Monday, March 30, 2009

CERN VOMS FYI and Clarification

Please note the previous message regarding the CERN VOMS was an FYI for OSG. It does not take action for most of OSG. Those who do run services that interact directly with the CERN VOMS should get further instruction from their VOs. The message from EGEE Operations is included again below.

Redistributed from EGEE:

Dear grid site administrators

As previously announced, gLite 3.1 UPDATE 42 contained the new host certificate of the VOMS server < >.

The old certificate expires on 7 April. However, as several VOs use VOMS proxies that have a lifetime of 7 days, and to avoid voms-proxy-init requests from failing, it is imperative that all services be updated with the new VOMS server certificate *BEFORE 1st APRIL*.

*** ***
*** Therefore, please can all sites upgrade ***
*** their services with the new VOMS server ***
*** certificate, ***
*** ***
*** ----------------------------- ***

Our apologies for the late announcement of this urgent action. The procedures are being updated to avoid this happening again in the future.

The Grid Middleware and Operations teams

--------- Link to this Broadcast -----------

Thursday, March 26, 2009

New VO-Package Released - ALICE and JDEM VOs Added

A new VO package is now available. This package includes the new OSG VOs ALICE and JDEM. It also includes several minor changes in the gums.template, edg-mkgridmap.conf, and vomses files.

The GOC suggests backing up your installation before running any update commands.

To pull the new VO Package for an OSG 0.8 or 1.0 resource please use:

# source
# pacman -update vo-package

Please remember to make local user accounts to map the new 'alice' and 'jdem' VOs.

To pull the new VO Package for the OSG Client 0.8 or 1.0 please use:

# source
# pacman -update vo-client-0.6

Friday, March 20, 2009

TWiki Server Maintenance - 12:00pm EDST, March 20, 2009.

The OSG GOC will restart the OSG TWiki server at 12:00pm Eastern Daylight Savings Time on Friday, March 20th, 2009. This restart will be used to bring configuration changes into effect. No service outages are expected, but if there are outages, then we will roll back the changes within a 1 hour maintenance window.

Monday, March 16, 2009

CERN network scheduled maintenance

The network at CERN will undergo maintenance on March 19th, 01:00 EDT to 07:00 EDT. During this time there are expected to be intermittent outages of the CERN network and LCG services.

Details of the intervention along with a list of services affected can be found at

Thursday, March 12, 2009

OSG CA Certificates Version 1.5

Version 1.5 of the OSG CA certificates distribution is
available from

Note that this release removes "unused non-IGTF CAs" as previously
announced. For sites wanting to continue to support these CAs, they  
distributed by TeraGrid ( and
can be added using the "include" option in vdt-update-certs:

===== Version 1.5 Changes ====================
Released 10-Mar-2009

Updated to IGTF 1.28:
* Added accredited classic ULAGrid CA (VE)
* Added accredited TACC Root and TACC Classic CAs (US)
* Updated NERSC CRL URL download location (US)
* Updated DOEGrids CRL URL download location (US)
* Extended life time of NorduGrid CA (1f0e8352) (DK,SE,NO,FI,IS)
* Added SigmaNet CALG CA (LV)
* Updated AEGIS CA root certificate to reflect TLD name change (RS)
* Added CRL for SWITCH-SLCS issuing CA (304cf809) (CH)

Removed unaccredited CAs:
* PSC Kerberos CA (290a3b29)
* PSC Root CA (9b88e95b)
* PSC Hosts CA (acc06fda)
* SDSC (3deda549)
* NPACI (b89793e4)
* TACC (9a1da9f9)
* old NCSA CA (4a6cd8b1)

OSG GOC Rack Maintenance 2pm - 3pm

The OSG GOC will be performing some minor maintenance on a server rack in the machine room. No services outages are expected, but we are advising that a minor downtime of some GOC services is possible.

Thursday, March 5, 2009

VDT 1.10.1u has been released

The VDT team is pleased to announce the release of VDT 1.10.1u. This release contains two small updates:

* We rebuilt cURL 7.18.0 (no version change) to avoid referencing any /home/condor paths and to refer to the system's CA certificate bundle.

* We improved the robustness of the VDT script that helps with uninstalling packages (especially for updates). The case in question is probably very rare in practice.

Further details, including update instructions, are online at: