TWiki>
EGEE Web>SA3>EGEECertification>SA3Testing>PXCertificationReportForTask20914 (2011-06-24, DanielKouril)
EditAttachPDF
EGEE Web>SA3>EGEECertification>SA3Testing>PXCertificationReportForTask20914 (2011-06-24, DanielKouril) EditAttachPDFCertification Report for EMI-1 PX (ProxyRenewal 1.3.21) (PX 1.0.11-1, x86, SL5)
Origins
| Build Report | http://etics-repository.cern.ch/repository/reports/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/-/reports/index.html |
| YUM repo file | http://etics-repository.cern.ch/repository/pm/registered/repomd/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/etics-registered-build-by-id-protect.repo |
| Patch | — |
| Task | https://savannah.cern.ch/task/?20914 |
| Components | emi.px subsystem |
| Status | Certified |
| Duration | 12 hrs. |
| Previous Report | https://twiki.cern.ch/twiki/bin/view/EGEE/PXCertificationReportForEMIRC3 |
Clean installation
Environment
Clean SL5 installation according to EMI guidelines (CA certificates, ...). EPEL repository installed by calling =rpm -Uvhi http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm=. VOMS installed and configured.
Process
rpm -Uvhi http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm yum install -y yum-priorities yum-protectbase rpm -i http://emisoft.web.cern.ch/emisoft/dist/EMI/1/sl5/x86_64/base/emi-release-1.0.0-1.sl5.noarch.rpm cd /etc/yum.repos.d wget http://etics-repository.cern.ch/repository/pm/registered/repomd/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/etics-registered-build-by-id-protect.repo echo priority=45 >> etics-registered-build-by-id-protect.repo yum install -y emi-px glite-px-proxyrenewal cd ~/ mkdir -m 700 yaim cd yaim cat << EOF > site-info.def SITE_NAME=krakonosovo PX_HOST=`hostname -f` GRID_AUTHORIZED_RETRIEVERS="\*" GRID_AUTHORIZED_RENEWERS="`openssl x509 -in /etc/grid-security/hostcert.pem -noout -subject |sed -e 's/subject= //'`" EOF /opt/glite/yaim/bin/yaim -c -s ./site-info.def -n glite-PX mkdir ~glite/.certs cp /etc/grid-security/host* ~glite/.certs/ chown -R glite ~glite/.certs/ export GLITE_USER=glite export GLITE_HOST_KEY=/home/glite/.certs/hostkey.pem export GLITE_HOST_CERT=/home/glite/.certs/hostcert.pem /etc/init.d/glite-proxy-renewald start
Full output of the installation
[root@delwin ~]# rpm -Uvhi http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
Retrieving http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
warning: /var/tmp/rpm-xfer.ecgir7: Header V3 DSA signature: NOKEY, key ID 217521f6
Preparing... ########################################### [100%]
1:epel-release ########################################### [100%]
[root@delwin ~]# yum install -y yum-priorities yum-protectbase
Loaded plugins: kernel-module
epel | 3.7 kB 00:00
epel/primary_db | 3.7 MB 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package yum-priorities.noarch 0:1.1.16-14.el5 set to be updated
---> Package yum-protectbase.noarch 0:1.1.16-14.el5 set to be updated
--> Finished Dependency Resolution
Beginning Kernel Module Plugin
Finished Kernel Module Plugin
Dependencies Resolved
============================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================
Installing:
yum-priorities noarch 1.1.16-14.el5 sl-base 14 k
yum-protectbase noarch 1.1.16-14.el5 sl-base 12 k
Transaction Summary
============================================================================================================================================================================================
Install 2 Package(s)
Upgrade 0 Package(s)
Total download size: 25 k
Downloading Packages:
(1/2): yum-protectbase-1.1.16-14.el5.noarch.rpm | 12 kB 00:00
(2/2): yum-priorities-1.1.16-14.el5.noarch.rpm | 14 kB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 19 kB/s | 25 kB 00:01
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : yum-protectbase 1/2
Installing : yum-priorities 2/2
Installed:
yum-priorities.noarch 0:1.1.16-14.el5 yum-protectbase.noarch 0:1.1.16-14.el5
Complete!
[root@delwin ~]# rpm -i http://emisoft.web.cern.ch/emisoft/dist/EMI/1/sl5/x86_64/base/emi-release-1.0.0-1.sl5.noarch.rpm
warning: /var/tmp/rpm-xfer.ZSGJTi: Header V3 DSA signature: NOKEY, key ID df9e12ef
[root@delwin ~]# cd /etc/yum.repos.d
[root@delwin yum.repos.d]# wget http://etics-repository.cern.ch/repository/pm/registered/repomd/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/etics-registered-build-by-id-protect.repo
--2011-06-20 10:58:59-- http://etics-repository.cern.ch/repository/pm/registered/repomd/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/etics-registered-build-by-id-protect.repo
Resolving etics-repository.cern.ch... 128.142.130.60
Connecting to etics-repository.cern.ch|128.142.130.60|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 878
Saving to: `etics-registered-build-by-id-protect.repo'
100%[==================================================================================================================================================>] 878 --.-K/s in 0s
2011-06-20 10:59:00 (59.8 MB/s) - `etics-registered-build-by-id-protect.repo' saved [878/878]
[root@delwin yum.repos.d]# echo priority=45 >> etics-registered-build-by-id-protect.repo
[root@delwin yum.repos.d]# yum install -y emi-px glite-px-proxyrenewal
Loaded plugins: kernel-module, priorities, protectbase
153 packages excluded due to repository priority protections
0 packages excluded due to repository protections
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package emi-px.x86_64 0:1.0.0-1.sl5 set to be updated
--> Processing Dependency: glite-px-myproxy-yaim for package: emi-px
--> Processing Dependency: emi-version for package: emi-px
--> Processing Dependency: myproxy-admin for package: emi-px
--> Processing Dependency: fetch-crl for package: emi-px
--> Processing Dependency: bdii for package: emi-px
--> Processing Dependency: myproxy-server for package: emi-px
--> Processing Dependency: glue-schema for package: emi-px
--> Processing Dependency: glite-info-provider-service for package: emi-px
---> Package glite-px-proxyrenewal.x86_64 0:1.3.21-1.sl5 set to be updated
--> Processing Dependency: voms for package: glite-px-proxyrenewal
--> Processing Dependency: myproxy-libs for package: glite-px-proxyrenewal
--> Processing Dependency: globus-gssapi-gsi for package: glite-px-proxyrenewal
--> Processing Dependency: libvomsapi.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libmyproxy.so.5()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libltdl.so.3()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_xio.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_usage.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_proxy_ssl.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_openssl_error.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_openssl.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_oldgaa.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gssapi_gsi.so.4()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gss_assist.so.3()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_sysconfig.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_proxy_core.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_credential.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_cert_utils.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_callback.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_common.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_callout.so.0()(64bit) for package: glite-px-proxyrenewal
--> Running transaction check
---> Package bdii.noarch 0:5.2.3-1.el5 set to be updated
--> Processing Dependency: expect for package: bdii
--> Processing Dependency: openldap-servers for package: bdii
--> Processing Dependency: openldap-clients for package: bdii
---> Package emi-version.x86_64 0:1.0.1-1.sl5 set to be updated
---> Package fetch-crl.noarch 0:2.8.4-2.el5 set to be updated
---> Package glite-info-provider-service.noarch 0:1.6.3-1.el5 set to be updated
---> Package glite-px-myproxy-yaim.x86_64 0:4.1.4-2.sl5 set to be updated
--> Processing Dependency: glite-yaim-core for package: glite-px-myproxy-yaim
--> Processing Dependency: glite-yaim-bdii for package: glite-px-myproxy-yaim
---> Package globus-callout.x86_64 0:0.7-8.el5 set to be updated
--> Processing Dependency: globus-libtool >= 1 for package: globus-callout
---> Package globus-common.x86_64 0:11.6-2.el5 set to be updated
---> Package globus-gsi-callback.x86_64 0:2.8-2.el5 set to be updated
--> Processing Dependency: globus-openssl >= 1 for package: globus-gsi-callback
---> Package globus-gsi-cert-utils.x86_64 0:6.7-2.el5 set to be updated
---> Package globus-gsi-credential.x86_64 0:3.5-3.el5 set to be updated
---> Package globus-gsi-openssl-error.x86_64 0:0.14-8.el5 set to be updated
---> Package globus-gsi-proxy-core.x86_64 0:4.7-2.el5 set to be updated
---> Package globus-gsi-proxy-ssl.x86_64 0:2.3-3.el5 set to be updated
---> Package globus-gsi-sysconfig.x86_64 0:3.1-4.el5 set to be updated
---> Package globus-gss-assist.x86_64 0:5.9-4.el5 set to be updated
---> Package globus-gssapi-gsi.x86_64 0:7.6-2.el5 set to be updated
---> Package globus-openssl-module.x86_64 0:1.3-3.el5 set to be updated
---> Package globus-usage.x86_64 0:1.4-2.el5 set to be updated
---> Package globus-xio.x86_64 0:2.8-4.el5 set to be updated
---> Package glue-schema.noarch 0:2.0.7-1.el5 set to be updated
---> Package libtool-ltdl.x86_64 0:1.5.22-7.el5_4 set to be updated
---> Package myproxy-admin.x86_64 0:5.3-3.el5 set to be updated
--> Processing Dependency: myproxy = 5.3-3.el5 for package: myproxy-admin
--> Processing Dependency: globus-gsi-cert-utils-progs for package: myproxy-admin
---> Package myproxy-libs.x86_64 0:5.3-3.el5 set to be updated
---> Package myproxy-server.x86_64 0:5.3-3.el5 set to be updated
---> Package voms.x86_64 0:2.0.2-1.sl5 set to be updated
--> Running transaction check
---> Package expect.x86_64 0:5.43.0-5.1 set to be updated
---> Package glite-yaim-bdii.noarch 0:4.3.3-1.el5 set to be updated
---> Package glite-yaim-core.noarch 0:5.0.0-1.sl5 set to be updated
---> Package globus-gsi-cert-utils-progs.x86_64 0:6.7-2.el5 set to be updated
--> Processing Dependency: globus-common-setup >= 2 for package: globus-gsi-cert-utils-progs
--> Processing Dependency: globus-openssl-progs >= 1 for package: globus-gsi-cert-utils-progs
---> Package globus-libtool.x86_64 0:1.2-4.el5 set to be updated
---> Package globus-openssl.x86_64 0:5.1-2.el5 set to be updated
---> Package myproxy.x86_64 0:5.3-3.el5 set to be updated
--> Processing Dependency: globus-proxy-utils for package: myproxy
--> Processing Dependency: voms-clients for package: myproxy
---> Package openldap-clients.x86_64 0:2.3.43-12.el5_6.7 set to be updated
--> Processing Dependency: openldap = 2.3.43-12.el5_6.7 for package: openldap-clients
---> Package openldap-servers.x86_64 0:2.3.43-12.el5_6.7 set to be updated
--> Running transaction check
---> Package globus-common-progs.x86_64 0:11.6-2.el5 set to be updated
---> Package globus-openssl-progs.x86_64 0:5.1-2.el5 set to be updated
---> Package globus-proxy-utils.x86_64 0:3.9-3.el5 set to be updated
--> Processing Dependency: openldap = 2.3.43-12.el5_5.1 for package: openldap-devel
--> Processing Dependency: openldap = 2.3.43-12.el5_5.1 for package: openldap-devel
---> Package openldap.i386 0:2.3.43-12.el5_6.7 set to be updated
---> Package openldap.x86_64 0:2.3.43-12.el5_6.7 set to be updated
---> Package voms-clients.x86_64 0:2.0.0-1.sl5 set to be updated
--> Running transaction check
---> Package openldap-devel.i386 0:2.3.43-12.el5_6.7 set to be updated
---> Package openldap-devel.x86_64 0:2.3.43-12.el5_6.7 set to be updated
--> Finished Dependency Resolution
Beginning Kernel Module Plugin
Finished Kernel Module Plugin
Dependencies Resolved
============================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================
Installing:
emi-px x86_64 1.0.0-1.sl5 EMI-1-base 1.7 k
glite-px-proxyrenewal x86_64 1.3.21-1.sl5 ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL 85 k
Installing for dependencies:
bdii noarch 5.2.3-1.el5 EMI-1-base 20 k
emi-version x86_64 1.0.1-1.sl5 EMI-1-updates 2.1 k
expect x86_64 5.43.0-5.1 sl-base 160 k
fetch-crl noarch 2.8.4-2.el5 epel 24 k
glite-info-provider-service noarch 1.6.3-1.el5 EMI-1-base 50 k
glite-px-myproxy-yaim x86_64 4.1.4-2.sl5 ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL 8.6 k
glite-yaim-bdii noarch 4.3.3-1.el5 EMI-1-base 10 k
glite-yaim-core noarch 5.0.0-1.sl5 ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL 116 k
globus-callout x86_64 0.7-8.el5 epel 16 k
globus-common x86_64 11.6-2.el5 epel 109 k
globus-common-progs x86_64 11.6-2.el5 epel 63 k
globus-gsi-callback x86_64 2.8-2.el5 epel 39 k
globus-gsi-cert-utils x86_64 6.7-2.el5 epel 18 k
globus-gsi-cert-utils-progs x86_64 6.7-2.el5 epel 26 k
globus-gsi-credential x86_64 3.5-3.el5 epel 32 k
globus-gsi-openssl-error x86_64 0.14-8.el5 epel 15 k
globus-gsi-proxy-core x86_64 4.7-2.el5 epel 33 k
globus-gsi-proxy-ssl x86_64 2.3-3.el5 epel 17 k
globus-gsi-sysconfig x86_64 3.1-4.el5 epel 28 k
globus-gss-assist x86_64 5.9-4.el5 epel 31 k
globus-gssapi-gsi x86_64 7.6-2.el5 epel 54 k
globus-libtool x86_64 1.2-4.el5 epel 4.2 k
globus-openssl x86_64 5.1-2.el5 epel 4.6 k
globus-openssl-module x86_64 1.3-3.el5 epel 13 k
globus-openssl-progs x86_64 5.1-2.el5 epel 4.3 k
globus-proxy-utils x86_64 3.9-3.el5 epel 44 k
globus-usage x86_64 1.4-2.el5 epel 15 k
globus-xio x86_64 2.8-4.el5 epel 123 k
glue-schema noarch 2.0.7-1.el5 EMI-1-base 33 k
libtool-ltdl x86_64 1.5.22-7.el5_4 sl-base 38 k
myproxy x86_64 5.3-3.el5 epel 82 k
myproxy-admin x86_64 5.3-3.el5 epel 52 k
myproxy-libs x86_64 5.3-3.el5 epel 118 k
myproxy-server x86_64 5.3-3.el5 epel 51 k
openldap-clients x86_64 2.3.43-12.el5_6.7 sl-security 223 k
openldap-servers x86_64 2.3.43-12.el5_6.7 sl-security 2.2 M
voms x86_64 2.0.2-1.sl5 ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL 164 k
voms-clients x86_64 2.0.0-1.sl5 EMI-1-base 178 k
Updating for dependencies:
openldap i386 2.3.43-12.el5_6.7 sl-security 296 k
openldap x86_64 2.3.43-12.el5_6.7 sl-security 304 k
openldap-devel i386 2.3.43-12.el5_6.7 sl-security 1.5 M
openldap-devel x86_64 2.3.43-12.el5_6.7 sl-security 1.6 M
Transaction Summary
============================================================================================================================================================================================
Install 40 Package(s)
Upgrade 4 Package(s)
Total download size: 8.0 M
Downloading Packages:
(1/44): emi-px-1.0.0-1.sl5.x86_64.rpm | 1.7 kB 00:00
(2/44): emi-version-1.0.1-1.sl5.x86_64.rpm | 2.1 kB 00:00
(3/44): globus-libtool-1.2-4.el5.x86_64.rpm | 4.2 kB 00:00
(4/44): globus-openssl-progs-5.1-2.el5.x86_64.rpm | 4.3 kB 00:00
(5/44): globus-openssl-5.1-2.el5.x86_64.rpm | 4.6 kB 00:00
(6/44): glite-px-myproxy-yaim-4.1.4-2.sl5.x86_64.rpm | 7.9 kB 00:00
(7/44): glite-yaim-bdii-4.3.3-1.el5.noarch.rpm | 10 kB 00:00
(8/44): globus-openssl-module-1.3-3.el5.x86_64.rpm | 13 kB 00:00
(9/44): globus-gsi-openssl-error-0.14-8.el5.x86_64.rpm | 15 kB 00:00
(10/44): globus-usage-1.4-2.el5.x86_64.rpm | 15 kB 00:00
(11/44): globus-callout-0.7-8.el5.x86_64.rpm | 16 kB 00:00
(12/44): globus-gsi-proxy-ssl-2.3-3.el5.x86_64.rpm | 17 kB 00:00
(13/44): globus-gsi-cert-utils-6.7-2.el5.x86_64.rpm | 18 kB 00:00
(14/44): bdii-5.2.3-1.el5.noarch.rpm | 20 kB 00:00
(15/44): fetch-crl-2.8.4-2.el5.noarch.rpm | 24 kB 00:00
(16/44): globus-gsi-cert-utils-progs-6.7-2.el5.x86_64.rpm | 26 kB 00:00
(17/44): globus-gsi-sysconfig-3.1-4.el5.x86_64.rpm | 28 kB 00:00
(18/44): globus-gss-assist-5.9-4.el5.x86_64.rpm | 31 kB 00:00
(19/44): globus-gsi-credential-3.5-3.el5.x86_64.rpm | 32 kB 00:00
(20/44): glue-schema-2.0.7-1.el5.noarch.rpm | 33 kB 00:00
(21/44): globus-gsi-proxy-core-4.7-2.el5.x86_64.rpm | 33 kB 00:00
(22/44): libtool-ltdl-1.5.22-7.el5_4.x86_64.rpm | 38 kB 00:00
(23/44): globus-gsi-callback-2.8-2.el5.x86_64.rpm | 39 kB 00:00
(24/44): globus-proxy-utils-3.9-3.el5.x86_64.rpm | 44 kB 00:00
(25/44): glite-info-provider-service-1.6.3-1.el5.noarch.rpm | 50 kB 00:00
(26/44): myproxy-server-5.3-3.el5.x86_64.rpm | 51 kB 00:00
(27/44): myproxy-admin-5.3-3.el5.x86_64.rpm | 52 kB 00:00
(28/44): globus-gssapi-gsi-7.6-2.el5.x86_64.rpm | 54 kB 00:00
(29/44): globus-common-progs-11.6-2.el5.x86_64.rpm | 63 kB 00:00
(30/44): myproxy-5.3-3.el5.x86_64.rpm | 82 kB 00:00
(31/44): glite-px-proxyrenewal-1.3.21-1.sl5.x86_64.rpm | 85 kB 00:00
(32/44): globus-common-11.6-2.el5.x86_64.rpm | 109 kB 00:00
(33/44): glite-yaim-core-5.0.0-1.sl5.noarch.rpm | 116 kB 00:00
(34/44): myproxy-libs-5.3-3.el5.x86_64.rpm | 118 kB 00:00
(35/44): globus-xio-2.8-4.el5.x86_64.rpm | 123 kB 00:00
(36/44): expect-5.43.0-5.1.x86_64.rpm | 160 kB 00:00
(37/44): voms-2.0.2-1.sl5.x86_64.rpm | 164 kB 00:00
(38/44): voms-clients-2.0.0-1.sl5.x86_64.rpm | 178 kB 00:00
(39/44): openldap-clients-2.3.43-12.el5_6.7.x86_64.rpm | 223 kB 00:00
(40/44): openldap-2.3.43-12.el5_6.7.i386.rpm | 296 kB 00:00
(41/44): openldap-2.3.43-12.el5_6.7.x86_64.rpm | 304 kB 00:00
(42/44): openldap-devel-2.3.43-12.el5_6.7.i386.rpm | 1.5 MB 00:00
(43/44): openldap-devel-2.3.43-12.el5_6.7.x86_64.rpm | 1.6 MB 00:00
(44/44): openldap-servers-2.3.43-12.el5_6.7.x86_64.rpm | 2.2 MB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 906 kB/s | 8.0 MB 00:08
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 217521f6
epel/gpgkey | 1.7 kB 00:00
Importing GPG key 0x217521F6 "Fedora EPEL <epel@fedoraproject.org>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID df9e12ef
EMI-1-base/gpgkey | 1.7 kB 00:00
Importing GPG key 0xDF9E12EF "Doina Cristina Aiftimiei (EMI Release Manager) <aiftim@pd.infn.it>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-emi
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libtool-ltdl 1/48
Updating : openldap 2/48
Installing : voms 3/48
Installing : voms-clients 4/48
Installing : expect 5/48
Installing : globus-openssl 6/48
Installing : globus-gsi-proxy-ssl 7/48
Installing : globus-libtool 8/48
Installing : globus-common 9/48
Installing : globus-gsi-openssl-error 10/48
Installing : globus-gsi-sysconfig 11/48
Installing : globus-openssl-module 12/48
Installing : globus-gsi-cert-utils 13/48
Installing : globus-gsi-callback 14/48
Installing : globus-gsi-credential 15/48
Installing : globus-gsi-proxy-core 16/48
Installing : globus-gssapi-gsi 17/48
Installing : globus-callout 18/48
Installing : globus-gss-assist 19/48
Installing : globus-xio 20/48
Installing : globus-usage 21/48
Installing : myproxy-libs 22/48
Installing : myproxy-server 23/48
Installing : glue-schema 24/48
Installing : globus-proxy-utils 25/48
Installing : myproxy 26/48
Installing : globus-common-progs 27/48
Installing : globus-openssl-progs 28/48
Installing : globus-gsi-cert-utils-progs 29/48
Installing : myproxy-admin 30/48
Installing : glite-yaim-core 31/48
Installing : glite-info-provider-service 32/48
Installing : emi-version 33/48
Installing : fetch-crl 34/48
Installing : glite-yaim-bdii 35/48
Updating : openldap 36/48
Installing : openldap-servers 37/48
Installing : openldap-clients 38/48
Installing : glite-px-proxyrenewal 39/48
Installing : bdii 40/48
Installing : glite-px-myproxy-yaim 41/48
Updating : openldap-devel 42/48
Installing : emi-px 43/48
Updating : openldap-devel 44/48
Cleanup : openldap 45/48
Cleanup : openldap 46/48
Cleanup : openldap-devel 47/48
Cleanup : openldap-devel 48/48
Installed:
emi-px.x86_64 0:1.0.0-1.sl5 glite-px-proxyrenewal.x86_64 0:1.3.21-1.sl5
Dependency Installed:
bdii.noarch 0:5.2.3-1.el5 emi-version.x86_64 0:1.0.1-1.sl5 expect.x86_64 0:5.43.0-5.1 fetch-crl.noarch 0:2.8.4-2.el5
glite-info-provider-service.noarch 0:1.6.3-1.el5 glite-px-myproxy-yaim.x86_64 0:4.1.4-2.sl5 glite-yaim-bdii.noarch 0:4.3.3-1.el5 glite-yaim-core.noarch 0:5.0.0-1.sl5
globus-callout.x86_64 0:0.7-8.el5 globus-common.x86_64 0:11.6-2.el5 globus-common-progs.x86_64 0:11.6-2.el5 globus-gsi-callback.x86_64 0:2.8-2.el5
globus-gsi-cert-utils.x86_64 0:6.7-2.el5 globus-gsi-cert-utils-progs.x86_64 0:6.7-2.el5 globus-gsi-credential.x86_64 0:3.5-3.el5 globus-gsi-openssl-error.x86_64 0:0.14-8.el5
globus-gsi-proxy-core.x86_64 0:4.7-2.el5 globus-gsi-proxy-ssl.x86_64 0:2.3-3.el5 globus-gsi-sysconfig.x86_64 0:3.1-4.el5 globus-gss-assist.x86_64 0:5.9-4.el5
globus-gssapi-gsi.x86_64 0:7.6-2.el5 globus-libtool.x86_64 0:1.2-4.el5 globus-openssl.x86_64 0:5.1-2.el5 globus-openssl-module.x86_64 0:1.3-3.el5
globus-openssl-progs.x86_64 0:5.1-2.el5 globus-proxy-utils.x86_64 0:3.9-3.el5 globus-usage.x86_64 0:1.4-2.el5 globus-xio.x86_64 0:2.8-4.el5
glue-schema.noarch 0:2.0.7-1.el5 libtool-ltdl.x86_64 0:1.5.22-7.el5_4 myproxy.x86_64 0:5.3-3.el5 myproxy-admin.x86_64 0:5.3-3.el5
myproxy-libs.x86_64 0:5.3-3.el5 myproxy-server.x86_64 0:5.3-3.el5 openldap-clients.x86_64 0:2.3.43-12.el5_6.7 openldap-servers.x86_64 0:2.3.43-12.el5_6.7
voms.x86_64 0:2.0.2-1.sl5 voms-clients.x86_64 0:2.0.0-1.sl5
Dependency Updated:
openldap.i386 0:2.3.43-12.el5_6.7 openldap.x86_64 0:2.3.43-12.el5_6.7 openldap-devel.i386 0:2.3.43-12.el5_6.7 openldap-devel.x86_64 0:2.3.43-12.el5_6.7
Complete!
[root@delwin yum.repos.d]# cd ~/
[root@delwin ~]# mkdir -m 700 yaim
[root@delwin ~]# cd yaim
[root@delwin yaim]#
[root@delwin yaim]# cat << EOF > site-info.def
> SITE_NAME=krakonosovo
> PX_HOST=`hostname -f`
> GRID_AUTHORIZED_RETRIEVERS="\*"
> GRID_AUTHORIZED_RENEWERS="`openssl x509 -in /etc/grid-security/hostcert.pem -noout -subject |sed -e 's/subject= //'`"
> EOF
[root@delwin yaim]#
[root@delwin yaim]# /opt/glite/yaim/bin/yaim -c -s ./site-info.def -n glite-PX
INFO: Using site configuration file: ./site-info.def
INFO:
###################################################################
. /'.-. ')
. yA,-"-,( ,m,:/ ) .oo. oo o ooo o. .oo
. / .-Y a a Y-. 8. .8' 8'8. 8 8b d'8
. / ~ ~ / 8' .8oo88. 8 8 8' 8
. (_/ '====' 8 .8' 8. 8 8 Y 8
. Y,-''-,Yy,-.,/ o8o o8o o88o o8o o8o o8o
. I_))_) I_))_)
current working directory: /root/yaim
site-info.def date: Jun 20 11:10 ./site-info.def
yaim command: -c -s ./site-info.def -n glite-PX
log file: /opt/glite/yaim/bin/../log/yaimlog
Mon Jun 20 11:10:25 CEST 2011 : /opt/glite/yaim/bin/yaim
Installed YAIM versions:
glite-px-myproxy-yaim -
glite-yaim-bdii 4.3.3-1
glite-yaim-core 5.0.0-1
####################################################################
INFO: The default location of the grid-env.(c)sh files will be: /usr/libexec
INFO: Sourcing the utilities in /opt/glite/yaim/functions/utils
INFO: Detecting environment
INFO: Executing function: config_host_certs_check
INFO: Executing function: config_edgusers_check
INFO: Executing function: config_proxy_server_check
INFO: Executing function: config_bdii_5.2_check
INFO: Executing function: config_info_service_px_check
INFO: Executing function: config_crl
INFO: Now updating the CRLs - this may take a few minutes...
Enabling periodic fetch-crl: [ OK ]
INFO: Executing function: config_host_certs
INFO: Executing function: config_edgusers
INFO: Executing function: config_proxy_server_setenv
INFO: Executing function: config_proxy_server
INFO: Reloading MyProxy server
INFO: MyProxy server not running so starting
Starting myproxy-server: [ OK ]
INFO: Executing function: config_bdii_5.2
Stopping BDII: BDII already stopped
Starting BDII slapd: [ OK ]
Starting BDII update process: [ OK ]
INFO: Executing function: config_info_service_px_setenv
INFO: Executing function: config_info_service_px
INFO: Configuration Complete. [ OK ]
INFO: YAIM terminated succesfully.
[root@delwin yaim]#
[root@delwin yaim]# mkdir ~glite/.certs
[root@delwin yaim]# cp /etc/grid-security/host* ~glite/.certs/
[root@delwin yaim]# chown -R glite ~glite/.certs/
[root@delwin yaim]#
[root@delwin yaim]# export GLITE_USER=glite
[root@delwin yaim]# export GLITE_HOST_KEY=/home/glite/.certs/hostkey.pem
[root@delwin yaim]# export GLITE_HOST_CERT=/home/glite/.certs/hostcert.pem
[root@delwin yaim]#
[root@delwin yaim]# /etc/init.d/glite-proxy-renewald start
Starting ProxyRenewal Daemon: glite-proxy-renewd ... done
Tests
Functionality Tests
| TestPlan | https://twiki.cern.ch/twiki/bin/view/EGEE/PXSoftwareVerificationandValidationPlan |
| Tests | http://glite.cvs.cern.ch/cgi-bin/glite.cgi/org.glite.testsuites.ctb/MyProxy/ |
Process
su - glite JOBID=https://fake.job.id/xxx myproxy-init -s localhost --certfile /tmp/usercred.p12 --keyfile /tmp/usercred.p12 -d -n voms-proxy-init -valid 0:40 -voms voce -key /tmp/usercred.p12 -cert /tmp/usercred.p12 -vomses /etc/vomses ORIG_PROXY=`voms-proxy-info | grep -E "^path" | sed 's/^path\s*:\s*//'` REGISTERED_PROXY=`glite-proxy-renew -s localhost -f $ORIG_PROXY -j $JOBID start` printf "\tProxy:\t$ORIG_PROXY\n\tRenew:\t$REGISTERED_PROXY\n"; \ printf "Registered proxy -- "; \ voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ printf "sleeping..."; \ sleep 600; \ printf "\nRegistered proxy -- ";\ voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ printf "Original proxy -- "; \ voms-proxy-info -file $ORIG_PROXY | grep timeleft; \ printf "\nRegistered proxy -- "; \ voms-proxy-info -file $REGISTERED_PROXY -fqan -actimeleft; \ printf "Original proxy -- "; \ voms-proxy-info -file $ORIG_PROXY -fqan -actimeleft; \ printf "\nRegistered proxy -- "; \ voms-proxy-info -file $REGISTERED_PROXY -identity; \ printf "Original proxy -- ";\ voms-proxy-info -file $ORIG_PROXY -identity; \ glite-proxy-renew -j $JOBID stop; \ ls $REGISTERED_PROXY 2>&1 | grep 'No such file or directory' > /dev/null && echo OK
Output
[root@delwin ~]# su - glite [glite@delwin ~]$ JOBID=https://fake.job.id/xxx [glite@delwin ~]$ myproxy-init -s localhost --certfile /tmp/usercred.p12 --keyfile /tmp/usercred.p12 -d -n Enter GRID pass phrase for this identity: Your identity: /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 Creating proxy ............................................................................ Done Proxy Verify OK Your proxy is valid until: Mon Jun 27 11:22:14 2011 A proxy valid for 168 hours (7.0 days) for user /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 now exists on localhost. [glite@delwin ~]$ voms-proxy-init -valid 0:40 -voms voce -key /tmp/usercred.p12 -cert /tmp/usercred.p12 -vomses /etc/vomses Enter GRID pass phrase for this identity: Your identity: /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 Creating temporary proxy ........................................ Done Contacting voms1.egee.cesnet.cz:7001 [/DC=cz/DC=cesnet-ca/O=CESNET/CN=voms1.egee.cesnet.cz] "voce" Done Creating proxy .......................................... Done Your proxy is valid until Mon Jun 20 12:02:29 2011 [glite@delwin ~]$ ORIG_PROXY=`voms-proxy-info | grep -E "^path" | sed 's/^path\s*:\s*//'` [glite@delwin ~]$ REGISTERED_PROXY=`glite-proxy-renew -s localhost -f $ORIG_PROXY -j $JOBID start` [glite@delwin ~]$ printf "\tProxy:\t$ORIG_PROXY\n\tRenew:\t$REGISTERED_PROXY\n"; \ > printf "Registered proxy -- "; \ > voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ > printf "sleeping..."; \ > sleep 600; \ > printf "\nRegistered proxy -- ";\ > voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ > printf "Original proxy -- "; \ > voms-proxy-info -file $ORIG_PROXY | grep timeleft; \ > printf "\nRegistered proxy -- "; \ > voms-proxy-info -file $REGISTERED_PROXY -fqan -actimeleft; \ > printf "Original proxy -- "; \ > voms-proxy-info -file $ORIG_PROXY -fqan -actimeleft; \ > printf "\nRegistered proxy -- "; \ > voms-proxy-info -file $REGISTERED_PROXY -identity; \ > printf "Original proxy -- ";\ > voms-proxy-info -file $ORIG_PROXY -identity; \ > glite-proxy-renew -j $JOBID stop; \ > ls $REGISTERED_PROXY 2>&1 | grep 'No such file or directory' > /dev/null && echo OK Proxy: /tmp/x509up_u155 Renew: /var/glite/spool/glite-renewd/46f28dc374755cd61d02c581fea41d04.0 Registered proxy -- timeleft : 0:39:47 sleeping... Registered proxy -- timeleft : 9:53:51 Original proxy -- timeleft : 0:29:47 Registered proxy -- 42829 /voce/Role=NULL/Capability=NULL Original proxy -- 1785 /voce/Role=NULL/Capability=NULL Registered proxy -- /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040/CN=1695898717/CN=1370012239/CN=646991560 Original proxy -- /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 OK
Unit Tests
Moduleemi.px.proxyrenewal is not covered by unit tests. For other modules in the emi.px substyem unit tests are not applicable at all.
Upgrade from production
Environment
Clean SL5 installation according to EMI guidelines (CA certificates, ...), fully updated by callingyum update -y. EPEL repository installed by calling =rpm -Uvhi http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm=. VOMS installed and configured.
Process
rpm -Uvhi http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm yum install -y yum-priorities yum-protectbase rpm -i http://emisoft.web.cern.ch/emisoft/dist/EMI/1/sl5/x86_64/base/emi-release-1.0.0-1.sl5.noarch.rpm yum install -y emi-px glite-px-proxyrenewal cd ~/ mkdir -m 700 yaim cd yaim cat << EOF > site-info.def SITE_NAME=krakonosovo PX_HOST=`hostname -f` GRID_AUTHORIZED_RETRIEVERS="\*" GRID_AUTHORIZED_RENEWERS="`openssl x509 -in /etc/grid-security/hostcert.pem -noout -subject |sed -e 's/subject= //'`" EOF #Work around bugs #83392 groupadd glite groupadd infosys /opt/glite/yaim/bin/yaim -c -s ./site-info.def -n glite-PX mkdir ~glite/.certs cp /etc/grid-security/host* ~glite/.certs/ chown -R glite ~glite/.certs/ export GLITE_USER=glite export GLITE_HOST_KEY=/home/glite/.certs/hostkey.pem export GLITE_HOST_CERT=/home/glite/.certs/hostcert.pem /etc/init.d/glite-proxy-renewald start cd /etc/yum.repos.d wget http://etics-repository.cern.ch/repository/pm/registered/repomd/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/etics-registered-build-by-id-protect.repo echo priority=45 >> etics-registered-build-by-id-protect.repo yum -y update /etc/init.d/glite-proxy-renewald restart
Full output of the installation
[root@delwin ~]# rpm -Uvhi http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
Retrieving http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
warning: /var/tmp/rpm-xfer.c0zX14: Header V3 DSA signature: NOKEY, key ID 217521f6
Preparing... ########################################### [100%]
1:epel-release ########################################### [100%]
[root@delwin ~]# yum install -y yum-priorities yum-protectbase
Loaded plugins: kernel-module
epel | 3.7 kB 00:00
epel/primary_db | 3.7 MB 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package yum-priorities.noarch 0:1.1.16-14.el5 set to be updated
---> Package yum-protectbase.noarch 0:1.1.16-14.el5 set to be updated
--> Finished Dependency Resolution
Beginning Kernel Module Plugin
Finished Kernel Module Plugin
Dependencies Resolved
============================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================
Installing:
yum-priorities noarch 1.1.16-14.el5 sl-base 14 k
yum-protectbase noarch 1.1.16-14.el5 sl-base 12 k
Transaction Summary
============================================================================================================================================================================================
Install 2 Package(s)
Upgrade 0 Package(s)
Total download size: 25 k
Downloading Packages:
(1/2): yum-protectbase-1.1.16-14.el5.noarch.rpm | 12 kB 00:00
(2/2): yum-priorities-1.1.16-14.el5.noarch.rpm | 14 kB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 22 kB/s | 25 kB 00:01
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : yum-protectbase 1/2
Installing : yum-priorities 2/2
Installed:
yum-priorities.noarch 0:1.1.16-14.el5 yum-protectbase.noarch 0:1.1.16-14.el5
Complete!
[root@delwin ~]# rpm -i http://emisoft.web.cern.ch/emisoft/dist/EMI/1/sl5/x86_64/base/emi-release-1.0.0-1.sl5.noarch.rpm
warning: /var/tmp/rpm-xfer.7pwIcq: Header V3 DSA signature: NOKEY, key ID df9e12ef
[root@delwin ~]#
[root@delwin ~]# yum install -y emi-px glite-px-proxyrenewal
Loaded plugins: kernel-module, priorities, protectbase
EMI-1-base | 1.9 kB 00:00
EMI-1-base/primary_db | 198 kB 00:00
EMI-1-third-party | 1.9 kB 00:00
EMI-1-third-party/primary_db | 25 kB 00:00
EMI-1-updates | 1.9 kB 00:00
EMI-1-updates/primary_db | 5.5 kB 00:00
153 packages excluded due to repository priority protections
0 packages excluded due to repository protections
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package emi-px.x86_64 0:1.0.0-1.sl5 set to be updated
--> Processing Dependency: glite-px-myproxy-yaim for package: emi-px
--> Processing Dependency: emi-version for package: emi-px
--> Processing Dependency: myproxy-admin for package: emi-px
--> Processing Dependency: fetch-crl for package: emi-px
--> Processing Dependency: bdii for package: emi-px
--> Processing Dependency: myproxy-server for package: emi-px
--> Processing Dependency: glue-schema for package: emi-px
--> Processing Dependency: glite-info-provider-service for package: emi-px
---> Package glite-px-proxyrenewal.x86_64 0:1.3.19-1.sl5 set to be updated
--> Processing Dependency: voms for package: glite-px-proxyrenewal
--> Processing Dependency: globus-gssapi-gsi for package: glite-px-proxyrenewal
--> Processing Dependency: myproxy-libs for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_credential.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_cert_utils.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_sysconfig.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libltdl.so.3()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_openssl.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libvomsapi.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_proxy_ssl.so.1()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_callback.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gsi_proxy_core.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_xio.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libmyproxy.so.5()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_openssl_error.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_oldgaa.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gssapi_gsi.so.4()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_common.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_gss_assist.so.3()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_callout.so.0()(64bit) for package: glite-px-proxyrenewal
--> Processing Dependency: libglobus_usage.so.0()(64bit) for package: glite-px-proxyrenewal
--> Running transaction check
---> Package bdii.noarch 0:5.2.3-1.el5 set to be updated
--> Processing Dependency: expect for package: bdii
--> Processing Dependency: openldap-servers for package: bdii
--> Processing Dependency: openldap-clients for package: bdii
---> Package emi-version.x86_64 0:1.0.1-1.sl5 set to be updated
---> Package fetch-crl.noarch 0:2.8.4-2.el5 set to be updated
---> Package glite-info-provider-service.noarch 0:1.6.3-1.el5 set to be updated
---> Package glite-px-myproxy-yaim.x86_64 0:4.1.4-2.sl5 set to be updated
--> Processing Dependency: glite-yaim-core for package: glite-px-myproxy-yaim
--> Processing Dependency: glite-yaim-bdii for package: glite-px-myproxy-yaim
---> Package globus-callout.x86_64 0:0.7-8.el5 set to be updated
--> Processing Dependency: globus-libtool >= 1 for package: globus-callout
---> Package globus-common.x86_64 0:11.6-2.el5 set to be updated
---> Package globus-gsi-callback.x86_64 0:2.8-2.el5 set to be updated
--> Processing Dependency: globus-openssl >= 1 for package: globus-gsi-callback
---> Package globus-gsi-cert-utils.x86_64 0:6.7-2.el5 set to be updated
---> Package globus-gsi-credential.x86_64 0:3.5-3.el5 set to be updated
---> Package globus-gsi-openssl-error.x86_64 0:0.14-8.el5 set to be updated
---> Package globus-gsi-proxy-core.x86_64 0:4.7-2.el5 set to be updated
---> Package globus-gsi-proxy-ssl.x86_64 0:2.3-3.el5 set to be updated
---> Package globus-gsi-sysconfig.x86_64 0:3.1-4.el5 set to be updated
---> Package globus-gss-assist.x86_64 0:5.9-4.el5 set to be updated
---> Package globus-gssapi-gsi.x86_64 0:7.6-2.el5 set to be updated
---> Package globus-openssl-module.x86_64 0:1.3-3.el5 set to be updated
---> Package globus-usage.x86_64 0:1.4-2.el5 set to be updated
---> Package globus-xio.x86_64 0:2.8-4.el5 set to be updated
---> Package glue-schema.noarch 0:2.0.7-1.el5 set to be updated
---> Package libtool-ltdl.x86_64 0:1.5.22-7.el5_4 set to be updated
---> Package myproxy-admin.x86_64 0:5.3-3.el5 set to be updated
--> Processing Dependency: myproxy = 5.3-3.el5 for package: myproxy-admin
--> Processing Dependency: globus-gsi-cert-utils-progs for package: myproxy-admin
---> Package myproxy-libs.x86_64 0:5.3-3.el5 set to be updated
---> Package myproxy-server.x86_64 0:5.3-3.el5 set to be updated
---> Package voms.x86_64 0:2.0.2-1.sl5 set to be updated
--> Running transaction check
---> Package expect.x86_64 0:5.43.0-5.1 set to be updated
---> Package glite-yaim-bdii.noarch 0:4.3.3-1.el5 set to be updated
---> Package glite-yaim-core.noarch 0:5.0.0-1.sl5 set to be updated
---> Package globus-gsi-cert-utils-progs.x86_64 0:6.7-2.el5 set to be updated
--> Processing Dependency: globus-common-setup >= 2 for package: globus-gsi-cert-utils-progs
--> Processing Dependency: globus-openssl-progs >= 1 for package: globus-gsi-cert-utils-progs
---> Package globus-libtool.x86_64 0:1.2-4.el5 set to be updated
---> Package globus-openssl.x86_64 0:5.1-2.el5 set to be updated
---> Package myproxy.x86_64 0:5.3-3.el5 set to be updated
--> Processing Dependency: globus-proxy-utils for package: myproxy
--> Processing Dependency: voms-clients for package: myproxy
---> Package openldap-clients.x86_64 0:2.3.43-12.el5_6.7 set to be updated
---> Package openldap-servers.x86_64 0:2.3.43-12.el5_6.7 set to be updated
EMI-1-base/filelists_db | 167 kB 00:00
EMI-1-third-party/filelists_db | 57 kB 00:00
EMI-1-updates/filelists_db | 1.8 kB 00:00
epel/filelists_db | 5.3 MB 00:00
--> Running transaction check
---> Package globus-common-progs.x86_64 0:11.6-2.el5 set to be updated
---> Package globus-openssl-progs.x86_64 0:5.1-2.el5 set to be updated
---> Package globus-proxy-utils.x86_64 0:3.9-3.el5 set to be updated
---> Package voms-clients.x86_64 0:2.0.0-1.sl5 set to be updated
--> Finished Dependency Resolution
Beginning Kernel Module Plugin
Finished Kernel Module Plugin
Dependencies Resolved
============================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================
Installing:
emi-px x86_64 1.0.0-1.sl5 EMI-1-base 1.7 k
glite-px-proxyrenewal x86_64 1.3.19-1.sl5 EMI-1-base 58 k
Installing for dependencies:
bdii noarch 5.2.3-1.el5 EMI-1-base 20 k
emi-version x86_64 1.0.1-1.sl5 EMI-1-updates 2.1 k
expect x86_64 5.43.0-5.1 sl-base 160 k
fetch-crl noarch 2.8.4-2.el5 epel 24 k
glite-info-provider-service noarch 1.6.3-1.el5 EMI-1-base 50 k
glite-px-myproxy-yaim x86_64 4.1.4-2.sl5 EMI-1-base 8.1 k
glite-yaim-bdii noarch 4.3.3-1.el5 EMI-1-base 10 k
glite-yaim-core noarch 5.0.0-1.sl5 EMI-1-base 116 k
globus-callout x86_64 0.7-8.el5 epel 16 k
globus-common x86_64 11.6-2.el5 epel 109 k
globus-common-progs x86_64 11.6-2.el5 epel 63 k
globus-gsi-callback x86_64 2.8-2.el5 epel 39 k
globus-gsi-cert-utils x86_64 6.7-2.el5 epel 18 k
globus-gsi-cert-utils-progs x86_64 6.7-2.el5 epel 26 k
globus-gsi-credential x86_64 3.5-3.el5 epel 32 k
globus-gsi-openssl-error x86_64 0.14-8.el5 epel 15 k
globus-gsi-proxy-core x86_64 4.7-2.el5 epel 33 k
globus-gsi-proxy-ssl x86_64 2.3-3.el5 epel 17 k
globus-gsi-sysconfig x86_64 3.1-4.el5 epel 28 k
globus-gss-assist x86_64 5.9-4.el5 epel 31 k
globus-gssapi-gsi x86_64 7.6-2.el5 epel 54 k
globus-libtool x86_64 1.2-4.el5 epel 4.2 k
globus-openssl x86_64 5.1-2.el5 epel 4.6 k
globus-openssl-module x86_64 1.3-3.el5 epel 13 k
globus-openssl-progs x86_64 5.1-2.el5 epel 4.3 k
globus-proxy-utils x86_64 3.9-3.el5 epel 44 k
globus-usage x86_64 1.4-2.el5 epel 15 k
globus-xio x86_64 2.8-4.el5 epel 123 k
glue-schema noarch 2.0.7-1.el5 EMI-1-base 33 k
libtool-ltdl x86_64 1.5.22-7.el5_4 sl-base 38 k
myproxy x86_64 5.3-3.el5 epel 82 k
myproxy-admin x86_64 5.3-3.el5 epel 52 k
myproxy-libs x86_64 5.3-3.el5 epel 118 k
myproxy-server x86_64 5.3-3.el5 epel 51 k
openldap-clients x86_64 2.3.43-12.el5_6.7 sl-security 223 k
openldap-servers x86_64 2.3.43-12.el5_6.7 sl-security 2.2 M
voms x86_64 2.0.2-1.sl5 EMI-1-base 165 k
voms-clients x86_64 2.0.0-1.sl5 EMI-1-base 178 k
Transaction Summary
============================================================================================================================================================================================
Install 40 Package(s)
Upgrade 0 Package(s)
Total download size: 4.2 M
Downloading Packages:
(1/40): emi-px-1.0.0-1.sl5.x86_64.rpm | 1.7 kB 00:00
(2/40): emi-version-1.0.1-1.sl5.x86_64.rpm | 2.1 kB 00:00
(3/40): globus-libtool-1.2-4.el5.x86_64.rpm | 4.2 kB 00:00
(4/40): globus-openssl-progs-5.1-2.el5.x86_64.rpm | 4.3 kB 00:00
(5/40): globus-openssl-5.1-2.el5.x86_64.rpm | 4.6 kB 00:00
(6/40): glite-px-myproxy-yaim-4.1.4-2.sl5.x86_64.rpm | 8.1 kB 00:00
(7/40): glite-yaim-bdii-4.3.3-1.el5.noarch.rpm | 10 kB 00:00
(8/40): globus-openssl-module-1.3-3.el5.x86_64.rpm | 13 kB 00:00
(9/40): globus-gsi-openssl-error-0.14-8.el5.x86_64.rpm | 15 kB 00:00
(10/40): globus-usage-1.4-2.el5.x86_64.rpm | 15 kB 00:00
(11/40): globus-callout-0.7-8.el5.x86_64.rpm | 16 kB 00:00
(12/40): globus-gsi-proxy-ssl-2.3-3.el5.x86_64.rpm | 17 kB 00:00
(13/40): globus-gsi-cert-utils-6.7-2.el5.x86_64.rpm | 18 kB 00:00
(14/40): bdii-5.2.3-1.el5.noarch.rpm | 20 kB 00:00
(15/40): fetch-crl-2.8.4-2.el5.noarch.rpm | 24 kB 00:00
(16/40): globus-gsi-cert-utils-progs-6.7-2.el5.x86_64.rpm | 26 kB 00:00
(17/40): globus-gsi-sysconfig-3.1-4.el5.x86_64.rpm | 28 kB 00:00
(18/40): globus-gss-assist-5.9-4.el5.x86_64.rpm | 31 kB 00:00
(19/40): globus-gsi-credential-3.5-3.el5.x86_64.rpm | 32 kB 00:00
(20/40): glue-schema-2.0.7-1.el5.noarch.rpm | 33 kB 00:00
(21/40): globus-gsi-proxy-core-4.7-2.el5.x86_64.rpm | 33 kB 00:00
(22/40): libtool-ltdl-1.5.22-7.el5_4.x86_64.rpm | 38 kB 00:00
(23/40): globus-gsi-callback-2.8-2.el5.x86_64.rpm | 39 kB 00:00
(24/40): globus-proxy-utils-3.9-3.el5.x86_64.rpm | 44 kB 00:00
(25/40): glite-info-provider-service-1.6.3-1.el5.noarch.rpm | 50 kB 00:00
(26/40): myproxy-server-5.3-3.el5.x86_64.rpm | 51 kB 00:00
(27/40): myproxy-admin-5.3-3.el5.x86_64.rpm | 52 kB 00:00
(28/40): globus-gssapi-gsi-7.6-2.el5.x86_64.rpm | 54 kB 00:00
(29/40): glite-px-proxyrenewal-1.3.19-1.sl5.x86_64.rpm | 58 kB 00:00
(30/40): globus-common-progs-11.6-2.el5.x86_64.rpm | 63 kB 00:00
(31/40): myproxy-5.3-3.el5.x86_64.rpm | 82 kB 00:00
(32/40): globus-common-11.6-2.el5.x86_64.rpm | 109 kB 00:00
(33/40): glite-yaim-core-5.0.0-1.sl5.noarch.rpm | 116 kB 00:00
(34/40): myproxy-libs-5.3-3.el5.x86_64.rpm | 118 kB 00:00
(35/40): globus-xio-2.8-4.el5.x86_64.rpm | 123 kB 00:00
(36/40): expect-5.43.0-5.1.x86_64.rpm | 160 kB 00:00
(37/40): voms-2.0.2-1.sl5.x86_64.rpm | 165 kB 00:00
(38/40): voms-clients-2.0.0-1.sl5.x86_64.rpm | 178 kB 00:00
(39/40): openldap-clients-2.3.43-12.el5_6.7.x86_64.rpm | 223 kB 00:00
(40/40): openldap-servers-2.3.43-12.el5_6.7.x86_64.rpm | 2.2 MB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 896 kB/s | 4.2 MB 00:04
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 217521f6
epel/gpgkey | 1.7 kB 00:00
Importing GPG key 0x217521F6 "Fedora EPEL <epel@fedoraproject.org>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID df9e12ef
EMI-1-base/gpgkey | 1.7 kB 00:00
Importing GPG key 0xDF9E12EF "Doina Cristina Aiftimiei (EMI Release Manager) <aiftim@pd.infn.it>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-emi
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libtool-ltdl 1/40
Installing : voms 2/40
Installing : voms-clients 3/40
Installing : openldap-servers 4/40
Installing : openldap-clients 5/40
Installing : expect 6/40
Installing : globus-openssl 7/40
Installing : globus-gsi-proxy-ssl 8/40
Installing : globus-libtool 9/40
Installing : globus-common 10/40
Installing : globus-gsi-openssl-error 11/40
Installing : globus-gsi-sysconfig 12/40
Installing : globus-openssl-module 13/40
Installing : globus-gsi-cert-utils 14/40
Installing : globus-gsi-callback 15/40
Installing : globus-gsi-credential 16/40
Installing : globus-gsi-proxy-core 17/40
Installing : globus-gssapi-gsi 18/40
Installing : globus-callout 19/40
Installing : globus-gss-assist 20/40
Installing : globus-xio 21/40
Installing : globus-usage 22/40
Installing : myproxy-libs 23/40
Installing : myproxy-server 24/40
Installing : glue-schema 25/40
Installing : globus-proxy-utils 26/40
Installing : myproxy 27/40
Installing : globus-common-progs 28/40
Installing : bdii 29/40
Installing : globus-openssl-progs 30/40
Installing : globus-gsi-cert-utils-progs 31/40
Installing : myproxy-admin 32/40
Installing : glite-yaim-core 33/40
Installing : glite-info-provider-service 34/40
Installing : emi-version 35/40
Installing : fetch-crl 36/40
Installing : glite-yaim-bdii 37/40
Installing : glite-px-proxyrenewal 38/40
Installing : glite-px-myproxy-yaim 39/40
Installing : emi-px 40/40
Installed:
emi-px.x86_64 0:1.0.0-1.sl5 glite-px-proxyrenewal.x86_64 0:1.3.19-1.sl5
Dependency Installed:
bdii.noarch 0:5.2.3-1.el5 emi-version.x86_64 0:1.0.1-1.sl5 expect.x86_64 0:5.43.0-5.1 fetch-crl.noarch 0:2.8.4-2.el5
glite-info-provider-service.noarch 0:1.6.3-1.el5 glite-px-myproxy-yaim.x86_64 0:4.1.4-2.sl5 glite-yaim-bdii.noarch 0:4.3.3-1.el5 glite-yaim-core.noarch 0:5.0.0-1.sl5
globus-callout.x86_64 0:0.7-8.el5 globus-common.x86_64 0:11.6-2.el5 globus-common-progs.x86_64 0:11.6-2.el5 globus-gsi-callback.x86_64 0:2.8-2.el5
globus-gsi-cert-utils.x86_64 0:6.7-2.el5 globus-gsi-cert-utils-progs.x86_64 0:6.7-2.el5 globus-gsi-credential.x86_64 0:3.5-3.el5 globus-gsi-openssl-error.x86_64 0:0.14-8.el5
globus-gsi-proxy-core.x86_64 0:4.7-2.el5 globus-gsi-proxy-ssl.x86_64 0:2.3-3.el5 globus-gsi-sysconfig.x86_64 0:3.1-4.el5 globus-gss-assist.x86_64 0:5.9-4.el5
globus-gssapi-gsi.x86_64 0:7.6-2.el5 globus-libtool.x86_64 0:1.2-4.el5 globus-openssl.x86_64 0:5.1-2.el5 globus-openssl-module.x86_64 0:1.3-3.el5
globus-openssl-progs.x86_64 0:5.1-2.el5 globus-proxy-utils.x86_64 0:3.9-3.el5 globus-usage.x86_64 0:1.4-2.el5 globus-xio.x86_64 0:2.8-4.el5
glue-schema.noarch 0:2.0.7-1.el5 libtool-ltdl.x86_64 0:1.5.22-7.el5_4 myproxy.x86_64 0:5.3-3.el5 myproxy-admin.x86_64 0:5.3-3.el5
myproxy-libs.x86_64 0:5.3-3.el5 myproxy-server.x86_64 0:5.3-3.el5 openldap-clients.x86_64 0:2.3.43-12.el5_6.7 openldap-servers.x86_64 0:2.3.43-12.el5_6.7
voms.x86_64 0:2.0.2-1.sl5 voms-clients.x86_64 0:2.0.0-1.sl5
Complete!
[root@delwin ~]#
[root@delwin ~]#
[root@delwin ~]# cd ~/
[root@delwin ~]# mkdir -m 700 yaim
[root@delwin ~]# cd yaim
[root@delwin yaim]#
[root@delwin yaim]# cat << EOF > site-info.def
> SITE_NAME=krakonosovo
> PX_HOST=`hostname -f`
> GRID_AUTHORIZED_RETRIEVERS="\*"
> GRID_AUTHORIZED_RENEWERS="`openssl x509 -in /etc/grid-security/hostcert.pem -noout -subject |sed -e 's/subject= //'`"
> EOF
[root@delwin yaim]#
[root@delwin yaim]# #Work around bugs #83392
[root@delwin yaim]# groupadd glite
[root@delwin yaim]# groupadd infosys
[root@delwin yaim]#
[root@delwin yaim]# /opt/glite/yaim/bin/yaim -c -s ./site-info.def -n glite-PX
INFO: Using site configuration file: ./site-info.def
INFO:
###################################################################
. /'.-. ')
. yA,-"-,( ,m,:/ ) .oo. oo o ooo o. .oo
. / .-Y a a Y-. 8. .8' 8'8. 8 8b d'8
. / ~ ~ / 8' .8oo88. 8 8 8' 8
. (_/ '====' 8 .8' 8. 8 8 Y 8
. Y,-''-,Yy,-.,/ o8o o8o o88o o8o o8o o8o
. I_))_) I_))_)
current working directory: /root/yaim
site-info.def date: Jun 20 13:58 ./site-info.def
yaim command: -c -s ./site-info.def -n glite-PX
log file: /opt/glite/yaim/bin/../log/yaimlog
Mon Jun 20 13:58:19 CEST 2011 : /opt/glite/yaim/bin/yaim
Installed YAIM versions:
glite-px-myproxy-yaim -
glite-yaim-bdii 4.3.3-1
glite-yaim-core 5.0.0-1
####################################################################
INFO: The default location of the grid-env.(c)sh files will be: /usr/libexec
INFO: Sourcing the utilities in /opt/glite/yaim/functions/utils
INFO: Detecting environment
INFO: Executing function: config_host_certs_check
INFO: Executing function: config_edgusers_check
INFO: Executing function: config_proxy_server_check
INFO: Executing function: config_bdii_5.2_check
INFO: Executing function: config_info_service_px_check
INFO: Executing function: config_crl
INFO: Now updating the CRLs - this may take a few minutes...
Enabling periodic fetch-crl: [ OK ]
INFO: Executing function: config_host_certs
INFO: Executing function: config_edgusers
INFO: Executing function: config_proxy_server_setenv
INFO: Executing function: config_proxy_server
INFO: Reloading MyProxy server
INFO: MyProxy server not running so starting
Starting myproxy-server: [ OK ]
INFO: Executing function: config_bdii_5.2
Stopping BDII: BDII already stopped
Starting BDII slapd: [ OK ]
Starting BDII update process: [ OK ]
INFO: Executing function: config_info_service_px_setenv
INFO: Executing function: config_info_service_px
INFO: Configuration Complete. [ OK ]
INFO: YAIM terminated succesfully.
[root@delwin yaim]#
[root@delwin yaim]# mkdir ~glite/.certs
[root@delwin yaim]# cp /etc/grid-security/host* ~glite/.certs/
[root@delwin yaim]# chown -R glite ~glite/.certs/
[root@delwin yaim]#
[root@delwin yaim]# export GLITE_USER=glite
[root@delwin yaim]# export GLITE_HOST_KEY=/home/glite/.certs/hostkey.pem
[root@delwin yaim]# export GLITE_HOST_CERT=/home/glite/.certs/hostcert.pem
[root@delwin yaim]#
[root@delwin yaim]# /etc/init.d/glite-proxy-renewald start
Starting ProxyRenewal Daemon: glite-proxy-renewd ... done
[root@delwin yaim]# cd /etc/yum.repos.d
[root@delwin yum.repos.d]# wget http://etics-repository.cern.ch/repository/pm/registered/repomd/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/etics-registered-build-by-id-protect.repo
--2011-06-20 14:22:10-- http://etics-repository.cern.ch/repository/pm/registered/repomd/id/f850dc7c-4774-4b6f-98cf-5bb7eb205d18/sl5_x86_64_gcc412EPEL/etics-registered-build-by-id-protect.repo
Resolving etics-repository.cern.ch... 128.142.130.60
Connecting to etics-repository.cern.ch|128.142.130.60|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 878
Saving to: `etics-registered-build-by-id-protect.repo'
100%[==================================================================================================================================================>] 878 --.-K/s in 0s
2011-06-20 14:22:10 (49.3 MB/s) - `etics-registered-build-by-id-protect.repo' saved [878/878]
[root@delwin yum.repos.d]# echo priority=45 >> etics-registered-build-by-id-protect.repo
[root@delwin yum.repos.d]#
[root@delwin yum.repos.d]# yum -y update
Loaded plugins: kernel-module, priorities, protectbase
ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL | 764 B 00:00
ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL/primary | 4.0 kB 00:00
ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL 11/11
153 packages excluded due to repository priority protections
0 packages excluded due to repository protections
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package glite-px-proxyrenewal.x86_64 0:1.3.21-1.sl5 set to be updated
--> Finished Dependency Resolution
Beginning Kernel Module Plugin
Finished Kernel Module Plugin
Dependencies Resolved
============================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================
Updating:
glite-px-proxyrenewal x86_64 1.3.21-1.sl5 ETICS-registered-build-f850dc7c-4774-4b6f-98cf-5bb7eb205d18-sl5_x86_64_gcc412EPEL 85 k
Transaction Summary
============================================================================================================================================================================================
Install 0 Package(s)
Upgrade 1 Package(s)
Total download size: 85 k
Downloading Packages:
glite-px-proxyrenewal-1.3.21-1.sl5.x86_64.rpm | 85 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : glite-px-proxyrenewal 1/2
Cleanup : glite-px-proxyrenewal 2/2
Updated:
glite-px-proxyrenewal.x86_64 0:1.3.21-1.sl5
Complete!
[root@delwin yum.repos.d]#
[root@delwin yum.repos.d]# /etc/init.d/glite-proxy-renewald restart
Stopping ProxyRenewal Daemon: glite-proxy-renewd ... force quit after 10 seconds
Starting ProxyRenewal Daemon: glite-proxy-renewd ... done
Tests
Functionality Tests
| TestPlan | https://twiki.cern.ch/twiki/bin/view/EGEE/PXSoftwareVerificationandValidationPlan |
| Tests | http://glite.cvs.cern.ch/cgi-bin/glite.cgi/org.glite.testsuites.ctb/MyProxy/ |
Process
su - glite JOBID=https://fake.job.id/xxx myproxy-init -s localhost --certfile /tmp/usercred.p12 --keyfile /tmp/usercred.p12 -d -n voms-proxy-init -valid 0:40 -voms voce -key /tmp/usercred.p12 -cert /tmp/usercred.p12 -vomses /etc/vomses ORIG_PROXY=`voms-proxy-info | grep -E "^path" | sed 's/^path\s*:\s*//'` REGISTERED_PROXY=`glite-proxy-renew -s localhost -f $ORIG_PROXY -j $JOBID start` printf "\tProxy:\t$ORIG_PROXY\n\tRenew:\t$REGISTERED_PROXY\n"; \ printf "Registered proxy -- "; \ voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ printf "sleeping..."; \ sleep 600; \ printf "\nRegistered proxy -- ";\ voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ printf "Original proxy -- "; \ voms-proxy-info -file $ORIG_PROXY | grep timeleft; \ printf "\nRegistered proxy -- "; \ voms-proxy-info -file $REGISTERED_PROXY -fqan -actimeleft; \ printf "Original proxy -- "; \ voms-proxy-info -file $ORIG_PROXY -fqan -actimeleft; \ printf "\nRegistered proxy -- "; \ voms-proxy-info -file $REGISTERED_PROXY -identity; \ printf "Original proxy -- ";\ voms-proxy-info -file $ORIG_PROXY -identity; \ glite-proxy-renew -j $JOBID stop; \ ls $REGISTERED_PROXY 2>&1 | grep 'No such file or directory' > /dev/null && echo OK
Output
[root@delwin ~]# su - glite [glite@delwin ~]$ JOBID=https://fake.job.id/xxx [glite@delwin ~]$ myproxy-init -s localhost --certfile /tmp/usercred.p12 --keyfile /tmp/usercred.p12 -d -n Enter GRID pass phrase for this identity: Your identity: /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 Creating proxy ............................................... Done Proxy Verify OK Your proxy is valid until: Mon Jun 27 14:25:32 2011 A proxy valid for 168 hours (7.0 days) for user /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 now exists on localhost. [glite@delwin ~]$ voms-proxy-init -valid 0:40 -voms voce -key /tmp/usercred.p12 -cert /tmp/usercred.p12 -vomses /etc/vomses Enter GRID pass phrase for this identity: Your identity: /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 Creating temporary proxy ................................................................. Done Contacting voms1.egee.cesnet.cz:7001 [/DC=cz/DC=cesnet-ca/O=CESNET/CN=voms1.egee.cesnet.cz] "voce" Done Creating proxy ....................... Done Your proxy is valid until Mon Jun 20 15:06:46 2011 [glite@delwin ~]$ ORIG_PROXY=`voms-proxy-info | grep -E "^path" | sed 's/^path\s*:\s*//'` [glite@delwin ~]$ REGISTERED_PROXY=`glite-proxy-renew -s localhost -f $ORIG_PROXY -j $JOBID start` [glite@delwin ~]$ printf "\tProxy:\t$ORIG_PROXY\n\tRenew:\t$REGISTERED_PROXY\n"; \ > printf "Registered proxy -- "; \ > voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ > printf "sleeping..."; \ > sleep 600; \ > printf "\nRegistered proxy -- ";\ > voms-proxy-info -file $REGISTERED_PROXY | grep timeleft; \ > printf "Original proxy -- "; \ > voms-proxy-info -file $ORIG_PROXY | grep timeleft; \ > printf "\nRegistered proxy -- "; \ > voms-proxy-info -file $REGISTERED_PROXY -fqan -actimeleft; \ > printf "Original proxy -- "; \ > voms-proxy-info -file $ORIG_PROXY -fqan -actimeleft; \ > printf "\nRegistered proxy -- "; \ > voms-proxy-info -file $REGISTERED_PROXY -identity; \ > printf "Original proxy -- ";\ > voms-proxy-info -file $ORIG_PROXY -identity; \ > glite-proxy-renew -j $JOBID stop; \ > ls $REGISTERED_PROXY 2>&1 | grep 'No such file or directory' > /dev/null && echo OK Proxy: /tmp/x509up_u155 Renew: /var/glite/spool/glite-renewd/46f28dc374755cd61d02c581fea41d04.0 Registered proxy -- timeleft : 0:39:51 sleeping... Registered proxy -- timeleft : 9:55:58 Original proxy -- timeleft : 0:29:51 Registered proxy -- 42956 /voce/Role=NULL/Capability=NULL Original proxy -- 1789 /voce/Role=NULL/Capability=NULL Registered proxy -- /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040/CN=452881778/CN=2070600267/CN=1370745267 Original proxy -- /DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=Zdenek Sustr 4040 OK
Resolution of Linked Bugs
repeated proxy renewal crashes in WMS+LB EMI RC4 (81370)
- The fixed corrects an obvious bug in memory handling (an off-by-one error). It was verified that the crashes diseappeared after the update was installed on the watched WMS.
- Fix Certified
glite-proxy-renewald stop does not kill glite-renewd processes (81371)
- This problem was addressed both in code and in the start-up script. On a new version:
[root@delwin ~]# pidof glite-proxy-renewd 12379 12375 [root@delwin ~]# time /etc/init.d/glite-proxy-renewald restart Stopping ProxyRenewal Daemon: glite-proxy-renewd ... done Starting ProxyRenewal Daemon: glite-proxy-renewd ... done real 0m0.551s user 0m0.054s sys 0m0.344s [root@delwin ~]# pidof glite-proxy-renewd 12505 12501
- Also, to make doubly sure:
[root@delwin ~]# pidof glite-proxy-renewd 12063 12059 [root@delwin ~]# time /etc/init.d/glite-proxy-renewald stop Stopping ProxyRenewal Daemon: glite-proxy-renewd ... done real 0m0.280s user 0m0.038s sys 0m0.160s [root@delwin ~]# pidof glite-proxy-renewd [root@delwin ~]#
- Fix Certified
Proxy renewal fails: d2i_AC() failed (81902)
- The fix was verified by creating a VOMS proxy containing multiple VOMS ACs (issued by multiple VOMS servers) and checking that these ACs get renewed correctly.
[glite@delwin ~]$ voms-proxy-init -valid 0:40 -voms voce -voms dteam -key /tmp/usercred.p12 -cert /tmp/usercred.p12 Enter GRID pass phrase for this identity: Your identity: /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril Creating temporary proxy ................. Done Contacting voms1.egee.cesnet.cz:7001 [/DC=cz/DC=cesnet-ca/O=CESNET/CN=voms1.egee.cesnet.cz] "voce" Done Creating temporary proxy ........................ Done Contacting voms.hellasgrid.gr:15004 [/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr] "dteam" Done Creating proxy ......................................... Done Your proxy is valid until Tue Jun 21 13:03:31 2011 Error: verify failed. Cannot verify AC signature! [glite@delwin ~]$ voms-proxy-info -all subject : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril/CN=proxy issuer : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril identity : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril type : proxy strength : 1024 bits path : /tmp/x509up_u155 timeleft : 0:39:50 === VO voce extension information === VO : voce subject : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril issuer : /DC=cz/DC=cesnet-ca/O=CESNET/CN=voms1.egee.cesnet.cz attribute : /voce/Role=NULL/Capability=NULL timeleft : 0:39:48 uri : voms1.egee.cesnet.cz:7001 === VO dteam extension information === VO : dteam subject : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril issuer : /C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr attribute : /dteam/Role=NULL/Capability=NULL attribute : /dteam/NGI_NDGF/Role=NULL/Capability=NULL timeleft : 0:39:48 uri : voms.hellasgrid.gr:15004 [glite@delwin ~]$ REGISTERED_PROXY=`glite-proxy-renew -s localhost -f $ORIG_PROXY -j $JOBID start` [glite@delwin ~]$ voms-proxy-info -file $REGISTERED_PROXYsubject : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril/CN=proxy issuer : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril identity : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril type : proxy strength : 1024 bits path : /var/glite/spool/glite-renewd/09e9255305ffbbf9040848a598e62d79.0 timeleft : 0:22:12 [glite@delwin ~]$ sleep 600; voms-proxy-info -file $REGISTERED_PROXY -all subject : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril/CN=961526666/CN=1738948709/CN=267413524/CN=33474796 issuer : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril/CN=961526666/CN=1738948709/CN=267413524 identity : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril/CN=961526666/CN=1738948709/CN=267413524 type : RFC compliant proxy strength : 512 bits path : /var/glite/spool/glite-renewd/09e9255305ffbbf9040848a598e62d79.0 timeleft : 9:49:32 === VO voce extension information === VO : voce subject : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril issuer : /DC=cz/DC=cesnet-ca/O=CESNET/CN=voms1.egee.cesnet.cz attribute : /voce/Role=NULL/Capability=NULL timeleft : 11:49:31 uri : voms1.egee.cesnet.cz:7001 === VO dteam extension information === VO : dteam subject : /DC=cz/DC=cesnet-ca/O=Masaryk University/CN=Daniel Kouril issuer : /C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr attribute : /dteam/Role=NULL/Capability=NULL attribute : /dteam/NGI_NDGF/Role=NULL/Capability=NULL timeleft : 11:49:32 uri : voms.hellasgrid.gr:15004
- Fix Certified
Topic revision: r6 - 2011-06-24 - DanielKouril
- EGEE Web
- EGEE Web Home
- gLite
- ProductTeams
- SA3
- JRA1
- TMB
- EMT
- SA1
- SA2
- NA2
- NA4
- EGEE-UIG
- List of registered projects
- List of EGEE-RP interactions
- Changes
- Index
- Search
Main.WebList
 |
|
Copyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Ask a support question or Send feedback