gLite > gLite 3.1 > glite-AMGA_postgres > Update to glite-AMGA_postgres 3.1.8-0  
 
 

 

 

gLite 3.1

glite-AMGA_postgres - Update to version 3.1.8-0


Date 08.10.2008
Priority Normal

Description



glite-yaim-core
This update contains the introduction of a number of new variables:
  • VO_<vo_name>_MAP_WILDCARDS
  • DN_GRIDMAPFILE
  • VOMS_GRIDMAPFILE
  • SPECIAL_POOL_ACCOUNTS
  • BDII_LIST
  • CONFIG_USERS
  • LOCAL_GROUPS_CONF
  • EDGUSERS
  • DPMMGR_USER
  • DPMMGR_GROUP
  • LFCMGR_USER
  • LFCMGR_GROUP
  • EDG_USER
  • EDG_GROUP
  • EDGINFO_USER
  • EDGINFO_USER
  • RGMA_USER
  • RGMA_GROUP
  • GLITE_USER
  • GLITE_GROUP
  • GLITE_HOME_DIR
  • INFOSYS_GROUP
  • BDII_USER
  • BDII_GROUP
For a description of these variables please check: https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables

New features:
  • Wildcards can be now added to the gridmap file and groupmap file for LCMAPS configuration. In order to have the wildcards configured for your VO you have to define VO_<vo_name>_MAP_WILDCARDS=yes. By default these variables are not defined and therefore wildcards are not added. One wildcard will be added per existing FQAN.
  • User configuration can be now enabled/disabled by defining CONFIG_USERS=yes/no. The default is 'yes'. If you disable this option, you have to make sure users defined in EDGUSERS file are created in your system. You should also create a set of pool and special accounts and describe them in a file similar to that of USERS_CONF. This variable should then contain the path to your file.
  • Note that the files /opt/glite/yaim/examples/groups.conf and /opt/glite/yaim/examples/users.conf are example files that have to be adapted according to the supported VOs.
  • groups.conf can be now specified per VO by creating a new directory 'group.d' under the siteinfo directory and creating one groups-<vo-name>.conf file per supported VO. However, the old way of specifying one single groups.conf for all the VOs is also supported. In order to choose one or another option:
    • If GROUPS_CONF is defined in site-info.def, then all the groups should be defined for all the supported VOs in the specified file.
    • If GROUPS_CONF is NOT defined, then the group.d directory must exist with one groups-<vo-name>.conf file per supported VO.
  • A local groups.conf file, that is used only within a specific site and that is independent from the general groups that a VO needs to deploy in a site, can be defined by using the variable LOCAL_GROUPS_CONF where all the special groups for a certain site can be defined.
  • Service users like dpmmgr or edguser are no longer hardcoded and can be configured in site-info.def for non standard values. See EDGUSERS file for more information.
  • VO_<vo_name>_VOMS_CA_DN is now a mandatory variable to create the lsc files.


Please also have a look at the list of known issues.

This update fixes various bugs. For the full list of bugs, please see list below.

Fixed bugs

Number Description
 #14813 There is a possible vulnerability issue concerning config files
 #17549 Reassigned item: separate user for BDII daemon
 #17554 Reassigned item: service user names must not be hardcoded
 #29032 Dangerous selection of functions
 #29311 *_check and *_setenv functions dont display STDERR
 #31288 YAIM should exit early if site-info.def is syntatically invalid.
 #31433 The default LCMAPS configuration in YAIM does not match generic VOMS groups/roles
 #31773 [YAIM] It should be possible to disable yaim's user creation
 #32743 [ YAIM ] New feature: proper exit codes should be introduced
 #32764 YAIM: glite-yaim-core shoud set PERLLIB and PYTHONPATH for /opt/lcg/lib/...
 #33928 [ YAIM ] groups.conf per vo
 #34010 [yaim] config_gip updates
 #34033 [ YAIM ] move site-info.def variables with a default value to site-info.pre/post
 #34251 wrong port for OPS VO on voms.cern.ch in YAIM's example site-info.def
 #34387 [ YAIM ] -a option doesn't work
 #34398 [ YAIM ] mysqld not enabled on init by default in DPM
 #34685 config_gip (and config_gip_only) fail to find existing group correctly
 #34734 Example in site-info.def still uses old format of group.conf
 #34824 YAIM: config_ldconfig problems on x86_64
 #35244 Can't submit jobs using voms proxies with roles due to a mapping problem
 #35307 yaim 4.0.4 is pedantic about directory permissions
 #35373 variable check in config_vomsdir fails (glite-yaim-core-4.0.4-1)
 #35839 yaim scripts should not use the rpm command for UI and WN configuration
 #35890 config_gip_ce_check returns error, but no further information
 #36287 LB_HOST is not set
 #36976 ERROR: SW_DIR for OPS is not set! not detected with a -v.
 #37509 [User Interface] Missing variables in example site-info.def
 #37621 [AFS UI] error when sourcing grid-env.sh with zsh
 #37711 [ YAIM ] Make VOMS_CA_DN variable compulsory
 #38464 [ YAIM ] Fix race condition in edg-mkgridmap to avoid grid-mapfiles without VOMS FQANs
 #38466 [ YAIM ] Update config_mkgridmap by removing obsolete code
 #38469 [ YAIM ] SPECIAL_POOL_ACCOUNTS variable has to be documented
 #39018 new man path needs to be added
 #39174 [ YAIM ] fetch-crl cron job should not be created it it already exists
 #39271 Problems with kinit
 #39326 lcg-CE grid-mapfile generation has a serious flaw

Updated rpms

Name Version Full RPM name Description
glite-AMGA_postgres 3.1.8-0 glite-AMGA_postgres-3.1.8-0.i386.rpm gLite metapackage (glite-AMGA_postgres)
glite-yaim-core 4.0.5-7 glite-yaim-core-4.0.5-7.noarch.rpm glite-yaim-core

The RPMs can be updated using yum via

Service reconfiguration after update

Not needed.

Service restart after update

Not needed.

How to apply the fix

  1. Update the RPMs (see above)
  2. Update configuration (see above)
  3. Restart the service if necessary (see above)