gLite 3.1
glite-VOMS_oracle - Update to version 3.1.11-0
|
| Date |
09.06.08 |
| Priority |
Normal |
Description
VOMS
voms-admin
The new voms-admin release updates voms-admin interface documentation
and improves voms-admin client online documentation as well as
introduces the VOMS-Admin User's guide.
Additionally, old ACL interface methods have been deprecated and several bugs have been fixed.
Configuration
Multiple configuration bugs have been fixed, such as:
- Enabled log rotation on VOMS/VOMS-admin log files (bug 20607)
- Enabled setting of proxy timeout via configuration (bug 17247)
- Enabled usage of voms server hostname (--uri parameter) via configuration
New configuration parameters:
------------------------------------------------------------
Log rotation (Bug 20607)
------------------------------------------------------------
In order to steer the log rotation of voms and voms-admin,
the following configuration parameters have been added:
voms.logrotate.period
- voms core log files (/var/log/glite/voms.*)
- to specify the rotation period (daily|weekly|monthly)
- default: daily
voms.logrotate.logNumber
- voms core log files (/var/log/glite/voms.*)
- to specify the number of copies to keep
- default: 90
All these parameters are 'advanced parameters' and are pre-configured
parameters so they will be taken into account even if not specified
in the configuration. So no configuration file needs to be updated
(if you do not want to update it). They can be set per VO.
------------------------------------------------------------
VOMS proxy timeout period (Bug 17247)
------------------------------------------------------------
voms.proxy.timeout
- The maximum length of the AC's that VOMS will grant
(in seconds). The default value is 24 hours (=86400s).
This parameter can be specified separately per VO.
- default: 86400
Parameter is advanced parameter with pre-defined value and can be set per VO.
------------------------------------------------------------
Known issues:
1. The value set for '--uri' does not contain the ':vomsd_port' suffix,
which is important for voms-proxy-info.
Possible workarounds:
a) After each execution of 'glite-voms-server-config.py --configure' the
voms.conf file for each VO should be adjusted to that the '--uri'
option value is in the form:
voms_server_hostname:vomsd_port
This could be done automatically with the following script:
for vo in /opt/glite/etc/voms/*; do
if [ -d $vo -a -f $vo/voms.conf ]; then
PORT=$(grep "\-\-port" $vo/voms.conf | cut -f 2 -d "=");
sed -i -e "s/--uri=\([^:]*\).*/--uri=\1:$PORT/" $vo/voms.conf;
fi;
done;
b) Another solution is to patch the glite-voms-server-config.py. This could
be done with the following command (copy everything on a single line):
sed -i -e
's/\(\ *\)input\.write("--uri.*/\1input\.write("--uri=%s\:%s\\n"
% (self.voms_hostname, self.voms_port))/'
/opt/glite/etc/config/scripts/glite-voms-server-config.py
Please also have a look at the list of known issues.
This update fixes various bugs. For the full list of bugs, please see list below.
Fixed bugs
| Number | Description |
|
#17247 |
keep voms.conf --timeout parameter, if present, on upgrades |
|
#20607 |
Extend voms-admin and catalina logrotate |
|
#22973 |
VOMS server hostname |
|
#34112 |
VOMS-ADMIN: "--upgrade" option of voms-admin-configure does not work |
|
#34200 |
voms-admin cli not failure resilent |
|
#34201 |
voms-admin web interface does not show users when adding acl entry |
|
#34612 |
VOMS-ADMIN: Internal Server Error when editing ACE |
Updated rpms
The RPMs can be updated using yum via
Service reconfiguration after update
Service must be reconfigured.
Service restart after update
Service must be restarted.
How to apply the fix
- Update the RPMs (see above)
- Update configuration (see above)
- Restart the service if necessary (see above)
|
|
