@abh3 Thanks, indeed I got the grpopt
numbers flipped! Sorry for that.
However, I can also reproduce the problem with "12":
sec.protocol /usr/lib64 gsi -dlgpxy:1 -exppxy:=creds -ca:1 -crl:3 -gridmap:/dev/null -cert:/etc/grid-security/hostcert.pem -key:/etc/grid-security/hostkey.pem -certdir:/etc/grid-security/certificates -vomsfun:/usr/lib64/libXrdSecgsiVOMS.so -vomsfunparms:certfmt=raw|vos=atlas,ops,dteam,wlcg|grps=/atlas,/ops,/dteam,/wlcg|grpopt=12
(i.e. authentication for any but the first VO fails) vs.
sec.protocol /usr/lib64 gsi -dlgpxy:1 -exppxy:=creds -ca:1 -crl:3 -gridmap:/dev/null -cert:/etc/grid-security/hostcert.pem -key:/etc/grid-security/hostkey.pem -certdir:/etc/grid-security/certificates -vomsfun:/usr/lib64/libXrdSecgsiVOMS.so -vomsfunparms:certfmt=raw|grpopt=12|vos=atlas,ops,dteam,wlcg|grps=/atlas,/ops,/dteam,/wlcg
which works fine.
Interestingly, it also fails if I completely remove grpopt
. My understanding of the code / documentation was that 12
is the setting which will automatically be used if grps
is set.
I'm using xrootd
4.12.1 (with xrootd-voms
4.12.1).
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1