gLite > gLite 3.0 > Updates  
 

 

 
gLite 3.0 updates

As of May 1st 2009 gLite 3.0 is no longer supported.


The CHANGELOG for the updates to the release notes can be found here.

04.02.2009 - 3.0.2 Update 45

 
Description
This update contains a new version of the lcg-vomscerts rpm.
lcg-RB, glite-VOBOX, glite-WMS
lcg-vomscerts-5.3.0:
  • next cert for cclcgvomsli01.in2p3.fr (biomed + egeode);
  • next cert for vo.racf.bnl.gov (atlas);
  • cert for voms.fnal.gov (cms).
Due to the fact that gLite 3.0 will be no longer supported soon, the release process has been kept to a minimum. This means that the metapackage versions hasn't been updated. For more details, please check patch 2752 for RB and VOBOX, and patch 2753 for WMS.

In order to manually install the updated rpm run: yum update lcg-vomscerts

02.10.2008 - 3.0.2 Update 44

 
Description
This update contains the following update. Please see below for the individual service updates.

VOMSCERT

lcg-vomscerts-5.1.0:
  • added next cert for voms.cern.ch
  • added cert for voms-pilot.cern.ch
  • removed cert for voms-test.cern.ch
  • removed old cert for vo.racf.bnl.gov
glite-FTA
A new version of glite-data-transfer-url-copy fixes bug #33528

NOTE: Due to technical reasons the detailed release pages for the affected services are not published and the metapackage versions have not been updated.
In order to retrieve the updated packages manually you could update manually:
vomscerts update:yum update lcg-vomscerts
glite-FTA_oracle update:yum update glite-data-transfer-url-copy


Service updates
Priority Service Version Details
Normal glite-SE_classic 3.0.25-0 No Details
Normal glite-VOBOX 3.0.40-0 No Details
Normal lcg-RB 3.0.24-0 No Details
Normal glite-WMS 2.4.9-0 No Details
Normal glite-WMSLB 2.4.28-0 No Details
Normal glite-FTA 3.0.25-0 No Details

22.05.2008 - 3.0.2 Update 43

 
Description
This update contains the following update. Please see below for the individual service updates.

VOMSCERT

lcg-vomscerts-5.0.0 adds the next certificate for ATLAS VOMS server vo.racf.bnl.gov (the current certificate expires on June 12), and removes the old certificate for lcg-voms.cern.ch.

Service updates
Priority Service Version Details
Normal glite-SE_classic 3.0.25-0 Details
Normal glite-VOBOX 3.0.40-0 Details
Normal lcg-RB 3.0.24-0 Details
Normal glite-WMS 2.4.9-0 Details
Normal glite-WMSLB 2.4.28-0 Details

18.04.2008 - 3.0.2 Update 42

 
Description
This update contains the following updates/bug fixes. Please see below for the individual service updates.

FTS

Fix for bug #33528 FTS: change the gridFTP session handling so that the copy and getFileSize are done in the same session

VOMSCERT

lcg-vomscerts-4.9.0 adds next cert for lcg-voms.cern.ch, removes old cert for cclcgvomsli01.in2p3.fr, and improves the file modes from 755 to 644.

Service updates
Priority Service Version Details
High glite-CE 2.4.44-0 Details
High glite-FTA_oracle 3.0.19-0 Details
High glite-FTS_oracle 3.0.24-0 Details
High glite-SE_classic 3.0.24-0 Details
High glite-VOBOX 3.0.39-0 Details
High glite-WMS 2.4.8-0 Details
High glite-WMSLB 2.4.27-0 Details
High lcg-RB 3.0.23-0 Details

19.03.2008 - 3.0.2 Update 41

 
Description
This update contains the following updates/bug fixes. Please see below for the individual service updates.

FTS

Fix of Bug 33148: Error in srmGetSpaceTokens in SRM copy push transfers.

Service updates
Priority Service Version Details
Normal glite-FTA_oracle 3.0.18-0 Details
Normal glite-FTS_oracle 3.0.23-0 Details
Normal glite-VOBOX 3.0.38-0 Details

04.03.2007  3.0.2 Update 40

 
Description

This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.

WMS / LB


The missing dependency on lcg-schema has been added to the glite-WMS metapackage.

YAIM module for 3.0 WMS to fix the bug of limit on uid for gridftp server.

lcg-vomscerts


lcg-vomscerts-4.8.0 adds next cert for biomed + egeode and removes expired certs for voms.cern.ch and voms-test.cern.ch


Service updates
Priority Service Version Details
High glite-CE 2.4.43-0 Details
High glite-LB 2.3.5-0 Details
High glite-LFC_mysql 3.0.23-0 Details
High glite-LFC_oracle 3.0.16-0 Details
High glite-SE_classic 3.0.23-0 Details
High glite-SE_dpm_disk 3.0.29-0 Details
High glite-SE_dpm_mysql 3.0.30-0 Details
High glite-SE_dpm_oracle 3.0.22-0 Details
High glite-VOBOX 3.0.37-0 Details
High glite-WMS 2.4.7-0 Details
High glite-WMSLB 2.4.26-0 Details
High lcg-CE_torque 3.0.23-0 Details
High lcg-CE 3.0.23-0 Details
High lcg-RB 3.0.22-0 Details

25.01.08 - 3.0.2 Update 39

 
Description

This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.

FTS / FTA


Patch for volatile files to fix the transfer of file to permanent space.

LFC


Release of LCG-DM v1.6.8-1
  • add new bulk method for LHCb
  • add new bulk methods for Atlas

APEL


Fix of publisher configuration template typo.

Service updates
Priority Service Version Details
Normal glite-CE 2.4.42-0 Details
Normal glite-FTA_oracle 3.0.17-0 Details
Normal glite-FTS_oracle 3.0.22-0 Details
Normal glite-LFC_mysql 3.0.22-0 Details
Normal glite-LFC_oracle 3.0.15-0 Details
Normal glite-MON_e2emonit 3.0.23-0 Details
Normal glite-MON 3.0.23-0 Details
Normal glite-SE_dpm_disk 3.0.28-0 Details
Normal glite-SE_dpm_mysql 3.0.29-0 Details
Normal glite-SE_dpm_oracle 3.0.21-0 Details
Normal glite-VOBOX 3.0.36-0 Details
Normal lcg-CE_torque 3.0.22-0 Details
Normal lcg-CE 3.0.22-0 Details
Normal lcg-RB 3.0.21-0 Details

14.01.08 - 3.0.2 Update 38

 
Description
This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.
YAIM

This release of YAIM fixes multiple bugs and releases YAIM core for 3.0 containing new YAIM modules for 3.0:
  • E2EMONIT
  • RB
  • SE Classic
  • MON box
  • torque-client
  • torque-server
  • torque-utils
  • lcg-CE
New Features:
  • YAIM 4.0.1 offers now the following new options:

    • -- explain : Doesn't perform configuration but explains what the functions are doing by printing out the comments found inside them.
    • -- available : Prints out the available configuration targets.
    • -- debug : defines a loglevel, which overwrites the value of YAIM_LOGGING_LEVEL defined in site-info.def. Values: 1-7
  • A warning message is printed out when the glite-CE configuration is called. This version of yaim does no longer configure the glite-CE since it's not deployed in production.
  • Special comments have been added to most functions to allow for the 'explain' option of the yaim command.
  • Only SE_castor is now configurable from node-info.def. All the other node types distribute their configurations in the corresponding yaim module.
  • GLITE_LOCATION_VAR, GLITE_LOCATION_LOG and GLITE_LOCATION_TMP are now defined by default in site-info.post
  • convert_fqan is now safe against FQANs having no leading "/"
  • config_initd has been improved
  • Added support in config_mkgridmapdir to read grid/groupmapfile from env variables defined in <node-type>.pre
  • config_gip_scheduler_plugin is now part of core again since it was distributed within the yaim-lcg-ce module and it's also needed by the cream CE.
  • New function config_gip_service_release that should be now called by all the yaim modules.
  • config_globus_gridftp is moved to yaim core from yaim-lcg-ce since it is used by lcg CE and VOBOX.
  • In bin/yaim, yaimlog is improved to deal with long messages and multiple line log entries.
  • Path to yaim man pages (man yaim is now available).
  • Utility function "start_mysql" (instead of two different ones start_mysql and start_mysql_30).
  • APEL_HOME is now part of the RGMA client environment. edg-rgma-env.(c)sh has been removed.
  • config_vomses function has been improved. It does no longer create the vomses file in the edg location.
  • 'requires' also works to refer to VO parameters affecting more than one VOs. It also works for DNS-like VO names. The syntax is VO__<parameter_name>, i.e. VO__VOMSES.
  • glite_location_log given a correct value in site-info.post.
  • config_gip has been modified for LFC depending on glite 3.0 or 3.1.
  • config_vomsmap and config_glite_locallogger have been modified to work with cream CE.
  • New config_vomsdir
    Please, note that the new config_vomsdir function creates a the vomsdir directory with a set of subdirectories per supported VO, that contain a .lsc file per supported VOMS server. Make sure that the DNs of the supported VOMS server are correct since once this new structure is in place, the host certificate file of the VOMS server, if still present in vomsdir, will be ignored.

    The config_vomsdir function is now distributed in core but not yet included in any node type function list. This will be included in future releases of the different YAIM modules.
  • gt4 voms proxies

    In order to be able to get gt4 voms proxies, the VOMSES parameter has been modified in site-info.def for the LHC and biomed VOs. For other VOs interested in allowing the creation of gt4 proxies (--rfc option of the voms-proxy-init command), please add the gt version of the VOMS server in the VOMS parameter ("22" for gt 2.2, "24" for gt 2.4 and "40" for gt 4).
  • The TORQUE clients are now distributed in its own yaim module called glite-yaim-torque-clients. The way to configure the TORQUE clients is:

    yaim -c -s site-info.def -n glite-WN -n TORQUE_client
Removed features:
  • config_glite_env just now deletes the old /etc/profile.d/gliteenv.sh since now all the environment should be defined in grid-env.sh
  • config_gip_scheduler_plugin is now distributed in yaim lcg-CE
  • In configure_node: node type combination checking deleted
site-info.def changes:
  • The following variables have been removed from site-info.def: RB_RLS
  • The following variables are new in site-info.def: DPM_INFO_USER and DPM_INFO_PASS
  • Variable SITE_HTTP_PROXY is commented out by default in site-info.def.
  • Fix for bug #29403 where variable BATCH_LOG_DIR is defined again in site-info.def instead of BATCH_SPOOL_DIR.
  • The default value of BDII_HTTP_URL has changed to http://lcg-bdii-conf.cern.ch/bdii-conf/bdii.conf and a comment has been included to check that the URL is actually correct.
  • LHC and biomed VOs have now a "24" field in the VO_<vo_name>_VOMSES parameter to specify the globus version running in the VOMS server and to be able to get gt4 voms proxies.
YAIM for LB:

  • LCG job monitoring is enabled
  • LB service is published.
YAIM for lcg-CE:
  • The yaim configuration for the batch system's servers is now present also in separated modules.
  • To configure the lcg CE with the TORQUE batch system:
    ./yaim -c -s your-site-info.def -n lcg-CE -n TORQUE_utils -n TORQUE_server
  • In case the TORQUE server is running in a remote host:
    ./yaim -c -s your-site-info.def -n lcg-CE -n TORQUE_utils
  • In order to apply the fix for bug #30056, the following reconfiguration needs to be applied:

    ./yaim -r -s site-info.def -n lcg-CE -f config_gip_scheduler_plugin -f config_gip_sched_plugin_pbs

YAIM for R-GMA:

  • Addition of new variable in services/glite-mon: APEL_PUBLISH_USER_DN
    If it is set to yes, it will enable UserDN encryption. The default is no. The config_apel_rgma function has been modified to be able to set up the new variable in the configuration file of the APEL publisher.
  • Addition of new variable in services/glite-mon:GIN_BDII
    If this is set to yes it will configure GIN to use the site BDII to populate the Glue tables in R-GMA. If set to no it will use the fmon to populate the tables. Default is yes.
  • RGMA_HOME is set in the CATALINA_OPTS and is for future use when it is removed from the web.xml configuration file supplied with the server war file. Also added -Dsun.net.inetaddr.ttl=1800 which alters the DNS caching behaviour of the server. Currently the DNS lookups are disabled by default for java applications this parameter sets the caching time to 30 mins and will mean that services do not need to be restarted when DNS changes are made they will automatically pick these up when they have been propagated to local DNS servers.
  • config_rgma_server has been modified to fix bug #24590.
YAIM for WMS:
    It is possible to add the DN of users into

       /opt/glite/etc/glite_wms_wmproxy.gacl

    on WMS nodes, thus they can use grid proxy for WMS. In order to do this, please define a variable, USERS_DN_WMS, in site-info.def as USERS_DN_WMS="'DN1' 'DN2' 'DN3' ....."
Known issues:
  • Fix for bug #27146 -> The implemented fix is not very clean and it will be improved in a future release. Read the bug comments for more details.
  • Fix for bug #29403 -> Although BATCH_LOG_DIR has been reintroduced in site-info.def, it is not mentioned in any 'requires'. This has to be fixed.
WMS / LB

Fixes of missing dependencies of the glite-WMS and glite-LB metapackages as well as update of RPMs to their latest version used in the glite 3.0 repository.

Since a lot of new packages will be installed, apt-get dist-upgrade is required for upgrading.

Multiple bug fixes - besides others:
  • Avoid that a collection with pending jobs is processed multiple times
  • A job can be resubmitted to a CE where it previously failed, if no other compatible CE is available
  • Globus GSS library does not reset SSL error stack (breaking OpenSSL specification) before calling SSL routines in gss_unwrap() implementation, yielding a random false error triggered by various conditions (e.g. expired, actually unused proxy credential file on disk, missing certificate of VOMS server etc.). The bug was reported to globus as http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=5453  and it should be fixed in VDT-1.6.1 soon. This part of the patch is a safe workaround, though.
  • Update lcg-mon-job-status to include new UI field. This update enables the UI host for submission to be published in to R-GMA
  • LB library used to keep a connection to LB proxy opened as long as the LB context is kept. With higher load the number of open contexts in WMS may raise to thousands, exhausting available fd's. On the other hand, keeping them open is useless, LB proxy is able to serve 10 simultaneous connections only.

    This update forces closing the connection after each operation, releasing the fd. The associated performance impact (when multiple requests could be served over a single connection) is negligible, as the LB proxy connection goes via Unix socket.
MON box

Updated lcg-service-proxy.
VOBOX

New tool added to renew proxies with VOMS extension via the myproxy server. This is a tool to renew voms proxies via myproxy server, calling the command myproxy-get-delegation and later calling the command voms-proxy-init to renew also the VOMS extension. Plain grid proxies also can be renewd, and a VOMS extension can be associated to them, so that they are converted into VOMS proxies.
FTS / FTA / FTM

The FTS, FTA and FTM service node types now include a utility sd2cache. This is a daily cron to maintain your /opt/glite/etc/services.xml file. Previously this was done with the make-service.sh script available from the TWiki. This is just a packaged and released version of that script.

The cron is configured by the file

   /opt/glite/etc/glite-sd2cache-cron.conf

which will be set up by yaim if using yaim.

In addition the dependencies of the metapackage glite-FTS_oracle have been corrected:
  • wrong dependency on glite-BDII has been corrected to bdii
  • unnecessary dependency on openldap-alt has been removed
DPM
  • New DPM Python interface
  • Upgrade from gSOAP 2.6.2 to 2.7.6b
  • updated YAIM scripts for YAIM v4
VOMS API/client

Update to voms 1.7.24 and gSOAP 2.7.

Service updates
Priority Service Version Details
Normal glite-BDII 3.0.8-0 Details
Normal glite-CE 2.4.41-0 Details
Normal glite-FTA_oracle 3.0.16-0 Details
Normal glite-FTS_oracle 3.0.21-0 Details
Normal glite-LB 2.3.4-0 Details
Normal glite-LFC_mysql 3.0.21-0 Details
Normal glite-LFC_oracle 3.0.14-0 Details
Normal glite-MON_e2emonit 3.0.22-0 Details
Normal glite-MON 3.0.22-0 Details
Normal glite-PX 3.0.19-0 Details
Normal glite-SE_classic 3.0.22-0 Details
Normal glite-SE_dcache_admin_gdbm 3.0.9-0 Details
Normal glite-SE_dcache_admin_postgres 3.0.9-0 Details
Normal glite-SE_dcache_pool 3.0.9-0 Details
Normal glite-SE_dpm_disk 3.0.27-0 Details
Normal glite-SE_dpm_mysql 3.0.28-0 Details
Normal glite-SE_dpm_oracle 3.0.20-0 Details
Normal glite-VOBOX 3.0.35-0 Details
Normal glite-VOMS_mysql 3.0.16-0 Details
Normal glite-VOMS_oracle 3.0.16-0 Details
Normal glite-WMS 2.4.6-0 Details
Normal glite-WMSLB 2.4.25-0 Details
Normal lcg-CE_torque 3.0.21-0 Details
Normal lcg-CE 3.0.21-0 Details
Normal lcg-RB 3.0.20-0 Details

28.11.07 - 3.0.2 Update 37

 
Description
This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.
MySQL server/client update

This update fixes several security issues for MySQL. It contains the upgrade to the latest available version of MySQL 4.1 series (4.1.22). Please refer to the MySQL release notes on www.mysql.org for detailed information about the changes.

Updated Torque and Maui

It is expected that this torque (2.1.9-4) will work with the previous EGEE released version (2.1.6-1cri_sl3_2st) if it is convenient to be deployed or installed in a mixed version mode of pbs_server, pbs_mom or client commands.

The new version of Maui (3.2.6p19-4) is built with a shared key across all the architectures. This was not previously the case and all builds had their own random key. Subsequently a 32bit build of maui-client will now talk to a 64bit build of maui-server.

After install, please verify that pbs_server, pbs_mom and maui have been restarted everywhere. Usual service pbs_mom restart should be used for the pbs_mom restarts.

Workaround required: /var/spool/maui/maui.cfg permissions should be 0644.

Along with patch #1384 (already in production), this release completes the fix for the following advisory;

https://www.gridpp.ac.uk/gsvg/advisories/advisory-29551.txt

FTS Cancellation

This release contains fixes (see bugs #29390, #29226, #28583) and updates (for example, MaxFilesToCancel configuration parameter added for channel actions) for the FTS cancellation method.



Service updates
Priority Service Version Details
High glite-CE 2.4.40-0 Details
High glite-FTA_oracle 3.0.15-1 Details
High glite-FTS_oracle 3.0.20-0 Details
High glite-LB 2.3.2-2 Details
High glite-LFC_mysql 3.0.20-0 Details
High glite-MON_e2emonit 3.0.20-1 Details
High glite-MON 3.0.20-1 Details
High glite-SE_dpm_mysql 3.0.27-0 Details
High glite-UI 3.0.28-0 Details
High glite-VOBOX 3.0.34-0 Details
High glite-VOMS_mysql 3.0.15-0 Details
High glite-WMS 2.4.4-2 Details
High glite-WMSLB 2.4.24-0 Details
High glite-WN 3.0.28-0 Details
High lcg-CE_torque 3.0.19-1 Details
High lcg-CE 3.0.19-1 Details
High lcg-RB 3.0.19-1 Details

12.11.07 - 3.0.2 Update 36

 
Description
This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.
lcg-vomscerts update

lcg-vomscerts-4.7.0 adds next certificates for voms.cern.ch and voms-test.cern.ch. The current certificates expires on November 20th 2007.
glite-WMS / glite-LB / glite-WMSLB
 
The incorrect repository location of the rpm mod_fastcgi-2.4.3-1.slc3.i386.rpm has been corrected from RPMS.Release3.0 to RPMS.externals. Please update your APT cache.
 
Service updates
Priority Service Version Details
High glite-CE 2.4.39-0 Details
High glite-LB 2.3.2-1 Details
High glite-LFC_mysql 3.0.19-0 Details
High glite-LFC_oracle 3.0.13-0 Details
High glite-SE_classic 3.0.21-0 Details
High glite-SE_dpm_disk 3.0.26-0 Details
High glite-SE_dpm_mysql 3.0.26-0 Details
High glite-SE_dpm_oracle 3.0.19-0 Details
High glite-UI 3.0.27-0 Details
High glite-VOBOX 3.0.33-0 Details
High glite-WMS 2.4.4-1 Details
High glite-WMSLB 2.4.23-0 Details
High glite-WN 3.0.27-0 Details
High lcg-CE_torque 3.0.19-0 Details
High lcg-CE 3.0.19-0 Details
High lcg-RB 3.0.19-0 Details

31.10.07 - 3.0.2 Update 35

 
Description
This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.
APEL Update

This APEL update addresses corruption of the sites SpecRecords table which can affect join queries when multiple ClusterIDs are found in the site BDII (critical bug #25430). The LSF log processor was skipping event records which had a non-zero exit return status. In addition, the RGMA Consumer query was updated to comply with the RGMA recommendations of a resilient consumer.

Further information: Known issue: After reconfiguration on the MON box, the file /opt/glite/etc/glite-apel-publisher/publisher-config-yaim.xml will contain a typo - inspectTable should be inspectTables. Please edit the file appropriately. A fix (to the template file in the glite-apel-publisher rpm) will be made available.
GIN Update

GIN has been updated not to call GIP directly, but to use site ldap servers. Please note that GIN should now only run on the MON box. On nodes other than the MON box, the glite-rgma-gin rpm should be removed manually.
YAIM 4

YAIM 4.0.0 is a release without any important functionality changes, but it fixes bugs found in the YAIM 3.1.1 release. The most relevant changes are:
  • Configuration of the new glite-info-generic rpm.
  • New site-info.def variable SITE_BDII_HOST.
  • users.conf example files includes pool accounts for sgm and prd users.
  • Removal of lcgenv.(c)sh file. Instead, the environment variables created there are now available in grid-env.(c)sh.
  • In the VOBOX, the function config_vobox, should contain a 'break' instead of an 'exit' in line 61.
  • GLOBUS_TCP_PORT_RANGE needs to be edited manually in the form of "num1,num2" for VDT versions 1.6, or "num1 num2" for VDT versions < 1.6. This will be automatically done in the next YAIM release. (Reported as bug #29878.)
Please, check the YAIM 4 guide for more details: https://twiki.cern.ch/twiki/bin/view/LCG/YaimGuide400
-- Advice:

It is advised to verify the consistency between the accounts listed
in YAIM's users.conf, /etc/passwd and /etc/grid-security/gridmapdir.

Accounts that should no longer be used should only be removed when
the service is in scheduled downtime and activity has drained.

To clean up /etc/grid-security/gridmapdir the following procedure
should be applied:

1. cd /etc/grid-security/gridmapdir

2. For any unwanted account name file "abc123" run this command:

        ls -li abc123

3. If the link count is 1, the file can be removed.

4. If the link count is 2, note the inode number of the file and
   run this command:

        ls -li | awk '$1 == inode_number'

   For example:

        ls -li | awk '$1 == 2467912'

   That will report 2 files: the unwanted account name file and
   the file whose name contains '%' characters and represents
   the user mapped to the account. Both must be removed.
glite-info-generic

New version of the glite-info-generic including a fix for the plug-in precedence problem, which was found during certification. Plug-in values are now merged for each plug-in. This avoids the problem of one plug-in taking precedence over another if they are both providing values for the same entry.
LB Client

Newer LB server versions may return events that older client versions do not understand. This fix makes clients to ignore these events rather than to crash. In particular, this occurs when gLite 3.0 client is used to query gLite 3.1 job collections.
Other Updates

The incorrectly removed dependency on lcg-version has been re-added to the glite-UI and glite-WN metapackages.


Service updates
Priority Service Version Details
Normal glite-BDII 3.0.7-0 Details
Normal glite-CE 2.4.38-0 Details
Normal glite-FTA_oracle 3.0.15-0 Details
Normal glite-FTS_oracle 3.0.16-2 Details
Normal glite-LFC_mysql 3.0.18-0 Details
Normal glite-LFC_oracle 3.0.12-0 Details
Normal glite-MON_e2emonit 3.0.20-0 Details
Normal glite-MON 3.0.20-0 Details
Normal glite-PX 3.0.18-0 Details
Normal glite-SE_classic 3.0.20-0 Details
Normal glite-SE_dcache_admin_gdbm 3.0.8-0 Details
Normal glite-SE_dcache_admin_postgres 3.0.8-0 Details
Normal glite-SE_dcache_pool 3.0.8-0 Details
Normal glite-SE_dpm_disk 3.0.25-0 Details
Normal glite-SE_dpm_mysql 3.0.25-0 Details
Normal glite-SE_dpm_oracle 3.0.18-0 Details
Normal glite-UI 3.0.26-0 Details
Normal glite-VOBOX 3.0.32-0 Details
Normal glite-WN 3.0.26-0 Details
Normal lcg-CE_torque 3.0.18-0 Details
Normal lcg-CE 3.0.18-0 Details
Normal lcg-RB 3.0.18-0 Details

13.09.07 - 3.0.2 Update 34

 
Description

This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.
New WMS/LB
 
A new WMS/LB version ('3.1') containing important changes and enhancements.

The release notes can be found at:

  https://twiki.cern.ch/twiki/bin/view/EGEE/Glite30WMSCHKPTProd

This version contains
  • Reimplementation of collections
  • Many bug fixes and internal enhancements resulting in enormously improved stability
  • The Network Server has been removed from this release as it is no longer supported by JRA1.
  • Yaim/bash configuration
  • LB
    • support for job collections
      • follows WMS development
      • collection itself is not traced once split up into jobs,
      • collection state is computed from aggregate subjob state only
    • transparent connection handling in LB library
      • regardless of creating and destroying LB library context, connections to LB server and local logger are cached
      • saves re-initializing SSL connections, improving performance considerably
    • support for Job Provenance
      • old, inactive jobs in LB should be purged to avoid ever-growing job database
      • data on purged jobs can be stored in JP service which is optimized for long-term storage and historic queries
    • performance and robustness improvements
      • fixes of bugs (mostly race conditions and bottlenecks) found in testing under higher load imposed by gLite 3.1 WMS
This new version has been built for SL3/VDT1.2 and thereby is being released as an update to gLite 3.0. The codebase is commonly referred to as '3.1', so you will hear this version of the WMS/LB referred to as '3.1'. It is the 3.1 WMS/LB for gLite 3.0. Work is currently ongoing to prepare the 3.1 WMS/LB for gLite 3.1 (ie SL4/VDT1.6).
lcg-vomscerts

The new version of the lcg-vomscerts package adds the host certificate of the US-ATLAS VOMS server (vo.racf.bnl.gov) and removes the old certificate of lcg-voms.cern.ch that has expired.
DPM GIP plugin

The updated version of the DPM GIP plugin provides among others the following improvements:
  • Optimised SQL query speeds up plugin by approximately 10x. (Credit to Lana Abadie)
  • Fixed problem with parsing DNS style VO names (also allowing for "-" in name).
  • Fixed problem with parsing pool names (reported as bug #21273).
Other updates

The incorrect dependencies on the CASTOR client in the glite-UI and glite-WN metapackages have been removed. However, performing an update of the metapackage will not automatically remove the CASTOR client rpm. If the CASTOR client rpm is not needed, it should be removed as a manual step. On a clean installation the rpm will no longer be installed.



Service updates
Priority Service Version Details
Normal glite-CE 2.4.37-0 Details
Normal glite-LB 2.3.2-0 Details
Normal glite-LFC_mysql 3.0.16-3 Details
Normal glite-LFC_oracle 3.0.10-3 Details
Normal glite-SE_classic 3.0.19-0 Details
Normal glite-SE_dpm_disk 3.0.24-0 Details
Normal glite-SE_dpm_mysql 3.0.24-0 Details
Normal glite-SE_dpm_oracle 3.0.17-0 Details
Normal glite-UI 3.0.25-0 Details
Normal glite-VOBOX 3.0.31-0 Details
Normal glite-WMS 2.4.4-0 Details
Normal glite-WMSLB 2.4.22-0 Details
Normal glite-WN 3.0.25-0 Details
Normal lcg-CE_torque 3.0.17-0 Details
Normal lcg-CE 3.0.17-0 Details
Normal lcg-RB 3.0.17-0 Details

28.08.07 - 3.0.2 Update 33

 
Description
This update contains a YAIM update affecting only DPM mysql, DPM oracle and SE classic components. The update should be released and deployed before end of August due to a related bug (a cron job that might not work after August). As a result, because the core YAIM component has been updated, new versions of many other metapackages are released as well without any changes to their functionality. See the full list below.

The following commands need to be executed to make sure the fix is applied in the affected node types:

DPM mysql:
./yaim -r -s site-info.def -n SE_dpm_mysql -f config_DPM_se

DPM oracle:
./yaim -r -s site-info.def -n SE_dpm_oracle -f config_DPM_se

SE classic:
./yaim -r -s site-info.def -n SE_classic -f config_seclassic


Service updates
Priority Service Version Details
Normal glite-BDII 3.0.6-0 Details
Normal glite-CE 2.4.36-0 Details
Normal glite-FTA_oracle 3.0.14-0 Details
Normal glite-FTS_oracle 3.0.16-1 Details
Normal glite-LB 2.2.20-0 Details
Normal glite-LFC_mysql 3.0.16-2 Details
Normal glite-LFC_oracle 3.0.10-2 Details
Normal glite-MON_e2emonit 3.0.19-0 Details
Normal glite-MON 3.0.19-0 Details
Normal glite-PX 3.0.17-0 Details
Normal glite-SE_classic 3.0.18-0 Details
Normal glite-SE_dcache_admin_gdbm 3.0.7-0 Details
Normal glite-SE_dcache_admin_postgres 3.0.7-0 Details
Normal glite-SE_dcache_pool 3.0.7-0 Details
Normal glite-SE_dpm_disk 3.0.23-0 Details
Normal glite-SE_dpm_mysql 3.0.23-0 Details
Normal glite-SE_dpm_oracle 3.0.16-0 Details
Normal glite-UI 3.0.24-2 Details
Normal glite-VOBOX 3.0.30-0 Details
Normal glite-WMS 2.3.30-0 Details
Normal glite-WMSLB 2.4.21-0 Details
Normal glite-WN 3.0.24-2 Details
Normal lcg-CE_torque 3.0.16-0 Details
Normal lcg-CE 3.0.16-0 Details
Normal lcg-RB 3.0.16-0 Details

22.08.07 - 3.0.2 Update 32

 
Description
This release fixes a security vulnerability for the DPM server. The release priority has been set to High.

Please read the advisory here:

                http://www.gridpp.ac.uk/gsvg/advisories/advisory-28462.txt

All DPM nodes should be upgraded immediately.


For the services that are marked as 'Normal update' (LFC, UI, WN, VOBOX, RB) this updates only contains updated RPMs to align the Data Management RPM versions with the DPM security update. For these nodes there is no functionality or code change.
Grid Security Vulnerability Group - Advisory

Topic Creating or (re)placing directories without permission checks
Date 2007-08-15
ID Grid Vulnerability Savannah bug #28462
Background The Disk Pool Manager (DPM) has been developed as a lightweight solution for disk storage management. The DPM offers a modified version of the Globus gridftp daemon for data access.
Vulnerability Details In some circumstances it is possible for an authenticated user to create directories or create/replace files without permission checks.
Grid Security Vulnerability Group Response The Grid Security Vulnerability Group considers this issue to be 'High' risk, and recommends that all sites upgrade the relevant components as soon as possible.
Precautionary measures or checks The only way other than by upgrading to ensure that this cannot be exploited is to stop gridftp and rfiod on the DPM server and disk pool nodes.
Credit This vulnerability was initially reported by Kostas Georgiou and Greig Cowan.
Service updates
Priority Service Version Details
Normal glite-LFC_mysql 3.0.16-1 Details
Normal glite-LFC_oracle 3.0.10-1 Details
High glite-SE_dpm_disk 3.0.22-0 Details
High glite-SE_dpm_mysql 3.0.22-0 Details
High glite-SE_dpm_oracle 3.0.15-0 Details
Normal glite-UI 3.0.24-1 Details
Normal glite-VOBOX 3.0.29-0 Details
Normal glite-WN 3.0.24-1 Details
Normal lcg-RB 3.0.15-0 Details

20.08.07 - 3.0.2 Update 31

 
Description
This update contains multiple updates and bug fixes in various areas. Please see below for the individual service updates.
YAIM

This release contains a new version of YAIM. YAIM 3.1.1 will configure gLite 3.0 and gLite 3.1 services and clients. The main feature of the new YAIM is its modularity. There will be a yaim core module, a yaim client module and different yaim modules for each gLite service. In the first release not all the services have been splitted in a new module and therefore they are part of yaim core. The idea for upcoming releases is to have a full modular version. More details can be found at:

https://twiki.cern.ch/twiki/bin/view/LCG/YaimGuide311

The first YAIM 3.1.1 release is a merge of yaim 3.0.1-22 and yaim 3.1.0 (for UI and WN). The new yaim will allow to configure all gLite 3.0 and gLite 3.1 services and clients.

Things to take into account:
  • Obsoleted TORQUE_SERVER variable replaced by BATCH_SERVER variable.
  • In all Computing Elements, the configuration does not release the shell at the end. Making ctrl+c to release it also kills the gatekeeper (bug #27761). The script has to be restarted, easy workarounds are "service gLite restart" for the gLite-CE and /etc/init.d/globus-gatekeeper restart on the lcg-CE.
  • In WMS, the configuration does not release the shell either at the end but ctrl+c can be used without any problem.
  • If you have not already performed a manual action in order to fix bug #27539, then you to do need a re-configuration of the nodes.
Note that in the near future this version of yaim will be rebranded 'yaim 4' to reflect the significant changes and the fact that its versions are now decoupled from the middleware release versions.
Data Management

Bug fix release. Especially, this release includes support for VO names up to 255 characters.
Please see the individual service updates for details on the list of fixed bugs.
  • glite-data-gfal
    • Fixed behaviour of gfal_chmod (only supported with LFC)
    • Fixed several segmentation fault in SRMv2.2 support
    • Fixed bug #27536: GFAL access of root files on dCache SE
    • Fixed a bug on SRMv2 directory creation
    • Fixed bug #27226: [GFAL] can't open ClassicSE SURL
    • Fixed bug #26984: lcg-cr doesn't create directory ... [with SRMv2.2]
    • Extend maximum VO name length to 255
    • Add easy-to-change variable for max length of VO name
    • Fixed bug #26820: Wrong error (file name too long)
    • Add list support for most of se_*, srm_* and srmv2_* functions
    • Clean up some obsolete internal functions
    • Add better error messages (with the concerning hostname/argument)
    • Fixed bug #23999: GFAL doesn't cope with castor-2...
    • Update of general GFAL man page.
    • LCG_GFAL_VO is no more needed for gfal_open on new SURL
    • Fixed bug #18104: lcg-cp only uses the first replica
    • Don't force anymore to specify VO with when not needed
  • glite-data-dm-util
    • Fixed GGus ticket #22930: problem with the number of characters for a VO name in lcg-cr
    • Installing the lcg_util library into 'lib64' instead of 'lib' on x86_64.
    • Updated man pages
    • Fixed option parsing of lcg-rep command line
    • Don't force anymore to specify VO when not needed
    • Fixed GGUS ticket #20086: lcg-uf - return code
Information system (MON-Box)

Multiple improvements and bug fixes (see individual service updates for the list of fixed bugs):
  • Update to prevent unnecessary load on the schema (co-hosted with the registry) when the R-GMA command line tool starts up.
  • Optimizations to the R-GMA registry.
Service updates
Priority Service Version Details
Normal glite-BDII 3.0.5-0 Details
Normal glite-CE 2.4.35-0 Details
Normal glite-FTA_oracle 3.0.13-0 Details
Normal glite-FTS_oracle 3.0.16-0 Details
Normal glite-LB 2.2.19-0 Details
Normal glite-LFC_mysql 3.0.16-0 Details
Normal glite-LFC_oracle 3.0.10-0 Details
Normal glite-MON_e2emonit 3.0.18-0 Details
Normal glite-MON 3.0.18-0 Details
Normal glite-PX 3.0.16-0 Details
Normal glite-SE_classic 3.0.17-0 Details
Normal glite-SE_dcache_admin_gdbm 3.0.6-0 Details
Normal glite-SE_dcache_admin_postgres 3.0.6-0 Details
Normal glite-SE_dcache_pool 3.0.6-0 Details
Normal glite-SE_dpm_disk 3.0.21-0 Details
Normal glite-SE_dpm_mysql 3.0.21-0 Details
Normal glite-SE_dpm_oracle 3.0.14-0 Details
Normal glite-UI 3.0.24-0 Details
Normal glite-VOBOX 3.0.28-0 Details
Normal glite-WMS 2.3.29-0 Details
Normal glite-WMSLB 2.4.20-0 Details
Normal glite-WN 3.0.24-0 Details
Normal lcg-CE_torque 3.0.15-0 Details
Normal lcg-CE 3.0.15-0 Details
Normal lcg-RB 3.0.14-0 Details

07.08.07 - 3.0.2 Update 30

 
Description
This is an update for the FTS service. Please see below for the individual service updates.
Data Management

This update contains a schema change. Please refer to the following pages for
detailed information on the changes and how to carry out the upgrade.


The release notes for the FTS 2.0 can be found at:

        https://twiki.cern.ch/twiki/bin/view/LCG/FtsRelease20

The changes between FTS 1.5 and 2.0 at:

        https://twiki.cern.ch/twiki/bin/view/LCG/FtsChangesFrom15To20

The upgrade information from FTS 1.5 to 2.0 can be found at:

        https://twiki.cern.ch/twiki/bin/view/LCG/FtsServerUpgrade15to20

Please pay special attention to the following information concerning the configuration:

       
https://twiki.cern.ch/twiki/bin/view/LCG/FtsRelease20Patch1232

The update of the FTS service (2.0) contains among other upgrades the following main features:
  • New DB model to improve performance
  • Delegation support
  • More service monitoring information collected in the database
  • Improved admin functionality
  • Redesigned state machine to support future extensions
  • Improved reliability of transfer-url-copy component
  • Beta support for SRM 2.2
  • Variety of bugs fixes / misc improvements

Service updates
Priority Service Version Details
Normal glite-FTA_oracle 3.0.12-2 Details
Normal glite-FTS_oracle 3.0.14-3 Details
Normal glite-UI 3.0.22-3 Details
Normal glite-VOBOX 3.0.26-4 Details
Normal glite-WN 3.0.22-3 Details

18.07.07 - 3.0.2 Update 29

 
Description
DPM-gridftp-server -- High Priority

This patch fixes a security issue with the DPM-gridftp-server. Please read the advisory here:

http://www.gridpp.ac.uk/gsvg/advisories/advisory-27657.txt

All DPM nodes should be upgraded immediately.


Service updates
Priority Service Version Details
High glite-SE_dpm_disk 3.0.19-4 Details
High glite-SE_dpm_mysql 3.0.19-4 Details
High glite-SE_dpm_oracle 3.0.12-4 Details

02.07.07 - 3.0.2 Update 28

 
Description
This update contains multiple bug fixes in various areas, including a fix for a security vulnerability (details below). Please see below for the individual service updates. Besides others, the following middleware service updates are included:

DPM-gridftp-server Incorrect credentials propagation -- High Priority

Operational Security Coordination Team Advisory 

-- Date: 2007-07-02 

-- Background 

The Disk Pool Manager (DPM) has been developed as a lightweight
solution for disk storage management. The DPM offers a modified
version of the Globus gridftp daemon for data access, among many
other protocols.

-- Affected Software 

LCG <= 2.7.x, gLite <= 3.0.x. 

gLite 3.1.x is not affected. 

-- Affected Components 

All versions of the DPM-gridftp-server package are affected. 

DPM servers running with VDT 1.6 or later are not affected, because 
they are using a different gridftp implementation from Globus Toolkit 4, 
interfaced to DPM via a plug-in interface. This comes with the package 
'DPM-DSI', instead of the above mentioned 'DPM-gridftp-server'.

For gLite 3.x the affected meta-package are: 

glite-SE_dpm_disk 
glite-SE_dpm_mysql 
glite-SE_dpm_oracle 

Sites running LCG 2.x are asked to upgrade their DPM-gridftp-server to gLite. 

-- Vulnerability Details 

The DPM gridftp server is handling the credentials of authenticated users
to manage permissions on the files. Unfortunately, it appears that under 
some circumstances, the credentials are not correctly propagated. 

As a result, it is possible for a malicious user who successfully 
authenticated against the DPM gridftp service to manipulate any file 
accessible by the service, including reading, writing, deleting and 
changing the permissions of the affected files and directories.

-- Further documentation 

This advisory is also available at the following URL: 

http://cern.ch/grid-deployment/glite-web/egee/packages/R3.0/updates.asp 

-- Installation Notes
 
The following rpms have been made available; 

DPM-gridftp-server-1.6.5-3sec.i386.rpm 

It is possible to upgrade the 'DPM-gridftp-server' component only 
(without upgrading the rest of the DPM components) from any version
including 1.6.0 to 1.6.5-2.

If the upgrade is not feasible, then we recommend stopping the DPM 
gridftp service and contacting the developers for the possibility 
of a custom upgrade path:

  /sbin/service dpm-gsiftp stop 
  /sbin/chkconfig --del dpm-gsiftp 

They are available in the appropriate repositories for each distribution. 

http://cern.ch/grid-deployment/glite-web/egee/packages/R3.0/updates.asp 

-- Credit 
This vulnerability has been discovered by Kostas Georgiou. 

-- Disclosure Timeline 
2007-06-19 Vulnerability reported to the LFC/DPM developers 
2007-06-19 Initial response from the LFC/DPM developers 
2007-06-26 Updated packages ready for certification and testing 
2007-07-02 OSCT notified of the vulnerability 
2007-07-02 Updated packages certified 
2007-07-02 Release preparation completed 
2007-07-02 Updated LCG and gLite packages available 
2007-07-02 Public disclosure 
2007-07-02 Site Admins and LCG Security Contacts notified 

-- References 

The details of the vulnerability and the update can be found here: 

http://cern.ch/grid-deployment/glite-web/egee/packages/R3.0/updates.asp 

For more detailed information including fixed bugs, updated RPMs, 
configuration changes and how to deploy, please go to the 'Details' 
link next to each service on the 'Updates' web page.

All issues found with this update should be reported using GGUS: 
www.ggus.org. 
Further updates in Data Management

The updated DPM-FTP component (1.6.5-3):
  • ftpd: propagate user credentials for cd requests (needed for uberftp)
  • Replacing the DPM-client (build only) dependency by lcg-dm-common.
The updated LCG-DM component (1.6.5-3):
  • Better logging of request and sub-request (file) errors
  • Disabled automatic RPM dependencies to solve the x86_64 related problems
  • Build fixes for Suse9, Centos4 and easing optional build of Oracle parts
Service updates
Priority Service Version Details
High glite-LFC_mysql 3.0.14-4 Details
High glite-LFC_oracle 3.0.9-2 Details
High glite-SE_dpm_disk 3.0.19-3 Details
High glite-SE_dpm_mysql 3.0.19-3 Details
High glite-SE_dpm_oracle 3.0.12-3 Details
High glite-UI 3.0.22-2 Details
High glite-VOBOX 3.0.26-3 Details
High glite-WN 3.0.22-2 Details
High lcg-RB 3.0.13-2 Details

27.06.07 - 3.0.2 Update 27

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates. Besides others, the following middleware service updates are included:
New BDII with indexing -- High Priority

New version of the BDII which uses indexes. This should significantly reduce the amount of load on a top-level BDII. For example when deployed on lcg-bdii.cern.ch the load dropped by a factor 3.

The bdii-update script has been made more efficient, reading LDIF files directly from disk, not through a pipe. In addition, a configuration parameter has been added to allow a BDII to cache (a subset of) the contents of another BDII.

LFC/DPM -- High Priority

The new version of LFC/DPM (1.6.5-1) fixes various bugs and has among others the following improvements:
  • Remove expired spaces.
  • Avoid crash in dpm_errmsg/Cns_errmsg when supplied buffer is too small (GGUS ticket #21767).
  • Correct processing of rfio_access on DPM TURLs (Atlas).
  • Return DPM version in otherInfo field of srmPing response.
  • dpm-shutdown: take "server" into account.
  • Add methods ping and getifcevers in LFC/DPM.
  • Add ACLs on disk pools (bug #25830).
  • dpm-qryconf: add option --group to display groupnames instead of gids.
  • dpm-qryconf: add option --proto to display supported protocols.
  • dpm-qryconf: add option --si to display sizes in power of 10 (bug #25810).
  • Implement recursive srmLs and srmRmdir.
glite-yaim

The new version of glite-yaim (3.0.1-22) fixes various bugs and has several new features.
  • For MDS, the config_gip function has been updated to correctly configure ldap schema for new openldap versions.
  • New variable (DPNS_BASEDIR) introduced.
    # The DPNS server's entry point in this domain (home)
    # i.e. this server will serve the /dpm/${MY_DOMAIN}/${DPNS_BASEDIR} name space
    # It is to ensure that if 2 or more DPM server is installed under the same domain
    # their name space should be (strongly suggested to be) separated, i.e. all the DPM
    # server in the world can be joined to a uniform name-space later on.
    # Use for example DPNS_BASEDIR=home2 or DPNS_BASEDIR=data for your second or third server.
    # Correct syntax is without '/' !
    #DPNS_BASEDIR=
    
  • Fix for fetch-crl problem (bug #26033).
  • A cron job is copied to /etc/cron.monthly during the install of a DPM node (and classicSE), which creates the 'generated' directories in advance. It has to be run manually for the first time, then it runs automatically every month.
  • Changes in dCache configuration:
    1. Changed GlueServiceVersion, and GlueServiceType to be LHC compliant in values.
    2. Changed Default replica location service from PNFS to companion database as its now stable.
    3. Added a cron job to run at 22:12 daily to generate the directory for LCG tools and delete all empty generated directories which are older than 2 days. This code is based upon production code created by Patrick Fuhrmann and now maintained as part of YAIM.
    These changes do not require steps from the site admins.
    NOTE: these changes were not tested during certification.
  • Removal of MDS configuration on DPM (GGUS ticket #21675).
  • No pool accounts are created on LFC.
  • The last modification time of the site-info.def during configuration is saved in the log file.
  • The config_mkgridmap function has been modified to allow the (non recommended) old sgm/prd user mapping schema, i.e. several sgm/prds are mapped to a single user.

    YAIM will auto-detect the situation and warn about dubious users.conf content, e.g. when only a single pool account has been defined for a VO (like in the example users.conf).

    Correct syntax for the LHCb sgm and production user's certificate FQANs are inserted in example groups.conf.

    Reconfiguration is necessary only if you modified your configuration.

    IMPORTANT: This is one of the last releases providing full set of configuration files. In the future, only very short syntactically correct examples will be distributed. The configuration setting for VOs, priorities, FQANs will be available in YAIM format through the CIC portal.
  • Removal of the default configuration of the FQAN VOViews.
  • YAIMLOG is now only readable by root.
Documentation can be found in the following locations:
Glue Schema

The new version of glue-schema updates to Glue version 1.3. The top-level BDIIs should be updated first, followed by the sites BDIIs and then the GRISs. Only when all the nodes have been updated, new information can be published.

lcg-info-dynamic-dpm

The new version of lcg-info-dynamic-dpm is introduced to fit to the new format of the dpm-qryconf output. This update fixes the reported bug that concerns incorrect information with the new DPM.
lcg-info-dynamic-lsf

The update of lcg-info-dynamic-lsf affects only CEs using the LSF batch system. The released version is a re-write of the original version, which was mainly done to improve performance. Moreover, the LRMS-related parts have been extracted and put into a dedicated rpm. The LRMS plugin was renamed to match the naming conventions used for PBS/Torque.

Design goals:
  • Support for several CEs looking at the same batch system.
  • Reduce number of queries to the batch system.
  • Improve scalability.
  • Code improvements.
  • Add documentation.
  • Make it more configurable.
  • Get ready for gLite, but be compatible with LCG.
Implementation details:
  • LRMS information is now created by the lcg-info-dynamic-lsf executable. This allows the system to provide consistent information.
  • Caching of LSF results:
    • Reduce number of batch system calls by avoiding unnecessary queries.
    • Allow several CEs to provide consistent information if the caches are shared (put on a shared file system).
lsf_local_submit_attributes.sh

This update to lsf_local_submit_attributes.sh requires lcg-info-dynamic-lsf-2.0.34-1 or newer. It is worth mentioning that the following section has to be added to the WorkloadManager section of the glite_wms.conf configuration file of the WMS:
    CeForwardParameters = {
      "GlueHostMainMemoryVirtualSize",
      "GlueHostMainMemoryRAMSize",
      "GlueCEPolicyMaxCPUTime"
    }; 
Just the WM gLite service needs to be re-started using:
    /opt/glite/etc/init.d/glite-wms-wm 
How sites should deal with the transition to pool accounts

The detailed instruction can be found at:

         https://twiki.cern.ch/twiki/bin/view/LCG/SgmPrdPoolAccounts

Changelog:

14.08.2007 Added description on "How sites should deal with the transition to pool accounts


Service updates
Priority Service Version Details
High glite-BDII 3.0.2-12 Details
High glite-CE 2.4.32-0 Details
High glite-FTA_oracle 3.0.12-1 Details
High glite-FTS_oracle 3.0.14-2 Details
High glite-LB 2.2.16-1 Details
High glite-LFC_mysql 3.0.14-3 Details
High glite-LFC_oracle 3.0.9-1 Details
High glite-MON_e2emonit 3.0.17-1 Details
High glite-MON 3.0.17-1 Details
High glite-PX 3.0.14-1 Details
High glite-SE_classic 3.0.15-2 Details
High glite-SE_dcache_admin_gdbm 3.0.4-1 Details
High glite-SE_dcache_admin_postgres 3.0.4-1 Details
High glite-SE_dcache_pool 3.0.4-1 Details
High glite-SE_dpm_disk 3.0.19-2 Details
High glite-SE_dpm_mysql 3.0.19-2 Details
High glite-SE_dpm_oracle 3.0.12-2 Details
High glite-UI 3.0.22-1 Details
High glite-VOBOX 3.0.26-2 Details
High glite-WMS 2.3.28-1 Details
High glite-WMSLB2.4.19-1 Details
High glite-WN 3.0.22-1 Details
High lcg-CE_torque 3.0.13-2 Details
High lcg-CE 3.0.14-0 Details
High lcg-RB 3.0.13-1 Details

20.06.07 - 3.0.2 Update 26

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates. Besides others, the following middleware service updates are included:
New DPM GIP plugin

New version of DPM information plugin which will query the DPNS database to get proper figures for the amount of storage used per VO. This plugin is called with two arguments, the database configuration access file and the BDII LDIF file.
dCache update

IMPORTANT NOTE: It is recommended that both client and server are updated at the same time. Otherwise following kind of problems may occur:

If sites run dCap doors within their dCache service and do not synchronize the upgrade of the client and the server then SRM transfers using the dCap protocol may suffer. The dCache client srmcp, from the older dCache client rpms will use dCap as the default transfer protocol with the new server. If sites are using dCap they should already know that dCap is rsh-like with respect to authentication. The implication is that users files will be written with the UID the client who initiated the transfer (root is blocked). This can cause issues when users have different UID's on the client from the UID they are mapped to on the server via the gridmap file. This will only happen when dCap as a running dCache door. The implications of using dCap transfers writing to one UID and gsiftp writing to another UID is unlikely at most sites as most sites do not have this complexity, but if this is the case sites will find that some data transfers initiated with srmcp will fail due to PNFS permissions as PNFS is UNIX like in its file system permissions. Some sites may have enabled dCap only as a read protocol, in this case all data transfers to dcache will fail when started with srmcp without specifying the preferred data transfer protocol.

Update details
  • Client now sends by default for srm get and put operations, protocols in a different priority order. The order has changed from {http,dcap,gsiftp} to {gsiftp,dcap,http}.
  • Staging bug fix. The initial state of the pin was set to PINNED for previous releases, this prevented files being staged, as the PIN manager believed the files where on disk, this has been resolved.
  • Access two different accounts with the same kerberos ticket or x509 cert now supported.
  • dCap door can now be run in the read only mode.
  • Bug fixes to the resilience manger so that 0 byte files will not replicate in an uncontrolled way.
YAIM update

The new DPM info provider is configured. YAIM introduces two new variables:
  • DPM_INFO_USER
  • DPM_INFO_PASS
The first is the mysql DB user which gets select grant to query the database, and the second its password. Both of them are compulsory parameters. IMPORTANT: The variables should not contain any special characters (ex:'-').

The new infoprovider is called by the edguser, and, in order to have the permission, the host certificate gets installed in its .globus directory.
glite-lb-bkserverd update

Filedescriptors >= 3 were closed in glite-lb-bkserverd after eventual first call to syslog(). The syslog fd# was reused by e.g. mysql then, mixing syslog messages with other communication, and resulting in server hang.

LB server has to be restarted:
/opt/glite/etc/init.d/glite-lb-bkserverd restart
d-cache-lcg update

The new version (d-cache-lcg-6.2.0) provides the following improvements:
  • Ensure sgm and prd pool accounts also use the first regular pool account of their VO (fixes problem reported on LCG-Rollout list).
  • Besides "001" allow the first pool account to end in "01" for small or "0001" for large VOs.
  • Handle observed e-mail address attribute name conversion to "EMAILADDRESS" and also allow for "emailAddress" (OpenSSL 0.9.7 and later).
Service updates
Priority Service Version Details
Normal glite-BDII 3.0.2-11 Details
Normal glite-CE 2.4.30-1 Details
Normal glite-FTA_oracle 3.0.12-0 Details
Normal glite-FTS_oracle 3.0.14-1 Details
Normal glite-LB 2.2.16-0 Details
Normal glite-LFC_mysql 3.0.14-2 Details
Normal glite-LFC_oracle 3.0.9-0 Details
Normal glite-MON_e2emonit 3.0.17-0 Details
Normal glite-MON 3.0.17-0 Details
Normal glite-PX 3.0.14-0 Details
Normal glite-SE_classic 3.0.15-1 Details
Normal glite-SE_dcache_admin_gdbm 3.0.4-0 Details
Normal glite-SE_dcache_admin_postgres 3.0.4-0 Details
Normal glite-SE_dcache_pool 3.0.4-0 Details
Normal glite-SE_dpm_disk 3.0.19-1 Details
Normal glite-SE_dpm_mysql 3.0.19-1 Details
Normal glite-SE_dpm_oracle 3.0.12-1 Details
Normal glite-UI 3.0.22-0 Details
Normal glite-VOBOX 3.0.26-1 Details
Normal glite-WMS 2.3.28-0 Details
Normal glite-WMSLB2.4.19-0 Details
Normal glite-WN 3.0.22-0 Details
Normal lcg-CE_torque 3.0.13-1 Details
Normal lcg-CE 3.0.13-1 Details
Normal lcg-RB 3.0.13-0 Details

24.05.07 - 3.0.2 Update 25

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates. Besides others, the following middleware service updates are included:
LCG-CE modifications for DGAS support

This update allows the LCG-CE service to provide job records to be further processed by DGAS. The records are written to files grid-jobmap_YYYYMMDD in the directory /opt/edg/var/gatekeeper (by default). Each record consists of a single line with the following fields:
---------------------------------------------------------------- 
"localUser=UID" 
"userDN=DN" 
"userFQAN=FQAN" (one per FQAN found, if any) 
"jobID=grid_job_ID" (the EDG_WL_JOBID, GLITE_WMS_JOBID, or none) 
"ceID=hostname.domain:2119/jobmanager-jobmanager-queue" 
"lrmsID=LRMS_ID" 
"timestamp=YYYY-MM-DD HH:MM:SS" (submission to the batch system) 
----------------------------------------------------------------
Other upgrades and fixes

The update contains following upgrades and fixes:
  • Condor plugin for lcg-info-dynamic-scheduler.
    Note: CE_BATCH_SYS variable of YAIM should be set to condor or CONDOR, like for example with PBS (pbs or PBS).
  • The glite-CE metapackage had a missing dependency on lcg-info-provider-software component, which has been added.
  • Several bug fixes in the R-GMA server.
Service updates
PriorityServiceVersionDetails
Normal glite-CE 2.4.30-0 Details
Normal glite-LFC_mysql 3.0.14-1 Details
Normal glite-LFC_oracle 3.0.8-0 Details
Normal glite-MON_e2emonit 3.0.16-0 Details
Normal glite-MON 3.0.16-0 Details
Normal glite-PX 3.0.13-0 Details
Normal glite-SE_classic 3.0.15-0 Details
Normal glite-SE_dcache_admin_gdbm 3.0.3-0 Details
Normal glite-SE_dcache_admin_postgres 3.0.3-0 Details
Normal glite-SE_dcache_pool 3.0.3-0 Details
Normal glite-SE_dpm_disk 3.0.19-0 Details
Normal glite-SE_dpm_mysql 3.0.19-0 Details
Normal glite-SE_dpm_oracle 3.0.12-0 Details
Normal glite-VOBOX 3.0.26-0 Details
Normal lcg-CE_torque 3.0.13-0 Details
Normal lcg-CE 3.0.13-0 Details
Normal lcg-RB 3.0.12-0 Details

14.05.07- 3.0.2 Update 24

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates. Besides others, the following middleware service updates are included:
lcg-vomscerts

Important note: The update of lcg-vomscerts has a new certificate for lcg-voms.cern.ch. The current certificate will expire on May 29.
glite-yaim

There is presently a known issue with this update of YAIM. With the latest update the info provider of the DPM machines has changed from MDS to BDII. However the YAIM (3.0.1-15) coming with the update does not configure edguser's certificate. We recommend for the moment to apply the following workaround :

   mkdir -p ~edguser/.globus
   chown edguser:edguser ~edguser/.globus
   cp /etc/grid-security/hostcert.pem ~edguser/.globus/usercert.pem
   cp /etc/grid-security/hostkey.pem ~edguser/.globus/userkey.pem
   chown edguser:edguser /home/edguser/.globus/user*
   chmod 400 /home/edguser/.globus/userkey.pem

We will release a fix for this problem as soon as possible

Important note: FTA and FTS nodes have to be reconfigured with THE NEW CONFIGURATION TARGET FTA2 and FTS2

This is an early release of the new modular release series and it enables the new FTS and FTA configuration. The new configuration targets FTA2 and FTS2 have to be used. That is, yaim should be run with options -n FTS2 and/or -n FTA2.

Other new features of this update are the following:

  • In site-info.def the VOAGENT_PYTHON agent type should be replaced with VOAGENT. All the defined typdefault variables should be changed correspondingly.
  • Two new YAIM variables are introduced. They are not compulsory to be set and have default values as in the following:
    # The DPM db name. Default is dpm_db
    DPM_DB=dpm_db
    # The DPNS db name. Default is cns_db
    DPNS_DB=cns_db
    This is to allow the usage of the same remote DB server serving several DPM node.
Other important issues when upgrading glite-yaim are the following:
  • Important: apt-autoupdate not supported, i.e. do the upgrade and the reconfiguration in one process. As always, it is recommended to do a DB backup before the upgrade.
  • Important: After the reconfiguration, DPM will use BDII as information provider instead of MDS. Because of this, the connect string and the port number on the site-BDII has to be changed as follows:
    • from "mds-vo-name=local,o=grid"
      to "mds-vo-name=resource,o=grid"
    • and from 2135 to 2170 respectively.
    Reconfigure and restart your site-BDII.

    Note: As a side effect of this reconfiguration the lcg-cr command will not work if your LCG_GFAL_INFOSYS variable is pointing to the DPM's infosys instead of a top-level BDII. This is not a bug, just a consequence worth to mention.
FTS Update 2.0

Important note: The current WLCG planning foresees running version FTS 2.0 only at CERN-PROD for a few weeks. Tier-1 sites should remain at version 1.5 until contacted by FTS support.

For further information, please contact fts-support@cern.ch.

The update of the FTS service (2.0) contains among other upgrades the following main features:
  • New DB model to improve performance
  • Delegation support
  • More service monitoring information collected in the database
  • Improved admin functionality
  • Redesigned state machine to support future extensions
  • Improved reliability of transfer-url-copy component
  • Beta support for SRM 2.2
  • Variety of bugs fixes / misc improvements
  • Compiling under SLC4 (to be fully tested)
LFC/DPM

There is presently a known issue with this update of LFC/DPM. We recommend to either not update your LFC/DPM for the moment or apply the following workaround (also if you have already updated your system):
 

    mkdir -p /home/glbuild/GLITE_3_0_3_RC1_DATA/stage/etc
    ln -s /opt/lcg/etc/lcgdm-mapfile \
          /home/glbuild/GLITE_3_0_3_RC1_DATA/stage/etc

We will release a fix for this problem as soon as possible.

The upgrage of the LFC/DPM service (1.6.4-3) contains among others the following important new features and bug fixes:

  • Added database migration scripts for DPM secondary groups support with the following new features:
    - allow in srmMv to move a file to another directory giving the directory name as target
    - if the free space in a pool or filesystem was already negative, it was still possible to reserve space
    - report fileLocality in srmLs output (WLCG decision)
    - return an error if attempt to extend lifetime of an already expired TURL
    - python interface to DPNS
  • Fix garbage collector thresholds checks (was not working if poolfree space was negative, i.e. pool space overcommitted)
  • The new information provider is BDII, so node firewall need to be changed, furthermore site-BDII needs reconfiguration. (Please, see the glite-yaim update above as well.)
R-GMA client

This upgrade introduces new exceptions RGMABusyException and RGMANoWorkingReplicasException for R-GMA. These exceptions can be thrown in a future server versions of R-GMA and this update will enable rollout of clients that can handle this exception in readiness for a server update.

No action is required by users and the R-GMA clients will be working as before.


WN for SL4 in compatibility mode
  • This release contains the repository for the SL4 Worker Node in compatibility mode. The code has been compiled on SL3 but can be installed and run on a SL4 node.

    To install the WN on SL4, there is a new metapackage called glite-WN_sl4compat and a new special repository. More details about the metapackage can be found here, for the repository setup please see here.
  • Note on the natively compiled gLite 3.1 WN for SL4:

    The gLite 3.1 WN natively compiled on SL4 is presently in the pre-production service and will be released to production as soon as possible. This is the version that will be maintained in future.

    The upgrade path from the present 'compatibility mode' (SL3 binaries) to the native mode is not guaranteed and this version should be considered a temporary measure.
Other upgrades
  • Incorrect apel-* dependencies have been removed from the metapackages to fix the GGUS ticket 16550.
  • The package lcg-infosites obsoletes the previously distributed lcg-info-api-ldap.

Service updates
PriorityServiceVersionDetails
High glite-BDII 3.0.2-10 Details
High glite-CE 2.4.25-6 Details
High glite-FTA_oracle 3.0.11-0 Details
High glite-FTS_oracle 3.0.14-0 Details
High glite-LB 2.2.15-0 Details
High glite-LFC_mysql 3.0.14-0 Details
High< glite-LFC_oracle 3.0.7-0 Details
High glite-MON_e2emonit 3.0.15-0 Details
High glite-MON 3.0.15-0 Details
High glite-PX 3.0.12-0 Details
High glite-SE_classic 3.0.14-0 Details
High glite-SE_dcache_admin_gdbm 3.0.2-0 Details
High glite-SE_dcache_admin_postgres 3.0.2-0 Details
High glite-SE_dcache_pool 3.0.2-0 Details
High glite-SE_dpm_disk 3.0.18-0 Details
High glite-SE_dpm_mysql 3.0.18-0 Details
High glite-SE_dpm_oracle 3.0.11-0 Details
High glite-UI 3.0.21-0 Details
High glite-VOBOX 3.0.25-0 Details
High glite-VOMS_mysql 3.0.13-0 Details
High glite-VOMS_oracle 3.0.13-0 Details
High glite-WMS 2.3.27-0 Details
High glite-WMSLB2.4.18-0 Details
High glite-WN 3.0.21-0 Details
High glite-WN_sl4compat 3.0.21-0 Initial release
High lcg-CE_torque 3.0.11-4 Details
High lcg-CE 3.0.11-7 Details
High lcg-RB 3.0.11-0 Details

30.04.07 - 3.0.2 Update 23

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.

Besides others, the following middleware service updates are included:

Dcache

The Dcache component is upgraded to version 1.7.0-34, which contains several GridFTP bug fixes. For more details please see

http://www.dcache.org/downloads/1.7.0/index.shtml

The upgrade shows significant improvements in stability when the packages are used with Java 1.5 compared to Java 1.4. Deployment with Java 1.4 is still possible. In addition to increased stability, the following development has been made to the Dcache component:
  • memory usage is improved (with Java 1.5) and
  • performance is improved (with Java 1.5, as the threading model has improved in this version of Java).
edg-mkgridmap

The new version of edg-mkgridmap (2.9.0) fixes the interoperability problem with axis (1.2.1) and voms-admin (>1.2.20). There are also updates and fixes in the man pages, for example, a valid support email address has been added.

glite-yaim

The new version of glite-yaim adds support for DGAS logging on lcg-CE.

lcg-info

The new version of lcg-info introduces support for VOViews, service and site information. Use the --list-attrs option for a full list of the supported attributes.

lcg-vomscerts

The new version of lcg-vomscerts (4.4.1) provides the certificate of the VOMS server for "biomed" and "egeode", which is currently in use, because it was accidentally re-renewed.

Service updates
PriorityServiceVersionDetails
Normal glite-BDII 3.0.2-9 Details
Normal glite-CE 2.4.25-5 Details
Normal glite-FTA_oracle 3.0.10-2 Details
Normal glite-FTS_oracle 3.0.13-3 Details
Normal glite-LB 2.2.14-0 Details
Normal glite-LFC_mysql 3.0.13-4 Details
Normal glite-LFC_oracle 3.0.6-4 Details
Normal glite-MON_e2emonit 3.0.14-0 Details
Normal glite-MON 3.0.14-0 Details
Normal glite-PX 3.0.11-4 Details
Normal glite-SE_classic 3.0.13-1 Details
Normal glite-SE_dcache_admin_gdbm 3.0.1-1 Details
Normal glite-SE_dcache_admin_postgres 3.0.1-1 Details
Normal glite-SE_dcache_pool 3.0.1-1 Details
Normal glite-SE_dpm_disk 3.0.15-1 Details
Normal glite-SE_dpm_mysql 3.0.15-1 Details
Normal glite-SE_dpm_oracle 3.0.8-1 Details
Normal glite-UI 3.0.14-4 Details
Normal glite-VOBOX 3.0.17-5 Details
Normal glite-VOMS_mysql 3.0.12-0 Details
Normal glite-VOMS_oracle 3.0.12-0 Details
Normal glite-WMS 2.3.26-0 Details
Normal glite-WMSLB2.4.17-0 Details
Normal glite-WN 3.0.15-6 Details
Normal lcg-CE_torque 3.0.11-3 Details
Normal lcg-CE 3.0.11-6 Details
Normal lcg-RB 3.0.10-4 Details

23.04.07 - 3.0.2 Update 22

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.

Besides others, the following middleware service updates are included:

VOMS - Major upgrade to the service

This release upgrades VOMS from version 1.6 to version 1.7.

Here is a link to the list of bugs fixed:
http://littleblue.cnaf.infn.it/twiki/bin/view/VOMS/WebDevelopment.

And here are the release notes, for the upgrade from 1.6.x to 1.7.x:
  • The clients and APIs of VOMS 1.7.x are fully backwards compatible with VOMS 1.6.x. A simple upgrade of the RPMs is all that is necessary to upgrade them.
  • The server however requires an upgrade of the DB schema, upgrade that is performed the first time voms-admin 1.2.17 or higher is run. This means that VOMS 1.7.x requires voms-admin 1.2.17 or higher, though those versions of voms-admin may also run with VOMS 1.6.x.
  • Configuration-wise, two new ways to configure the vomsdir directory are available. Though both optional at the moment, it is highly suggested that at least option number 1 is used. The support of the old format will be removed with VOMS 1.8.x or in one year, whichever comes later.
  • New configuration options:
    1. Inside the vomsdir directory, a subdirectory for each supported VO is made, with the same name of the VO, and all and only the certificates of the servers supporting that VO are placed in it. The main directory should not contain any file, just the VO subdirs
    2. Instead of the server certificate, a new file, named <hostname>.lsc is placed in the VO subdir. This allows host admin to avoid updating the list of certificates whenever a VOMS server changes its certificate. For details od the file's format look at section 5.1.1 of the updated user guide, available here:
      https://edms.cern.ch/file/571991/1/voms-guide.pdf.
LB

The release contains fixes for the following bugs:
  • #22879 LB and LL must log IP address for failed connection
    • the addresses are always logged
  • #23919 Errors from lower communication layers thrown away by L&B library
  • #23350 always start bkserverd with --super-users-file option
    • LB Server is always started with --super-users-file $GLITE_LOCATION/etc/LB-super-users
    • if the file does not exist, it is not fatal for startup, so the file is not touched during configuration
  • #24088 problems with "--super-users-file" option of bkserverd
    • fixed memory allocation when reading this file, causing the reported misbehaviour
  • #22337 rb112.cern.ch (gLite WMS) under performing (from lhcb user)
    • better diagnostic provided in order to track the bug
YAIM - Major upgrade to the service

The update contains a new version of glite-yaim-3.0.1. Please read the new YAIM 3.0.1 user guide for details.
The new version contains the following new features:
  • The configuration is stored in a directory structure which will be extended in the near future. Currently the following files are used: site-info.def, groups.conf, users.conf, and the vo.d directory.
  • To configure correctly the glite-CE with torque, the following parameters are obligatory:
    # Jobmanager specific settings
    JOB_MANAGER=pbs
    CE_BATCH_SYS=pbs
  • In case of site BDII separated from CE, it is necessary to install by hand the lcg-info-templates and lcg-info-generic packages to the site BDII node and to remove the ${INSTALL_ROOT}/lcg/var/gip/ldif/static-file-Site.ldif file on all CE nodes.
  • In the site-info.def file is necessary to define the BDII_CE_URL parameter as follows:
    BDII_CE_URL="ldap://$CE_HOST:2170/mds-vo-name=resource,o=grid"
  • In the site-info.file given in ./examples, where is
    /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch ops' 'ops voms.cern.ch 15004
    should be
    /C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch ops' 'ops voms.cern.ch 15009
  • If optional bin/yaim command is used to configure a gLiteCE, then the node will not work properly until service gLite is restarted since the gatekeeper will not be running after the configuration. If default configure_node script is used then all works without problems.
glite-data-gfal and glite-data-dm-util

The release containes new version of glite-data-gfal (1.9.0-2) and glite-data-dm-util (1.5.1-1) with the following fixes and updates:
  • Fix bug #24958: [GFAL] Seg Fault in srmv2.2 support
  • Fix bug #24956: [GFAL] Wrong error in case of srmv1 errors
  • Fix GGUS ticket 19509: Bug in GFAL resulting in BDII error: Success messages
  • Fix bug #25064: lcg-del broken for Classic SE
    (bug was found on a version in PPS, not in a production version)
  • lcg-cp can now do SURL-to-SURL copy, which is an LHCb requirement
  • Update several manual pages for SRMv2.2 support
More information can be obtained from https://twiki.cern.ch/twiki/bin/view/LCG/LcgUtilAndGfalApis.

Other updates

In addition, the incorrect dependency of the Storage Element metapackages on myproxy and myproxy-config has been removed.


Service updates
PriorityServiceVersionDetails
Normal glite-BDII 3.0.2-8 Details
Normal glite-CE 2.4.25-4 Details
Normal glite-FTA_oracle 3.0.10-1 Details
Normal glite-FTS_oracle 3.0.13-2 Details
Normal glite-LB 2.2.13-0 Details
Normal glite-LFC_mysql 3.0.13-3 Details
Normal glite-LFC_oracle 3.0.6-3 Details
Normal glite-MON_e2emonit 3.0.13-0 Details
Normal glite-MON 3.0.13-0 Details
Normal glite-PX 3.0.11-3 Details
Normal glite-SE_classic 3.0.13-0 Details
Normal glite-SE_dcache_admin_gdbm 3.0.1-0 Details
Normal glite-SE_dcache_admin_postgres 3.0.1-0 Details
Normal glite-SE_dcache_pool 3.0.1-0 Details
Normal glite-SE_dpm_disk 3.0.15-0 Details
Normal glite-SE_dpm_mysql 3.0.15-0 Details
Normal glite-SE_dpm_oracle 3.0.8-0 Details
Normal glite-UI 3.0.14-3 Details
Normal glite-VOBOX 3.0.17-4 Details
Normal glite-VOMS_mysql 3.0.11-0 Details
Normal glite-VOMS_oracle 3.0.11-0 Details
Normal glite-WMS 2.3.25-0 Details
Normal glite-WMSLB2.4.16-0 Details
Normal glite-WN 3.0.15-5 Details
Normal lcg-CE_torque 3.0.11-2 Details
Normal lcg-CE 3.0.11-5 Details
Normal lcg-RB 3.0.10-3 Details

16.04.07 - 3.0.2 Update 21

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.

Besides others, the following fixes are included:
  • glite-yaim

    Release of major new version of yaim: glite-yaim-3.0.1.

    This version contains changes to the 3.0.0 series of yaim in the area of
     
    • YAIM's hierarchical configuration storage
    • DNS-like VO names
    • Changes in the groups.conf file
    • Special accounts management
    • Queue management

    IMPORTANT NOTE:

    Please see the detailed information about the update and the changes for the configuration procedure
    here as well as the known issues.

    To configure correctly the glite-CE with torque, the following parameters are obligatory:

       # Jobmanager specific settings
       JOB_MANAGER=pbs
       CE_BATCH_SYS=pbs


    WARNING: If incorrect parameters will be used the configuration will finish successfully, but it will be impossible to submit a job to glite CE.

    In case of site BDII separated from CE, it is necessary to install by hand the lcg-info-templates and lcg-info-generic packages to the site BDII node and to remove the

       ${INSTALL_ROOT}/lcg/var/gip/ldif/static-file-Site.ldif

    file on all CE nodes. In the site-info.def file is necessary to define the BDII_CE_URL parameter as follows:

          BDII_CE_URL="ldap://$CE_HOST:2170/mds-vo-name=resource,o=grid"

    When installing a UI on a SL3 machine, it's necessary to manually create directory

         /tmp/glite/glite-ui using "mkdir -p /tmp/glite/glite-ui"

    This will be fixed in the next release.

  • lcg-info-dynamic-scheduler

    Support for VOMS FQANs in VOViews.
Service updates
PriorityServiceVersionDetails
Normal glite-BDII 3.0.2-7 Details
Normal glite-CE 2.4.25-3 Details
Normal glite-FTA_oracle 3.0.10-0 Details
Normal glite-FTS_oracle 3.0.13-1 Details
Normal glite-LB 2.2.10-0 Details
Normal glite-LFC_mysql 3.0.13-2 Details
Normal glite-LFC_oracle 3.0.6-2 Details
Normal glite-MON_e2emonit 3.0.12-0 Details
Normal glite-MON 3.0.12-0 Details
Normal glite-PX 3.0.11-2 Details
Normal glite-SE_classic 3.0.12-2 Details
Normal glite-SE_dcache_admin_gdbm 3.0.0-3 Details
Normal glite-SE_dcache_admin_postgres 3.0.0-3 Details
Normal glite-SE_dcache_pool 3.0.0-3 Details
Normal glite-SE_dpm_disk 3.0.14-2 Details
Normal glite-SE_dpm_mysql 3.0.14-2 Details
Normal glite-SE_dpm_oracle 3.0.7-2 Details
Normal glite-UI 3.0.14-2 Details
Normal glite-VOBOX 3.0.17-3 Details
Normal glite-WMS 2.3.24-0 Details
Normal glite-WMSLB2.4.15-0 Details
Normal glite-WN 3.0.15-4 Details
Normal lcg-CE_torque 3.0.11-1 Details
Normal lcg-CE 3.0.11-4 Details
Normal lcg-RB 3.0.10-2 Details

02.04.07 - 3.0.2 Update 20

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates. Besides others, the following fixes are included:

BDII

The new version of the BDII (3.8.8) has these principal changes compared to the previously released version (3.8.5):
  • Increase slapd memory cache sizes for LCG/EGEE top-level BDIIs.
  • Wait up to 1 minute for a new slapd to become responsive.
  • Preload the DB in memory, so that the first clients do not have to wait.
  • Try to prevent the slapd ports from getting taken by other processes.
  • Relax top-level BDII limitation: it can accept but not update file URLs.
GSIOpenSSH

The latest version of the GSIOpenSSH (3.9) fixes the Denial of Service vulnerability (DoS vulnerability) described in the GGUS ticket 18734 ("gsissh server version out of date").

Service updates
PriorityServiceVersionDetails
Normal glite-BDII 3.0.2-6 Details
Normal glite-CE 2.4.25-2 Details
Normal glite-FTS_mysql 3.0.13-0 Details
Normal glite-FTS_oracle 3.0.13-0 Details
Normal glite-LFC_mysql 3.0.13-1 Details
Normal glite-LFC_oracle 3.0.6-1 Details
Normal glite-MON_e2emonit 3.0.11-0 Details
Normal glite-MON 3.0.11-0 Details
Normal glite-PX 3.0.11-1 Details
Normal glite-SE_classic 3.0.12-1 Details
Normal glite-SE_dcache_admin_gdbm 3.0.0-2 Details
Normal glite-SE_dcache_admin_postgres 3.0.0-2 Details
Normal glite-SE_dcache_pool 3.0.0-2 Details
Normal glite-SE_dpm_disk 3.0.14-1 Details
Normal glite-SE_dpm_mysql 3.0.14-1 Details
Normal glite-SE_dpm_oracle 3.0.7-1 Details
Normal glite-UI 3.0.14-1 Details
Normal glite-VOBOX 3.0.17-2 Details
Normal glite-WMS2.3.23-2 Details
Normal glite-WMSLB2.4.14-0 Details
Normal glite-WN 3.0.15-3 Details
Normal lcg-CE_torque 3.0.11-0 Details
Normal lcg-CE 3.0.11-3 Details
Normal lcg-RB 3.0.10-1 Details

26.03.07 - 3.0.2 Update 19 

Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates. Besides others, the following fixes are included:

Dcache

The Dcache server is updated to version 1.7.0-29. (25, 26, 27 and 28 internal releases used in development cycles and testing.) The server upgrade 1.7.0-24 => 1.7.0-29 contains the following fixes.
  • GridFTP behavior on unexpected clients disconnect has been fixed.
  • IO queue names mismatch in batch file and timeout manager has been fixed.
  • Added missing initiator information in the billing database on GridFTP reads.
  • Minor xrootd protocol fixes.
  • Added support for java 6 in startup scripts.
  • Fixed rpm uninstall in when /opt/d-cache directory removed.
  • Replica manager does not replicate files to the same host.
The Dcache client has been compiled and the packaging meta data has been improved to reflect this.

glite-UI

Update to the glite-UI fixes the GGUS ticket 16538: The glite-UI metapackage was missing a dependency on glite-security-voms-admin-client.

Service updates
PriorityServiceVersionDetails
Normal glite-SE_dcache_admin_gdbm 3.0.0-1 Details
Normal glite-SE_dcache_admin_postgres 3.0.0-1 Details
Normal glite-SE_dcache_pool 3.0.0-1 Details
Normal glite-UI 3.0.14-0 Details
Normal glite-VOBOX 3.0.17-1 Details
Normal glite-WN 3.0.15-2 Details

19.03.07 - 3.0.2 Update 18

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.

Service updates
PriorityServiceVersionDetails
Normal glite-UI 3.0.13-3 Details
Normal glite-VOBOX 3.0.17-0 Details
Normal glite-WMS2.3.23-1 Details
Normal glite-WMSLB2.4.13-0 Details
Normal glite-WN 3.0.15-1 Details

13.03.07 - 3.0.2 Update 17

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.
Besides others, the following fixes are included:
 

yaim/LFC/DPM

  • The new version adds the DPM configuration.
  • The wrong version of glite-yaim was delivered with the last LFC and DPM release (glite-yaim-3.0.0-36 instead of glite-yaim-3.0.0-38). To apply this update please :
     

    - upgrade YAIM to glite-yaim-3.0.0-38, and

    - reconfigure the LFC and DPM nodes.

  • Fixes bug 24589.

    Please pay attention that some problems have been found in the configuration of LFC Oracle (see known issues for glite-LFC_oracle here).
  • In case of problems in DPM upgrade to 1.6.3, please follow the instructions and "known issues" on the following page :

    https://twiki.cern.ch/twiki/bin/view/LCG/DpmSrmv2Support

Upgrade to dCache 1.7

  • D-Cache is no longer configured as a single system as it is a very configurable service. For this reason multiple metapackages for D-cache have been created.

    The new set of metapackages is:
    • glite-SE_dcache_pool contains the minimum dependencies for D-cache (pool nodes)
    • glite-SE_dcache_admin_postgres contains the dependencies for a administrative node running on the postgres database
    • glite-SE_dcache_admin_gdbm contains the dependencies for a administrative node running on the gdbm database.

    They replace the original two metapackages:

    • glite-SE_dcache is replaced by glite-SE_dcache_admin_gdbm
    • glite-SE_dcache_gdbm is  replaced by glite-SE_dcache_admin_gdbm
  • It is recommended that all YAIM installed admin nodes are upgraded to pnfs-postgres. This is provided as a dependency of the metapackage glite-SE_dcache_admin_postgres.

    The sites that have not yet upgraded pnfs to pnfs-postgresql should do so either before or after the upgrade.

    glite-SE_dcache_admin_gdbm is provided with a dependacy to pnfs-gdbm and pnfs. This backend is no longer supported to it is recommended to upgrade to pnfs-postgresql as soon as possible.
  • The new postgres version does not always come "necessaryly". It depends on the repository choice of the sites. Some (external) repositories include postgres others do not.

    Sites should check about postgres before they perform any update.
  • The D-Cache repository now contains postgres RPMs of version 8.1.X and postgres might be upgraded. Note however that you cannot read you old postgres DBs any longer if you run version 8.0.X and smaller. You need to dump your database before. Upgrade and re-import the database.

    Short "step by step":

    1.) Stop dcache service and PNFS

    2.) pg_dumpall > /Some/Big/Disk/backup
    [note: this dump might get large on a production system]

    3.) Upgrade postres RPMs (and D-Cache)

    4.) (Re-)Move old database

    5.) Create new database:
    su - posrgres
    initdb -D /var/lib/pgsql
    start postgres DB

    6.) Import DB: psql -f /Some/Big/Disk/backup postgres

    7.) Note: I had to change some postgres config files
    before PNFS could be started again. (See old config files
    or D-Cache book:
    http://www.dcache.org/manuals/Book/cb-postgres-install.shtml )

    8.) Start PNFS and D-Cache services.

lcg-vomscerts v. 4.4.0

  • provides the current and new certs of the VOMS server for "biomed" and "egeode" - the current one expires on March 27 - as well as the certificates of voms-test.cern.ch to allow for grid-wide testing of new VOMS features.

edg-mkgridmap

  • Put in work-around for bug #23292: "escaped quotes in grid-mapfile cause infinite loop". It now rejects entries with embedded double quotes or trailing backslashes.
  • Added "--usermode" option option to facilitate running the script as an ordinary user by having the relevant environment variables point to the user's X509 proxy instead of using the personal certificate and key.
  • Made scanning of grid-mapfile-local robust against trailing white space. Warn about malformed lines.
  • Multiple bug fixes.
Service updates
PriorityServiceVersionDetails
Normal glite-BDII 3.0.2-5 Details
Normal glite-CE 2.4.25-1 Details
Normal glite-FTA_mysql 3.0.9-1 Details
Normal glite-FTA_oracle 3.0.9-1 Details
Normal glite-FTS_mysql 3.0.12-0 Details
Normal glite-FTS_oracle 3.0.12-0 Details
Normal glite-LB 2.2.9-1 Details
Normal glite-LFC_mysql 3.0.13-0 Details
Normal glite-LFC_oracle 3.0.6-0 Details
Normal glite-MON_e2emonit 3.0.10-0 Details
Normal glite-MON 3.0.10-0 Details
Normal glite-PX 3.0.11-0 Details
Normal glite-SE_classic 3.0.12-0 Details
Normal glite-SE_dcache_pool 3.0.0-0 Details
Normal glite-SE_dcache_admin_gdbm 3.0.0-0 Details
Normal glite-SE_dcache_admin_postgres3.0.0-0 Details
Normal glite-SE_dpm_disk 3.0.14-0 Details
Normal glite-SE_dpm_mysql 3.0.14-0 Details
Normal glite-SE_dpm_oracle 3.0.7-0 Details
Normal glite-UI 3.0.13-2 Details
Normal glite-VOBOX 3.0.16-0 Details
Normal glite-VOMS_mysql 3.0.10-0 Details
Normal glite-VOMS_oracle 3.0.10-0 Details
Normal glite-WMS2.3.23-0 Details
Normal glite-WMSLB2.4.12-0 Details
Normal glite-WN 3.0.15-0 Details
Normal lcg-CE_torque 3.0.10-0 Details
Normal lcg-CE 3.0.11-2 Details
Normal lcg-RB 3.0.10-0 Details

06.03.07  - 3.0.2 Update 16

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.
Besides others, the following fixes are included:
 

Torque / Maui

  • Update of Torque (2.1.6-1cri_sl3_2st) and Maui ( 3.2.6p17-1_sl3)

    Please pay close attention to the update notes for glite-CE and lcg-CE_torque on the corresponding update pages below as the TORQUE server needs special treatment for the update.
DPM / LFC
  • Update to LFC 1.6.3: Bulk queries for Atlas
  • Update to DPM 1.6.3: First production release of SRM 2.2 for DPM

Please also pay attention to the individual known issues that can be found on the individual service web pages!

Service updates
PriorityServiceVersionDetails
Normal glite-BDII 3.0.2-3 Details
Normal glite-CE 2.4.25-0 Details
Normal glite-FTS_mysql 3.0.11-0 Details
Normal glite-FTS_oracle 3.0.11-0 Details
Normal glite-LFC_mysql 3.0.12-0 Details
Normal glite-LFC_oracle 3.0.5-0 Details
Normal glite-MON_e2emonit 3.0.9-0 Details
Normal glite-MON 3.0.9-0 Details
Normal glite-PX 3.0.10-0 Details
Normal glite-SE_classic 3.0.11-0 Details
Normal glite-SE_dcache_gdbm 3.0.10-0 Details
Normal glite-SE_dcache 3.0.11-0 Details
Normal glite-SE_dpm_disk 3.0.13-0 Details
Normal glite-SE_dpm_mysql 3.0.13-0 Details
Normal glite-SE_dpm_oracle 3.0.6-0 Details
Normal glite-UI 3.0.13-1 Details
Normal glite-VOBOX 3.0.15-0 Details
Normal glite-WMS 2.3.22-0 Details
Normal glite-WMSLB 2.4.11-0 Details
Normal glite-WN 3.0.14-0 Details
Normal lcg-CE_torque 3.0.9-0 Details
Normal lcg-CE 3.0.11-1 Details
Normal lcg-RB 3.0.9-0 Details

26.02.07 - 3.0.2 Update 15

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.
Besides others, the following fixes are included:
 

glite-CE

  • Fix for BLAH creating accounting log file with incorrect lrmsID info.
Service updates
PriorityServiceVersionDetails
Normal glite-CE 2.4.23-4 Details
Normal glite-LB 2.2.9-0 Details
Normal glite-WMS2.3.21-0 Details
Normal glite-WMSLB2.4.10-0 Details

 

19.02.07 - 3.0.2 Update 14

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.
Besides others, the following fixes are included:


Configuration
  • This update fixes the incorrect behaviour of the XML parser when a remote siteconfig file is used.
WMS
  • This update introduces the limiter on WMS. With the limiter, when the CPU load is larger than certain value or memory usage is larger than certain value and disk usage is larger than certain value, WMProxy will refuse users' requests like job submission, list match. This is to ensure the submitted jobs work properly.
Service updates
PriorityServiceVersionDetails
Normal glite-CE 2.4.23-3 Details
Normal glite-FTA_mysql 3.0.9-0 Details
Normal glite-FTA_oracle 3.0.9-0 Details
Normal glite-FTS_mysql 3.0.10-0 Details
Normal glite-FTS_oracle 3.0.10-0 Details
Normal glite-LB 2.2.8-0 Details
Normal glite-LFC_mysql 3.0.11-0 Details
Normal glite-LFC_oracle 3.0.4-0 Details
Normal glite-MON_e2emonit 3.0.8-0 Details
Normal glite-MON 3.0.8-0 Details
Normal glite-PX 3.0.9-0 Details
Normal glite-SE_classic 3.0.10-0 Details
Normal glite-SE_dcache_gdbm 3.0.9-0 Details
Normal glite-SE_dcache 3.0.10-0 Details
Normal glite-SE_dpm_disk 3.0.12-0 Details
Normal glite-SE_dpm_mysql 3.0.12-0 Details
Normal glite-SE_dpm_oracle 3.0.5-0 Details
Normal glite-UI 3.0.13-0 Details
Normal glite-VOBOX 3.0.14-0 Details
Normal glite-VOMS_mysql 3.0.9-0 Details
Normal glite-VOMS_oracle 3.0.9-0 Details
Normal glite-WMS 2.3.20-0 Details
Normal glite-WMSLB2.4.9-0 Details
Normal glite-WN 3.0.13-0 Details
Normal lcg-CE_torque 3.0.7-4 Details
Normal lcg-CE 3.0.11-0 Details
Normal lcg-RB 3.0.8-0 Details

05.02.07 - 3.0.2 Update 13

 
08.02.07  -  Addition to 3.0.2 Updates 13 Release Notes
Please note that the tarballs are NOT working on 64bit nodes due to perl extensions not being able to run in 32bit mode on 64bit platforms.
 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates.
Besides others, the following fixes are included:

VOMS

  • New voms-admin version adding the attributes functionality.
  • The voms.massage script functionality has been incorporated into the voms configuration script and is no longer necessary to be run separately.
  • New configuration parameters

lcg-RB

  • condor-lcgrb replaces condor on lcg-RB nodes to make the Condor-G components more robust, particularly w.r.t. job proxies.

    WARNING: this patch makes the RB forget all _unfinished_ jobs.

    This means that the RB should be drained sufficiently before the
    patch is applied. One can prevent new job submissions by letting
    the node's firewall refuse remote (!) connections to port 9002.

    See individual service updates below for more details.
User Interface
  • Addition of WMProxy python API to the UI

Tarballs

  • The tarball has been updated to support the UI and WN on Scientific Linux 4.
  • Please note that the tarballs are NOT working on 64bit nodes due to perl extensions not being able to run in 32bit mode on 64bit platforms
Service updates
PriorityServiceVersionDetails
Normal glite-SE_classic 3.0.9-0 Details
Normal glite-SE_dpm_disk 3.0.11-0 Details
Normal glite-SE_dpm_mysql 3.0.11-0 Details
Normal glite-SE_dpm_oracle 3.0.4-0 Details
Normal glite-UI 3.0.12-0 Details
Normal glite-VOBOX 3.0.13-0 Details
Normal glite-VOMS_mysql 3.0.8-0 Details
Normal glite-VOMS_oracle 3.0.8-0 Details
Normal lcg-CE_torque 3.0.7-3 Details
Normal lcg-CE 3.0.10-0 Details
Normal lcg-RB 3.0.7-0 Details

22.01.07 -  3.0.2 Update 12

 
08.02.07  - Addition to 3.0.2 Updates 12 release notes
A critical bug on the gLite-WMS version contained in update 12 was found today, 24/01/07: https://savannah.cern.ch/bugs/?23249

The effect is that job submission through WMProxy, eg. using glite-wms-job-*, does not work. It does not affect job submission via WMS standard submission service using glite-job-* or directly to CEs.

A fix has been prepared and is now available in the production repository:

glite-wms-common-1.5.14-1.i386.rpm

All sites running WMS services which applied update 12 are kindly requested to apply the fix to solve the errors previously described. To fix the bug the rpm is required on the following nodes

  • glite-WMS
  • glite-WMSLB
It is also found on
  • glite-UI
  • glite-VOBOX
  • glite-WN

but there is no advantage to applying the update there.

The rpm will be available in the repository from 24.01.2007 19:30 on.

Description
This date contains multiple bug fixes in various areas. Please see below for the individual service updates.

Besides others, the following fixes are included:


edg-mkgridmap not robust against xml parsing errors.

  • We now specify ISO-8859-1 as the character encoding, such that the XML parser will not bomb out on finding a character with the high bit set.
  • Added "--cache" option for VDT, which causes the grid-mapfile to be treated as a cache, i.e. it is only rewritten when the contents change. The example edg-mkgridmap.conf file (overwritten by YAIM) has these changes.
  • Removed references to lcg-voms.cern.ch - added new sources for "lhcbsgm" and "lhcbprd"
  • Get "atlas" users from root group instead of "lcg1" subgroup.
Oracle RPM dependencies removed
  • The dependencies on the oracle-client RPMs have been removed as the oracle-clients can be installed in any format. gLite cannot provide the oracle-client RPMs due to license restrictions and Oracle is not always providing the Oracle clients in rpm format.

    Please make sure that you still install the oracle-client library in your preferred format.

WMS

  • The renewal_core library exports calls to perform actual renewal of a proxy using MyProxy and VOMS. It was initialy added to the 3.1 branch. This patch backports the library to 3.0 so it can be easily integrated with FTS. You need to reconfigure myproxy.

LB

  • multiple fixes (see individual services for details)

R-GMA

  • Gin, service-tool and standard-tables do not need to be restarted
  • Any user code that uses the rgma python api needs to be restarted such as the job status raw and gridftp logfile parsers.
  • R-GMA needs to be reconfigured for the servers so that the new default parameters are picked up for the consumer disc cache configuration and tomcat restarted.
  • All rgma services will need to be restarted to pick up the new file permissions (not world writable) - service-tool, flexible-archiver, publish-site, gin, glue-archiver(specific archiver configuration for glue)
Service updates
PriorityServiceVersionDetails
Normal glite-CE 2.4.23-2 Details
Normal glite-FTA_mysql 3.0.8-0 Details
Normal glite-FTA_oracle 3.0.8-0 Details
Normal glite-FTS_mysql 3.0.9-0 Details
Normal glite-FTS_oracle 3.0.9-0 Details
Normal glite-LB 2.2.7-0 Details
Normal glite-LFC_mysql 3.0.10-0 Details
Normal glite-LFC_oracle 3.0.3-0 Details
Normal glite-MON_e2emonit 3.0.7-0 Details
Normal glite-MON 3.0.7-0 Details
Normal glite-PX 3.0.8-0 Details
Normal glite-SE_classic 3.0.8-0 Details
Normal glite-SE_dcache_gdbm 3.0.8-0 Details
Normal glite-SE_dcache 3.0.9-0 Details
Normal glite-SE_dpm_disk 3.0.10-0 Details
Normal glite-SE_dpm_mysql 3.0.10-0 Details
Normal glite-SE_dpm_oracle 3.0.3-0 Details
Normal glite-UI 3.0.11-0 Details
Normal glite-VOBOX 3.0.12-0 Details
Normal glite-VOMS_mysql 3.0.6-1 Details
Normal glite-VOMS_oracle 3.0.5-0 Details
Normal glite-WN 3.0.11-0 Details
Normal glite-WMS 2.3.19-2 Details
Normal glite-WMSLB 2.4.8-0 Details
Normal lcg-CE_torque 3.0.7-2 Details
Normal lcg-CE 3.0.9-0 Details
Normal lcg-RB 3.0.6-1 Details

19.12.06 - 3.0.2 Update 11

 
Description
This update contains multiple bug fixes in various areas. Please see below for the individual service updates. Besides others, the following fixes are included:

New VOMS server host certificates
 
lcg-vomscerts v. 4.3.0 includes the new host certificate for voms.cern.ch in addition to the current certificate that will expire on Jan. 9 2007.

The modifications to site-info.def are NOT part of this update, and will be released the week of 9th January.

Here is the link to the instructions to change it manually, in case this is preferred (it is NOT required to be done now):
 

https://twiki.cern.ch/twiki/bin/view/LCG/VOConfigForSites2007


Updated YAIM

This yaim release completes the BDII_site and CE separation. It also contains the VOBOX password fix and various other bugfixes. Bug 21609 is however not fixed.

On the glite-CE node the following command should be run:

   run_function site-info.def <FQDN> config_bdii

To configure lcg-CE with site BDII the following command should be issued:

   configure_node site-info.def CE BDII_site

glite-WMS

All CEs are now visible and the GLITE_WMS_MATHCMAKING_CFLAGS macro has changed with GLITE_WMS_MATCHMAKING_CFLAGS.

File Transfer Service (FTS)

Multiple bug fixes and updates.

Cleanup-gridaccounts

Now only ext2, ext3 and xfs are considered local file systems.

Service updates
PriorityServiceVersionDetails
High glite-BDII 3.0.2-2 Details
High glite-CE 2.4.23-1 Details
High glite-FTA_mysql 3.0.7-0 Details
High glite-FTA_oracle 3.0.7-1 Details
High glite-FTS_mysql 3.0.8-0 Details
High glite-FTS_oracle 3.0.8-1 Details
High glite-LFC_mysql 3.0.9-0 Details
High glite-LFC_oracle 3.0.2-6 Details
High glite-MON_e2emonit 3.0.6-0 Details
High glite-MON 3.0.6-0 Details
High glite-PX 3.0.7-0 Details
High glite-SE_classic 3.0.7-0 Details
High glite-SE_dcache_gdbm 3.0.7-0 Details
High glite-SE_dcache 3.0.8-0 Details
High glite-SE_dpm_disk 3.0.9-0 Details
High glite-SE_dpm_mysql 3.0.9-0 Details
High glite-SE_dpm_oracle 3.0.2-6 Details
High glite-UI 3.0.10-1 Details
High glite-VOBOX 3.0.11-1 Details
High glite-WMSLB 2.4.7-0 Details
High glite-WMS 2.3.19-1 Details
High glite-WN 3.0.10-1 Details
High lcg-CE_torque 3.0.7-1 Details
High lcg-CE 3.0.8-0 Details
High lcg-RB 3.0.6-0 Details

11.12.06 -  3.0.2 Update 10

 
Description
This update contains multiple bug fixes in various areas. Besides others, the following fixes are included:
 

glite-CE

Introduced configuration for blah (/opt/glite/etc/blah.config) and blah cna generate logs for accounting.

APEL

Support added for glite CE and SGE batch system. Fixes of various bugs.

Service updates
PriorityServiceVersionDetails
Normal glite-CE 2.4.23-0 Details
Normal glite-LFC_mysql 3.0.8-0 Details
Normal glite-LFC_oracle 3.0.2-5 Details
Normal glite-MON_e2emonit 3.0.5-0 Details
Normal glite-MON 3.0.5-0 Details
Normal glite-PX 3.0.6-0 Details
Normal glite-SE_classic 3.0.6-0 Details
Normal glite-SE_dcache_gdbm 3.0.6-0 Details
Normal glite-SE_dcache 3.0.7-0 Details
Normal glite-SE_dpm_disk 3.0.8-0 Details
Normal glite-SE_dpm_mysql 3.0.8-0 Details
Normal glite-SE_dpm_oracle 3.0.2-5 Details
Normal glite-UI 3.0.10-0 Details
Normal glite-VOBOX 3.0.11-0 Details
Normal glite-WN 3.0.10-0 Details
Normal lcg-CE_torque 3.0.7-0 Details
Normal lcg-CE 3.0.7-0 Details
Normal lcg-RB 3.0.5-0 Details
 

14.11.06 - 3.0.2 Update 09

 
Description
This update contains multiple bug fixes in various areas. Besides others, the following fixes are included:
 


glite-WMS / glite-WMSLB update

This updates includes various bug fixes for the glite-WMS and adds support for a new version of condor to the glite-WMS and glite-WMSLB metapackages. Both glite-WMS and glite-WMSLB are using newer versions of condor than the rest of the gLite software stack. This newer condor version is served from a additional APT repository. Please make sure that you include the new APT repository in your APT setup. Details for the setup can be found here.

User Interfaces and VOBOX

Bug fix for chopped off filename in InputSandBox

VOMS server

Correction to incorrect path to fetch-crl tool on VOMS server

lcg-CE, lcg-CE_torque and WN

SAM JobWrapper tests added

fetch-crl update

Update to latest fetch-crl version
 


Please see below for the individual service updates.

Service updates
PriorityServiceVersionDetails
Normal glite-CE 2.4.18-7 Details
Normal glite-FTA_mysql 3.0.6-0 Details
Normal glite-FTA_oracle 3.0.7-0 Details
Normal glite-FTS_mysql 3.0.7-0 Details
Normal glite-FTS_oracle 3.0.8-0 Details
Normal glite-LB 2.2.6-0 Details
Normal glite-LFC_mysql 3.0.7-0 Details
Normal glite-LFC_oracle 3.0.2-4 Details
Normal glite-MON_e2emonit 3.0.4-1 Details
Normal glite-MON 3.0.4-1 Details
Normal glite-PX 3.0.5-0 Details
Normal glite-rgma-server-config 5.2.6-0 Details
Normal glite-rgma-servicetool-config 5.2.8-0 Details
Normal glite-SE_classic 3.0.5-0 Details
Normal glite-SE_dcache_gdbm 3.0.5-0 Details
Normal glite-SE_dcache 3.0.6-0 Details
Normal glite-SE_dpm_disk 3.0.7-0 Details
Normal glite-SE_dpm_mysql 3.0.7-0 Details
Normal glite-SE_dpm_oracle 3.0.2-4 Details
Normal glite-ui-config 1.3.22-4 Details
Normal glite-UI 3.0.9-0 Details
Normal glite-VOBOX 3.0.10-0 Details
Normal glite-VOMS_mysql 3.0.6-0 Details
Normal glite-VOMS_oracle 3.0.4-2 Details
Normal glite-WMSLB 2.4.6-0 Details
Normal glite-WMS 2.3.19-0 Details
Normal glite-wn-config 2.3.12-0 Details
Normal glite-WN 3.0.9-0 Details
Normal lcg-CE_torque 3.0.6-1 Details
Normal lcg-CE 3.0.6-1 Details
Normal lcg-RB 3.0.4-0 Details

24.10.06 - 3.0.2 Update 08

 
Description
Bugfix release for FTS

Service updates
PriorityServiceVersionDetails
Normal glite-FTA_mysql 3.0.5-0 Details
Normal glite-FTA_oracle 3.0.6-0 Details
Normal glite-FTS_mysql 3.0.6-0 Details
Normal glite-FTS_oracle 3.0.7-0 Details
Normal glite-UI 3.0.8-0 Details
Normal glite-VOBOX 3.0.9-0 Details
Normal glite-WN 3.0.8-0 Details

20.10.06 - 3.0.2 Update 07

 
Description

Torque/OpenPBS local root privilege escalation vulnerability

Grid Software Vulnerability Group Security Advisory

-- Date: 2006-10-20

Background

Torque/OpenPBS is the batch job manager that implements the mechanism for job submission to the local computing nodes.

Pbs_mom is Torque/OpenPBS's component that manages the lifecycle of batch jobs on the Worker Nodes and provides the node status to the Torque/OpenPBS server part.

Affected Software

gLite <= 1.5, LCG <= 2.7.x, gLite <= 3.0.x.

Affected Components

All versions of OpenPBS and Torque are affected.

For gLite 3.x the affected meta-package are:

    glite-torque-client-config

    lcg-CE_torque

    glite-torque-server-config

    glite-CE

For LCG 2.x the affected meta-package is lcg-WN_torque.

For gLite 1.x the affected component is "Torque Client for the gLite Worker Nodes".

EGEE Grid software installs torque-1.0.1p6 by default, but it is known that sites tend to use newer versions of Torque or older versions of OpenPBS. Such setups are also vulnerable.

Vulnerability Details

By creating a malicious symbolic link, a local attacker could easily gain root privileges on any node running pbs_mom (typically Worker Node).

The Torque/OpenPBS's pbs_mom is writing the output and error messages from user jobs to predictable files using root privileges.

Unfortunately, Torque/OpenPBS is affected by a flaw that can enable a malicious user to symlink to any file on the system from these Torque/OpenPBS files, causing the output/error messages to be appended to arbitrary files. As a result, it is possible for the attacker to create, modify or execute arbitrary files on the system with root privileges.

-- Grid Security Vulnerability Group Response The Grid Security Vulnerability Group views this issue as EXTREMELY CRITICAL and strongly recommends that all sites using Torque/OpenPBS upgrade to the latest version of Torque/OpenPBS IMMEDIATELY, following the directions of the "Installation Notes" section.

-- Further documentation

This advisory is also available at the following URL:

http://www.gridpp.ac.uk/gsvg/

-- Installation Notes

The following rpms have been made available;

torque-1.0.1p6-13.SL30X.st.i386.rpm

torque-clients-1.0.1p6-13.SL30X.st.i386.rpm

torque-devel-1.0.1p6-13.SL30X.st.i386.rpm

torque-resmom-1.0.1p6-13.SL30X.st.i386.rpm

torque-server-1.0.1p6-13.SL30X.st.i386.rpm

These are appropriate to fix what is distributed with gLite 3.0 and LCG-2_7_0.

They are available in the appropriate repositories for each distribution.

http://glitesoft.cern.ch/EGEE/gLite/APT/R3.0/rhel30/RPMS.updates/

http://grid-deployment.web.cern.ch/grid-deployment/gis/apt/LCG-2_7_0/sl3/en/i386/RPMS.lcg_sl3.security/

We are distributing the full rpm set, but please note that the vulnerability is patched by upgrading the pbs_mom on the WNs. An upgrade of the head node is not strictly required.

After the upgrade, please ensure that pbs_mom has restarted properly (the rpm update should do this automatically).

Credit

This vulnerability was disclosed[1] in the BugTraq mailing list by Luis Miguel Silva (ISPGaya). The vulnerability was reported to the GSVG by Eygene Ryabinkin (RRC-KI).

-- Disclosure Timeline<2006-10-18 Vulnerability disclosed in the BugTraq list by

Luis Miguel Silva (ISPGaya).

2006-10-20 Vulnerability reported to GSVG by Eygene Ryabinkin (RRC-KI)

2006-10-20 Initial response from the Grid Security Vulnerability Group

2006-10-20 OSCT notified of the vulnerability

2006-10-20 Initial patch provided by GSVG

2006-10-20 Updated sources available

2006-10-20 Updated LCG and gLite packages available

2006-10-20 Release preparation completed completed

2006-10-20 Public disclosure<2006-10-20 Site Admins and LCG Security Contacts notified

ReferencesReferences

1. The original BugTraq thread:

http://www.securityfocus.com/archive/1/449248/30/0/threaded

17.10.06 - 3.0.2 Update 06

 
Description
This set of updates contains bug fixes for DPM and LFC (DPM/LFC 1.5.10).

It contains a

    - security fix in DPM server
    - fix to avoid crash in LFC python interface
    - fix to avoid crash in dpm-gridftp server when using edg-gridftp-rename
 

Please see below for the individual service updates.



Information for the DPM server vulnerability


Vulnerability details

DPM Pool administrative commands suffer from a trivial user privilege escalation. Using a proxy certificate, a malicious user could disrupt (DoS) the DPM service, and cause data stored by the target DPM service to be corrupted or lost.

Affected Software
 

 gLite 3.0, LCG 2.7.0 and prior versions
 
Affected Components

From the components below, all versions prior to these are affected:

  - LFC-client-1.5.10-1sec
  - LFC-interfaces-1.5.10-1
  - LFC-server-mysql-1.5.10-1sec
  - LFC-server-oracle-1.5.10-1sec
  - DPM-client-1.5.10-1sec
  - DPM-gridftp-server-1.5.10-1
  - DPM-interfaces-1.5.10-1sec
  - DPM-name-server-mysql-1.5.10-1sec
  - DPM-name-server-oracle-1.5.10-1sec
  - DPM-rfio-server-1.5.10-1sec
  - DPM-server-mysql-1.5.10-1sec
  - DPM-server-oracle-1.5.10-1sec
  - DPM-srm-server-mysql-1.5.10-1sec
  - DPM-srm-server-oracle-1.5.10-1sec

Grid Security Vulnerability Group Response

The Grid Security Vulnerability Group strongly recommends that all sites upgrade the relevant components to the following versions BEFORE 2006/11/08. It is also advised to protect access to TCP/5015 on the DPM server, for instance by using a local firewall.

Further documentation

This advisory is also available at the following URL:
http://www.gridpp.ac.uk/gsvg/

Credit

This vulnerability was initially reported to the Grid Security Vulnerability Group by Antonio Delgado Peris.

Disclosure Timeline

2006-08-07 Bug initially reported to gLite Middleware
2006-08-07 Initial response from the DPM developers
2006-08-15 Initial report to the Grid Security Vulnerability Group
2006-08-16 Initial response from the Grid Security Vulnerability Group
2006-09-12 Updated sources received by the integration team
2006-10-05 Updated components sent to preproduction
2006-10-16 Updated LCG and gLite packages available
2006-10-17 Certification and release preparation completed
2006-10-18 Public disclosure
 

Known Issues
Please pay attention to the known issues. You can find the list of all known issues here or split up by service in the individual service update pages.


Service updates
PriorityServiceVersionDetails
High glite-LFC_mysql 3.0.6-0 Details
High glite-LFC_oracle 3.0.2-3 Details
High glite-SE_dpm_disk 3.0.6-0 Details
High glite-SE_dpm_mysql 3.0.6-0 Details
High glite-SE_dpm_oracle 3.0.2-3 Details
High glite-ui-config 1.3.22-2 Details
High glite-UI 3.0.7-0 Details
High glite-VOBOX 3.0.8-0 Details
High glite-wn-config 2.3.10-0 Details
High glite-WN 3.0.6-0 Details
High lcg-RB 3.0.3-2 Details

11.10.06 - 3.0.2 Update 05

 
Description
This set of updates contains various bug fixes to several components/features, including:

   - glite-service-discovery
   - BDII
   - FTS info provider, FTS CLI
   - DPM/LFC 1.5.8
   - DPM-FTP
   - GFAL and lcg-utils for DPM/LFC 1.5.8
   - e2emonit

Known Issues
Please pay attention to the known issues. You can find the list of all known issues here or split up by service in the individual service update pages.

Service updates
PriorityServiceVersionDetails
Normal glite-BDII 3.0.2-1 Details
Normal glite-CE 2.4.18-4 Details
Normal glite-FTA_mysql 3.0.4-0 Details
Normal glite-FTA_oracle 3.0.5-0 Details
Normal glite-FTS_mysql 3.0.5-0 Details
Normal glite-FTS_oracle 3.0.6-0 Details
Normal glite-LFC_mysql 3.0.5-0 Details
Normal glite-LFC_oracle 3.0.2-2 Details
Normal glite-MON_e2emonit 3.0.4-0 Details
Normal glite-SE_dpm_disk 3.0.5-0 Details
Normal glite-SE_dpm_mysql 3.0.5-0 Details
Normal glite-SE_dpm_oracle 3.0.2-2 Details
Normal glite-ui-config 1.3.22-1 Details
Normal glite-UI 3.0.6-0 Details
Normal glite-VOBOX 3.0.7-0 Details
Normal glite-WMSLB 2.4.5-0 Details
Normal glite-WMS 2.3.15-1 Details
Normal glite-wn-config 2.3.9-0 Details
Normal glite-WN 3.0.5-0 Details
Normal lcg-CE_torque 3.0.5-0 Details
Normal lcg-CE 3.0.6-0 Details
Normal lcg-RB 3.0.3-1 Details

20.09.06 - 3.0.2 Update 04


Description
This set of updates contains various bug fixes to FTS, including an SRM copy fix.

The criticality of the bugs is: Infrequent >50% service degradation. For details, see the individual service updates.

 
Known Issues
Please pay attention to the known issues. You can find the list of all known issues here or split up by service in the individual service update pages.
 
Service updates
PriorityServiceVersionDetails
normal glite-FTS_mysql 3.0.4 Details
normal glite-FTS_oracle 3.0.5 Details
normal glite-FTA_mysql3.0.3 Details
normal glite-FTA_oracle 3.0.4 Details
normal glite-UI 3.0.5 Details
normal glite-ui-config1.3.22 Details
normal glite-VOBOX 3.0.6 Details

 

05.09.06 - 3.0.2 Update 03

 

Description

This set of updates fixes a security issue.  The text of the advisory is reproduced here:
 



Proxy Generation Tool Insecure Temporary File Handling Vulnerability (2006/09/05)

  • Affected Software:

      gLite 3.0, LCG 2.7.0 and prior versions
  • Affected Components:

      vdt_globus_essentials-VDT1.2.2rh9_LCG-1.i386.rpm
      vdt_globus_essentials-VDT1.2.2rh9-1.i386.rpm
      vdt_globus_sdk-VDT1.2.2rh9-1.i386.rpm
      vdt_globus_essentials-VDT1.2.5ia64_slc3-4.ia64.rpm
      vdt_globus_sdk-VDT1.2.5ia64_slc3-4.ia64.rpm
      glite-security-voms-clients-1.6.10-0.i386.rpm
      glite-security-voms-clients-1.6.16-1.i386.rpm
      glite-security-voms-clients-1.6.19-0.ia64.rpm
      voms-client_gcc3_2_2-1.5.4-1_sl3.i386.rpm
      voms-client-1.5.4-1_sl3.ia64.rpm

    Previous versions of the above rpms are also affected.
  • Reference:

    gLite and LCG are using VDT 1.2.x, VOMS 1.5.4 and VOMS 1.6.x, which suffer from issues relating to the following flaw reported by Globus:

    http://www-unix.globus.org/mail_archive/security-announce/2006/08/msg00002.html

  • Vulnerability details:

    voms-proxy-init, grid-proxy-init, myproxy-init are used to create proxy certificates to authenticate against Grid services. The current versions are affected by flaws caused by an insecure handling of temporary files during the generation of the proxy certificates. Consequently, under some circumstances, a local attacker could create carefully crafted files, in order to obtain the newly generated Grid proxy certificates of other users or to cause an arbitrary file writable for the user to be overwritten.

  • Grid Security Vulnerability Group Response:

    The Grid Security Vulnerability Group strongly recommends that all sites upgrade the relevant components to the following versions BEFORE 2006/09/19.

  • Installation Notes

    The UIs are particularly impacted by this vulnerability and should receive the fixed packages as a priority.

    The glite 3.0 nodes affected are

    glite-CE
    glite-FTA_mysql
    glite-FTA_oracle
    glite-FTS_mysql
    glite-FTS_oracle
    glite-LB
    glite-LFC_mysql
    glite-LFC_oracle
    glite-MON
    glite-MON_e2emonit
    glite-PX
    glite-SE_classic
    glite-SE_dcache
    glite-SE_dcache_gdbm
    glite-SE_dpm_disk  
    glite-SE_dpm_mysql
    glite-SE_dpm_oracle
    glite-ui-config
    glite-UI
    glite-VOBOX
    glite-VOMS_mysql
    glite-VOMS_oracle
    glite-WMS
    glite-WMSLB
    glite-WN  
    lcg-CE 
    lcg-CE_torque
    lcg-RB

    The appropriate middleware repositories have been updated, and there is no reconfiguration required, but you should run ldconfig after installing the LCG-2_7_0 updates. The updates are as follows;

    GLITE 3.0 on i386

    http://glitesoft.cern.ch/EGEE/gLite/APT/R3.0/rhel30/RPMS.updates/
    http://glitesoft.cern.ch/EGEE/gLite/APT/R3.0/rhel30/RPMS.externals/

    glite-security-voms-clients-1.6.16-2.rpm
    voms-client_gcc3_2_2-1.5.4-2_sl3.i386.rpm

    vdt_globus_essentials-VDT1.2.2rh9_LCG-2.i386.rpm
    vdt_globus_sdk-VDT1.2.2rh9_LCG-2.i386.rpm

    A new version, 3.0.4, of the relocatable tarball is also available.

    http://cern.ch/grid-deployment/glite-web/egee/packages/R3.0/R20060829_3_0_3/bin/rhel30/i386/tgz/glite-UI_WN-3.0.4.tar.gz

    LCG-2_7_0 on i386

    http://grid-deployment.web.cern.ch/grid-deployment/gis/apt/LCG-2_7_0/sl3/en/i386

    glite-security-voms-clients-1.6.16-2.rpm
    glite-security-voms-api-cpp-1.6.16-4.i386.rpm
    glite-security-voms-api-c-1.6.16-4.i386.rpm
    glite-security-voms-api-1.6.16-3.i386.rpm
    voms-client_gcc3_2_2-1.5.4-2_sl3.i386.rpm

    vdt_globus_essentials-VDT1.2.2rh9_LCG-2.i386.rpm
    vdt_globus_sdk-VDT1.2.2rh9_LCG-2.i386.rpm

    You should run 'ldconfig' after installing these updates.

    LCG-2_7_0 on ia64

    http://grid-deployment.web.cern.ch/grid-deployment/RpmDir_ia64-sl3/

    vdt_globus_essentials-VDT1.2.5ia64_slc3_LCG-2.ia64.rpm
    vdt_globus_sdk-VDT1.2.5ia64_slc3_LCG-2.ia64.rpm
    voms-client-1.5.4-2_sl3.ia64.rpm

    An update to the voms-client-1.6 series on ia64 will be released when available.

    In the meantime we recommend

    chmod 0 $GLITE_LOCATION/bin/voms-proxy-init

    on any ia64 UIs.

    Remember to report any issues with this set of updates using GGUS;

    http://www.ggus.org
     

  • Further documentation

    This advisory is available at the following URL

    http://cern.ch/grid-deployment/glite-web/egee/packages/R3.0/updates.asp
     
  • Credit

    This vulnerability was initially reported to Globus by Benjamin Bennett (Pittsburgh Supercomputing Center).
     

  • Disclosure Timeline

    2006-08-15    Vulnerability announced by Globus
    2006-08-16    Initial response from the Grid Security Vulnerability Group
    2006-08-16    Initial response from the VOMS developers
    2006-08-18    Initial response from the VDT developers
    2006-08-25    First updated sources received by the integration team
    2006-08-29    All updated sources received by the integration team
    2006-09-01    Updated LCG and gLite packages available
    2006-09-04    Certification and release preparation completed
    2006-09-05    Public disclosure
    ************************************************************************

Service updates
PriorityServiceVersionDetails
high glite-UI 3.0.4 Details
high glite-CE 2.4.18-2 Details
high glite-SE_classic 3.0.4 Details
high glite-SE_dpm_disk 3.0.4 Details
high glite-SE_dpm_mysql 3.0.4 Details
high glite-SE_dpm_oracle 3.0.2-1 Details
high glite-VOMS_mysql 3.0.5 Details
high glite-VOMS_oracle 3.0.4-1 Details
high lcg-RB 3.0.3 Details
high glite-WN 3.0.4 Details
high glite-VOBOX 3.0.5 Details
high glite-FTA_mysql 3.0.2 Details
high glite-FTA_oracle 3.0.3 Details
high glite-FTS_mysql 3.0.3 Details
high glite-FTS_oracle 3.0.4 Details
high glite-LB 2.2.5 Details
high glite-LFC_mysql 3.0.4 Details
high glite-LFC_oracle 3.0.2-1 Details
high glite-MON 3.0.4 Details
high glite-MON_e2emonit 3.0.3 Details
high glite-PX 3.0.4 Details
high glite-SE_dcache 3.0.5 Details
high glite-SE_dcache_gdbm 3.0.4 Details
high glite-WMS 2.3.15 Details
high glite-WMSLB 2.4.4 Details
high lcg-CE3.0.5 Details
high lcg-CE_torque3.0.4 Details
high glite-ui-config1.3.21 Details

28.08.06 - 3.0.2 Update 02


This set of updates contains a bug fix for the lcg-info-dynamic-scheduler fix for host/queue name matching.
 
Description
Known Issuesown Issues
Please pay attention to the known issues. You can find the list of all known issues here or split up by service in the individual service update pages.
 
Service updates
PriorityServiceVersionDetails
normal glite-CE 2.4.18-1 Details
normal glite-VOBOX 3.0.4 Details
normal lcg-CE3.0.4 Details
normal lcg-CE_torque3.0.3 Details

21.08.06 - 3.0.2 Update 01


Description
This set of updates contains various bug fixes and WMS support for Glue 1.2. For details, see the individual service updates below. Please read the following individual notes before installing or upgrading and pay attention to the known issues.

Known Issues
Please pay attention to the known issues. You can find the list of all known issues here or split up by service in the individual service update pages.
 

General notes
  • glite-WMSLB
  • glite-FTS
  • relocatable distribution (please see the Notes)
Reconfiguration
CAs

Note that in later versions of yaim, the default repository for CAs has changed:

CA_REPOSITORY="rpm "rpm http://linuxsoft.cern.ch/ LCG-CAs/current production"

In a standard configuration, you can just put this value in the file /etc/apt/sources.list.d/lcg-ca.list if you don't want to rerun yaim. 
Other information

An updated port table for gLite is available, managed via CVS:

http://jra1mw.cvs.cern.ch:8180/cgi-bin/jra1mw.cgi/org.glite.site-info.ports/doc/

Service updates
PriorityServiceVersionDetails
normal glite-BDII3.0.2 Details
normal glite-CE2.4.18 Details
normal glite-FTA_mysql3.0.1-0 Details
normal glite-FTA_oracle3.0.1-0 Details
normal glite-FTS_mysl3.0.2 Details
normal glite-FTS_oracle3.0.3 Details
normal glite-LB2.2.4-0 Details
normal glite-LFC_mysql3.0.3 Details
normal glite-LFC_oracle3.0.2 Details
normal glite-MON3.0.3 Details
normal glite-MON_e2emonit3.0.2 Details
normal glite-PX3.0.3 Details
normal glite-rgma-server-config5.2.5 Details
normal glite-SE_classic3.0.3 Details
normal glite-SE_dcache3.0.4 Details
normal glite-SE_dcache_gdbm3.0.3 Details
normal glite-SE_dpm_disk3.0.3 Details
normal glite-SE_dpm_mysql3.0.3 Details
normal glite-SE_dpm_oracle3.0.2 Details
normal glite-UI3.0.3 Details
normal glite-ui-config1.3.20 Details
normal glite-VOMS_mysql3.0.4-0 Details
normal glite-VOMS_oracle3.0.4-0 Details
normal glite-WMS2.3.14 Details
normal glite-WMSLB2.4.3 Details
normal glite-WN3.0.3 Details
normal glite-wn-config2.3.8 Details
normal lcg-CE3.0.3 Details
normal lcg-CE_torque3.0.2 Details
normal lcg-RB3.0.2 Details