Reports were not received from:
> Tier-1 sites:
BNL; FNAL; IN2P3; NDGF; RAL
> VOs:
ATLAS; CMS; LHCb
* ALICE use of the SGM account
From Jeff Templon: One thing that ALICE needs to be aware of: the current
style of SGM mappings
{ entire SGM group } -> single SGM account
is migrating to a proper system where traceability is guaranteed by
having each SGM X.509 cert mapped to one of a pool of accounts belonging
to an SGM group (e.g. alicesgm). Permissions then need to handled as
group rather than as user. Support for this is being put into YAIM as
we speak and will be the default behavior.
I don't know if ALICE software expects a single user with name
"alicesgm" or handles things via user permissions instead of group
permissions. If so, either ALICE will have to change, or convince sites
that traceability is not necessary.
Finally, this sentence:
"reasons they need to be assigned to account with name [VOname][account],
then another [account] name should be chosen."
seems to suggest that ALICE, in order to keep the string "SGM" in the
account name, requires that all the other EGEE VOs change the SGM
account name to some other name. Surely I am misreading this