Hi,
I'm using Condor 6.8.2 and Globus Toolkit 4.0.3. I've noticed
myproxy-get-delegation doesn't work properly.
I create MyProxy proxy with following command:
$ myproxy-init -x -r "/C=HR/O=edu/OU=test/CN=Emir Imamagic" -l root -k condor
It seems that the credential is refreshed successfully only the first time:
--------------------
11/29 00:09:33 [6498] Calling /home/globus/globus/libexec/myproxy-logon.condor /tmp/x509up_u500 -v -o /tmp/x509up_u500 -s myproxy.grid.hr -d -t 12 -S -l root -p 7512 -k condor
11/29 00:09:33 [6498] myproxy-get-delegation for proxy /tmp/x509up_u500 exited successfully
--------------------
After that, each time Condor-G tries to refresh, it fails with following
message:
--------------------
11/29 12:50:19 [6498] Calling /home/globus/globus/libexec/myproxy-logon.condor /tmp/x509up_u500 -v -o /tmp/x509up_u500 -s myproxy.grid.hr -d -t 12 -S -l root -p 7512 -k condor
11/29 12:50:19 [6498] myproxy-get-delegation for proxy /tmp/x509up_u500, for job (217,175) exited with code 1, output (top):
MyProxy v3.6 10 Aug 2006 PAM
using trusted certificates directory /etc/grid-security/certificates
server name: /C=HR/O=edu/OU=test/CN=host/myproxy.grid.hr
checking that server name is acceptable...
server name does not match "myproxy@xxxxxxxxxxxxxxx"
server name matches "host@xxxxxxxxxxxxxxx"
authenticated server name is acceptable
Failed to receive credentials.
ERROR from myproxy-server (myproxy.grid.hr):
"/C=HR/O=edu/OU=test/CN=Emir Imamagic" not author
--------------------
In the MyProxy log I get following message:
--------------------
Nov 29 12:50:17 myproxy myproxy-server: <20356> myproxy-server v3.6 10 Aug 2006 PAM starting at Wed Nov 29 12:50:17 2006
Nov 29 12:50:17 myproxy myproxy-server: <20356> using storage directory /var/myproxy
Nov 29 12:50:17 myproxy myproxy-server: <20356> Connection from 192.168.17.82
Nov 29 12:50:17 myproxy myproxy-server: <20356> Authenticated client /C=HR/O=edu/OU=test/CN=Emir Imamagic
Nov 29 12:50:17 myproxy myproxy-server: <20356> authorization failed
Nov 29 12:50:17 myproxy myproxy-server: <20356> Exiting: "/C=HR/O=edu/OU=test/CN=Emir Imamagic" not authorized by server's trusted_retrievers policy invalid credential passphrase invalid pass phrase authentication failed
--------------------
When I try to execute the command manually it works fine:
--------------------
$ echo password | \
/home/globus/globus/libexec/myproxy-logon.condor -v \
-o /tmp/x509up_u500 -s myproxy.grid.hr \
-d -t 12 -S -l root -p 7512 -k condor
MyProxy v3.6 10 Aug 2006 PAM
using trusted certificates directory /etc/grid-security/certificates
server name: /C=HR/O=edu/OU=test/CN=host/myproxy.grid.hr
checking that server name is acceptable...
server name does not match "myproxy@xxxxxxxxxxxxxxx"
server name matches "host@xxxxxxxxxxxxxxx"
authenticated server name is acceptable
A credential has been received for user root in /tmp/x509up_u500.
--------------------
It seems like Condor-G forgets the password after using it first time.
Cheers,
emir
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users
The archives can be found at either
https://lists.cs.wisc.edu/archive/condor-users/
http://www.opencondor.org/spaces/viewmailarchive.action?key=CONDOR
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}