Known Issues with Release 5.0.0 and Bypasses

 

Date:               8/6/2020

RPM Status:  A patch RPM, 5.0.1-RC1, is now available. This is a candidate release but should be able to address all of the issues in this document. It is available at https://xrootd.slac.stanford.edu/binaries/testing/slc/ for various platforms.

 

Date:               7/20/2020

Issue:              Specifying all.adminpath in the configuration file causes the cmsd to create the Unix communication socket in the wrong location making it impossible for the xrootd to rendezvous with the cmsd.

Bypass:          Until this is patched, two solutions exist:

1.      Use the command line -a or -A options to set the adminpath instead of using the all.adminpath directive. See https://xrootd.slac.stanford.edu/doc/dev50/xrd_config.htm#_Toc39615217

2.      Bracket the all.adminpath directive so that the cmsd does not see it, for instance:
if exec xrootd
all.adminpath path
fi

 

Date:               7/13/2020

Issue:              Enabling Xcache may result in a SEGV.

Bypass:          None, people have reported that not enabling GSI security may avoid the problem in many scenarios though it is not assured.

Resolution:    A patch release will soon be forthcoming and will be available in the OSG repository whose link will be posted here.

 

Date:               7/13/2020

Issue:              HTTP TPC may result in a SEGV if client does not present a cert with a distingished name.

Bypass:          None, though this problem appears to be relatively rare.

Resolution:    A patch release will soon be forthcoming and will be available in the OSG repository whose link will be posted here.

 

Date:               7/13/2020

Issue:              The new VOMS secextractor for HTTP, libXrdVoms.so, does not accept non-RFC complaint certificate.

Bypass:          When executing vom-proxy-init to obtain a VOMS certificate, always specify the ‘--rfc’ option on the command line.

Resolution:    There on-going discussion on how critical this problem as standards compliant certificates should always be used.

 

Date:               7/13/2020

Issue:              The new VOMS secxtractor for HTTP, libXrdVoms.so, deadlocks when the ‘dbg’ option is specified for the secxtractor.

Bypass:          Do not specify the ‘dbg’ option.

Resolution:    This a low priority problem and a fix will appear in a future release.