wiki:developers-meeting-20090623
Last modified 12 years ago Last modified on 06/24/09 18:27:44

Participants

Patrick, Tigran, Owen, Paul; Gerd, Marco; Timur, Ted, Tanja, Gen, Alex

Agenda

(see Table of Contents)

Status of 1.9.3 release

Cut it tomorrow and start testing.

Goal to release on Monday.

Timeline for 1.9.3, 1.9.4 and 1.9.5 releases

Plan for the release of v1.9.4 between 13th -- 17th July.

Features we anticipate

  • Inclusion is the tape protection.
  • Maybe includes Tigran's mega-message
  • Maybe includes Info service patches

The cut-off for patches is Monday 13th 12:00 cut-off for patches v1.9.4 release.

Timur is working on getting experimental support for distributed SRM server. It's a little bit more involved than first thought, due to distributed nature and object initialisation. It would be nice if it got in.

What about duplicated entries in Space Manager?

Issue that Gerd saw a message about duplicated entries: he's nervous about them but it doesn't seem to cause problems.

Another issue to do with serialisation of authorisation record: Gerd reported this. Timur submitted a patch to fix this problem.

vomdir and 1.9.2

The current 1.9.2 branch has the problem that it needs voms directory is needed for dCache to start up.

That is an assumption that gLite developers made, but isn't universally valid. Create this directory and (since it can't be empty) populate it with an empty file.

Pointing to

First:

The premise that its a security risk not to validate is not universal: if you're using grid vo role map; with GUMS validates itself.

With grid vo role map it's a security risk not to validate VOMS server.

Gerd: all the gLite stuff is validating VOMS server.

This is an option in gLite because it's requires manual

Needs to be documented in the release notes.

We have a grid-security directory: if it is empty, then we fail requires. VOMS should follow this?

1.9.2 default is off

1.9.3 default is on.

Usability: in install script: big fat warning if voms directory is empty.

Two issues:

o initialising of JAR o if we ask for voms validation o pass this to back-end to validate.

SRM is using gLite to extract details.

Operate in a mode where SRM extract chain and sends this to gPlazma for authorisation.

SRM caching of credentials: is this a security issue?

We used to have two type: credential & authorisation caching.

Credential caching is design to minimise number of delegations done by client. DN+VO-role as key into this storage of cached credentials.

Same user certificate,

dcap client for Solaris

Linking to VDT / Nordugrid

Issues from Tier-1 meeting

No major ones.

Rootless Operation

People agreed this is a good long-term goal.

Open tickets

Gerd : 4590: gPlazma NPE

Timur to talk to Ted about this.

Jon : 4547: tape timeouts

Discussion with Patrick, Timur to following

Review of outstanding review requests

No one had specific reviews they wanted to bring up.

DTNM

Wednesday 1st July 2009.

Summary of AP