Error upon executing a new custom plugin

[MadOtis]

Describe the bug
I am developing a custom auth plugin for Vault 0.10.1 to address a lacking space that is most likely a domain-specific need. I have followed the code concepts at https://github.com/hashicorp/vault-auth-plugin-example and at this early stage, the code does only 1 additional field from the example code + renamed the super-secret-password to simply 'password'; so the updates simply accept the two fields, log them to stdout, then return a valid Response object.

Building with Golang 1.10.1, the new plugin builds successfully, is registerable successfully within Vault (however, there are warnings; see below), but fails when executed by the Vault client with the client "* plugin exited before we could connect" error; and see below for the output of the server debug logs:

To Reproduce
Steps to reproduce the behavior:

1. Install latest Vault 0.10.1
2. git clone the sample auth plugin code from https://github.com/hashicorp/vault-auth-plugin-example
3. Build plugin using Golang 1.10.1
4. Deploy the plugin as normal using a mostly spartan vault.hcl configuration I use for DEV
5. Call the plugin as expected: vault write auth/example/login username=foo password=bar

Expected behavior
I should see a token generated and returned to the Vault client instead of an error, plus I should see the plugin log the passed arguments to either stdout or the server's log file

Environment:

• Vault Server Version (retrieve with vault status):

:---> vault status
Key             Value
---             -----
Seal Type       shamir
Sealed          false
Total Shares    1
Threshold       1
Version         0.10.1
Cluster Name    vault-cluster-1beade26
Cluster ID      72b2d9af-4265-4e17-acce-638d93256a15
HA Enabled      false

• Vault CLI Version (retrieve with vault version):

:---> vault version
Vault v0.10.1 ('756fdc4587350daf1c65b93647b2cc31a6f119cd')

• Server Operating System/Architecture:
  Mac OS-X 10.13.2/amd64 darwin

Vault server configuration file(s):

plugin_directory = "/Users/bn2s/go/src/path-to-my-plugin/vault-awscreds-plugin"
storage "inmem" {
  redirect_addr = "http://mylocalip:8200"
}
listener "tcp" {
  address = "mylocalip:8200"
  tls_disable = true
}

Additional context
debug log from server when issuing the "vault plugin enable" command at the client:

2018-05-24T07:47:24.640-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin: starting plugin: metadata=true path=/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example args=[/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example]
2018-05-24T07:47:24.643-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin: waiting for RPC address: metadata=true path=/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example
2018-05-24T07:47:24.660-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin.vault-auth-example: plugin address: metadata=true network=unix address=/var/folders/lc/mtty42rj4ddcdzsm68zbzmpwdklbbr/T/plugin814821810 timestamp=2018-05-24T07:47:24.660-0700
2018-05-24T07:47:24.663-0700 [WARN ] auth.plugin.auth_plugin_683da77a.example-auth-plugin: error closing client during Kill: metadata=true err="rpc error: code = Canceled desc = grpc: the client connection is closing"
2018-05-24T07:47:24.665-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin: plugin process exited: metadata=true path=/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example
2018-05-24T07:47:24.665-0700 [INFO ] core: enabled credential backend: path=example/ type=plugin
2018-05-24T07:47:30.922-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin: starting plugin: path=/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example args=[/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example]

Server debug log snippet end trying to execute the plugin via 'vault write auth/example/login username=foo password=bar':

2018-05-24T07:55:05.007-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin: starting plugin: path=/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example args=[/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example]
2018-05-24T07:55:05.009-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin: waiting for RPC address: path=/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example
2018-05-24T07:55:05.053-0700 [ERROR] auth.plugin.auth_plugin_683da77a.example-auth-plugin.vault-auth-example: plugin tls init: error="error during token unwrap request: Error making API request.

URL: PUT http://10.11.214.61:8200/v1/sys/wrapping/unwrap
Code: 403. Errors:

* permission denied" timestamp=2018-05-24T07:55:05.053-0700
2018-05-24T07:55:05.056-0700 [DEBUG] auth.plugin.auth_plugin_683da77a.example-auth-plugin: plugin process exited: path=/Users/bn2s/go/src/gitlab.nordstrom.com/sse/vault-awscreds-plugin/vault-auth-example
2018-05-24T07:55:05.056-0700 [ERROR] rollback: error rolling back: path=auth/example/ error="plugin exited before we could connect"

[jefferai]

Duplicate of https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/vault-tool/twO5nK-40nc/skGKvvsHDAAJ

[MadOtis]

Apologies... I didn't realize creating a bug and posting in groups was essentially the same. My bad.

[john-osullivan]

That thread died, though. Is Google Groups the best place to follow up on resolving this issue?