Release Notes 3 1

From SRB

Contents

SRB 3.1

This document describes changes for SRB 3.1, released April 19, 2004.

In conjunction with this, although released independently, inQ and Jargon are now compatiable with the SRB 3.x protocol and so can now function with current SRB releases.

If you are upgrading from a previous release, see the instructions in MCAT/README.MCAT.PATCH.

New features that deal with data integrity and data backup

  1. The checksumming capability of SRB has been greatly expanded.

b) Added a new Sput option -K which puts the command in the checksum verification mode. In this mode, after a file has been uploaded, the server computes a checksum by reading back the file that was just stored. This value is then compared with the source checksum value provided by the client for verification. This verified checksum value is then registered with MCAT. c) Added a new command Schksum to compute and register checksum values for data that have already been ingested into SRB. The operation can be in one of several modes. By default, the server computes and registers checksum value for the data if the value does not already exist in MCAT. The -c option puts the operation in the verification mode. The server computes a checksum value based on the data stored in SRB and compares it with the value registered with MCAT if a registered value exists. An error will be returned if they don't match. New API: srbObjChksum()

  1. Synchronization of data between a local copy (local file system) and the copy stored in SRB (UNIX rsync like functionality)
  2. Backing up SRB data

New API: srbBackupData()

New features in Authentication

In order to address the issue of cross zone authentication, we have made a couple of improvements. Previously, for cross zone operations, users were required to connect and login through their own home zone and even with that, some cross zone operations such as replication may fail. We made the following improvements:

  1. GSI Delegation certificate
  2. Cross zone authentication improvement for the 'ENCRYPT1' scheme

Java GSI authentication is now supported:

  1. The SRB client/server 'aid' library has been enhanced to interoperate with the Java GSI code, which Jargon now supports.

New features associated with installation and administration

  1. Admin Tool is now pure Java, runs on Mac OS X, Windows
  2. The Java Admin Tool also has many new panels/functions.
  3. install.pl script now supports non-full installations
  4. There is a new installServer.pl script that installs a non-MCAT server.
  5. The SRB 'configure' script now will automatically detect if a host is using 64-bit addressing and set the configuration accordingly.
  6. SRB GUID/UUID generation code is a separate download

New Trash Can System

  • A trash can system has been implemented to process deleted SRB files and collections.
    1. Greatly improves the file removal speed perceived by users
    2. Files and collections in the trash can be restored if users change their minds after the deletion.
    /trash/home/userName.domainName    

    /myZone/trash/home/userName.domainName

The -f option of Srm forces the absolute removal without moving to the trash can first. Also, building the SRB software with the following line:
# NO_TRASH_SYSTEM=1
uncommented out will disable the Trash Can System. As released, the default is for the Trash Can System to be enabled. A new command Srmtrash has been added to allow normal users to purge their own trash or by admin users to purge system wide trash managed by the local MCAT. The -t expiration_time_in_hours option can be used to set the minimum age criteria of the trash in hours for purging. For the Trash Can System to work, the following trash collections must exist:

/trash/home
/trash/container
/your_local_zone/trash/home
/your_local_zone/trash/container

    Smkdir /trash
    Smkdir /trash/home
    Schmod w public npaci /trash/home

Other new features

  1. Different Port number for each zone
    • Local zone's port number - Because each server must know the port number of its own local zone before it can communicate with its local MCAT enabled server, it is not practical to determine the local zone's port number by querying the MCAT. Therefore, the local zone's port number is determined based on the following order: i) The value defined by the environment variable "srbPort". This value can be set in the "runsrb" script. ii) The Built in default port number of 5544.
    • Foreign zone's port numbers The foreign zone's port numbers are determined based on the following order: i) The port number associated with the foreign zone registered in MCAT. ii) If the port number is undefined or set to 0 in MCAT, it will use the value defined by the environment variable "srbPort". This value can be set in the "runsrb" script. iii) The Built in default port number of 5544.
  2. Server timeout
    • Before a srbServer process exits, it now sends a disconnect message to all other srbServers that have a connection to it.
    • Server process timeout - Added a new configurable environment variable "ServerTimeOut" in the "runsrb" script. This allows the srbServer process to timeout and exit if it has not received new commands from the connecting client/server for the number of seconds specified by ServerTimeOut. The ServerTimeOut value must not be too small especially on a MCAT enabled server because the connecting server may be busy transferring a very large file. Internally ServerTimeOut defaults to 1800 sec if it is set to less than this value.
  3. Replace gethostbyname with gethostbyname_r (reentrant version).
  4. Add a [-n replNum] option to Sput to specify which replica number to overwrite.
  5. Get around a problem on the solaris platform where the first random number from random() is always a odd number. Random number are used in many places in SRB such as selecting which resource in a logical resource to use when ingesting data.
  6. A few fixes for bulk load and unload.

This release contains the following new utlities:

  • Srsync - Synchronize files in the local file system and the copy stored in SRB
  • Srmtrash - Purge SRB objects and sub-collections in the "trash" collection
  • Schksum - Performs checksum on existing SRB objects and stores them in the MCAT
  • Sbkupsrb - Backup/synchronize srb data/collection to a target resource
  • SmodR - Modifies some system metadata information on SRB resorces
  • Sregisterlocation - Register a Resource location in MCAT
  • Sregisterresource - Register a Physical Resource in MCAT
  • SmodifyUser- Modifies some system metadata information on SRB users
  • Singestuser- Register a new user into SRB space
  • Schhost - Changes connection host for the current session
  • Schdefres - Changes default resource for the current session.

The following utilities have been updated: Sufmeta, SgetD, SgetU, Stoken, Sattrs, Shelp, Sls, Sput, Sget, and Schmod (owner and bulk).

Updated documentation includes changes and additions to readme.dir/faq.html (the FAQ), README.gsi.htm, MCAT/install.pl, MCAT/README.MCAT.PATCH and new/updated man pages for Scommands.

There is a new paper describing SRB security features and how to run more securely: readme.dir/srb-security.html.

A document describing the GSI Delegation is available as readme.dir/GSIDelegation.doc.

As always, many smaller bug fixes and enhancements have also been made.