OSG Operations and Integration are pleased to announce the release of OSG version 1.0.6
This is a security update for all OSG installations using Gratia probes to report accounting information. The urgency of this update depends on the following factors:
* If your resource is using Gratia probes to report accounting information and are using Condor or Managed Fork, you should apply this update to prevent authorized local users from gaining elevated privileges
* Other resources using Gratia probes for accounting can treat this as a low priority security update that may prevent authorized local users from being able to run a DOS attack on Gratia reporting
* Resources not using Gratia do not need to apply this update since it does not apply in this case
This release updates two software components, see the complete list below.
* Gratia probes
* osg-version
Please see the VDT release notes for more details: http://vdt.cs.wisc.edu/releases/1.10.1/release-p25.html
Update instructions can be found on the OSG twiki under the OSG 1.0.6: https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/OSG106UpdateInstructions
Sites using rpms to install Gratia probes should update their rpms to the latest versions in accordance with the guidelines given in the summary.
Wednesday, March 31, 2010
Friday, March 26, 2010
GOC Footprints Mail Anomaly
During a test of the Footprints server redundancy this afternoon, the GRNOC at IU mistakenly re-sent some old ticket emails as a part of the sendmail turn up on the second server. The duplicate sendmail queue was halted and emptied. We are investigating all ticket exchanges to ensure that there are no further issues. We apologize to any OSG collaborator that may have been inconvenienced by these emails and are here to answer any questions.
Thursday, March 25, 2010
New VO Package Available
A new VO package is now available. This package includes the new HCC VO and an address change for the DOSAR VOMS.
A detailed list of changes is available at
https://twiki.grid.iu.edu/bin/view/Operations/PackageV32
The GOC suggests backing up your installation before running any
update commands.
To pull the new VO Package for an OSG 1.0.x or 1.2.0 Resource please
use:
# cd $VDT_LOCATION
# source setup.sh
# pacman -update vo-package
Please remember a UNIX account for 'hcc' will need to be set up.
To pull the new VO Package for the OSG Client 1.0.x or 1.2.0 please use:
# cd $VDT_LOCATION
# source setup.sh
# pacman -update vo-client
Tuesday, March 23, 2010
GOC Service Update - Tuesday, March 30th 2010 at 14:00 UTC
The GOC will upgrade the following services beginning at Tuesday, March 30th at 14:00 UTC. No outages are expected for any of the services listed but the GOC reserves the hours of 14:00 - 18:00 UTC in the unlikely event that unexpected problems are encountered.
OIM 2.15 (https://oim.grid.iu.edu)
ITB version is now available for testing at https://oim-itb.grid.iu.edu; we encourage users to test this service before the production release.
Release Notes:
MyOSG Consolidators
MyOSG 1.16 (https://myosg.grid.iu.edu)
ITB version is now available for testing at https://myosg-itb.grid.iu.edu; we encourage users to test this service before the production release.
Release Notes:
GOC-TX Ticket Exchange/Sync System1.2 (tx.grid.iu.edu)
The ITB TX server has been functioning properly.
Release Notes:
GOC Ticket 1.15 (https://ticket.grid.iu.edu)
ITB version is now available for testing at https://ticket-itb.grid.iu.edu; we encourage users to test this service before the production release.
Release Notes:
OIM 2.15 (https://oim.grid.iu.edu)
ITB version is now available for testing at https://oim-itb.grid.iu.edu; we encourage users to test this service before the production release.
Release Notes:
- Added warnings if user removes a service from a resource or removes a VOReportName or VOReportName-FQAN or VOResourceOwner from a VO but navigates away from the edit page without hitting the update button. (Related ticket: https://ticket.grid.iu.edu/goc/viewer?id=8115).
- Cleaned up profile edit and contact edit pages to (a) disallow altering person flag if contact is mapped to a registered DN (b) show associated DN in person section.
- Modified registration page so its fields are consistent with contact edit or profile edit pages.
- Authorization module to deal with unregistered and disabled-registered DNs more elegantly; Also modified home page to print more useful warnings if either case or no-DN case is hit.
- Modified top menu to ensure unregistered and disabled-registered DN cases are taken into account.
- About and Legend sideviews for contact edit and profile edit pages
- Updates to DB connection module that will hopefully prevent "Ran out of Active Connection" error from recurring.
- Updated submenu style to make it consistent with other GOC applications.
- Removed active field from resource_group view and DB table since it was never used. In the future active field will be removed from facility, site, and support center fields to make the status of those entities clearer and easier to understand.
- Added capability to display help tooltip. Added tooltip for active/disable column with some description.
- [For OIM Admin/GOC staff only]
- Modified UserEdit servlet's form to allow new DN addition via web interface
- Greyed out active flag check box for SC, Facility, Site edit forms; additionally set active flag to true/false for those forms based on disable value (false/true).
- Added new sub section for Disabled contacts in Contacts page
- Other minor internal updates, bug fixes, cosmetic changes
MyOSG Consolidators
- RSVProcess 1.5 -
- Fixed the problem that was sometimes causing resource and service status to not be consistent with each other
- Metric Details will be stored on RSVProcess serer using MySQL Archive engine - this data will not be used by MyOSG yet but it will in the near future.
- VOMS Monitoring
- New consolidator that periodically monitors all OSG VOMS servers using current vomses file downloaded from the software cache.
- GIP Validator - No changes
- (Experimental) BDII Information Gatherer
- New consolidator that periodically fetches certain pieces of information from the BDII (LDAP server), and publishes tree maps, etc.
MyOSG 1.16 (https://myosg.grid.iu.edu)
ITB version is now available for testing at https://myosg-itb.grid.iu.edu; we encourage users to test this service before the production release.
Release Notes:
- In Virtual Organization menu, new VOMS monitoring page added (Related Ticket: https://ticket.grid.iu.edu/goc/viewer?id=7983).
- In resource group summary (rgsummary) view, disable flag is not exposed including its XML view (Related Ticket: https://ticket.grid.iu.edu/goc/viewer?id=8169).
- In rgdowntime view, fixed bug so that, if user selects "none" for "show past downtime for" field, "Past Downtime" section is not displayed. In XML view, an empty "
" element to keep our current XML schema unchanged is still presented to retain backward compatibility. - In support center legacy view, fixed issue so when contact inforamation can not be found it displays information from previous row.
- In status map, added check to see if a facility actually has any sites under it (and warn if there isn't any); Set a default camera angle / locations etc to show for Google Earth display.
- Updated submenu style to make it consistent with other GOC applications.
- Minor changes to JavaScript, and display styles.
- (Experimental) BDII Information Gatherer: In Resource Group menu, provide an experimental information to display drop down item that shows treemaps of number of jobs, number of CPUs, etc. based on information collected from the BDII.
GOC-TX Ticket Exchange/Sync System1.2 (tx.grid.iu.edu)
The ITB TX server has been functioning properly.
Release Notes:
- Updates to allow ticket exchange with BNL RT (Used by USATLAS support center). This setup will replace existing email-based ticket exchange sometime in April assuming production level tests succeed.
- Updates to allow GGUS ticket submission form to pass along resource_group (or resource_name) as a parameter instead of resource_name (used in previous version); Destination VO on GOC ticket should be set if automatic resource_name or resource_group_name or concerned_VO based SC mapping is performed.
GOC Ticket 1.15 (https://ticket.grid.iu.edu)
ITB version is now available for testing at https://ticket-itb.grid.iu.edu; we encourage users to test this service before the production release.
Release Notes:
- Added functionality that allows OIM-authorized users, including management and security team members, to be able to update tickets on the web interface.
- Updated code to suppress email notification if there is no description. GOC-TX triggers will still be sent if applicable.
- Added sort function for update descriptions on viewer.
- Updated ticket creation response page to show more details.
- Added links to any GOC-TX based ticket exchanges including remote ticket id, if available.
- Made the default description lines to show per description to 30 lines (from previous value of 15 lines); Increased viewer page width.
- Added prefetch request (will likely work on Firefox browsers) to decrease description selection flicker.
- Added capability to show the real time when indicator for "X minutes/days ago" is hovered upon.
- Updated google previously invalid site verify code for google webmaster tool.
- Fixed minor issue which was causing missing last name to be converted to numeric "0".
- [For GOC and Security Staff]
- Moved notification and security staff tasks to their own menu items.
- Added "GOC Support Assignee" web service that provides the most applicable GOC-support team member at any given time based on their availability and number of tickets they already are handling.
- Updated code to use tick.globalnoc instead of tick-indy.globalnoc as Footprints server name.
- Improved monitoring and alerts to GOC staff on failure conditions.
- Several other internal modifications to improve performance, and avoid display style issues on Internet Explorer, etc.
Wednesday, March 17, 2010
OSG 1.2.8 Release Announcement
OSG Operations and Integration are pleased to announce the release of OSG version 1.2.8.
This is a security update for all OSG installations using Gratia probes to report accounting information. The urgency of this update depends on the following factors:
This release also updates several software components, see the complete list below.
This update corrects a bug in the Gratia probes that may pose a security risk to resources in certain instances. Please see the VDT release notes for more details: http://vdt.cs.wisc.edu/releases/2.0.0/release-p15.html
Complete update instructions can be found at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/OSG128UpdateInstructions
Sites using rpms to install Gratia probes should update their rpms to the latest versions in accordance with the guidelines given in the summary.
If you are updating from a version prior to 1.2.0 or installing the OSG stack for the first time see the full installation instructions at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/
This is a security update for all OSG installations using Gratia probes to report accounting information. The urgency of this update depends on the following factors:
- If your resource is using Gratia probes to report accounting information and are using Condor or Managed Fork, you should apply this update to prevent authorized local users from gaining elevated privileges
- Other resources using Gratia probes for accounting can treat this as a low priority security update that may prevent authorized local users from being able to run a DOS attack on Gratia reporting
- Resources not using Gratia do not need to apply this update since it does not apply in this case
This release also updates several software components, see the complete list below.
- Gratia probes
- osg-version
This update corrects a bug in the Gratia probes that may pose a security risk to resources in certain instances. Please see the VDT release notes for more details: http://vdt.cs.wisc.edu/releases/2.0.0/release-p15.html
Complete update instructions can be found at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/OSG128UpdateInstructions
Sites using rpms to install Gratia probes should update their rpms to the latest versions in accordance with the guidelines given in the summary.
If you are updating from a version prior to 1.2.0 or installing the OSG stack for the first time see the full installation instructions at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/
Monday, March 15, 2010
VDT web site downtime
All,
The filesystems used by the VDT web server experienced some problems overnight. The VDT technical staff is working actively to fix the problems and expect them to be fixed soon. However, in the meantime, you can expect problems in at least two ways:
1) Some VDT installations will fail due to files not being available on the web server. We recommend not doing any installation until this is fixed.
2) Our ticket system is down, and tickets will not be created until it comes back up.
We apologize for any problems and will have things running normally as soon as possible.
-----------------------------------------------------------------
Alain Roy
Open Science Grid Software Coordinator roy@cs.wisc.edu
http://opensciencegrid.org http://vdt.cs.wisc.edu
-----------------------------------------------------------------
The filesystems used by the VDT web server experienced some problems overnight. The VDT technical staff is working actively to fix the problems and expect them to be fixed soon. However, in the meantime, you can expect problems in at least two ways:
1) Some VDT installations will fail due to files not being available on the web server. We recommend not doing any installation until this is fixed.
2) Our ticket system is down, and tickets will not be created until it comes back up.
We apologize for any problems and will have things running normally as soon as possible.
-----------------------------------------------------------------
Alain Roy
Open Science Grid Software Coordinator roy@cs.wisc.edu
http://opensciencegrid.org http://vdt.cs.wisc.edu
-----------------------------------------------------------------
Monday, March 8, 2010
OSG 1.2.7 Release Announcement
OSG Operations and Integration are pleased to announce the release of OSG version 1.2.7.
This is a medium priority security update that corrects issues in several components. The fixes include updates to several components to properly handle null bytes in a DN handle and a fix for a DOS attack on squid.
This release also updates several software components, see the complete list below.
* wget
* osg-config
* osg-version
* Java 1.5
* Java 1.6
* OpenLDAP
* GFAL and lcg-utils (no version change, but it was rebuilt to match the security update for OpenLDAP)
The components that have been updated may also include bugfixes. Please see the VDT release notes for more details: http://vdt.cs.wisc.edu/releases/2.0.0/release-p14.html
Complete update instructions can be found at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/OSG127UpdateInstructions
If you are updating from a version prior to 1.2.0 or installing the OSG stack for the first time see the full installation instructions at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/
This is a medium priority security update that corrects issues in several components. The fixes include updates to several components to properly handle null bytes in a DN handle and a fix for a DOS attack on squid.
This release also updates several software components, see the complete list below.
* wget
* osg-config
* osg-version
* Java 1.5
* Java 1.6
* OpenLDAP
* GFAL and lcg-utils (no version change, but it was rebuilt to match the security update for OpenLDAP)
The components that have been updated may also include bugfixes. Please see the VDT release notes for more details: http://vdt.cs.wisc.edu/releases/2.0.0/release-p14.html
Complete update instructions can be found at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/OSG127UpdateInstructions
If you are updating from a version prior to 1.2.0 or installing the OSG stack for the first time see the full installation instructions at https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/
Friday, March 5, 2010
New VO Package Available - GOC Ticket # 8092
A new VO package is now available.
There are three changes. The DayaBay VO has been added, VOMS ports for NYSGRID and GRACE, and the FNAL VO GUMS configuration information has been updated.
A detailed list of changes is available at
https://twiki.grid.iu.edu/bin/view/Operations/PackageV31
The GOC suggests backing up your installation before running any
update commands.
To pull the new VO Package for an OSG 1.0.x or 1.2.0 Resource please
use:
# cd $VDT_LOCATION
# source setup.sh
# pacman -update vo-package
Please remember a UNIX account for 'dayabay' will need to be set up.
To pull the new VO Package for the OSG Client 1.0.x or 1.2.0 please use:
# cd $VDT_LOCATION
# source setup.sh
# pacman -update vo-client
Please see ticket 8092 at:
https://ticket.grid.iu.edu/goc/viewer?id=8092
There are three changes. The DayaBay VO has been added, VOMS ports for NYSGRID and GRACE, and the FNAL VO GUMS configuration information has been updated.
A detailed list of changes is available at
https://twiki.grid.iu.edu/bin/view/Operations/PackageV31
The GOC suggests backing up your installation before running any
update commands.
To pull the new VO Package for an OSG 1.0.x or 1.2.0 Resource please
use:
# cd $VDT_LOCATION
# source setup.sh
# pacman -update vo-package
Please remember a UNIX account for 'dayabay' will need to be set up.
To pull the new VO Package for the OSG Client 1.0.x or 1.2.0 please use:
# cd $VDT_LOCATION
# source setup.sh
# pacman -update vo-client
Please see ticket 8092 at:
https://ticket.grid.iu.edu/goc/viewer?id=8092
Subscribe to:
Posts (Atom)
Posts
Copyright 2009 Indiana University - Developed for Open Science Grid