Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] can't have ADMIN acces

Date: Mon, 07 Apr 2008 13:21:26 -0500
From: Dan Bradley <dan@xxxxxxxxxxxx>
Subject: Re: [Condor-users] can't have ADMIN acces



Frédéric Bastien wrote:

Hi,

Sorry to reply to myself, but I just understand that I should not mix
the new(user based) and the old(ip based) security setting for a
feature. So if I comment HOSTDENY_ADMINISTRATOR = *, my setup work.

You can mix the old and the new, but you must realize how they worktogether. If you deny access to *, that means nobody (including evenpeople who you explicitly authorize) can issue administrative commands.In other words, any DENY (or HOSTDENY) setting overrides ALLOW (orHOSTALLOW) settings.

I have one other question. Both condor_restart and condor_reconfig
need admin access.

Actually, from the code, I see that condor_reconfig only requires WRITEaccess. I do not know why, maybe for backwards compatibility at somepoint in the past. (The -full option to condor_reconfig, on the otherhand, requires administrative access.)


--Dan

Follow-Ups:
- Re: [Condor-users] can't have ADMIN acces
  - From: Frédéric Bastien

References:
- [Condor-users] can't have ADMIN acces
  - From: Frédéric Bastien
- Re: [Condor-users] can't have ADMIN acces
  - From: Dan Bradley
- Re: [Condor-users] can't have ADMIN acces
  - From: Frédéric Bastien
- Re: [Condor-users] can't have ADMIN acces
  - From: Frédéric Bastien

Prev by Date: Re: [Condor-users] CONDOR_IDS
Next by Date: Re: [Condor-users] 7.0.1 still doesn't fullydetecthyperthreadingWintel nodes?
Previous by thread: Re: [Condor-users] can't have ADMIN acces
Next by thread: Re: [Condor-users] can't have ADMIN acces
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [Condor-users] can't have ADMIN acces