Monday 19th August
- Yesterday's agenda. Attended by David+ and Raul.
- There is an EGI discussion forum for UMD updates.
- Coming releases: DPM (being tested in EPEL); BDII core (bug and vulnerability fix); BDII site (bug fixes).
- Noted that dCache 2.6.5 contains a serious bug: ""if you have a permanent migration thread and issue a "save", the next time you save after a restart, the migration will be saved as "null", causing a second restart to fail"
so something you do now can cause a fail to happen in 2 months time when you restart dcache for some other issue". Thought fixed but not rolled out.
This is a hotfix for GridSite, allowing the previously disallowed dash character in delegation IDs. Delegation IDs containing non-alphanumeric characters other than a dot, coma, underscore or dash are rejected. It also properly sets the type of proxy before calling the signing function from caNl.
This is a hotfix for a bug whereby the type of proxy to sign whas erroneously hard-coded to a single value for different types of proxies, most importantly affecting RFC proxies.
Authentication and authorization in the CREAM service now makes use of the CAnL library. The gLite security libraries are no more required.
Memory leak in BNotifier
This new version of the site BDII contains a fix in the ldap info provider script to set to 'Unknown' cached GLUE state attributes. Bug fixes:BUG #101709: Set to 'Unknown' ldap info provider cached state attributes for the site BDII.
This version of the top BDII fixes a bug in the publication of delayed delete GLUE entries. A new plugin is responsible for publishing cached entries with value 'Unknown' in the corresponding GLUE state attributes. This version also includes a bug fix in the glite-info-update-endpoints script.
This version solves the problem with Argus and WMS integration (SL6).
VOMS Admin now supports Group managers, a mechanism which allow the hierarchical dispatching of the notification resulting from user VO membership and group membership requests.
vulnerability bug fix
- SHA-2 monitoring: The Nagios instance midmon continues to monitor the services not supporting SHA-2. An extensive overview will be part of next week's OMB meeting.
Currently there are two products not yet supporting SHA-2: dCache and StoRM.
- dCache version 2.6.5 has been released by the product team, and currently it is in the UMD software provisioning process.
The SHA-2 supporting version for the 2.2.x golden release is expected, but not yest released by the product team. The target for the 2.2.x version is UMD-2
- StoRM: UMD-3 latest version is 1.11.1 It supports SHA-2 but has some critical load issues. It is recommended not to deploy this version.
StoRM PT is testing a new release (1.11.2) which solves the critical issues of the current one.
Currently midmon is not generating critical alarms for dCache and StoRM: there are no related alarms in the operations dashboard
- VOMS monitoring for SHA-2 support has been re-enabled. It was suspended because of a problem in the resource information provider, which was causing some false positives
The problem has been identified (was related to a sudo version), and information has been provided to ROD teams. In case of a false positive with VOMS site administrators should be able to quickly solve the problem and make the service publish again itself.
This is believed to have been fixed but not yet rolled out.
gLite support calendar.
| 