[gin-auth] The new VOMS Server for GIN is active from now

Vincenzo Ciaschini vincenzo.ciaschini at cnaf.infn.it
Fri Mar 10 01:45:19 CST 2006 

Cindy Zheng wrote:

> Hi, Vincenzo,
> 
> 
>>You need to do nothing special with the server certificate other than 
>>installing it (along with the key) in /etc/grid-security.
> 
> 
> Do you mean the server cert dec-2005-kuiken.nikhef.nl.pem?
> What's the key?
> 

I fear that for the file name of the key you should ask whoever gave you 
the certificate.

Bye,
    Vincenzo

P.S:  I just realized I may have misunderstood your question.  If you 
meant:  what to do with the VOMS server cert in other machines (not the 
VOMS server), then the answer would have been instead:

Copy the certificate (not the key) in /etc/grid-security/vomses/<voname>/


> Thanks,
> 
> Cindy
> 
> 
>>-----Original Message-----
>>From: Vincenzo Ciaschini [mailto:vincenzo.ciaschini at cnaf.infn.it] 
>>Sent: Thursday, March 09, 2006 10:45 PM
>>To: Cindy Zheng
>>Cc: 'Yusuke Tanimura'; 'Oscar Koeroo'; gin-auth at ggf.org; 
>>'Olivier van der Aa'; 'Philip Papadopoulos'; 'Catlett 
>>Charlie'; 'David Colling'; m.aggarwal at imperial.ac.uk; 
>>yoshio.tanaka at aist.go.jp; 'Dane Skow'; 'JP Navarro'; 
>>'Arzberger Peter'; fplin at nchc.org.tw; 'mason j. katz'
>>Subject: Re: [gin-auth] The new VOMS Server for GIN is active from now
>>
>>
>>Cindy Zheng wrote:
>>
>>>Thank you, Vincenzo! These are very helpful 
>>>requirement info. Perhaps can be included in 
>>>the INSTALL file in the voms package?
>>>
>>
>>Yes.
>>
>>
>>>Now I have finished make and make install.
>>
>>So, you can confirm that now building worked?  If so, I will commit 
>>1.6.21, which will remove the need for the workaround during 
>>compilation.  I will announce here once it is done.
>>
>>
>>>What do I need to do with the server pem file,
>>>mkgridmap.conf etc.? Is there an url for such 
>>>instructions?
>>>
>>
>>You need to do nothing special with the server certificate other than 
>>installing it (along with the key) in /etc/grid-security.
>>
>>Also, there is no need of having a gridmapfile in the VOMS server, so 
>>there is no need to do anything special.  If you instead 
>>meant what to 
>>do on other sites to get a gridmapfile from VOMS, then the 
>>exact format 
>>depends on how you configure VOMS, so instructions are 
>>provided by voms 
>>itself, at the page of the admin interface.  See the "configuration 
>>info" link.
>>
>>Bye,
>>    Vincenzo
>>
>>
>>>Dear all, I'm thinking that this may be a good 
>>>opportunity to find out what info we need to 
>>>provide to Other grid admins and users to make 
>>>Grid interopration easier. Perhaps through our 
>>>experiment, we can jot down a step by step 
>>>interoperation guide for each grid?
>>>
>>>Welcome thoughts and suggestions from everyone! 
>>>
>>>Thanks,
>>>
>>>Cindy 
>>>
>>>
>>>
>>>>-----Original Message-----
>>>>From: Vincenzo Ciaschini [mailto:vincenzo.ciaschini at cnaf.infn.it] 
>>>>Sent: Thursday, March 09, 2006 12:24 PM
>>>>To: mason j. katz
>>>>Cc: Cindy Zheng; 'Yusuke Tanimura'; 'Oscar Koeroo'; 
>>>>gin-auth at ggf.org; 'Olivier van der Aa'; 'Philip 
>>>>Papadopoulos'; 'Catlett Charlie'; 'David Colling'; 
>>>>m.aggarwal at imperial.ac.uk; yoshio.tanaka at aist.go.jp; 'Dane 
>>>>Skow'; 'JP Navarro'; 'Arzberger Peter'; fplin at nchc.org.tw
>>>>Subject: Re: [gin-auth] The new VOMS Server for GIN is 
>>
>>active from now
>>
>>>>
>>>>doxygen is only a requirement if you want documentation.  
>>>>Otherwise, you 
>>>>can disable doc generation with the --enable-docs=no option 
>>>>to configure.
>>>>
>>>>Anywya, the software requirements are the following:
>>>>
>>>>Globus   Version 2.0 and up.
>>>>expat    (both libraries and includes) from 1.95.5 and up.  Not
>>>>         tested with prevoius version, but it should work.
>>>>
>>>>doxygen  Tested with 1.3.5, should work with earlier versions.
>>>>latex
>>>>sgml tools.
>>>>
>>>>Note that the need for doxygen, latex and the sgml tools 
>>>>disappears if 
>>>>--enable-docs=no is specified.
>>>>
>>>>
>>>>Finally, at least one of:
>>>>mysql       include and libraries from 4.0.14 and up
>>>>Oracle      include and libraries, tested with 10, should also
>>>>            work with 9.
>>>>
>>>>Bye,
>>>>   Vincenzo
>>>>
>>>>mason j. katz wrote:
>>>>
>>>>
>>>>>In addition to doxygen are there any other requirements 
>>>>
>>>>that systems  
>>>>
>>>>
>>>>>may not typically have installed?
>>>>>
>>>>>Cindy - look in 
>>
>>(/home/install/rocks-dist/lan/i386/RedHat/RPMS) on  
>>
>>>>>crayon and you will see all the OS RPMs, you can install 
>>>>
>>>>the doxygen  on 
>>>>
>>>>
>>>>>one the frontend and try the compilation again.
>>>>>
>>>>>   -mjk
>>>>>
>>>>>On Mar 9, 2006, at 1:01 AM, Cindy Zheng wrote:
>>>>>
>>>>>
>>>>>
>>>>>>Hi, Vincenzo,
>>>>>>
>>>>>>I don't see any rpm bearing name with doxygen, but did find
>>>>>>some files named with doxygen. Since this is rocks cluster,
>>>>>>it came with a lot of software build in, I'll check with our
>>>>>>Rocks developers to be sure. What version of Doxygen does
>>>>>>voms require?
>>>>>>
>>>>>>Thanks,
>>>>>>
>>>>>>Cindy
>>>>>>
>>>>>>
>>>>>>
>>>>>>>-----Original Message-----
>>>>>>>From: Vincenzo Ciaschini [mailto:vincenzo.ciaschini at cnaf.infn.it]
>>>>>>>Sent: Wednesday, March 08, 2006 11:14 PM
>>>>>>>To: zhengc at sdsc.edu
>>>>>>>Cc: 'Mason Katz'; 'Yusuke Tanimura'; 'Oscar Koeroo';
>>>>>>>gin-auth at ggf.org; 'Olivier van der Aa'; 'Philip
>>>>>>>Papadopoulos'; 'Catlett Charlie'; 'David Colling';
>>>>>>>m.aggarwal at imperial.ac.uk; yoshio.tanaka at aist.go.jp; 'Dane
>>>>>>>Skow'; 'JP Navarro'; 'Arzberger Peter'; fplin at nchc.org.tw
>>>>>>>Subject: Re: [gin-auth] The new VOMS Server for GIN is 
>>>>
>>>>active from  now
>>>>
>>>>
>>>>>>>Cindy Zheng wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>Thank you, Vincenzo, for your help!
>>>>>>>
>>>>>>>
>>>>>>>Hi Cindy,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>The work-around got me a lot further along.
>>>>>>>>But I encountered another error during make.
>>>>>>>>Since Yusuke was able to install with GT 2.4.3 without
>>>>>>>>much problem, I wonder if this is because that we are
>>>>>>>>running GT4?
>>>>>>>>
>>>>>>>>I'm attaching the log files (unix text files).
>>>>>>>
>>>>>>>What exactly the error was is uncertain since you only sent
>>>>>>>me stdout,
>>>>>>>but not stderr, so the actual error message is not present in
>>>>>>>the dump.
>>>>>>>
>>>>>>>However, judging from where compilation stopped, you had
>>>>>>>problems with
>>>>>>>doxygen during the generation of the documentation.
>>>>>>>
>>>>>>>Can you tell me what version of doxygen you have installed?
>>>>>>>
>>>>>>>Bye,
>>>>>>>   Vincenzo
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>Thanks again!
>>>>>>>>
>>>>>>>>Cindy
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>>-----Original Message-----
>>>>>>>>>From: Vincenzo Ciaschini 
>>>>
>>>>[mailto:vincenzo.ciaschini at cnaf.infn.it]
>>>>
>>>>
>>>>>>>>>Sent: Wednesday, March 08, 2006 4:30 AM
>>>>>>>>>To: Cindy Zheng
>>>>>>>>>Cc: 'Mason Katz'; 'Yusuke Tanimura'; 'Oscar Koeroo';
>>>>>>>>>gin-auth at ggf.org; 'Olivier van der Aa'; 'Philip
>>>>>>>>>Papadopoulos'; 'Catlett Charlie'; 'David Colling';
>>>>>>>>>m.aggarwal at imperial.ac.uk; yoshio.tanaka at aist.go.jp; 'Dane
>>>>>>>>>Skow'; 'JP Navarro'; 'Arzberger Peter'; fplin at nchc.org.tw
>>>>>>>>>Subject: Re: [gin-auth] The new VOMS Server for GIN is
>>>>>>>
>>>>>>>active from now
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>>Cindy Zheng wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>Thank you, Vincenzo, for your reply!
>>>>>>>>>>We are running Rocks which has GT4 already build-in.
>>>>>>>>>>I believe it's NMI distribution. To be sure, better
>>>>>>>>>>have our Rocks expert, Mason, to answer your questions.
>>>>>>>>>>Mason, could you answer Vincenzo's questions?
>>>>>>>>>>
>>>>>>>>>>Thanks,
>>>>>>>>>>
>>>>>>>>>>Cindy
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>Hi Cindy,
>>>>>>>>>
>>>>>>>>>  I think I have a pretty good understanding of what the
>>>>>>>>>problem is,
>>>>>>>>>and of a solution to it, along with a (admittedly ugly)
>>>>>>>>>workaround while
>>>>>>>>>we commit the solution.
>>>>>>>>>
>>>>>>>>>Explanation:
>>>>>>>>>  Normally, the $GLOBUS_LOCATION/include/ directory contains a
>>>>>>>>>subdirectory for each globus flavor.  No packaging of globus
>>>>>>>>>we tested
>>>>>>>>>had the ldap_backend directory there.  The ./configure 
>>>>
>>>>script takes
>>>>
>>>>
>>>>>>>>>advantage of this to discover what flavors are present.
>>>>>>>
>>>>>>>Clearly, the
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>>presence of ldap_backend messes things up.
>>>>>>>>>
>>>>>>>>>The solution:
>>>>>>>>>  We will rewrite the configure.ac script to take into
>>>>>>>
>>>>>>>account the
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>>possible presence of the ldap_backend directory.
>>>>>>>>>
>>>>>>>>>The workaround:
>>>>>>>>>  While waiting for the new release, you can do the 
>>>>
>>>>following to
>>>>
>>>>
>>>>>>>>>compile anyway:
>>>>>>>>>
>>>>>>>>>1) mv $GLOBUS_LOCATION/include/ldap_backend $GLOBUS_LOCATION/
>>>>>>>>>2) do the normal build cycle (configure/make/make install)
>>>>>>>>>3) mv $GLOBUS_LOCATION/ldap_backend £GLOBUS_LOCATION/include/
>>>>>>>>>
>>>>>>>>>Bye,
>>>>>>>>>  Vincenzo
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>>-----Original Message-----
>>>>>>>>>>>From: Vincenzo Ciaschini 
>>>>
>>>>[mailto:vincenzo.ciaschini at cnaf.infn.it]
>>>>
>>>>
>>>>>>>>>>>Sent: Wednesday, March 08, 2006 12:01 AM
>>>>>>>>>>>To: zhengc at sdsc.edu
>>>>>>>>>>>Cc: 'Yusuke Tanimura'; 'Oscar Koeroo'; gin-auth at ggf.org;
>>>>>>>>>>>'Olivier van der Aa'; 'Philip Papadopoulos'; 'Catlett
>>>>>>>>>>>Charlie'; 'David Colling'; m.aggarwal at imperial.ac.uk;
>>>>>>>>>>>yoshio.tanaka at aist.go.jp; 'Dane Skow'; 'JP Navarro';
>>>>>>>>>>>'Arzberger Peter'; fplin at nchc.org.tw; 'Mason Katz'
>>>>>>>>>>>Subject: Re: [gin-auth] The new VOMS Server for GIN is
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>active from now
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>>Cindy Zheng wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>>Hi, Vincenzo,
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>Hi Cindy,
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>>Following you and Yusuke's discussion, I downloaded
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>http://glite.web.cern.ch/glite/packages/R1.5/N2006030
>>
>>3/src/gli
>>
>>>>>>>>>>
>>>>>>>>>>te-security-vo
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>ms-1.6.20_src.tar.gz
>>>>>>>>>>>ran configure and make, then encountered an error (below)
>>>>>>>>>>>with make. I'm also attaching the full log with command
>>>>>>>>>>>lines. The target cluster is a rocks 4.1 cluster, running
>>>>>>>>>>>GT4. Appreciate any help. Let me know if you need more info.
>>>>>>>>>>>
>>>>>>>>>>>Cindy
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>Here is the problem, taken from the output of configure:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>checking for GLOBUS flavors... found  gcc32dbg gcc32dbgpthr
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>ldap_backend (gcc32dbg selected)
>>>>>>>>>>
>>>>>>>>>>As you can see, ldap_backend is discovered as a flavor even
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>though it
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>obviously is not one.   I'd have to say this is the first
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>time something
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>like this happens. What version of globus have you
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>installed ?  And was
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>it taken from the globus site or from some other packaging?
>>>>>>>>>>
>>>>>>>>>>Bye,
>>>>>>>>>>  Vincenzo
>>>>>>>>>>
>>>>>>>>>
>

More information about the gin-auth mailing list