gLite > gLite 3.1 > glite-VOBOX > Update to glite-VOBOX 3.1.18-0  
 
 

 

 

gLite 3.1

glite-VOBOX - Update to version 3.1.18-0


Date 08.10.2008
Priority Normal

Description



glite-BDII
This updated version of the the BDII fixes a number of outstanding issues, improves the configuration and provides some additional features.
The BDII now uses the bdb backend for OpenLDAP as the ldbm backend is now obsolete. The slapd file used to configure the OpenLDAP database is now in the etc directory rather than embedded in the code. The location of this file is a new configuration parameter in the bdii.conf file BDII_SLAPD_CONF.
The default LDAP entries used in the BDII can also be found in a default LDIF file in the etc directory. The location of this file is a new configuration parameter in the bdii.conf file BDII_DEFAULT_LDIF. The var directory used by the BDII is not configurable with the parameter BDII_VAR_DIR

For full details on configuration of the BDII, please take a look at the BDII documentation This release of the BDII also contains two new features:
  • The first in the introduction of the entry, dn: Hostname=ldap://host:2170,o=infosys
    This entry gives some monitoring information about the BDII.
  • The second is the availability of the BDII content in a compressed form which is given by the following entry, dn: Hostname=ldap://host:2170,CompressionType=zip,o=infosys
The update order should hot matter however best practice should be followed and the top-level bdii should be updated first, followed by the site-level bdii and finally the resource-level BDII.
glite-yaim-core
This update contains the introduction of a number of new variables:
  • VO_<vo_name>_MAP_WILDCARDS
  • DN_GRIDMAPFILE
  • VOMS_GRIDMAPFILE
  • SPECIAL_POOL_ACCOUNTS
  • BDII_LIST
  • CONFIG_USERS
  • LOCAL_GROUPS_CONF
  • EDGUSERS
  • DPMMGR_USER
  • DPMMGR_GROUP
  • LFCMGR_USER
  • LFCMGR_GROUP
  • EDG_USER
  • EDG_GROUP
  • EDGINFO_USER
  • EDGINFO_USER
  • RGMA_USER
  • RGMA_GROUP
  • GLITE_USER
  • GLITE_GROUP
  • GLITE_HOME_DIR
  • INFOSYS_GROUP
  • BDII_USER
  • BDII_GROUP
For a description of these variables please check: https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables

New features:
  • Wildcards can be now added to the gridmap file and groupmap file for LCMAPS configuration. In order to have the wildcards configured for your VO you have to define VO_<vo_name>_MAP_WILDCARDS=yes. By default these variables are not defined and therefore wildcards are not added. One wildcard will be added per existing FQAN.
  • User configuration can be now enabled/disabled by defining CONFIG_USERS=yes/no. The default is 'yes'. If you disable this option, you have to make sure users defined in EDGUSERS file are created in your system. You should also create a set of pool and special accounts and describe them in a file similar to that of USERS_CONF. This variable should then contain the path to your file.
  • Note that the files /opt/glite/yaim/examples/groups.conf and /opt/glite/yaim/examples/users.conf are example files that have to be adapted according to the supported VOs.
  • groups.conf can be now specified per VO by creating a new directory 'group.d' under the siteinfo directory and creating one groups-<vo-name>.conf file per supported VO. However, the old way of specifying one single groups.conf for all the VOs is also supported. In order to choose one or another option:
    • If GROUPS_CONF is defined in site-info.def, then all the groups should be defined for all the supported VOs in the specified file.
    • If GROUPS_CONF is NOT defined, then the group.d directory must exist with one groups-<vo-name>.conf file per supported VO.
  • A local groups.conf file, that is used only within a specific site and that is independent from the general groups that a VO needs to deploy in a site, can be defined by using the variable LOCAL_GROUPS_CONF where all the special groups for a certain site can be defined.
  • Service users like dpmmgr or edguser are no longer hardcoded and can be configured in site-info.def for non standard values. See EDGUSERS file for more information.
  • VO_<vo_name>_VOMS_CA_DN is now a mandatory variable to create the lsc files.


Please also have a look at the list of known issues.

This update fixes various bugs. For the full list of bugs, please see list below.

Fixed bugs

Number Description
 #14813 There is a possible vulnerability issue concerning config files
 #17549 Reassigned item: separate user for BDII daemon
 #17554 Reassigned item: service user names must not be hardcoded
 #23073 bdii: LDAP Stubs incorrect
 #23904 bdii: var directory under /opt
 #29032 Dangerous selection of functions
 #29311 *_check and *_setenv functions dont display STDERR
 #30651 glite-info-provider-ldap: Expand usage
 #31288 YAIM should exit early if site-info.def is syntatically invalid.
 #31362 bdii : /opt/bdii/etc/bdii.conf should not be world readable
 #31433 The default LCMAPS configuration in YAIM does not match generic VOMS groups/roles
 #31773 [YAIM] It should be possible to disable yaim's user creation
 #31895 [ yaim-bdii ] site BDII doesn't publish its own information
 #31922 glite-info-provider-ldap: Site structural data incorrect.
 #32655 glite-yaim-bdii: FCR in hardcoded
 #32743 [ YAIM ] New feature: proper exit codes should be introduced
 #32764 YAIM: glite-yaim-core shoud set PERLLIB and PYTHONPATH for /opt/lcg/lib/...
 #33928 [ YAIM ] groups.conf per vo
 #34010 [yaim] config_gip updates
 #34033 [ YAIM ] move site-info.def variables with a default value to site-info.pre/post
 #34251 wrong port for OPS VO on voms.cern.ch in YAIM's example site-info.def
 #34387 [ YAIM ] -a option doesn't work
 #34398 [ YAIM ] mysqld not enabled on init by default in DPM
 #34685 config_gip (and config_gip_only) fail to find existing group correctly
 #34734 Example in site-info.def still uses old format of group.conf
 #34824 YAIM: config_ldconfig problems on x86_64
 #35244 Can't submit jobs using voms proxies with roles due to a mapping problem
 #35307 yaim 4.0.4 is pedantic about directory permissions
 #35373 variable check in config_vomsdir fails (glite-yaim-core-4.0.4-1)
 #35839 yaim scripts should not use the rpm command for UI and WN configuration
 #35890 config_gip_ce_check returns error, but no further information
 #36287 LB_HOST is not set
 #36976 ERROR: SW_DIR for OPS is not set! not detected with a -v.
 #37509 [User Interface] Missing variables in example site-info.def
 #37621 [AFS UI] error when sourcing grid-env.sh with zsh
 #37711 [ YAIM ] Make VOMS_CA_DN variable compulsory
 #38464 [ YAIM ] Fix race condition in edg-mkgridmap to avoid grid-mapfiles without VOMS FQANs
 #38466 [ YAIM ] Update config_mkgridmap by removing obsolete code
 #38469 [ YAIM ] SPECIAL_POOL_ACCOUNTS variable has to be documented
 #38897 [ yaim-bdii ] SITE_OTHER_GRID should be a mandatory variable
 #39018 new man path needs to be added
 #39174 [ YAIM ] fetch-crl cron job should not be created it it already exists
 #39271 Problems with kinit
 #39326 lcg-CE grid-mapfile generation has a serious flaw
 #39683 [ yaim-bdii ] YAIM version for yaim bdii
 #39769 [ yaim-bdii ] BDII_REGIONS variable should be mandatory

Updated rpms

Name Version Full RPM name Description
bdii 4.0.0-5 bdii-4.0.0-5.noarch.rpm bdii
glite-VOBOX 3.1.18-0 glite-VOBOX-3.1.18-0.i386.rpm gLite metapackage (glite-VOBOX)
glite-yaim-core 4.0.5-7 glite-yaim-core-4.0.5-7.noarch.rpm glite-yaim-core
glue-schema 1.3.0-4 glue-schema-1.3.0-4.noarch.rpm glue-schema

The RPMs can be updated using yum via

Service reconfiguration after update

Required.

Service restart after update

Required.

How to apply the fix

  1. Update the RPMs (see above)
  2. Update configuration (see above)
  3. Restart the service if necessary (see above)