dasgoclient not reading x509 proxy pointed by X509_USER_PROXY

[smuzaffar]

@vkuznet , we noticed that dasgoclient does not respect X509_USER_PROXY [a]. Looks like if /tmp/x509up_u501exists then dasgocleint always read this file regardless of X509_USER_PROXY env [b]. Is this a known feature?

[a]

> cat /etc/redhat-release 
AlmaLinux release 8.9 (Midnight Oncilla)
> echo $X509_USER_PROXY 
/data/cmsbld/jenkins/workspace/ib-run-qa/x509up_u501
> ls -l $X509_USER_PROXY
-rw------- 1 cmsbld cmsbld 10433 Jan  9 11:32 /data/cmsbld/jenkins/workspace/ib-run-qa/x509up_u501
> whoami
cmsbld
> voms-proxy-info
subject   : /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=cmsbot/CN=545661/CN=Robot: CMS Build Bot/CN=177192499
issuer    : /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=cmsbot/CN=545661/CN=Robot: CMS Build Bot
identity  : /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=cmsbot/CN=545661/CN=Robot: CMS Build Bot
type      : RFC compliant proxy
strength  : 2048 bits
path      : /data/cmsbld/jenkins/workspace/ib-run-qa/x509up_u501
timeleft  : 11:47:22
Singularity> strace -f -o x.txt dasgoclient --limit 0 --query 'lumi,file dataset=/HIHardProbes/HIRun2018A-v1/RAW run=326479' --format json
2024/01/09 11:44:44 ERROR failed to parse X509 proxy: Certificate is expired
> grep x509 x.txt 
1883474 newfstatat(AT_FDCWD, "/tmp/x509up_u501", {st_mode=S_IFREG|0600, st_size=10437, ...}, 0) = 0
1883474 openat(AT_FDCWD, "/tmp/x509up_u501", O_RDONLY|O_CLOEXEC) = 6
> which dasgoclient
/cvmfs/cms.cern.ch/common/dasgoclient

[b]

> rm /tmp/x509up_u501 
> strace -f -o x.txt dasgoclient --limit 0 --query 'lumi,file dataset=/HIHardProbes/HIRun2018A-v1/RAW run=326479' --format json
> grep x509 x.txt 
1889486 newfstatat(AT_FDCWD, "/tmp/x509up_u501", 0xc000190e08, 0) = -1 ENOENT (No such file or directory)
1889486 openat(AT_FDCWD, "/data/cmsbld/jenkins/workspace/ib-run-qa/x509up_u501", O_RDONLY|O_CLOEXEC) = 3

[vkuznet]

@smuzaffar thanks for spotting the issue, and thanks @iarspider for providing PR. Everything is merged now and you can proceed with new build (my hands are tight to WM issues and I'm busy now with shift and high priority issue in WM land).

[smuzaffar]

@vkuznet , I guess you need to create a new release of dasgoclient (based on the latest das2go)

[smuzaffar]

@vkuznet , so who can tag and build new dasgoclient release?

[vkuznet]

@smuzaffar please contact @klannon to identify right person who will manage DAS. My CMS time is reduced and I no longer assigned to carry on with these packages.

Meanwhile, I tagged das2go and das2goclient, and you can find new dasgoclient release in its release area (https://github.com/dmwm/dasgoclient/releases/tag/v02.04.50). I tried to build dasgoclient on lxplus9 and got the following error:

* The action "install-cms+dasgoclient+v02.04.50.rev01" was not completed successfully because Traceback (most recent call last):
File "/afs/cern.ch/work/v/valya/builds/pkgtools/scheduler.py", line 267, in doSerial
result = commandSpec[0](*commandSpec[1:])
File "/afs/cern.ch/work/v/valya/builds/pkgtools/cmsBuild", line 3651, in installPackage
installRpm(pkg, pkg.options.bootstrap, scheduler)
File "/afs/cern.ch/work/v/valya/builds/pkgtools/cmsBuild", line 3399, in installRpm
raise RpmInstallFailed(pkg, output)
RpmInstallFailed: Failed to install package dasgoclient. Reason:
error: Failed dependencies:
        libc.so.6(GLIBC_2.32)(64bit) is needed by cms+dasgoclient+v02.04.50.rev01-1-1.x86_64
        libc.so.6(GLIBC_2.34)(64bit) is needed by cms+dasgoclient+v02.04.50.rev01-1-1.x86_64

* The action "final-job" was not completed successfully because The following dependencies could not complete:
install-cms+dasgoclient+v02.04.50.rev01

It seems like either my SCRAM_ARCH (SCRAM_ARCH=slc7_amd64_gcc820) is too old, or we migrated to another OS version where there is appropriate GLIBC version. If you can tell me which OS/ARCH to setup on which lxplus I can try to do another build round. Otherwise, now you have a new tag and can proceed with a build by yourself.

[smuzaffar]

thanks @vkuznet for the tag. I have opened cms-sw/cmsdist#8927 to test it.

You build failed as you were building for slc7 on el9 OS. You should use lxplus7 to build for slc7

[smuzaffar]

@vkuznet , OK cmsdist tests also failed with same error. I think you need to add CGO_ENABLED=0 ( cms-sw/cmsdist#8697 (comment) )

[vkuznet]

Ok, I added CGO_ENABLED to dasgoclient/Makefile and tagged as v02.4.51, and I built it successfully on lxplus7, here is my PR cms-sw/cmsdist#8931 or if something is missing you can proceed now with new tag.

[smuzaffar]

thanks a lot @vkuznet