Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 573922 - voms-proxy-init does not work reliably
voms-proxy-init does not work reliably
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: voms (Show other bugs)
12
All Linux
low Severity urgent
: ---
: ---
Assigned To: Mattias Ellert
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-03-16 03:50 EDT by Lev Shamardin
Modified: 2010-04-08 23:50 EDT (History)
1 user (show)

See Also:
Fixed In Version: voms-1.9.16.1-1.fc13
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-04-03 00:37:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lev Shamardin 2010-03-16 03:50:44 EDT
Description of problem:
With voms-clients on Fedora 12 and on sometimes on CentOS 5 I observe the following strange behavior:

[shamardin@abbot ~]$ voms-proxy-init -debug -rfc  -voms dteam
Detected Globus version: 22
PCI extension info: 
 Path length: -1
 Policy language not specified.
 Policy file not specified.
Number of bits in key :1024
Loading configuration file /home/shamardin/.voms/vomses
Loading configuration file /etc/vomses
Files being used:
 CA certificate file: none
 Trusted certificates directory : /etc/grid-security/certificates
 Proxy certificate file : /tmp/x509up_u500
 User certificate file: /home/shamardin/.globus/usercert.pem
 User key file: /home/shamardin/.globus/userkey.pem
Output to /tmp/x509up_u500
Enter GRID pass phrase:
Your identity: /C=RU/O=RDIG/OU=users/OU=sinp.msu.ru/CN=Lev Shamardin
Using configuration file /home/shamardin/.voms/vomses
Using configuration file /etc/vomses
Loading configuration file /home/shamardin/.voms/vomses
Loading configuration file /etc/vomses
Creating temporary proxy to /tmp/tmp_x509up_u500_29500 ........++++++
........++++++
No policy language specified, Gsi impersonation proxy assumed.
 Done
Contacting  voms114.cern.ch:15004 [/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch] "dteam" Done
Creating proxy to /tmp/x509up_u500 ..........................++++++
.++++++
error:22097088:X509 V3 routines:DO_EXT_NCONF:no config database:v3_conf.c:156
error:80065414:lib(128):proxy_sign:problem adding CLASS_ADD Extension:vomsclient.cc:1210
ERROR: 
[shamardin@abbot ~]$ grep dteam /etc/vomses
"dteam" "voms114.cern.ch" "15004" "/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch" "dteam" 

Or even this:

[shamardin@abbot ~]$ voms-proxy-init -debug -rfc  -voms dteam
Detected Globus version: 22
PCI extension info: 
 Path length: -1
 Policy language not specified.
 Policy file not specified.
Number of bits in key :1024
Loading configuration file /home/shamardin/.voms/vomses
Loading configuration file /etc/vomses
Files being used:
 CA certificate file: none
 Trusted certificates directory : /etc/grid-security/certificates
 Proxy certificate file : /tmp/x509up_u500
 User certificate file: /home/shamardin/.globus/usercert.pem
 User key file: /home/shamardin/.globus/userkey.pem
Output to /tmp/x509up_u500
Enter GRID pass phrase:
Your identity: /C=RU/O=RDIG/OU=users/OU=sinp.msu.ru/CN=Lev Shamardin
Using configuration file /home/shamardin/.voms/vomses
Using configuration file /etc/vomses
Loading configuration file /home/shamardin/.voms/vomses
Loading configuration file /etc/vomses
Creating temporary proxy to /tmp/tmp_x509up_u500_29601 ................++++++
..............++++++
No policy language specified, Gsi impersonation proxy assumed.
 Done
Contacting  voms114.cern.ch:15004 [/DC=ch/DC=cern/OU=computers/CN=voms.cern.ch] "dteam" Done
Creating proxy to /tmp/x509up_u500 .....................................................................++++++
...........++++++
 Done
Your proxy is valid until Tue Mar 16 22:46:26 2010
Error: verify failed.
Cannot verify AC signature!

These errors are not always reproducible, sometimes you need to run voms-proxy-init several times to cath those (especially the DO_EXT_NCONF one).

Version-Release number of selected component (if applicable):
voms-clients-1.9.14.3-1.fc12.i686
voms-1.9.14.3-1.fc12.i686
openssl-1.0.0-0.13.beta4.fc12.i686

How reproducible:
Always, but you may need to give it a few tries.

Steps to Reproduce:
1. run voms-proxy-init -rfc -voms something

Sometimes you can trigger this more quickly running first:
1. voms-proxy-init -rfc
and then:
2. voms-proxy-init -rfc -noregen -voms something
  
Actual results:
no proxy

Expected results:
working proxy with voms AC.

Additional info:
glite-security-voms-clients-1.8.12-1.sl5.x86_64 does not have this problem.
Comment 1 Mattias Ellert 2010-03-20 10:45:24 EDT
After some debugging the problem has been identified to be due to an uninitialized variable in the voms-proxy-init source file. A patch has been created and a new version will be built shortly.
Comment 2 Fedora Update System 2010-03-20 11:30:22 EDT
voms-1.9.16.1-1.el5 has been submitted as an update for Fedora EPEL 5.
http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.el5
Comment 3 Fedora Update System 2010-03-20 11:30:27 EDT
voms-1.9.16.1-1.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.fc13
Comment 4 Fedora Update System 2010-03-20 11:30:32 EDT
voms-1.9.16.1-1.el4 has been submitted as an update for Fedora EPEL 4.
http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.el4
Comment 5 Fedora Update System 2010-03-20 11:30:37 EDT
voms-1.9.16.1-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.fc12
Comment 6 Fedora Update System 2010-03-20 11:30:43 EDT
voms-1.9.16.1-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.fc11
Comment 7 Fedora Update System 2010-03-22 21:58:58 EDT
voms-1.9.16.1-1.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update voms'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.fc12
Comment 8 Fedora Update System 2010-03-22 22:10:31 EDT
voms-1.9.16.1-1.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update voms'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.fc11
Comment 9 Fedora Update System 2010-03-22 22:20:43 EDT
voms-1.9.16.1-1.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update voms'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.fc13
Comment 10 Fedora Update System 2010-03-24 13:59:43 EDT
voms-1.9.16.1-1.el5 has been pushed to the Fedora EPEL 5 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update voms'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.el5
Comment 11 Fedora Update System 2010-03-24 14:00:27 EDT
voms-1.9.16.1-1.el4 has been pushed to the Fedora EPEL 4 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update voms'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/voms-1.9.16.1-1.el4
Comment 12 Fedora Update System 2010-04-03 00:37:17 EDT
voms-1.9.16.1-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 13 Fedora Update System 2010-04-03 00:49:48 EDT
voms-1.9.16.1-1.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 14 Fedora Update System 2010-04-07 18:16:46 EDT
voms-1.9.16.1-1.el4 has been pushed to the Fedora EPEL 4 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2010-04-07 18:17:22 EDT
voms-1.9.16.1-1.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 16 Fedora Update System 2010-04-08 23:50:43 EDT
voms-1.9.16.1-1.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.