Hi Edith,
I see that at least the web interface is working well :-)
the latest update release for VOMS 3.1 is the following:
http://glite.web.cern.ch/glite/packages/R3.1//deployment/glite-VOMS_mysql/3.1.27-0/glite-VOMS_mysql-3.1.27-0-update.html
it seems to me that some of the rpm installed have a newer version than
expected, for example the following ones:
glite-security-voms-api-cpp-1.9.10-12.slc4.i386
glite-security-voms-api-noglobus-1.9.10-12.slc4.i386
glite-security-voms-clients-1.9.10-12.slc4.i386
try to downgrade them, and be sure to have installed these ones:
glite-config-3.1.3-3.slc4
glite-info-generic-2.0.2-3
glite-info-templates-1.0.0-11
glite-security-trustmanager-1.8.16-3
glite-security-util-java-1.4.0-1
glite-security-utils-config-3.1.0-1.slc4
glite-security-voms-admin-client-2.0.10-1
glite-security-voms-admin-interface-2.0.2-1
glite-security-voms-admin-server-2.0.18-1
glite-security-voms-api-cpp-1.8.12-1.slc4
glite-security-voms-api-noglobus-1.8.8-2.slc4
glite-security-voms-clients-1.8.12-1.slc4
glite-security-voms-config-1.8.12-1.slc4
glite-security-voms-mysql-3.1.0-1.slc4
glite-security-voms-server-1.8.12-1.slc4
glite-version-3.1.1-2
glite-VOMS_mysql-3.1.27-0
glite-voms-server-config-3.1.7-4.slc4
Cheers,
Alessandro
Il 15/02/2011 15:06, Edith Knoops ha scritto:
> Hello,
>
> I have a problem since this morning with my voms server. SL4 glite3.1
> I did the morning update of the CA and glite update (
> glite-security-util-java 2.9.1 1,glite-security-trustmanager 2.5.5
> 3_GL31Special, glite-info-provider-release 1.0.2 1,glite-BDII 3.1.23
> 2.slc4 ,glite-security-voms-api-cpp 1.9.10 12.slc4,
> glite-security-voms-api-noglobus 1.9.10 12.slc4,
> glite-security-voms-clients 1.9.10 12.slc4,glite-yaim-core 4.0.13 2
> noarch)
>
> Since then voms-admin is working but it is impossible to initiate a
> proxy with voms-prox-init.
> According to the client I got :
>
> Creating temporary proxy
> ....................................................................... Done
>
> Contacting marvoms.in2p3.fr:15001
> [/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr]
> "cppm"gss_assist_get_unwrap failure:
> globus_gss_assist token :3: failure: Connection closed
> Failed
>
> Error: GSS authentication failure
> globus_gss_assist token :3: failure: Connection closed
>
> or I got stuck after
> Contacting marvoms.in2p3.fr:15001
> [/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr] "cppm"
>
>
> On the server side I see no evident failure. gLite status say
> everything is ok .
> I put debug level 10 for voms and the log corresponding to the
> voms-proxy init is at the end.
> Any idea what could be wrong or what I can check ?
>
> Thanks
>
> Edith
>
>
> voms log
>
> Tue Feb 15 14:53:51 2011:marvoms.in2p3.fr:vomsd[22056]:
> msg="LOG_INFO:REQUEST:Listen (Server.cpp:356):Received connection
> from: ANantes-157-1-214-192.w2-0.abo.wanadoo.fr (134.158.17.56):49297."
> Tue Feb 15 14:53:51 2011:marvoms.in2p3.fr:vomsd[22056]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:600):Starting Executor with pid =
> 1732"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
> (Server.cpp:287):Certificate DN:
> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
> (Server.cpp:289):Certificate CA: /C=FR/O=CNRS/CN=GRID2-FR"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication (Server.cpp:291):Stack
> Size: 0"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:612):Self :
> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:613):Self CA :
> /C=FR/O=CNRS/CN=GRID2-FR"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620):At: Tue Feb 15 14:53:52 2011.
> Received Contact :"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): user:
> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Edith Knoops"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:622): ca : /C=FR/O=CNRS/CN=GRID2-FR"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:623): serial: 0EDF"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:Run (vomsd.cc:625):Starting Execution."
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:671):Received Request: <?xml
> version="1.0" encoding =
> "US-ASCII"?><voms><command>G/cppm</command><base64>1</base64><version>4</version><lifetime>43200</lifetime></voms>"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:737):Userid = "47""
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:753):Next command : G/cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:831):ordering: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:157):Initiating parse
> order: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:159):Entered loop"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:175):Attrib: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:193):Order: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:867):fq = /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:883):Initial FQAN: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:888):Processed FQAN:
> /cppm/Role=NULL/Capability=NULL"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[22056]:
> msg="LOG_INFO:REQUEST:Listen (Server.cpp:356):Received connection
> from: ANantes-157-1-214-193.w2-0.abo.wanadoo.fr (134.158.17.56):49553."
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[22056]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:600):Starting Executor with pid =
> 1733"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
> (Server.cpp:287):Certificate DN:
> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
> (Server.cpp:289):Certificate CA: /C=FR/O=CNRS/CN=GRID2-FR"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication (Server.cpp:291):Stack
> Size: 0"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:612):Self :
> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:613):Self CA :
> /C=FR/O=CNRS/CN=GRID2-FR"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620):At: Tue Feb 15 14:53:52 2011.
> Received Contact :"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): user:
> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Edith Knoops"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:622): ca : /C=FR/O=CNRS/CN=GRID2-FR"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:623): serial: 0EDF"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:Run (vomsd.cc:625):Starting Execution."
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
>
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:671):Received Request: <?xml
> version="1.0" encoding =
> "US-ASCII"?><voms><command>G/cppm</command><base64>1</base64><version>4</version><lifetime>43200</lifetime></voms>"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:737):Userid = "47""
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:753):Next command : G/cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:831):ordering: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:157):Initiating parse
> order: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:159):Entered loop"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:175):Attrib: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:193):Order: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:867):fq = /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:883):Initial FQAN: /cppm"
> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:888):Processed FQAN:
> /cppm/Role=NULL/Capability=NULL"
>
>
>
> rpm -qa |grep voms
> glite-security-voms-admin-server-2.0.18-1.noarch
> glite-security-voms-config-1.8.12-1.slc4.i386
> glite-security-voms-api-cpp-1.9.10-12.slc4.i386
> glite-voms-server-config-3.1.7-4.slc4.i386
> glite-security-voms-server-1.8.12-1.slc4.i386
> lcg-vomscerts-6.3.0-1.noarch
> glite-security-voms-admin-client-2.0.10-1.noarch
> glite-security-voms-mysql-3.1.0-1.slc4.i386
> glite-security-voms-admin-interface-2.0.2-1.noarch
> glite-security-voms-api-noglobus-1.9.10-12.slc4.i386
> glite-security-voms-clients-1.9.10-12.slc4.i386
>
>
> Config
> /opt/glite/etc/config/scripts/glite-voms-server-config.py -c
> Owner of file or directory /var/glite is root:root
> Owner of file or directory /var/log/glite is root:root
> Owner of file or directory /tmp is root:root
> Check .bash_profile content
> Check .bashrc content
> Check .cshrc content
> Check .tcshrc content
>
> Copyright (c) Members of the EGEE Collaboration. 2004
> See http://eu-egee.org/partners/ for details on the copyright holders
> For license conditions see the license file or
> http://eu-egee.org/license.html
>
> glite-voms-server-config v. 3.1.1
>
> #-------------------------------------------------------------------
> # Configuration parameters:
> #-------------------------------------------------------------------
>
> [INFO] CATALINA_BASE = /usr/share/tomcat5
> [INFO] CATALINA_HOME = /usr/share/tomcat5
> [INFO] EDG_LOCATION = /opt/edg
> [INFO] GLITE_LOCATION = /opt/glite
> [INFO] GLITE_LOCATION_LOG = /var/log/glite
> [INFO] GLITE_LOCATION_TMP = /tmp
> [INFO] GLITE_LOCATION_VAR = /var/glite
> [INFO] GLOBUS_LOCATION = /opt/globus
> [INFO] GPT_LOCATION = /opt/gpt
> [INFO] HALF_MEMORY_SIZE = 1981M
> [INFO] JAVA_HOME = /usr/java/jdk1.5.0_14
> [INFO] LCG_LOCATION = /opt/lcg
> [INFO] PYTHONPATH = /opt/ZSI/lib/python2.3/site-packages
> [INFO] TNS_ADMIN = /opt/glite/etc/voms
> [INFO] X509_CERT_DIR = /etc/grid-security/certificates
> [INFO] X509_VOMS_DIR = /etc/grid-security/vomsdir
> [INFO] ca.certificates.dir = /etc/grid-security/certificates
> [INFO] glib = <gLiteInstallerLib.gLib instance at 0x2a9a8a37e8>
> [INFO] glite.installer.checkcerts = true
> [INFO] glite.installer.verbose = true
> [INFO] host.certificate.file = /etc/grid-security/hostcert.pem
> [INFO] host.gridmap.dir = /etc/grid-security/gridmapdir
> [INFO] host.gridmapfile = /etc/grid-security/grid-mapfile
> [INFO] host.gridmapfile.update = true
> [INFO] host.groupmap.dir = /etc/grid-security/groupmapdir
> [INFO] host.groupmapfile = /etc/grid-security/groupmapfile
> [INFO] host.key.file = /etc/grid-security/hostkey.pem
> [INFO] installer.export.filename = /etc/profile.d/grid-env.sh
> [INFO] modify.user.env = true
> [INFO] rgma.servicetool.activate = true
> [INFO] set.mysql.root.password = false
> [INFO] site.config.url =
> [INFO] tomcat.CATALINA_OPTS = -XX:MaxPermSize=512m -Xmx1981M
> -server -Dsun.net.client.defaultReadTimeout=240000
> [INFO] tomcat.user.group = tomcat
> [INFO] tomcat.user.name = tomcat
> [INFO] user.certificate.path = .certs
> [INFO] voms.admin.configure.endorsed = true
> [INFO] voms.admin.install = true
> [INFO] voms.admin.membershipRequest.emailOnExpire = true
> [INFO] voms.admin.membershipRequest.timeout = 86400
> [INFO] voms.admin.oracle.connection.string =
> [INFO] voms.admin.requestScheduler.disable = true
> [INFO] voms.admin.saml.maxAssertionLifetime = 720
> [INFO] voms.admin.smtp.host = localhost
> [INFO] voms.admin.webRegistration.disable = false
> [INFO] voms.db.host = localhost
> [INFO] voms.db.max.connections = 20
> [INFO] voms.db.min.connections = 1
> [INFO] voms.db.mysql.library = /opt/glite/lib/libvomsmysql.so
> [INFO] voms.db.mysql.maxConnections = 500
> [INFO] voms.db.mysql.port = 3306
> [INFO] voms.db.oracle.instantclient.location =
> /usr/lib/oracle/10.2.0.1/client/
> [INFO] voms.db.oracle.library = /opt/glite/lib/libvomsoracle.so
> [INFO] voms.db.oracle.port = 1521
> [INFO] voms.db.startup.connections = 10
> [INFO] voms.db.type = mysql
> [INFO] voms.logrotate.logNumber = 90
> [INFO] voms.logrotate.period = daily
> [INFO] voms.mysql.admin.name = root
> [INFO] voms.mysql.admin.password = ###########
> [INFO] voms.proxy.timeout = 86400
> [INFO] voms.shortfqans = false
> #-------------------------------------------------------------------
>
>
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Main settings of gLite VOMS Server
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>
> VOMS SERVER
> --------------------------------------------------------------
> [DB type] mysql
> [VOMS-admin enabled] true
> [VOMS endpoint] https://marvoms.in2p3.fr:8443/vomses/
> --------------------------------------------------------------
>
> VOMS VO settings
> --------------------------------------------------------------
>
> [VO] cppm
> ==============================================================
> [VOMS VO endpoint]
> https://marvoms.in2p3.fr:8443/voms/cppm
> [VOMS Hostname] marvoms.in2p3.fr
> [VOMS Port] 15001
> [VOMS Proxy Timeout] 86400s
> [VOMS Short FQANs] false
> [VOMS logrotation period] daily
> [VOMS logrotation number] 90
> -------------------------------------------------------
> [VOMS-admin SMTP] localhost
> [VOMS-admin mail] [log in to unmask]
> [VOMS-admin cert] /etc/voms-security/admincert.pem
> [VOMS-admin disable web registration] false
> [VOMS-admin membership request timeout] 86400s
> [VOMS-admin e-mail user when membership request expires] true
> [VOMS-admin SAML max assertion Lifetime] 720s
> -------------------------------------------------------
> [DB Name] VOMS_CPPM
> [DB UserName] ############
> [DB UserPassword] #############
> [DB Host] localhost
> [DB AdminName] root
> [DB AdminPassword] ###########
> [DB Port] 3306
> ==============================================================
>
> [VO] vo.msfg.fr
> ==============================================================
> [VOMS VO endpoint]
> https://marvoms.in2p3.fr:8443/voms/vo.msfg.fr
> [VOMS Hostname] marvoms.in2p3.fr
> [VOMS Port] 15002
> [VOMS Proxy Timeout] 86400s
> [VOMS Short FQANs] false
> [VOMS logrotation period] daily
> [VOMS logrotation number] 90
> -------------------------------------------------------
> [VOMS-admin SMTP] localhost
> [VOMS-admin mail] [log in to unmask]
> [VOMS-admin cert] /etc/voms-security/admincert.pem
> [VOMS-admin disable web registration] false
> [VOMS-admin membership request timeout] 86400s
> [VOMS-admin e-mail user when membership request expires] true
> [VOMS-admin SAML max assertion Lifetime] 720s
> -------------------------------------------------------
> [DB Name] VOMS_MSFG
> [DB UserName] ############"
> [DB UserPassword] ################
> [DB Host] localhost
> [DB AdminName] root
> [DB AdminPassword] #################
> [DB Port] 3306
> ==============================================================
>
>
>
>
>
--
Dr. Alessandro Paolini
INFN - CNAF
Viale Berti Pichat 6/2
40127 Bologna
Italy
tel: +39 051 6092723
fax: +39 051 6092916
ICQ: 192172027
skype: alex.paolini
**********************
"credo nel potere del riso e delle lacrime"
"come antidoto all'odio ed al terrore"
"un giorno senza un sorriso"
"รจ un giorno perso">>> Charlie Chaplin
|