 |
 |
Thanks a lot Alessandro. It works now. I have just downgraded to: glite-security-util-java-1.4.0-1 glite-security-voms-api-cpp-1.8.12-1.slc4 glite-security-voms-api-noglobus-1.8.8-2.slc4 glite-security-voms-clients-1.8.12-1.slc4 glite-version-3.1.1-2 according to your list. I do not know which one is the culprit ... Cheers Edith On 02/15/2011 03:34 PM, Alessandro Paolini wrote: > Hi Edith, > I see that at least the web interface is working well :-) > > the latest update release for VOMS 3.1 is the following: > http://glite.web.cern.ch/glite/packages/R3.1//deployment/glite-VOMS_mysql/3.1.27-0/glite-VOMS_mysql-3.1.27-0-update.html > > > it seems to me that some of the rpm installed have a newer version > than expected, for example the following ones: > > glite-security-voms-api-cpp-1.9.10-12.slc4.i386 > glite-security-voms-api-noglobus-1.9.10-12.slc4.i386 > glite-security-voms-clients-1.9.10-12.slc4.i386 > > try to downgrade them, and be sure to have installed these ones: > > glite-config-3.1.3-3.slc4 > glite-info-generic-2.0.2-3 > glite-info-templates-1.0.0-11 > glite-security-trustmanager-1.8.16-3 > glite-security-util-java-1.4.0-1 > glite-security-utils-config-3.1.0-1.slc4 > glite-security-voms-admin-client-2.0.10-1 > glite-security-voms-admin-interface-2.0.2-1 > glite-security-voms-admin-server-2.0.18-1 > glite-security-voms-api-cpp-1.8.12-1.slc4 > glite-security-voms-api-noglobus-1.8.8-2.slc4 > glite-security-voms-clients-1.8.12-1.slc4 > glite-security-voms-config-1.8.12-1.slc4 > glite-security-voms-mysql-3.1.0-1.slc4 > glite-security-voms-server-1.8.12-1.slc4 > glite-version-3.1.1-2 > glite-VOMS_mysql-3.1.27-0 > glite-voms-server-config-3.1.7-4.slc4 > > Cheers, > Alessandro > > Il 15/02/2011 15:06, Edith Knoops ha scritto: >> Hello, >> >> I have a problem since this morning with my voms server. SL4 glite3.1 >> I did the morning update of the CA and glite update ( >> glite-security-util-java 2.9.1 1,glite-security-trustmanager 2.5.5 >> 3_GL31Special, glite-info-provider-release 1.0.2 1,glite-BDII 3.1.23 >> 2.slc4 ,glite-security-voms-api-cpp 1.9.10 12.slc4, >> glite-security-voms-api-noglobus 1.9.10 12.slc4, >> glite-security-voms-clients 1.9.10 12.slc4,glite-yaim-core 4.0.13 2 >> noarch) >> >> Since then voms-admin is working but it is impossible to initiate a >> proxy with voms-prox-init. >> According to the client I got : >> >> Creating temporary proxy >> ....................................................................... >> Done >> Contacting marvoms.in2p3.fr:15001 >> [/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr] >> "cppm"gss_assist_get_unwrap failure: >> globus_gss_assist token :3: failure: Connection closed >> Failed >> >> Error: GSS authentication failure >> globus_gss_assist token :3: failure: Connection closed >> >> or I got stuck after >> Contacting marvoms.in2p3.fr:15001 >> [/O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr] "cppm" >> >> >> On the server side I see no evident failure. gLite status say >> everything is ok . >> I put debug level 10 for voms and the log corresponding to the >> voms-proxy init is at the end. >> Any idea what could be wrong or what I can check ? >> >> Thanks >> >> Edith >> >> >> voms log >> >> Tue Feb 15 14:53:51 2011:marvoms.in2p3.fr:vomsd[22056]: >> msg="LOG_INFO:REQUEST:Listen (Server.cpp:356):Received connection >> from: ANantes-157-1-214-192.w2-0.abo.wanadoo.fr (134.158.17.56):49297." >> Tue Feb 15 14:53:51 2011:marvoms.in2p3.fr:vomsd[22056]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:600):Starting Executor with pid = >> 1732" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication >> (Server.cpp:287):Certificate DN: >> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication >> (Server.cpp:289):Certificate CA: /C=FR/O=CNRS/CN=GRID2-FR" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication (Server.cpp:291):Stack >> Size: 0" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:612):Self : >> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:613):Self CA : >> /C=FR/O=CNRS/CN=GRID2-FR" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620):At: Tue Feb 15 14:53:52 >> 2011. Received Contact :" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): user: >> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Edith Knoops" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:622): ca : >> /C=FR/O=CNRS/CN=GRID2-FR" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:623): serial: 0EDF" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:Run (vomsd.cc:625):Starting Execution." >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1." >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1." >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:671):Received Request: <?xml >> version="1.0" encoding = >> "US-ASCII"?><voms><command>G/cppm</command><Bass64>1</base64><version>4</version><lifetime>43200</lifetime></voms>" >> >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:737):Userid = "47"" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:753):Next command : G/cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:831):ordering: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:157):Initiating parse >> order: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:159):Entered loop" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:175):Attrib: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:193):Order: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:867):fq = /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:883):Initial FQAN: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1732]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:888):Processed FQAN: >> /cppm/Role=NULL/Capability=NULL" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[22056]: >> msg="LOG_INFO:REQUEST:Listen (Server.cpp:356):Received connection >> from: ANantes-157-1-214-193.w2-0.abo.wanadoo.fr (134.158.17.56):49553." >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[22056]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:600):Starting Executor with pid = >> 1733" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication >> (Server.cpp:287):Certificate DN: >> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication >> (Server.cpp:289):Certificate CA: /C=FR/O=CNRS/CN=GRID2-FR" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:AcceptGSIAuthentication (Server.cpp:291):Stack >> Size: 0" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:612):Self : >> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=marvoms.in2p3.fr" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:613):Self CA : >> /C=FR/O=CNRS/CN=GRID2-FR" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620):At: Tue Feb 15 14:53:52 >> 2011. Received Contact :" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): user: >> /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Edith Knoops" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:622): ca : >> /C=FR/O=CNRS/CN=GRID2-FR" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Run (vomsd.cc:623): serial: 0EDF" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:Run (vomsd.cc:625):Starting Execution." >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1." >> >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1." >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:671):Received Request: <?xml >> version="1.0" encoding = >> "US-ASCII"?><voms><command>G/cppm</command><Bass64>1</base64><version>4</version><lifetime>43200</lifetime></voms>" >> >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:737):Userid = "47"" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:753):Next command : G/cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:831):ordering: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:157):Initiating parse >> order: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:159):Entered loop" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:175):Attrib: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:parse_order (vomsd.cc:193):Order: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:867):fq = /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:883):Initial FQAN: /cppm" >> Tue Feb 15 14:53:52 2011:marvoms.in2p3.fr:vomsd[1733]: >> msg="LOG_DEBUG:REQUEST:Execute (vomsd.cc:888):Processed FQAN: >> /cppm/Role=NULL/Capability=NULL" >> >> >> >> rpm -qa |grep voms >> glite-security-voms-admin-server-2.0.18-1.noarch >> glite-security-voms-config-1.8.12-1.slc4.i386 >> glite-security-voms-api-cpp-1.9.10-12.slc4.i386 >> glite-voms-server-config-3.1.7-4.slc4.i386 >> glite-security-voms-server-1.8.12-1.slc4.i386 >> lcg-vomscerts-6.3.0-1.noarch >> glite-security-voms-admin-client-2.0.10-1.noarch >> glite-security-voms-mysql-3.1.0-1.slc4.i386 >> glite-security-voms-admin-interface-2.0.2-1.noarch >> glite-security-voms-api-noglobus-1.9.10-12.slc4.i386 >> glite-security-voms-clients-1.9.10-12.slc4.i386 >> >> >> Config >> /opt/glite/etc/config/scripts/glite-voms-server-config.py -c >> Owner of file or directory /var/glite is root:root >> Owner of file or directory /var/log/glite is root:root >> Owner of file or directory /tmp is root:root >> Check .bash_profile content >> Check .bashrc content >> Check .cshrc content >> Check .tcshrc content >> >> Copyright (c) Members of the EGEE Collaboration. 2004 >> See http://eu-egee.org/partners/ for details on the copyright holders >> For license conditions see the license file or >> http://eu-egee.org/license.html >> >> glite-voms-server-config v. 3.1.1 >> >> #------------------------------------------------------------------- >> # Configuration parameters: >> #------------------------------------------------------------------- >> >> [INFO] CATALINA_BASE = /usr/share/tomcat5 >> [INFO] CATALINA_HOME = /usr/share/tomcat5 >> [INFO] EDG_LOCATION = /opt/edg >> [INFO] GLITE_LOCATION = /opt/glite >> [INFO] GLITE_LOCATION_LOG = /var/log/glite >> [INFO] GLITE_LOCATION_TMP = /tmp >> [INFO] GLITE_LOCATION_VAR = /var/glite >> [INFO] GLOBUS_LOCATION = /opt/globus >> [INFO] GPT_LOCATION = /opt/gpt >> [INFO] HALF_MEMORY_SIZE = 1981M >> [INFO] JAVA_HOME = /usr/java/jdk1.5.0_14 >> [INFO] LCG_LOCATION = /opt/lcg >> [INFO] PYTHONPATH = /opt/ZSI/lib/python2.3/site-packages >> [INFO] TNS_ADMIN = /opt/glite/etc/voms >> [INFO] X509_CERT_DIR = /etc/grid-security/certificates >> [INFO] X509_VOMS_DIR = /etc/grid-security/vomsdir >> [INFO] ca.certificates.dir = /etc/grid-security/certificates >> [INFO] glib = <gLiteInstallerLib.gLib instance at 0x2a9a8a37e8> >> [INFO] glite.installer.checkcerts = true >> [INFO] glite.installer.verbose = true >> [INFO] host.certificate.file = /etc/grid-security/hostcert.pem >> [INFO] host.gridmap.dir = /etc/grid-security/gridmapdir >> [INFO] host.gridmapfile = /etc/grid-security/grid-mapfile >> [INFO] host.gridmapfile.update = true >> [INFO] host.groupmap.dir = /etc/grid-security/groupmapdir >> [INFO] host.groupmapfile = /etc/grid-security/groupmapfile >> [INFO] host.key.file = /etc/grid-security/hostkey.pem >> [INFO] installer.export.filename = /etc/profile.d/grid-env.sh >> [INFO] modify.user.env = true >> [INFO] rgma.servicetool.activate = true >> [INFO] set.mysql.root.password = false >> [INFO] site.config.url = >> [INFO] tomcat.CATALINA_OPTS = -XX:MaxPermSize=512m -Xmx1981M >> -server -Dsun.net.client.defaultReadTimeout=240000 >> [INFO] tomcat.user.group = tomcat >> [INFO] tomcat.user.name = tomcat >> [INFO] user.certificate.path = .certs >> [INFO] voms.admin.configure.endorsed = true >> [INFO] voms.admin.install = true >> [INFO] voms.admin.membershipRequest.emailOnExpire = true >> [INFO] voms.admin.membershipRequest.timeout = 86400 >> [INFO] voms.admin.oracle.connection.string = >> [INFO] voms.admin.requestScheduler.disable = true >> [INFO] voms.admin.saml.maxAssertionLifetime = 720 >> [INFO] voms.admin.smtp.host = localhost >> [INFO] voms.admin.webRegistration.disable = false >> [INFO] voms.db.host = localhost >> [INFO] voms.db.max.connections = 20 >> [INFO] voms.db.min.connections = 1 >> [INFO] voms.db.mysql.library = /opt/glite/lib/libvomsmysql.so >> [INFO] voms.db.mysql.maxConnections = 500 >> [INFO] voms.db.mysql.port = 3306 >> [INFO] voms.db.oracle.instantclient.location = >> /usr/lib/oracle/10.2.0.1/client/ >> [INFO] voms.db.oracle.library = /opt/glite/lib/libvomsoracle.so >> [INFO] voms.db.oracle.port = 1521 >> [INFO] voms.db.startup.connections = 10 >> [INFO] voms.db.type = mysql >> [INFO] voms.logrotate.logNumber = 90 >> [INFO] voms.logrotate.period = daily >> [INFO] voms.mysql.admin.name = root >> [INFO] voms.mysql.admin.password = ########### >> [INFO] voms.proxy.timeout = 86400 >> [INFO] voms.shortfqans = false >> #------------------------------------------------------------------- >> >> >> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> Main settings of gLite VOMS Server >> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> >> VOMS SERVER >> -------------------------------------------------------------- >> [DB type] mysql >> [VOMS-admin enabled] true >> [VOMS endpoint] https://marvoms.in2p3.fr:8443/vomses/ >> -------------------------------------------------------------- >> >> VOMS VO settings >> -------------------------------------------------------------- >> >> [VO] cppm >> ============================================================== >> [VOMS VO endpoint] >> https://marvoms.in2p3.fr:8443/voms/cppm >> [VOMS Hostname] marvoms.in2p3.fr >> [VOMS Port] 15001 >> [VOMS Proxy Timeout] 86400s >> [VOMS Short FQANs] false >> [VOMS logrotation period] daily >> [VOMS logrotation number] 90 >> ------------------------------------------------------- >> [VOMS-admin SMTP] localhost >> [VOMS-admin mail] [log in to unmask] >> [VOMS-admin cert] /etc/voms-security/admincert.pem >> [VOMS-admin disable web registration] false >> [VOMS-admin membership request timeout] 86400s >> [VOMS-admin e-mail user when membership request expires] true >> [VOMS-admin SAML max assertion Lifetime] 720s >> ------------------------------------------------------- >> [DB Name] VOMS_CPPM >> [DB UserName] ############ >> [DB UserPassword] ############# >> [DB Host] localhost >> [DB AdminName] root >> [DB AdminPassword] ########### >> [DB Port] 3306 >> ============================================================== >> >> [VO] vo.msfg.fr >> ============================================================== >> [VOMS VO endpoint] >> https://marvoms.in2p3.fr:8443/voms/vo.msfg.fr >> [VOMS Hostname] marvoms.in2p3.fr >> [VOMS Port] 15002 >> [VOMS Proxy Timeout] 86400s >> [VOMS Short FQANs] false >> [VOMS logrotation period] daily >> [VOMS logrotation number] 90 >> ------------------------------------------------------- >> [VOMS-admin SMTP] localhost >> [VOMS-admin mail] [log in to unmask] >> [VOMS-admin cert] /etc/voms-security/admincert.pem >> [VOMS-admin disable web registration] false >> [VOMS-admin membership request timeout] 86400s >> [VOMS-admin e-mail user when membership request expires] true >> [VOMS-admin SAML max assertion Lifetime] 720s >> ------------------------------------------------------- >> [DB Name] VOMS_MSFG >> [DB UserName] ############" >> [DB UserPassword] ################ >> [DB Host] localhost >> [DB AdminName] root >> [DB AdminPassword] ################# >> [DB Port] 3306 >> ============================================================== >> >> >> >> >> > > -- -------------------------------------------------------------- Edith Knoops CPPM/CNRS Mail: [log in to unmask] 163 Av de Luminy case 902 Tel : (+33) (0)4 91 82 72 02 13288 Marseille Cedex 9 France Fax : (+33) (0)4 91 82 72 99 --------------------------------------------------------------