> -----Original Message-----
> From: LHC Computer Grid - Rollout
> [mailto:[log in to unmask]] On Behalf Of
> Christian Neissner
> Sent: Tuesday 12 June 2007 14:36
> To: [log in to unmask]
> Subject: Re: [LCG-ROLLOUT] LCAS LCMAPS working now but jobs
> still won't run
>
> Hi Maarten:
>
> On Tue, 12 Jun 2007 12:59:12 +0200, Maarten Litmaath
> <[log in to unmask]> wrote:
> >That file is irrelevant when you properly configure the gLite CE.
> >It currently uses /etc/grid-security/grid-mapfile and
> >/etc/grid-security/groupmapfile, nothing else.
>
> Can you give me an example of those files in properly
> configured gliteCE? And by the way, how do they look like on
> a WMS? Because we had to install both machines "by hand" the
> generation of those files didn't work very well.
For us it's:
example /etc/grid-security/grid-mapfile (on CE):
"/phicos/Role=lcgadmin/Capability=NULL" .phicossgm
"/phicos/Role=lcgadmin" .phicossgm
"/phicos/Role=production/Capability=NULL" .phicosprd
"/phicos/Role=production" .phicosprd
"/phicos/Role=NULL/Capability=NULL" .phico
"/phicos" .phico
"/dteam/Role=lcgadmin/Capability=NULL" .dteamsgm
"/dteam/Role=lcgadmin" .dteamsgm
"/dteam/Role=production/Capability=NULL" .dteamprd
"/dteam/Role=production" .dteamprd
"/dteam/Role=NULL/Capability=NULL" .dteam
"/dteam" .dteam
on WMS:
...
"/O=dutchgrid/O=users/O=philips-natlab/CN=Some1 Name" .phico
"/O=dutchgrid/O=users/O=philips-natlab/CN=Some2 Name" .phicossgm
"/O=dutchgrid/O=users/O=philips-natlab/CN=Some3 Name" .phicossgm
...
example /etc/grid-security/groupmapfile (on CE, not sure if this is correct):
"/phicos/Role=lcgadmin/Capability=NULL" phicossgm
"/phicos/Role=lcgadmin" phicossgm
"/phicos/Role=production/Capability=NULL" phicosprd
"/phicos/Role=production" phicosprd
"/phicos/Role=NULL/Capability=NULL" phicos
"/phicos" phicos
"/dteam/Role=lcgadmin/Capability=NULL" dteamsgm
"/dteam/Role=lcgadmin" dteamsgm
"/dteam/Role=production/Capability=NULL" dteamprd
"/dteam/Role=production" dteamprd
"/dteam/Role=NULL/Capability=NULL" dteam
"/dteam" dteam
/dteam dteam
/dteam/* dteam
/phicos phicos
/phicos/* phicos
On WMS:
/dteam dteam
/dteam/* dteam
/phicos phicos
/phicos/* phicos
Grtz,
Serge
|