Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
|
Hey all, I seem to be missing something. I want to give access to the queue commands (such as condor_rm) to some trusted users. I am using FS authentication, I have them listed as admins, and also in the QUEUE_SUPER_USER, but they are still unable to run condor_rm. Here is what
my config looks like, I can’t find much as far as what else may be needed. Any help would be appreciated: SEC_ADMINISTRATOR_AUTHENTICATION = REQUIRED SEC_ADMINISTRATOR_AUTHENTICATION_METHODS = FS SEC_ADMINISTRATOR_INTEGRITY = REQUIRED ALLOW_ADMINISTRATOR = condor@*, root@*, trusteduser@* QUEUE_SUPER_USERS = $(QUEUE_SUPER_USERS), trusteduser@* In SchedLog I see this: 11/02/22 13:36:55 (pid:3542) OwnerCheck(trusteduser) failed in SetAttribute for job 103040.0 11/02/22 13:36:55 (pid:3542) (cid:1681031) actOnJobs: didn't do any work, aborting 11/02/22 13:36:56 (pid:3542) OwnerCheck(trusteduser) failed in SetAttribute for job 103040.0 11/02/22 13:36:56 (pid:3542) (cid:1681033) actOnJobs: didn't do any work, aborting 11/02/22 13:37:14 (pid:3542) OwnerCheck(trusteduser) failed in SetAttribute for job 103040.0 11/02/22 13:37:14 (pid:3542) (cid:1681036) actOnJobs: didn't do any work, aborting If I set QUEUE_ALL_USERS_TRUSTED = true it works, but I’m not sure what that macro does and how much it opens up other security issues and I can’t find reference to it in the docs. Thanks, ------------------------------------- Gianni Pezzarossi Computational System Analyst Research Services Engineering IT Shared Services University of Illinois @ Urbana-Champaign |