Hi Daniela,
it's the Globus version the client should use when creating the proxy
(voms-proxy-init -globus 24). It affects the type of proxy that is created. 24
creates a GT2 proxy (same as -old / -proxyver 2 options), 31 creates a pre-RFC
proxy (-proxyver 3) and 40 creates an RFC proxy (-rfc / -proxyver 4).
Cheers,
Robert
On 08/10/13 10:58, Daniela Bauer wrote:
> Hi,
>
> Out of interest - does anyone know why Atlas has this mystery '24' in
> the configuration ?
> Other VOs seem to make do without.
>
>
> Cheers,
> Daniela
>
> ---------- Forwarded message ----------
> From: EGI BROADCAST <[log in to unmask]>
> Date: 7 October 2013 15:06
> Subject: [ EGI BROADCAST ] IMPORTANT - ATLAS VOMS configuration to be updated
> To: Site administrators/UKI-LT2-UCL-HEP <[log in to unmask]>
>
>
> ---------------------------------------------------------------------------------------------------------------
> EGI BROADCAST TOOL : https://operations-portal.egi.eu/broadcast
>
> ---------------------------------------------------------------------------------------------------------------
> Publication from : litmaath <[log in to unmask]>
> Targets : Site administrators/UKI-LT2-UCL-HEP
> <[log in to unmask]>
> ----------------------------------------------------------------------------------------------------------------
>
>
>
> Dear EGI site admins,
>
> this message is important for sites supporting the ATLAS VO.
>
> ATLAS have a VOMS server vo.racf.bnl.gov whose host DN recently has changed,
> causing proxies signed by that server to be refused by grid services.
>
> The VOMS server was therefore switched off for the time being, until all
> relevant grid services have been reconfigured with the updated details.
>
> On services that are VOMS-aware, please ensure the following file has
> the given content:
>
> -----------------------------------------------------------------------------
> $ cat /etc/grid-security/vomsdir/atlas/vo.racf.bnl.gov.lsc
> /DC=com/DC=DigiCert-Grid/O=Open Science Grid/OU=Services/CN=vo.racf.bnl.gov
> /DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1
> -----------------------------------------------------------------------------
>
> Some services (e.g. UI, WN, VOBOX, WMS) also have files like the following
> to be corrected (line folded for readability):
>
> -----------------------------------------------------------------------------
> $ cat /etc/vomses/atlas-vo.racf.bnl.gov | fold -w 62
> "atlas" "vo.racf.bnl.gov" "15003" "/DC=com/DC=DigiCert-Grid/O=
> Open Science Grid/OU=Services/CN=vo.racf.bnl.gov" "atlas" "24"
> -----------------------------------------------------------------------------
>
> Sites using YAIM please apply these site-info.def definitions:
>
> -----------------------------------------------------------------------------
> VO_ATLAS_VOMS_SERVERS='vomss://voms.cern.ch:8443/voms/atlas?/atlas/'
> VO_ATLAS_VOMSES="\
> 'atlas lcg-voms.cern.ch 15001 \
> /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch atlas 24' \
> 'atlas voms.cern.ch 15001 \
> /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch atlas 24' \
> 'atlas vo.racf.bnl.gov 15003 \
> /DC=com/DC=DigiCert-Grid/O=Open Science Grid/OU=Services/CN=vo.racf.bnl.gov \
> atlas 24' \
> "
> VO_ATLAS_VOMS_CA_DN="\
> '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
> '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' \
> '/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1' \
> "
> -----------------------------------------------------------------------------
>
>
> ----------------------------------------------------------------------------------------------------------------
> link to this broadcast :
> https://operations-portal.egi.eu/broadcast/archive/id/1022
> ----------------------------------------------------------------------------------------------------------------
>
>
>
|