but I get an " Operation not permitted" error when I try to xrdcp a file using my dteam voms proxy certificate. I mean I am still mapped to the “nobody” user
210702 13:38:23 time=1625229503.322152 func=Emsg level=ERROR logid=63be77e8-db32-11eb-bf2d-1c34da4b345c unit=mgm@cta-eos01.scd.rl.ac.uk:1094 tid=00007f0fcc6f7700 source=XrdMgmOfsFile:3227 tident=georgep.301169:353@lcgui05.gridpp.rl.ac.uk sec=gsi uid=99 gid=99 name=a0f3a615.0 geo="" Unable to open file /eos/antares/gsitest/libxrdceph.tar.gz; Operation not permitted
Just to say, that I wasn’t extracting the VOMS attributes but now I do. Also the way I did
“vid set map -voms” was wrong (according to the documentation). Now I have
All this depends actually what and how the certificate attributes are extracted. You can figure out what was extracted by looking at the log line where each info is printed in the MGM log file. For example, in an instance with the following gsi config:
The mapping works fine. You can see in the logs what info the gsi extracted from the certificate and then you can tweak the vid rule to match. In my particular case: