Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=517763 --- Comment #5 from Steve Traylen <steve.traylen@xxxxxxx> 2009-08-31 05:04:38 EDT --- Hi Mattias, Some of these are really upstream bugs. Yes the INSTALL.Fedora is there, my mistake. 1) The /usr/share/voms/voms_install_db --voms-vo=test --port=15000 \ --db-type=mysql --db-admin=root --db-pwd="" \ --sqlloc=/usr/lib64/voms/libvomsmysql.so fails if there are no CA's installed. rror opening Certificate /etc/grid-security/certificates/*.0 5899:error:02001002:system library:fopen:No such file or directory:bss_file.c:356:fopen('/etc/grid-security/certificates/*.0','r') 5899:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:358: unable to load certificate so adding a comment that there must be some CAs installed before voms_install_db is ran would make sense though not required. Quite why you need CAs to do this is not obvious. 2) Permissions on /etc/voms. I think it is normal for files only read by a deamon when they can be owned by root to be owned by root. That way if voms user is compromised the voms configuration can't be altered by the voms user. I think voms_install_db can and should be executed as root. You end up now with. voms:voms , a+r /etc/voms root:root , a+r /etc/voms/test root:voms , ug+r /etc/voms/test/voms.pass root:root , a+r /etc/voms/test/voms.conf given that /etc/voms/test is root owned I see little point anyway in having /etc/voms owned voms:voms 3) Permission on /etc/grid-security/voms Again this directory is populated by root even if hostkey/cert.pem file have to owned by voms. 4) $ voms-proxy-init --voms test Cannot find file or dir: /etc/vomses /etc/vomses should be probably be in the client package. 5) /usr/share/voms/voms_install_db -h displays --logformat format See the vomsd(8) man page for details. --logdateformat format See the vomsd(8) man page for details. should be voms not vomsd. 6) I'll take a look at the start up script later, some return codes need some work. But service now running and signing proxies for me. Steve -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review