We have a no login, no home directory service account for some automated processing. I’m trying to use SEC_TOKEN_DIRECTORY to specify the token file location: ORIGIN=$(dirname $(readlink -f $0)) sudo -H -u serviceaccount _D_TOOL_DEBUG=D_ALL SEC_TOKEN_DIRECTORY=/tmp/token condor_submit -debug $ORIGIN/jobls sudo -H -u serviceaccount condor_token_list -dir /tmp/token It’s failing with the following output: 08/24/23 09:43:38 Can't open directory "/etc/condor/passwords.d" as PRIV_ROOT, errno: 13 (Permission denied) 08/24/23 09:43:38 SECMAN: required authentication with collector at <155.37.253.160:9618> failed, so aborting command QUERY_SCHEDD_ADS. 08/24/23 09:43:38 ERROR: AUTHENTICATE:1003:Failed to authenticate with any method|AUTHENTICATE:1004:Failed to authenticate using FS|AUTHENTICATE:1004:Failed to authenticate using IDTOKENS ERROR: Can't find address of local schedd Header: {"alg":"HS256","kid":"token_key"} Payload: {"iat":1692881884,"iss":"condorcentralmanager.nmrbox.org","jti":"b1268f259aa3b703ca09eaf70b7869ac","sub":serviceaccount@xxxxxxxxxx} File:
/tmp/token/bmrbindefinite (I’ve edited the name of the service account because I don’t want it on a public mailing list) |