Hello,
I have a problem since this morning with my voms server. SL4 glite3.1
I did the morning update of the CA and glite update (
glite-security-util-java 2.9.1 1,glite-security-trustmanager 2.5.5
3_GL31Special, glite-info-provider-release 1.0.2 1,glite-BDII 3.1.23
2.slc4 ,glite-security-voms-api-cpp 1.9.10 12.slc4,
glite-security-voms-api-noglobus 1.9.10 12.slc4,
glite-security-voms-clients 1.9.10 12.slc4,glite-yaim-core 4.0.13 2 noarch)
Since then voms-admin is working but it is impossible to initiate a
proxy with voms-prox-init.
According to the client I got :
Creating temporary proxy
....................................................................... Done
Contacting marvoms.in2p3.fr:15001
[/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr]
"cppm"gss_assist_get_unwrap failure:
globus_gss_assist token :3: failure: Connection closed
Failed
Error: GSS authentication failure
globus_gss_assist token :3: failure: Connection closed
or I got stuck after
Contacting marvoms.in2p3.fr:15001
[/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr] "cppm"
On the server side I see no evident failure. gLite status say
everything is ok .
I put debug level 10 for voms and the log corresponding to the
voms-proxy init is at the end.
Any idea what could be wrong or what I can check ?
Thanks
Edith
voms log
Tue Feb 15 14:53:51 2011:marvoms.in2p3.fr:vomsd[22056]:
msg="LOG_INFO:REQUEST:Listen (Server.cpp:356):Received connection from:
ANantes-157-1-214-192.w2-0.abo.wanadoo.fr (134.158.17.56):49297."
Tue Feb 15 14:53:51 2011:marvoms.in2p3.fr:vomsd[22056]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:600):Starting Executor with pid = 1732"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
(Server.cpp:287):Certificate DN:
/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
(Server.cpp:289):Certificate CA: /C=FR/O=CNRS/CN=GRID2-FR"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication (Server.cpp:291):Stack
Size: 0"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:612):Self :
/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:613):Self CA : /C=FR/O=CNRS/CN=GRID2-FR"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:620):At: Tue Feb 15 14:53:52 2011.
Received Contact :"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): user:
/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Edith Knoops"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:622): ca : /C=FR/O=CNRS/CN=GRID2-FR"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:623): serial: 0EDF"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:Run (vomsd.cc:625):Starting Execution."
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:671):Received Request: <?xml
version="1.0" encoding =
"US-ASCII"?><voms><command>G/cppm</command><base64>1</base64><version>4</version><lifetime>43200</lifetime></voms>"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:737):Userid = "47""
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:753):Next command : G/cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:831):ordering: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:157):Initiating parse
order: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:159):Entered loop"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:175):Attrib: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:193):Order: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:867):fq = /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:883):Initial FQAN: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:888):Processed FQAN:
/cppm/Role=NULL/Capability=NULL"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[22056]:
msg="LOG_INFO:REQUEST:Listen (Server.cpp:356):Received connection from:
ANantes-157-1-214-193.w2-0.abo.wanadoo.fr (134.158.17.56):49553."
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[22056]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:600):Starting Executor with pid = 1733"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
(Server.cpp:287):Certificate DN:
/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication
(Server.cpp:289):Certificate CA: /C=FR/O=CNRS/CN=GRID2-FR"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication (Server.cpp:291):Stack
Size: 0"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:612):Self :
/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:613):Self CA : /C=FR/O=CNRS/CN=GRID2-FR"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:620):At: Tue Feb 15 14:53:52 2011.
Received Contact :"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): user:
/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Edith Knoops"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:622): ca : /C=FR/O=CNRS/CN=GRID2-FR"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:623): serial: 0EDF"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:Run (vomsd.cc:625):Starting Execution."
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:671):Received Request: <?xml
version="1.0" encoding =
"US-ASCII"?><voms><command>G/cppm</command><base64>1</base64><version>4</version><lifetime>43200</lifetime></voms>"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:737):Userid = "47""
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:753):Next command : G/cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:831):ordering: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:157):Initiating parse
order: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:159):Entered loop"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:175):Attrib: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:193):Order: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:867):fq = /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:883):Initial FQAN: /cppm"
Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]:
msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:888):Processed FQAN:
/cppm/Role=NULL/Capability=NULL"
rpm -qa |grep voms
glite-security-voms-admin-server-2.0.18-1.noarch
glite-security-voms-config-1.8.12-1.slc4.i386
glite-security-voms-api-cpp-1.9.10-12.slc4.i386
glite-voms-server-config-3.1.7-4.slc4.i386
glite-security-voms-server-1.8.12-1.slc4.i386
lcg-vomscerts-6.3.0-1.noarch
glite-security-voms-admin-client-2.0.10-1.noarch
glite-security-voms-mysql-3.1.0-1.slc4.i386
glite-security-voms-admin-interface-2.0.2-1.noarch
glite-security-voms-api-noglobus-1.9.10-12.slc4.i386
glite-security-voms-clients-1.9.10-12.slc4.i386
Config
/opt/glite/etc/config/scripts/glite-voms-server-config.py -c
Owner of file or directory /var/glite is root:root
Owner of file or directory /var/log/glite is root:root
Owner of file or directory /tmp is root:root
Check .bash_profile content
Check .bashrc content
Check .cshrc content
Check .tcshrc content
Copyright (c) Members of the EGEE Collaboration. 2004
See http://eu-egee.org/partners/ for details on the copyright holders
For license conditions see the license file or
http://eu-egee.org/license.html
glite-voms-server-config v. 3.1.1
#-------------------------------------------------------------------
# Configuration parameters:
#-------------------------------------------------------------------
[INFO] CATALINA_BASE = /usr/share/tomcat5
[INFO] CATALINA_HOME = /usr/share/tomcat5
[INFO] EDG_LOCATION = /opt/edg
[INFO] GLITE_LOCATION = /opt/glite
[INFO] GLITE_LOCATION_LOG = /var/log/glite
[INFO] GLITE_LOCATION_TMP = /tmp
[INFO] GLITE_LOCATION_VAR = /var/glite
[INFO] GLOBUS_LOCATION = /opt/globus
[INFO] GPT_LOCATION = /opt/gpt
[INFO] HALF_MEMORY_SIZE = 1981M
[INFO] JAVA_HOME = /usr/java/jdk1.5.0_14
[INFO] LCG_LOCATION = /opt/lcg
[INFO] PYTHONPATH = /opt/ZSI/lib/python2.3/site-packages
[INFO] TNS_ADMIN = /opt/glite/etc/voms
[INFO] X509_CERT_DIR = /etc/grid-security/certificates
[INFO] X509_VOMS_DIR = /etc/grid-security/vomsdir
[INFO] ca.certificates.dir = /etc/grid-security/certificates
[INFO] glib = <gLiteInstallerLib.gLib instance at 0x2a9a8a37e8>
[INFO] glite.installer.checkcerts = true
[INFO] glite.installer.verbose = true
[INFO] host.certificate.file = /etc/grid-security/hostcert.pem
[INFO] host.gridmap.dir = /etc/grid-security/gridmapdir
[INFO] host.gridmapfile = /etc/grid-security/grid-mapfile
[INFO] host.gridmapfile.update = true
[INFO] host.groupmap.dir = /etc/grid-security/groupmapdir
[INFO] host.groupmapfile = /etc/grid-security/groupmapfile
[INFO] host.key.file = /etc/grid-security/hostkey.pem
[INFO] installer.export.filename = /etc/profile.d/grid-env.sh
[INFO] modify.user.env = true
[INFO] rgma.servicetool.activate = true
[INFO] set.mysql.root.password = false
[INFO] site.config.url =
[INFO] tomcat.CATALINA_OPTS = -XX:MaxPermSize=512m -Xmx1981M -server
-Dsun.net.client.defaultReadTimeout=240000
[INFO] tomcat.user.group = tomcat
[INFO] tomcat.user.name = tomcat
[INFO] user.certificate.path = .certs
[INFO] voms.admin.configure.endorsed = true
[INFO] voms.admin.install = true
[INFO] voms.admin.membershipRequest.emailOnExpire = true
[INFO] voms.admin.membershipRequest.timeout = 86400
[INFO] voms.admin.oracle.connection.string =
[INFO] voms.admin.requestScheduler.disable = true
[INFO] voms.admin.saml.maxAssertionLifetime = 720
[INFO] voms.admin.smtp.host = localhost
[INFO] voms.admin.webRegistration.disable = false
[INFO] voms.db.host = localhost
[INFO] voms.db.max.connections = 20
[INFO] voms.db.min.connections = 1
[INFO] voms.db.mysql.library = /opt/glite/lib/libvomsmysql.so
[INFO] voms.db.mysql.maxConnections = 500
[INFO] voms.db.mysql.port = 3306
[INFO] voms.db.oracle.instantclient.location =
/usr/lib/oracle/10.2.0.1/client/
[INFO] voms.db.oracle.library = /opt/glite/lib/libvomsoracle.so
[INFO] voms.db.oracle.port = 1521
[INFO] voms.db.startup.connections = 10
[INFO] voms.db.type = mysql
[INFO] voms.logrotate.logNumber = 90
[INFO] voms.logrotate.period = daily
[INFO] voms.mysql.admin.name = root
[INFO] voms.mysql.admin.password = ###########
[INFO] voms.proxy.timeout = 86400
[INFO] voms.shortfqans = false
#-------------------------------------------------------------------
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Main settings of gLite VOMS Server
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
VOMS SERVER
--------------------------------------------------------------
[DB type] mysql
[VOMS-admin enabled] true
[VOMS endpoint] https://marvoms.in2p3.fr:8443/vomses/
--------------------------------------------------------------
VOMS VO settings
--------------------------------------------------------------
[VO] cppm
==============================================================
[VOMS VO endpoint] https://marvoms.in2p3.fr:8443/voms/cppm
[VOMS Hostname] marvoms.in2p3.fr
[VOMS Port] 15001
[VOMS Proxy Timeout] 86400s
[VOMS Short FQANs] false
[VOMS logrotation period] daily
[VOMS logrotation number] 90
-------------------------------------------------------
[VOMS-admin SMTP] localhost
[VOMS-admin mail] [log in to unmask]
[VOMS-admin cert] /etc/voms-security/admincert.pem
[VOMS-admin disable web registration] false
[VOMS-admin membership request timeout] 86400s
[VOMS-admin e-mail user when membership request expires] true
[VOMS-admin SAML max assertion Lifetime] 720s
-------------------------------------------------------
[DB Name] VOMS_CPPM
[DB UserName] ############
[DB UserPassword] #############
[DB Host] localhost
[DB AdminName] root
[DB AdminPassword] ###########
[DB Port] 3306
==============================================================
[VO] vo.msfg.fr
==============================================================
[VOMS VO endpoint]
https://marvoms.in2p3.fr:8443/voms/vo.msfg.fr
[VOMS Hostname] marvoms.in2p3.fr
[VOMS Port] 15002
[VOMS Proxy Timeout] 86400s
[VOMS Short FQANs] false
[VOMS logrotation period] daily
[VOMS logrotation number] 90
-------------------------------------------------------
[VOMS-admin SMTP] localhost
[VOMS-admin mail] [log in to unmask]
[VOMS-admin cert] /etc/voms-security/admincert.pem
[VOMS-admin disable web registration] false
[VOMS-admin membership request timeout] 86400s
[VOMS-admin e-mail user when membership request expires] true
[VOMS-admin SAML max assertion Lifetime] 720s
-------------------------------------------------------
[DB Name] VOMS_MSFG
[DB UserName] ############"
[DB UserPassword] ################
[DB Host] localhost
[DB AdminName] root
[DB AdminPassword] #################
[DB Port] 3306
==============================================================
--
--------------------------------------------------------------
Edith Knoops
CPPM/CNRS Mail: [log in to unmask]
163 Av de Luminy case 902 Tel : (+33) (0)4 91 82 72 02
13288 Marseille Cedex 9 France Fax : (+33) (0)4 91 82 72 99
--------------------------------------------------------------
|