Hi Gonçalo,
This confirms that original user probably used an UI which still uses
the old certificate.
To site admins who read this :
please do not forget to change public key of VOMS server
cclcgvomsli01.in2p3.fr on your _*UIs*_* in /etc/grid-security/vomsdir
* The new one can be retrieved at:*
*https://cic.gridops.org/common/all/documents/VOMS/biomed-VOMSPublicKey-20070328-143040.txt
Cheers,
David.
Cheers,
David.
Gonçalo Borges wrote:
> Hi again,
>
> I still didn't received feedback from the original user but another
> user (David Aristegui), also belonging to the biomed VO, read my first
> email to the LCG-ROLLOUT and tried to submit to my site. He managed to
> run jobs and was correctly mapped to biomed pool accounts through VOMS:
>
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> LCMAPS 7: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> Initialization LCMAPS version 0.0.30
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-startPluginManager(): Reading LCMAPS database
> /opt/edg/etc/lcmaps/lcmaps.db
> LCMAPS 5: 2007-04-02.15:40:46.266982.0000021996.0000065441 : LCMAPS
> credential mapping request
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): found plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_voms.mod
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): running plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_voms.mod
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps_plugin_voms-plugin_run(): voms plugin succeeded
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): found plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_voms_localgroup.mod
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): running plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_voms_localgroup.mod
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps_plugin_voms_localgroup-plugin_run(): voms_localgroup plugin
> succeeded
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): found plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_voms_poolaccount.mod
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): running plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_voms_poolaccount.mod
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps_plugin_voms_poolaccount-plugin_run(): voms_poolaccount plugin
> succeeded
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): found plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_posix_enf.mod
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-runPlugin(): running plugin
> /opt/edg/lib/lcmaps/modules/lcmaps_posix_enf.mod
> LCMAPS 6: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps_plugin_posix_enf-log_cred(): uid=7061(biomed061):pgid=7000(biomed)
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps_plugin_posix_enf-plugin_run(): posix_enf plugin succeeded
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-lcmaps_run(): succeeded
> LCMAPS 7: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> Termination LCMAPS
> LCMAPS 0: 2007-04-02.15:40:46.266982.0000021996.0000065441 :
> lcmaps.mod-lcmaps_term(): terminating
> Notice: 5: Requested service: jobmanager-fork
> Notice: 5: Authorized as local user: biomed061
> Notice: 5: Authorized as local uid: 7061
> Notice: 5: and local gid: 7000
>
> I asked him what was the VOMS certificate he was using and this is his
> reply:
>
>> David Garcia Aristegui wrote: Hello: i've executed a "voms-proxy-init
>> -voms biomed"
>>
>> The cert:
>> [david@villon examples]$ openssl x509 -text -noout -in
>> /etc/grid-security/vomsdir/cclcgvomsli01.in2p3.fr
>> Certificate:
>> Data:
>> Version: 3 (0x2)
>> Serial Number: 1881 (0x759)
>> Signature Algorithm: sha1WithRSAEncryption
>> Issuer: C=FR, O=CNRS, CN=GRID-FR
>> Validity
>> Not Before: Mar 1 14:01:52 2007 GMT
>> Not After : Mar 1 14:01:52 2008 GMT
>> Subject: O=GRID-FR, C=FR, O=CNRS, OU=CC-LYON,
>> CN=cclcgvomsli01.in2p3.fr
>> Subject Public Key Info:
>> Public Key Algorithm: rsaEncryption
>> RSA Public Key: (1024 bit)
>> Modulus (1024 bit):
>> 00:d3:81:8b:c1:9e:ef:6f:e3:4e:36:5e:b8:5f:d3:
>> (...)
>>
>> Tell me if you need me to execute more tests.
>> Cheers.
>>
> So, I guess the problem is still on the original user side...
>
> Cheers
> Goncalo Borges
>
--
*David BOUVET*
/EGEE Project team/
IN2P3/CNRS Computing Centre - Lyon (FRANCE)
http://grid.in2p3.fr
Tel. : +33 4 72 69 41 62 | Fax. : +33 4 72 69 41 70 | e-mail :
[log in to unmask]
|