 |
 |
Following a user report, we have found that when a user accesses xroot via a VOMS proxy certificate that includes a VOMS role, the X509 plugin seems to require that a mapping be defined on the server side for that role Failure to provide a mapping results in the plugin to map the user to a default uid = 99 (ie 'nobody'), as can be seen in this log excerpt: `160115 13:19:48 time=1452860388430486 func=GetIdMapping level=WARN logid=1267d8fe-bb7a-11e5-a0f5-c860001bd8b2 unit=rdr@c2public-1cernch:1094 tid=139751941015296 source=XrdxCastor2Fs:1841 tid ent=dirac31411:74@voilcdiractest04 msg="no passwd struct found for role=dirac" 160115 13:19:48 time=1452860388430564 func=GetIdMapping level=DEBUG logid=1267d8fe-bb7a-11e5-a0f5-c860001bd8b2 unit=rdr@c2public-1cernch:1094 tid=139751941015296 source=XrdxCastor2Fs:1846 tid ent=dirac31411:74@voilcdiractest04 msg="role=dirac -> uid/gid=99/99"` Shouldn't the appropriate behavior instead be to ignore the role and map the user according to the loaded gridmap file? Can you please check the code? --- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/327 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1