TWiki>
LCG Web>LCGGridDeployment>LCGProductionServices>UpdateCrls (2007-06-20, DianaBosio)
EditAttachPDF
LCG Web>LCGGridDeployment>LCGProductionServices>UpdateCrls (2007-06-20, DianaBosio) EditAttachPDFAFS CRLs update
This is a description of how to manage CRL updates on CERN AFS in order to have them up-to-date for the CERN AFS UI, both for production and pre-production.Update of the CRL themselves
You need to login to lxplus with the service account (gdafsui) and issue a kerberos token as gdafsui (as opposed to your won account kerberos token).without log file
In the AFS space, with the service account's token one has to run the following acron job:[lxplus052] ~ > acrontab -l 45 2,8,14,20 * * * lxplus.cern.ch source /afs/cern.ch/project/gd/LCG-share/current/etc/profile.d/grid_env.sh; $INSTALL_ROOT/glite/sbin/fetch-crl --loc $X509_CERT_DIR --out $X509_CERT_DIR --no-check-certificateThis will send an e-mail to your account. If you wish to have a log file you should redirect the output accordingly. For instance, as described below.
with log file
In AFS, with the service account's token, run the following acronjob45 2,8,14,20 * * * lxplus.cern.ch source /afs/cern.ch/project/gd/LCG-share/current/etc/profile.d/grid_env.sh; $INSTALL_ROOT/glite/sbin/fetch-crl --loc $X509_CERT_DIR --out $X509_CERT_DIR --no-check-certificate 2>&1 | tee -a /afs/cern.ch/project/gd/LCG-share2/logs/afs-fetch_crl.log | Mail -s "cronjob output: fetch-crl log" XXX.YYY@cern.chThis will both send an e-mail to the address you specify (in this case XXX.YYY's address at CERN) and create a log file called afs-fetch_crl.log in the directory
/afs/cern.ch/project/gd/LCG-share2/logs
log file rotation
I have created a logrotate configuration file in the logs directory. In this way an acronjob for logrotation can be run from anyone's account, and rotate the logs once daily (so one log is one day worth of logs) and keep the last 14 logs (they are quite small). An example of the line to put in acrontab is0 0 * * * lxplus.cern.ch /usr/sbin/logrotate -s /afs/cern.ch/project/gd/LCG-share2/logs/logrotate.state /afs/cern.ch/project/gd/LCG-share2/logs/logrotate.diana.confThis will rotate the logs every day at midnight, and keep a state file in the same directory. -- Main.diana - 11 June 2007
Topic revision: r5 - 2007-06-20 - DianaBosio
LCG Wikis
- ABATBEA
- ACPP
- ADCgroup
- AEGIS
- AfricaMap
- AgileInfrastructure
- ALICE
- AliceEbyE
- AliceSPD
- AliceSSD
- AliceTOF
- AliFemto
- ALPHA
- Altair
- ArdaGrid
- ASACUSA
- AthenaFCalTBAna
- Atlas
- AtlasLBNL
- AXIALPET
- CAE
- CALICE
- CDS
- CENF
- CERNSearch
- CLIC
- Cloud
- CloudServices
- CMS
- Controls
- CTA
- CvmFS
- DB
- DefaultWeb
- DESgroup
- DPHEP
- DM-LHC
- DSSGroup
- EGEE
- EgeePtf
- ELFms
- EMI
- ETICS
- FIOgroup
- FlukaTeam
- Frontier
- Gaudi
- GeneratorServices
- GuidesInfo
- HardwareLabs
- HCC
- HEPIX
- ILCBDSColl
- ILCTPC
- IMWG
- Inspire
- IPv6
- IT
- ItCommTeam
- ITCoord
- ITdeptTechForum
- ITDRP
- ITGT
- ITSDC
- LAr
- LCG
- LCGAAWorkbook
- Leade
- LHCAccess
- LHCAtHome
- LHCb
- LHCgas
- LHCONE
- LHCOPN
- LinuxSupport
- Main
- Medipix
- Messaging
- MPGD
- NA49
- NA61
- NA62
- NTOF
- Openlab
- PDBService
- Persistency
- PESgroup
- Plugins
- PSAccess
- PSBUpgrade
- R2Eproject
- RCTF
- RD42
- RFCond12
- RFLowLevel
- ROXIE
- Sandbox
- SocialActivities
- SPI
- SRMDev
- SSM
- Student
- SuperComputing
- Support
- SwfCatalogue
- TMVA
- TOTEM
- TWiki
- UNOSAT
- Virtualization
- VOBox
- WITCH
- XTCA
 |
|
Copyright &© 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback