EOS5:: steps for gsi auth for different VOs

Hi! While this is the second EOS instance, it’s my first time trying to setup gsi authentication for different VOs (dteam, ops, auger) (my main instance is an ALICE one)
So, what are the steps to define users, map them to directories, then map gsi information to users?
Thanks a lot!

So, just to have the information here (next time that I search for it :smile: ) the magic steps were:

# GSI authentication
sec.protocol gsi -d:1 -crl:1 -moninfo:1 -gmapopt:1 -vomsat:1 -vomsfun:default -gridmap:/etc/grid-security/grid-mapfile -cert:/etc/grid-security/hostcert.pem -key:/etc/grid-security/hostkey.pem
sec.protparm gsi -vomsfun:/opt/eos/xrootd/lib64/libXrdSecgsiVOMS.so -vomsat:extract -vomsfunparms:certfmt=pem|vos=ops,dteam,auger|grps=/ops,/dteam,/auger|grpopt=useall|dbg

and with a voms vid content like:

voms:"/auger:":gid => auger
voms:"/auger:":uid => auger
voms:"/dteam:":gid => dteam
voms:"/dteam:":uid => dteam
voms:"/ops:":gid => ops
voms:"/ops:":uid => ops

Many thanks to @esindril for the help!!

1 Like