GT4- Prima WS insllation

 

-----------

Installation:

-----------

$pacman -get http://vdt.cs.wisc.edu/vdt_139_cache:PRIMA-GT4

 

--------------

Configuration:

--------------

 

-------------

#Sudoers file:

-----------

#If the sudoers file needs to be updated:

 

# This is how to do:(As root)

 

$ visudo -f /etc/sudoers

# sudoers file.

#

# This file MUST be edited with the 'visudo' command as root.

#

# See the sudoers man page for the details on how to write a sudoers file.

#

 

# Host alias specification

 

# User alias specification

 

# Cmnd alias specification

 

# Defaults specification

 

# User privilege specification

root    ALL=(ALL) ALL

globus  ALL=(ALL) ALL

 

#Adding GRAM entries

Runas_Alias GLOBUSUSERS = ALL

globus ALL=(ALL) NOPASSWD: ALL

 

# Uncomment to allow people in group wheel to run all commands

%globus        ALL=(ALL)       ALL

 

-----------------

THE ABOVE IS A MUST SPECIALLY THE GROUP ACCESS FOR GLOBUS

 

-----------------

#Default authz:

-------------

#The default authorization setting for the SecureCounterService is "self." To remedy, comment out the authz element in $GLOBUS_LOCATION/etc/globus_wsrf_core_samples_counter/security-config.xml, and restart the container to test.

 

-------------------------------

#To see logging/Debugging info for OSGAuthorization:

-------------------------------

#Edit the file $GLOBUS_LOCATION/container-log4j.properties

 

# Add the following contents:

log4j.category.org.opensciencegrid.authz.gt4=DEBUG

log4j.category.org.globus.wsrf.impl.security.authentication.wssec.WSSecu

rityEngine=DEBUG

 

-------------------------

#Editing the authz value:

--------------------------

#Substitute "<authz value="gram:org.globus.workspace.QueryPDP"/>"

#for the pre-existing "<authz value="gridmap"/>" entry in the following

#three files (relative to $GLOBUS_LOCATION/):

#

        $GLOBUS_LOCATION/etc/globus_delegation_service/factory-security-config.xml

        $GLOBUS_LOCATION/etc/globus_wsrf_rft/factory-security-config.xml

        $GLOBUS_LOCATION/etc/gram-service/managed-job-factory-security-config.xml

 

#with this value:

 

<authz value="osg:org.opensciencegrid.authz.gt4.OSGAuthorization"/>

 

 

---------------

HOST/Service/Server configuration

----------------

 

in /root get the hostcert.pem,hostkey.pem to the /root/.globus/ directory

rename the hostcert.pem and hostkey.pem as usercert.pem and userkey.pem

 

and run grid-proxy-init to see this x509up_u0