When trying to copy a default template to the user home directory, I get
“The change you wanted was rejected.
Maybe you tried to change something you didn’t have access to.”
I am using a default template for single threaded SLURM submissions.
Is there a permissions setting that needs to be configured?
This appears to be a common rails error message. I see the same message from other products when doing a google search on the message itself.
The template I’m copying is here:
/var/www/ood/apps/sys/myjobs/templates/default
The permissions are as follows:
-rw-r–r-- 1 root root 118 Mar 21 15:27 main_job.sh
-rw-r–r-- 1 root root 1155 Apr 7 15:21 manifest.yml
gbyrket
(Gerald Byrket)
April 11, 2022, 4:36pm
4
Hi
Thanks for your post. The perms of the files that you are copying from seem fine. However, what are the perms of the folder you are copying to?
Thanks,
-gerald
gbyrket
(Gerald Byrket)
April 11, 2022, 5:35pm
5
Hi again.
I’m looking into this. I can recreate the issue, i just need to figure out how to fix it.
thanks,
-gerald
I am able to edit files in my home dir through OOD.
So I am assuming that the permissions are ok there.
Here they are:
[equiros@whqhpc-login01p ~]$ ll
total 11542064
drwxr-xr-x 2 equiros sfwmd 110 Mar 8 08:20 benchmarks
-rw-r–r-- 1 equiros sfwmd 7908322 Mar 8 08:20 benchmarks.tar.gz
-rw-r–r-- 1 equiros sfwmd 10737418240 Feb 25 11:07 large_10G_file
-rw-r–r-- 1 equiros sfwmd 1073741824 Feb 25 11:07 large_1G_file
drwxr-xr-x 3 equiros sfwmd 18 Mar 8 10:32 ondemand
drwxr-xr-x 2 equiros sfwmd 142 Mar 14 13:47 piscripts
drwxr-xr-x 2 equiros sfwmd 4096 Mar 21 12:33 sleepscripts
[equiros@whqhpc-login01p ~]$
gbyrket
(Gerald Byrket)
April 11, 2022, 6:25pm
7
yes. this is something different. Are your log files showing anything?
Please direct me to the appropriate logs.
gbyrket
(Gerald Byrket)
April 11, 2022, 6:51pm
9
sorry.
/var/log/ondemand-nginx/<YOUR_USER_NAME>/error.log
Looks like an invalid authenticity token. not sure what that means…
App 45225 output: [2022-04-11 15:05:31 -0400 ] INFO “method=GET path=/pun/sys/dashboard/apps/show/myjobs format=html controller=AppsController action=show status=302 duration=213.69 view=0.00 location=http://whqhpc-login01p.sfwmd.gov/pun/sys/myjobs”
App 45314 output: /opt/ood/ondemand/root/usr/share/gems/2.7/ondemand/2.0.20/gems/activerecord-5.2.6/lib/active_record/connection_adapters/sqlite3_adapter.rb:32: warning: rb_check_safe_obj will be removed in Ruby 3.0
App 45314 output: [2022-04-11 15:05:33 -0400 ] DEBUG “\e[1m\e[36mWorkflow Load (0.1ms)\e[0m \e[1m\e[34mSELECT “workflows”.* FROM “workflows” INNER JOIN “jobs” ON “jobs”.“workflow_id” = “workflows”.“id” WHERE “jobs”.“status” IN (?, ?, ?, ?)\e[0m [[“status”, “H”], [“status”, “Q”], [“status”, “R”], [“status”, “S”]]”
App 45314 output: [2022-04-11 15:05:33 -0400 ] DEBUG “\e[1m\e[35mSQL (0.2ms)\e[0m \e[1m\e[34mSELECT “workflows”.“id” AS t0_r0, “workflows”.“created_at” AS t0_r1, “workflows”.“updated_at” AS t0_r2, “workflows”.“job_attrs” AS t0_r3, “workflows”.“name” AS t0_r4, “workflows”.“batch_host” AS t0_r5, “workflows”.“staged_dir” AS t0_r6, “workflows”.“script_name” AS t0_r7, “jobs”.“id” AS t1_r0, “jobs”.“workflow_id” AS t1_r1, “jobs”.“status” AS t1_r2, “jobs”.“job_cache” AS t1_r3, “jobs”.“created_at” AS t1_r4, “jobs”.“updated_at” AS t1_r5 FROM “workflows” LEFT OUTER JOIN “jobs” ON “jobs”.“workflow_id” = “workflows”.“id”\e[0m”
App 45314 output: [2022-04-11 15:05:33 -0400 ] INFO “method=GET path=/pun/sys/myjobs/ format=html controller=WorkflowsController action=index status=200 duration=65.80 view=8.74 db=1.92”
App 45314 output: [2022-04-11 15:05:38 -0400 ] WARN “Can’t verify CSRF token authenticity.”
App 45314 output: [2022-04-11 15:05:38 -0400 ] INFO “method=POST path=/pun/sys/myjobs/create_default format=html controller=WorkflowsController action=create_default status=422 error=‘ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken’ duration=0.57 view=0.00 db=0.00”
App 45314 output: [2022-04-11 15:05:38 -0400 ] FATAL “”
App 45314 output: [2022-04-11 15:05:38 -0400 ] FATAL “ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):”
App 45314 output: [2022-04-11 15:05:38 -0400 ] FATAL “”
App 45314 output: [2022-04-11 15:05:38 -0400 ] FATAL “actionpack (5.2.6) lib/action_controller/metal/request_forgery_protection.rb:215:in handle_unverified_request'\nactionpack (5.2.6) lib/action_controller/metal/request_forgery_protection.rb:247:in handle_unverified_request’\nactionpack (5.2.6) lib/action_controller/metal/request_forgery_protection.rb:242:in verify_authenticity_token'\nactivesupport (5.2.6) lib/active_support/callbacks.rb:426:in block in make_lambda’\nactivesupport (5.2.6) lib/active_support/callbacks.rb:198:in block (2 levels) in halting'\nactionpack (5.2.6) lib/abstract_controller/callbacks.rb:34:in block (2 levels) in module:Callbacks ’\nactivesupport (5.2.6) lib/active_support/callbacks.rb:199:in block in halting'\nactivesupport (5.2.6) lib/active_support/callbacks.rb:513:in block in invoke_before’\nactivesupport (5.2.6) lib/active_support/callbacks.rb:513:in each'\nactivesupport (5.2.6) lib/active_support/callbacks.rb:513:in invoke_before’\nactivesupport (5.2.6) lib/active_support/callbacks.rb:131:in run_callbacks'\nactionpack (5.2.6) lib/abstract_controller/callbacks.rb:41:in process_action’\nactionpack (5.2.6) lib/action_controller/metal/rescue.rb:22:in process_action'\nactionpack (5.2.6) lib/action_controller/metal/instrumentation.rb:34:in block in process_action’\nactivesupport (5.2.6) lib/active_support/notifications.rb:168:in block in instrument'\nactivesupport (5.2.6) lib/active_support/notifications/instrumenter.rb:23:in instrument’\nactivesupport (5.2.6) lib/active_support/notifications.rb:168:in instrument'\nactionpack (5.2.6) lib/action_controller/metal/instrumentation.rb:32:in process_action’\nactionpack (5.2.6) lib/action_controller/metal/params_wrapper.rb:256:in process_action'\nactiverecord (5.2.6) lib/active_record/railties/controller_runtime.rb:24:in process_action’\nactionpack (5.2.6) lib/abstract_controller/base.rb:134:in process'\nactionview (5.2.6) lib/action_view/rendering.rb:32:in process’\nactionpack (5.2.6) lib/action_controller/metal.rb:191:in dispatch'\nactionpack (5.2.6) lib/action_controller/metal.rb:252:in dispatch’\nactionpack (5.2.6) lib/action_dispatch/routing/route_set.rb:52:in dispatch'\nactionpack (5.2.6) lib/action_dispatch/routing/route_set.rb:34:in serve’\nactionpack (5.2.6) lib/action_dispatch/journey/router.rb:52:in block in serve'\nactionpack (5.2.6) lib/action_dispatch/journey/router.rb:35:in each’\nactionpack (5.2.6) lib/action_dispatch/journey/router.rb:35:in serve'\nactionpack (5.2.6) lib/action_dispatch/routing/route_set.rb:840:in call’\nrack (2.2.3) lib/rack/tempfile_reaper.rb:15:in call'\nrack (2.2.3) lib/rack/etag.rb:27:in call’\nrack (2.2.3) lib/rack/conditional_get.rb:40:in call'\nrack (2.2.3) lib/rack/head.rb:12:in call’\nactionpack (5.2.6) lib/action_dispatch/http/content_security_policy.rb:18:in call'\nrack (2.2.3) lib/rack/session/abstract/id.rb:266:in context’\nrack (2.2.3) lib/rack/session/abstract/id.rb:260:in call'\nactionpack (5.2.6) lib/action_dispatch/middleware/cookies.rb:670:in call’\nactionpack (5.2.6) lib/action_dispatch/middleware/callbacks.rb:28:in block in call'\nactivesupport (5.2.6) lib/active_support/callbacks.rb:98:in run_callbacks’\nactionpack (5.2.6) lib/action_dispatch/middleware/callbacks.rb:26:in call'\nactionpack (5.2.6) lib/action_dispatch/middleware/debug_exceptions.rb:61:in call’\nactionpack (5.2.6) lib/action_dispatch/middleware/show_exceptions.rb:33:in call'\nlograge (0.11.2) lib/lograge/rails_ext/rack/logger.rb:15:in call_app’\nrailties (5.2.6) lib/rails/rack/logger.rb:26:in block in call'\nactivesupport (5.2.6) lib/active_support/tagged_logging.rb:71:in block in tagged’\nactivesupport (5.2.6) lib/active_support/tagged_logging.rb:28:in tagged'\nactivesupport (5.2.6) lib/active_support/tagged_logging.rb:71:in tagged’\nrailties (5.2.6) lib/rails/rack/logger.rb:26:in call'\nactionpack (5.2.6) lib/action_dispatch/middleware/remote_ip.rb:81:in call’\nrequest_store (1.5.0) lib/request_store/middleware.rb:19:in call'\nactionpack (5.2.6) lib/action_dispatch/middleware/request_id.rb:27:in call’\nrack (2.2.3) lib/rack/method_override.rb:24:in call'\nrack (2.2.3) lib/rack/runtime.rb:22:in call’\nactivesupport (5.2.6) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in call'\nactionpack (5.2.6) lib/action_dispatch/middleware/executor.rb:14:in call’\nrack (2.2.3) lib/rack/sendfile.rb:110:in call'\nrailties (5.2.6) lib/rails/engine.rb:524:in call’\n/opt/rh/ondemand/root/usr/share/ruby/vendor_ruby/phusion_passenger/rack/thread_handler_extension.rb:107:in process_request'\n/opt/rh/ondemand/root/usr/share/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:157:in accept_and_process_next_request’\n/opt/rh/ondemand/root/usr/share/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:110:in main_loop'\n/opt/rh/ondemand/root/usr/share/ruby/vendor_ruby/phusion_passenger/request_handler.rb:416:in block (3 levels) in start_threads’\n/opt/rh/ondemand/root/usr/share/ruby/vendor_ruby/phusion_passenger/utils.rb:113:in `block in create_thread_and_abort_on_exception’”
FYI - We are using local accounts with PAM on the nodes for now.
Same for OOD. Our Identity management solution is not ready yet.
gbyrket
(Gerald Byrket)
April 11, 2022, 7:11pm
12
Same thing i’m getting on my test server. I know how to work around it, but it isn’t an acceptable solution. Still researching. Gotta see how to make the system see this link as authentic
gbyrket
(Gerald Byrket)
April 11, 2022, 7:12pm
13
I’m trouble-shooting this on my own dev server running rocky8 with OpenLDAP setup.
gbyrket
(Gerald Byrket)
April 11, 2022, 7:18pm
14
equiros-sfwmd:
CSRF token authenticity
One other question. Are you using https:// or are you using http://
We are using http.
No cert has been applied yet.
I expect we will apply one soon.
gbyrket
(Gerald Byrket)
April 11, 2022, 7:31pm
16
Once the cert is applied, this problem goes away. However, in the meantime, you need to make a change to
/var/www/ood/apps/sys/myjobs/config/initializers/session_store.rb
remove what is in there and replace it with
Rails.application.config.session_store :cache_store, { cache: ActiveSupport::Cache::FileStore.new(Dir.mktmpdir.to_s) }
This should fix the problem.
That seems to work.
Thank you very much.
Once we apply SSL, do I need to revert to the original code ?
gbyrket
(Gerald Byrket)
April 11, 2022, 8:01pm
18
Probably wouldn’t hurt since it is the default configuration.
Glad it’s fixed. Thanks for your patience!
-gerald