1 # Testing MyProxy with Moonshot support
4 # apt-get install libglobus-gss-assist-dev
6 ## Build the MyProxy server and client
7 $ wget http://downloads.sourceforge.net/project/cilogon/myproxy/myproxy-5.3.tar.gz
8 $ tar xzf myproxy-5.3.tar.gz && cd myproxy-5.3
10 --- myproxy_sasl_client.c 2011-04-14 12:08:59.000000000 -0400
11 +++ myproxy_sasl_client.c.orig 2011-04-14 12:08:43.000000000 -0400
16 - } else /* if (result != SASL_OK) */ {
17 + } else if (result != SASL_OK) {
18 if (send_response_sasl_data(attrs, &server_response, "", 0) < 0) {
22 $ /usr/share/globus/globus-bootstrap.sh
23 $ ./configure --with-flavor=gcc32pthr --with-sasl2=/usr --sbindir=/usr/sbin
26 ## Configure the server
27 # mkdir /etc/myproxy; cd /etc/myproxy
28 # umask 277 && openssl req -new -keyout cakey.pem -x509 -days 3650 -out cacert.pem -nodes -subj '/DC=org/DC=project-moonshot/CN=Moonshot CA' -extensions v3_ca
29 # cat > myproxy.conf <<EOF
30 authorized_retrievers "*"
33 certificate_issuer_cert /etc/myproxy/cacert.pem
34 certificate_issuer_key /etc/myproxy/cakey.pem
35 certificate_serialfile /var/lib/myproxy/serial
36 certificate_mapfile /etc/myproxy/grid-mapfile
38 # echo '"/DC=org/DC=project-moonshot/CN=steve@local" steve@local' > grid-mapfile
39 # mkdir -p /var/lib/myproxy && echo 00 > /var/lib/myproxy/serial
40 # (cd /etc/ssl/private && cp ssl-cert-snakeoil.key ssl-cert-snakeoil-myproxy.key && chmod 600 ssl-cert-snakeoil-myproxy.key)
41 # export X509_CERT_DIR=/etc/ssl/certs
42 # export X509_USER_CERT=/etc/ssl/certs/ssl-cert-snakeoil.pem
43 # export X509_USER_KEY=/etc/ssl/private/ssl-cert-snakeoil-myproxy.key
44 # export SASL_PATH=/usr/local/lib/sasl2
45 # ./myproxy-server -c /etc/myproxy/myproxy.conf
47 ## Try obtaining a certificate for steve
48 $ export SASL_PATH=/usr/local/lib/sasl2
49 $ export X509_CERT_DIR=/etc/ssl/certs
50 $ ./myproxy-logon -s localhost -n -l steve@local
52 The PKI credentials will be in ....