Merge pull request #4 from BristolComputing/3.1.0-dev

Merging 3.1.0 development branch into main

etc/xrootd/Authfile

@@ -11,7 +11,8 @@
 ## under /xrootd.
 ## There must be at least one such user in order to create the
 ## private dirs for users willing to store their data in the facility
-u xrootd /xrootd/ a
+u xrootd /xrootd/ a \
+         /store/ a
 
 ###############################################################################################
 ### alice
@@ -101,9 +102,9 @@ x cmssgm /xrootd/cms/store/user/sam/ a \
 # CMS users have full access to their own directory and temp, and read for CMS
 # While xrootd allows the user to *attempt* any operation - even in other user's
 # home directories
-g /cms  /xrootd/cms/store/user/ a \
+g /cms  /xrootd/cms/store/user a \
         /xrootd/cms/store/temp/ a \
-        /store/user/ a \
+        /store/user a \
         /store/temp/ a \
         readcmsdata
 

etc/xrootd/config.d/10-file-catalog.cfg

@@ -1,3 +1 @@
-if $(xrdr)
 oss.namelib libXrdCmsTfc.so file:/cvmfs/cms.cern.ch/SITECONF/local/PhEDEx/storage.xml?protocol=direct
-fi

etc/xrootd/config.d/20-https.cfg

@@ -1,10 +1,10 @@
 #
 # Configure HTTPS access and security
 #
-http.cadir /etc/grid-security/certificates
-http.cert /etc/grid-security/xrd/hostcert.pem
-http.key /etc/grid-security/xrd/hostkey.pem
-
+# http.cadir /etc/grid-security/certificates
+# http.cert /etc/grid-security/xrd/hostcert.pem
+# http.key /etc/grid-security/xrd/hostkey.pem
+http.httpsmode auto
 http.desthttps yes
 
 if exec xrootd
@@ -13,19 +13,19 @@ if exec xrootd
   xrd.protocol http:$(httpsPort) /usr/lib64/libXrdHttp.so
   xrd.protocol http:$(httpsPort) +port
   http.selfhttps2http yes
-  
+
   # Enable third-party-copy
   http.exthandler xrdtpc libXrdHttpTPC.so
-  
+
   # Pass the bearer token to the Xrootd authorization framework.
   http.header2cgi Authorization authz
 fi
 
 # just to note that there can be differences: https://github.com/xrootd/xrootd/issues/1369
 # Full extraction gives something like:
-# sec.vorg="cms cms cms cms cms" sec.grps="/cms /cms/ALARM /cms/GGUSExpert /cms /cms/TEAM" sec.role="production NULL NULL NULL NULL" 
+# sec.vorg="cms cms cms cms cms" sec.grps="/cms /cms/ALARM /cms/GGUSExpert /cms /cms/TEAM" sec.role="production NULL NULL NULL NULL"
 # where the first and 4th entries are identical except for the role. The latter role seems to have fewer permissions.
 # http.secxtractor /usr/lib64/libXrdVoms.so certfmt=raw|grpopt=usefirst|vos=atlas,cms,dteam,dune,gridpp,lz,mu3e.org,ops,wlcg|grps=/atlas,/cms,/dteam,/dune,/gridpp,/lz,/mu3e,/ops,/wlcg|dbg
 http.secxtractor /usr/lib64/libXrdVoms.so certfmt=raw|grpopt=useall|vos=atlas,cms,dteam,dune,gridpp,lz,mu3e.org,ops,wlcg|grps=/atlas,/cms,/dteam,/dune,/gridpp,/lz,/mu3e,/ops,/wlcg|dbg
 http.selfhttps2http no
-http.tlsreuse on
+http.tlsreuse off

etc/xrootd/xrootd-clustered.cfg

@@ -12,7 +12,8 @@ all.sitename $(resourcename)
 all.export / nostage
 all.manager $(xrdr):3121
 cms.allow host *
-xrootd.chksum max 2 adler32 crc32 md5
+# num     Maximum number of checksum calculations that may run at the same time
+xrootd.chksum max 62 adler32 crc32 md5
 
 
 # Disable OSG monitoring
@@ -45,16 +46,18 @@ all.adminpath /var/spool/xrootd
 all.pidpath /var/run/xrootd
 
 # default: startup=90, lookup=5
-cms.delay startup 10 lookup 10
+cms.delay startup 10 lookup 5
 
 # Set the time file existence information is to be cached in memory.
 # Setting the cache time too low will substantially increase overhead.
 # default: 8h
 # cannot be less than 60s
-cms.fxhold noloc 60s 60s
+# cms.fxhold noloc 60s 60s
 
 # from https://github.com/xrootd/xrootd/issues/1703
-cms.dfs lookup central redirect immed
+if $(xrdr)
+  cms.dfs lookup central redirect immed retries 2
+fi
 
 # More configuration files can be added in /etc/xrootd/config.d/
 # For example /etc/xrootd/config.d/10-mygrid.cfg and