Write and Read authorization error

21

Hi!
I have no idea to load public key.
I reset package about mgm.
The log about AliceToken was appeared, but cannot load public key. So it is not still worked.
This is /var/log/eos/mgm/xrdlog.mgm, there are something about XrdAliceTokenAcc.

++++++ (c) 2008 CERN/IT-DM-SMD AliceTokenAcc (Alice Token Access Authorization) v 1.0
=====> alicetokenacc.multiprocess: 32
=====> alicetokenacc.truncateprefix: /eos/hu/alice
=====> alicetokenacc.noauthzhost: localhost
=====> alicetokenacc.noauthzhost: grid01.aligrid.hiroshima-u.ac.jp
=====> XrdAliceTokenAcc: No Authorizationfile set via environment variable 'TTOKENAUTHZ_AUTHORIZATIONFILE'
=====> XrdAliceTokenAcc: Using Authorizationfile '/etc/grid-security/xrootd/TkAuthz.Authorization'!
=====> XrdAliceTokenAcc: Public key in use is /etc/grid-security/xrootd/pubkey.pem
=====> XrdAliceTokenAcc: Cannot load public key !
------ AliceTokenAcc Initialization Failed!
251002 21:26:59 3178901 MgmOfs_Config: Failed to get external authorization plugin object!

Keys is not broken.

[root@grid04 ~]# clush -w grid[04,05] "openssl rsa -in /etc/grid-security/xrootd/privkey.pem -check -noout"
grid04: RSA key ok
[root@grid04 ~]# diff -s <(openssl rsa -in /etc/grid-security/xrootd/privkey.pem -pubout) /etc/grid-security/xrootd/pubkey.pem
writing RSA key
Files /dev/fd/63 and /etc/grid-security/xrootd/pubkey.pem are identical

This is output details of files and directories about XrdAliceToken

[root@grid04 ~]# clush -w grid[04,05] "ls -l /etc/grid-security/xrootd/pubkey.pem"
grid04: -rw-r--r--. 1 daemon daemon 451 Oct  2 19:35 /etc/grid-security/xrootd/pubkey.pem
[root@grid04 ~]# clush -w grid[04,05] "ls -l /etc/grid-security/xrootd/privkey.pem"
grid04: -rw-------. 1 daemon daemon 1704 Oct  2 19:35 /etc/grid-security/xrootd/privkey.pem
[root@grid04 ~]# clush -w grid[04,05] "stat /etc/grid-security/xrootd/TkAuthz.Authorization"
grid04:   File: /etc/grid-security/xrootd/TkAuthz.Authorization
grid04:   Size: 285             Blocks: 8          IO Block: 4096   regular file
grid04: Device: fd00h/64768d    Inode: 201597734   Links: 1
grid04: Access: (0644/-rw-r--r--)  Uid: (    2/  daemon)   Gid: (    2/  daemon)
grid04: Context: system_u:object_r:etc_t:s0
grid04: Access: 2025-10-02 17:39:40.475518797 +0900
grid04: Modify: 2025-09-04 01:08:49.067335343 +0900
grid04: Change: 2025-10-02 17:28:57.509875035 +0900
grid04:  Birth: 2025-09-04 01:08:49.067335343 +0900
[root@grid04 ~]# clush -w grid[04,05] "stat /etc/grid-security/xrootd/"
grid04:   File: /etc/grid-security/xrootd/
grid04:   Size: 138             Blocks: 0          IO Block: 4096   directory
grid04: Device: fd00h/64768d    Inode: 201566276   Links: 2
grid04: Access: (0600/drw-------)  Uid: (    2/  daemon)   Gid: (    2/  daemon)
grid04: Context: system_u:object_r:etc_t:s0
grid04: Access: 2025-10-02 19:40:51.392713944 +0900
grid04: Modify: 2025-10-02 19:35:15.088040860 +0900
grid04: Change: 2025-10-02 19:35:15.088040860 +0900
grid04:  Birth: 2025-05-10 17:04:24.781787639 +0900
[root@grid04 ~]# clush -w grid[04,05] "stat /etc/grid-security/xrootd/"
grid04:   File: /etc/grid-security/xrootd/
grid04:   Size: 138             Blocks: 0          IO Block: 4096   directory
grid04: Device: fd00h/64768d    Inode: 201566276   Links: 2
grid04: Access: (0700/drwx------)  Uid: (    2/  daemon)   Gid: (    2/  daemon)
grid04: Context: system_u:object_r:etc_t:s0
grid04: Access: 2025-10-02 19:40:51.392713944 +0900
grid04: Modify: 2025-10-02 19:35:15.088040860 +0900
grid04: Change: 2025-10-02 21:26:26.392938103 +0900
grid04:  Birth: 2025-05-10 17:04:24.781787639 +0900
[root@grid04 ~]# clush -w grid[04,05] "stat /etc/grid-security/"
grid04:   File: /etc/grid-security/
grid04:   Size: 112             Blocks: 0          IO Block: 4096   directory
grid04: Device: fd00h/64768d    Inode: 167773889   Links: 5
grid04: Access: (0755/drwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
grid04: Context: system_u:object_r:etc_t:s0
grid04: Access: 2025-10-02 17:17:03.193608562 +0900
grid04: Modify: 2024-01-25 22:38:21.000000000 +0900
grid04: Change: 2025-10-02 15:01:11.435492309 +0900
grid04:  Birth: 2025-05-10 17:03:39.546607021 +0900
22

Hello, Takuma.

I thought all issues were resolved after the ATCF and didn’t consider checking the community page.

I assume you’ve already addressed the matter—could you please update me on the current status?

If the issue has been resolved, could you please check the box below to indicate that it has been resolved?

Regards,

– Geonmo

23

Hi Geonmo,

Sorry, I completely forgot to check this content after the ATCF.
I have solved this issue by resetting the all files in the grid-security/xrootd.

And, Hiroshima storage system is working now.

Thanks a lot for every supports.
Takuma