Factory rpm install privsep failure
A new v3.2.5 factory rpm install fails on the initial upgrade with the following error..
> service gwms-factory upgrade Using default factory config file: /etc/gwms-factory/glideinWMS.xml Warning: Cannot find /var/lib/gwms-factory/work-dir/glideinWMS.xml If this is the first reconfig, you can ignore this message. invalid caller gid (5111) Failed to create base clientlog dir (user frontend): Unexpected Error running '/usr/bin/../sbin/condor_root_switchboard mkdir 0 4'. Details: Command '/usr/bin/../sbin/condor_root_switchboard mkdir 0 4' returned non-zero exit status 1: Upgrading the factory [FAILED]
The install assumes the factory user is gfactory.gfactory and the frontend user is
frontend.frontend and populates the /etc/condor/privsep_config as follows:
valid-caller-uids = gfactory valid-caller-gids = gfactory valid-target-uids = frontend valid-target-gids = frontend valid-dirs = /var/lib/gwms-factory/client-proxies valid-dirs = /var/lib/gwms-factory/client-logs valid-dirs = /var/log/gwms-factory/client valid-dirs = /var/lib/gwms-factory valid-dirs = /var/log/gwms-factory procd-executable = /usr/sbin/condor_procd
If either the factory or frontend uid/gid is different, the failure will occur.
In the case of testing on the fermicloud nodes, the gfactory user exists but
has a group of e875 and not gfactory. The rpm spec file that creates the
needed users should test for this and populate the privsep_condor file correctly.
The Factory trouble-shooting section of the documentation should also be updated
to reflect this non-obvious error.
This is probably not a critical failure.