Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
Hi Todd,
absolutely ! I guess I was hoping you could answer with a small patch to my sniplet ;)
1) This is our config for GSI in /etc/condor/config.d
SEC_DEFAULT_AUTHENTICATION = REQUIRED
SEC_DEFAULT_AUTHENTICATION_METHODS = GSI
SEC_DEFAULT_ENCRYPTION = REQUIRED
SEC_DEFAULT_ENCRYPTION_METHODS = 3DES,BLOWFISH
SEC_DEFAULT_INTEGRITY = REQUIRED
GRIDMAP = /etc/grid-security/grid-mapfile
GSI_DAEMON_CERT = /etc/grid-security/condor/csv2.crt
GSI_DAEMON_KEY = /etc/grid-security/condor/csv2.key
GSI_DAEMON_TRUSTED_CA_DIR = /etc/grid-security/certificates/
GSI_DAEMON_NAME = /C=CA/O=University of Victoria/OU=HepRC/CN=condor/csv2.heprc.uvic.ca ,/C=CA/O=University of Victoria/OU=HepRC/CN=condorwor ker/csv2.heprc.uvic.ca
GSI_DELEGATION_KEYBITS = 1024
GSI_SKIP_HOST_CHECK=true
# TESTING
SEC_CLIENT_AUTHENTICATION_TIMEOUT = 120
GSI_AUTHENTICATION_TIMEOUT = 120
SEC_READ_AUTHENTICATION_TIMEOUT = 120
ATTR_SEC_AUTHENTICATION_METHODS_LIST = GSI
The lines under "TESTING" were added because of some ERRORS we saw in the logfiles. These are probably not (all) needed.
But it seems the last line is needed in our version ?!?
2)
> condor_version
$CondorVersion: 8.6.9 Jan 03 2018 BuildID: 428149 $
$CondorPlatform: x86_64_RedHat7 $
3)
We have installed htcondor through pip "pip install htcondor" with python 3.
Thanks ! Rolf
On 05/25/2018 10:19 AM, Todd Tannenbaum wrote:
On 5/25/2018 11:18 AM, Rolf Seuster wrote:
Hello all,
Hi Rolf,
It will make it much easier for someone to help you if you provide everything needed to enable someone else to reproduce your problem below.ÂÂÂ You provided your Python example code already, which is great, but could you please also provide :
 1) the relevant security settings you added to your condor_config for your GSI setup,
 2) output from condor_version so we know the operating system/distro and HTCondor version, and
 3) info about how you installed the HTCondor python bindings (via the RPM? DEB? PyPI via "pip install htcondor"?)
Thanks!
Todd
we have recently added GSI authentication (via a self signed certificate chain) to our
condor cluster.
E.g. condor_q works fine for us. But this python sniplet fails:
import htcondor
import classad
condor_host = 'XX.YY.ZZ.XY'
coll = htcondor.Collector(condor_host)
condor_s = htcondor.Schedd()
job_list = condor_s.query()
print (job_list)
In the logfiles we see error messages about authentication problems.
What are we missing in the python sniplet ?
Thanks, Rolf
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxx.edu with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxx.edu with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/