Difference between revisions of "GGUS:VOMS Interface FAQ"

From EGIWiki
Jump to: navigation, search
Line 4: Line 4:
 
[[Category:FAQ Interfaces (GGUS)]]
 
[[Category:FAQ Interfaces (GGUS)]]
 
<hr />'''FAQ for the Interface between GGUS and VOMS'''
 
<hr />'''FAQ for the Interface between GGUS and VOMS'''
; Updated: 2011-10-12
 
  
 
===Purpose===
 
===Purpose===

Revision as of 07:31, 28 June 2013

GGUS-logo.jpg


GGUS wiki / GGUS FAQ / GGUS Documentation / GGUS Helpdesk


FAQ for the Interface between GGUS and VOMS

Purpose

This document describes the VOMS–GGUS interface. The VOMS–GGUS interface is used for synchronizing the GGUS user database with the CERN VOMS server. In CERN VOMS server the alarm and team permissions for the LHC VOs are kept.

Tools, Applications, Systems

The VOMS–GGUS interface is based on scripts which retrieve the data from VOMS server using an API call. The scripts are

  • voms2list.pl and
  • alarm_team.sh.

They are located on machine “automatix” in directory /home/ggus/voms. Both scripts are executed every night via cron. Access to “automatix” is only possible via “Carl/Carla” setting up an ssh connection for ggus to “automatix”.

Work flows

Retrieving data from VOMS server

The script voms2list.pl retrieves the complete data set from VOMS server and saves it as csv file at /home/ggus/voms/$vo/$vo$role.csv. This script is executed once per VO and role. The script alarm_team.sh reads the csv file, sorts the data by certificate DN and compares the retrieved data with the data in a base file /home/ggus/voms/$vo/$vo$role_base_sort.csv. Differences are saved in a file /home/ggus/voms/$vo/$vo$role_temp.csv and an email notification is sent to the GGUS developers. Additionally the file with the retrieved data is used as new base file.

Updating GGUS user database

Via cfengine the *_temp.csv are copied to the GGUS production (and training) servers at the time when they are created. Coincidentally the php script voms_sync.php gets started. This script communicates with the GGUS user database and creates, deletes or updates user accounts according to the content of the csv files. Attributes covered by the synchronization process are

  • VOMS role (team, alarm)
  • Certificate DN
  • Email
  • User name

What if I have questions which are not dealt with by this FAQ?

Open a GGUS ticket

indicating that it should be directed at the GGUS team.

Search