------------------------------------------------------------------------------ STARTUP SCRIPT NOT REGULAR KIND ------------------------------------------------------------------------------ http://www.globus.org/toolkit/docs/4.2/4.2.0/admin/quickstart/index.html#q-container2
... [EMAIL PROTECTED]:~ $ /etc/init.d/globus-ws-java-container start ...Normally a startup script placed in /etc/init.d must make symbolic links to various rc.x.d to start at proper runlevel(s) automatically when the system rebooted. Currently this script is to be called by globus. So, it does not seem to be suitable to be called by the boot process. Before it can be used as a normal startup script, should it be modified to ensure that it can be called by only root (boot process) but it will switch to globus user (su - globus) to call the executable???
Or, like in some other servers (like tomcat), should it be able to specify under what user (globus or root) the user wants it to run???
Yoichi -------------------------------------------------------------------------- Yoichi Takayama, PhD Senior Research Fellow RAMP Project MELCOE (Macquarie E-Learning Centre of Excellence) MACQUARIE UNIVERSITY Phone: +61 (0)2 9850 9073 Fax: +61 (0)2 9850 6527 www.mq.edu.au www.melcoe.mq.edu.au/projects/RAMP/ -------------------------------------------------------------------------- MACQUARIE UNIVERSITY: CRICOS Provider No 00002JThis message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of Macquarie E-Learning Centre Of Excellence (MELCOE) or Macquarie University.
On 26/09/2008, at 1:50 AM, Charles Bacon wrote:
That's a good idea. I'll add a link to http://dev.globus.org/wiki/FirewallHowTo from the quickstart.Charles On Sep 25, 2008, at 10:24 AM, Yoichi Takayama wrote:Thanks!The Quick Start guide does not say anything about ports and firewall, but I am a bit embarrassed to learn that it is well documented in a longer admin manual. Although probably I ought to have read it and also Globus has good manuals, many of us wish not to have to read lengthy manuals but to have concise instructions.Perhaps there should be a very brief mention of firewall how to restrict the ports in the Quick Start as well, because hardly any system comes without firewall settings???Cheers, Yoichi -------------------------------------------------------------------------- Yoichi Takayama, PhD Senior Research Fellow RAMP Project MELCOE (Macquarie E-Learning Centre of Excellence) MACQUARIE UNIVERSITY Phone: +61 (0)2 9850 9073 Fax: +61 (0)2 9850 6527 www.mq.edu.au www.melcoe.mq.edu.au/projects/RAMP/ -------------------------------------------------------------------------- MACQUARIE UNIVERSITY: CRICOS Provider No 00002JThis message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of Macquarie E-Learning Centre Of Excellence (MELCOE) or Macquarie University.On 26/09/2008, at 1:08 AM, Raj Kettimuthu wrote:GridFTP, like any FTP, is a two channel protocol. 2811 is for control channel connection. You also need to open ports for data channel. You can restrict the port range for the data channel using the environment variable GLOBUS_TCP_PORT_RANGE. More information about this is available at http://www.globus.org/toolkit/docs/4.0/data/gridftp/admin-index.html#id2536766Raj On Fri, 26 Sep 2008, Yoichi Takayama wrote:Hi http://www.globus.org/toolkit/docs/4.2/4.2.0/admin/quickstart/index.htmlWhile trying to install the 2nd Globus, the GridFTP test tries to copy a file between two hosts. This fails.$ globus-url-copy gsiftp://grid1.ramscommunity.org/etc/group gsiftp://grid2.ramscommunity.org/tmp/from-grid1 error: globus_ftp_client: the server responded with an error 500 500-Command failed. : callback failed. 500-globus_xio: Unable to connect to 137.111.246.176:42777 500-globus_xio: System error in connect: No route to host 500-globus_xio: A system call failed: No route to host 500 End.Obviously the port 42777 is not open because it is behind a Firewall.The GridFTP is defined as gsiftp with /etc/xinetd.d/gridftp as: service gsiftp { instances = 100 socket_type = stream wait = no user = rootenv += GLOBUS_LOCATION=/sandbox/globus/ globus-4.2.0 env += LD_LIBRARY_PATH=/sandbox/globus/ globus-4.2.0/lib server = /sandbox/globus/globus-4.2.0/sbin/ globus-gridftp-serverserver_args = -i log_on_success += DURATION disable = no } Also: # cat /etc/services | grep gsiftp gsiftp 2811/tcp # GSI FTP gsiftp 2811/udp # GSI FTPAlthough the port 2811/tcp and 2811/udp have been opened, this does not help since the globus-url-copy gsiftp still wants to use some random ports other than 2811. The command copies files OK if the iptables are switched off. so, it is obviously the port number problem.Is there any other place where the setting should be placed to restrict what port the gsiftp should be using?Thanks, Yoichi -------------------------------------------------------------------------- Yoichi Takayama, PhD Senior Research Fellow RAMP Project MELCOE (Macquarie E-Learning Centre of Excellence) MACQUARIE UNIVERSITY Phone: +61 (0)2 9850 9073 Fax: +61 (0)2 9850 6527 www.mq.edu.au www.melcoe.mq.edu.au/projects/RAMP/ -------------------------------------------------------------------------- MACQUARIE UNIVERSITY: CRICOS Provider No 00002JThis message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of Macquarie E-Learning Centre Of Excellence (MELCOE) or Macquarie University.
smime.p7s
Description: S/MIME cryptographic signature
