deb http://kambing.ui.ac.id/ubuntu lucid main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-backports main restricted universe multiverse
deb file:///media/doc/lucid lucid main restricted universe multiverse
deb file:///media/doc/lucid lucid-updates main restricted universe multiverse
deb file:///media/doc/lucid lucid-security main restricted universe multiverse
deb file:///media/doc/lucid lucid-backports main restricted universe multiverse
APT::Get::AutomaticRemove "true";
APT::Install-Recommends "false";
APT::Get::force-yes "true";
APT::Get::Assume-Yes "true";
#cli only
apt-get dist-upgrade && apt-get -y -q --force-yes --no-install-recommends --auto-remove install vim htop mc nmap openssh-server proftpd-basic links localepurge sudo
#GT prequisite
apt-get install openssl libssl-dev zlib1g build-essential locate libxml-parser-perl sudo
updatedb && locate XML/Parser.pm
adduser globus
adduser globus sudo
apt-get update && apt-get upgrade && apt-get dist-upgrade && apt-get install vim htop mc nmap openssh-server proftpd-basic links localepurge sudo openssl libssl-dev zlib1g build-essential locate libxml-parser-perl && updatedb && locate XML/Parser.pm
cat /etc/sudoers
+++++++++++++++++++++++++++++++++++
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
# Allow members of group sudo to execute any command after they have
# provided their password
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
+++++++++++++++++++++++++++++++++++
#
$ cat ~/.bashrc
+++++++++++++++++++++++++++++++++++
http_proxy="http://princeofun@chem.its.ac.id:jewkco@202.46.129.10:8080/"
export http_proxy
ftp_proxy="http://princeofun@chem.its.ac.id:jewkco@202.46.129.10:8080/"
export ftp_proxy
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$PATH:$JAVA_HOME/bin
export ANT_HOME=/usr/local/apache-ant-1.8.1
export PATH=$PATH:$ANT_HOME/bin
export GLOBUS_LOCATION=/usr/local/globus-4.2.1
#export CATALINA_HOME=/opt/apache-tomcat-5.5.26
#export PATH=$PATH:$CATALINA_HOME/bin
#source GLOBUS_LOCATION/etc/globus-user-env.sh
+++++++++++++++++++++++++++++++++++
sudo chown globus:globus /usr/local && exit
globus@debianserver:/usr$ ls -l |grep local
drwxrwsr-x 11 globus globus 4096 2010-07-19 09:30 local
transfer jdk1.5.0_22 apache-ant-1.8.1 gt && untar && copy /usr/local
tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/ && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install
sudo chown globus:globus /usr/local && exit
source ~/.bashrc && tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/ && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade && sudo apt-get install vim htop mc nmap proftpd-basic elinks localepurge openssl libssl-dev zlib1g build-essential xinetd ntp ntpdate
sudo chown globus:globus /usr/local && tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/
source ~/.bashrc && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install | tee install.log
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade && sudo apt-get install vim htop mc nmap proftpd-basic elinks localepurge openssl libssl-dev zlib1g build-essential
# /etc/apt/sources.list
deb http://kambing.ui.ac.id/ubuntu lucid main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-backports main restricted universe multiverse
deb file:///media/doc/lucid lucid main restricted universe multiverse
deb file:///media/doc/lucid lucid-updates main restricted universe multiverse
deb file:///media/doc/lucid lucid-security main restricted universe multiverse
deb file:///media/doc/lucid lucid-backports main restricted universe multiverse
# /etc/apt/apt.conf
APT::Get::AutomaticRemove "true";
APT::Install-Recommends "false";
APT::Get::force-yes "true";
APT::Get::Assume-Yes "true";
#cli only
apt-get dist-upgrade && apt-get -y -q --force-yes --no-install-recommends --auto-remove install vim htop mc nmap openssh-server proftpd-basic links localepurge sudo
#GT prequisite
apt-get install openssl libssl-dev zlib1g build-essential locate libxml-parser-perl sudo
updatedb && locate XML/Parser.pm
adduser globus
adduser globus sudo
apt-get update && apt-get upgrade && apt-get dist-upgrade && apt-get install vim htop mc nmap openssh-server proftpd-basic links localepurge sudo openssl libssl-dev zlib1g build-essential locate libxml-parser-perl && updatedb && locate XML/Parser.pm
cat /etc/sudoers
+++++++++++++++++++++++++++++++++++
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
# Allow members of group sudo to execute any command after they have
# provided their password
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
+++++++++++++++++++++++++++++++++++
#
$ cat ~/.bashrc
+++++++++++++++++++++++++++++++++++
http_proxy="http://princeofun@chem.its.ac.id:jewkco@202.46.129.10:8080/"
export http_proxy
ftp_proxy="http://princeofun@chem.its.ac.id:jewkco@202.46.129.10:8080/"
export ftp_proxy
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$PATH:$JAVA_HOME/bin
export ANT_HOME=/usr/local/apache-ant-1.8.1
export PATH=$PATH:$ANT_HOME/bin
export GLOBUS_LOCATION=/usr/local/globus-4.2.1
#export CATALINA_HOME=/opt/apache-tomcat-5.5.26
#export PATH=$PATH:$CATALINA_HOME/bin
#source GLOBUS_LOCATION/etc/globus-user-env.sh
+++++++++++++++++++++++++++++++++++
sudo chown globus:globus /usr/local && exit
globus@debianserver:/usr$ ls -l |grep local
drwxrwsr-x 11 globus globus 4096 2010-07-19 09:30 local
transfer jdk1.5.0_22 apache-ant-1.8.1 gt && untar && copy /usr/local
tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/ && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install
sudo chown globus:globus /usr/local && exit
source ~/.bashrc && tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/ && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install
# /etc/apt/sources.list
deb http://kambing.ui.ac.id/ubuntu lucid main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-backports main restricted universe multiverse
deb file:///media/doc/lucid lucid main restricted universe multiverse
deb file:///media/doc/lucid lucid-updates main restricted universe multiverse
deb file:///media/doc/lucid lucid-security main restricted universe multiverse
deb file:///media/doc/lucid lucid-backports main restricted universe multiverse
globus@mars:~/old$ cat /etc/apt/sources.list
deb http://10.151.35.203/lucid lucid main restricted universe multiverse
deb http://10.151.35.203/lucid lucid-updates main restricted universe multiverse
deb http://10.151.35.203/lucid lucid-security main restricted universe multiverse
deb http://10.151.35.203/lucid lucid-backports main restricted universe multiverse
#deb http://10.151.35.203/lucid lucid-proposed main restricted universe multiverse
globus@mars:~/old$ cat /etc/apt/apt.conf
APT::Get::AutomaticRemove "true";
APT::Install-Recommends "true";
APT::Get::force-yes "true";
APT::Get::Assume-Yes "true";
globus@mars:~/old$ cat /home/globus/.bashrc
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$PATH:$JAVA_HOME/bin
export ANT_HOME=/usr/local/apache-ant-1.8.1
export PATH=$PATH:$ANT_HOME/bin
export GLOBUS_LOCATION=/usr/local/globus-4.2.1
source $GLOBUS_LOCATION/etc/globus-user-env.sh
source $GLOBUS_LOCATION/etc/globus-devel-env.sh
[...unrelated output...]
globus@mars:~/old$ sudo apt-get update && sudo apt-get upgrade && [ sudo apt-get dist-upgrade ] && sudo apt-get install vim htop mc nmap proftpd-basic elinks localepurge openssl libssl-dev zlib1g build-essential xinetd ntp ntpdate locate libxml-parser-perl && updatedb && locate XML/Parser.pm
globus@mars:~$ sudo chown globus:globus /usr/local && tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/
globus@mars:~$ source ~/.bashrc && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install | tee install.log
### begin venus
## backup ~/.globus
$ tar --bzip2 -cvf dot.globus.old.tar.bz2 .globus/ && rm -rfv ~/.globus/
## backup /etc/grid-security
# cd /etc/ && tar --bzip2 -cvf grid-security.old_1.tar.bz2 grid-security/ && rm -rfv /etc/grid-security
## remove gsiftp service
$ cat /etc/services
.....
[urrelated output]
.....
# Local services
#gsiftp 2811/tcp
# /etc/init.d/xinetd restart
### venus end
### mercury begin
## backup /etc/grid-security
# tar --bzip2 -cvf grid-security.old.tar.bz2 grid-security/
### end mercury
### earth begin
## backup ~/.globus
$ tar --bzip2 -cvf dot.globus.old.tar.bz2 .globus/ && rm -rfv ~/.globus/
### end earth
##[start with simpleCA]
globus@earth:~$ /usr/local/globus-4.2.1/setup/globus/setup-simple-ca
globus@earth:~$ scp .globus/simpleCA/globus_simple_ca_bb771705_setup-0.20.tar.gz venus:~
## host certificate
globus@venus:~$ /usr/local/globus-4.2.1/sbin/gpt-build globus_simple_ca_bb771705_setup-0.20.tar.gz gcc32dbg -force
globus@venus:~$ /usr/local/globus-4.2.1/sbin/gpt-postinstall
root@venus:~# /usr/local/globus-4.2.1/setup/globus_simple_ca_bb771705_setup/setup-gsi -default
root@venus:~# grid-cert-request -host `hostname -f`
root@venus:~# scp /etc/grid-security/hostcert_request.pem globus@earth:~
## sign the request
globus@earth:~$ grid-ca-sign -in hostcert_request.pem -out hostcert.pem
globus@earth:~$ scp hostcert.pem mars:~
root@venus:~# cp hostcert.pem /etc/grid-security
## sign the user cert
root@venus:~# adduser agriduser
root@venus:~# cp /home/globus/.bashrc /home/agriduser/ -v
agriduser@venus:~$ grid-cert-request
agriduser@mars:~$ scp /home/agriduser/.globus/usercert_request.pem globus@earth:~
globus@earth:~$ grid-ca-sign -in usercert_request.pem -out usercert.pem
globus@earth:~$ scp usercert.pem agriduser@venus:~/.globus
agriduser@venus:~/.globus$ grid-proxy-init -debug -verify
usercert can be copied to all grid host but not with hostcert
[mapping info]
p189
agriduser@venus:~/.globus$ grid-cert-info -subject -f usercert.pem
/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=Alex Bacons
root@venus:/etc/grid-security# grid-cert-info -subject -f /home/agriduser/.globus/usercert.pem
/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=Alex Bacons
root@venus:/etc/grid-security# grid-mapfile-add-entry -dn "/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=Alex Bacons" -ln agriduser
root@venus:/etc/grid-security# cat /etc/grid-security/grid-mapfile
"/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=Alex Bacons" agriduser
root@venus:/etc/grid-security# grid-mapfile-check-consistency
root@venus:/etc/grid-security# cp hostcert.pem containercert.pem && cp hostkey.pem containerkey.pem && chown globus:globus container*
[verifying the installation and configuration of java ws core]
p174
globus@venus:~$ globus-start-container
agriduser@venus:~$ grid-proxy-init
Your identity: /O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=Alex Bacons
Enter GRID pass phrase for this identity:
Creating proxy .................................. Done
Your proxy is valid until: Mon Aug 9 23:39:52 2010
agriduser@venus:~$ counter-create -s https://10.151.35.202:8443/wsrf/services/CounterService > test.epr
agriduser@venus:~$ while true; do counter-add -e test.epr 99999; sleep 1; done
gsiftp
agriduser@venus:~$ cat /etc/services
[.. unrelated info .. ]
gsiftp 2811/tcp
agriduser@venus:~$ cat /etc/xinetd.d/gsiftp
service gsiftp
{
instances = 100
socket_type = stream
wait = no
user = root
env += GLOBUS_LOCATION=/usr/local/globus-4.2.1
env += LD_LIBRARY_PATH=/usr/local/globus-4.2.1/lib
server = /usr/local/globus-4.2.1/sbin/globus-gridftp-server
server_args = -i
log_on_success += DURATION
disable = no
}
root@venus:/etc/xinetd.d# /etc/init.d/xinetd restart
agriduser@venus:~$ telnet localhost 2811
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 venus.gridx.dept.orgz.country GridFTP Server 3.15 (gcc32dbgpthr, 1222656151-78) [Globus Toolkit 4.2.1] ready.
(..seems that gridftp server works..)
agriduser@venus:~$ netstat -an |grep 2811
tcp 0 0 0.0.0.0:2811 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:39526 127.0.0.1:2811 TIME_WAIT
**
### begin mars
## backup ~/.globus
$ tar --bzip2 -cvf dot.globus.old.tar.bz2 .globus/ && rm -rfv ~/.globus/
## backup /etc/grid-security
# tar --bzip2 -cvf grid-security.old.tar.bz2 grid-security/
## remove gsiftp service
$ cat /etc/services
.....
[urrelated output]
.....
# Local services
#gsiftp 2811/tcp
# /etc/init.d/xinetd restart
globus@earth:~$ scp .globus/simpleCA/globus_simple_ca_bb771705_setup-0.20.tar.gz mars:~
## host certificate
globus@mars:~$ /usr/local/globus-4.2.1/sbin/gpt-build globus_simple_ca_bb771705_setup-0.20.tar.gz gcc32dbg -force
globus@mars:~$ /usr/local/globus-4.2.1/sbin/gpt-postinstall
root@mars:~# /usr/local/globus-4.2.1/setup/globus_simple_ca_bb771705_setup/setup-gsi -default
root@mars:~# grid-cert-request -host `hostname -f`
root@mars:~# scp /etc/grid-security/hostcert_request.pem globus@earth:~
## sign the request
globus@earth:~$ grid-ca-sign -in hostcert_request.pem -out hostcert.pem
globus@earth:~$ scp hostcert.pem mars:~
root@mars:~# cp hostcert.pem /etc/grid-security
## sign the user cert
root@mars:~# adduser agriduser
root@mars:~# cp /home/globus/.bashrc /home/agriduser/ -v
agriduser@mars:~$ grid-cert-request
agriduser@mars:~$ scp /home/agriduser/.globus/usercert_request.pem globus@earth:~
globus@earth:~$ grid-ca-sign -in usercert_request.pem -out usercert.pem
globus@earth:~$ scp usercert.pem agriduser@mars:~/.globus
agriduser@mars:~/.globus$ grid-proxy-init -debug -verify
usercert can be copied to all grid host but not with hostcert
globus@mars:~$ globus-start-container
agriduser@mars:~$ grid-proxy-init
Your identity: /O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=Alex Bacons
Enter GRID pass phrase for this identity:
Creating proxy .................................. Done
Your proxy is valid until: Mon Aug 9 23:39:52 2010
agriduser@mars:~$ counter-create -s https://10.151.35.204:8443/wsrf/services/CounterService > test.epr
agriduser@mars:~$ while true; do counter-add -e test.epr 99999; sleep 1; done
agriduser@mars:~$ cat /etc/services
[.. unrelated info .. ]
gsiftp 2811/tcp
agriduser@mars:~$ cat /etc/xinetd.d/gsiftp
service gsiftp
{
instances = 100
socket_type = stream
wait = no
user = root
env += GLOBUS_LOCATION=/usr/local/globus-4.2.1
env += LD_LIBRARY_PATH=/usr/local/globus-4.2.1/lib
server = /usr/local/globus-4.2.1/sbin/globus-gridftp-server
server_args = -i
log_on_success += DURATION
disable = no
}
root@mars:/etc/xinetd.d# /etc/init.d/xinetd restart
agriduser@mars:~$ telnet localhost 2811
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mars.gridx.dept.orgz.country GridFTP Server 3.15 (gcc32dbgpthr, 1222656151-78) [Globus Toolkit 4.2.1] ready.
(..seems that gridftp server works..)
agriduser@mars:~$ netstat -an |grep 2811
tcp 0 0 0.0.0.0:2811 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:39526 127.0.0.1:2811 TIME_WAIT
agriduser@mars:~$ echo "GridFTP Test" > /tmp/gridftptest
agriduser@mars:~$ globus-url-copy gsiftp://mars/tmp/gridftptest file:///tmp/gridftptest.1
agriduser@mars:~$ cat /tmp/gridftptest
agriduser@mars:~$ cat /tmp/gridftptest.1
agriduser@mars:~$ globus-url-copy file:///tmp/gridftptest.1 gsiftp://mars/tmp/gridftptest.2
agriduser@mars:~$ cat /tmp/gridftptest.2
We can make several user certificate on the host
agriduser@venus:~$ cat /etc/grid-security/grid-mapfile
"/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=Alex Bacons" agriduser
"/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=auser1" agriduser
agriduser@mars:~$ cat /etc/grid-security/grid-mapfile
"/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=auser" agriduser
"/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/OU=gridx.dept.orgz.country/CN=auser1" agriduser
after make sure the same entry like above on the host
agriduser@venus:~$ echo "Thirdparty GridFTP Test" > /tmp/thirdparty
agriduser@venus:~$ globus-url-copy gsiftp://venus/tmp/thirdparty gsiftp://mars/tmp/thirdparty
globus@mars:~$ cat /tmp/thirdparty
Thirdparty GridFTP Test
RFT
globus@venus:~$ sudo bash
root@venus:~# cat /etc/postgresql/8.4/main/postgresql.conf |grep listen
listen_addresses = '*' # what IP address(es) to listen on;
root@venus:~# cat /etc/postgresql/8.4/main/pg_hba.conf |grep rftDatabase
host rftDatabase globus 10.151.35.202 255.255.255.255 trust
root@venus:~# /etc/init.d/postgresql-8.4 restart
root@venus:~# su postgres
postgres@venus:~$ createuser globus
globus@venus:~$ createdb rftDatabase
globus@venus:~$ psql -d rftDatabase -f /usr/local/globus-4.2.1/share/globus_wsrf_rft/rft_schema.sql
[ default value for "cat /usr/local/globus-4.2.1/etc/globus_wsrf_rft/jndi-config.xml" ]
if error
<<> test.epr
Error: ; nested exception is:
org.globus.common.ChainedIOException: Failed to initialize security context [Caused by: Expired credentials detected]
>> then do
<< o="Grid/OU=" ou="simpleCA-earth.gridx.dept.orgz.country/OU=" cn="auser">>
agriduser@venus:/etc/grid-security$ grid-cert-info -subject -f hostcert.pem
/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/CN=host/venus.gridx.dept.orgz.country
root@mars:/etc/grid-security# grid-cert-info -subject -f hostcert.pem
/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/CN=host/mars.gridx.dept.orgz.country
agriduser@venus:~$ cat transfer.xfr
#true=binary false=ascii
true
#Block size in bytes
16000
#TCP Buffer size in bytes
16000
#Notpt (No thirdPartyTransfer)
false
#Number of parallel streams
1
#Data Channel Authentication (DCAU)
true
# Concurrency of the request
1
#Grid Subject name of the source gridftp server
#/DC=org/DC=doegrids/OU=People/CN=Ravi Madduri 134710
/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/CN=host/venus.gridx.dept.orgz.country
#Grid Subject name of the destination gridftp server
#/DC=org/DC=doegrids/OU=People/CN=Ravi Madduri 134710
/O=Grid/OU=GlobusTest/OU=simpleCA-earth.gridx.dept.orgz.country/CN=host/mars.gridx.dept.orgz.country
#Transfer all or none of the transfers
false
#Maximum number of retries
10
#Source/Dest URL Pairs
#gsiftp://localhost:5678/tmp/rftTest.tmp
#gsiftp://localhost:5678/tmp/rftTest_Done.tmp
gsiftp://venus.gridx.dept.orgz.country/tmp/dhcpd.conf
gsiftp://mars.gridx.dept.orgz.country/tmp/fileFromVenus.conf
### begin mars
### mars end
Friday, August 6, 2010
Subscribe to:
Post Comments (Atom)
http://grid[dot]ui[dot]ac[dot]id/blog/2008/07/30/instalasi-sertifikat-ca-milik-ugm
ReplyDelete## pre_n_installation globus
ReplyDelete# /etc/apt/sources.list
deb http://kambing.ui.ac.id/ubuntu lucid main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-backports main restricted universe multiverse
deb file:///media/doc/lucid lucid main restricted universe multiverse
deb file:///media/doc/lucid lucid-updates main restricted universe multiverse
deb file:///media/doc/lucid lucid-security main restricted universe multiverse
deb file:///media/doc/lucid lucid-backports main restricted universe multiverse
globus@mars:~/old$ cat /etc/apt/sources.list
deb http://10.151.35.203/lucid lucid main restricted universe multiverse
deb http://10.151.35.203/lucid lucid-updates main restricted universe multiverse
deb http://10.151.35.203/lucid lucid-security main restricted universe multiverse
deb http://10.151.35.203/lucid lucid-backports main restricted universe multiverse
#deb http://10.151.35.203/lucid lucid-proposed main restricted universe multiverse
globus@mars:~/old$ cat /etc/apt/apt.conf
APT::Get::AutomaticRemove "true";
APT::Install-Recommends "true";
APT::Get::force-yes "true";
APT::Get::Assume-Yes "true";
globus@mars:~/old$ cat /home/globus/.bashrc
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$PATH:$JAVA_HOME/bin
export ANT_HOME=/usr/local/apache-ant-1.8.1
export PATH=$PATH:$ANT_HOME/bin
export GLOBUS_LOCATION=/usr/local/globus-4.2.1
source $GLOBUS_LOCATION/etc/globus-user-env.sh
source $GLOBUS_LOCATION/etc/globus-devel-env.sh
[...unrelated output...]
globus@mars:~/old$ sudo apt-get update && sudo apt-get upgrade && sudo apt-get install vim htop mc nmap proftpd-basic elinks localepurge openssl libssl-dev zlib1g build-essential xinetd ntp ntpdate locate libxml-parser-perl && sudo updatedb && sudo locate XML/Parser.pm
globus@mars:~$ sudo chown globus:globus /usr/local && tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/
globus@mars:~$ source ~/.bashrc && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install | tee install.log
globus@mars:~/gt4.2.1-all-source-installer$ time make | tee build.log
ReplyDelete...[unrelated output]...
real 647m25.556s
user 106m41.060s
sys 522m15.866s
wew lama x kalo di virtualbox(10jaman)
globus@mars:~/gt4.2.1-all-source-installer$ time make install | tee install.log
ReplyDelete...[unrelated output]...
real 4m11.785s
user 1m45.991s
sys 1m54.219s
globus@earth:~$ grid-ca-sign -in hostcert_request.pem -out hostcert.pem
ReplyDeleteTo sign the request
please enter the password for the CA key:
ERROR running command:
/usr/local/globus-4.2.1/bin/openssl ca -passin stdin \
-batch -config /home/globus/.globus/simpleCA//grid-ca-ssl.conf \
-in /tmp/tmp_cert_req.pem.27309 -out /tmp/tmp_cert.pem.27309
========== ERROR MESSAGES FROM OPENSSL ==========
Using configuration from /home/globus/.globus/simpleCA//grid-ca-ssl.conf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
organizationName :PRINTABLE:'Grid'
organizationalUnitName:PRINTABLE:'GlobusTest'
organizationalUnitName:PRINTABLE:'simpleCA-earth.gcl.if.its.ac.id'
commonName :PRINTABLE:'host/mars.gcl.if.its.ac.id'
Certificate is to be certified until Aug 18 02:17:12 2011 GMT (365 days)
failed to update database
TXT_DB error number 2
=================================================
just delete "related" line on the file:///~/.globus/simpleCA/index.txt
eg: the line contains 'mars' word
$GLOBUS_LOCATION/var/container.log
ReplyDelete## distribute usercert and key from host2host
ReplyDeleteagriduser@mars:~$ grid-proxy-init -debug -verify
User Cert File: /home/agriduser/.globus/usercert.pem
User Key File: /home/agriduser/.globus/userkey.pem
Trusted CA Cert Dir: /etc/grid-security/certificates
Output File: /tmp/x509up_u1001
Your identity: /O=Grid/OU=GlobusTest/OU=simpleCA-earth.gcl.if.its.ac.id/OU=gcl.if.its.ac.id/CN=auser
Enter GRID pass phrase for this identity:
Error: Couldn't read user key: Bad passphrase for key in /home/agriduser/.globus/userkey.pem
grid_proxy_init.c:812: globus_credential: Error reading user credential: Can't read credential's private key from PEM
OpenSSL Error: pem_lib.c:428: in library: PEM routines, function PEM_do_header: bad decrypt
OpenSSL Error: evp_enc.c:330: in library: digital envelope routines, function EVP_DecryptFinal_ex: bad decrypt
[solution]
agriduser@venus:~/.globus$ scp user* mars:~/.globus
agriduser@mars's password:
usercert.pem 100% 2763 2.7KB/s 00:00
usercert_request.pem 100% 1462 1.4KB/s 00:00
userkey.pem 100% 963 0.9KB/s 00:00
root@venus:~# apt-get install globus-*
ReplyDelete[... omitted ...]
* globus-rls-server disabled, please adjust the configuration to your needs
* and then set RUN to 'yes' in /etc/default/globus-rls-server to enable it.
* See /usr/share/doc/globus-rls-server/INSTALL.Debian.gz for details.
http://www.globus.org/toolkit/survey/index.php?download=gt5.0.2-all-source-installer.tar.bz2
ReplyDeletehttp://www.globus.org/ftppub/gt5/5.0/5.0.2/installers/src/gt5.0.2-all-source-installer.tar.bz2
http://vinetoolkit.org/software_releases
http://www.gridsphere.org/gridsphere/gridsphere/download/download/r/
deb http://kambing.ui.ac.id/ubuntu lucid main restricted universe multiverse
ReplyDeletedeb http://kambing.ui.ac.id/ubuntu lucid-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu lucid-backports main restricted universe multiverse
deb file:///media/doc/lucid lucid main restricted universe multiverse
deb file:///media/doc/lucid lucid-updates main restricted universe multiverse
deb file:///media/doc/lucid lucid-security main restricted universe multiverse
deb file:///media/doc/lucid lucid-backports main restricted universe multiverse
APT::Get::AutomaticRemove "true";
APT::Install-Recommends "false";
APT::Get::force-yes "true";
APT::Get::Assume-Yes "true";
#cli only
apt-get dist-upgrade && apt-get -y -q --force-yes --no-install-recommends --auto-remove install vim htop mc nmap openssh-server proftpd-basic links localepurge sudo
#GT prequisite
apt-get install openssl libssl-dev zlib1g build-essential locate libxml-parser-perl sudo
updatedb && locate XML/Parser.pm
adduser globus
adduser globus sudo
apt-get update && apt-get upgrade && apt-get dist-upgrade && apt-get install vim htop mc nmap openssh-server proftpd-basic links localepurge sudo openssl libssl-dev zlib1g build-essential locate libxml-parser-perl && updatedb && locate XML/Parser.pm
cat /etc/sudoers
+++++++++++++++++++++++++++++++++++
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
# Allow members of group sudo to execute any command after they have
# provided their password
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
+++++++++++++++++++++++++++++++++++
#
$ cat ~/.bashrc
+++++++++++++++++++++++++++++++++++
http_proxy="http://princeofun@chem.its.ac.id:jewkco@202.46.129.10:8080/"
export http_proxy
ftp_proxy="http://princeofun@chem.its.ac.id:jewkco@202.46.129.10:8080/"
export ftp_proxy
export JAVA_HOME=/usr/local/jdk1.5.0_22
export PATH=$PATH:$JAVA_HOME/bin
export ANT_HOME=/usr/local/apache-ant-1.8.1
export PATH=$PATH:$ANT_HOME/bin
export GLOBUS_LOCATION=/usr/local/globus-4.2.1
#export CATALINA_HOME=/opt/apache-tomcat-5.5.26
#export PATH=$PATH:$CATALINA_HOME/bin
#source GLOBUS_LOCATION/etc/globus-user-env.sh
+++++++++++++++++++++++++++++++++++
sudo chown globus:globus /usr/local && exit
globus@debianserver:/usr$ ls -l |grep local
drwxrwsr-x 11 globus globus 4096 2010-07-19 09:30 local
transfer jdk1.5.0_22 apache-ant-1.8.1 gt && untar && copy /usr/local
tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/ && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install
sudo chown globus:globus /usr/local && exit
source ~/.bashrc && tar xjf apache-ant-1.8.1-bin.tar.bz2 -C /usr/local && tar xjf gt4.2.1-all-source-installer.tar.bz2 && ./jdk-1_5_0_22-linux-i586.bin && mv jdk1.5.0_22/ /usr/local/ && cd gt4.2.1-all-source-installer/ && ./configure --prefix=$GLOBUS_LOCATION && make | tee build.log && make install
globus@venus:~/gt4.2.1-all-source-installer$ ./configure --prefix=$GLOBUS_LOCATION && time make | tee make.log
ReplyDelete[...unrelated output...]
real 104m8.157s
user 69m51.194s
sys 30m48.880s
2 jaman pada pc
real 2m18.392s
ReplyDeleteuser 1m56.935s
sys 0m8.057s
globus@mercury:~/gt4.2.1-all-source-installer$ time make install | tee make_install.log
adoh bingung mas. tapi manteb. tak coba yaaa. i'll try it on debian squeeze
ReplyDelete