LISTSERV 16.5 - XROOTD-L Archives

I have two questions, one for Doug and one for Andy:

Q for Doug:  when you start xrootdfs, does the LD_LIBRARY_PATH include lib path to xrootd libs? Since you configured xrootd cluster to use security module. xrootdfs, as a client also need /opt/osg-v1.2.13/xrootd/lib in LD_LIBRARY_PATH

Q for Andy: with auth file like this:

u * /atlas lr
u xrootd /atlas a

which rule will be used for user xrootd?

regards,
Wei Yang  |  [log in to unmask]  |  650-926-3338(O)


On Oct 1, 2010, at 1:05 PM, [log in to unmask] via RT wrote:

> 
> Queue/Owner: xrootd-bugs [new] Nobody
> Requestors:  <[log in to unmask]>
>     Ticket: https://www-rt.slac.stanford.edu/rt3/Ticket/Display.html?id=253795
> 
> Transaction: Ticket created by [log in to unmask]
> 
> Hello ,
> 
>   I would like to report some strange behavior. (It might be
> a misconfiguration on my part).  I am not able to delete
> files using xrootfs
> 
> Here is the error.
> 
> [xrootd@atl003 osg-v1.2.13]$ rm 
> /xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root
> rm: cannot remove 
> `/xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root': 
> Permission denied
> [xrootd@atl003 osg-v1.2.13]$ ls -l 
> /xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root
> -rw-rw-rw- 1 xrootd xrootd 1230413299 Sep 28 17:27 
> /xrootdfs/group10/perf-egamma/data10_7TeV/group10.perf-egamma.data10_7TeV.periodF1.physics_Egamma.PhysCont.NTUP_EGAMMA.v1.Filtr.1g1eORALL_v1/group10.perf-egamma.01879_000616._00011.NTUP.Filtred.periodF1_0.root
> 
> I apologize for the very long paths.
> 
> The user running the xrootd is xrootd.
> 
> xrootdfs is running on the redirector node -
> 
> Here are the xrootdfs environmental variables -
> export XROOTDFS_RDRURL=root://atl003.phy.duke.edu:1094//atlas
> export XROOTDFS_FASTLS="RDR"
> export XROOTDFS_USER=xrootd
> MOUNT_POINT=/xrootdfs
> $dir/xrootdfsd $MOUNT_POINT -o allow_other,fsname=xrootdfs,max_write=131072
> 
> Here is the xrootd config file from the redirector node and the data nodes:
> -----------------------------------------------------
> set thishostname=$HOSTNAME
> set xrootdlocation = /opt/osg-v1.2.13/xrootd
> set xrdr = atl003.phy.duke.edu
> all.export /atlas
> all.adminpath ${xrootdlocation}/var/admin
> all.manager $(xrdr):1213
> cms.allow host *.phy.duke.edu
> 
> xrootd.fslib ${xrootdlocation}/lib/libXrdOfs.so
> 
> if $(xrdr) && named cns
>          all.export /atlas/inventory
>          xrd.port 1095
> else if $(xrdr)
>         xrd.port 1094
>         all.role manager
> else
>         xrd.port 1093
>         all.role server
>         xrootd.chksum max 3 adler32 ${xrootdlocation}/bin/xrdadler32
>         #set osscachepath = /atlas
>         #oss.cache public $(osscachepath)/* xa
>         oss.usage log ${xrootdlocation}/var/admin
>         # ENABLE_SECURITY_WITHOUT_CNSD_BEGIN
>         xrootd.seclib /opt/osg-v1.2.13/xrootd/lib/libXrdSec.so
>         # this specify that we use the 'unix' authentication module, additional one can be specified.
>         sec.protocol /opt/osg-v1.2.13/xrootd/lib unix
>         # this is the authorization file
>         acc.authdb /opt/osg-v1.2.13/xrootd/etc/auth_file
>         ofs.authorize
>         sec.protbind *.phy.duke.edu unix
>         # ENABLE_SECURITY_WITHOUT_CNSD_END
>         ofs.notify closew create mkdir mv rm rmdir trunc |  $(xrootdlocation)/bin/XrdCnsd -d -D 2 -i 90 -b atl003.phy.duke.edu:1095:/atlas/inventory
> #        ofs.notify closew create mkdir mv rm rmdir trunc |  $(xrootdlocation)/bin/XrdCnsd -d -D 2 -i 90 -b /atlas/inventory
> fi
> ---------------------------------------------------------
> Here is the auth file -
> ---------------------------------------------------------
> # This means that all the users have read access to the datasets
> u * /atlas lr
> 
> # This means that all the users have full access to their private dirs
> u = /atlas/local/@=/ a
> 
> # This means that this privileged user can do everything
> # You need at least one user like that, in order to create the
> # private dir for each user willing to store his data in the facility
> u xrootd /atlas a
> --------------------------------------------------------
> 
> Regards,
> 
> Doug Benjamin
> 
> 
>