Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issuer keys directory's permission group should not be set to 'xrootd' #2063

Closed
4 of 7 tasks
h2zh opened this issue Feb 27, 2025 · 0 comments · Fixed by #2062
Closed
4 of 7 tasks

Issuer keys directory's permission group should not be set to 'xrootd' #2063

h2zh opened this issue Feb 27, 2025 · 0 comments · Fixed by #2062
Assignees
@h2zh
Labels
bug Something isn't working
Milestone
v7.14

Comments

@h2zh
Copy link
Collaborator

h2zh commented Feb 27, 2025

Pelican Service:

  • Client
  • Plugin
  • Registry
  • Director
  • Origin
  • Cache
  • Other (please give the detail)

We used to need xrootd to read the public key, which might be the reason why we set the permission group
of issuer keys directory to xrootd (see here for the code). However, we have shifted to use the web UI to get public key (by accessing /.well-known/openid-configuration) a long time ago. There is no necessity to keep this group permission setting anymore.

This issue is a sibling issue of #2056
@h2zh h2zh added the bug Something isn't working label Feb 27, 2025
@h2zh h2zh added this to the v7.14 milestone Feb 27, 2025
@h2zh h2zh linked a pull request Feb 27, 2025 that will close this issue
Use GetPelicanUser() to set issuer keys directory's permission group #2062
Merged
@h2zh h2zh self-assigned this Feb 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@h2zh h2zh

Labels
bug Something isn't working
Projects
None yet
Milestone
v7.14
Development

Successfully merging a pull request may close this issue.

Use GetPelicanUser() to set issuer keys directory's permission group h2zh/pelican
1 participant
@h2zh