Merge pull request #983 from matyasselmeci/pr/SOFTWARE-5164.byelcmaps

Remove LCMAPS info

Author: matyasselmeci

docs/data/stashcache/install-cache.md

@@ -206,15 +206,20 @@ To use HTTPS:
 
 1.  Add a certificate according to the [instructions above](#ensure-the-xrootd-service-has-a-certificate)
 
-1.  Create a file named `/etc/xrootd/config.d/11-cache-https.cfg` with the following contents:
+1.  Uncomment `set EnableVoms = 1` in `/etc/xrootd/config.d/10-osg-xrdvoms.cfg`
 
-        # Support HTTPS access to unauthenticated cache
-        if named stash-cache
-          http.cadir /etc/grid-security/certificates
-          http.cert /etc/grid-security/xrd/xrdcert.pem
-          http.key /etc/grid-security/xrd/xrdkey.pem
-          http.secxtractor /usr/lib64/libXrdLcmaps.so
-        fi
+!!! note "Upgrading from OSG 3.5"
+    If upgrading from OSG 3.5, you may have a file with the following contents in `/etc/xrootd/config.d`:
+
+           # Support HTTPS access to unauthenticated cache
+           if named stash-cache
+             http.cadir /etc/grid-security/certificates
+             http.cert /etc/grid-security/xrd/xrdcert.pem
+             http.key /etc/grid-security/xrd/xrdkey.pem
+             http.secxtractor /usr/lib64/libXrdLcmaps.so
+           fi
+
+    You must delete this config block or XRootD will fail to start.
 
 
 Manually Setting the FQDN (optional)
@@ -314,12 +319,15 @@ STASHCACHE_DaemonVersion = "1.0.0"
 Updating to OSG 3.6
 -------------------
 
-The OSG 3.5 series is reaching end-of-life on May 1, 2022.
+The OSG 3.5 series has reached end-of-life on May 1, 2022.
 Admins are strongly encouraged to move their caches to OSG 3.6.
 
 See [general update instructions](../../release/updating-to-osg-36.md).
 
-Unauthenticated caches (`xrootd@stash-cache` service) do not need any configuration changes.
+Unauthenticated caches (`xrootd@stash-cache` service) do not need any configuration changes,
+unless HTTPS access has been enabled.
+See the ["enable HTTPS on the unauthenticated cache" section](#enable-https-on-the-unauthenticated-cache))
+for the necessary configuration changes.
 
 Authenticated caches (`xrootd@stash-cache-auth` service) may need the configuration changes described in the
 [updating to OSG 3.6 section](../xrootd/xrootd-authorization.md#updating-to-osg-36)

docs/data/xrootd/install-standalone.md

@@ -4,11 +4,6 @@ DateReviewed: 2022-03-24
 Install XRootD Standalone
 =========================
 
-!!!bug "OSG 3.5 EL7 version compatibility"
-    There is an incompatibility with EL7 < 7.5 and XRootD available from OSG 3.5 due to an issue with the
-    `globus-gsi-proxy-core` package
-
-
 [XRootD](http://xrootd.org/) is a hierarchical storage system that can be used in many ways to access data,
 typically distributed among actual storage resources.
 In its standalone configuration, XRootD acts as a simple layer exporting data from a storage system to the outside world.
@@ -46,26 +41,18 @@ Installing XRootD
     If your collaboration(s) don't support these new protocols, install or remain on the
     [OSG 3.5 release series, with the osg-upcoming repositories enabled](../../release/notes.md).
 
-    Note that OSG 3.5 will reach its end-of-life in [May 2022](../../release/release_series.md#series-overviews).
+    Note that OSG 3.5 has reached its end-of-life on [May 1, 2022](../../release/release_series.md#series-overviews).
 
 !!! warning "Requirements for XRootD-Multiuser with VOMS FQANs"
     Using XRootD-Multiuser with a VOMS FQAN requires mapping the FQAN to a username, which requires a `voms-mapfile`.
     Support is available in `xrootd-voms 5.4.2-1.1`, in the OSG 3.6 repos, though it is expected in XRootD 5.5.0.
     If you want to use multiuser, ensure you are getting `xrootd-voms` from the OSG repos.
 
-To install an XRootD Standalone server, run one of the following commands based on your installed
-[OSG release series](../../release/release_series.md#series-overviews):
-
--   OSG 3.6 (recommended):
-
-        :::console
-        root@xrootd-standalone # yum install osg-xrootd-standalone
-
--   OSG 3.5
+To install an XRootD Standalone server, run the following command:
 
-        :::console
-        root@xrootd-standalone # yum install osg-xrootd-standalone \
-                                             --enablerepo=osg-upcoming
+```console
+root@xrootd-standalone # yum install osg-xrootd-standalone
+```
 
 Configuring XRootD
 ------------------
@@ -120,26 +107,6 @@ The following configuration steps are optional and will likely not be required f
 If you do not need any of the following special configurations, skip to
 [the section on using XRootD](#using-xrootd).
 
-#### Enabling Hadoop support (deprecated, EL 7 Only)
-
-!!! info "OSG 3.5 end-of-life"
-    Hadoop is no longer supported in OSG 3.6 and OSG 3.5 will reach its end-of-life at the
-    [beginning of May 2022](../../release/release_series.md#series-overviews).
-
-Hadoop File System (HDFS) based sites should utilize the `xrootd-hdfs` plugin to allow XRootD to access their storage:
-
-1. Install the XRootD HDFS plugin package:
-
-        :::console
-        root@host # yum install xrootd-hdfs
-
-1. Add the following configuration to `/etc/xrootd/xrootd-clustered.cfg`:
-
-        :::file
-        ofs.osslib /usr/lib64/libXrdHdfs.so
-
-For more information, see [the HDFS installation documents](../install-hadoop.md).
-
 
 #### Enabling multi-user support
 
@@ -152,30 +119,22 @@ The `xrootd-multiuser` plugin allows XRootD to write files on the storage system
 [authenticated](xrootd-authorization.md) user instead of the `xrootd` user.
 If your XRootD service only allows read-only access, you should skip installation of this plugin.
 
-To set up XRootD in multi-user mode, perform the following steps, install the `xrootd-multiuser` package:
+To set up XRootD in multi-user mode, install the `xrootd-multiuser` package:
 
 ``` console
-root@host # yum install xrootd-multiuser
+root@xrootd-standalone # yum install xrootd-multiuser
 ```
 
 #### Enabling CMS TFC support (CMS sites only)
 
 For CMS sites, there is a package available to integrate rule-based name lookup using a `storage.xml` file.
 If you are not setting up a service for CMS, skip this section.
 
-To install an `xrootd-cmstfc`, run one of the following commands based on your installed
-[OSG release series](../../release/release_series.md#series-overviews):
-
--   OSG 3.6 (recommended):
+To install an `xrootd-cmstfc` on OSG 3.6, run the following command:
 
-        :::console
-        root@xrootd-standalone # yum install --enablerepo=osg-contrib xrootd-cmstfc
-
--   OSG 3.5
-
-        :::console
-        root@xrootd-standalone # yum install xrootd-cmstfc \
-                                             --enablerepo=osg-upcoming
+``` console
+root@xrootd-standalone # yum install --enablerepo=osg-contrib xrootd-cmstfc
+```
 
 You will need to add your `storage.xml` to `/etc/xrootd/storage.xml` and then add the following line to your XRootD
 configuration:

docs/data/xrootd/install-storage-element.md

@@ -294,11 +294,6 @@ For information on how to configure xrootd-lcmaps authorization, please refer to
 For CMS users, there is a package available to integrate rule-based name lookup using a `storage.xml` file.
 See [this documentation](install-standalone.md#enabling-cms-tfc-support-cms-sites-only).
 
-### (Optional) Adding Hadoop support to XRootD
-
-For documentation on how to export your Hadoop storage using XRootD please see
-[this documentation](install-standalone.md#enabling-hadoop-support-deprecated-el-7-only)
-
 ### (Optional) Adding Multi user support for an XRootd server
 
 For documentation how to enable multi-user support using XRootD see

docs/data/xrootd/xrootd-authorization.md

@@ -1,5 +1,5 @@
 title: Configuring XRootD Authorization
-DateReviewed: 2021-11-12
+DateReviewed: 2022-05-06
 
 Configuring XRootD Authorization
 ================================
@@ -192,27 +192,6 @@ so if you are using the mappings provided in `/usr/share/osg/voms-mapfile-defaul
 you will have to copy them to `/etc/grid-security/voms-mapfile`.
 
 
-### Authenticating Proxies (deprecated) ###
-
-!!! info "OSG 3.5 end-of-life"
-    OSG 3.5 will reach its end-of-life in [May 2022](../../release/release_series.md#series-overviews).
-
-In [OSG 3.5](../../release/release_series.md#series-overviews), [LCMAPS](../../security/lcmaps-voms-authentication.md) is
-used to authenticate X.509 and VOMS proxies to usernames utilized by the
-[authorization database](#authorization-database).
-Perform the following instructions on all data nodes:
-
-1.  Install [CA certificates](../../common/ca.md#installing-ca-certificates) and 
-    [manage CRLs](../../common/ca.md#managing-certificate-revocation-lists)
-
-1.  Copy your host certificate and key to `/etc/grid-security/xrd/xrdcert.pem` and `/etc/grid-security/xrd/xrdkey.pem`,
-    respectively.
-
-1.  Configure the [LCMAPS VOMS plugin](../../security/lcmaps-voms-authentication.md)
-
-1.  Any subject DN or VOMS FQAN mappings from LCMAPS will result in usernames that can be used in the
-    [authorization database](#authorization-database).
-
 ### Authorization database ###
 
 XRootD allows configuring fine-grained file access permissions based on authenticated identities and paths.