gLite > gLite 3.2 > glite-ARGUS > Update to glite-ARGUS 3.2.4-2.sl5  
 
 

 

 

gLite 3.2

glite-ARGUS - Update to version 3.2.4-2.sl5


Date 10.11.10
Priority Normal

Description



glite-ARGUS

New version of glite-ARGUS

The Argus 1.2 release fixes some bugs and implement some new features.

PAP features:

  • The pap-admin CLI now implements the obligation management commands 'add-obligation' and 'remove-obligation'. These commands can be used to add/remove obligations to/from existing policies.
  • The pap-admin CLI add-policy command now supports the creation of policy containing obligations at resource or action scope.

PEP daemon features:

  • The group mapfile now allows DN and FQAN based group names mapping.
  • The gridmap POSIX account mapping obligation handler now handles DN and FQAN based account mapping. DN based mapping is preferred upon FQAN based mapping (configurable).
  • The gridmap files now support FQAN pattern matching as described in EGEE document https://edms.cern.ch/file/975443/1/EGEE-III-JRA1_FQAN_wildcard_v1.1.pdf
  • A new generic grid authorization profile PIP handles both the Grid CE v1.0 and Grid WN v1.0 authorization profiles.
This update fixes various bugs. For the full list of bugs, please see list below.

Fixed bugs

Number Description
 #60044 [ARGUS] pap-admin lp command should support filtering by resource and action
 #63023 [ARGUS] PEP Java client library should be available as a jar downloadable from the ETICS repository
 #63180 [ARGUS] pap-admin script doesn't resolve softlink
 #64197 [Argus] timestamps in pepd process.log do not show the date
 #64340 [ARGUS] profile attribute/group-id doesn't contain primary group
 #65542 [yaim-argus] /etc/init.d scripts 'status' command doesn't return 1 on error
 #65802 [Argus] PAP should have a status handler on localhost:8151
 #66574 [Argus] pool account mapping problem: .dteam -> dteamprod001
 #66669 [Argus] PAP Admin fails with certicate containing the '/' character in an RDN
 #67387 [Argus] PEP API C include files are not actually C
 #68595 [Argus] pap-admin add-policy -obligation <obligation-id> parameter
 #68599 [Argus] pap-admin should be able to remove an existing obligation
 #68805 [Argus] add support for DN mapping in group mapfile
 #68808 [Argus] update PIP to support the XACML Grid CE profile
 #68858 [Argus] pepd.ini without SECURITY section cause a NullPointerException at start
 #69197 [Argus] Implement a consistent FQAN and/or DN based user mapping strategy
 #69263 [Argus] pepd.ini doesn't allow no pips defined
 #72078 [Argus] wrong pfqan.xacml-id in attribute-mappings.ini
 #72430 [Argus] RPM upgrade overwrite locally edited pdp.ini and pepd.ini config files

Updated rpms

Name Version Full RPM name Description
glite-ARGUS 3.2.4-2.sl5 glite-ARGUS-3.2.4-2.sl5.x86_64.rpm glite-ARGUS metapackage
glite-authz-pap 1.2.2-2 glite-authz-pap-1.2.2-2.noarch.rpm Argus PAP service
glite-authz-pdp 1.2.0-2 glite-authz-pdp-1.2.0-2.noarch.rpm Argus PDP service
glite-authz-pep-c 1.3.1-1.sl5 glite-authz-pep-c-1.3.1-1.sl5.x86_64.rpm Argus PEP C client library
glite-authz-pep-c-cli 1.3.1-1.sl5 glite-authz-pep-c-cli-1.3.1-1.sl5.x86_64.rpm Argus PEP pepcli command line interface
glite-authz-pepd 1.2.0-2 glite-authz-pepd-1.2.0-2.noarch.rpm Argus PEP daemon service
glite-version 3.2.3-1 glite-version-3.2.3-1.noarch.rpm Shows version information for the installed gLite node types
glite-yaim-argus_server 1.2.0-1 glite-yaim-argus_server-1.2.0-1.noarch.rpm YAIM configuration for Argus 1.2
glite-yaim-core 4.0.13-2 glite-yaim-core-4.0.13-2.noarch.rpm YAIM core package

The RPMs can be updated using yum via

Service reconfiguration after update

Service must be reconfigured.

Service restart after update

Service must be restarted.

How to apply the fix

  1. Update the RPMs (see above)
  2. Update configuration (see above)
  3. Restart the service if necessary (see above)