Permission denied
>> >
>> > [root@lcgse0 tmp.JSAOI1Epz8]# voms-proxy-info -all
>> > subject : /C=UK/O=eScience/OU=Sheffield/L=CICS/CN=lcgse0.shef.ac.uk/CN=proxy
>> > issuer : /C=UK/O=eScience/OU=Sheffield/L=CICS/CN=lcgse0.shef.ac.uk
>> > identity : /C=UK/O=eScience/OU=Sheffield/L=CICS/CN=lcgse0.shef.ac.uk
>> > type : full legacy globus proxy
>> > strength : 1024
>> > path : /tmp/x509up_u0
>> > timeleft : 11:18:14
>> > key usage : Digital Signature, Key Encipherment, Data Encipherment
>> >
>> > [root@lcgse0 tmp.JSAOI1Epz8]# dpns-getacl /dpm/shef.ac.uk/home/atlas/atlasscratchdisk/dumps/
>> > # file: /dpm/shef.ac.uk/home/atlas/atlasscratchdisk/dumps/
>> > # owner: root
>> > # group: root
>> > user::rwx
>> > group::rwx #effective:rwx
>> > group:atlas:rwx #effective:rwx
>> > group:atlas/Role=production:rwx #effective:rwx
>> > mask::rwx
>> > other::r-x
>> > default:user::rwx
>> > default:group::rwx
>> > default:group:atlas:rwx
>> > default:group:atlas/Role=production:rwx
>> > default:mask::rwx
>> > default:other::r-x
>> > [root@lcgse0 tmp.JSAOI1Epz8]
>> >
>> > Any thoughts what’s going wrong?
>> >
>> > Thanks
>> > Elena
>> >
>> >
>> > On 29 Mar 2016, at 13:26, Alessandra Forti <[log in to unmask]> wrote:
>> >
>> > > Hello,
>> > >
>> > > there are currently 4 tickets open and we can say they are in progress a couple may almost be on the verge of being closed.... However I did a sweep check on all the UK endpoints and I'm araid even the sites with ticket already closed don't have a cron setup which means that there is nothing to check. Kudos to Cambridge and Liverpool that look fine, all the others can I ask you to setup the cron or to check why it isn't working please?
>> > >
>> > > thanks
>> > >
>> > > cheers
>> > > "Lu-Tze the sweeper"
>> > > alessandra
>> > >
>> > >
>> > > --
>> > > Respect is a rational process. \\//
>> > > Fatti non foste a viver come bruti (Dante)
>
> --
> Respect is a rational process.
> \\//
>
> Fatti non foste a viver come bruti (Dante)
>
