On 11/3/20 5:43 PM, Adrian Sevcenco wrote:
> Hi! I just observed on my servers (4.12.3) that http is no longer
> working (it seems that at one moment it was working)
>
> at this moment when trying with curl i get:
> * Trying 85.120.46.25:1094...
> * TCP_NODELAY set
> * Connected to storage05.spacescience.ro (85.120.46.25) port 1094 (#0)
> > GET
> //home/aliprod/data/04/53413/5db44470-1dc5-11eb-a2c0-08f1eaf0250c?authz=-----BEGIN+SEALED+CIPHER-----long_auth_envelope-----END+SEALED+ENVELOPE-----%0A
> HTTP/1.1
> > Host: storage05.spacescience.ro:1094
> > User-Agent: curl/7.66.0
> > Accept: */*
> >
> * Mark bundle as not supporting multiuse
> < HTTP/1.1 403 Forbidden
> HTTP/1.1 403 Forbidden
> < Connection: Close
> Connection: Close
> < Content-Length: 99
> Content-Length: 99
>
> <
> Unable to open
> /home/aliprod/data/04/53413/5db44470-1dc5-11eb-a2c0-08f1eaf0250c;
> permission denied
>
> and in logs i see:
> 201103 17:01:34 1572 XrootdBridge: unknown.9:129@[::46.243.114.230]
> login as nobody
> XrdAggregatingN2N processing.
> buff='/home/aliprod/data/04/53413/5db44470-1dc5-11eb-a2c0-08f1eaf0250c'
> Error: nothing could be decrypted
> 201103 17:01:35 1572 XrdAliceTokenAcc::Access: Unable to read provided
> authz for
> /home/aliprod/data/04/53413/5db44470-1dc5-11eb-a2c0-08f1eaf0250c;
> permission denied
> 201103 17:01:35 1572 ofs_open: unknown.9:129@[::46.243.114.230] Unable
> to open
> /home/aliprod/data/04/53413/5db44470-1dc5-11eb-a2c0-08f1eaf0250c;
> permission denied
> 201103 17:01:35 1572 XrootdXeq: unknown.9:129@[::46.243.114.230] disc
> 0:00:01 (send failure)
>
> e metafile that have a working xrootd path can be found here:
> https://cernbox.cern.ch/index.php/s/V21naWT790be6p8
>
> first thing to suspect is that the envelope it was not correctly
> converted to be used by curl ... is there any facility that would halp
> with this?
>
> Can be any other problem? (this is 4.12.3 xrootd server)
so, i forgot to add the details about the settings:
the serve settings have this
if exec xrootd
xrd.protocol http /usr/lib64/libXrdHttp.so
http.exthandler xrdtpc /usr/lib64/libXrdHttpTPC.so
http.header2cgi Authorization authz
http.header2cgi authz authz
http.listingdeny yes
http.trace all
fi
and with trace all on the server i see:
sec_PM: Using unix protocol, args=''
--
201103 20:38:39 26982 sysXrdHttp: rc:38 got hdr line: Host:
storage05.spacescience.ro:1094
201103 20:38:39 26982 sysXrdHttp: rc:25 got hdr line: User-Agent:
curl/7.66.0
201103 20:38:39 26982 sysXrdHttp: rc:13 got hdr line: Accept: */*
201103 20:38:39 26982 sysXrdHttp: rc:2 got hdr line:
201103 20:38:39 26982 sysXrdHttp: rc:2 detected header end.
201103 20:38:39 26982 XrootdBridge: unknown.3:98@[::46.243.114.230]
login as nobody
So, any idea what i'm missing?
Thanks a lot!
Adrian
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-L list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1
