Changes between Initial Version and Version 1 of gridmap-file-generator

Timestamp:

06/13/13 09:33:26 (11 years ago)

Author:

piontek

Comment:

--

gridmap-file-generator

@@ +1 @@
+The guide describes the procedure of installation and configuration of the gridmap-file-generator tool (PLGrid only). 
+
+* Create the ''qcg-dev'' group - this group is allowed to read the configuration and log files.
+{{{
+#!div style="font-size: 90%"
+{{{#!default
+groupadd -r qcg-dev
+}}}
+}}}
+ 
+* Install qcg grid-mapfile generator
+{{{
+#!div style="font-size: 90%"
+{{{#!default
+yum install qcg-gridmapfilegenerator
+}}}
+}}}
+
+* Configure gridmapfilegenerator - remember to change 
+ * url property to your local ldap replica
+ * search base
+ * filter expression
+ * security context
+{{{
+#!div style="font-size: 90%"
+{{{#!default
+vim  /opt/plgrid/qcg/etc/qcg-comp/plggridmapfilegenerator.conf 
+}}}
+}}}
+
+* Run the gridmapfile generator in order to generate gridmapfile now
+{{{
+#!div style="font-size: 90%"
+{{{#!default
+/opt/plgrid/qcg/sbin/qcg-gridmapfilegenerator.sh 
+}}}
+}}}
+
+After installing and running this tool one can find three files:
+ * /etc/grid-security/grid-mapfile.local - here you can put list of DNs and local unix account names that will be merged with data acquired from the local LDAP server
+ * /etc/grid-security/grid-mapfile.deny - here you can put list od DN's (only DNs!) that you want to deny access to the GridFTP server
+ * /etc/grid-security/grid-mapfile - the final gridmap file generated using the above two files and information available in local LDAP server. Do not edit this file as it is generated automatically!
+
+This gridmapfile generator script is run every 10 minutes. Moreover its issues  `su - $USERNAME -c 'true' > /dev/null`  for every new user that do not have yet home directory (thus triggering pam_mkhomedir if installed).