Open calestyo opened 1 year ago
Hi Chris.
Which dCache version is this?
Cheers, Lea
Hey.
9.1.2.
Cheers, Chris
Okay. To be honest, this is very likely token-related, and in that case there is nothing we can do to retrrieve and log a DN/FQAN.
Phew... that sounds pretty serious if one could't trace down which user is responsible for some action.
Hey.
We recently had an issue where files got "missing" but where it turned out that most likely ATLAS had just deleted them earlier.
Alongside of debugging that, I noticed that for many "door-request-info" message we don't see any DN/FQAN in the billing log entry, despite being configured in our billing log format strings:
A concrete log entry, where the info is missing looks like:
one where it's not missing like:
with the following numbers of cases (for e.g. this month):
so for nearly all transfers, the information is missing. And from those where it's not:
The bigger part is from
ops
tests.So I'd presume there's some systematic difference in how these deletions are done.
Perhaps ATLAS uses macaroons, and then the info is missing?
But that would IMO be quite a deficiency in the system, as it seems to make tracking down who's to blame quite difficult.
So if it would be indeed macaroons,... couldn't it be made, that dcache keeps the information from which DN/FQAN the macaroon used for authentication was generated and include that in the billing?
Cheers, Chris.