pccs service stopped working (status : exited with FAILURE)

[niteeshkd]

Hi, I was using remote attestation and pccs was running fine. Few days ago, it attestation stopped working. It seems pccs stopped working. I see its status as follows.

$ sudo systemctl status pccs
# pccs.service - Provisioning Certificate Caching Service (PCCS)
     Loaded: loaded (/lib/systemd/system/pccs.service; enabled; vendor preset: enabled)
     Active: activating (auto-restart) (Result: exit-code) since Thu 2024-04-11 19:50:48 UTC; 12s ago
       Docs: https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/pccs/README.md
    Process: 12597 ExecStart=/usr/bin/node /opt/intel/sgx-dcap-pccs/pccs_server.js (code=exited, status=1/FAILURE)
   Main PID: 12597 (code=exited, status=1/FAILURE)
        CPU: 63ms

I tried restarting it using systemctl restart pccs but it does not start. It stiil shows the above error.

How can I restart it?

[niteeshkd]

I tried to re-install the pccs package (on the host running Ubuntu 22.04). It gives the following error.

$ sudo apt-get purge sgx-dcap-pccs

$ node --version
v20.12.0

$ sudo apt-get install sgx-dcap-pccs
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  sgx-dcap-pccs
0 upgraded, 1 newly installed, 0 to remove and 4 not upgraded.
Need to get 0 B/1187 kB of archives.
After this operation, 3723 kB of additional disk space will be used.
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package sgx-dcap-pccs.
(Reading database ... 207607 files and directories currently installed.)
Preparing to unpack .../sgx-dcap-pccs_1.20.100.2-jammy1_amd64.deb ...
Unpacking sgx-dcap-pccs (1.20.100.2-jammy1) ...
Setting up sgx-dcap-pccs (1.20.100.2-jammy1) ...
Checking nodejs version ...
nodejs is installed, continue...
Checking cracklib-runtime ...
Warning: If you are upgrading PCCS from an old release, the existing cache database will be updated automatically.  
         It's strongly recommended to backup your existing cache database first and then continue the installation.  
         For DCAP releases 1.8 and earlier, the cache database can't be updated so you need to delete it manually.  
Do you want to install PCCS now? (Y/N) :Y
Check proxy server configuration for internet connection... 
Enter your http proxy server address, e.g. http://proxy-server:port (Press ENTER if there is no proxy server) :
Enter your https proxy server address, e.g. http://proxy-server:port (Press ENTER if there is no proxy server) :
npm WARN deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm ERR! code 1
npm ERR! path /opt/intel/sgx-dcap-pccs/node_modules/ffi-napi
npm ERR! command failed
npm ERR! command sh -c node-gyp-build
npm ERR! make: Entering directory '/opt/intel/sgx-dcap-pccs/node_modules/ffi-napi/build'
npm ERR!   CC(target) Release/obj.target/nothing/../node-addon-api/nothing.o
npm ERR!   AR(target) Release/obj.target/../node-addon-api/nothing.a
npm ERR!   COPY Release/nothing.a
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/prep_cif.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/types.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/raw_api.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/java_raw_api.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/closures.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/x86/ffiw64.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/x86/ffi64.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/x86/unix64.o
npm ERR!   CC(target) Release/obj.target/ffi/deps/libffi/src/x86/win64.o
npm ERR!   AR(target) Release/obj.target/deps/libffi/libffi.a
npm ERR!   COPY Release/libffi.a
npm ERR!   CXX(target) Release/obj.target/ffi_bindings/src/ffi.o
npm ERR! make: Leaving directory '/opt/intel/sgx-dcap-pccs/node_modules/ffi-napi/build'
npm ERR! gyp info it worked if it ends with ok
npm ERR! gyp info using node-gyp@8.4.1
npm ERR! gyp info using node@20.12.0 | linux | x64
npm ERR! gyp info find Python using Python version 3.10.12 found at "/usr/bin/python3"
npm ERR! gyp http GET https://nodejs.org/download/release/v20.12.0/node-v20.12.0-headers.tar.gz
npm ERR! gyp http 200 https://nodejs.org/download/release/v20.12.0/node-v20.12.0-headers.tar.gz
npm ERR! gyp http GET https://nodejs.org/download/release/v20.12.0/SHASUMS256.txt
npm ERR! gyp http 200 https://nodejs.org/download/release/v20.12.0/SHASUMS256.txt
npm ERR! gyp info spawn /usr/bin/python3
npm ERR! gyp info spawn args [
npm ERR! gyp info spawn args   '/opt/intel/sgx-dcap-pccs/node_modules/node-gyp/gyp/gyp_main.py',
npm ERR! gyp info spawn args   'binding.gyp',
npm ERR! gyp info spawn args   '-f',
npm ERR! gyp info spawn args   'make',
npm ERR! gyp info spawn args   '-I',
npm ERR! gyp info spawn args   '/opt/intel/sgx-dcap-pccs/node_modules/ffi-napi/build/config.gypi',
npm ERR! gyp info spawn args   '-I',
npm ERR! gyp info spawn args   '/opt/intel/sgx-dcap-pccs/node_modules/node-gyp/addon.gypi',
npm ERR! gyp info spawn args   '-I',
npm ERR! gyp info spawn args   '/opt/intel/sgx-dcap-pccs/.cache/node-gyp/20.12.0/include/node/common.gypi',
npm ERR! gyp info spawn args   '-Dlibrary=shared_library',
npm ERR! gyp info spawn args   '-Dvisibility=default',
npm ERR! gyp info spawn args   '-Dnode_root_dir=/opt/intel/sgx-dcap-pccs/.cache/node-gyp/20.12.0',
npm ERR! gyp info spawn args   '-Dnode_gyp_dir=/opt/intel/sgx-dcap-pccs/node_modules/node-gyp',
npm ERR! gyp info spawn args   '-Dnode_lib_file=/opt/intel/sgx-dcap-pccs/.cache/node-gyp/20.12.0/<(target_arch)/node.lib',
npm ERR! gyp info spawn args   '-Dmodule_root_dir=/opt/intel/sgx-dcap-pccs/node_modules/ffi-napi',
npm ERR! gyp info spawn args   '-Dnode_engine=v8',
npm ERR! gyp info spawn args   '--depth=.',
npm ERR! gyp info spawn args   '--no-parallel',
npm ERR! gyp info spawn args   '--generator-output',
npm ERR! gyp info spawn args   'build',
npm ERR! gyp info spawn args   '-Goutput_dir=.'
npm ERR! gyp info spawn args ]
npm ERR! gyp info spawn make
npm ERR! gyp info spawn args [ 'BUILDTYPE=Release', '-C', 'build' ]
npm ERR! ../deps/libffi/src/java_raw_api.c: In function `ffi_java_raw_call':
npm ERR! ../deps/libffi/src/java_raw_api.c:317:3: warning: `ffi_java_raw_to_ptrarray' is deprecated [-Wdeprecated-declarations]
npm ERR!   317 |   ffi_java_raw_to_ptrarray (cif, raw, avalue);
npm ERR!       |   ^~~~~~~~~~~~~~~~~~~~~~~~
npm ERR! ../deps/libffi/src/java_raw_api.c:76:1: note: declared here
npm ERR!    76 | ffi_java_raw_to_ptrarray (ffi_cif *cif, ffi_java_raw *raw, void **args)
npm ERR!       | ^~~~~~~~~~~~~~~~~~~~~~~~
npm ERR! ../deps/libffi/src/java_raw_api.c: In function `ffi_java_translate_args':
npm ERR! ../deps/libffi/src/java_raw_api.c:328:3: warning: `ffi_java_raw_size' is deprecated [-Wdeprecated-declarations]
npm ERR!   328 |   ffi_java_raw *raw = (ffi_java_raw*)alloca (ffi_java_raw_size (cif));
npm ERR!       |   ^~~~~~~~~~~~
npm ERR! ../deps/libffi/src/java_raw_api.c:45:1: note: declared here
npm ERR!    45 | ffi_java_raw_size (ffi_cif *cif)
npm ERR!       | ^~~~~~~~~~~~~~~~~
npm ERR! ../deps/libffi/src/java_raw_api.c:331:3: warning: `ffi_java_ptrarray_to_raw' is deprecated [-Wdeprecated-declarations]
npm ERR!   331 |   ffi_java_ptrarray_to_raw (cif, avalue, raw);
npm ERR!       |   ^~~~~~~~~~~~~~~~~~~~~~~~
npm ERR! ../deps/libffi/src/java_raw_api.c:157:1: note: declared here
npm ERR!   157 | ffi_java_ptrarray_to_raw (ffi_cif *cif, void **args, ffi_java_raw *raw)
npm ERR!       | ^~~~~~~~~~~~~~~~~~~~~~~~
npm ERR! ../deps/libffi/src/java_raw_api.c: In function `ffi_prep_java_raw_closure':
npm ERR! ../deps/libffi/src/java_raw_api.c:369:3: warning: `ffi_prep_java_raw_closure_loc' is deprecated [-Wdeprecated-declarations]
npm ERR!   369 |   return ffi_prep_java_raw_closure_loc (cl, cif, fun, user_data, cl);
npm ERR!       |   ^~~~~~
npm ERR! ../deps/libffi/src/java_raw_api.c:337:1: note: declared here
npm ERR!   337 | ffi_prep_java_raw_closure_loc (ffi_java_raw_closure* cl,
npm ERR!       | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
npm ERR! ../deps/libffi/src/closures.c: In function `allocate_space':
npm ERR! ../deps/libffi/src/closures.c:748:29: warning: comparison of integer expressions of different signedness: `off_t' {aka `long int'} and `size_t' {aka `long unsigned int'} [-Wsign-compare]
npm ERR!   748 |       off_t to_write = (len < page_size) ? len : page_size;
npm ERR!       |                             ^
npm ERR! ../deps/libffi/src/closures.c:748:44: warning: operand of `?:' changes signedness from `off_t' {aka `long int'} to `size_t' {aka `long unsigned int'} due to unsignedness of other operand [-Wsign-compare]
npm ERR!   748 |       off_t to_write = (len < page_size) ? len : page_size;
npm ERR!       |                                            ^~~
npm ERR! ../deps/libffi/src/x86/ffi64.c: In function `classify_argument':
npm ERR! ../deps/libffi/src/x86/ffi64.c:200:25: warning: suggest braces around empty body in an `else' statement [-Wempty-body]
npm ERR!   200 |           FFI_ASSERT (0);
npm ERR!       |                         ^
npm ERR! ../deps/libffi/src/x86/ffi64.c:175:7: warning: this statement may fall through [-Wimplicit-fallthrough=]
npm ERR!   175 |       {
npm ERR!       |       ^
npm ERR! ../deps/libffi/src/x86/ffi64.c:202:5: note: here
npm ERR!   202 |     case FFI_TYPE_FLOAT:
npm ERR!       |     ^~~~
npm ERR! In file included from ../src/ffi.cc:5:
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/get-uv-event-loop-napi-h/include/get-uv-event-loop-napi.h: In function `uv_loop_t* get_uv_event_loop(napi_env)':
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/get-uv-event-loop-napi-h/include/get-uv-event-loop-napi.h:26:30: error: invalid conversion from `napi_status (*)(node_api_nogc_env, uv_loop_s**)' {aka `napi_status (*)(const napi_env__*, uv_loop_s**)'} to `get_uv_event_loop_fn' {aka `napi_status (*)(napi_env__*, uv_loop_s**)'} [-fpermissive]
npm ERR!    26 |   napi_get_uv_event_loop__ = &napi_get_uv_event_loop;
npm ERR!       |                              ^~~~~~~~~~~~~~~~~~~~~~~
npm ERR!       |                              |
npm ERR!       |                              napi_status (*)(node_api_nogc_env, uv_loop_s**) {aka napi_status (*)(const napi_env__*, uv_loop_s**)}
npm ERR! In file included from /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi.h:2725,
npm ERR!                  from ../src/ffi.h:2,
npm ERR!                  from ../src/ffi.cc:3:
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h: In instantiation of `napi_status Napi::details::AttachData(napi_env, napi_value, FreeType*, napi_finalize, void*) [with FreeType = Napi::details::CallbackData<Napi::Value (*)(const Napi::CallbackInfo&), Napi::Value>; napi_env = napi_env__*; napi_value = napi_value__*; napi_finalize = void (*)(napi_env__*, void*, void*)]':
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h:1965:39:   required from `napi_status Napi::CreateFunction(napi_env, const char*, napi_callback, CbData*, napi_value__**) [with CbData = Napi::details::CallbackData<Napi::Value (*)(const Napi::CallbackInfo&), Napi::Value>; napi_env = napi_env__*; napi_callback = napi_value__* (*)(napi_env__*, napi_callback_info__*); napi_value = napi_value__*]'
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h:2021:38:   required from `static Napi::Function Napi::Function::New(napi_env, Callable, const char*, void*) [with Callable = Napi::Value (*)(const Napi::CallbackInfo&); napi_env = napi_env__*]'
npm ERR! ../src/ffi.cc:58:41:   required from here
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h:63:47: error: invalid conversion from `napi_finalize' {aka `void (*)(napi_env__*, void*, void*)'} to `node_api_nogc_finalize' {aka `void (*)(const napi_env__*, void*, void*)'} [-fpermissive]
npm ERR!    63 |   status = napi_add_finalizer(env, obj, data, finalizer, hint, nullptr);
npm ERR!       |                                               ^~~~~~~~~
npm ERR!       |                                               |
npm ERR!       |                                               napi_finalize {aka void (*)(napi_env__*, void*, void*)}
npm ERR! In file included from /opt/intel/sgx-dcap-pccs/.cache/node-gyp/20.12.0/include/node/node_api.h:12,
npm ERR!                  from /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi.h:4,
npm ERR!                  from ../src/ffi.h:2,
npm ERR!                  from ../src/ffi.cc:3:
npm ERR! /opt/intel/sgx-dcap-pccs/.cache/node-gyp/20.12.0/include/node/js_native_api.h:523:43: note:   initializing argument 4 of `napi_status napi_add_finalizer(napi_env, napi_value, void*, node_api_nogc_finalize, void*, napi_ref__**)'
npm ERR!   523 |                    node_api_nogc_finalize finalize_cb,
npm ERR!       |                    ~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~
npm ERR! In file included from /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi.h:2725,
npm ERR!                  from ../src/ffi.h:2,
npm ERR!                  from ../src/ffi.cc:3:
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h: In instantiation of `napi_status Napi::details::AttachData(napi_env, napi_value, FreeType*, napi_finalize, void*) [with FreeType = Napi::details::CallbackData<void (*)(const Napi::CallbackInfo&), void>; napi_env = napi_env__*; napi_value = napi_value__*; napi_finalize = void (*)(napi_env__*, void*, void*)]':
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h:1965:39:   required from `napi_status Napi::CreateFunction(napi_env, const char*, napi_callback, CbData*, napi_value__**) [with CbData = Napi::details::CallbackData<void (*)(const Napi::CallbackInfo&), void>; napi_env = napi_env__*; napi_callback = napi_value__* (*)(napi_env__*, napi_callback_info__*); napi_value = napi_value__*]'
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h:2021:38:   required from `static Napi::Function Napi::Function::New(napi_env, Callable, const char*, void*) [with Callable = void (*)(const Napi::CallbackInfo&); napi_env = napi_env__*]'
npm ERR! ../src/ffi.cc:60:37:   required from here
npm ERR! /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi-inl.h:63:47: error: invalid conversion from `napi_finalize' {aka `void (*)(napi_env__*, void*, void*)'} to `node_api_nogc_finalize' {aka `void (*)(const napi_env__*, void*, void*)'} [-fpermissive]
npm ERR!    63 |   status = napi_add_finalizer(env, obj, data, finalizer, hint, nullptr);
npm ERR!       |                                               ^~~~~~~~~
npm ERR!       |                                               ^~~~~~~~~
npm ERR!       |                                               |
npm ERR!       |                                               napi_finalize {aka void (*)(napi_env__*, void*, void*)}
npm ERR! In file included from /opt/intel/sgx-dcap-pccs/.cache/node-gyp/20.12.0/include/node/node_api.h:12,
npm ERR!                  from /opt/intel/sgx-dcap-pccs/node_modules/node-addon-api/napi.h:4,
npm ERR!                  from ../src/ffi.h:2,
npm ERR!                  from ../src/ffi.cc:3:
npm ERR! /opt/intel/sgx-dcap-pccs/.cache/node-gyp/20.12.0/include/node/js_native_api.h:523:43: note:   initializing argument 4 of `napi_status napi_add_finalizer(napi_env, napi_value, void*, node_api_nogc_finalize, void*, napi_ref__**)'
npm ERR!   523 |                    node_api_nogc_finalize finalize_cb,
npm ERR!       |                    ~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~
npm ERR! make: *** [ffi_bindings.target.mk:121: Release/obj.target/ffi_bindings/src/ffi.o] Error 1
npm ERR! gyp ERR! build error 
npm ERR! gyp ERR! stack Error: `make` failed with exit code: 2
npm ERR! gyp ERR! stack     at ChildProcess.onExit (/opt/intel/sgx-dcap-pccs/node_modules/node-gyp/lib/build.js:194:23)
npm ERR! gyp ERR! stack     at ChildProcess.emit (node:events:518:28)
npm ERR! gyp ERR! stack     at ChildProcess._handle.onexit (node:internal/child_process:294:12)
npm ERR! gyp ERR! System Linux 6.2.16-v5.0.mvp40-generic
npm ERR! gyp ERR! command "/usr/bin/node" "/opt/intel/sgx-dcap-pccs/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
npm ERR! gyp ERR! cwd /opt/intel/sgx-dcap-pccs/node_modules/ffi-napi
npm ERR! gyp ERR! node -v v20.12.0
npm ERR! gyp ERR! node-gyp -v v8.4.1
npm ERR! gyp ERR! not ok

npm ERR! A complete log of this run can be found in: /opt/intel/sgx-dcap-pccs/.npm/_logs/2024-04-11T21_11_49_652Z-debug-0.log
dpkg: error processing package sgx-dcap-pccs (--configure):
 installed sgx-dcap-pccs package post-installation script subprocess returned error exit status 1
Processing triggers for libc-bin (2.35-0ubuntu3.6) ...
Errors were encountered while processing:
 sgx-dcap-pccs
needrestart is being skipped since dpkg has failed
E: Sub-process /usr/bin/dpkg returned an error code (1)

[lingyuj]

This issue can be observed with latest node.js minor versions, e.g. 20.12.0, 21.7.0, 18.20.0. Currently supported versions are 18.17.0 to 18.19.1, 20.0.0 to 20.11.1, or 21.0.0 to 21.5.0. While we are migrating to a new solution, the workaround is to install a compatible node.js version, for example: apt remove nodejs apt install -yq --no-install-recommends nodejs=20.11.1-1nodesource1

[niteeshkd]

Thank you ! It did help reinstalling and configuring pccs. Please feel free to close this issue.

[g2flyer]

apt install -yq --no-install-recommends nodejs=20.11.1-1nodesource1

Also useful to pin the package version as otherwise the next apt upgrade will mnove to an incompatible version

cat >/etc/apt/preferences.d/nodejs <<EOF
Package: nodejs
Pin: version 20.11.1-1nodesource1
Pin-Priority: 999
EOF

PS: i would leave that issue open until the issue is resolved in pccs itself. Anybody installing pccs now will likely face this problem so at least it shows up in the issues list ...

[niteeshkd]

Also useful to pin the package version as otherwise the next apt upgrade will mnove to an incompatible version

cat >/etc/apt/preferences.d/nodejs <<EOF
Package: nodejs
Pin: version 20.11.1-1nodesource1
Pin-Priority: 999
EOF

Thank you so much for this suggestion.

[Eurius1]

apt install -yq --no-install-recommends nodejs=20.11.1-1nodesource1

Version '20.11.1-1nodesource1' for 'nodejs' was not found

[Eurius1]

There is no obvious way to install appropriate nodejs versions at the moment

[liukun]

apt install -yq --no-install-recommends nodejs=20.11.1-1nodesource1

Version '20.11.1-1nodesource1' for 'nodejs' was not found

Try https://deb.nodesource.com/