Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
|
I can actually submit to the schedd I am attempting to query. I can work around this issue by setting CONDOR_Q_ONLY_MY_JOBS = false (which makes sense). I inherited the AUTHENTICATION settings and they have
not been changed in quite some time. It looks like now would be a good time to take a look. Thanks for the help. From: HTCondor-users [mailto:htcondor-users-bounces@xxxxxxxxxxx]
On Behalf Of John M Knoeller This is because when you don’t specify a username, by default condor_q will ask the SCHEDD to send only jobs for the current user, which it determines by using AUTHENTICATION on the connection to the schedd to determine who you are. If you have no authentication methods available for READ access, then the connection will fail.
It’s unusual to have different methods for READ than for WRITE authentication, and WRITE authentication is needed to be able to submit jobs to the schedd. Are you trying to query a schedd that you don’t have the ability to submit to? -tj From: HTCondor-users [mailto:htcondor-users-bounces@xxxxxxxxxxx]
On Behalf Of Deck, William I know that 8.5.8 is a development release but I was messing around with our condor build system and I noticed some unexpected (to me) behavior. When calling condor_q there is a failure: Thu Jan 12 12:03 PM> condor_q -- Failed to fetch ads from: <schedd:9618?addrs= schedd -9618&noUDP&sock=26458_90d7_3> : schedd When I call `condor_q deck` I get a successful result: Thu Jan 12 12:22 PM> condor_q deck -- Schedd: btsottstbal872.ds.susq.com : <10.12.252.94:9618?... @ 01/12/17 12:22:21 OWNER BATCH_NAME SUBMITTED DONE RUN IDLE HOLD TOTAL JOB_IDS 0 jobs; 0 completed, 0 removed, 0 idle, 0 running, 0 held, 0 suspended When I turned on SCHED_DEBUG = D_ALL I see: 01/12/17 11:19:00 AUTHENTICATE: setting timeout for (unknown) to 20. 01/12/17 11:19:00 HANDSHAKE: in handshake(my_methods = 'CLAIMTOBE') 01/12/17 11:19:00 HANDSHAKE: handshake() - i am the server 01/12/17 11:19:00 AUTHENTICATE: handshake failed! 01/12/17 11:19:00 Authentication was a FAILURE. 01/12/17 11:19:00 DaemonCore received UNAUTHENTICATED command 519 QUERY_JOB_ADS_WITH_AUTH. 01/12/17 11:19:00 DaemonCore: PERMISSION DENIED for 519 (QUERY_JOB_ADS_WITH_AUTH) via TCP from host <sched:24067> (access level READ) I would expect that `condor_q` would be the same as `condor_q deck`. Is what I am seeing expected behavior, have I misconfigured something, or is this a bug? Things of note: I set SCHEDD_HOST however even from the local schedd I see this issue Confor is configured with CONDOR_Q_DASH_BATCH_IS_DEFAULT = true CONDOR_Q_ONLY_MY_JOBS = true Thanks in advance. -- Will Deck
IMPORTANT: The information contained in this email and/or its attachments is confidential. If you are not the intended recipient, please notify the sender immediately by reply and immediately delete this message and all its attachments. Any review, use, reproduction, disclosure or dissemination of this message or any attachment by an unintended recipient is strictly prohibited. Neither this message nor any attachment is intended as or should be construed as an offer, solicitation or recommendation to buy or sell any security or other financial instrument. Neither the sender, his or her employer nor any of their respective affiliates makes any warranties as to the completeness or accuracy of any of the information contained herein or that this message or any of its attachments is free of viruses. |