Hi Steve,
I've been thinking about this for a while now. I would think that the VO
Admin tools should provide easy downloadable configuration files for admins
to install, both for the user's vomses files (VOMS Proxy generation) and for
the .lsc files (VOMS Proxy verification).
This should be distributed by these projects, perhaps gathered by a neutral
party much like Terana's TACAR for CA certificates. Perhaps this is
something where EGI might be able to assist in their UMD repository.
Similar packages have been created by Cern for the LHC VOs for a similar
purpose.
Perhaps a guideline would be useful for people to properly construct such
packages for easier distribution in collaborative Grid projects.
Oscar
On 12/11/10 11:03 PM, Steve Traylen wrote:
Today I tried actually deploying a real myproxy service rather
than
just a test instance from EPEL
for the fist time.
The instant annoyance I faced was a lack of voms server trust files in
/etc/grid-security/vomes and
a lack voms certificate generation configuration files in /etc/voms.d
(I think it is.).
Obviously I could generate the configuration files by hand but this is
rather error prone
especially given this is actually globally identical for everyone the
global chance of mistake is nearly
1.
These directories are perfect for dropping files into via RPM and I am
interested in comments
as to how to go about providing these trust files and voms certificate
generation configuration files.
It's incredibly similar to CA files in someways in the sense we have
multiple identical files per VO
to drop into a directory.
As anyone considered packaging these files up for wider use.... I'm
considering this case, it's clearly
not something to include in Fedora itself but presenting somewhere to
obtain them makes sense to me.
Steve.