 |
 |
Hi Brian, The TPC is used extensively by EOS so Lukasz and Andreas have a lot og experience in setting up TPC. Specifically, using xrdcp to an arbitrary srver does not bypass any authentication that was setup by the source or destination site. If we did that we would be opening up a huge security hole. So, if a site requires GSI auth then you better have a cert to get past the first hurdle. The same is true for any basic authorization that was setup by the site. In the federated context that usually is not an issue. If you really want to bypass authentication, then you can bind an alternate authentication protocal (e.g. host) to particular hosts. That generally isn't scalable but it can be done. The server will seach for binaries in whatever is in $PATH. My guess is that for daemons /usr/bin isn't in $PATH for historic reasons. But it easy to check. As for which file the was targeted by the copy is solely determined by the client that initiated the copy. From your command line it specifically asked itto copy to the indicated destination file. So, it was doing exactly what you asked it to do. Andy On Thu, 25 Sep 2014, Brian Bockelman wrote: > Hi all, > > Is there a how-to guide in getting TPC working? > > I added the following to my config on source and destination server: > > ofs.tpc > > This didn't work because "xrdcp" wasn't found (it's in /usr/bin/xrdcp; I guess xrootd doesn't search the path?). So, I tried: > > ofs.tpc pgm /usr/bin/xrdcp > > This didn't work - things ended with an "auth failed". Accordingly, I wrote a small wrapper script to dump the CLI and the output of "xrdcp" at "-d 2" into a file. I've copied this below. > > Two things caught my eye in the output: > > 1) It's trying to do a GSI auth on the server side. This, of course, won't work - the server has no certificate. Shouldn't the whole "tpc.key" and "tpc.org" be used for auth instead? > 2) It's trying to copy to: > > /store/user/bbockelm/LoadTest07_Caltech_EE.brunel.3 > > Unless xrdcp is being setup somewhat magically, that won't work - that file doesn't exist. You need to use the XrdOfs plugin found in libXrdHdfs.so to write on this particular server. > > Suggestions? > > Brian > > -d 2 --server xroot://red-gridftp6.unl.edu:1094//store/user/bbockelm/LoadTest07_Caltech_EE.brunel?tpc.key=00080829161e2bfc54248713&[log in to unmask] /store/user/bbockelm/LoadTest07_Caltech_EE.brunel.3 > [2014-09-25 16:20:19.646444 -0500][Debug ][Poller ] Available pollers: built-in > [2014-09-25 16:20:19.646582 -0500][Debug ][Poller ] Attempting to create a poller according to preference: built-in,libevent > [2014-09-25 16:20:19.646597 -0500][Debug ][Poller ] Creating poller: built-in > [2014-09-25 16:20:19.646614 -0500][Debug ][Poller ] Creating and starting the built-in poller... > [2014-09-25 16:20:19.646776 -0500][Debug ][TaskMgr ] Starting the task manager... > [2014-09-25 16:20:19.646822 -0500][Debug ][TaskMgr ] Task manager started > [2014-09-25 16:20:19.646838 -0500][Debug ][JobMgr ] Starting the job manager... > [2014-09-25 16:20:19.646932 -0500][Debug ][JobMgr ] Job manager started, 3 workers > [2014-09-25 16:20:19.646953 -0500][Debug ][TaskMgr ] Registering task: "FileTimer task" to be run at: [2014-09-25 16:20:19 -0500] > [2014-09-25 16:20:19.646999 -0500][Debug ][PostMaster ] Creating new channel to: red-gridftp6.unl.edu:1094 1 stream(s) > [2014-09-25 16:20:19.647041 -0500][Debug ][PostMaster ] [red-gridftp6.unl.edu:1094 #0] Stream parameters: Network Stack: IPAuto, Connection Window: 120, ConnectionRetry: 5, Stream Error Widnow: 1800 > [2014-09-25 16:20:19.647574 -0500][Debug ][TaskMgr ] Registering task: "TickGeneratorTask for: red-gridftp6.unl.edu:1094" to be run at: [2014-09-25 16:20:34 -0500] > [2014-09-25 16:20:19.648292 -0500][Debug ][PostMaster ] [red-gridftp6.unl.edu:1094] Found 2 address(es): [2600:900:6:1101:21a:a0ff:fe33:251c]:1094, [::ffff:129.93.239.130]:1094 > [2014-09-25 16:20:19.648333 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Attempting connection to [2600:900:6:1101:21a:a0ff:fe33:251c]:1094 > [2014-09-25 16:20:19.648510 -0500][Debug ][Poller ] Adding socket 0xab3c10 to the poller > [2014-09-25 16:20:19.649967 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Async connection call returned > [2014-09-25 16:20:19.650009 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Sending out the initial hand shake + kXR_protocol > [2014-09-25 16:20:19.650234 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Got the server hand shake response (type: server [], protocol version 300) > [2014-09-25 16:20:19.650264 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] kXR_protocol successful (type: server [], protocol version 300) > [2014-09-25 16:20:19.651060 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Sending out kXR_login request, username: xrootd, cgi: ?xrd.cc=us&xrd.tz=-6&xrd.appname=xrdcp > [2014-09-25 16:20:19.651279 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Logged in > [2014-09-25 16:20:19.651300 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Authentication is required: &P=gsi,v:10300,c:ssl,ca:82c2b224.0|c7a717ce.0 > [2014-09-25 16:20:19.651312 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Sending authentication data > [2014-09-25 16:20:19.656207 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Trying to authenticate using gsi > [2014-09-25 16:20:19.661892 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Cannot get credentials for protocol gsi: Secgsi: ErrParseBuffer: error getting user proxies: kXGS_init > XrdSec: No authentication protocols are available. > [2014-09-25 16:20:19.661969 -0500][Error ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] No protocols left to try > [2014-09-25 16:20:19.661992 -0500][Error ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Socket error while handshaking: [FATAL] Auth failed > [2014-09-25 16:20:19.662006 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Closing the socket > [2014-09-25 16:20:19.662022 -0500][Debug ][Poller ] <[2600:900:6:1101:20f:53ff:fe0e:46cc]:45293><--><[2600:900:6:1101:21a:a0ff:fe33:251c]:1094> Removing socket from the poller > [2014-09-25 16:20:19.662122 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Attempting connection to [::ffff:129.93.239.130]:1094 > [2014-09-25 16:20:19.662159 -0500][Debug ][Poller ] Adding socket 0xab3c10 to the poller > [2014-09-25 16:20:19.663273 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Async connection call returned > [2014-09-25 16:20:19.663312 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Sending out the initial hand shake + kXR_protocol > [2014-09-25 16:20:19.664031 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Got the server hand shake response (type: server [], protocol version 300) > [2014-09-25 16:20:19.664060 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] kXR_protocol successful (type: server [], protocol version 300) > [2014-09-25 16:20:19.664821 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Sending out kXR_login request, username: xrootd, cgi: ?xrd.cc=us&xrd.tz=-6&xrd.appname=xrdcp > [2014-09-25 16:20:19.665096 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Logged in > [2014-09-25 16:20:19.665115 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Authentication is required: &P=gsi,v:10300,c:ssl,ca:82c2b224.0|c7a717ce.0 > [2014-09-25 16:20:19.665127 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Sending authentication data > [2014-09-25 16:20:19.665371 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Trying to authenticate using gsi > [2014-09-25 16:20:19.665436 -0500][Debug ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] Cannot get credentials for protocol gsi: Secgsi: ErrParseBuffer: error getting user proxies: kXGS_init > XrdSec: No authentication protocols are available. > [2014-09-25 16:20:19.665463 -0500][Error ][XRootDTransport ] [red-gridftp6.unl.edu:1094 #0.0] No protocols left to try > [2014-09-25 16:20:19.665479 -0500][Error ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Socket error while handshaking: [FATAL] Auth failed > [2014-09-25 16:20:19.665491 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Closing the socket > [2014-09-25 16:20:19.665503 -0500][Debug ][Poller ] <[::ffff:129.93.239.136]:44730><--><[::ffff:129.93.239.130]:1094> Removing socket from the poller > [2014-09-25 16:20:19.665546 -0500][Error ][PostMaster ] [red-gridftp6.unl.edu:1094 #0] Unable to recover: [FATAL] Auth failed. > [2014-09-25 16:20:19.665566 -0500][Error ][XRootD ] [red-gridftp6.unl.edu:1094] Impossible to send message kXR_stat (path: /store/user/bbockelm/LoadTest07_Caltech_EE.brunel, flags: none). Trying to recover. > [2014-09-25 16:20:19.665584 -0500][Error ][XRootD ] [red-gridftp6.unl.edu:1094] Handling error while processing kXR_stat (path: /store/user/bbockelm/LoadTest07_Caltech_EE.brunel, flags: none): [FATAL] Auth failed. > [2014-09-25 16:20:19.665733 -0500][Debug ][Utility ] CopyProcess: 1 jobs to prepare > [2014-09-25 16:20:19.665813 -0500][Debug ][Utility ] Creating a classic copy job, from xroot://red-gridftp6.unl.edu:1094//store/user/bbockelm/LoadTest07_Caltech_EE.brunel?tpc.key=00080829161e2bfc54248713&[log in to unmask] to file:///store/user/bbockelm/LoadTest07_Caltech_EE.brunel.3 > [2014-09-25 16:20:19.665832 -0500][Debug ][Utility ] Monitor library name not set. No monitoring > [2014-09-25 16:20:19.665907 -0500][Debug ][Utility ] Opening xroot://red-gridftp6.unl.edu:1094//store/user/bbockelm/LoadTest07_Caltech_EE.brunel?tpc.key=00080829161e2bfc54248713&[log in to unmask] for reading > [2014-09-25 16:20:19.665962 -0500][Debug ][File ] [0xab8ec0@xroot://red-gridftp6.unl.edu:1094//store/user/bbockelm/LoadTest07_Caltech_EE.brunel?tpc.key=00080829161e2bfc54248713&[log in to unmask]] Sending an open command > [2014-09-25 16:20:19.666009 -0500][Error ][XRootD ] [red-gridftp6.unl.edu:1094] Unable to send the message kXR_open (file: /store/user/bbockelm/LoadTest07_Caltech_EE.brunel?tpc.key=00080829161e2bfc54248713&[log in to unmask], mode: 00, flags: kXR_open_read kXR_async kXR_retstat ): [FATAL] Auth failed > Run: [FATAL] Auth failed > [2014-09-25 16:20:19.666289 -0500][Debug ][JobMgr ] Stopping the job manager... > [2014-09-25 16:20:19.666575 -0500][Debug ][JobMgr ] Job manager stopped > [2014-09-25 16:20:19.666594 -0500][Debug ][TaskMgr ] Stopping the task manager... > [2014-09-25 16:20:19.666679 -0500][Debug ][TaskMgr ] Task manager stopped > [2014-09-25 16:20:19.666693 -0500][Debug ][Poller ] Stopping the poller... > [2014-09-25 16:20:19.666762 -0500][Debug ][TaskMgr ] Requesting unregistration of: "TickGeneratorTask for: red-gridftp6.unl.edu:1094" > [2014-09-25 16:20:19.666778 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Closing the socket > [2014-09-25 16:20:19.666791 -0500][Debug ][PostMaster ] [red-gridftp6.unl.edu:1094 #0] Destroying stream > [2014-09-25 16:20:19.666804 -0500][Debug ][AsyncSock ] [red-gridftp6.unl.edu:1094 #0.0] Closing the socket > > ######################################################################## > Use REPLY-ALL to reply to list > > To unsubscribe from the XROOTD-DEV list, click the following link: > https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1 > ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1