Last modified 12 years ago
Last modified on 10/13/08 12:21:14
dcacheVoms2Gplasma
Is a simple script that queries VOMS servers and gridmap files to build the dcache configuration files for gPlasma.
/etc/grid-security/grid-vorolemap /etc/grid-security/storage-authzdb
Invoking the script without any parameters automatically shows the help.
/opt/d-cache/sbin/dcacheVoms2Gplasma.py dcacheVoms2Gplasma.py -h, --help Display help information -v, --version Version -c, --config Set config file -a, --authzdb Generate authzdb -r, --vorolemap Generate vorolemap -q, --query Query voms server ERROR: config file 'dcacheVoms2Gplasma.conf' not found
It is invoked as
/opt/d-cache/sbin/dcacheVoms2Gplasma.py -r -a -c /opt/d-cache/etc/dcacheVoms2Gplasma.conf -q
Typically by cron.
# cat /etc/cron.d/dcacheVoms2Gplasma PATH=/sbin:/bin:/usr/sbin:/usr/bin 40 0,6,12,18 * * * root /opt/d-cache/sbin/dcacheVoms2Gplasma.py -r -a -c /opt/d-cache/etc/dcacheVoms2Gplasma.conf -q
the configuration format of this file is shown below.
# grid-vorolemap path vorolemap /etc/grid-security/grid-vorolemap # authzdb path authzdb /etc/grid-security/storage-authzdb # import the local gridmap file gmf_local /etc/grid-mapfile 001 # Mapping dteam members to dteam001 uid=18118 gid=2688 group https://lxbra2309.cern.ch:8443/voms/dteam/services/VOMSCompatibility?method=getGridmapUsers&container=/dteam dteam001 18118 2688 # Mapping dteam/Role=production members to prddtm01 uid=50501 gid=2689 group https://lxbra2309.cern.ch:8443/voms/dteam/services/VOMSCompatibility?method=getGridmapUsers&container=/dteam/Role=production prddtm01 50501 2689 # Mapping dteam/Role=lcgadmin members to sgmdtm01 uid=60501 gid=2690 group https://lxbra2309.cern.ch:8443/voms/dteam/services/VOMSCompatibility?method=getGridmapUsers&container=/dteam/Role=lcgadmin sgmdtm01 60501 2690 # Mapping ops members to ops001 uid=45001 gid=45000 group https://voms.cern.ch:8443/voms/ops/services/VOMSCompatibility?method=getGridmapUsers&container=/ops ops001 45001 45000 # Mapping ops/Role=lcgadmin members to sgmops01 uid=60701 gid=46001 group https://voms.cern.ch:8443/voms/ops/services/VOMSCompatibility?method=getGridmapUsers&container=/ops/Role=lcgadmin sgmops01 60701 46001
This script is stored in the RPM and comes with its own configuration file
/opt/d-cache/etc/dcacheVoms2Gplasma.conf /opt/d-cache/sbin/dcacheVoms2Gplasma.py
The latest revision is
dcacheVoms2Gplasma-0.0.7-0.noarch.rpm
but this version is intended to dcache 1.8.0.X as dcache 1.7.0.X and below requires a slightly different format including an extra "/".
For dcache 1.7.0.X
# storage-authzdb created by dcacheVoms2Gplasma version 2.1 # authzdb for dteam001 added by dcacheVoms2Gplasma authorize dteam001 read-write 18118 2688 / / # authzdb for sgmdtm01 added by dcacheVoms2Gplasma authorize sgmdtm01 read-write 60501 2690 / / # authzdb for prddtm01 added by dcacheVoms2Gplasma authorize prddtm01 read-write 50501 2689 / /
For dcache 1.8.0.X
# storage-authzdb created by dcacheVoms2Gplasma version 2.1 # authzdb for dteam001 added by dcacheVoms2Gplasma authorize dteam001 read-write 18118 2688 / / / # authzdb for sgmdtm01 added by dcacheVoms2Gplasma authorize sgmdtm01 read-write 60501 2690 / / / # authzdb for prddtm01 added by dcacheVoms2Gplasma authorize prddtm01 read-write 50501 2689 / / /
If you are generating this file by hand, you should know the VOMS server URL this transform will make the details for you
$thisvoserver="vomss://cclcgvomsli01.in2p3.fr:8443/voms/biomed?/biomed/" $transvoserver=$(echo $thisvoserver | sed -e "s//$//" | sed -e "s/vomss/https/" | sed -e "s/?//services/VOMSCompatibility?method=getGridmapUsers&container=/" ) $echo $transvoserver https://cclcgvomsli01.in2p3.fr:8443/voms/biomed/services/VOMSCompatibility?method=getGridmapUsers&container=/biomed
You can then test the VOMS URL with your web browser.
