Changes between Version 1 and Version 2 of Doc/gLite/TemplateCustomization/Services

Timestamp:

Jan 17, 2011, 12:37:04 AM (13 years ago)

Author:

/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=Michel Jouvin

Comment:

--

Doc/gLite/TemplateCustomization/Services

@@ -39 +39 @@
 }}}
 
-In addition, when using several CEs with the same WNs, it is necessary to configure a [#SharedGridmapdir shared gridmapdir]. This is '''required''' to ensure consistency of DN/userid mapping across CEs. 
+In addition, when using several CEs with the same WNs, it is necessary to configure a [/wiki/Doc/gLite/TemplateCustomization/General#SharedGridmapdir shared gridmapdir]. This is '''required''' to ensure consistency of DN/userid mapping across CEs. 
 
 === CREAM CE Specific Configuration === #CREAMConfig
@@ -255 +255 @@
 === Restricting Access to CEs ===
 
-It is possible to ban some users or restrict time slots when the CEs are open for grid usage using LCAS middleware component. QWG allows to easily [#LCAS-LCMAPS configure them].
+It is possible to ban some users or restrict time slots when the CEs are open for grid usage using LCAS middleware component. QWG allows to easily [/wiki/Doc/gLite/TemplateCustomization/General#LCAS-LCMAPS configure them].
 
 === Home Directory Purging ===
@@ -639 +639 @@
 The VOBOX is a machine '''dedicated to one VO''' running VO-specific services. In addition to the VO-specific services, this machine runs a service called ''proxy renewal'' in charge of renewing the grid proxy used by VO-specific services.
 
-This is critical for the security to restrict the number of people allowed access to the VOBOX. By default, only people with the VO SW manager role can log into the VO box. To change this configuration, refer to section on [#MappingofVOMSgroupsrolesintogrid-mapfile VOMS groups/roles mapping], but be sure you really need to allow other roles as it can give unwanted users access to privilege services.
+This is critical for the security to restrict the number of people allowed access to the VOBOX. By default, only people with the VO SW manager role can log into the VO box. To change this configuration, refer to section on [/wiki/Doc/gLite/TemplateCustomization/General#MappingofVOMS-gridmapfile VOMS groups/roles mapping], but be sure you really need to allow other roles as it can give unwanted users access to privilege services.
 
 The configuration templates for the VOBOX enforce there is only one VO configured for acess to VOBOX-specific services. This VO must be declared using the `VOS` variable, as for other machine types. If you want to give other VOs access to the VOBOX for the management and operation of the VOBOX, you need to explicitly allow them using the variable `VOBOX_OPERATION_VOS`. This variable is a list of VOs considered as operation VOs. By default, this list is only VO `ops`. If the VOs listed in this variable are not listed in  `VOS`, they are automatically added.
 
-Only the enabled VO has a `gsissh` access to the VOBOX by default. If you want the operation VOs to also be enabled for `gsissh` access to the VOBOX, you need to define variable `VOBOX_OPERATION_VOS_GSISSH` to `true` in the VOBOX profile. Only the FQAN enabled by [#MappingofVOMSgroupsrolesintogrid-mapfile VO_VOMS_FQAN_FILTER] will be enabled for each VO (default: SW manager).
+Only the enabled VO has a `gsissh` access to the VOBOX by default. If you want the operation VOs to also be enabled for `gsissh` access to the VOBOX, you need to define variable `VOBOX_OPERATION_VOS_GSISSH` to `true` in the VOBOX profile. Only the FQAN enabled by [/wiki/Doc/gLite/TemplateCustomization/General#MappingofVOMS-gridmapfile VO_VOMS_FQAN_FILTER] will be enabled for each VO (default: SW manager).
 
 ''Note: if you add `dteam` VO to operation VOs and enable `gsissh` access for operation VOs, be sure to restrict the people who will be allowed interactive access to the VOBOX, as `dteam` is a very large VO with people from every grid site.''