[jira] [Created] (AIRAVATA-2692) Django: hitting a 15 second timeout of some sort with large file uploads
Marcus Christie created AIRAVATA-2692:
-
Summary: Django: hitting a 15 second timeout of some sort with
large file uploads
Key: AIRAVATA-2692
URL: https://issues.apache.org/jira/browse/AIRAVATA-2692
Project: Airavata
Issue Type: Bug
Reporter: Marcus Christie
Assignee: Marcus Christie
For some reason it fails to get the project when doing a file upload
{noformat}
[Fri Feb 23 03:46:37.783086 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] [2018-02-23 03:46:37,782 django_airavata.apps.api.views:652
ERROR] Failed to upload file
[Fri Feb 23 03:46:37.783108 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] Traceback (most recent call last):
[Fri Feb 23 03:46:37.783113 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/django-airavata-gateway/django_airavata/apps/api/views.py",
line 642, in upload_input_file
[Fri Feb 23 03:46:37.783118 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] request.authz_token, project_id)
[Fri Feb 23 03:46:37.783122 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/django-airavata-gateway/airavata/api/Airavata.py",
line 4733, in getProject
[Fri Feb 23 03:46:37.783126 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] return self.recv_getProject()
[Fri Feb 23 03:46:37.783130 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/django-airavata-gateway/airavata/api/Airavata.py",
line 4746, in recv_getProject
[Fri Feb 23 03:46:37.783134 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] (fname, mtype, rseqid) = iprot.readMessageBegin()
[Fri Feb 23 03:46:37.783138 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/venv/lib64/python3.4/site-packages/thrift/protocol/TBinaryProtocol.py",
line 134, in readMessageBegin
[Fri Feb 23 03:46:37.783152 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] sz = self.readI32()
[Fri Feb 23 03:46:37.783185 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/venv/lib64/python3.4/site-packages/thrift/protocol/TBinaryProtocol.py",
line 217, in readI32
[Fri Feb 23 03:46:37.783190 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] buff = self.trans.readAll(4)
[Fri Feb 23 03:46:37.783194 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/venv/lib64/python3.4/site-packages/thrift/transport/TTransport.py",
line 60, in readAll
[Fri Feb 23 03:46:37.783198 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] chunk = self.read(sz - have)
[Fri Feb 23 03:46:37.783202 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/venv/lib64/python3.4/site-packages/thrift/transport/TTransport.py",
line 161, in read
[Fri Feb 23 03:46:37.783206 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] self.__rbuf = BufferIO(self.__trans.read(max(sz,
self.__rbuf_size)))
[Fri Feb 23 03:46:37.783210 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] File
"/var/www/portals/django-seagrid/venv/lib64/python3.4/site-packages/thrift/transport/TSocket.py",
line 132, in read
[Fri Feb 23 03:46:37.783239 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] message='TSocket read 0 bytes')
[Fri Feb 23 03:46:37.783251 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341] thrift.transport.TTransport.TTransportException: TSocket
read 0 bytes
[Fri Feb 23 03:46:37.783263 2018] [wsgi:error] [pid 5145] [remote
68.45.52.105:56341]
{noformat}
This is hitting a 15 second timeout. Not sure where it is at.
Maybe in mod_wsgi?
https://groups.google.com/forum/#!topic/modwsgi/zuhFREjOE8M
http://modwsgi.readthedocs.io/en/master/configuration-directives/WSGIDaemonProcess.html?highlight=timeout
I know it is a 15 second timeout thing and not related to the size of the file.
If I put {{time.sleep(15)}} in my Django view handler and upload a very small
file it triggers the same Thrift error. Weird that it causes Thrift to generate
this error.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373991#comment-16373991 ] ASF subversion and git services commented on AIRAVATA-2688: --- Commit ab9800d9e7094dedfad7e67db8e56a4b453f313a in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=ab9800d ] AIRAVATA-2688 Fix isMember for when there are no members > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * [x] Implement add and remove users in the GroupViewSet.perform_update > * [x] Fix edit link on group list > * [x] only allow owners or admins to edit or delete a group -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373989#comment-16373989 ] ASF subversion and git services commented on AIRAVATA-2688: --- Commit 3ea3901d9e2858506d2b8a911c03b3ebde18ee49 in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=3ea3901 ] AIRAVATA-2688 Adding/removing users in group edit > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * [x] Implement add and remove users in the GroupViewSet.perform_update > * [x] Fix edit link on group list > * [x] only allow owners or admins to edit or delete a group -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373990#comment-16373990 ] ASF subversion and git services commented on AIRAVATA-2688: --- Commit bbda507678e4c294b994f60577287833f524c95c in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=bbda507 ] AIRAVATA-2688 Fix edit link > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * [x] Implement add and remove users in the GroupViewSet.perform_update > * [x] Fix edit link on group list > * [x] only allow owners or admins to edit or delete a group -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373988#comment-16373988 ] ASF subversion and git services commented on AIRAVATA-2688: --- Commit 910cf784170862a625a89a491f938fbee717c15b in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=910cf78 ] AIRAVATA-2688 Regenerated thrift stubs > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * [x] Implement add and remove users in the GroupViewSet.perform_update > * [x] Fix edit link on group list > * [x] only allow owners or admins to edit or delete a group -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie updated AIRAVATA-2688: -- Description: TODO * [x] split out GroupCreate component into GroupCreateContainer and GroupEditor * [x] Create GroupEditContainer component to allow editing a group * [x] Implement add and remove users in the GroupViewSet.perform_update * [x] Fix edit link on group list * [x] only allow owners or admins to edit or delete a group was: TODO * [x] split out GroupCreate component into GroupCreateContainer and GroupEditor * [x] Create GroupEditContainer component to allow editing a group * [ ] Implement add and remove users in the GroupViewSet.perform_update * [x] Fix edit link on group list * [x] only allow owners or admins to edit or delete a group > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * [x] Implement add and remove users in the GroupViewSet.perform_update > * [x] Fix edit link on group list > * [x] only allow owners or admins to edit or delete a group -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie updated AIRAVATA-2688: -- Description: TODO * [x] split out GroupCreate component into GroupCreateContainer and GroupEditor * [x] Create GroupEditContainer component to allow editing a group * [ ] Implement add and remove users in the GroupViewSet.perform_update * [x] Fix edit link on group list * [x] only allow owners or admins to edit or delete a group was: TODO * [x] split out GroupCreate component into GroupCreateContainer and GroupEditor * [x] Create GroupEditContainer component to allow editing a group * [ ] Implement add and remove users in the GroupViewSet.perform_update * [ ] Fix edit link on group list * [ ] only allow owners or admins to edit or delete a group > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * [ ] Implement add and remove users in the GroupViewSet.perform_update > * [x] Fix edit link on group list > * [x] only allow owners or admins to edit or delete a group -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie updated AIRAVATA-2688: -- Description: TODO * [x] split out GroupCreate component into GroupCreateContainer and GroupEditor * [x] Create GroupEditContainer component to allow editing a group * [ ] Implement add and remove users in the GroupViewSet.perform_update * [ ] Fix edit link on group list * [ ] only allow owners or admins to edit or delete a group was: TODO * [x] split out GroupCreate component into GroupCreateContainer and GroupEditor * [x] Create GroupEditContainer component to allow editing a group * Implement add and remove users in the GroupViewSet.perform_update > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * [ ] Implement add and remove users in the GroupViewSet.perform_update > * [ ] Fix edit link on group list > * [ ] only allow owners or admins to edit or delete a group -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2691) Django: large file uploads fail: unable to "relabelfrom"
[
https://issues.apache.org/jira/browse/AIRAVATA-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373967#comment-16373967
]
Marcus Christie commented on AIRAVATA-2691:
---
Here's the SELinux module file generated by {{ausearch -c 'httpd' --raw |
audit2allow -M my-httpd}}:
{noformat}
[root@pga-scigap-develop tmp]# cat my-httpd.te
module my-httpd 1.0;
require {
type var_log_t;
type httpd_sys_rw_content_t;
type httpd_config_t;
type httpd_t;
type etc_t;
type var_lib_t;
class file { relabelfrom write };
}
#= httpd_t ==
# WARNING: 'etc_t' is a base type.
allow httpd_t etc_t:file write;
allow httpd_t httpd_config_t:file write;
allow httpd_t httpd_sys_rw_content_t:file relabelfrom;
# WARNING 'httpd_t' is not allowed to write or create to var_lib_t. Change
the label to httpd_var_lib_t.
# $ semanage fcontext -a -t httpd_var_lib_t
/var/lib/letsencrypt/.certbot.lock
# $ restorecon -R -v /var/lib/letsencrypt/.certbot.lock
allow httpd_t var_lib_t:file write;
allow httpd_t var_log_t:file write;
{noformat}
Probably only need the line with relabelfrom on it.
> Django: large file uploads fail: unable to "relabelfrom"
>
>
> Key: AIRAVATA-2691
> URL: https://issues.apache.org/jira/browse/AIRAVATA-2691
> Project: Airavata
> Issue Type: Bug
>Reporter: Marcus Christie
>Assignee: Marcus Christie
>Priority: Major
>
> In Django, by default, files that are larger than 2.5 MB are written to /tmp
> when they are uploaded. Smaller files are simply held in memory. When the
> Django portal then tries to move an uploaded file from /tmp to the
> gateway-user-data directory it triggers an SELinux error:
> Here's the output of running {{sealert -a /var/log/audit/audit.log}}:
> {noformat}
> SELinux is preventing /usr/sbin/httpd from relabelfrom access on the file
> geombc.dat.1.
> * Plugin catchall (100. confidence) suggests **
> If you believe that httpd should be allowed relabelfrom access on the
> geombc.dat.1 file by default.
> Then you should report this as a bug.
> You can generate a local policy module to allow this access.
> Do
> allow this access for now by executing:
> # ausearch -c 'httpd' --raw | audit2allow -M my-httpd
> # semodule -i my-httpd.pp
> Additional Information:
> Source Contextsystem_u:system_r:httpd_t:s0
> Target Contextsystem_u:object_r:httpd_sys_rw_content_t:s0
> Target Objectsgeombc.dat.1 [ file ]
> Sourcehttpd
> Source Path /usr/sbin/httpd
> Port
> Host
> Source RPM Packages httpd-2.4.6-67.el7.centos.6.x86_64
> Target RPM Packages
> Policy RPMselinux-policy-3.13.1-166.el7_4.4.noarch
> Selinux Enabled True
> Policy Type targeted
> Enforcing ModeEnforcing
> Host Name pga-scigap-develop.novalocal
> Platform Linux pga-scigap-develop.novalocal
> 3.10.0-514.21.1.el7.x86_64 #1 SMP Thu May 25
> 17:04:51 UTC 2017 x86_64 x86_64
> Alert Count 5
> First Seen2018-02-22 19:15:23 UTC
> Last Seen 2018-02-22 21:52:20 UTC
> Local ID 210abd1e-8284-43c0-b94c-4741bcc1a037
> Raw Audit Messages
> type=AVC msg=audit(1519336340.609:177951): avc: denied { relabelfrom } for
> pid=16307 comm="httpd" name="geombc.dat.1" dev="sdb" ino=231489026
> scontext=system_u:system_r:httpd_t:s0
> tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file
> type=SYSCALL msg=audit(1519336340.609:177951): arch=x86_64 syscall=setxattr
> success=no exit=EACCES a0=7fda97ec63c0 a1=7fda9c116f30 a2=7fda9c193d88 a3=21
> items=0 ppid=24650 pid=16307 auid=4294967295 uid=48 gid=48 euid=48 suid=48
> fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm=httpd
> exe=/usr/sbin/httpd subj=system_u:system_r:httpd_t:s0 key=(null)
> Hash: httpd,httpd_t,httpd_sys_rw_content_t,file,relabelfrom
> {noformat}
> For now I've been able to work around this by setting FILE_UPLOAD_TEMP_DIR in
> settings_local.py to a location inside of gateway-user-data.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Created] (AIRAVATA-2691) Django: large file uploads fail: unable to "relabelfrom"
Marcus Christie created AIRAVATA-2691:
-
Summary: Django: large file uploads fail: unable to "relabelfrom"
Key: AIRAVATA-2691
URL: https://issues.apache.org/jira/browse/AIRAVATA-2691
Project: Airavata
Issue Type: Bug
Reporter: Marcus Christie
In Django, by default, files that are larger than 2.5 MB are written to /tmp
when they are uploaded. Smaller files are simply held in memory. When the
Django portal then tries to move an uploaded file from /tmp to the
gateway-user-data directory it triggers an SELinux error:
Here's the output of running {{sealert -a /var/log/audit/audit.log}}:
{noformat}
SELinux is preventing /usr/sbin/httpd from relabelfrom access on the file
geombc.dat.1.
* Plugin catchall (100. confidence) suggests **
If you believe that httpd should be allowed relabelfrom access on the
geombc.dat.1 file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'httpd' --raw | audit2allow -M my-httpd
# semodule -i my-httpd.pp
Additional Information:
Source Contextsystem_u:system_r:httpd_t:s0
Target Contextsystem_u:object_r:httpd_sys_rw_content_t:s0
Target Objectsgeombc.dat.1 [ file ]
Sourcehttpd
Source Path /usr/sbin/httpd
Port
Host
Source RPM Packages httpd-2.4.6-67.el7.centos.6.x86_64
Target RPM Packages
Policy RPMselinux-policy-3.13.1-166.el7_4.4.noarch
Selinux Enabled True
Policy Type targeted
Enforcing ModeEnforcing
Host Name pga-scigap-develop.novalocal
Platform Linux pga-scigap-develop.novalocal
3.10.0-514.21.1.el7.x86_64 #1 SMP Thu May 25
17:04:51 UTC 2017 x86_64 x86_64
Alert Count 5
First Seen2018-02-22 19:15:23 UTC
Last Seen 2018-02-22 21:52:20 UTC
Local ID 210abd1e-8284-43c0-b94c-4741bcc1a037
Raw Audit Messages
type=AVC msg=audit(1519336340.609:177951): avc: denied { relabelfrom } for
pid=16307 comm="httpd" name="geombc.dat.1" dev="sdb" ino=231489026
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file
type=SYSCALL msg=audit(1519336340.609:177951): arch=x86_64 syscall=setxattr
success=no exit=EACCES a0=7fda97ec63c0 a1=7fda9c116f30 a2=7fda9c193d88 a3=21
items=0 ppid=24650 pid=16307 auid=4294967295 uid=48 gid=48 euid=48 suid=48
fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm=httpd
exe=/usr/sbin/httpd subj=system_u:system_r:httpd_t:s0 key=(null)
Hash: httpd,httpd_t,httpd_sys_rw_content_t,file,relabelfrom
{noformat}
For now I've been able to work around this by setting FILE_UPLOAD_TEMP_DIR in
settings_local.py to a location inside of gateway-user-data.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (AIRAVATA-2691) Django: large file uploads fail: unable to "relabelfrom"
[
https://issues.apache.org/jira/browse/AIRAVATA-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marcus Christie reassigned AIRAVATA-2691:
-
Assignee: Marcus Christie
> Django: large file uploads fail: unable to "relabelfrom"
>
>
> Key: AIRAVATA-2691
> URL: https://issues.apache.org/jira/browse/AIRAVATA-2691
> Project: Airavata
> Issue Type: Bug
>Reporter: Marcus Christie
>Assignee: Marcus Christie
>Priority: Major
>
> In Django, by default, files that are larger than 2.5 MB are written to /tmp
> when they are uploaded. Smaller files are simply held in memory. When the
> Django portal then tries to move an uploaded file from /tmp to the
> gateway-user-data directory it triggers an SELinux error:
> Here's the output of running {{sealert -a /var/log/audit/audit.log}}:
> {noformat}
> SELinux is preventing /usr/sbin/httpd from relabelfrom access on the file
> geombc.dat.1.
> * Plugin catchall (100. confidence) suggests **
> If you believe that httpd should be allowed relabelfrom access on the
> geombc.dat.1 file by default.
> Then you should report this as a bug.
> You can generate a local policy module to allow this access.
> Do
> allow this access for now by executing:
> # ausearch -c 'httpd' --raw | audit2allow -M my-httpd
> # semodule -i my-httpd.pp
> Additional Information:
> Source Contextsystem_u:system_r:httpd_t:s0
> Target Contextsystem_u:object_r:httpd_sys_rw_content_t:s0
> Target Objectsgeombc.dat.1 [ file ]
> Sourcehttpd
> Source Path /usr/sbin/httpd
> Port
> Host
> Source RPM Packages httpd-2.4.6-67.el7.centos.6.x86_64
> Target RPM Packages
> Policy RPMselinux-policy-3.13.1-166.el7_4.4.noarch
> Selinux Enabled True
> Policy Type targeted
> Enforcing ModeEnforcing
> Host Name pga-scigap-develop.novalocal
> Platform Linux pga-scigap-develop.novalocal
> 3.10.0-514.21.1.el7.x86_64 #1 SMP Thu May 25
> 17:04:51 UTC 2017 x86_64 x86_64
> Alert Count 5
> First Seen2018-02-22 19:15:23 UTC
> Last Seen 2018-02-22 21:52:20 UTC
> Local ID 210abd1e-8284-43c0-b94c-4741bcc1a037
> Raw Audit Messages
> type=AVC msg=audit(1519336340.609:177951): avc: denied { relabelfrom } for
> pid=16307 comm="httpd" name="geombc.dat.1" dev="sdb" ino=231489026
> scontext=system_u:system_r:httpd_t:s0
> tcontext=system_u:object_r:httpd_sys_rw_content_t:s0 tclass=file
> type=SYSCALL msg=audit(1519336340.609:177951): arch=x86_64 syscall=setxattr
> success=no exit=EACCES a0=7fda97ec63c0 a1=7fda9c116f30 a2=7fda9c193d88 a3=21
> items=0 ppid=24650 pid=16307 auid=4294967295 uid=48 gid=48 euid=48 suid=48
> fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm=httpd
> exe=/usr/sbin/httpd subj=system_u:system_r:httpd_t:s0 key=(null)
> Hash: httpd,httpd_t,httpd_sys_rw_content_t,file,relabelfrom
> {noformat}
> For now I've been able to work around this by setting FILE_UPLOAD_TEMP_DIR in
> settings_local.py to a location inside of gateway-user-data.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373551#comment-16373551 ] ASF subversion and git services commented on AIRAVATA-2688: --- Commit 0acb40596366838e195d515b4208de6578f9e6fe in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=0acb405 ] AIRAVATA-2688 Group edit view and refactored Autocomplete > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * Implement add and remove users in the GroupViewSet.perform_update -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2689) Distributed email clients to improve email monitoring
[ https://issues.apache.org/jira/browse/AIRAVATA-2689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373470#comment-16373470 ] Suresh Marru commented on AIRAVATA-2689: More threads on this by [~apoorvp2] [http://airavata.markmail.org/thread/lt75wf4ec6ivofno] [http://airavata.markmail.org/thread/zk772gqnvelqykxz] > Distributed email clients to improve email monitoring > -- > > Key: AIRAVATA-2689 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2689 > Project: Airavata > Issue Type: New Feature >Reporter: Dimuthu Upeksha >Assignee: Dimuthu Upeksha >Priority: Major > Labels: HackIllinois2018 > > Once Airavata submits a job to a compute resource, scheduler in compute > resource sends emails about the status of the job. Content in the email is > different to each application type so we have written a set of parsers [2] > which can extract correct information form email messages. Airavata has an > email monitoring system which reads those emails, parse them and perform > necessary actions depending on the content of the emails. However this email > monitoring system is tightly coupled into the task execution engine so we > can't easily replicate it to have high availability. > Idea is to come up with a standalone email monitoring client that reads > emails from a given email account, parse them and convert it into a standard > message format. Once the message is parsed into the known message format, put > it in to a queue ( rabbitmq, kafka) in order to be consumed by task execution > engine. There are few non functional requirements > # To improve the availability, we need to have more than one monitoring > client to be running at a given time. However we need to make sure only > exactly one client consumes a given email. So we need the coordination among > email clients > # In future, this will be deployed as a micro service, so final packaging > should be compatible with docker > Current email monitor implementation is this [1]. Set of parsers available > depending on the application [2] > [1] > [https://github.com/apache/airavata/blob/master/modules/gfac/gfac-impl/src/main/java/org/apache/airavata/gfac/monitor/email/EmailBasedMonitor.java] > [2] > https://github.com/apache/airavata/tree/master/modules/gfac/gfac-impl/src/main/java/org/apache/airavata/gfac/monitor/email/parser -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2689) Distributed email clients to improve email monitoring
[ https://issues.apache.org/jira/browse/AIRAVATA-2689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373464#comment-16373464 ] Suresh Marru commented on AIRAVATA-2689: [~apoorvp2] has worked on this issues as part of GSOC last year and has architecture diagram and discussion at - [http://markmail.org/thread/cqvdomb2i5hh4jgw.|http://markmail.org/thread/cqvdomb2i5hh4jgw] I am still looking for the code related to this contribution. > Distributed email clients to improve email monitoring > -- > > Key: AIRAVATA-2689 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2689 > Project: Airavata > Issue Type: New Feature >Reporter: Dimuthu Upeksha >Assignee: Dimuthu Upeksha >Priority: Major > Labels: HackIllinois2018 > > Once Airavata submits a job to a compute resource, scheduler in compute > resource sends emails about the status of the job. Content in the email is > different to each application type so we have written a set of parsers [2] > which can extract correct information form email messages. Airavata has an > email monitoring system which reads those emails, parse them and perform > necessary actions depending on the content of the emails. However this email > monitoring system is tightly coupled into the task execution engine so we > can't easily replicate it to have high availability. > Idea is to come up with a standalone email monitoring client that reads > emails from a given email account, parse them and convert it into a standard > message format. Once the message is parsed into the known message format, put > it in to a queue ( rabbitmq, kafka) in order to be consumed by task execution > engine. There are few non functional requirements > # To improve the availability, we need to have more than one monitoring > client to be running at a given time. However we need to make sure only > exactly one client consumes a given email. So we need the coordination among > email clients > # In future, this will be deployed as a micro service, so final packaging > should be compatible with docker > Current email monitor implementation is this [1]. Set of parsers available > depending on the application [2] > [1] > [https://github.com/apache/airavata/blob/master/modules/gfac/gfac-impl/src/main/java/org/apache/airavata/gfac/monitor/email/EmailBasedMonitor.java] > [2] > https://github.com/apache/airavata/tree/master/modules/gfac/gfac-impl/src/main/java/org/apache/airavata/gfac/monitor/email/parser -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie updated AIRAVATA-2688: -- Description: TODO * [x] split out GroupCreate component into GroupCreateContainer and GroupEditor * [x] Create GroupEditContainer component to allow editing a group * Implement add and remove users in the GroupViewSet.perform_update was: TODO * split out GroupCreate component into GroupCreateContainer and GroupEditor * Create GroupEditContainer component to allow editing a group * Implement add and remove users in the GroupViewSet.perform_update > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] split out GroupCreate component into GroupCreateContainer and > GroupEditor > * [x] Create GroupEditContainer component to allow editing a group > * Implement add and remove users in the GroupViewSet.perform_update -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (AIRAVATA-2690) Filter Application Deployments based on user's access to Group Resource Profile
Sneha Tilak created AIRAVATA-2690: - Summary: Filter Application Deployments based on user's access to Group Resource Profile Key: AIRAVATA-2690 URL: https://issues.apache.org/jira/browse/AIRAVATA-2690 Project: Airavata Issue Type: Improvement Reporter: Sneha Tilak Assignee: Sneha Tilak -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (AIRAVATA-2689) Distributed email clients to improve email monitoring
Dimuthu Upeksha created AIRAVATA-2689: - Summary: Distributed email clients to improve email monitoring Key: AIRAVATA-2689 URL: https://issues.apache.org/jira/browse/AIRAVATA-2689 Project: Airavata Issue Type: New Feature Reporter: Dimuthu Upeksha Assignee: Dimuthu Upeksha Once Airavata submits a job to a compute resource, scheduler in compute resource sends emails about the status of the job. Content in the email is different to each application type so we have written a set of parsers [2] which can extract correct information form email messages. Airavata has an email monitoring system which reads those emails, parse them and perform necessary actions depending on the content of the emails. However this email monitoring system is tightly coupled into the task execution engine so we can't easily replicate it to have high availability. Idea is to come up with a standalone email monitoring client that reads emails from a given email account, parse them and convert it into a standard message format. Once the message is parsed into the known message format, put it in to a queue ( rabbitmq, kafka) in order to be consumed by task execution engine. There are few non functional requirements # To improve the availability, we need to have more than one monitoring client to be running at a given time. However we need to make sure only exactly one client consumes a given email. So we need the coordination among email clients # In future, this will be deployed as a micro service, so final packaging should be compatible with docker Current email monitor implementation is this [1]. Set of parsers available depending on the application [2] [1] [https://github.com/apache/airavata/blob/master/modules/gfac/gfac-impl/src/main/java/org/apache/airavata/gfac/monitor/email/EmailBasedMonitor.java] [2] https://github.com/apache/airavata/tree/master/modules/gfac/gfac-impl/src/main/java/org/apache/airavata/gfac/monitor/email/parser -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2624) Stampede2 cluster SSH connectivity issue
[ https://issues.apache.org/jira/browse/AIRAVATA-2624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373070#comment-16373070 ] ASF subversion and git services commented on AIRAVATA-2624: --- Commit dc6ea56eb5435ec3f03d6a8226a44497e7290616 in airavata's branch refs/heads/develop from dimuthu.upeks...@gmail.com [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=dc6ea56 ] Fixing AIRAVATA-2624 Sampede2 cluster SSH connectivity issue > Stampede2 cluster SSH connectivity issue > > > Key: AIRAVATA-2624 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2624 > Project: Airavata > Issue Type: Bug > Components: Airavata System, GFac >Affects Versions: 0.18 > Environment: https://seagrid.org >Reporter: Eroma >Assignee: Marcus Christie >Priority: Major > Fix For: 0.18 > > > Job submission fails at env creation due to JSch initialization error. > Error messages > 2018-01-09 09:46:10,786 [pool-7-thread-15] ERROR > o.a.a.gfac.core.GFacException > process_id=PROCESS_650014f6-fcb6-4680-90ea-898bee373f37, > token_id=3d65bf6d-2c9f-4166-a51b-e76e0022bd3b, > experiment_id=Clone_of_st2molcastest_e2942a34-c9c7-4f04-8ccb-af6fe27e0990, > gateway_id=seagrid - JSch initialization error > com.jcraft.jsch.JSchException: Auth fail > at com.jcraft.jsch.Session.connect(Session.java:512) > at com.jcraft.jsch.Session.connect(Session.java:183) > at > org.apache.airavata.gfac.impl.Factory.getSSHSession(Factory.java:542) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.getSshSession(HPCRemoteCluster.java:138) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.getSession(HPCRemoteCluster.java:315) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.makeDirectory(HPCRemoteCluster.java:242) > at > org.apache.airavata.gfac.impl.task.EnvironmentSetupTask.execute(EnvironmentSetupTask.java:51) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeTask(GFacEngineImpl.java:814) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.configureWorkspace(GFacEngineImpl.java:553) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeTaskListFrom(GFacEngineImpl.java:324) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeProcess(GFacEngineImpl.java:286) > at > org.apache.airavata.gfac.impl.GFacWorker.executeProcess(GFacWorker.java:227) > at org.apache.airavata.gfac.impl.GFacWorker.run(GFacWorker.java:86) > at > org.apache.airavata.common.logging.MDCUtil.lambda$wrapWithMDC$0(MDCUtil.java:40) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:748) > 2018-01-09 09:46:10,786 [pool-7-thread-15] ERROR > o.a.a.g.i.t.EnvironmentSetupTask > process_id=PROCESS_650014f6-fcb6-4680-90ea-898bee373f37, > token_id=3d65bf6d-2c9f-4166-a51b-e76e0022bd3b, > experiment_id=Clone_of_st2molcastest_e2942a34-c9c7-4f04-8ccb-af6fe27e0990, > gateway_id=seagrid - Error while environment setup > org.apache.airavata.gfac.core.GFacException: JSch initialization error > at > org.apache.airavata.gfac.impl.Factory.getSSHSession(Factory.java:545) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.getSshSession(HPCRemoteCluster.java:138) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.getSession(HPCRemoteCluster.java:315) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.makeDirectory(HPCRemoteCluster.java:242) > at > org.apache.airavata.gfac.impl.task.EnvironmentSetupTask.execute(EnvironmentSetupTask.java:51) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeTask(GFacEngineImpl.java:814) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.configureWorkspace(GFacEngineImpl.java:553) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeTaskListFrom(GFacEngineImpl.java:324) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeProcess(GFacEngineImpl.java:286) > at > org.apache.airavata.gfac.impl.GFacWorker.executeProcess(GFacWorker.java:227) > at org.apache.airavata.gfac.impl.GFacWorker.run(GFacWorker.java:86) > at > org.apache.airavata.common.logging.MDCUtil.lambda$wrapWithMDC$0(MDCUtil.java:40) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:748) > Caused by: com.jcraft.jsch.JSchException: Auth fail > at com.jcraft.jsch.Session.connect(Session.java:512) >
[jira] [Commented] (AIRAVATA-2621) SSH port provided in compute resource registration is not considered for cluster SSH communication
[ https://issues.apache.org/jira/browse/AIRAVATA-2621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373069#comment-16373069 ] ASF subversion and git services commented on AIRAVATA-2621: --- Commit 6c1478c906fd0f1b209b5b0d2eb2317a68ed549d in airavata's branch refs/heads/develop from dimuthu.upeks...@gmail.com [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=6c1478c ] Fixing AIRAVATA-2621 > SSH port provided in compute resource registration is not considered for > cluster SSH communication > -- > > Key: AIRAVATA-2621 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2621 > Project: Airavata > Issue Type: Bug > Components: GFac >Affects Versions: 0.18 > Environment: https://hpcgateway.gsu.edu/ > https://scigap.org/ >Reporter: Eroma >Assignee: Dimuthu Upeksha >Priority: Major > Fix For: 0.18 > > > 1. Added a specific port for job submissions (15022) > 2. But when submitting jobs, for environment creation, the gfac is using the > default 22 port, not the specified one in scigap.org for hpclogin.gsu.edu. > 3. log messages in airavata log > 2017-12-19 11:13:18,996 [pool-7-thread-2] INFO > o.a.airavata.gfac.impl.Factory > process_id=PROCESS_3b471b3b-5b4e-4b6d-a66e-554652a390d2, > token_id=35da840b-63d5-4cbf-b9ce-3005cd94d961, > experiment_id=NWChem2_a38ac303-666f-4dea-9b4c-7bffe0f97dd7, > gateway_id=georgiastate - Initialize a new SSH session for > :airavata_hpclogin.gsu.edu_22_35da840b-63d5-4cbf-b9ce-3005cd94d961 > 2017-12-19 11:15:26,272 [pool-7-thread-2] ERROR o.a.a.gfac.core.GFacException > process_id=PROCESS_3b471b3b-5b4e-4b6d-a66e-554652a390d2, > token_id=35da840b-63d5-4cbf-b9ce-3005cd94d961, > experiment_id=NWChem2_a38ac303-666f-4dea-9b4c-7bffe0f97dd7, > gateway_id=georgiastate - JSch initialization error > com.jcraft.jsch.JSchException: java.net.ConnectException: Connection timed > out (Connection timed out) > at com.jcraft.jsch.Util.createSocket(Util.java:349) > at com.jcraft.jsch.Session.connect(Session.java:215) > at com.jcraft.jsch.Session.connect(Session.java:183) > at > org.apache.airavata.gfac.impl.Factory.getSSHSession(Factory.java:542) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.getSshSession(HPCRemoteCluster.java:138) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.getSession(HPCRemoteCluster.java:315) > at > org.apache.airavata.gfac.impl.HPCRemoteCluster.makeDirectory(HPCRemoteCluster.java:242) > at > org.apache.airavata.gfac.impl.task.EnvironmentSetupTask.execute(EnvironmentSetupTask.java:51) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeTask(GFacEngineImpl.java:814) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.configureWorkspace(GFacEngineImpl.java:553) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeTaskListFrom(GFacEngineImpl.java:324) > at > org.apache.airavata.gfac.impl.GFacEngineImpl.executeProcess(GFacEngineImpl.java:286) > at > org.apache.airavata.gfac.impl.GFacWorker.executeProcess(GFacWorker.java:227) > at org.apache.airavata.gfac.impl.GFacWorker.run(GFacWorker.java:86) > at > org.apache.airavata.common.logging.MDCUtil.lambda$wrapWithMDC$0(MDCUtil.java:40) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:748) > Caused by: java.net.ConnectException: Connection timed out (Connection timed > out) > at java.net.PlainSocketImpl.socketConnect(Native Method) > at > java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) > at > java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) > at > java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) > at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) > at java.net.Socket.connect(Socket.java:589) > at java.net.Socket.connect(Socket.java:538) > at java.net.Socket.(Socket.java:434) > at java.net.Socket.(Socket.java:211) > at com.jcraft.jsch.Util.createSocket(Util.java:343) > ... 17 common frames omitted > ?NWChem2_a38ac303-666f-4dea-9b4c-7bffe0f97dd7 -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AIRAVATA-2688) Groups UI: edit group view
[ https://issues.apache.org/jira/browse/AIRAVATA-2688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie updated AIRAVATA-2688: -- Description: TODO * split out GroupCreate component into GroupCreateContainer and GroupEditor * Create GroupEditContainer component to allow editing a group * Implement add and remove users in the GroupViewSet.perform_update > Groups UI: edit group view > -- > > Key: AIRAVATA-2688 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * split out GroupCreate component into GroupCreateContainer and GroupEditor > * Create GroupEditContainer component to allow editing a group > * Implement add and remove users in the GroupViewSet.perform_update -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (AIRAVATA-2688) Groups UI: edit group view
Marcus Christie created AIRAVATA-2688: - Summary: Groups UI: edit group view Key: AIRAVATA-2688 URL: https://issues.apache.org/jira/browse/AIRAVATA-2688 Project: Airavata Issue Type: Bug Reporter: Marcus Christie Assignee: Marcus Christie -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2685) Groups UI: get list of users that can be added to group
[ https://issues.apache.org/jira/browse/AIRAVATA-2685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373003#comment-16373003 ] ASF subversion and git services commented on AIRAVATA-2685: --- Commit efbd6549f0a9ce41bad3a62ed0f807a9fb2a11e4 in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=efbd654 ] AIRAVATA-2685 Fix assigning group id for newly created group > Groups UI: get list of users that can be added to group > --- > > Key: AIRAVATA-2685 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2685 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] Create DRF serializers, viewsets for UserProfiles > * [x] JS models and services to load UserProfiles > * [x] load all UserProfiles into the group creation view > * [x] autocomplete search over full name and username > * [x] display full name and username -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2685) Groups UI: get list of users that can be added to group
[ https://issues.apache.org/jira/browse/AIRAVATA-2685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373005#comment-16373005 ] ASF subversion and git services commented on AIRAVATA-2685: --- Commit f9d053c98dad05037332a37a17505399c28624a4 in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=f9d053c ] AIRAVATA-2685 Redirect to group listing when group created > Groups UI: get list of users that can be added to group > --- > > Key: AIRAVATA-2685 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2685 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] Create DRF serializers, viewsets for UserProfiles > * [x] JS models and services to load UserProfiles > * [x] load all UserProfiles into the group creation view > * [x] autocomplete search over full name and username > * [x] display full name and username -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (AIRAVATA-2685) Groups UI: get list of users that can be added to group
[ https://issues.apache.org/jira/browse/AIRAVATA-2685?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie resolved AIRAVATA-2685. --- Resolution: Fixed > Groups UI: get list of users that can be added to group > --- > > Key: AIRAVATA-2685 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2685 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] Create DRF serializers, viewsets for UserProfiles > * [x] JS models and services to load UserProfiles > * [x] load all UserProfiles into the group creation view > * [x] autocomplete search over full name and username > * [x] display full name and username -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2685) Groups UI: get list of users that can be added to group
[ https://issues.apache.org/jira/browse/AIRAVATA-2685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16373002#comment-16373002 ] ASF subversion and git services commented on AIRAVATA-2685: --- Commit 362af100e7e61ad7c39fb0547c26e5b0bc328a8d in airavata-django-portal's branch refs/heads/master from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=362af10 ] AIRAVATA-2685 List of users for group loaded from UserProfileService > Groups UI: get list of users that can be added to group > --- > > Key: AIRAVATA-2685 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2685 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] Create DRF serializers, viewsets for UserProfiles > * [x] JS models and services to load UserProfiles > * [x] load all UserProfiles into the group creation view > * [x] autocomplete search over full name and username > * [x] display full name and username -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (AIRAVATA-2685) Groups UI: get list of users that can be added to group
[ https://issues.apache.org/jira/browse/AIRAVATA-2685?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie updated AIRAVATA-2685: -- Description: TODO * [x] Create DRF serializers, viewsets for UserProfiles * [x] JS models and services to load UserProfiles * [x] load all UserProfiles into the group creation view * [x] autocomplete search over full name and username * [x] display full name and username was: TODO * [ ] Create DRF serializers, viewsets for UserProfiles * [ ] JS models and services to load UserProfiles * [ ] load all UserProfiles into the group creation view * [ ] autocomplete search over full name, username and email address * [ ] display full name and username > Groups UI: get list of users that can be added to group > --- > > Key: AIRAVATA-2685 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2685 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [x] Create DRF serializers, viewsets for UserProfiles > * [x] JS models and services to load UserProfiles > * [x] load all UserProfiles into the group creation view > * [x] autocomplete search over full name and username > * [x] display full name and username -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (AIRAVATA-2687) Distributed agents on compute resources to communicate with Airavata server
Dimuthu Upeksha created AIRAVATA-2687: - Summary: Distributed agents on compute resources to communicate with Airavata server Key: AIRAVATA-2687 URL: https://issues.apache.org/jira/browse/AIRAVATA-2687 Project: Airavata Issue Type: New Feature Reporter: Dimuthu Upeksha Assignee: Dimuthu Upeksha Currently Airavata talk to compute resources through SSH communication. However there are scenarios where this might not work. # Airavata can not setup a SSH connection when the compute resource is set behind a firewall or the system administrators do not allow to create a SSH connections to the compute resource. # Doing a burst of SSH call to a particular compute resource leads to the false detection of Airavata server doing DoS attack on the compute resource. As an alternative, we think of an another approach to create the communication between Airavata server and the compute resource. Suggestion is to install an agent on the compute resource and agent creates a connection to the Airavata server when required. This might eliminate the firewall issue as the compute resource is the one which initiates the connection. Then Server can send commands. Communication protocol might be application specific but it should support both request response and fire and forget model. However there challenges, # How does the agent find the Airavata server # What happens when an agent failed? How does Airavata server knows it? # When Airavata server needs to execute a command on a compute resource where an agent is installed, how does it find the correct agent connection? At the first stage, we need to send linux commands to be executed on the compute resource and transfer files through the agent. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2685) Groups UI: get list of users that can be added to group
[ https://issues.apache.org/jira/browse/AIRAVATA-2685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16372951#comment-16372951 ] ASF subversion and git services commented on AIRAVATA-2685: --- Commit 7fe25f18b1aa97a2b8ff1674b98afec05ca09ab0 in airavata's branch refs/heads/group-based-auth from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=7fe25f1 ] AIRAVATA-2685 Allow loading all user profiles, without paging > Groups UI: get list of users that can be added to group > --- > > Key: AIRAVATA-2685 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2685 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [ ] Create DRF serializers, viewsets for UserProfiles > * [ ] JS models and services to load UserProfiles > * [ ] load all UserProfiles into the group creation view > * [ ] autocomplete search over full name, username and email address > * [ ] display full name and username -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (AIRAVATA-2686) Error: Table 'app_catalog.workflow_input' doesn't exist {stmnt 1618749395 ALTER TABLE workflow_input ADD TEMPLATE_ID VARCHAR(255) }
Marcus Christie created AIRAVATA-2686:
-
Summary: Error: Table 'app_catalog.workflow_input' doesn't exist
{stmnt 1618749395 ALTER TABLE workflow_input ADD TEMPLATE_ID VARCHAR(255) }
Key: AIRAVATA-2686
URL: https://issues.apache.org/jira/browse/AIRAVATA-2686
Project: Airavata
Issue Type: Bug
Reporter: Marcus Christie
This might be related to the registry-refactoring work. This error occurs the
first time creating an EntityManager in the app catalog
(AppCatalogJPAUtils.getEntityManager). Looks like it is trying to do some
database updates to bring tables up to date with the JPA models.
Stack trace:
{noformat}
2018-02-22 15:16:37,425 [pool-9-thread-2] ERROR
o.a.a.r.a.s.h.RegistryServerHandler - seagrid
java.lang.RuntimeException: Failed to get App Catalog EntityManager
at
org.apache.airavata.registry.core.repositories.appcatalog.AppCatAbstractRepository.execute(AppCatAbstractRep
ository.java:115)
at
org.apache.airavata.registry.core.repositories.appcatalog.AppCatAbstractRepository.get(AppCatAbstractReposit
ory.java:69)
at
org.apache.airavata.registry.core.repositories.appcatalog.GwyResourceProfileRepository.getGatewayProfile(Gwy
ResourceProfileRepository.java:81)
at
org.apache.airavata.registry.api.service.handler.RegistryServerHandler.getGatewayResourceProfile(RegistrySer
verHandler.java:1993)
at
org.apache.airavata.registry.api.RegistryService$Processor$getGatewayResourceProfile.getResult(RegistryServi
ce.java:17447)
at
org.apache.airavata.registry.api.RegistryService$Processor$getGatewayResourceProfile.getResult(RegistryServi
ce.java:17431)
at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
at
org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.apache.openjpa.persistence.PersistenceException: (conn:1644)
Table 'app_catalog.workflow_input' doesn't
exist {stmnt 1618749395
ALTER TABLE workflow_input ADD TEMPLATE_ID VARCHAR(255) } [code=1146,
state=42S02]
at org.apache.openjpa.jdbc.meta.MappingTool.record(MappingTool.java:559)
at org.apache.openjpa.jdbc.meta.MappingTool.record(MappingTool.java:455)
at
org.apache.openjpa.jdbc.kernel.JDBCBrokerFactory.synchronizeMappings(JDBCBrokerFactory.java:160)
at
org.apache.openjpa.jdbc.kernel.JDBCBrokerFactory.synchronizeMappings(JDBCBrokerFactory.java:164)
at
org.apache.openjpa.jdbc.kernel.JDBCBrokerFactory.newBrokerImpl(JDBCBrokerFactory.java:122)
at
org.apache.openjpa.kernel.AbstractBrokerFactory.newBroker(AbstractBrokerFactory.java:209)
at
org.apache.openjpa.kernel.DelegatingBrokerFactory.newBroker(DelegatingBrokerFactory.java:156)
at
org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:22
7)
at
org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:15
4)
at
org.apache.openjpa.persistence.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:60
)
at
org.apache.airavata.registry.core.utils.JPAUtil.AppCatalogJPAUtils.getEntityManager(AppCatalogJPAUtils.java:
55)
at
org.apache.airavata.registry.core.repositories.appcatalog.AppCatAbstractRepository.execute(AppCatAbstractRep
ository.java:113)
... 11 common frames omitted
Caused by: org.apache.openjpa.lib.jdbc.ReportingSQLException: (conn:1644) Table
'app_catalog.workflow_input' doesn't ex
ist {stmnt 1618749395
ALTER TABLE workflow_input ADD TEMPLATE_ID VARCHAR(255) } [code=1146,
state=42S02]
at
org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator.wrap(LoggingConnectionDecorator.java:247)
at
org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator.wrap(LoggingConnectionDecorator.java:231)
at
org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator.access$700(LoggingConnectionDecorator.java:72)
at
org.apache.openjpa.lib.jdbc.LoggingConnectionDecorator$LoggingConnection$LoggingStatement.executeUpdate(LoggingConnectionDecorator.java:942)
at
org.apache.openjpa.lib.jdbc.DelegatingStatement.executeUpdate(DelegatingStatement.java:114)
at
org.apache.openjpa.jdbc.schema.SchemaTool.executeSQL(SchemaTool.java:1224)
at
org.apache.openjpa.jdbc.schema.SchemaTool.addColumn(SchemaTool.java:1057)
at org.apache.openjpa.jdbc.schema.SchemaTool.add(SchemaTool.java:506)
at org.apache.openjpa.jdbc.schema.SchemaTool.add(SchemaTool.java:366)
at
[jira] [Updated] (AIRAVATA-2685) Groups UI: get list of users that can be added to group
[ https://issues.apache.org/jira/browse/AIRAVATA-2685?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marcus Christie updated AIRAVATA-2685: -- Description: TODO * [ ] Create DRF serializers, viewsets for UserProfiles * [ ] JS models and services to load UserProfiles * [ ] load all UserProfiles into the group creation view * [ ] autocomplete search over full name, username and email address * [ ] display full name and username > Groups UI: get list of users that can be added to group > --- > > Key: AIRAVATA-2685 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2685 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Marcus Christie >Priority: Major > > TODO > * [ ] Create DRF serializers, viewsets for UserProfiles > * [ ] JS models and services to load UserProfiles > * [ ] load all UserProfiles into the group creation view > * [ ] autocomplete search over full name, username and email address > * [ ] display full name and username -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2679) GroupManagerService: methods to add and remove users in groups
[ https://issues.apache.org/jira/browse/AIRAVATA-2679?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16372876#comment-16372876 ] ASF subversion and git services commented on AIRAVATA-2679: --- Commit fc9fb2e357ca49d0ac39a944fa765653d485 in airavata's branch refs/heads/group-based-auth from [~Sachin Kariyattin] [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=fc9fb2e ] AIRAVATA-2679 & AIRAVATA-2680 auth checks and add/remove users from group > GroupManagerService: methods to add and remove users in groups > -- > > Key: AIRAVATA-2679 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2679 > Project: Airavata > Issue Type: Bug > Components: Airavata API >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > > Currently there is no way to change the users that are members of a group in > the GroupManagerService. Methods should be added. These methods should > verify that the user is an owner or an admin of the group. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2679) GroupManagerService: methods to add and remove users in groups
[ https://issues.apache.org/jira/browse/AIRAVATA-2679?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16372878#comment-16372878 ] ASF subversion and git services commented on AIRAVATA-2679: --- Commit 93c0ffd04b058e33c015181999008847c8ae5537 in airavata's branch refs/heads/group-based-auth from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=93c0ffd ] Merge pull request #172 from sachinkariyattin/group-based-auth [AIRAVATA-2679] [AIRAVATA-2680] GroupManagerService: Auth checks and add/remove users from group > GroupManagerService: methods to add and remove users in groups > -- > > Key: AIRAVATA-2679 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2679 > Project: Airavata > Issue Type: Bug > Components: Airavata API >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > > Currently there is no way to change the users that are members of a group in > the GroupManagerService. Methods should be added. These methods should > verify that the user is an owner or an admin of the group. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2680) GroupManagerService: add owner/admin authorization checks
[ https://issues.apache.org/jira/browse/AIRAVATA-2680?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16372879#comment-16372879 ] ASF subversion and git services commented on AIRAVATA-2680: --- Commit 93c0ffd04b058e33c015181999008847c8ae5537 in airavata's branch refs/heads/group-based-auth from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=93c0ffd ] Merge pull request #172 from sachinkariyattin/group-based-auth [AIRAVATA-2679] [AIRAVATA-2680] GroupManagerService: Auth checks and add/remove users from group > GroupManagerService: add owner/admin authorization checks > - > > Key: AIRAVATA-2680 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2680 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > > Check if the user is an owner or admin before allowing modifications to a > group. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2680) GroupManagerService: add owner/admin authorization checks
[ https://issues.apache.org/jira/browse/AIRAVATA-2680?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16372877#comment-16372877 ] ASF subversion and git services commented on AIRAVATA-2680: --- Commit fc9fb2e357ca49d0ac39a944fa765653d485 in airavata's branch refs/heads/group-based-auth from [~Sachin Kariyattin] [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=fc9fb2e ] AIRAVATA-2679 & AIRAVATA-2680 auth checks and add/remove users from group > GroupManagerService: add owner/admin authorization checks > - > > Key: AIRAVATA-2680 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2680 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > > Check if the user is an owner or admin before allowing modifications to a > group. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
