Dcap commands

From GridPP Wiki
Jump to: navigation, search

DCAP is a preload library that allows you to overload standard system calls to access remote file systems. It can either be host/uid authenticated or alternatively tunneled through GSI security.

Unauthenticated dcap (PNFS not mounted)

The dCache server must be running an unauthenticated dcap door. This is typically used for random byte IO access to files from the batch farm of the site.

The client must have the correct libraries loaded for this:

 export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/d-cache/dcap/lib

You can have the dcap preload library defined, but it is not necessary,

 export LD_PRELOAD=/opt/d-cache/dcap/lib/libpdcap.so

The client should then use commands like this to read files from the dCache:

 dccp -p 50000:52000 dcap://pool2.epcc.ed.ac.uk:22125//pnfs/epcc.ed.ac.uk/data/dteam/test-061115-1 `pwd`/test7

where -p specifies the port range relevant to the client. pool2.epcc.ed.ac.uk is the hostname of the node running the dcap door on port 22125.

The server will return a permission denied error if the client attempts to write into the dCache using unauthenticated dcap.

For (GSI)DCAP access when PNFS is mounted on the client, please see Access NFS Mounted dCache.

Authenticated dcap

The dCap cp command that allows users to copy files into and out of dCache does not natively enforce any security. To overcome this, there a dCap door to dCache can be setup that uses the Grid Security Infrastructure (gsi). By default this door runs on port 22128.

The client must ensure that the correct libraries are loaded for this:

 export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/d-cache/dcap/lib

and can have the preload library variable defined.

LD_PRELOAD=/opt/d-cache/dcap/lib/libpdcap.so

Users holding a valid grid proxy then issues commands such as:

 dccp -d 15 -p 50000:52000 /usr/lib/X11/rgb.txt
 gsidcap://srm.epcc.ed.ac.uk:22128/pnfs/epcc.ed.ac.uk/data/dteam/greig_`date +%Y%m%d_%H%M%S`.txt
 
 dccp -d 15 -p 50000:52000 /home/gcowan/test
 gsidcap://pool2.epcc.ed.ac.uk:22128//pnfs/epcc.ed.ac.uk/data/dteam/test-061115-10

If the file already exists, then an error like this will be returned,

Command failed!
Server error message for [2]: "File is readOnly" (errno 1).
Failed open file in the dCache.
Can't open destination file : "File is readOnly"
System error: Input/output error

Server rejects "hello"

If you get this error while trying to copy a file into a dCache using gsidcap, then it probably means that there is something wrong with the authentication step. Make sure you have avalid proxy.

Failed open file in the dCache. 
Can't open destination file : Server rejected "hello"
System error: Input/output error