Also problems reading from irods_environment.json

jnimoth commented 1 year ago

Hey Illyoung, we have an issue when trying to use gocommands and reading the parameters from the irods_environment.json file. As you know, we are using PAM as authentication scheme.

Here our file at $HOME/.irods/irods_environment.json:

{
    "irods_authentication_scheme": "pam",
    "irods_client_server_negotiation": "request_server_negotiation",
    "irods_client_server_policy": "CS_NEG_REQUIRE",
    "irods_default_resource": "rootResc",
    "irods_encryption_algorithm": "AES-256-CBC",
    "irods_encryption_key_size": 32,
    "irods_encryption_num_hash_rounds": 16,
    "irods_encryption_salt_size": 8,
    "irods_host": "<server_name>",
    "irods_port": 1247,
    "irods_ssl_verify_server": "cert",
    "irods_user_name": "<username>",
    "irods_zone_name": "<zone_name>"
}

When I now run the gocmmand env command, I see:

$ v0.7.6/gocmd env -d
DEBU[2023-08-30 12:55:40.565] use sessionID - 1310489                       function=ProcessCommonFlags package=flag
DEBU[2023-08-30 12:55:40.565] reading config file/dir - /home/jelte/.irods  function=LoadConfigFromFile package=commons
DEBU[2023-08-30 12:55:40.565] reading icommands environment file - /home/jelte/.irods  function=LoadConfigFromFile package=commons
DEBU[2023-08-30 12:55:40.565] failed to read iCommands Environment: failed to create icommands environment from file /home/jelte/.irods: failed to read from file /home/jelte/.irods: read /home/jelte/.irods: is a directory  function=ProcessCommonFlags package=flag
+------------------------------------+---------------------------------------------------+
| iRODS Session Environment File     | /home/jelte/.irods/irods_environment.json.1310489 |
| iRODS Environment File             | /home/jelte/.irods/irods_environment.json         |
| iRODS Host                         |                                                   |
| iRODS Port                         | 1247                                              |
| iRODS Zone                         |                                                   |
| iRODS Username                     |                                                   |
| iRODS Default Resource             |                                                   |
| iRODS Authentication Scheme        | native                                            |
| iRODS Client Server Negotiation    |                                                   |
| iRODS Client Server Policy         | CS_NEG_REFUSE                                     |
| iRODS SSL CA Certification File    |                                                   |
| iRODS SSL Encryption Key Size      | 32                                                |
| iRODS SSL Encryption Key Algorithm | AES-256-CBC                                       |
| iRODS SSL Encryption Salt Size     | 8                                                 |
| iRODS SSL Encryption Hash Rounds   | 16                                                |
+------------------------------------+---------------------------------------------------+

So, it does not have the information from the environment file listed.

When trying the same by explicitly specifying the path to the environment file:

$ v0.7.6/gocmd env -d -c $HOME/.irods/irods_environment.json
DEBU[2023-08-30 13:06:37.497] use sessionID - 1310489                       function=ProcessCommonFlags package=flag
DEBU[2023-08-30 13:06:37.497] reading config file/dir - /home/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
DEBU[2023-08-30 13:06:37.497] reading icommands environment file - /home/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
ERRO[2023-08-30 13:06:37.497] failed to process common flags:
    github.com/cyverse/gocommands/cmd/subcmd.processEnvCommand
        /github/workspace/cmd/subcmd/env.go:29
  - failed to load config from file /home/jelte/.irods/irods_environment.json:
    github.com/cyverse/gocommands/cmd/flag.ProcessCommonFlags
        /github/workspace/cmd/flag/common.go:112
  - failed to read iCommands Environment:
    github.com/cyverse/gocommands/commons.LoadConfigFromFile
        /github/workspace/commons/commands.go:539
  - failed to decode password file /home/jelte/.irods/.irodsA:
    github.com/cyverse/go-irodsclient/utils/icommands.(*ICommandsEnvironmentManager).Load
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/utils/icommands/environment.go:166
  - failed to read file /home/jelte/.irods/.irodsA:
    github.com/cyverse/go-irodsclient/utils/icommands.DecodePasswordFile
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/utils/icommands/password_obfuscation.go:44
  - open /home/jelte/.irods/.irodsA: no such file or directory  function=main package=main
Error: failed to process common flags: failed to load config from file /home/jelte/.irods/irods_environment.json: failed to read iCommands Environment: failed to decode password file /home/jelte/.irods/.irodsA: failed to read file /home/jelte/.irods/.irodsA: open /home/jelte/.irods/.irodsA: no such file or directory
Error Trace:
  - failed to process common flags:
    github.com/cyverse/gocommands/cmd/subcmd.processEnvCommand
        /github/workspace/cmd/subcmd/env.go:29
  - failed to load config from file /home/jelte/.irods/irods_environment.json:
    github.com/cyverse/gocommands/cmd/flag.ProcessCommonFlags
        /github/workspace/cmd/flag/common.go:112
  - failed to read iCommands Environment:
    github.com/cyverse/gocommands/commons.LoadConfigFromFile
        /github/workspace/commons/commands.go:539
  - failed to decode password file /home/jelte/.irods/.irodsA:
    github.com/cyverse/go-irodsclient/utils/icommands.(*ICommandsEnvironmentManager).Load
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/utils/icommands/environment.go:166
  - failed to read file /home/jelte/.irods/.irodsA:
    github.com/cyverse/go-irodsclient/utils/icommands.DecodePasswordFile
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/utils/icommands/password_obfuscation.go:44
  - open /home/jelte/.irods/.irodsA: no such file or directory

But when I first run the iinit command of icommands, everything directly works (here just shown for env, but also the other commands work then):

$ iinit
Enter your current PAM password:

$ v0.7.6/gocmd env -d
DEBU[2023-08-30 12:57:44.371] use sessionID - 1310489                       function=ProcessCommonFlags package=flag
DEBU[2023-08-30 12:57:44.372] reading config file/dir - /home/jelte/.irods  function=LoadConfigFromFile package=commons
DEBU[2023-08-30 12:57:44.372] reading icommands environment file - /home/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
+------------------------------------+---------------------------------------------------+
| iRODS Session Environment File     | /home/jelte/.irods/irods_environment.json.1310489 |
| iRODS Environment File             | /home/jelte/.irods/irods_environment.json         |
| iRODS Host                         | <server_name>                                     |
| iRODS Port                         | 1247                                              |
| iRODS Zone                         | rug                                               |
| iRODS Username                     | <username>                                        |
| iRODS Default Resource             | rootResc                                          |
| iRODS Authentication Scheme        | pam                                               |
| iRODS Client Server Negotiation    | request_server_negotiation                        |
| iRODS Client Server Policy         | CS_NEG_REQUIRE                                    |
| iRODS SSL CA Certification File    |                                                   |
| iRODS SSL Encryption Key Size      | 32                                                |
| iRODS SSL Encryption Key Algorithm | AES-256-CBC                                       |
| iRODS SSL Encryption Salt Size     | 8                                                 |
| iRODS SSL Encryption Hash Rounds   | 16                                                |
+------------------------------------+---------------------------------------------------+

$ v0.7.6/gocmd env -d -c $HOME/.irods/irods_environment.json
DEBU[2023-08-30 12:57:46.947] use sessionID - 1310489                       function=ProcessCommonFlags package=flag
DEBU[2023-08-30 12:57:46.947] reading config file/dir - /home/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
DEBU[2023-08-30 12:57:46.947] reading icommands environment file - /home/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
+------------------------------------+---------------------------------------------------+
| iRODS Session Environment File     | /home/jelte/.irods/irods_environment.json.1310489 |
| iRODS Environment File             | /home/jelte/.irods/irods_environment.json         |
| iRODS Host                         | <server_name>                                     |
| iRODS Port                         | 1247                                              |
| iRODS Zone                         | rug                                               |
| iRODS Username                     | <username>                                        |
| iRODS Default Resource             | rootResc                                          |
| iRODS Authentication Scheme        | pam                                               |
| iRODS Client Server Negotiation    | request_server_negotiation                        |
| iRODS Client Server Policy         | CS_NEG_REQUIRE                                    |
| iRODS SSL CA Certification File    |                                                   |
| iRODS SSL Encryption Key Size      | 32                                                |
| iRODS SSL Encryption Key Algorithm | AES-256-CBC                                       |
| iRODS SSL Encryption Salt Size     | 8                                                 |
| iRODS SSL Encryption Hash Rounds   | 16                                                |
+------------------------------------+---------------------------------------------------+

I am not sure if this is now a bug or if I just do not properly configured my irods_environment.json file or misunderstand how gocommands works in connection the the irods_environment.json file. Might also be similar to the issue #13.

I used the current version v.0.7.6

Thanks!

jnimoth commented 1 year ago

Some addition to the problem/issue:

I tested again today on another system (MacOS). While testing, I realized that the .irodsA file is generated when running the gocmd init to its completion after entering the password.

I adjusted the generated irods_environment.json afterwards in this way:

 { 
    "irods_authentication_scheme": "PAM",
    "irods_client_server_negotiation": "request_server_negotiation",  
    "irods_client_server_policy": "CS_NEG_REQUIRE",    
    "irods_host": "<servername>",    
    "irods_port": 1247,    
    "irods_user_name": "<username>",    
    "irods_zone_name": "<zonename> ",    
    "irods_default_resource": "rootResc",    
    "irods_encryption_algorithm": "AES-256-CBC",    
    "irods_encryption_key_size": 32,    
    "irods_encryption_num_hash_rounds": 16,    
    "irods_encryption_salt_size": 8,    
    "irods_ssl_ca_certificate_file": "/etc/ssl/cert.pem"
}

According to gocmd env, it also seems as everything is properly recognized:

jelte@Jeltes-iMac-Pro \~ % ./gocmd env   
+------------------------------------+------------------------------------------------+| 
iRODS Session Environment File     | /Users/jelte/.irods/irods_environment.json.879 || 
iRODS Environment File             | /Users/jelte/.irods/irods_environment.json     || 
iRODS Host                         | <servername>                     || 
iRODS Port                         | 1247                                           || 
iRODS Zone                         | <zonename>                                            || 
iRODS Username                     | <username>                              || 
iRODS Default Resource             | rootResc                                       || 
iRODS Authentication Scheme        | PAM                                            || 
iRODS Client Server Negotiation    | request_server_negotiation                     || 
iRODS Client Server Policy         | CS_NEG_REQUIRE                                 || 
iRODS SSL CA Certification File    | /etc/ssl/cert.pem                              || 
iRODS SSL Encryption Key Size      | 32                                             || 
iRODS SSL Encryption Key Algorithm | AES-256-CBC                                    || 
iRODS SSL Encryption Salt Size     | 8                                              || 
iRODS SSL Encryption Hash Rounds   | 16                                             |
+------------------------------------+------------------------------------------------+

But when trying to run a command, I get:

jelte@Jeltes-iMac-Pro \~ % ./gocmd ls -d                    
DEBU[2023-09-01 17:35:36.333\] use sessionID - 879                           function=ProcessCommonFlags package=flag
DEBU[2023-09-01 17:35:36.333\] reading config file/dir - /Users/jelte/.irods  function=LoadConfigFromFile package=commons 
DEBU[2023-09-01 17:35:36.333\] reading icommands environment file - /Users/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
DEBU[2023-09-01 17:35:36.333\] Connecting to <servername>:1247  function=Connect package=connection struct=IRODSConnection                        
DEBU[2023-09-01 17:35:36.352\] Start up a connection with CS Negotiation     function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-01 17:35:36.604\] Start up CS Negotiation                       function=connectWithCSNegotiation package=connection struct=IRODSConnection     
DEBU[2023-09-01 17:35:36.604\] Client policy - CS_NEG_REQUIRE, server policy - CS_NEG_DONT_CARE  function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-01 17:35:36.606\] Start up SSL                                  function=sslStartup package=connection struct=IRODSConnection                                       
DEBU[2023-09-01 17:35:36.627\] Logging in using native authentication method  function=loginNative package=connection struct=IRODSConnection   
ERRO[2023-09-01 17:35:37.985\] failed to login to irods:                                                                                         
   github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).Connect
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:244
  - received irods authentication error (CAT_INVALID_AUTHENTICATION):
    github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).login
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:459
  - authentication failed:
    github.com/cyverse/go-irodsclient/irods/types.init
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/types/error.go:14  function=Connect package=connection struct=IRODSConnection
ERRO[2023-09-01 17:35:37.986\] failed to get iRODS FS Client:
    github.com/cyverse/gocommands/cmd/subcmd.processLsCommand     
        /github/workspace/cmd/subcmd/ls.go:57
  - failed to create connection pool:
    github.com/cyverse/go-irodsclient/irods/session.NewIRODSSession
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/session/session.go:69
  - failed to init connection pool:
    github.com/cyverse/go-irodsclient/irods/session.NewConnectionPool
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/session/pool.go:54
  - failed to connect to irods server:
    github.com/cyverse/go-irodsclient/irods/session.(*ConnectionPool).init
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/session/pool.go:148
  - failed to login to irods:
    github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).Connect
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:244
  - received irods authentication error (CAT_INVALID_AUTHENTICATION):
    github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).login
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:459
  - authentication failed:
    github.com/cyverse/go-irodsclient/irods/types.init
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/types/error.go:14  function=main package=main
Authentication failed!

Moreover:

I later also tested the procedure on a Ubuntu host where I see the same messages when doing these steps.
I also tried using pam_password or pam instead of PAM in the config file, but that did not help either.

iychoi commented 1 year ago

I think there's a hidden bug in icommands password file (.irodsA) handling. Can you quick check if gocommands works after iinit? Then, try gocmd init then try ils to verify if gocommands created the password file correctly.

Last time, I got a report that gocommands generates the password file incorrectly sometimes. Even with the same password, many times it worked, but rarely it didn't work. I guess there's a bug in password file encryption algorithm. Just want to get your confirmation if this is the same issue.

Thanks for the report!

jnimoth commented 1 year ago

I think you might be correct to assume that it is somehow related to the generation of the .irodsA file.

Start Conditions

Okay, so I have this ~/.irods/irods_environment.json file inititally:

$ cat irods_environment.json
{
    "irods_authentication_scheme": "PAM",
    "irods_client_server_negotiation": "request_server_negotiation",
    "irods_client_server_policy": "CS_NEG_REQUIRE",
    "irods_ssl_ca_certificate_file": "/etc/ssl/certs/ca-certificates.crt",
    "irods_default_resource": "rootResc",
    "irods_encryption_algorithm": "AES-256-CBC",
    "irods_encryption_key_size": 32,
    "irods_encryption_num_hash_rounds": 16,
    "irods_encryption_salt_size": 8,
    "irods_host": "<server>",
    "irods_port": 1247,
    "irods_ssl_verify_server": "cert",
    "irods_user_name": "<user>",                
    "irods_zone_name": "rug"
}

When I execute gocmd env at this point, I see:

$ v0.7.6/gocmd env
+------------------------------------+-------------------------------------------------+
| iRODS Session Environment File     | /home/jelte/.irods/irods_environment.json.77517 |
| iRODS Environment File             | /home/jelte/.irods/irods_environment.json       |
| iRODS Host                         |                                                 |
| iRODS Port                         | 1247                                            |
| iRODS Zone                         |                                                 |
| iRODS Username                     |                                                 |
| iRODS Default Resource             |                                                 |
| iRODS Authentication Scheme        | native                                          |
| iRODS Client Server Negotiation    |                                                 |
| iRODS Client Server Policy         | CS_NEG_REFUSE                                   |
| iRODS SSL CA Certification File    |                                                 |
| iRODS SSL Encryption Key Size      | 32                                              |
| iRODS SSL Encryption Key Algorithm | AES-256-CBC                                     |
| iRODS SSL Encryption Salt Size     | 8                                               |
| iRODS SSL Encryption Hash Rounds   | 16                                              |
+------------------------------------+-------------------------------------------------+

First run `iinit`, then `gocommands`

If I now run iinit , the following happens:

$ iinit
Enter your current PAM password:

$ v0.7.6/gocmd env
+------------------------------------+-------------------------------------------------+
| iRODS Session Environment File     | /home/jelte/.irods/irods_environment.json.75567 |
| iRODS Environment File             | /home/jelte/.irods/irods_environment.json       |
| iRODS Host                         | <server>                      |
| iRODS Port                         | 1247                                            |
| iRODS Zone                         | rug                                             |
| iRODS Username                     | <user>                               |
| iRODS Default Resource             | rootResc                                        |
| iRODS Authentication Scheme        | PAM                                             |
| iRODS Client Server Negotiation    | request_server_negotiation                      |
| iRODS Client Server Policy         | CS_NEG_REQUIRE                                  |
| iRODS SSL CA Certification File    | /etc/ssl/certs/ca-certificates.crt              |
| iRODS SSL Encryption Key Size      | 32                                              |
| iRODS SSL Encryption Key Algorithm | AES-256-CBC                                     |
| iRODS SSL Encryption Salt Size     | 8                                               |
| iRODS SSL Encryption Hash Rounds   | 16                                              |
+------------------------------------+-------------------------------------------------+

So the information about the environment are now filled in and the other gocommands also work. The ~/.irods/.irodsA file exists at this point.

If I now run iexit full, I get the following:

$ iexit full
$ v0.7.6/gocmd env
+------------------------------------+-------------------------------------------------+
| iRODS Session Environment File     | /home/jelte/.irods/irods_environment.json.75567 |
| iRODS Environment File             | /home/jelte/.irods/irods_environment.json       |
| iRODS Host                         |                                                 |
| iRODS Port                         | 1247                                            |
| iRODS Zone                         |                                                 |
| iRODS Username                     |                                                 |
| iRODS Default Resource             |                                                 |
| iRODS Authentication Scheme        | native                                          |
| iRODS Client Server Negotiation    |                                                 |
| iRODS Client Server Policy         | CS_NEG_REFUSE                                   |
| iRODS SSL CA Certification File    |                                                 |
| iRODS SSL Encryption Key Size      | 32                                              |
| iRODS SSL Encryption Key Algorithm | AES-256-CBC                                     |
| iRODS SSL Encryption Salt Size     | 8                                               |
| iRODS SSL Encryption Hash Rounds   | 16                                              |
+------------------------------------+-------------------------------------------------+

So the environment is again not filled in. After iexit full, the .irodsA file did also get removed.

First run `gocmd init`, then test `iinit`

If I run gocmd init now, the program asks me for different values and displays as standard the cyverse/iplant entries:

$ v0.7.6/gocmd init
iRODS Host [data.cyverse.org]: <server>
iRODS Port [1247]: 
iRODS Zone [iplant]: rug
iRODS Username: <user>
iRODS Password: [typed and confirmed user password]

After filling in all the values, I get the following file:

$ cat ~/.irods/irods_environment.json
{
    "irods_authentication_scheme": "native",
    "irods_client_server_policy": "CS_NEG_REFUSE",
    "irods_host": "<server>",
    "irods_port": 1247,
    "irods_user_name": "<user>",
    "irods_zone_name": "rug",
    "irods_encryption_algorithm": "AES-256-CBC",
    "irods_encryption_key_size": 32,
    "irods_encryption_num_hash_rounds": 16,
    "irods_encryption_salt_size": 8
}⏎

Which I now again modify to have the information also contained the in environment file above (so for PAM etc.) like:

$ cat ~/.irods/irods_environment.json
{
    "irods_authentication_scheme": "pam",
    "irods_client_server_negotiation": "request_server_negotiation",
    "irods_client_server_policy": "CS_NEG_REQUIRE",
    "irods_ssl_ca_certificate_file": "/etc/ssl/certs/ca-certificates.crt",
    "irods_default_resource": "rootResc",
    "irods_ssl_verify_server": "cert",
    "irods_host": "<server>",
    "irods_port": 1247,
    "irods_user_name": "<user>",
    "irods_zone_name": "rug",
    "irods_encryption_algorithm": "AES-256-CBC",
    "irods_encryption_key_size": 32,
    "irods_encryption_num_hash_rounds": 16,
    "irods_encryption_salt_size": 8
}

Also, when I now execute gocmd env, everything looks okay on first sight:

$ v0.7.6/gocmd env
+------------------------------------+-------------------------------------------------+
| iRODS Session Environment File     | /home/jelte/.irods/irods_environment.json.75567 |
| iRODS Environment File             | /home/jelte/.irods/irods_environment.json       |
| iRODS Host                         | <server>                      |
| iRODS Port                         | 1247                                            |
| iRODS Zone                         | rug                                             |
| iRODS Username                     | <user>                              |
| iRODS Default Resource             | rootResc                                        |
| iRODS Authentication Scheme        | pam                                             |
| iRODS Client Server Negotiation    | request_server_negotiation                      |
| iRODS Client Server Policy         | CS_NEG_REQUIRE                                  |
| iRODS SSL CA Certification File    | /etc/ssl/certs/ca-certificates.crt              |
| iRODS SSL Encryption Key Size      | 32                                              |
| iRODS SSL Encryption Key Algorithm | AES-256-CBC                                     |
| iRODS SSL Encryption Salt Size     | 8                                               |
| iRODS SSL Encryption Hash Rounds   | 16                                              |
+------------------------------------+-------------------------------------------------+

I can also see that an ~/.irods/.irodsA file was created!

But running commands does not work

$ v0.7.6/gocmd ls -d
DEBU[2023-09-04 16:39:02.813] use sessionID - 75567                         function=ProcessCommonFlags package=flag
DEBU[2023-09-04 16:39:02.813] reading config file/dir - /home/jelte/.irods  function=LoadConfigFromFile package=commons
DEBU[2023-09-04 16:39:02.813] reading icommands environment file - /home/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
DEBU[2023-09-04 16:39:02.813] Connecting to <server>:1247  function=Connect package=connection struct=IRODSConnection
DEBU[2023-09-04 16:39:02.820] Start up a connection with CS Negotiation     function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:39:03.065] Start up CS Negotiation                       function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:39:03.065] Client policy - CS_NEG_REQUIRE, server policy - CS_NEG_DONT_CARE  function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:39:03.068] Start up SSL                                  function=sslStartup package=connection struct=IRODSConnection
DEBU[2023-09-04 16:39:03.084] Logging in using native authentication method  function=loginNative package=connection struct=IRODSConnection
ERRO[2023-09-04 16:39:04.482] failed to login to irods:
    github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).Connect
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:244
  - received irods authentication error (CAT_INVALID_AUTHENTICATION):
    github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).login
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:459
  - authentication failed:
    github.com/cyverse/go-irodsclient/irods/types.init
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/types/error.go:14  function=Connect package=connection struct=IRODSConnection
ERRO[2023-09-04 16:39:04.482] failed to get iRODS FS Client:
    github.com/cyverse/gocommands/cmd/subcmd.processLsCommand
        /github/workspace/cmd/subcmd/ls.go:57
  - failed to create connection pool:
    github.com/cyverse/go-irodsclient/irods/session.NewIRODSSession
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/session/session.go:69
  - failed to init connection pool:
    github.com/cyverse/go-irodsclient/irods/session.NewConnectionPool
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/session/pool.go:54
  - failed to connect to irods server:
    github.com/cyverse/go-irodsclient/irods/session.(*ConnectionPool).init
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/session/pool.go:148
  - failed to login to irods:
    github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).Connect
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:244
  - received irods authentication error (CAT_INVALID_AUTHENTICATION):
    github.com/cyverse/go-irodsclient/irods/connection.(*IRODSConnection).login
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/connection/connection.go:459
  - authentication failed:
    github.com/cyverse/go-irodsclient/irods/types.init
        /go/pkg/mod/github.com/cyverse/go-irodsclient@v0.12.7/irods/types/error.go:14  function=main package=main
Authentication failed!

Also when trying an icommand now, like ils gives the CAT_INVALID_AUTHENTICATION message:

$ ils
[-] /irods_source/plugins/auth_legacy/src/native.cpp:275:irods::error native_auth_client_response(irods::plugin_context &, rcComm_t *) :  status [CAT_INVALID_AUTHENTICATION]  errno [] -- message [Call to rcAuthResponseFailed.]

 failed with error -826000 CAT_INVALID_AUTHENTICATION

I can then run iinit again (without changing the irods_environment.json or so). Both programs, icommands and gocommands work after that:

$ iinit
Enter your current PAM password:

$ v0.7.6/gocmd ls -d
DEBU[2023-09-04 16:41:39.446] use sessionID - 75567                         function=ProcessCommonFlags package=flag
DEBU[2023-09-04 16:41:39.446] reading config file/dir - /home/jelte/.irods  function=LoadConfigFromFile package=commons
DEBU[2023-09-04 16:41:39.446] reading icommands environment file - /home/jelte/.irods/irods_environment.json  function=LoadConfigFromFile package=commons
DEBU[2023-09-04 16:41:39.446] Connecting to <server>:1247  function=Connect package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:39.452] Start up a connection with CS Negotiation     function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:39.692] Start up CS Negotiation                       function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:39.692] Client policy - CS_NEG_REQUIRE, server policy - CS_NEG_DONT_CARE  function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:39.694] Start up SSL                                  function=sslStartup package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:39.710] Logging in using native authentication method  function=loginNative package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:40.235] testing connection                            function=NewIRODSSession package=session
DEBU[2023-09-04 16:41:40.235] Reuse an idle connection                      function=Get package=session struct=ConnectionPool
DEBU[2023-09-04 16:41:40.235] support parallel upload: true                 function=checkConnection package=session
DEBU[2023-09-04 16:41:40.235] Returning a connection                        function=Return package=session struct=ConnectionPool
DEBU[2023-09-04 16:41:40.235] Connecting to <server>:1247  function=Connect package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:40.240] Start up a connection with CS Negotiation     function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:40.471] Start up CS Negotiation                       function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:40.471] Client policy - CS_NEG_REQUIRE, server policy - CS_NEG_DONT_CARE  function=connectWithCSNegotiation package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:40.473] Start up SSL                                  function=sslStartup package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:40.492] Logging in using native authentication method  function=loginNative package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:41.001] testing connection                            function=NewIRODSSession package=session
DEBU[2023-09-04 16:41:41.001] Reuse an idle connection                      function=Get package=session struct=ConnectionPool
DEBU[2023-09-04 16:41:41.001] support parallel upload: true                 function=checkConnection package=session
DEBU[2023-09-04 16:41:41.001] Returning a connection                        function=Return package=session struct=ConnectionPool
DEBU[2023-09-04 16:41:41.001] Reuse an idle connection                      function=Get package=session struct=ConnectionPool

[files and folder listed here]

DEBU[2023-09-04 16:41:41.062] Returning a connection                        function=Return package=session struct=ConnectionPool
DEBU[2023-09-04 16:41:41.062] Disconnecting the connection                  function=Disconnect package=connection struct=IRODSConnection
DEBU[2023-09-04 16:41:41.062] Disconnecting the connection                  function=Disconnect package=connection struct=IRODSConnection

iychoi commented 12 months ago

It looks like there are two issues.

failed to read configuration when .irodsA file is missing.
generated invalid .irodsA file.

The first bug can be easily fixed. I'll work on it as soon as possible. But the second one will take longer. I need a full review of .irodsA file generation.

I'll keep you posted.

Thanks!

iychoi commented 12 months ago

Can you try the new release v0.7.7 and let me know if it fixes the issues?

https://github.com/cyverse/gocommands/releases/tag/v0.7.7

jnimoth commented 11 months ago

I tried the new version 0.7.7 today and it seems that the issue is solved!

Environment file is properly read.
Using gocmd init create the .irodsA file.
- Subsequent gocommands do not ask for the password in this case
- Also, the .irodsA file that was created with gocommands now works with icommands if they are also installed.

Thanks again!

cyverse / gocommands