Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
Could the user just re-run condor_store_cred and replace the password you removed?On 3/5/2015 12:51 PM, Aaron Barraclough wrote:
Hello,
I was wondering if there was a way to use the condor_store_cred delete
-u user@xxxxxxxxxxx without having to input a
password in case I wanted to revoke the user's access?
Thanks,
Aaron
If you want to deny user@company the ability to submit/remove/edit jobs, you could append to the condor_config file of your submit machine(s) something like
 Â# Don't let user tannenba edit the job queue because
 Â# he has been very naughty. Added by Aaron 2/15/2015.
 ÂDENY_WRITE = $(DENY_WRITE) tannenba@*
Then of course do a condor_reconfig. This assumes your pool is secure in the sense that your central manager authenticates machines that want to join your pool, thus preventing naughty user tannenba from starting up his own condor_schedd daemon instance without the DENY_WRITE config above and joining your pool....
regards,
Todd
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@cs.wisc.edu with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/