Table of Contents
GT 4.0.8 is recommended for all users. It was released because of a number of advisory updates to 4.0.7. The advisories updates contained in this release are:
globus_gsi_callback-0.33
globus_gatekeeper-3.2
globus_rls_server-4.7
globus_wsrf_rft_service_java-0.39
globus_java_ws_core-1.26
globus_gridftp_server_control-0.21
globus_java_ws_core-1.25
gsiopenssh-4.3
Details of the advisories are available at http://www.globus.org/toolkit/advisories.html?version=4.0. New users are encouraged to start with the 4.0.8 release, as other bugs were also fixed.
This page describes only the changes since the 4.0.7 release. For details regarding previous 4.0 releases, see Release Notes.
To download this release, go to the 4.0.8 Download page.
For information on installing this release, go to the 4.0 Installation Guide.
Use the existing documentation for 4.0, which starts at http://www.globus.org/toolkit/docs/4.0/.
An overview on GT support can be found here.
The Globus Toolkit is distributed and licensed for use under the terms of the Apache License, Version 2.0.
To view the licenses of the 3rd party software used by the developers of the Globus Toolkit, click here.
For full information about usage statistics collected by GT 4.0.8 and how to opt-out, see Usage Statistics Collection by the Globus Alliance.
The following changes have occurred for Java WS Core
- No notable changes have been added for 4.0.8.
Added randomness to the TCP port selection. When GLOBUS_TCP_SOURCE_RANGE is set, instead of starting from the lower bound and monotonically increasing to find the first open port, a random number in the specified range will be picked. see Bug 6185 for more details.
No changes have been made since GT 4.0.7 release.
To view the bug fixes, click here.
No changes, other than bug fixes, have been made since the previous release.
- Updated GPT package from 4.2 to 4.3.
- Upgraded to OpenSSH 5.0p1.
- Upgraded to HPN13v1 patch.
- X11 forwarding is no longer enabled by default in ssh_config..
No changes have been made to this component since the previous release.
To view the bug fixes, click here.
There were no changes for Pre-WS MDS since the previous release. This component is deprecated.
To view the bug fix, click here.
Other than bug fixes, no changes have been made to WS GRAM since 4.0.7.
However, some improvements have been made to RFT in 4.0.8, which makes this release important for WS GRAM users that submit jobs that include file staging directives.
Other than bug fixes, no changes have been made to Pre WS GRAM since the previous release.
To view the bug fix, click here.
GridWay version shipped with GT4.0.8 is based on GridWay 5.2 and no changes have been made since 4.0.7
No changes have been made since the previous release.
No changes have been made since the previous release.
To view the bug fixes, click here.
The Following bugs have been fixed for Java WS Core since GT 4.0.7 release:
Bugs fixed for Message/Transport-level security since GT 4.0.7.
You can find information about fixed bugs here.
- Globus Security Advisory 2008-01: GSI-OpenSSH vulnerability
- Fixed a possible deadlock bug by using a second threadpool for request handling (and not sharing threads with transfer handling)
- Bug 6063: Hash collision issue in RFT connection caching
No bugs have been fixed in the Aggregator framework since the previous release.
No new bugs have been fixed for the WS MDS Index Service since the previous release.
No bugs were fixed for Pre-WS MDS since the previous release. This component is deprecated.
No new bugs have been fixed for the WS MDS Trigger Service since the previous release.
- Bug 5617:GRAM4 seg hangs with fork jobs
- Bug 5977:Add user's DN to INFO logging statement for each job submision
- Bug 5982:GRAM handles lack of local username badly(java.lang.NullPointerException)
- Bug 5992:delegated user proxy job file is not being removed
- Bug 6036:bad ResourceUnknown error from globusrun-ws
- Bug 6055:WS-GRAM accepts a limited proxy for job execution
- Bug 6068:Section about job lifetime is missing in users guide
- Bug 6070:info about how to disable an already installed LRM adapter is missing
- Bug 6182:Section about Condor specific elements in extensions is missing
No bugs have been fixed since the previous release.
- Limitations: No new limitations have been identified.
- Known Bugs: No new bugs have been filed since GT 4.0.7
For information on existing bugs, click here.
- Bug 484: Mem leak on deactivate_all
- Bug 686: globus_mutex_lock() behaves differently on Unix -vs- Win32
- Bug 1141: Misleading error messages using globus-makefile-header
- Bug 2791: Command globus-domainname needs g11n
- Bug 2793: Command globus-generalized-time needs g11n
- Bug 2794: Command globus-hostname needs g11n
- Bug 3081: Small leak in libltldl
- Bug 3107: Fatal error: tcp_init(): globus_io_tcp_create_listener() ...
- Bug 3436: globus_uuid MAC address retrieval doesn't work on solaris
- Bug 3509: GLOBUS_COMMON_MODULE->GLOBUS_CALLBACK_MODULE deactivation...
- Bug 3610: globus-makefile-header returns bad field
- Bug 4035: MacOS threading issues
- Bug 4097: Signal handling probrem on MacOS X
- Bug 4318: Pkgdata needs to make source dir explicit
- Bug 4348: globus-makefile-header generates invalid makefile for Index Service bindings
- Limitations: No new limitations have been identified.
- Known Bugs: No new known bugs have been identified.
- Limitations: No new limitations have been identified.
- Known Bugs: No new bugs have been identified.
No new problems are known to exist at the time of the GT 4.0.8 release.
No new problems are known to exist for WS Authorization Framework at the time of this release.
- Bug 3781: GSI caching of CRLs causes problems when process lifetime exceeds CRL lifetime
- Bug 4110: Need to add an option to grid-cert-request to control key length
- Bug 4665: Identity authorization fails with emailAddress and E in DNs.
- Bug 5956: grid-proxy-init doesn't work with 64-bits Suse 10 SP1 on IBM power p6
- Bug 3658: grid-cert-info should have option for RFC 2253 format DN
You can find information about known issues here.
- Bug 3324: gridftpd croaking on startup - globus_l_io_tcp_contact_string failed
- Bug 3214: Backend of GT4 GridFTPd should ignore ~/.globus/certificates
- Bug 3387: client library doesn't respect GLOBUS_HOSTNAME
- Bug 3761: globus_ftp_control library hangs at various places (depending on os)
- Bug 3807: "not a plain file" could be "file not found"
- Bug 3845: data channel authentication failure
- Bug 4119: Malformed UTF-8 character problem in globus-ftp-client tests
- Bug 4274: client library has no default striping layout.
The following known problems exist.
- Threading/Libc Problems: set LD_ASSUME_KERNEL=2.2.5 in your environment and see Platform Notes for more information.
- Bug 3656: ACLs cannot be modified dynamically
- Bug 4114: Java apis fail on 64 bit machine (patch available)
- Bug 4141: regexec call in auth.c's auth_getperms
- Bug 4142: globus-rls-admin -s always indicates RLI does not exist
- Bug 4512: RLS query returns incomplete result on 64bit system (patch available)
The following problems are known to exist for OGSA-DAI at the time of the 4.0.8 release and will be addressed in the future. If you have any others that you feel should be added to this list then please let us know.
You may also want to consult the platform-specific FAQ and general FAQ. Additional information may be posted in the advisories page which report any problems since the release, or the OGSA-DAI bugzilla which may also have information on any problems with the current release.
Performance:
- Accessing the databaseSchema property for DB2/Cloudscape can sometimes retrieve unrelated meta-data and also cause OGSA-DAI to crash.
- Accessing the databaseSchema property for Oracle causes a server-side java.lang.OutOfMemoryError.
- Attempting to return a very large data set in a Response document can cause a server-side java.lang.OutOfMemoryError. This can be avoided by submitting an asynchronous request (one that uses an outputStream) and retrieving the results using a data service's data transport operations.
- Queries of tables for millions of small rows can eventually cause a server-side java.lang.OutOfMemoryError even if using stream activities and data transport operations.
- The fileWritingActivity attempts to read the whole file in a oner and so could cause a server-side java.lang.OutOfMemoryError for very large files.
Some databases, such as dBASE IV database on Microsoft Windows 2000, allow unusual characters, such as 0xC to be contained in certain field types. When field values containing this character, OGSA-DAI encodes them into invalid XML that subsequently causes Xerces-dependent components to raise an org.xml.sax.SAXParseException. Activities that have two outputs can sometimes cause java.lang.OutOfMemoryErrors to occur server-side if manipulating large amounts of data. This can arise when using the GZIP activities for example.
- Such activities are driven by one of the two connected activities and the other activity can accumulate data without processing it. So, for example for the GZIP activities OGSA-DAI focuses on the GZIP meta-data output steam and data only flows from this stream when a file has been completely unzipped. Therefore for large files the whole contents of the file flows into the activity and is buffered without being sent on.
- OGSA-DAI's GZIP activities will warn if memory usage is close to maximum and throw an OGSA-DAI exception server-side so that the web services container does not crash.
Error and exception handling:
- The failure of a single activity in a request can cause the status of all activities to be set to ERROR, even those that are not connected and succeeded.
- The data transport activities can gulp exceptions. For example if an sqlQueryStatement with a incorrectly formed SQL query statment is connected to an outputStream activity then attempting to pull data from the outputStream using the data transport operations results in no data - no indication of an error is given to the client.
- The uk.org.ogsadai.exception.DAILogger methods can sometimes log the wrong line numbers. Searching the logs will usually reveal where the problem actually arose.
Security:
- Encrypted role map files are currently unsupported.
- If a client does not provide a certificate then deliverFromGridFTP and deliverToGridFTP in a request will fail.
File activities:
- The fileAccessActivity encodes text line-by-line if Base 64 encoding is being used. This may give different results from encoding a whole file in a oner.
- In fileWritingActivity, EOF means "end of file" when perLine has value false but "end of line" when perLine has value true.
- In fileWritingActivity only strings from its input stream are handled. Other block types e.g. bytes are ignored.
General:
- Note that when deploying new data service resources dynamically via configurable data service this only works if the JARs required by the data service resource (e.g. database driver JARs) are already within the web service container's library directories. If this is not the case then the container has to be restarted.
- The data service terminate operation currently does nothing. It is intended as a placeholder for future development.
- Meta-data from a database, returned in the databaseSchema property, can be case-sensitive depending upon the database. For example MySQL might return a table called littleblackbook while DB2 returns LITTLEBLACKBOOK.
- The uk.org.ogsadai.common.BinaryLob class contains unimplemented methods which throw java.lang UnsupportedMethodException.
- Conversion of java.sql.ResultSet to XML WebRowSet returns empty key-column and map properties in the properties element.
- deliverFromGridFTP and deliverToGridFTP do not allow the setting of certain GridFTP parameters.
There is no support in the client toolkit for certain activities. These include:
- directoryAccessActivity
- fileAccessActivity
- fileManipulationActivity
- deliverFromFTP
- deliverToFTP
- gzipDecompression
- The deliverToStream activity only works if services are deployed in Tomcat.
The following known problems exist for this release.
There are no known problems with the WS MDS Aggregator API at the time of this release.
No known problems exist for the WS MDS Index service at the time of this release.
- Bug 5079: invalidityTime bug
- Bug 2629: performance timings in globusrun-ws
- Bug 3310: Inconsistency across components with respect to client command behavior.
- Bug 3529: setup/postinstall fatal errors should be warnings
- Bug 3575: SEG dependent on GLOBUS_LOCATION env var
- Bug 3865: Enhance RSL with Job Name
- Bug 3866: Support for parametric or array job types
- Bug 3892: Out of date performance data?
- Bug 3948: Service must release all of its resources on deactivation
- Bug 4181: Allow File Staging To/From globusrun-ws application without an external server
- Bug 4182: Improve Condor/Fork Job Monitoring for reliability and security
- Bug 4311: GRAM error log files
- Bug 4513: LD_LIBRARY_PATH should not be set if no library_path is specified
- Bug 4550: Multijob code not checking for existence of job credential
- Bug 4761: Scheduler Tutorial is missing WS-GRAM setup package
- Bug 4778: WS-Fork job manager doesn't set environment up for mpi jobs
- Bug 4787: no lifetime management for WS Rendezvous
- Bug 4791: Job state history RP
- Bug 4817: Condor OS and ARCH do not have dynamic defaults
- Bug 4824: feature request: configurability of location where service writes PBS job scripts
- Bug 4833: command line program for service audit info
- Bug 4864: environment variables containing '=' get escaped
- Bug 4918: user account details are cached even for unknown users
- Bug 5012: Container in livelock state for an incorrectly mapped DN
- Bug 5017: gram[24] tests that need to be updated
- Bug 5348: Missing documentation for job recovery information
- Bug 5402: invalid password error messages
- Bug 5433: public interface doc lists non-public/internal APIs
- Bug 5471: GRAM Jobs Hang in Unsubmitted State
- Bug 5515: Destruction of subscription resources in a container shutdown/restart
- Bug 5525: Add support for OSC mpiexec (not MPICH2 command!) to PBS adapter
- Bug 5611: GramJob API changes to improve performace and efficiency
- Bug 5698: Allow a prologue/epilogue script for 'mpi' and 'multiple' jobs
- Bug 5712: Gram auditing: local_job_id format variations
- Bug 5713: GRAM auditing: Failed database connection loses audit records
- Bug 5714: GRAM Auditing: additional data in audit records
- Bug 5725: Gram auditing: housekeeping for the auditRecords database
- Bug 5745: Allow users to specify JDD in a different order than RSL schema
- Bug 5770: GRAM4 auditing: inconsistent data in job_description column of DB
- Bug 5776: GRAM4 auditing: Need for an INFO log message
- Bug 5777: GRAM2 audting: database connection times out
- Bug 5778: GRAM2 audting: no error message on db update failure
- Bug 5805: Change threadpools from Gram custom implementation to java.util.concurrent
- Bug 5820: Improve Condor Logfile Processing in GRAM
- Bug 5859: Java GramJob getExitCode() always returns 0
- Bug 5864: Audit logging field requests
- Bug 5865: Audit logging Usage Records requests
- Bug 5969: GRAM Job submission failed!!!
- Bug 6002: globusrun-ws hangs indefinitely
- Bug 6024: GRAM Audit v2
- Bug 6043: Confusing JobID in timeout message
- Bug 6065: Deleting delegated credential does not work
- Bug 6069: JDD documentation issues
- Bug 6072: specification of RAM per process in parallel jobs
- Bug 6091: GRAM4 JDD substitution detection is too broad
- Bug 6102: GRAM4 throughput tester for 4.2
- Bug 6203: audit record not inserted for RSL argument containing single quotes
- Bug 6204: Drain Mode for the GRAM service
- Bug 6271: Proxy cleanup doesn't check for authz callouts
- Bug 720: allow gram client to detect the version of a gram server
- Bug 851: Add cleanup RSL attribute for cleaning up a job submission
- Bug 865: Total and available MEM not reported for gram inforproviders
- Bug 1538: Gatekeeper log rotation and logging job accounting info
- Bug 1550: Fixes for race condition in job manager
- Bug 1934: Gatekeeper's syslog output cannot be controlled
- Bug 2739: Gatekeeper AuthZ/Gridmap Callout result logging
- Bug 2741: catching SIGSEGV if dynamic loading of authorization modules fails
- Bug 3373: globus removes the temporary job directory before pbs writes back into it
- Bug 3795: jobmanager perl modules issues
- Bug 4199: Patch pre-WS GRAM to use individual condor logs for jobs
- Bug 4213: Patch to disable streaming
- Bug 4235: globus-job-manager doesn't exit if the job fails.
- Bug 4360: globus-job-get-output bug prevents output delivery
- Bug 4730: MPI Jobs using Globus LSF in HP XC Cluster....
- Bug 4747: Need evaluation of patch to JobManager.pm
- Bug 4779: gram GT2 log files: timestamps are not ISO 8601 compatible
- Bug 5143: DONE state never reported for Condor jobs when using Condor-G grid monitor
- Bug 5200: GRAM (pre-webservices) from OSG 0.6.0 (VDT 1.6.1) has bad syslog format
- Bug 5207: GRAM SoftEnv extension bug
- Bug 5250: Does not support mpi jobtype of RSL script
- Bug 5272: Invalid parsing of RSL file
- Bug 5429: stdin is lost when jobtype=multiple with jobmanager-lsf
- Bug 5536: Missing dependency in package globus_gram_job_manager_auditing
- Bug 5537: Missing dependency in package globus_gram_job_manager_auditing
- Bug 5554: GRAM2 4.0.5 setup-globus-job-manager-fork.pl silent failure
- Bug 5556: Audit directory setup instructions are insecure
- Bug 5580: ERROR regarding proxy lifetime should not be so frustrating - make it a WARNING
- Bug 5621: gram2 credential refresh problems in 4.0.5
- Bug 5775: gram status of old jobs incorrect on some lsf systems
- Bug 6184: pbs.pm jobmanager fails jobs on qstat failure
- Bug 6241: GRAM fails to load large state fails
The following is a list of all of the bugs known at the time for the 4.0.8 release:
- Bug 5592: gwd blocks when misconfigured sudo
- Bug 5724: Environment for Non-Wrapper based jobs
- Bug 5308: gwd doesn't recover AIDs and TIDs
- Bug 5641: Sudoers configuration not allowing sudo to be run from a program
- Bug 5592: gwd blocks when misconfigured sudo
- Bug 5724: Environment for Non-Wrapper based jobs
- Bug 5734: Documentation doesn't reference the new DRMAA 1.0 binding
- Bug 5898: JSDL-Support needs Java 1.5+
There are no known problems with CSF at the time of this release.
No problems are known to exist for Globus Teleoperations Control Protocol (GTCP) at the time of this release.
The
LeasedAccountsResourceimplementation will quarantine an account if the expiration script fails for any reason; but currently we provide no user friendly mechanism for manually un-quarantining the account when the situation is cleared by an administrator. We are planning to release an update shortly.
Common Runtime Components
Security
Data Management
Information Services
Execution Management
Cross-component Tools