Pre-certification of WMS 3.3.5

https://savannah.cern.ch/task/?func=detailitem&item_id=26837

Repo:

name=ETICS Repository of task_26837_1 baseurl=http://etics-repository.cern.ch/repository/pm/registered/repomd/name/task_26837_1

Machine: devel11.cnaf.infn.it

Globus libraries:

globus-gsi-openssl-error-0.14-8.el5

globus-gsi-callback-2.8-2.el5

globus-xio-2.8-4.el5

globus-xio-gsi-driver-0.6-7.el5

globus-authz-0.7-4.el5

globus-xio-popen-driver-0.9-3.el5

globus-gridftp-server-control-0.46-1.el5

globus-gsi-proxy-ssl-2.3-3.el5

globus-common-11.6-5.el5

globus-gsi-sysconfig-3.2-1.el5

globus-gsi-cert-utils-6.7-2.el5

globus-gsi-credential-3.5-3.el5

globus-gssapi-gsi-7.8-1.el5

globus-gss-assist-5.10-1.el5

globus-gssapi-error-2.5-8.el5

globus-usage-1.4-2.el5

globus-ftp-control-2.12-2.el5

globus-authz-callout-error-0.5-3.el5

globus-ftp-client-6.0-2.el5

globus-xio-pipe-driver-0.1-3.el5

globus-gridftp-server-3.33-2.1.el5

globus-gridmap-callout-error-0.3-2.el5

glite-initscript-globus-gridftp-1.0.4-1.sl5

globus-openssl-5.1-2.el5

globus-libtool-1.2-4.el5

globus-openssl-module-1.3-3.el5

globus-gsi-proxy-core-4.7-2.el5

globus-callout-0.7-8.el5

globus-io-6.3-6.el5

globus-gfork-0.2-6.el5

globus-proxy-utils-3.10-1.el5

globus-gridftp-server-progs-3.33-2.1.el5

Tests:

BUG https://savannah.cern.ch/bugs/?91875 -> CERTIFIED

Submit a job to a GRAM CE and check that the scrpt /opt/lcg/sbin/grid_monitor.sh (linked by /usr/sbin/grid_monitor.sh) is accessed in read.

[root@devel11 ~]# rpm -qa | grep yaim-wms

glite-yaim-wms-4.1.5-1.sl5

[root@devel11 ~]# locate grid_mon

/opt/condor-7.4.2/libexec/glite/grid_monitor.sh

/opt/condor-7.4.2/sbin/grid_monitor.sh

/opt/lcg/sbin/grid_monitor.sh

/usr/sbin/grid_monitor.sh

[root@devel11 ~]# date

Fri Mar 9 15:37:15 CET 2012

[root@devel11 ~]# ll -u `locate grid_mon`

-rwxr-xr-x 1 root root 42728 Mar 30 2010 /opt/condor-7.4.2/libexec/glite/grid_monitor.sh

-rwxr-xr-x 1 root root 38151 Mar 30 2010 /opt/condor-7.4.2/sbin/grid_monitor.sh

-rwxr-xr-x 1 root root 41918 Mar 9 15:31 /opt/lcg/sbin/grid_monitor.sh

lrwxrwxrwx 1 root root 29 Mar 9 15:37 /usr/sbin/grid_monitor.sh -> /opt/lcg/sbin/grid_monitor.sh

so /opt/lcg/sbin/grid_monitor.sh has been accessed

BUG https://savannah.cern.ch/bugs/?87261 -> CERTIFIED

The WMproxy GACL file should accept wildcards, in the FQAN tag only.

VO: dteam, FQAN: /dteam/Role=NULL/Capability=NULL

WMP log says (debug): 12 Mar, 13:35:01 -D- PID: 11517 - "GaclManager::loadCredential": GACL FQAN fqan:/dteam/%2A was matched to /dteam/Role=NULL/Capability=NULL

Test #1: GACL: [...] /dteam /dteam/R* [...]

access granted

[...] /dteam /dteam/r* [...]

access denied

[...] /dtea* [...]

access granted

[...] /dteam /dteam/* [...]

access granted

-- MarcoCecchi - 2012-03-02


This topic: WMS > WMS335PrecertificationTests
Topic revision: r5 - 2012-03-19 - MarcoCecchi
 
This site is powered by the TWiki collaboration platformCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback