myproxy.cnaf.infn.it
and MUST be used by all Resource Centers and Services part of the IGI infrastructure.
# cat /etc/redhat-release Scientific Linux SL release 5.7 (Boron)* Install the additional repositories: EPEL, Certification Authority, UMD
# cd /etc/yum.repos.d/ # rpm -ivh http://mirror.switch.ch/ftp/mirror/epel//5/x86_64/epel-release-5-4.noarch.rpm # wget http://repo-pd.italiangrid.it/mrepo/repos/egi-trustanchors.repo # rpm -ivh http://repo-pd.italiangrid.it/mrepo/EMI/1/sl5/x86_64/updates/emi-release-1.0.1-1.sl5.noarch.rpm # yum install yum-priorities yum-protectbase
# getenforce Disabled
# ls /etc/yum.repos.d/ egi-trustanchors.repo emi1-third-party.repo emi1-base.repo emi1-updates.repo epel.repo epel-testing.repo sl-contrib.repo sl-fastbugs.repo sl-security.repo sl-testing.repo sl-debuginfo.repo sl.repo sl-srpms.repo
# yum clean all Loaded plugins: downloadonly, kernel-module, priorities, protect-packages, protectbase, security, verify, versionlock Cleaning up Everything # yum install ca-policy-egi-core emi-px Loaded plugins: downloadonly, kernel-module, priorities, protectbase sl-security | 1.9 kB 00:00 sl-security/primary_db | 299 kB 00:01 242 packages excluded due to repository priority protections 0 packages excluded due to repository protections Setting up Install Process Package ca-policy-egi-core-1.43-1.noarch already installed and latest version Resolving Dependencies --> Running transaction check ---> Package emi-px.x86_64 0:1.0.0-1.sl5 set to be updated --> Processing Dependency: glite-px-myproxy-yaim for package: emi-px --> Processing Dependency: emi-version for package: emi-px --> Processing Dependency: myproxy-admin for package: emi-px --> Processing Dependency: fetch-crl for package: emi-px --> Processing Dependency: bdii for package: emi-px --> Processing Dependency: myproxy-server for package: emi-px --> Processing Dependency: glue-schema for package: emi-px --> Processing Dependency: glite-info-provider-service for package: emi-px --> Running transaction check ---> Package bdii.noarch 0:5.2.5-2.el5 set to be updated --> Processing Dependency: openldap-servers for package: bdii --> Processing Dependency: expect for package: bdii --> Processing Dependency: openldap-clients for package: bdii ---> Package emi-version.x86_64 0:1.7.0-1.sl5 set to be updated ---> Package fetch-crl.noarch 0:2.8.4-2.el5 set to be updated ---> Package glite-info-provider-service.noarch 0:1.7.0-1.el5 set to be updated ---> Package glite-px-myproxy-yaim.x86_64 0:4.1.4-2.sl5 set to be updated --> Processing Dependency: glite-yaim-core for package: glite-px-myproxy-yaim --> Processing Dependency: glite-yaim-bdii for package: glite-px-myproxy-yaim ---> Package glue-schema.noarch 0:2.0.8-1.el5 set to be updated ---> Package myproxy-admin.x86_64 0:5.5-1.el5 set to be updated --> Processing Dependency: myproxy-libs = 5.5-1.el5 for package: myproxy-admin --> Processing Dependency: myproxy = 5.5-1.el5 for package: myproxy-admin --> Processing Dependency: globus-gsi-cert-utils-progs for package: myproxy-admin --> Processing Dependency: libglobus_gsi_credential.so.1()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_gsi_cert_utils.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_gsi_sysconfig.so.1()(64bit) for package: myproxy-admin --> Processing Dependency: libltdl.so.3()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_openssl.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_proxy_ssl.so.1()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_gsi_callback.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_gsi_proxy_core.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_xio.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libmyproxy.so.5()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_openssl_error.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_oldgaa.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libvomsapi.so.1()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_gssapi_gsi.so.4()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_common.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_gss_assist.so.3()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_callout.so.0()(64bit) for package: myproxy-admin --> Processing Dependency: libglobus_usage.so.0()(64bit) for package: myproxy-admin ---> Package myproxy-server.x86_64 0:5.5-1.el5 set to be updated --> Running transaction check ---> Package expect.x86_64 0:5.43.0-5.1 set to be updated ---> Package glite-yaim-bdii.noarch 0:4.3.4-1.el5 set to be updated ---> Package glite-yaim-core.noarch 0:5.0.2-1.sl5 set to be updated ---> Package globus-callout.x86_64 0:0.7-8.el5 set to be updated --> Processing Dependency: globus-libtool >= 1 for package: globus-callout ---> Package globus-common.x86_64 0:11.6-5.el5 set to be updated ---> Package globus-gsi-callback.x86_64 0:2.8-2.el5 set to be updated --> Processing Dependency: globus-openssl >= 1 for package: globus-gsi-callback ---> Package globus-gsi-cert-utils.x86_64 0:6.7-2.el5 set to be updated ---> Package globus-gsi-cert-utils-progs.x86_64 0:6.7-2.el5 set to be updated --> Processing Dependency: globus-common-setup >= 2 for package: globus-gsi-cert-utils-progs --> Processing Dependency: globus-openssl-progs >= 1 for package: globus-gsi-cert-utils-progs ---> Package globus-gsi-credential.x86_64 0:3.5-3.el5 set to be updated ---> Package globus-gsi-openssl-error.x86_64 0:0.14-8.el5 set to be updated ---> Package globus-gsi-proxy-core.x86_64 0:4.7-2.el5 set to be updated ---> Package globus-gsi-proxy-ssl.x86_64 0:2.3-3.el5 set to be updated ---> Package globus-gsi-sysconfig.x86_64 0:3.2-1.el5 set to be updated ---> Package globus-gss-assist.x86_64 0:5.10-1.el5 set to be updated ---> Package globus-gssapi-gsi.x86_64 0:7.8-1.el5 set to be updated ---> Package globus-openssl-module.x86_64 0:1.3-3.el5 set to be updated ---> Package globus-usage.x86_64 0:1.4-2.el5 set to be updated ---> Package globus-xio.x86_64 0:2.8-4.el5 set to be updated ---> Package libtool-ltdl.x86_64 0:1.5.22-7.el5_4 set to be updated ---> Package myproxy.x86_64 0:5.5-1.el5 set to be updated --> Processing Dependency: globus-proxy-utils for package: myproxy --> Processing Dependency: voms-clients for package: myproxy ---> Package myproxy-libs.x86_64 0:5.5-1.el5 set to be updated ---> Package openldap-clients.x86_64 0:2.3.43-12.el5_6.7 set to be updated ---> Package openldap-servers.x86_64 0:2.3.43-12.el5_6.7 set to be updated EGI-trustanchors/filelists | 14 kB 00:00 EMI-1-base/filelists_db | 181 kB 00:00 EMI-1-third-party/filelists_db | 57 kB 00:00 EMI-1-updates/filelists_db | 113 kB 00:00 epel/filelists_db | 5.5 MB 00:00 sl-base/filelists | 3.3 MB 00:02 sl-security/filelists_db | 1.1 MB 00:01 ---> Package voms.x86_64 0:2.0.2-1.sl5 set to be updated --> Running transaction check ---> Package globus-common-progs.x86_64 0:11.6-5.el5 set to be updated --> Processing Dependency: autoconf for package: globus-common-progs --> Processing Dependency: finger for package: globus-common-progs --> Processing Dependency: cvs for package: globus-common-progs ---> Package globus-libtool.x86_64 0:1.2-4.el5 set to be updated ---> Package globus-openssl.x86_64 0:5.1-2.el5 set to be updated ---> Package globus-openssl-progs.x86_64 0:5.1-2.el5 set to be updated ---> Package globus-proxy-utils.x86_64 0:3.10-1.el5 set to be updated ---> Package voms-clients.x86_64 0:2.0.0-1.sl5 set to be updated --> Running transaction check ---> Package autoconf.noarch 0:2.59-12 set to be updated --> Processing Dependency: imake for package: autoconf ---> Package cvs.x86_64 0:1.11.22-7.el5 set to be updated ---> Package finger.x86_64 0:0.17-33 set to be updated --> Running transaction check ---> Package imake.x86_64 0:1.0.2-3 set to be updated --> Finished Dependency Resolution Beginning Kernel Module Plugin Finished Kernel Module Plugin Dependencies Resolved ================================================================================================================================================================================== Package Arch Version Repository Size ================================================================================================================================================================================== Installing: emi-px x86_64 1.0.0-1.sl5 EMI-1-base 1.7 k Installing for dependencies: autoconf noarch 2.59-12 sl-base 648 k bdii noarch 5.2.5-2.el5 EMI-1-updates 20 k cvs x86_64 1.11.22-7.el5 sl-base 737 k emi-version x86_64 1.7.0-1.sl5 EMI-1-updates 2.1 k expect x86_64 5.43.0-5.1 sl-base 160 k fetch-crl noarch 2.8.4-2.el5 epel 24 k finger x86_64 0.17-33 sl-base 21 k glite-info-provider-service noarch 1.7.0-1.el5 EMI-1-updates 53 k glite-px-myproxy-yaim x86_64 4.1.4-2.sl5 EMI-1-base 8.1 k glite-yaim-bdii noarch 4.3.4-1.el5 EMI-1-updates 10 k glite-yaim-core noarch 5.0.2-1.sl5 EMI-1-updates 116 k globus-callout x86_64 0.7-8.el5 epel 16 k globus-common x86_64 11.6-5.el5 epel 109 k globus-common-progs x86_64 11.6-5.el5 epel 67 k globus-gsi-callback x86_64 2.8-2.el5 epel 39 k globus-gsi-cert-utils x86_64 6.7-2.el5 epel 18 k globus-gsi-cert-utils-progs x86_64 6.7-2.el5 epel 26 k globus-gsi-credential x86_64 3.5-3.el5 epel 32 k globus-gsi-openssl-error x86_64 0.14-8.el5 epel 15 k globus-gsi-proxy-core x86_64 4.7-2.el5 epel 33 k globus-gsi-proxy-ssl x86_64 2.3-3.el5 epel 17 k globus-gsi-sysconfig x86_64 3.2-1.el5 epel 28 k globus-gss-assist x86_64 5.10-1.el5 epel 31 k globus-gssapi-gsi x86_64 7.8-1.el5 epel 55 k globus-libtool x86_64 1.2-4.el5 epel 4.2 k globus-openssl x86_64 5.1-2.el5 epel 4.6 k globus-openssl-module x86_64 1.3-3.el5 epel 13 k globus-openssl-progs x86_64 5.1-2.el5 epel 4.3 k globus-proxy-utils x86_64 3.10-1.el5 epel 45 k globus-usage x86_64 1.4-2.el5 epel 15 k globus-xio x86_64 2.8-4.el5 epel 123 k glue-schema noarch 2.0.8-1.el5 EMI-1-updates 33 k imake x86_64 1.0.2-3 sl-base 318 k libtool-ltdl x86_64 1.5.22-7.el5_4 sl-base 38 k myproxy x86_64 5.5-1.el5 epel 86 k myproxy-admin x86_64 5.5-1.el5 epel 55 k myproxy-libs x86_64 5.5-1.el5 epel 121 k myproxy-server x86_64 5.5-1.el5 epel 52 k openldap-clients x86_64 2.3.43-12.el5_6.7 sl-base 223 k openldap-servers x86_64 2.3.43-12.el5_6.7 sl-base 2.2 M voms x86_64 2.0.2-1.sl5 EMI-1-base 165 k voms-clients x86_64 2.0.0-1.sl5 EMI-1-base 178 k Transaction Summary ================================================================================================================================================================================== Install 43 Package(s) Upgrade 0 Package(s) Total download size: 5.9 M Is this ok [y/N]: Downloading Packages: (1/43): emi-px-1.0.0-1.sl5.x86_64.rpm | 1.7 kB 00:00 (2/43): emi-version-1.7.0-1.sl5.x86_64.rpm | 2.1 kB 00:00 (3/43): globus-libtool-1.2-4.el5.x86_64.rpm | 4.2 kB 00:00 (4/43): globus-openssl-progs-5.1-2.el5.x86_64.rpm | 4.3 kB 00:00 (5/43): globus-openssl-5.1-2.el5.x86_64.rpm | 4.6 kB 00:00 (6/43): glite-px-myproxy-yaim-4.1.4-2.sl5.x86_64.rpm | 8.1 kB 00:00 (7/43): glite-yaim-bdii-4.3.4-1.el5.noarch.rpm | 10 kB 00:00 (8/43): globus-openssl-module-1.3-3.el5.x86_64.rpm | 13 kB 00:00 (9/43): globus-gsi-openssl-error-0.14-8.el5.x86_64.rpm | 15 kB 00:00 (10/43): globus-usage-1.4-2.el5.x86_64.rpm | 15 kB 00:00 (11/43): globus-callout-0.7-8.el5.x86_64.rpm | 16 kB 00:00 (12/43): globus-gsi-proxy-ssl-2.3-3.el5.x86_64.rpm | 17 kB 00:00 (13/43): globus-gsi-cert-utils-6.7-2.el5.x86_64.rpm | 18 kB 00:00 (14/43): bdii-5.2.5-2.el5.noarch.rpm | 20 kB 00:00 (15/43): finger-0.17-33.x86_64.rpm | 21 kB 00:00 (16/43): fetch-crl-2.8.4-2.el5.noarch.rpm | 24 kB 00:00 (17/43): globus-gsi-cert-utils-progs-6.7-2.el5.x86_64.rpm | 26 kB 00:00 (18/43): globus-gsi-sysconfig-3.2-1.el5.x86_64.rpm | 28 kB 00:00 (19/43): globus-gss-assist-5.10-1.el5.x86_64.rpm | 31 kB 00:00 (20/43): globus-gsi-credential-3.5-3.el5.x86_64.rpm | 32 kB 00:00 (21/43): globus-gsi-proxy-core-4.7-2.el5.x86_64.rpm | 33 kB 00:00 (22/43): glue-schema-2.0.8-1.el5.noarch.rpm | 33 kB 00:00 (23/43): libtool-ltdl-1.5.22-7.el5_4.x86_64.rpm | 38 kB 00:00 (24/43): globus-gsi-callback-2.8-2.el5.x86_64.rpm | 39 kB 00:00 (25/43): globus-proxy-utils-3.10-1.el5.x86_64.rpm | 45 kB 00:00 (26/43): myproxy-server-5.5-1.el5.x86_64.rpm | 52 kB 00:00 (27/43): glite-info-provider-service-1.7.0-1.el5.noarch.rpm | 53 kB 00:00 (28/43): globus-gssapi-gsi-7.8-1.el5.x86_64.rpm | 55 kB 00:00 (29/43): myproxy-admin-5.5-1.el5.x86_64.rpm | 55 kB 00:00 (30/43): globus-common-progs-11.6-5.el5.x86_64.rpm | 67 kB 00:00 (31/43): myproxy-5.5-1.el5.x86_64.rpm | 86 kB 00:00 (32/43): globus-common-11.6-5.el5.x86_64.rpm | 109 kB 00:00 (33/43): glite-yaim-core-5.0.2-1.sl5.noarch.rpm | 116 kB 00:00 (34/43): myproxy-libs-5.5-1.el5.x86_64.rpm | 121 kB 00:00 (35/43): globus-xio-2.8-4.el5.x86_64.rpm | 123 kB 00:00 (36/43): expect-5.43.0-5.1.x86_64.rpm | 160 kB 00:00 (37/43): voms-2.0.2-1.sl5.x86_64.rpm | 165 kB 00:00 (38/43): voms-clients-2.0.0-1.sl5.x86_64.rpm | 178 kB 00:00 (39/43): openldap-clients-2.3.43-12.el5_6.7.x86_64.rpm | 223 kB 00:00 (40/43): imake-1.0.2-3.x86_64.rpm | 318 kB 00:00 (41/43): autoconf-2.59-12.noarch.rpm | 648 kB 00:00 (42/43): cvs-1.11.22-7.el5.x86_64.rpm | 737 kB 00:00 (43/43): openldap-servers-2.3.43-12.el5_6.7.x86_64.rpm | 2.2 MB 00:00 ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 727 kB/s | 5.9 MB 00:08 warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 217521f6 epel/gpgkey | 1.7 kB 00:00 Importing GPG key 0x217521F6 "Fedora EPEL <epel@fedoraproject.org>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL Is this ok [y/N]: y warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID df9e12ef EMI-1-updates/gpgkey | 1.7 kB 00:00 Importing GPG key 0xDF9E12EF "Doina Cristina Aiftimiei (EMI Release Manager) <aiftim@pd.infn.it>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-emi Is this ok [y/N]: y Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing : libtool-ltdl 1/43 Installing : voms 2/43 Installing : globus-openssl 3/43 Installing : globus-gsi-proxy-ssl 4/43 Installing : globus-libtool 5/43 Installing : globus-common 6/43 Installing : globus-gsi-openssl-error 7/43 Installing : globus-gsi-sysconfig 8/43 Installing : globus-openssl-module 9/43 Installing : globus-gsi-cert-utils 10/43 Installing : globus-gsi-callback 11/43 Installing : globus-gsi-credential 12/43 Installing : globus-gsi-proxy-core 13/43 Installing : globus-gssapi-gsi 14/43 Installing : globus-callout 15/43 Installing : globus-gss-assist 16/43 Installing : globus-xio 17/43 Installing : globus-usage 18/43 Installing : myproxy-libs 19/43 Installing : myproxy-server 20/43 Installing : glue-schema 21/43 Installing : globus-proxy-utils 22/43 Installing : voms-clients 23/43 Installing : myproxy 24/43 Installing : openldap-servers 25/43 Installing : expect 26/43 Installing : openldap-clients 27/43 Installing : imake 28/43 Installing : cvs 29/43 Installing : finger 30/43 Installing : autoconf 31/43 Installing : globus-common-progs 32/43 Installing : bdii 33/43 Installing : globus-openssl-progs 34/43 Installing : globus-gsi-cert-utils-progs 35/43 Installing : myproxy-admin 36/43 Installing : glite-yaim-bdii 37/43 Installing : glite-yaim-core 38/43 Installing : glite-px-myproxy-yaim 39/43 Installing : emi-version 40/43 Installing : glite-info-provider-service 41/43 Installing : fetch-crl 42/43 Installing : emi-px 43/43 Installed: emi-px.x86_64 0:1.0.0-1.sl5 Dependency Installed: autoconf.noarch 0:2.59-12 bdii.noarch 0:5.2.5-2.el5 cvs.x86_64 0:1.11.22-7.el5 emi-version.x86_64 0:1.7.0-1.sl5 expect.x86_64 0:5.43.0-5.1 fetch-crl.noarch 0:2.8.4-2.el5 finger.x86_64 0:0.17-33 glite-info-provider-service.noarch 0:1.7.0-1.el5 glite-px-myproxy-yaim.x86_64 0:4.1.4-2.sl5 glite-yaim-bdii.noarch 0:4.3.4-1.el5 glite-yaim-core.noarch 0:5.0.2-1.sl5 globus-callout.x86_64 0:0.7-8.el5 globus-common.x86_64 0:11.6-5.el5 globus-common-progs.x86_64 0:11.6-5.el5 globus-gsi-callback.x86_64 0:2.8-2.el5 globus-gsi-cert-utils.x86_64 0:6.7-2.el5 globus-gsi-cert-utils-progs.x86_64 0:6.7-2.el5 globus-gsi-credential.x86_64 0:3.5-3.el5 globus-gsi-openssl-error.x86_64 0:0.14-8.el5 globus-gsi-proxy-core.x86_64 0:4.7-2.el5 globus-gsi-proxy-ssl.x86_64 0:2.3-3.el5 globus-gsi-sysconfig.x86_64 0:3.2-1.el5 globus-gss-assist.x86_64 0:5.10-1.el5 globus-gssapi-gsi.x86_64 0:7.8-1.el5 globus-libtool.x86_64 0:1.2-4.el5 globus-openssl.x86_64 0:5.1-2.el5 globus-openssl-module.x86_64 0:1.3-3.el5 globus-openssl-progs.x86_64 0:5.1-2.el5 globus-proxy-utils.x86_64 0:3.10-1.el5 globus-usage.x86_64 0:1.4-2.el5 globus-xio.x86_64 0:2.8-4.el5 glue-schema.noarch 0:2.0.8-1.el5 imake.x86_64 0:1.0.2-3 libtool-ltdl.x86_64 0:1.5.22-7.el5_4 myproxy.x86_64 0:5.5-1.el5 myproxy-admin.x86_64 0:5.5-1.el5 myproxy-libs.x86_64 0:5.5-1.el5 myproxy-server.x86_64 0:5.5-1.el5 openldap-clients.x86_64 0:2.3.43-12.el5_6.7 openldap-servers.x86_64 0:2.3.43-12.el5_6.7 voms.x86_64 0:2.0.2-1.sl5 voms-clients.x86_64 0:2.0.0-1.sl5 Complete!
# cp -vr /opt/glite/yaim/examples/siteinfo /root/ `/opt/glite/yaim/examples/siteinfo' -> `/root/siteinfo' `/opt/glite/yaim/examples/siteinfo/site-info.def' -> `/root/siteinfo/site-info.def' `/opt/glite/yaim/examples/siteinfo/services' -> `/root/siteinfo/services' `/opt/glite/yaim/examples/siteinfo/services/glite-px' -> `/root/siteinfo/services/glite-px' `/opt/glite/yaim/examples/siteinfo/services/glite-bdii_site' -> `/root/siteinfo/services/glite-bdii_site' # cat /root/siteinfo/site-info.def SITE_NAME=INFN-CNAF PX_HOST=`hostname -f` BDII_DELETE_DELAY=0
# cat siteinfo/services/glite-px ############################################################################## # Copyright (c) Members of the EGEE Collaboration. 2004. # See http://www.eu-egee.org/partners/ for details on the copyright # holders. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS # OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ############################################################################## # # NAME : glite-px # # DESCRIPTION : This configuration file contains the list of variables needed # to configure Myproxy together with site-info.def. # # AUTHORS : yaim-contact@cern.ch # # NOTES : # # YAIM MODULE: glite-yaim-myproxy # ############################################################################## GRID_AUTHORIZED_RETRIEVERS="\*" GRID_AUTHORIZED_RENEWERS=" '/C=IT/O=INFN/OU=Host/L=CNAF/CN=gridit-wms-01.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-wms-01.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=Ferrara/CN=gridrb.fe.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-01.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-02.cnaf.infn.it' '/C=IT/O=INFN/OU=grid014.ct.infn.it/L=Catania/CN=grid014.ct.infn.it/emailAddress=giuseppe.platania@ct.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=gridit-cert-rb.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=eumed-rb-1.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=euchina-rb-1.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-03.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-04.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-05.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-06.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=gridit-rb-01.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=Padova/CN=egrid-rb-01.pd.infn.it' '/C=IT/O=INFN/OU=Host/L=Padova/CN=prod-rb-01.pd.infn.it' '/C=IT/O=INFN/OU=Host/L=Padova/CN=prod-rb-02.pd.infn.it' '/C=IT/O=INFN/OU=Host/L=Padova/CN=prod-wms-01.pd.infn.it' '/C=IT/O=INFN/OU=Host/L=Padova/CN=eu-india-02.pd.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=sc2.cr.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=Bari/CN=wms1.ba.infn.it' '/C=IT/O=INFN/OU=Host/L=Bari/CN=wms2.ba.infn.it' '/C=IT/O=INFN/OU=Host/L=Bari/CN=wms3.ba.infn.it' '/C=CH/O=CERN/OU=GRID/CN=host/lxn1185.cern.ch' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-07.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-08.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee-rb-09.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-rb-06.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=glite-rb-00.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=glite-rb-01.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel07.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel09.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel10.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel11.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel12.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel14.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel18.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel19.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=devel20.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=Padova/CN=cream-06.pd.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms001.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms002.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms003.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms004.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms005.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms006.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms007.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms008.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms009.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms011.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms012.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms013.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms014.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms015.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms016.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=wms017.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=cert-02.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=pps-fts.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=tigerman.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=Milano/CN=egee-rb-01.mi.infn.it' '/C=IT/O=INFN/OU=Host/L=CIRMMP/CN=wms-enmr.cerm.unifi.it' '/DC=ch/DC=cern/OU=computers/CN=wms101.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms102.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms103.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms104.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms105.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms106.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms107.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms108.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms109.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms110.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms111.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms112.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms113.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms114.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms115.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms116.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms117.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms118.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms119.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms121.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms122.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms123.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms124.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms125.cern.ch' '/DC=ch/DC=cern/OU=computers/CN=wms126.cern.ch' '/O=dutchgrid/O=hosts/OU=nikhef.nl/CN=graszode.nikhef.nl' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=mon-it.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=mon-cnaf.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=bbrbuild01.cr.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=bbr-serv09.cr.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee017.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=sb-serv01.cr.cnaf.infn.it' " GRID_TRUSTED_RETRIEVERS=" '/C=IT/O=INFN/OU=Host/L=CNAF/CN=mon-it.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=mon-cnaf.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=bbrbuild01.cr.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=bbr-serv09.cr.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=egee017.cnaf.infn.it' '/C=IT/O=INFN/OU=Host/L=CNAF/CN=sb-serv01.cr.cnaf.infn.it' "
# ll /etc/grid-security/host* -rw-r--r-- 1 root root 1440 Dec 29 09:30 /etc/grid-security/hostcert.pem -r-------- 1 root root 887 Dec 29 09:30 /etc/grid-security/hostkey.pem
# chmod -R 600 /root/siteinfo # /opt/glite/yaim/bin/yaim -v -s /root/siteinfo/site-info.def -n glite-PX INFO: Using site configuration file: /root/siteinfo/site-info.def INFO: Sourcing service specific configuration file: /root/siteinfo/services/glite-px INFO: ################################################################### . /'.-. ') . yA,-"-,( ,m,:/ ) .oo. oo o ooo o. .oo . / .-Y a a Y-. 8. .8' 8'8. 8 8b d'8 . / ~ ~ / 8' .8oo88. 8 8 8' 8 . (_/ '====' 8 .8' 8. 8 8 Y 8 . Y,-''-,Yy,-.,/ o8o o8o o88o o8o o8o o8o . I_))_) I_))_) current working directory: /root site-info.def date: Dec 29 09:36 /root/siteinfo/site-info.def yaim command: -v -s /root/siteinfo/site-info.def -n glite-PX log file: /opt/glite/yaim/bin/../log/yaimlog Thu Dec 29 09:44:38 CET 2011 : /opt/glite/yaim/bin/yaim Installed YAIM versions: glite-px-myproxy-yaim - glite-yaim-bdii 4.3.4-1 glite-yaim-core 5.0.2-1 #################################################################### INFO: The default location of the grid-env.(c)sh files will be: /usr/libexec INFO: Sourcing the utilities in /opt/glite/yaim/functions/utils INFO: Detecting environment INFO: Executing function: config_host_certs_check INFO: Executing function: config_edgusers_check INFO: Executing function: config_proxy_server_check INFO: Executing function: config_bdii_5.2_check INFO: Executing function: config_info_service_px_check INFO: Checking is done. INFO: All the necessary variables to configure PX are defined in your configuration files. INFO: Please, bear in mind that YAIM only guarantees the definition of variables INFO: controlled in the _check functions. INFO: YAIM terminated succesfully.</>
"-d 6"
) to configure the services in order to have detailed information. For your convenience yo can save all the configuration information in a log file you can look at any time, separated from the yaimlog
defulat one.
# /opt/glite/yaim/bin/yaim -c -d 6 -s /root/siteinfo/site-info.def -n glite-PX DEBUG: Checking siteinfo dir is not world readable DEBUG: Checking site-info.def is syntactically correct DEBUG: Sourcing /opt/glite/yaim/bin/../defaults/site-info.pre DEBUG: Sourcing /opt/glite/yaim/bin/../defaults/glite-px.pre INFO: Using site configuration file: /root/siteinfo/site-info.def DEBUG: Sourcing site-info.def file: /root/siteinfo/site-info.def INFO: Sourcing service specific configuration file: /root/siteinfo/services/glite-px DEBUG: Sourcing /opt/glite/yaim/bin/../defaults/site-info.post DEBUG: Sourcing /opt/glite/yaim/bin/../defaults/mapping INFO: ################################################################### . /'.-. ') . yA,-"-,( ,m,:/ ) .oo. oo o ooo o. .oo . / .-Y a a Y-. 8. .8' 8'8. 8 8b d'8 . / ~ ~ / 8' .8oo88. 8 8 8' 8 . (_/ '====' 8 .8' 8. 8 8 Y 8 . Y,-''-,Yy,-.,/ o8o o8o o88o o8o o8o o8o . I_))_) I_))_) current working directory: /root site-info.def date: Dec 29 09:36 /root/siteinfo/site-info.def yaim command: -c -d 6 -s /root/siteinfo/site-info.def -n glite-PX log file: /opt/glite/yaim/bin/../log/yaimlog Thu Dec 29 09:45:30 CET 2011 : /opt/glite/yaim/bin/yaim Installed YAIM versions: glite-px-myproxy-yaim - glite-yaim-bdii 4.3.4-1 glite-yaim-core 5.0.2-1 #################################################################### INFO: The default location of the grid-env.(c)sh files will be: /usr/libexec INFO: Sourcing the utilities in /opt/glite/yaim/functions/utils INFO: Detecting environment DEBUG: Detect platform: OS flavour detected is: emi DEBUG: Detected architecture is 64BIT DEBUG: Detect platform: OS type detected: sl5 DEBUG: Resulted NODE_TYPE_LIST is : PX DEBUG: Setting environment variable GRID_ENV_LOCATION, to value "/usr/libexec". DEBUG: Unset environment variable GRID_ENV_LOCATION. DEBUG: Setting environment variable LCG_LOCATION, to value "/usr". DEBUG: Unset environment variable LCG_LOCATION. DEBUG: Setting environment variable GLITE_LOCATION, to value "/usr". DEBUG: Unset environment variable GLITE_LOCATION. DEBUG: Setting environment variable GLITE_LOCATION_VAR, to value "/var". DEBUG: Unset environment variable GLITE_LOCATION_VAR. DEBUG: Appending value "/bin" to environment variable PATH. DEBUG: Deleting value "/bin" from environment variable PATH. DEBUG: Appending value "/opt/glite/share/man" to environment variable MANPATH. DEBUG: Deleting value "/opt/glite/share/man" from environment variable MANPATH. DEBUG: Sourcing node definition file: /opt/glite/yaim/bin/../node-info.d/glite-px DEBUG: Skipping function: config_crl_check because it is not defined INFO: Executing function: config_host_certs_check INFO: Executing function: config_edgusers_check INFO: Executing function: config_proxy_server_check INFO: Executing function: config_bdii_5.2_check INFO: Executing function: config_info_service_px_check DEBUG: Skipping function: config_crl_setenv because it is not defined INFO: Executing function: config_crl INFO: Now updating the CRLs - this may take a few minutes... Enabling periodic fetch-crl: [ OK ] DEBUG: fetch-crl cron enabled DEBUG: Skipping function: config_host_certs_setenv because it is not defined INFO: Executing function: config_host_certs DEBUG: Skipping function: config_edgusers_setenv because it is not defined INFO: Executing function: config_edgusers DEBUG: Creating user edguser... DEBUG: User edguser doesn't exist DEBUG: YAIM is going to add user edguser DEBUG: HOME directory ${EDG_HOME_DIR} is specified for the user DEBUG: Checking whether the group edguser infosys for user edguser already exist... DEBUG: Group edguser added DEBUG: Group infosys added DEBUG: User edguser added DEBUG: Creating user edginfo... DEBUG: User edginfo doesn't exist DEBUG: YAIM is going to add user edginfo DEBUG: HOME directory ${EDGINFO_HOME_DIR} is specified for the user DEBUG: Checking whether the group edginfo infosys for user edginfo already exist... DEBUG: Group edginfo added DEBUG: Group infosys added DEBUG: User edginfo added DEBUG: Creating user glite... DEBUG: User glite doesn't exist DEBUG: YAIM is going to add user glite DEBUG: HOME directory ${GLITE_HOME_DIR} is specified for the user DEBUG: Checking whether the group glite for user glite already exist... DEBUG: Group glite added DEBUG: User glite added DEBUG: Creating user edguser... DEBUG: Skipping user edguser since it already exists... INFO: Executing function: config_proxy_server_setenv DEBUG: Setting environment variable GLITE_PX_LOCATION, to value "/usr". DEBUG: Unset environment variable GLITE_PX_LOCATION. DEBUG: Setting environment variable GLITE_PX_LOCATION_ETC, to value "/etc". DEBUG: Unset environment variable GLITE_PX_LOCATION_ETC. DEBUG: Setting environment variable GLITE_PX_LOCATION_VAR, to value "/var/glite". DEBUG: Unset environment variable GLITE_PX_LOCATION_VAR. INFO: Executing function: config_proxy_server DEBUG: Creating Minimal myproxy configuration. INFO: Reloading MyProxy server INFO: MyProxy server not running so starting Starting myproxy-server: [ OK ] DEBUG: Skipping function: config_bdii_5.2_setenv because it is not defined INFO: Executing function: config_bdii_5.2 Stopping BDII: BDII already stopped Starting BDII slapd: [ OK ] Starting BDII update process: [ OK ] INFO: Executing function: config_info_service_px_setenv DEBUG: This function currently doesn't set any environment variables. INFO: Executing function: config_info_service_px DEBUG: Delete a previous version of the *.conf if it exists DEBUG: Create the configuration files out of the template file DEBUG: Delete a previous version of the glite-info-provider-service-myproxy-wrapper if it exists DEBUG: Create the /var/lib/bdii/gip/provider in case it doesn't exist DEBUG: Create the glite-info-provider-service-myproxy-wrapper file INFO: Configuration Complete. [ OK ] INFO: YAIM terminated succesfully.
# chkconfig myproxy-server on
# $ myproxy-init -s myproxy.cnaf.infn.it -k veronesi-test username: veronesi owner: /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi name: veronesi-test timeleft: 167:55:38 (7.0 days) [veronesi@ui ~]$ myproxy-init -s myproxy.cnaf.infn.it -k veronesi-test Your identity: /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi Enter GRID pass phrase for this identity: Creating proxy ............................................................................................ Done Proxy Verify OK Your proxy is valid until: Thu Jan 5 10:03:38 2012 Enter MyProxy pass phrase: Verifying - Enter MyProxy pass phrase: A proxy valid for 168 hours (7.0 days) for user veronesi now exists on myproxy.cnaf.infn.it.On the MyProxy server:
# tail -f /var/log/messages Dec 29 10:03:40 myproxy myproxy-server[9119]: Connection from 131.154.101.141 Dec 29 10:03:41 myproxy myproxy-server[9119]: Authenticated client /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi Dec 29 10:03:42 myproxy myproxy-server[9119]: Received PUT request for username veronesi Dec 29 10:03:43 myproxy myproxy-server[9119]: Client /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi disconnected # ls -ltr /var/lib/myproxy/ total 36 -rw------- 1 myproxy myproxy 132 Dec 29 10:03 veronesi-veronesi-test.data -rw------- 1 myproxy myproxy 5912 Dec 29 10:03 veronesi-veronesi-test.creds
# myproxy-info -s myproxy.cnaf.infn.it -k veronesi-test username: veronesi owner: /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi name: veronesi-test timeleft: 167:55:38 (7.0 days)On the MyProxy server:
# tail -f /var/log/messages Dec 29 10:42:08 myproxy myproxy-server[9209]: Connection from 131.154.101.141 Dec 29 10:42:08 myproxy myproxy-server[9209]: Authenticated client /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi Dec 29 10:42:08 myproxy myproxy-server[9209]: Received INFO request for username veronesi Dec 29 10:42:08 myproxy myproxy-server[9209]: Client /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi disconnected
$ myproxy-get-delegation -s myproxy.cnaf.infn.it -k veronesi-test Enter MyProxy pass phrase: A credential has been received for user veronesi in /tmp/x509up_u23019.On the MyProxy server:
# tail -f /var/log/messages Dec 29 11:01:05 myproxy myproxy-server[31270]: Connection from 131.154.101.141 Dec 29 11:01:05 myproxy myproxy-server[31270]: Authenticated client /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi Dec 29 11:01:08 myproxy myproxy-server[31270]: Received GET request for username veronesi Dec 29 11:01:08 myproxy myproxy-server[31270]: credential passphrase matched Dec 29 11:01:08 myproxy myproxy-server[31270]: Delegating credentials for /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi lifetime=43200 Dec 29 11:01:08 myproxy myproxy-server[31270]: Client /C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Paolo Veronesi disconnected
authorized_renewers DN
to the configuration and restart the server;
myproxy-init -s myproxy_server -d -n
Date | Comment |
---|---|
2012-05-03 | myproxy upgraded - EMI 1 Kebnekaise Products - glite-proxyrenewal update v.1.3.25![]() |
![]() |
![]() |
|
![]() |
![]() |