Difference between revisions of "GLExec"

From PDP/Grid Wiki
Jump to navigationJump to search
Line 1: Line 1:
 
gLExec is a program that acts as a light-weight 'gatekeeper'. gLExec takes Grid credentials as input. By taking the local site policy into account it '''authenticates''' and '''authorizes''' the credentials. For extra safety gLExec is capable of creating a new execution sandbox based on the Grid credentials. Besides the ''yes''/''no'' control point functionality in the '''logging-only''' mode it can create identity specific sandboxes in the '''identity-switching''' mode. [[Image:MUPJ-CE-WN-gLExec.png|thumb|upright|Multi User Pilot Job with CE & WN]]
 
gLExec is a program that acts as a light-weight 'gatekeeper'. gLExec takes Grid credentials as input. By taking the local site policy into account it '''authenticates''' and '''authorizes''' the credentials. For extra safety gLExec is capable of creating a new execution sandbox based on the Grid credentials. Besides the ''yes''/''no'' control point functionality in the '''logging-only''' mode it can create identity specific sandboxes in the '''identity-switching''' mode. [[Image:MUPJ-CE-WN-gLExec.png|thumb|upright|Multi User Pilot Job with CE & WN]]
  
= Deployment: Installation and setups =
+
== Deployment: Installation and setups ==
  
 
* gLExec on the Worker Nodes
 
* gLExec on the Worker Nodes
Line 11: Line 11:
 
* [[Debugging hints]]
 
* [[Debugging hints]]
  
= How To's and FAQ =
+
== How To's and FAQ ==
  
 
* To help you master gLExec's security:
 
* To help you master gLExec's security:
Line 20: Line 20:
 
* [[FAQs and misconceptions about gLExec]]
 
* [[FAQs and misconceptions about gLExec]]
  
= Documentation =
+
== Documentation ==
  
 
* [[Exit codes of gLExec]]
 
* [[Exit codes of gLExec]]

Revision as of 09:03, 5 February 2010

gLExec is a program that acts as a light-weight 'gatekeeper'. gLExec takes Grid credentials as input. By taking the local site policy into account it authenticates and authorizes the credentials. For extra safety gLExec is capable of creating a new execution sandbox based on the Grid credentials. Besides the yes/no control point functionality in the logging-only mode it can create identity specific sandboxes in the identity-switching mode.

Multi User Pilot Job with CE & WN

Deployment: Installation and setups

How To's and FAQ

  • To help you master gLExec's security:
    • Need to Know's: Explains about the LD_LIBRARY_PATH in combo with setuid programs and other technical details.
    • GLExec TransientPilotJobs describes how you may go about managing a target workload's transient area in Pilot Job Frameworks.
    • GLExec Environment Wrap and Unwrap scripts describes how you can preserve the environment variables between the calling process of gLExec and the user switched side of gLExec. For example: to preserve the environment variables from a Pilot Job Framework, through gLExec and into Pilot Job Payload.

Documentation