You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Users may experience numeric user id only when in the old Compute Canada environment, due to a configuration issue.
When loading modules nixpkgs/16.09 or StdEnv/2018.3 from CVMFS on trixie and then attempting to resolve user names found in the RES domain through Centrify: users are unable to use string usernames vs. numeric user ID format, due to NSS unable to dynamically load a specific library libnss_centrifydc.so.2. Local user accounts in passwd file display OK.
Users can still start their jobs and the unix permissions/ownership works for the numeric Unix ID they are logged in as; however commands such as chown/chmod/id and ls -l will not resolve the usernames properly.
Symptoms:
[fieldsa@trixie-hn1 ~]$ module load StdEnv/2018.3
[fieldsa@trixie-hn1 ~]$ mkdir test
[fieldsa@trixie-hn1 ~]$ ls -ltr|tail -1
drwxrwxr-x 15 8966466 8966466 16384 Aug 20 16:19 test
[fieldsa@trixie-hn1 ~]$ chown fieldsa test
chown: invalid user: 'fieldsa'
[fieldsa@trixie-hn1 ~]$ id
uid=8966466 gid=8966466 groups=8966466,...
[fieldsa@trixie-hn1 ~]$ id fieldsa
id: ‘fieldsa’: no such user
[fieldsa@trixie-hn1 ~]$ whoami
whoami: cannot find name for user ID 8966466: No such file or directory
# note - user ID s/// for this ticket
Work-around:
Switch to StdEnv/2020 which is the new default CC environment on trixie at this time.
If launching jobs which make use of older environment use /bin/ls and the system commands (found under /bin:/usr/bin), instead of those provided in the default PATH pointing to CC CVMFS paths.
Root cause:
Library used for supporting centrify is not located in the CVMFS path - except for the most recent StdEnv/2020.
[fieldsa@trixie-hn1 ~]$ ls -l /cvmfs/soft.computecanada.ca/gentoo/{2018.3,2019,2020}/lib64/libnss_centrifydc.so*
ls: cannot access '/cvmfs/soft.computecanada.ca/gentoo/2018.3/lib64/libnss_centrifydc.so*': No such file or directory
ls: cannot access '/cvmfs/soft.computecanada.ca/gentoo/2019/lib64/libnss_centrifydc.so*': No such file or directory
lrwxrwxrwx 1 cvmfs cvmfs 29 Sep 9 2020 /cvmfs/soft.computecanada.ca/gentoo/2020/lib64/libnss_centrifydc.so.2 -> /lib64/libnss_centrifydc.so.2
Something has put this symlink in place and is not in effect for other CC CVMFS environments, so the CVMFS binaries cannot resolve the Centrify user accounts.
The text was updated successfully, but these errors were encountered:
Hey Allan, I had originally worked with the Compute Canada folks to get this resolved. They had added the symlink in the StdEnv/2020 Gentoo layer only, at it was, even then, the only supported environment going forward, see ComputeCanada/software-stack#40.
Users may experience numeric user id only when in the old Compute Canada environment, due to a configuration issue.
When loading modules nixpkgs/16.09 or StdEnv/2018.3 from CVMFS on trixie and then attempting to resolve user names found in the RES domain through Centrify: users are unable to use string usernames vs. numeric user ID format, due to NSS unable to dynamically load a specific library
libnss_centrifydc.so.2
. Local user accounts in passwd file display OK.Users can still start their jobs and the unix permissions/ownership works for the numeric Unix ID they are logged in as; however commands such as
chown
/chmod
/id
andls -l
will not resolve the usernames properly.Symptoms:
Work-around:
Switch to
StdEnv/2020
which is the new default CC environment on trixie at this time.If launching jobs which make use of older environment use
/bin/ls
and the system commands (found under/bin:/usr/bin
), instead of those provided in the default PATH pointing to CC CVMFS paths.Root cause:
Library used for supporting centrify is not located in the CVMFS path - except for the most recent StdEnv/2020.
Something has put this symlink in place and is not in effect for other CC CVMFS environments, so the CVMFS binaries cannot resolve the Centrify user accounts.
The text was updated successfully, but these errors were encountered: