Skip to Content.
Sympa Menu

atlas-connect-l - [Atlas-connect-l] Status of Faxbox

atlas-connect-l AT lists.bnl.gov

Subject: Atlas-connect-l mailing list

List archive

[Atlas-connect-l] Status of Faxbox

Chronological Thread  
    < Chronological >       < Thread >
  • From: David Champion <dgc AT uchicago.edu>
  • To: atlas-connect-l AT lists.bnl.gov
  • Subject: [Atlas-connect-l] Status of Faxbox
  • Date: Fri, 14 Feb 2014 18:10:06 -0600
Hi all -

We've been hammering through some issues with Faxbox integration this
week, and I'm pleased to report success. Faxbox storage is online
for xrootd, Globus Online, and POSIX direct filesystem access from
login.usatlas.org:

xrootd endpoint name: root://faxbox.usatlas.org//user/yourusername/
xrootd example:
* xrdcp testfile root://faxbox.usatlas.org//user/yourusername/testfile

Globus endpoint name: connect#faxbox
Globus example: (for ATLAS connect users)
* go to https://portal.usatlas.org/ and log in
* select menu item Transfer > Start Transfer
* enter connect#faxbox as the left-hand endpoint
** navigate down to /user/yourusername
* select another endpoint on the right hand (e.g. your laptop, if you have
globus connect personal installed)
* select a file on the right to copy
* click the left-hand triangle to begin transfer

POSIX path: /faxbox on login.usatlas.org (via ssh)
POSIX example:
* ssh to login.usatlas.org
* cd /faxbox/user/yourusername
* look for files you transferred in

No matter which of these approaches you use, you'll find the same
materials available through the other protocols.

Deeper details: The issue we've been chasing around this week is that
xrootd runs as a single unprivileged user named xrootd, and is not
currently able to differentiate users via ROOT with a POSIX filestore.
All files stored into a POSIX backend are owned by the xrootd user.
To make this filestore interoperate with Globus and POSIX access, we
took two steps:

* the Globus gridftp grid-mapfile maps all user DNs to the xrootd user
* the backing filesystem for xrootd is exported via NFS to
login.usatlas.org, and the NFS server is configured to "squash"
all user roles into the xrootd user/group.

So no matter which of these three file access protocols is used, all
files end up in the filestore owned by the same, essentially anonymous
user.

We've begun speaking with Andy Hanushevsky about the possibilities of
extending xrootd to permit user differentiation via x.509 DN. If we
have that, then we can likewise map users distinctly for Globus and
POSIX access.

--
David Champion • dgc AT uchicago.edu • University of Chicago
Enrico Fermi Institute • Computation Institute • USATLAS Midwest Tier 2
OSG Connect • CI Connect


  • [Atlas-connect-l] Status of Faxbox, David Champion, 02/14/2014

Archive powered by MHonArc 2.6.24.

Top of Page