GLExec

From PDP/Grid Wiki
Revision as of 07:54, 5 February 2010 by Okoeroo@nikhef.nl (talk | contribs)
Jump to navigationJump to search

gLExec is a program that acts as a light-weight 'gatekeeper'. gLExec takes Grid credentials as input. By taking the local site policy into account it authenticates and authorizes the credentials. For extra safety gLExec is capable of creating a new execution sandbox based on the Grid credentials. Besides the yes/no control point functionality in the logging-only mode it can create identity specific sandboxes in the identity-switching mode. File:Http://www.nikhef.nl/grid/lcaslcmaps/glexec/MUPJ-CE-WN-gLExec.jpg

Deployment: Installation and setups

How To's and FAQ

  • To help you master gLExec's security:
    • Need to Know's: Explains about the LD_LIBRARY_PATH in combo with setuid programs and other technical details.
    • GLExec TransientPilotJobs describes how you may go about managing a target workload's transient area in Pilot Job Frameworks.
    • GLExec Environment Wrap and Unwrap scripts describes how you can preserve the environment variables between the calling process of gLExec and the user switched side of gLExec. For example: to preserve the environment variables from a Pilot Job Framework, through gLExec and into Pilot Job Payload.

Documentation