Re: [gt-user] help regarding globus-url-copy

Tue, 31 May 2011 13:11:45 -0700

For some reason you use a host credential (CN=host/fool.man.machine) instead of a user credential. It is unusual but it should work if you add the following mapping between this DN and an existing local username to the file /etc/grid-security/grid-mapfile:
"/O=Grid/OU=GlobusTest/OU=simpleCA-fool.man.machine/CN=host/fool.man.machine" dknight 

You can do this using the command:
# $GLOBUS_LOCATION/sbin/grid-mapfile-add-entry -dn \

"/O=Grid/OU=GlobusTest/OU=simpleCA-fool.man.machine/CN=host/fool.man.machine" 
\

-ln dknight

or manually editing the file /etc/grid-security/grid-mapfile.


How did this happen that you use the host credential as a user 
credential? How did you get/generate that credential?


Lukasz


On 5/31/11 1:49 PM, Amitav Mohanty wrote:

On 05/31/2011 09:45 PM, Jim Basney wrote:

On 5/31/11 9:35 AM, Amitav Mohanty wrote:

I was wondering why without adding any lines to hosts.allow and
hosts.deny I can have credentials exchanged successfully when both the
server and the client are started on different terminals.

If you run the myproxy-server outside of xinetd, then /etc/hosts.allow
and /etc/hosts.deny have no effect. It's xinetd, not myproxy-server,
that's applying the rules from these files.

-Jim


Well I start myproxy-server on one terminal and myproxy-logon on 
another. There is a successful transfer of credentials but when I 
start globus-gridftp-server on another terminal and try



globus-url-copy -dbg -vb gsiftp://localhost:2811/etc/group 
file:///home/dknight/test.copy


I get errors as follows:


[dknight@fool soc]$ globus-url-copy -dbg -vb 
gsiftp://localhost:2811/etc/group file:///home/dknight/test.copy

Source: gsiftp://localhost:2811/etc/
Dest:   file:///home/dknight/
  group  ->  test.copy
debug: starting to get gsiftp://localhost:2811/etc/group
debug: connecting to gsiftp://localhost:2811/etc/group

debug: response from gsiftp://localhost:2811/etc/group:

220 fool.man.machine GridFTP Server 3.28 (gcc64dbg, 1297437357-80) 
[Globus Toolkit 5.0.3] ready.


debug: authenticating with gsiftp://localhost:2811/etc/group
debug: response from gsiftp://localhost:2811/etc/group:

530-Login incorrect. : globus_gss_assist: Gridmap lookup failure: 
Could not map 
/O=Grid/OU=GlobusTest/OU=simpleCA-fool.man.machine/CN=host/fool.man.machine

530-
530 End.

debug: fault on connection to gsiftp://localhost:2811/etc/group

debug: data callback, error globus_ftp_client: the server responded 
with an error, buffer 0x7f00997c7010, length 0, offset=0, eof=true

debug: operation complete

error: globus_ftp_client: the server responded with an error

530 530-Login incorrect. : globus_gss_assist: Gridmap lookup failure: 
Could not map 
/O=Grid/OU=GlobusTest/OU=simpleCA-fool.man.machine/CN=host/fool.man.machine

530-
530 End.

The server does not print a line on the terminal.

Regards
Amitav

























					Reply via email to