Skip Menu | Logged in as guest | Logout
 
New messages
There are unread messages on this ticket. You can jump to the first unread message or jump to the first unread message and mark all messages as seen.
Ticket metadata
The Basics
Id: 4247
Status: resolved
Priority: 3/0
Queue: vdt-support
Custom Fields
Fixed in: 1.10.1n
Fix scheduled: CUR
People
Owner: Tim Cartwright
Requestors: weigand@fnal.gov
Cc:
AdminCc:
More about weigand@fnal.gov
Comments about this user:
No comment entered about this user
This user's 10 highest priority tickets:
Groups this user belongs to:
  • Everyone
Reminders
New reminder:
Dates
Created: Tue Oct 21 13:52:51 2008
Starts: Not set
Started: Not set
Last Contact: Tue Nov 25 09:57:17 2008
Due: Not set
Closed: Tue Nov 25 09:57:58 2008
Updated: Tue Nov 25 09:58:00 2008 by cat
Links
Depends on: (Create)
Depended on by: (Create)
Parents: (Create)
Children: (Create)
Refers to: (Create)
Referred to by: (Create)

History Brief headersFull headers
# Tue Oct 21 13:52:53 2008 weigand@fnal.gov - Ticket created [Reply
Subject: VDT 1.10.1k VOMS: voms-proxy-init does not fail if not in group/role
Date: Tue, 21 Oct 2008 12:40:44 -0500
To: vdt-support <vdt-support@OPENSCIENCEGRID.ORG>
From: John Weigand <weigand@fnal.gov>
Download (untitled) / with headers
text/plain 5.8k
VDT 1.10.1k
VOMS 1.8.3p1
VOMS Admin 2.0.14-1

My daily installs test to verify that voms-proxy-init are working after
an installation. However, what I never tested for is for the
voms-proxy-init to fail if I am not authorized for a given FQAN. It
does not fail so long as I exist in the VO.

These are the commands followed by the
VDT_LOCATION/glite/log/voms.oiv_test1 file output of the command.

John Weigand

Good one
---------
[weigand@cms-xen3 bin]$ voms-proxy-init -voms oiv_test1:/oiv_test1
Enter GRID pass phrase:
Your identity: /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491
Creating temporary proxy
................................................. Done
Contacting cms-xen3.fnal.gov:15000
[/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov] "oiv_test1" Done
Creating proxy
........................................................... Done
Your proxy is valid until Wed Oct 22 00:23:30 2008


Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13337]:
msg="LOG_INFO:REQUEST:Listen (Server.cpp:361):Received connection from:
131.225.204.129:19352."
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13337]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:598):Starting Executor with pid = 13511"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:610):Self :
/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:611):Self CA :
/DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:618):At: Tue Oct 21 12:23:30 2008.
Received Contact :"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:619): user:
/DC=org/DC=doegrids/OU=People/CN=John Weigand 458491"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:620): ca :
/DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): serial: 63C3"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:740):Userid = "1""
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:749):Next command : G/oiv_test1"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result: /oiv_test1"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
/oiv_test1/group-1"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
/oiv_test1/group-1/group-1-1"
Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
/oiv_test1/group-2"


Invalid Group
-------------
[weigand@cms-xen3 bin]$ voms-proxy-init -voms oiv_test1:/oiv_test1/xxxxxxx
Enter GRID pass phrase:
Your identity: /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491
Creating temporary proxy .............................. Done
Contacting cms-xen3.fnal.gov:15000
[/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov] "oiv_test1" Done
Creating proxy ........................................ Done
Your proxy is valid until Wed Oct 22 00:36:24 2008
[weigand@cms-xen3 bin]$ echo $?
0


Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13337]:
msg="LOG_INFO:REQUEST:Listen (Server.cpp:361):Received connection from:
131.225.204.129:44184."
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13337]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:598):Starting Executor with pid = 13618"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:610):Self :
/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:611):Self CA :
/DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:618):At: Tue Oct 21 12:36:23 2008.
Received Contact :"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:619): user:
/DC=org/DC=doegrids/OU=People/CN=John Weigand 458491"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:620): ca :
/DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): serial: 63C3"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:740):Userid = "1""
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:REQUEST:Execute (vomsd.cc:749):Next command :
G/oiv_test1/xxxxxxx"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result: /oiv_test1"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
/oiv_test1/group-1"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
/oiv_test1/group-1/group-1-1"
Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
/oiv_test1/group-2"
# Tue Oct 21 16:18:24 2008 roy - Priority changed from (no value) to '3'
# Tue Oct 21 16:18:26 2008 roy - Given to cat
# Tue Oct 21 16:18:32 2008 roy - Fix scheduled CUR added
# Tue Oct 21 16:19:57 2008 roy - Correspondence added [Reply
RT-Send-CC: vincenzo.ciaschini@cnaf.infn.it
Download (untitled) / with headers
text/plain 6.7k
(Copying Vincenzo Ciaschini)

Vincenzo--

The VDT team received this bug report today. We're a bit short-handed at
the moment, so we haven't looked into it beyond reading the email.

However, I know that you have made bug fixes since VOMS 1.8.3, so I
thought I would just check with you: does this sound like something you
might have fixed?

Thanks,
-alain

-----------------------------------------------------------------
Alain Roy vdt-support@opensciencegrid.org
VDT Support http://vdt.cs.wisc.edu/support.html

On Tue Oct 21 13:52:53 2008, weigand@fnal.gov wrote:
> VDT 1.10.1k
> VOMS 1.8.3p1
> VOMS Admin 2.0.14-1
>
> My daily installs test to verify that voms-proxy-init are working after
> an installation. However, what I never tested for is for the
> voms-proxy-init to fail if I am not authorized for a given FQAN. It
> does not fail so long as I exist in the VO.
>
> These are the commands followed by the
> VDT_LOCATION/glite/log/voms.oiv_test1 file output of the command.
>
> John Weigand
>
> Good one
> ---------
> [weigand@cms-xen3 bin]$ voms-proxy-init -voms oiv_test1:/oiv_test1
> Enter GRID pass phrase:
> Your identity: /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491
> Creating temporary proxy
> ................................................. Done
> Contacting cms-xen3.fnal.gov:15000
> [/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov]
"oiv_test1" Done
> Creating proxy
> ........................................................... Done
> Your proxy is valid until Wed Oct 22 00:23:30 2008
>
>
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13337]:
> msg="LOG_INFO:REQUEST:Listen (Server.cpp:361):Received connection from:
> 131.225.204.129:19352."
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13337]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:598):Starting Executor with pid =
13511"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:610):Self :
> /DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:611):Self CA :
> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:618):At: Tue Oct 21 12:23:30 2008.
> Received Contact :"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:619): user:
> /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620): ca :
> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): serial: 63C3"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:740):Userid = "1""
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:749):Next command : G/oiv_test1"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result: /oiv_test1"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
> /oiv_test1/group-1"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
> /oiv_test1/group-1/group-1-1"
> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
> /oiv_test1/group-2"
>
>
> Invalid Group
> -------------
> [weigand@cms-xen3 bin]$ voms-proxy-init -voms oiv_test1:/oiv_test1/xxxxxxx
> Enter GRID pass phrase:
> Your identity: /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491
> Creating temporary proxy .............................. Done
> Contacting cms-xen3.fnal.gov:15000
> [/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov]
"oiv_test1" Done
> Creating proxy ........................................ Done
> Your proxy is valid until Wed Oct 22 00:36:24 2008
> [weigand@cms-xen3 bin]$ echo $?
> 0
>
>
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13337]:
> msg="LOG_INFO:REQUEST:Listen (Server.cpp:361):Received connection from:
> 131.225.204.129:44184."
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13337]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:598):Starting Executor with pid =
13618"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:610):Self :
> /DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:611):Self CA :
> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:618):At: Tue Oct 21 12:36:23 2008.
> Received Contact :"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:619): user:
> /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620): ca :
> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): serial: 63C3"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:740):Userid = "1""
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:749):Next command :
> G/oiv_test1/xxxxxxx"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result: /oiv_test1"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
> /oiv_test1/group-1"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
> /oiv_test1/group-1/group-1-1"
> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
> /oiv_test1/group-2"
# Tue Oct 21 16:19:58 2008 RT_System - Status changed from 'new' to 'open'
# Thu Oct 30 14:25:43 2008 cat - Subject changed from 'VDT 1.10.1k VOMS: voms-proxy-init does not fail if not in group/role' to 'Open Science Grid: VDT 1.10.1k VOMS: voms-proxy-init does not fail if not in group/role ISSUE=5863 PROJ=71'
# Thu Oct 30 15:16:18 2008 cat - Correspondence added [Reply
Subject: [vdt-support #4247] Open Science Grid: VDT 1.10.1k VOMS: voms-proxy-init does not fail if not in group/role ISSUE=5863 PROJ=71
Date: Thu, 30 Oct 2008 15:12:13 -0500
To: vdt-support@OPENSCIENCEGRID.ORG
From: Tim Cartwright <cat@cs.wisc.edu>
Download (untitled) / with headers
text/plain 340b
John:

I found the following ticket in the LCG Savannah regarding VOMS. It
sounds a lot like the problem you encountered when trying to get a
proxy against a non-existent group. What do you think? Same
problem? If so, they say it's fixed in 1.8.8, which I am building
now.....

https://savannah.cern.ch/bugs/?41773

-- Tim
# Fri Oct 31 10:29:48 2008 vincenzo.ciaschini@cnaf.infn.it - Correspondence added [Reply
Subject: Re: [vdt-support #4247] VDT 1.10.1k VOMS: voms-proxy-init does not fail if not in group/role
Date: Fri, 31 Oct 2008 15:09:58 +0100
To: vdt-support@OPENSCIENCEGRID.ORG
From: Vincenzo Ciaschini <vincenzo.ciaschini@cnaf.infn.it>
Download (untitled) / with headers
text/plain 7k
Hi Alain,
Yes, this is fixed in voms 1.8.8

Ciao,
Vincenzo

Alain Roy via RT wrote:
> (Copying Vincenzo Ciaschini)
>
> Vincenzo--
>
> The VDT team received this bug report today. We're a bit short-handed at
> the moment, so we haven't looked into it beyond reading the email.
>
> However, I know that you have made bug fixes since VOMS 1.8.3, so I
> thought I would just check with you: does this sound like something you
> might have fixed?
>
> Thanks,
> -alain
>
> -----------------------------------------------------------------
> Alain Roy vdt-support@opensciencegrid.org
> VDT Support http://vdt.cs.wisc.edu/support.html
>
> On Tue Oct 21 13:52:53 2008, weigand@fnal.gov wrote:
>
>> VDT 1.10.1k
>> VOMS 1.8.3p1
>> VOMS Admin 2.0.14-1
>>
>> My daily installs test to verify that voms-proxy-init are working after
>> an installation. However, what I never tested for is for the
>> voms-proxy-init to fail if I am not authorized for a given FQAN. It
>> does not fail so long as I exist in the VO.
>>
>> These are the commands followed by the
>> VDT_LOCATION/glite/log/voms.oiv_test1 file output of the command.
>>
>> John Weigand
>>
>> Good one
>> ---------
>> [weigand@cms-xen3 bin]$ voms-proxy-init -voms oiv_test1:/oiv_test1
>> Enter GRID pass phrase:
>> Your identity: /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491
>> Creating temporary proxy
>> ................................................. Done
>> Contacting cms-xen3.fnal.gov:15000
>> [/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov]
>>
> "oiv_test1" Done
>
>> Creating proxy
>> ........................................................... Done
>> Your proxy is valid until Wed Oct 22 00:23:30 2008
>>
>>
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13337]:
>> msg="LOG_INFO:REQUEST:Listen (Server.cpp:361):Received connection from:
>> 131.225.204.129:19352."
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13337]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:598):Starting Executor with pid =
>>
> 13511"
>
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:610):Self :
>> /DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:611):Self CA :
>> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:618):At: Tue Oct 21 12:23:30 2008.
>> Received Contact :"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:619): user:
>> /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620): ca :
>> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): serial: 63C3"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:740):Userid = "1""
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:749):Next command : G/oiv_test1"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result: /oiv_test1"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
>> /oiv_test1/group-1"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
>> /oiv_test1/group-1/group-1-1"
>> Tue Oct 21 12:23:30 2008:cms-xen3.fnal.gov:vomsd[13511]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
>> /oiv_test1/group-2"
>>
>>
>> Invalid Group
>> -------------
>> [weigand@cms-xen3 bin]$ voms-proxy-init -voms oiv_test1:/oiv_test1/xxxxxxx
>> Enter GRID pass phrase:
>> Your identity: /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491
>> Creating temporary proxy .............................. Done
>> Contacting cms-xen3.fnal.gov:15000
>> [/DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov]
>>
> "oiv_test1" Done
>
>> Creating proxy ........................................ Done
>> Your proxy is valid until Wed Oct 22 00:36:24 2008
>> [weigand@cms-xen3 bin]$ echo $?
>> 0
>>
>>
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13337]:
>> msg="LOG_INFO:REQUEST:Listen (Server.cpp:361):Received connection from:
>> 131.225.204.129:44184."
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13337]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:598):Starting Executor with pid =
>>
> 13618"
>
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:610):Self :
>> /DC=org/DC=doegrids/OU=Services/CN=http/cms-xen3.fnal.gov"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:611):Self CA :
>> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:618):At: Tue Oct 21 12:36:23 2008.
>> Received Contact :"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:619): user:
>> /DC=org/DC=doegrids/OU=People/CN=John Weigand 458491"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:620): ca :
>> /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Run (vomsd.cc:621): serial: 63C3"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_ERROR:STARTUP:my_recv (globuswrap.c:112):trueres = 1."
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:740):Userid = "1""
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:REQUEST:Execute (vomsd.cc:749):Next command :
>> G/oiv_test1/xxxxxxx"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result: /oiv_test1"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
>> /oiv_test1/group-1"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
>> /oiv_test1/group-1/group-1-1"
>> Tue Oct 21 12:36:23 2008:cms-xen3.fnal.gov:vomsd[13618]:
>> msg="LOG_INFO:RESULT:Execute (vomsd.cc:970):Request Result:
>> /oiv_test1/group-2"
>>
>
>
>
>
>
# Fri Oct 31 10:50:19 2008 roy - Correspondence added [Reply
Subject: Re: [vdt-support #4247] VDT 1.10.1k VOMS: voms-proxy-init does not fail if not in group/role
Date: Fri, 31 Oct 2008 10:43:56 -0500
To: vdt-support@OPENSCIENCEGRID.ORG
From: Alain Roy <roy@cs.wisc.edu>
Download (untitled) / with headers
text/plain 139b
On Oct 31, 2008, at 10:29 AM, Vincenzo Ciaschini via RT wrote:
> Hi Alain,
> Yes, this is fixed in voms 1.8.8

Great, thank you!

-alain
# Mon Nov 03 14:44:32 2008 cat - Comments added [Reply
Subject: [vdt-support #4247] SVN commit, rev 8270
To: vdt-support@cs.wisc.edu
From: cat@cs.wisc.edu
Download (untitled) / with headers
text/plain 355b
Commit comment:
Added test for this ticket: voms-proxy-init should fail and return a non-zero
exit status when asked to get a proxy for an existing user but a non-existent
group.


Changed files:
U vdt/branches/vdt-1.10.1-voms-1.8.8/VDT-Certification-Tests/vdt/tests/tests/voms.t

To generate a diff:
svn diff -c 8270 file:///p/condor/workspaces/vdt/svn
# Mon Nov 03 16:09:18 2008 cat - Comments added [Reply
Subject: [vdt-support #4247] SVN commit, rev 8274
To: vdt-support@cs.wisc.edu
From: cat@cs.wisc.edu
Download (untitled) / with headers
text/plain 372b
Commit comment:
Updated VOMS to 1.8.8-2 for testing.


Changed files:
U vdt/branches/vdt-1.10.1-voms-1.8.8/VOMS/nmi/nmi-remote-task.pl
U vdt/branches/vdt-1.10.1-voms-1.8.8/VOMS/nmi/voms-mysql.in
U vdt/branches/vdt-1.10.1-voms-1.8.8/VOMS/nmi/voms.in
U vdt/branches/vdt-1.10.1-voms-1.8.8/defs

To generate a diff:
svn diff -c 8274 file:///p/condor/workspaces/vdt/svn
# Mon Nov 17 16:16:55 2008 cat - Comments added [Reply
Subject: [vdt-support #4247] SVN commit, rev 8319
To: vdt-support@cs.wisc.edu
From: cat@cs.wisc.edu
Download (untitled) / with headers
text/plain 194b
Commit comment:
Merging VOMS 1.8.8-2 branch into VDT 1.10.1.


Changed files:
A vdt/tags/vdt-1.10.1-voms-1.8.8-merge1/

To generate a diff:
svn diff -c 8319 file:///p/condor/workspaces/vdt/svn
# Tue Nov 18 09:12:08 2008 cat - Dependency on ticket #4408 added
# Tue Nov 25 09:56:57 2008 cat - Correspondence added [Reply
Download (untitled) / with headers
text/plain 607b
Back on 21 October 2008, John Weigand wrote:

> My daily installs test to verify that voms-proxy-init are working after an
> installation. However, what I never tested for is for the voms-proxy-init to
> fail if I am not authorized for a given FQAN. It does not fail so long as I
> exist in the VO.

This bug was fixed in VOMS 1.8.8-2 and was released in VDT 1.10.1n. Thanks for
the bug report! We even added a test to our nightly test suite for this issue,
so in case there's a regression some day, we will catch it.

I am closing this ticket now in the VDT RT. John, could you inform the GOC?

-- Tim
# Tue Nov 25 09:57:58 2008 cat - Status changed from 'open' to 'resolved'
# Tue Nov 25 09:57:59 2008 cat - Fixed in 1.10.1n added