wiki:developers-meeting-20090805
Last modified 12 years ago Last modified on 08/05/09 18:39:26

[part of a series of meetings]

Participants

Timur, Vejay, Alex, Dmitry; Gerd, Marco; Patrick, Jan, Paul

Agenda

[see box to the side]

Workarounds for security issue

What do we recommend if a site cannot upgrade from 1.9.0? What can a site do to make them as safe as possible?

Does the vulnerability affect only the SRM or does it also affect the PinManager??

There is a separation between SRM PinManager? and (Srm)SpaceManager in database uses.

Security fixes are checked into 1.9.0 branch so we could make a release. Patrick is happy with this, but believes that the site does not want to upgrade to any new version because they are in the middle of an ATLAS challenge. He will ask them.

PinManager? already uses prepared statements for most operations; SrmSpaceManager also. Also true for 1.9.0.

The site uses different database on different hosts; so they are already

Default values in trac in create

Should drop Chimera's use of postgres user.

Gerd to send an email to support@dcache.

Default values

If you have a tape write pool and namespace entry; pool refuses to delete the file.

We want this to false

  1. cleaner tells
  2. wants to migrate to tape.

Setting this to false doesn't make sense.

We can delete the option.

In node_config.template file; the default namespace is pnfs. Can we change this to chimera? Yes.

Releasing PNFS

We want for Vladimir's patch 64-bit patch.

Upgraded public and been running for a couple of weeks.

Try to get 32-bit out by next Wednesday.

Tape protection

Pool Mngr policy enforcement point PEP

The decision whether to allow staging is in all the doors.

We now have support for moving user identity to the pool manager.

Structurally, the change isn't so difficulty since the door-poolmanager msg contains a bit. This

The utility class

What is the performance implementation on the poolmanager for doing the check?

Depends on two things:

  • how many entries in this particular file.
  • what extent we want to keep this a regular expression.

If you're in a group /a/b then user has /a and /a/b.

Can we switch back to having the PEP in the door?

Yes: door without a

Patrick to talk to Irina. This will happen after the PNFS / ACL issue is solved.

Decoupling chimera from dCache

Java shouldn't need to be setup; in SL 5.

Just before Tigran went on holiday; go the other way.

Or go the other was: make Chimera more tightly coupled.

Timur: can we retain packaging NFS component without

Installation will be easier once Tigran decides on a schema management tools.

Items arising from Tier-1 meeting

From BNL:

failed.pool files in trash directory

cleaner has a lot (91) of "failed.pool" files in the pnfsdb/trash/2/current due to the fact we've removed many pools (need instructions how to clean and prevent this so we can improve our retirement procedure)

Shutdown the cleaner; remove entries; start the cleaner.

dcap client for Solaris

Phenix experiment needs the dcap client for Solaris (follow-up).

MacOS support for dCap

(for dCache server support for installing on Mac)

sorting help on admin interface

help on admin console is good... but if the list of commands came in alphabetical order it might be better (don't know if, right now, there is any logic on the order).

Standardise the output format for the string.

Postgres 8.4

Doris is planning on using this for the CMS instance; Pedro is planning on switching to 8.4 in September.

NDGF plans to use 8.4 on new hardware next week.

Http domain

Doris wants to monitor tape restores.

Would be nice

Total used, Available space.

Second tree of webpages:

  1. list of pools in a link,
  2. defn. pool-sets by regular expressions.

There is the statistics page shows some of these numbers.

Low priority.

Outstanding outstanding RT tickets

4697 pool cannot delete files

An issue whether retaining allowCleaningPreciousFiles option makes sense.

See above.

4699 srm-{get,set}-permissions does not work on DPM

https://gus.fzk.de/ws/ticket_info.php?ticket=50779

Review of review requests

Improving PinManager?

Timur has started work on improving the pin manager.

Using different parameters than when doing Srm-LS: SRM-ls can declare a file is cache.

PoolManagerQueryPool?: is the file anywhere online.

Pin the file using SRM pin the file.

PoolManagerSelectPool? to file

Should we change this to PoolManagerQueryPool?? Avoid scheduling and just pin the file somewhere?

Problem raised by IN2P3.

Gerd: don't know which

Bring-online contains information about: WAN / LAN parameter.

PrepareToGet? -- calculating the transfer URL; fix protocol until after pin has

BringOnline? -- they want to control into which set of pools the file will be staged into: for internal use or for external transfer.

SRM ID into the selection for pools so the pools should be found.

pool is down

Pool is down when file is pinned.

CMS Tier-1

Admin command for bulk pinning; list of files that need to be pinned.

Doors

Can we keep track of door / pool / others compatibility?

Yes, but it would take more work.

DTNM

Same time, next week.