GGUS:VOMS Interface FAQ
GGUS wiki / GGUS FAQ / GGUS Documentation / GGUS Helpdesk
FAQ for the Interface between GGUS and VOMS
- Updated
- 2011-10-12
Purpose
This document describes the VOMS–GGUS interface. The VOMS–GGUS interface is used for synchronizing the GGUS user database with the CERN VOMS server. In CERN VOMS server the alarm and team permissions for the LHC VOs are kept.
Tools, Applications, Systems
The VOMS–GGUS interface is based on scripts which retrieve the data from VOMS server using an API call. The scripts are
- voms2list.pl and
- alarm_team.sh.
They are located on machine “automatix” in directory /home/ggus/voms. Both scripts are executed every night via cron. Access to “automatix” is only possible via “Carl/Carla” setting up an ssh connection for ggus to “automatix”.
Work flows
Retrieving data from VOMS server
The script voms2list.pl retrieves the complete data set from VOMS server and saves it as csv file at /home/ggus/voms/$vo/$vo$role.csv. This script is executed once per VO and role. The script alarm_team.sh reads the csv file, sorts the data by certificate DN and compares the retrieved data with the data in a base file /home/ggus/voms/$vo/$vo$role_base_sort.csv. Differences are saved in a file /home/ggus/voms/$vo/$vo$role_temp.csv and an email notification is sent to the GGUS developers. Additionally the file with the retrieved data is used as new base file.
Updating GGUS user database
Via cfengine the *_temp.csv are copied to the GGUS production (and training) servers at the time when they are created. Coincidentally the php script voms_sync.php gets started. This script communicates with the GGUS user database and creates, deletes or updates user accounts according to the content of the csv files. Attributes covered by the synchronization process are
- VOMS role (team, alarm)
- Certificate DN
- User name
What if I have questions which are not dealt with by this FAQ?
Open a GGUS ticket
indicating that it should be directed at the GGUS team.
Search
- Please use this link to search inside the GGUS FAQ