Difference between revisions of "Preview 1.1.0"
Line 103: | Line 103: | ||
For instruction on how to enable this feature, see the [http://italiangrid.github.io/voms/release-notes/voms-admin-server/3.3.2 VOMS Admin 3.3.2 release notes]. | For instruction on how to enable this feature, see the [http://italiangrid.github.io/voms/release-notes/voms-admin-server/3.3.2 VOMS Admin 3.3.2 release notes]. | ||
Disable membership expiration notifications | |||
==== Disable membership expiration notifications ==== | |||
Is now possible to disable membership expiration notifications. This kind of notification do not make sense in deployments, like at CERN, where a VO administrator cannot extend the lifetime of VO members. | Is now possible to disable membership expiration notifications. This kind of notification do not make sense in deployments, like at CERN, where a VO administrator cannot extend the lifetime of VO members. | ||
Line 109: | Line 110: | ||
To disable membership expiration notifications either: | To disable membership expiration notifications either: | ||
* reconfigure the affected VO with ''voms-configure'' specifying the ''--disable-membership-expiration-warnings'' option | |||
* set the ''voms.membership.disable_expiration_warning'' in ''/etc/voms-admin/<VO>/service.properties'' | |||
A restart of the service is required. | A restart of the service is required. | ||
Revision as of 12:44, 9 March 2016
STORM 1.11.10
Description and released components
This release provides fixes and improvements for the several components.
It's HIGHLY RECOMMENDED to upgrade your installation to the version of StoRM WebDAV included in this release, that provides fixes for a security vulnerability affecting the Milton webdav library.
- StoRM Backend v. 1.11.10: This release fixes an improper management of SURL status that can lead to PutDone errors and locked SURLs. It fixes also a minor issue related to the retrieved error message in case an expired token is used with srmAbort.
- StoRM Info Provider v. 1.7.9: This release fixes a missing Glue2 field, not published on the BDII.
- StoRM GridHTTPs v. 3.0.4: This release provides a fix for a security vulnerability and another minor bug fix on the returned error code when copy and move operation are done on equal source and destination.
- StoRM WebDAV v. 1.0.4: This release provides a fix for a security vulnerability that was recently reported, and adds support for RFC-3230. It explains how to get checksum type and value of the stored resources. From this release, each HEAD and GET response will include a header like:
Digest: adler32=8a23d4f8
to be compliant with RFC-3230 specific.
Bug fixes
- STOR-234 - Storm BE does not manage correctly abort requests of expired tokens
- STOR-741 - WebDAV MOVE and COPY requests with source equal to destination fail with 412 instead of 403
- STOR-835 - Improper management of SURL status can lead to PutDone errors and locked SURLs
- STOR-837 - Missing GlueSAPath from Storage Areas BDII info
Improvements
- STOR-700 - Add support for RFC 3230 in StoRM WebDAV service
Security vulnerabilities
More information concerning the security vulnerabilities addressed by this release are going to be published when appropriate at this URL
Installation and configuration
Packages can be obtained from Preview repositories.
In general, to re-configure the services, follow the commands below.
- First of all, reconfigure storm-info-provider:
/usr/libexec/storm-info-provider configure
- Then, restart the involved services and the BDII:
service storm-backend-server restart service storm-webdav restart service bdii restart
Alternatively, you can simply run YAIM.
You can find more information about upgrade, clean installation and configuration of StoRM services in the System Administration Guide.
The instructions per component are below.
StoRM Backend v. 1.11.10
- Update and restart package:
yum update storm-backend-server service storm-backend-server restart
StoRM Info Provider v. 1.7.9
- Update package:
yum update storm-dynamic-info-provider
- Re-configure info provider:
/usr/libexec/storm-info-provider configure
- Restart BDII service:
service bdii restart
Alternatively, you can simply run YAIM after the update.
StoRM GridHTTPs v. 3.0.4
- Update and restart package:
yum update storm-gridhttps-server service storm-gridhttps-server restart
StoRM WebDAV v. 1.0.4
- Update and restart package:
yum update storm-webdav service storm-webdav restart
Check the the StoRM WebDAV installation and configuration guide for detailed installation and configuration information.
VOMS Admin server 3.4.2
Description
This release provides fixes to a couple of problems introduced in VOMS Admin 3.4.0, in particular:
- The handling of group-scoped user requests was broken if the "Group-Manager" role was not defined for a VO
- The sign-aup alias URL sent in user suspension notifications was broken
Authenticate users by certificate subject
Now users are correctly authenticated by certificate subject. With default settings, VOMS Admin authenticates clients by looking at the client certificate (subject,issuer) couple. A configuration flag was introduced in VOMS Admin 3.3.2 to authenticate only by certificate subject, but the fix worked only for VO administrators. This problem is now fixed.
For instruction on how to enable this feature, see the VOMS Admin 3.3.2 release notes.
Disable membership expiration notifications
Is now possible to disable membership expiration notifications. This kind of notification do not make sense in deployments, like at CERN, where a VO administrator cannot extend the lifetime of VO members.
To disable membership expiration notifications either:
- reconfigure the affected VO with voms-configure specifying the --disable-membership-expiration-warnings option
- set the voms.membership.disable_expiration_warning in /etc/voms-admin/<VO>/service.properties
A restart of the service is required.
Other improvements and fixes are listed below.