Hi,
I will check tomorrow.
Doug
Sent from my iPad
On Oct 1, 2010, at 22:35, "Wei Yang via RT" <[log in to unmask]> wrote:
>
> I have two questions, one for Doug and one for Andy:
>
> Q for Doug: when you start xrootdfs, does the LD_LIBRARY_PATH include lib path to xrootd libs? Since you configured xrootd cluster to use security module. xrootdfs, as a client also need /opt/osg-v1.2.13/xrootd/lib in LD_LIBRARY_PATH
>
> Q for Andy: with auth file like this:
>
> u * /atlas lr
> u xrootd /atlas a
>
I
> which rule will be used for user xrootd?
>
> regards,
> Wei Yang | [log in to unmask] | 650-926-3338(O)
>
>
> On Oct 1, 2010, at 1:05 PM, [log in to unmask] via RT wrote:
>
>>
>> Queue/Owner: xrootd-bugs [new] Nobody
>> Requestors: <[log in to unmask]>
>> Ticket: https://www-rt.slac.stanford.edu/rt3/Ticket/Display.html?id=253795
>>
>> Transaction: Ticket created by [log in to unmask]
>>
>> Hello ,
>>
>> I would like to report some strange behavior. (It might be
>> a misconfiguration on my part). I am not able to delete
>> files using xrootfs
>>
>> Here is the error.
>>
>> [xrootd@atl003 osg-v1.2.13]$ rm
>> /xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root
>> rm: cannot remove
>> `/xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root':
>> Permission denied
>> [xrootd@atl003 osg-v1.2.13]$ ls -l
>> /xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root
>> -rw-rw-rw- 1 xrootd xrootd 1230413299 Sep 28 17:27
>> /xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root
>>
>> I apologize for the very long paths.
>>
>> The user running the xrootd is xrootd.
>>
>> xrootdfs is running on the redirector node -
>>
>> Here are the xrootdfs environmental variables -
>> export XROOTDFS_RDRURL=root://atl003.phy.duke.edu:1094//atlas
>> export XROOTDFS_FASTLS="RDR"
>> export XROOTDFS_USER=xrootd
>> MOUNT_POINT=/xrootdfs
>> $dir/xrootdfsd $MOUNT_POINT -o allow_other,fsname=xrootdfs,max_write=131072
>>
>> Here is the xrootd config file from the redirector node and the data nodes:
>> -----------------------------------------------------
>> set thishostname=$HOSTNAME
>> set xrootdlocation = /opt/osg-v1.2.13/xrootd
>> set xrdr = atl003.phy.duke.edu
>> all.export /atlas
>> all.adminpath ${xrootdlocation}/var/admin
>> all.manager $(xrdr):1213
>> cms.allow host *.phy.duke.edu
>>
>> xrootd.fslib ${xrootdlocation}/lib/libXrdOfs.so
>>
>> if $(xrdr) && named cns
>> all.export /atlas/inventory
>> xrd.port 1095
>> else if $(xrdr)
>> xrd.port 1094
>> all.role manager
>> else
>> xrd.port 1093
>> all.role server
>> xrootd.chksum max 3 adler32 ${xrootdlocation}/bin/xrdadler32
>> #set osscachepath = /atlas
>> #oss.cache public $(osscachepath)/* xa
>> oss.usage log ${xrootdlocation}/var/admin
>> # ENABLE_SECURITY_WITHOUT_CNSD_BEGIN
>> xrootd.seclib /opt/osg-v1.2.13/xrootd/lib/libXrdSec.so
>> # this specify that we use the 'unix' authentication module, additional one can be specified.
>> sec.protocol /opt/osg-v1.2.13/xrootd/lib unix
>> # this is the authorization file
>> acc.authdb /opt/osg-v1.2.13/xrootd/etc/auth_file
>> ofs.authorize
>> sec.protbind *.phy.duke.edu unix
>> # ENABLE_SECURITY_WITHOUT_CNSD_END
>> ofs.notify closew create mkdir mv rm rmdir trunc | $(xrootdlocation)/bin/XrdCnsd -d -D 2 -i 90 -b atl003.phy.duke.edu:1095:/atlas/inventory
>> # ofs.notify closew create mkdir mv rm rmdir trunc | $(xrootdlocation)/bin/XrdCnsd -d -D 2 -i 90 -b /atlas/inventory
>> fi
>> ---------------------------------------------------------
>> Here is the auth file -
>> ---------------------------------------------------------
>> # This means that all the users have read access to the datasets
>> u * /atlas lr
>>
>> # This means that all the users have full access to their private dirs
>> u = /atlas/local/@=/ a
>>
>> # This means that this privileged user can do everything
>> # You need at least one user like that, in order to create the
>> # private dir for each user willing to store his data in the facility
>> u xrootd /atlas a
>> --------------------------------------------------------
>>
>> Regards,
>>
>> Doug Benjamin
>>
>>
>>
>
>
> <winmail.dat>
|