However, we managed it except that I blew away the glite user from the WMS in the process and the .certs and .globus certificates required to run the WMS. After replacing them everything worked fine or so I thought. Recently we received reports that the myproxy renewal was not working and as it transpired the /home/glite/.certs/hostkey.pem and /home/glite/.certs/hostcert.pem must be owned by the glite user and not root for the renewal process to work! One to watch!
Tuesday, September 22, 2009
wms myproxy renewal wobbles
During our recent reconfiguration to SL5 we also re-wrote our user account generation script from perl to python. Well Graeme did actually. So now its very easy to understand and extend. A consequence of this was that we created a new directory in /home for each user to keep things neat and tidy. This necessitated the recreation of all home directories across the cluster. A task fraught with danger.
However, we managed it except that I blew away the glite user from the WMS in the process and the .certs and .globus certificates required to run the WMS. After replacing them everything worked fine or so I thought. Recently we received reports that the myproxy renewal was not working and as it transpired the /home/glite/.certs/hostkey.pem and /home/glite/.certs/hostcert.pem must be owned by the glite user and not root for the renewal process to work! One to watch!
However, we managed it except that I blew away the glite user from the WMS in the process and the .certs and .globus certificates required to run the WMS. After replacing them everything worked fine or so I thought. Recently we received reports that the myproxy renewal was not working and as it transpired the /home/glite/.certs/hostkey.pem and /home/glite/.certs/hostcert.pem must be owned by the glite user and not root for the renewal process to work! One to watch!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment