gLite > gLite 3.2 > glite-ARGUS > Update to glite-ARGUS 3.2.1-0  
 
 

 

 

gLite 3.2

glite-ARGUS - Update to version 3.2.1-0


Date 08.02.2010
Priority Normal

Description



glite-ARGUS

This patch introduces the glite-ARGUS metapackage for gLite 3.2

Documentation

Documentation can be found on the Argus Wiki site: https://twiki.cern.ch/twiki/bin/view/EGEE/AuthorizationFramework

This site contains instructions on how to install, configure, and administer the system.

Post-Installation Steps

Following installation most deployers should:

  • Add some basic policies to the policy administration point by means of the pap-admin policy management commands (described in the wiki).
  • Once policies have been added the PDP should be restarted. This forces the PDP to reload policies from the PAP. Note, you would not do this in a production environment.
  • Finally, use one of the PEP command line tools (either the C or Java one, which is appropriate for your system) to issue some test requests. The C command line tool is very useful if you're testing with existing user certificates while the Java command line tool provides the ability to fake nearly any request by means of the static PIP.
Notes for Release 1.0.0

Initial release of the service supporting:

  • command line tools for banning of users based on subject DN, primary and secondary FQANs, and VO
  • a simplified policy language for creating more expansive policies
  • import of remote policies (like a global banning list)
  • grid-map based UID/GID mapping using the existing gridmapdir format (this directory may be shared with other processes)
glite-ARGUS, glite-BDII, glite-CREAM, glite-LFC_mysql, glite-LFC_oracle, glite-MPI_utils, glite-SCAS, glite-SE_dpm_disk, glite-SE_dpm_mysql, glite-TORQUE_client, glite-TORQUE_server, glite-TORQUE_utils, glite-UI, glite-VOBOX, glite-WN

New release of yaim core

New release of yaim core containing a set of bug fixes and new features:

  • New SAGA adapters. There's a new function called config_glite_saga that configures the SAGA gLite adapters.
  • grid environment cleaning mechanism to be able to install different WN tarball versions in the same machine.
  • Variables that were wrongly implemented in previous yaim releases are now fixed: CONFIG_GRIDMAPDIR and USER_HOME_PREFIX.
  • YAIM doesn't fail when gLite version package is not installed. This is useful for non gLite software using YAIM.
  • siteinfo packaging is now fixed (-p option).

New release of glite-version and glue-schema

The new glite-SE_dpm_disk metapackage introduces a new version of:

  • glite-version: new version of glite-version introducing a set of new options to print information about the versions of the installed gLite nodetypes, their architecture and their update number. It still prints information about the gLite release (i.e. 3.2.0).
  • glue-schema: minor update to change GLUE2PolicyUserDomainForeignKey from being mandatory to optional.

These two packages are also part of other services which are also updated to the new versions with this update,as it can be seen in the service detail pages.

This update fixes various bugs. For the full list of bugs, please see list below.

Fixed bugs

Number Description
 #53097 [ yaim-authz-server ] configuration should fail when java is not installed
 #53235 [ yaim-authz-server ] glite-authz_server needs config_vomsdir
 #53462 [ yaim-core ] GROUPS_CONF/group.d mechanism seem to fail in config_sw_dir
 #53482 [ yaim-authz-server ] config_pap_service asking password
 #53678 [ARGUS] endpoint argument is not parsed correctly
 #53695 [ARGUS] pap-admin rc should return error with non existing pap alias
 #53709 [ARGUS} pap standalone does not show error
 #53745 [ yaim-core ] yaim fails if glite-version is not installed
 #53864 [ yaim-core ] Add SAGA & gLite adapters
 #55536 [ yaim-authz-server ] doesn't create local user accounts for mapping and default value
 #55537 [ yaim-authz-server ] PAP doesn't start at boot
 #56750 [Argus] GID resolution error during user mapping during heavy load

Updated rpms

Name Version Full RPM name Description
fetch-crl 2.7.0-2 fetch-crl-2.7.0-2.noarch.rpm Tool for periodic retrieval of Certificate Revocation Lists
glite-ARGUS 3.2.1-0 glite-ARGUS-3.2.1-0.x86_64.rpm gLite metapackage (glite-ARGUS)
glite-authz-pap 1.0.5-2 glite-authz-pap-1.0.5-2.noarch.rpm Argus Authorization Service PAP
glite-authz-pdp 1.0.3-1 glite-authz-pdp-1.0.3-1.noarch.rpm Argus Authorization Service PDP
glite-authz-pep-c 1.2.0-1.sl5 glite-authz-pep-c-1.2.0-1.sl5.x86_64.rpm AuthZ Service PEP client library for C
glite-authz-pep-c-cli 1.2.0-1.sl5 glite-authz-pep-c-cli-1.2.0-1.sl5.x86_64.rpm Argus Authorization Service PEP-C command line interface
glite-authz-pepd 1.0.3-1 glite-authz-pepd-1.0.3-1.noarch.rpm Argus Authorization Service PEP Daemon
glite-version 3.2.1-1 glite-version-3.2.1-1.noarch.rpm Shows version information for the installed gLite node types
glite-yaim-argus_server 1.0.0-3 glite-yaim-argus_server-1.0.0-3.noarch.rpm Authorization server ARGUS
glite-yaim-core 4.0.11-2 glite-yaim-core-4.0.11-2.noarch.rpm YAIM core package

The RPMs can be updated using yum via

Service reconfiguration after update

Service must be reconfigured.

Service restart after update

Service must be restarted.

How to apply the fix

  1. Update the RPMs (see above)
  2. Update configuration (see above)
  3. Restart the service if necessary (see above)