PROOF on Rocks

Hi,

I’m trying to put PROOF to work in a Rocks cluster, but I’m having some authentication problems. Can you give me a clue? Here is the error when running root:

root [0] gROOT->Proof(“prod-frontend.hepgrid.uerj.br”);
Name (prod-frontend.hepgrid.uerj.br:cms):
cms@prod-frontend.hepgrid.uerj.br password:
Warning in TAuthenticate::ClearAuth on master: Potential problems: got msg type: 2038 value: 1 (expecting: 0 0)
*** Break *** on master: write on a pipe with no one to read it
SysError in TUnixSystem::UnixSend on master: send (Broken pipe)
Error in TUnixSystem::SendRaw on master: cannot send buffer
*** Break *** on master: write on a pipe with no one to read it
SysError in TUnixSystem::UnixSend on master: send (Broken pipe)
Error in TUnixSystem::SendRaw on master: cannot send buffer
*** Break *** on master: write on a pipe with no one to read it
SysError in TUnixSystem::UnixSend on master: send (Broken pipe)
Error in TUnixSystem::SendRaw on master: cannot send buffer
Warning in TAuthenticate::ClearAuth on master: problems secure-sending pass hash - may result in authentication failure
Warning in TAuthenticate::ClearAuth on master: problems recvn (user,offset) length (2038:1 bytes:0)
Warning in TAuthenticate::ClearAuth on master: username and offset not received (2038:0)
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-1
*** Break *** on master: write on a pipe with no one to read it
SysError in TUnixSystem::UnixSend on master: send (Broken pipe)
Error in TUnixSystem::SendRaw on master: cannot send buffer
Warning in TAuthenticate::PromptPasswd on master: not tty: cannot prompt for passwd, returning -1
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-1
Warning in TAuthenticate::PromptPasswd on master: not tty: cannot prompt for passwd, returning -1
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-2
Warning in TAuthenticate::PromptPasswd on master: not tty: cannot prompt for passwd, returning -1
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-2
Warning in TAuthenticate::PromptPasswd on master: not tty: cannot prompt for passwd, returning -1
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-3
Warning in TAuthenticate::PromptPasswd on master: not tty: cannot prompt for passwd, returning -1
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-3
Warning in TAuthenticate::PromptPasswd on master: not tty: cannot prompt for passwd, returning -1
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-4
Warning in TAuthenticate::PromptPasswd on master: not tty: cannot prompt for passwd, returning -1
Info in TAuthenticate::Authenticate on master: failure: list of attempted methods: UsrPwd
Error in TSlave::TSlave on master: authentication failed for cms@compute-0-4
Error in TProof::Init on master: no appropriate node line found in /usr/local/root/proof/etc/proof.conf
root [1] gProof->Print()
Connected to: prod-frontend.hepgrid.uerj.br (valid)
Port number: 1093
User: cms
Authentication method: 0 (UsrPwd)
Client protocol version: 3
Remote protocol version: 3
Log level: 0
*** Master server (sequential mode):
Master host name: prod-frontend.hepgrid.uerj.br
Port number: 1093
User: cms
Protocol version: 3
Image name:
Working directory: /home/cms/proof/master-prod-frontend-1127137366-8268
Config directory: /usr/local/root
Config file: /usr/local/root/proof/etc/proof.conf
Log level: 0
Number of slaves: 12
Number of active slaves: 0
Number of unique slaves: 0
Number of bad slaves: 8
Total MB’s processed: 0.00
Total real time used (s): 0.000
Total CPU time used (s): 0.000

Thanks!

Dear Antoniov,

To be able to help you I need some additional information:

  1. What type of password your are trying to use (ie whether from .rootdpass or from a system password file)

  2. The output of the following test:

    .1) In window 1, connect to prod-frontend.hepgrid.uerj.br and start

rootd -d 3 -f -p 5151

(rootd, not proofd)

.2) In window 2 start a root session and try

root[0] gDebug = 4
root [1] TFTP *t = new TFTP(“root://prod-frontend.hepgrid.uerj.br:5151”)

(Please send the *complete* set of logs you get from the two windows)
  1. The files /usr/local/root/proof/etc/proof.conf and /usr/local/root/etc/system.rootdaemonrc (or /etc/root/system.rootdaemonrc)

  2. The versions of ROOT are installed on the client, master and slaves

Thanks, Gerri

Hi,

Sorry for the delay, but we had some serious problems here in the cluster.

  1. I guess we’re using a system password file (we use 411 here in our cluster). I don’t know about this .rootdpass file.

.1)
[cms@prod-frontend ~]$ rootd -d 3 -f -p 5151
main: no config directory specified using ROOTSYS (/usr/local/root)
ROOTD_PORT=5151
main: pid = 1937, ppid = 1179, gInetdFlag = 0, gProtocol = 9
RootdParallel: port = 0, size = 0
RpdSetDebugFlag: gDebug set to 3
RpdDefaultAuthAllow: Enter
RpdCheckDaemon: Enter … sshd
RpdCheckDaemon: read: 1151 ? S 0:03 /usr/sbin/sshd
RpdCheckDaemon: read: 15322 ? S 0:00 sshd: cms [priv]
RpdCheckDaemon: read: 15372 ? S 0:00 sshd: cms@pts/4
RpdCheckDaemon: read 3 lines
RpdCheckSshd: Enter …
RpdCheckSshd: success!
RpdDefaultAuthAllow: default list of secure methods available: 0 4 2
RpdInitRand: taking seed from /dev/random
RootdLoop: kind:2012 – buf:’’ (len:0) – auth:0
RootdProtocol: gClientProtocol = 6
RootdLoop: kind:2031 – buf:‘9’ (len:1) – auth:0
RootdProtocol: gClientProtocol = 9
RootdLoop: kind:2000 – buf:‘11776 -1 7 3 cms’ (len:16) – auth:0
RpdCheckAuthAllow: Checking file: /usr/local/root/etc/system.rootdaemonrc for meth:0 host:prod-frontend.hepgrid.uerj.br (gNumAllow: 3)
RpdCheckAuthAllow: found host: 127.0.0.1
RpdCheckHost: Checking Host IP: 200.143.197.197
RpdCheckAuthAllow: no specific or ‘default’ entry found: using system defaults
RpdCheckAuthAllow: returning: 0 (gNumAllow: 3, gNumLeft:2)
RpdReUseAuth: analyzing: 11776 -1 7 3 cms, 2000
RpdUser: Enter … 11776 -1 7 3 cms
RpdUser: gReUseRequired: 1 gCryptRequired: 2
RpdUser: Shadow passwd not accessible for user cms
RpdUser: trying normal or special root passwd
RpdUser: passwd hash not available for user cms
RpdUser: user cms cannot be authenticated with this method
RootdLoop: Authentication: kind:2000 – meth:0 – gAuth:0 – gNumLeft:2
RpdSendAuthList: analyzing (gNumLeft: 2)
RpdSendAuthList: gTriedMeth[0]: 1
RpdSendAuthList: gTriedMeth[1]: 0
RpdSendAuthList: gTriedMeth[2]: 0
RpdSendAuthList: sent list: 4 2
RootdLoop: kind:2024674312 – buf:’’ (len:0) – auth:0
RootdLoop: not authenticated
RootdCloseTab: file /tmp/rootdtab does not exist
RootdClose: file closed, rd=0, wr=0, rx=55, tx=74
.2)
root [0] gDebug = 4
(const int)4
root [1] TFTP *t = new TFTP(“root://prod-frontend.hepgrid.uerj.br:5151”);
Info in TAuthenticate::TAuthenticate: Enter: local host: prod-frontend.hepgrid.uerj.br, user is: (proto: root:9)
Info in TAuthenticate::TAuthenticate: service: root (remote protocol: 9): fVersion: 3
Info in TAuthenticate::GenRSAKeys: enter
Info in TPluginManager::FindHandler: did not find plugin for class TSystem and uri /dev/random
Info in TAuthenticate::GenRSAKeys: taking seed from /dev/random
Info in TAuthenticate::GetRandString: enter … Len: 30 Any
Info in TAuthenticate::GetRandString: got ‘-M8sM5ciW[cx38?o<EJPoR.WI3w@GL’
Info in TAuthenticate::GenRSAKeys: local: test string: ‘-M8sM5ciW[cx38?o<EJPoR.WI3w@GL’
Info in TAuthenticate::GenRSAKeys: local: length of crypted string: 42 bytes
Info in TAuthenticate::GenRSAKeys: local: after private/public : ‘-M8sM5ciW[cx38?o<EJPoR.WI3w@GL’
Info in TAuthenticate::GenRSAKeys: local: length of crypted string: 42 bytes
Info in TAuthenticate::GenRSAKeys: local: after public/private : ‘-M8sM5ciW[cx38?o<EJPoR.WI3w@GL’
Info in TAuthenticate::GenRSAKeys: local: export pub length: 86 bytes
Info in TAuthenticate::TAuthenticate: number of HostAuth Instantiations in memory: 0
Info in TAuthenticate::GetHostAuth: enter … prod-frontend.hepgrid.uerj.br … cms
Info in TAuthenticate::GetAuthMeth: enter: h:prod-frontend.hepgrid.uerj.br p:root u: (0x9e343a8 0x9e343b8)
Info in TAuthenticate::CheckRootAuthrc: enter: host:prod-frontend.hepgrid.uerj.br user: file:/home/cms/.rootauthrc
Info in TPluginManager::FindHandler: did not find plugin for class TSystem and uri /home/cms/.rootauthrc
Info in TAuthenticate::CheckRootAuthrc: file /home/cms/.rootauthrc cannot be read (errno: 2)
Info in TAuthenticate::GetAuthMeth: Found method(s) ‘0’ from globals in .rootrc (User[0]=)
Info in TAuthenticate::GetDefaultDetails: enter … 0 …pt:1 … ‘’
Info in TAuthenticate::GetDefaultDetails: returning … pt:yes ru:yes cp:yes us:
Info in TAuthenticate::GetAuthMeth: for user ‘’ returning 1 methods
Info in TAuthenticate::GetAuthMeth: method[0]: 0 - details[0]: pt:yes ru:yes cp:yes us:
Info in TAuthenticate::TAuthenticate: got 1 methods
Info in TAuthenticate::TAuthenticate: got (0,0) security:0 details:pt:yes ru:yes cp:yes us:
Info in THostAuth::Print: ±-----------------------------------------------------------------+
Info in THostAuth::Print: + Host:prod-frontend.hepgrid.uerj.br - User:cms - # of available methods:1
Info in THostAuth::Print: + Method: 0 (UsrPwd) Details:pt:yes ru:yes cp:yes us:
Info in THostAuth::Print: ±-----------------------------------------------------------------+
Info in TAuthenticate::Authenticate: enter: fUser:
Info in TAuthenticate::Authenticate: try #: 1
Info in THostAuth::GetDetails: 0: returning fDetails[0]: pt:yes ru:yes cp:yes us:
Info in TAuthenticate::Authenticate: trying authentication: method:0, default details:pt:yes ru:yes cp:yes us:
Info in TAuthenticate::SetEnvironment: setting environment: fSecurity:0, fDetails:pt:yes ru:yes cp:yes us:
Info in TAuthenticate::SetEnvironment: details:pt:yes ru:yes cp:yes us:, Pt:yes, Ru:yes, Us: Cp:yes
Info in TAuthenticate::SetEnvironment: UsDef:cms
Name (prod-frontend.hepgrid.uerj.br:cms):
Info in TAuthenticate::GetUserPasswd: Enter: User: ‘cms’ Hash:0 SRP:0
Info in TAuthenticate::GetUserPasswd: In memory: User: ‘cms’ Hash:0
Info in TAuthenticate::GetUserPasswd: Checking .netrc family …
Info in TAuthenticate::GetUserPasswd: From .netrc family: User: ‘cms’ Hash:0
Info in TAuthenticate::ClearAuth: enter: User: cms (passwd hashed?: 0)
Info in TAuthenticate::ClearAuth: ru:1 pt:1 cp:1 ns:1
Info in TAuthenticate::AuthExists: 0: enter: msg: 2000 options: ‘7 3 cms’
Info in TAuthenticate::GetOffSet: analyzing: Method:0, Details:pt:1 ru:1 cp:1 us:cms
Info in TAuthenticate::DecodeDetails: analyzing … pt:1 ru:1 cp:1 us:cms
Info in TAuthenticate::DecodeDetails: Pt:1, Ru:1, Us:cms
Info in TAuthenticate::GetOffSet: found Nw: 1, Wd: cms (null) (null) (null)
Info in TAuthenticate::GetOffSet: returning: -1
Info in TAuthenticate::AuthExists: 0: offset in memory is: -1 (’(null)’)
Info in TAuthenticate::AuthExists: 0: after msg 2000: kind= 2011, stat= 22
Info in TAuthenticate::AuthExists: cms@prod-frontend.hepgrid.uerj.br
Info in TAuthenticate::Authenticate: got st=0: still 0 methods locally available
Info in TAuthenticate::Authenticate: after failed attempt: kind= 2037, stat= 2Info in TAuthenticate::Authenticate: failure: list of attempted methods: UsrPwd
Error in TFTP::TFTP: authentication failed for cms@prod-frontend.hepgrid.uerj.br
3) Attached files. Didn’t change anything in the second one
4) I’m trying to use a central installation with a link to /usr/local/root in each node and master. The version is 3.10.02.
system.rootdaemonrc.txt (4.02 KB)
proof.conf.txt (2.54 KB)

Hi Antoniov,

With v 3.10.02 (which is quite old … any chance to upgrade it?) there is indeed a problem with password authentication.

The problem could be by-passed by adding the following line to the system.rootrc file seen by the master (look in the $ROOTSYS/etc directory or under /etc/root):

UsrPwd.ReUse: 0

If you cannot edit such a file, just add the line to the $HOME/.rootrc file in the ‘cms’ account, always on the master machine.

Please, try that and let me know.

Cheers, Gerri