[HTCondor-users] Question about flocking

[Ian Cottam <Ian.Cottam@xxxxxxxxxxxxxxxx>]

On our Pool we have a single submit node. There we have proxy scripts for,
e.g., condor_submit that do extra checks.
In one case -- the absence of a request_memory line -- we don't run the
job.

Recently, I have been testing Personal Condor and flocking to our main
Pool.
I fully appreciate that the above proxy scripts will never be invoked
(obviously). However, we have a job hook on our compute nodes that checks
for a classad, call it, HAS_APP, and then looks up in an active directory
if the user has permission to run APP. This simple check works fine when I
submit from our main Pool's submitter, but seems to be being ignored if I
flock to the Pool. That is, any user can run APP.

Is this behaviour to be expected and if so why?
Thanks
-Ian

-- 
Ian Cottam  | IT Relationship Manager | IT Services  | C38 Sackville
Street Building  |  The University of Manchester  |  M13 9PL  |