From:	Roberto Santinelli
Sent:	Monday, October 06, 2008 17:47
To:	John Shade; Steve Traylen
Subject:	gridmap file 

Hi John, Steve
 what I was referrintg at the ops meeting is the following:

each site supporting LHCb should have a configuration file for building 
gridmap files (unfortunately still used if VOMS mapping fails) that instead of 
looking as this /opt/edg/etc/edg-mkgridmap.conf (extracted from
ce111.cern.ch)

# LHCB
# Map VO members  (sgm)
group vomss://voms.cern.ch:8443/voms/lhcb?/lhcb/Role=lcgadmin lhcbsgm

# Map VO members  (prd)
group vomss://voms.cern.ch:8443/voms/lhcb?/lhcb/Role=production lhcbprd

# Map VO members  (root Group)
group vomss://voms.cern.ch:8443/voms/lhcb?/lhcb .lhcb

# LDAP lines for LHCB

for lhcb should only look like:

# LHCB

# Map VO members  (root Group)
group vomss://voms.cern.ch:8443/voms/lhcb?/lhcb .lhcb

# LDAP lines for LHCB

and gets rid any other super privileged mapping (sgm or prd).

The problem is that YAIM is not instructed to do that from group.conf file and 
a post-YAIM configuration function should be envisaged instead.
This is to avoid that re-running configuration with YAIM loses the manual 
changes on this configuration file for building the gridmap file.

I will put the requirement in the VO-Card and prompt sysadmin to comment on 
this requests and its feasibility.

Maarten will provide later today an example of post-configuration script that 
would allow to keep these modification on the grid mapfile configuration.

R.




--
************************************************
 Dr.Roberto Santinelli

 EUROPEAN LABORATORY FOR PARTICLE PHYSICS  IT Department - GS/EIS Team 
 Building: 28   Office: R-019
 Phone:    +41 22 767 1443
 Mobile:   +41 76 487 0443 (int. 16-0443)
 Fax:     +41 22 766 9214
 Email:    roberto.santinelli@cern.ch
 ICQ:      257963601
 Web:      http://santinel.web.cern.ch/santinel/
************************************************