Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[HTCondor-users] bug in how condor_submit checks initialdir permissions?

Date: Tue, 05 Mar 2013 10:29:31 -0500
From: Jason Ferrara <jason.ferrara@xxxxxxxxxxxxx>
Subject: [HTCondor-users] bug in how condor_submit checks initialdir permissions?

We've been having issues where a user would submit a job, andcondor_submit would respond with


ERROR: No such directory: <path to initialdir>

even though the directory pointed to by initialdir does exist and theuser has full read/write/execute permission for it.

To check for access to initialdir, condor_submit calls check_iwd, whichcalls access_euid, which calls access_euid_dir. access_euid_dir checksif the effrective uid or gid has access by manually checking permissionbits, but it doesn't check secondary groups or ACLs, so the access checkcan fail even if the user really does have access. Also, check_iwdalways prints "No such directory", even if the failure is caused by lackof write permission to the directory.

Replacing all calls to access_euid with the system provided euidaccessseems to fix the problem. Is this the right thing to do?


Thanks

 - Jason

Follow-Ups:
- Re: [HTCondor-users] bug in how condor_submit checks initialdir permissions?
  - From: Jaime Frey

Prev by Date: [HTCondor-users] Running distributed MPI jobs and ssh settings
Next by Date: Re: [HTCondor-users] Condor & Bosco submissions
Previous by thread: Re: [HTCondor-users] Running distributed MPI jobs and ssh settings
Next by thread: Re: [HTCondor-users] bug in how condor_submit checks initialdir permissions?
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

[HTCondor-users] bug in how condor_submit checks initialdir permissions?