Reading local environment file

[AliceSLee]

Hi Illyoung,

Thanks so much for getting back to me on the irods google thread. (For any other readers, the request was for the ability in gocommands to change and use the .irods/irods_environment.json file to allow more detailed environmental setups.)

I upgraded to v0.7.4, but still find that when I make any changes to the irods_environment.json file, gocommands requests new environmental variables again (thereby overwriting any changes made to the file).

Best regards, Alice

[iychoi]

Hi Alice,

Can you describe what you are trying to do and how you did more in detail with examples? So that I can understand your problem better. GoCommands will auto detect any changes on irods_environment.json file. You don't need to rerun init. init is only for creating or recreating the environment file.

Illyoung

[AliceSLee]

Hi Illyoung,

These are the steps I run:

1. run a ./gocmd init and enter host, zone etc.
2. edit .irods/irods_environment.json
3. run, for example, ./gocmd pwd (or other non-init command)
4. receive a prompt for the environment variables again (which overwrites the irods_environment.json unless all input given is blank)

The edited env file is not missing any of the core vars (irods_host, irods_port, irods_user_name, or irods_zone_name).

At step 3, if I run a ./gocmd env there is an 'environment not set' message. (I.e., changes to the file seems to 'unset' the environment)

I'm running this on an Ubuntu machine using gocmd v0.7.4, and go version go1.18.6.

Best, Alice

[iychoi]

Hi Alice, thanks for the information.

Can you show me how you edit the .irods/irods_environment.json file? In my case, it still worked even after the edit. I suspect that your edit may break the json format of the irods_environment.json file. Like adding a comma in the last element in a json object. Can you double check this?

Thanks, Illyoung

[AliceSLee]

Hi Illyoung, thanks for checking. I've ensured that the env file is correct (using the same file with iCommands to interact with the server). The additional key pairs added were mostly SSL related (client server policy set to CS_NEG_REQUIRE, and addition of irods_ssl_certificate_chain_file, irods_ssl_certificate_key_file, irods_ssl_dh_params_file and irods_ssl_verify_server pairs). I also changed the auth scheme to PAM, which might be the cause. But, as you've confirmed it's working for you, I will investigate this end. Thanks for your time!

[iychoi]

Maybe PAM/SSL related changes have caused the issue. I wasn't able to test it. on my end. I'll investigate the issue and add more debugging logs to figure out what's going on.

[iychoi]

Hi Alice, Can you show my your env file before and after your edit after hiding critical information? It will be very helpful for debugging.

[AliceSLee]

Hi Illyong, Yes of course. Before:

{
"irods_host": "my-icat.irods.myorg.nl",
"irods_port": 1247,
"irods_user_name":"myuser",
"irods_zone_name": "myzone"
}

After:

{
"irods_client_server_negotiation": "request_server_negotiation",
"irods_encryption_algorithm": "AES-256-CBC",
"irods_encryption_key_size": 32,
"irods_encryption_num_hash_rounds": 16,
"irods_encryption_salt_size": 8,
"irods_host": "my-icat.irods.myorg.nl",
"irods_port": 1247,
"irods_user_name":"myuser",
"irods_zone_name": "myzone",
"irods_cwd": "/myzone/home/",
"irods_home": "/myzone/home/",
"irods_client_server_policy": "CS_NEG_REQUIRE",
"irods_ssl_certificate_chain_file":"/etc/pki/tls/certs//localhost_and_chain.crt",
"irods_ssl_certificate_key_file":"/etc/irods/localhost.key",
"irods_ssl_dh_params_file":"/etc/irods/dhparams.pem",
"irods_ssl_verify_server": "none",
"irods_authentication_scheme": "pam_password"
}

Thanks for looking at this. I'm happy to test anything that comes along. Best, Alice

[iychoi]

For "irods_authentication_scheme" field value, you should use "pam", not "pam_password". It looks like iCommands treats any string starting with "pam" as the pam authentication. Can you try this?

[iychoi]

Release v0.7.5 allows pam_password alias for pam auth. Please check it out.

[AliceSLee]

Hi Illyong, sorry for not responding sooner - I was away when the last release came out. Thanks again for your time on this, it's hugely appreciated!