Bug #6484

Factory rpm install privsep failure

Added by John Weigand over 6 years ago. Updated over 6 years ago.

RPM - Frontend/Factory
Target version:
Start date:
Due date:
% Done:


Estimated time:
First Occurred:
Occurs In:


A new v3.2.5 factory rpm install fails on the initial upgrade with the following error..

>  service gwms-factory upgrade
Using default factory config file: /etc/gwms-factory/glideinWMS.xml
Warning: Cannot find /var/lib/gwms-factory/work-dir/glideinWMS.xml
If this is the first reconfig, you can ignore this message.
invalid caller gid (5111)
Failed to create base clientlog dir (user frontend):
Unexpected Error running '/usr/bin/../sbin/condor_root_switchboard mkdir 0 4'.
Details: Command '/usr/bin/../sbin/condor_root_switchboard mkdir 0 4' returned non-zero exit status 1: 
Upgrading the factory                                      [FAILED]

The install assumes the factory user is gfactory.gfactory and the frontend user is
frontend.frontend and populates the /etc/condor/privsep_config as follows:
valid-caller-uids = gfactory
valid-caller-gids = gfactory
valid-target-uids = frontend
valid-target-gids = frontend
valid-dirs = /var/lib/gwms-factory/client-proxies
valid-dirs = /var/lib/gwms-factory/client-logs
valid-dirs = /var/log/gwms-factory/client
valid-dirs = /var/lib/gwms-factory
valid-dirs = /var/log/gwms-factory
procd-executable = /usr/sbin/condor_procd

If either the factory or frontend uid/gid is different, the failure will occur.

In the case of testing on the fermicloud nodes, the gfactory user exists but
has a group of e875 and not gfactory. The rpm spec file that creates the
needed users should test for this and populate the privsep_condor file correctly.

The Factory trouble-shooting section of the documentation should also be updated
to reflect this non-obvious error.

This is probably not a critical failure.

Related issues

Related to GlideinWMS - Support #5932: Do Standard 4 tests for v3.2.5 rpm when releasedClosed04/16/2014

Related to GlideinWMS - Bug #6385: Glideinwms rpms service users & file ownership issuesClosed05/30/2014


#1 Updated by Marco Mambelli over 6 years ago

  • Assignee changed from Parag Mhashilkar to Marco Mambelli

#2 Updated by Parag Mhashilkar over 6 years ago

  • First Occurred changed from v3_2_5 to v3_2_7

#3 Updated by Burt Holzman over 6 years ago

  • Target version set to v3_2_7

#4 Updated by Marco Mambelli over 6 years ago

  • Status changed from Assigned to Feedback
  • Assignee changed from Marco Mambelli to Parag Mhashilkar

Documentation changes committed in branch: v3/6484
- updated install and troubleshoot document
- rpm documentation updated

No software changed needed


#5 Updated by Parag Mhashilkar over 6 years ago

  • Status changed from Feedback to Closed
  • Assignee changed from Parag Mhashilkar to Marco Mambelli

Fixed minor typos and pushed to appropriate branches.

Also available in: Atom PDF