Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] condor_ssh_to_job

Date: Thu, 22 Aug 2013 13:38:23 -0400
From: Rich Pieri <ratinox@xxxxxxx>
Subject: Re: [HTCondor-users] condor_ssh_to_job

Gabriel Mateescu wrote:
> That would be too drastic. However,
> a more specific error message when
> the job runs as nobody, e.g., "make
> sure user nobody has a valid shell"
> could help.

The nobody account must not have a login shell. This is fundamental UNIX
(and especially NFS) security. Any test for a login shell for the nobody
account is unnecessary; such tests must never return true results.
Dimitri's suggestion to die if job's EUID == nobody is correct.

-- 
Rich Pieri <ratinox@xxxxxxx>
MIT Laboratory for Nuclear Science

Follow-Ups:
- Re: [HTCondor-users] condor_ssh_to_job
  - From: Gabriel Mateescu

References:
- [HTCondor-users] condor_ssh_to_job
  - From: Shrum, Donald C
- Re: [HTCondor-users] condor_ssh_to_job
  - From: Todd Tannenbaum
- Re: [HTCondor-users] condor_ssh_to_job
  - From: Dimitri Maziuk
- Re: [HTCondor-users] condor_ssh_to_job
  - From: Rich Pieri
- Re: [HTCondor-users] condor_ssh_to_job
  - From: Dimitri Maziuk
- Re: [HTCondor-users] condor_ssh_to_job
  - From: Gabriel Mateescu

Prev by Date: Re: [HTCondor-users] condor_ssh_to_job
Next by Date: Re: [HTCondor-users] condor_ssh_to_job
Previous by thread: Re: [HTCondor-users] condor_ssh_to_job
Next by thread: Re: [HTCondor-users] condor_ssh_to_job
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [HTCondor-users] condor_ssh_to_job