Mailing List Archives

Authenticated access

 		[Computer Systems Lab]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] No other user than root can locate the Collector or the Negotiator through the Python bindings

GaÃtan-

Are the configuration files under /etc/condor/condor_config and /etc/condor/config.d readable by non-root users? I'm not sure what error messages you'd get, but your behavior is what I'd expect if theyÂwere not readable. Generally, you want them to be readable because tools like condor_submit rely upon them, too.

Tom

On Fri, Mar 24, 2023 at 12:04âPM Gaetan Geffroy <gage@xxxxxxxxx> wrote:

Hi,

Â

I have a Python program which does three HTCondor operations: query the Collector (to get the list of worker nodes and their status), query the negotiator (to update some priorities) and submit jobs.

The program can query the two daemons just fine when launched using the root user, but of course the job submissions het rejected.

When ran with another user (eg submituser), I get an âhtcondor.HTCondorLocateError: Unable to locate local daemonâ from the negotiator and âhtcondor.HTCondorIOError: Failed communication with collector.â From the collector.

Â

I tried to change the security config file on the central manager, like ALLOW_ADMINSTRATOR = *, ALLOW_NEGOTIATOR=*, ALLOW_DAEMON=*, SEC_DEFAULT_AUTHENTICATION_METHODS=FS, CLAIMTOBE, SEC_NEGOTIATOR_AUTHENTICATION_METHODS=FS, CLAIMTOBE and SEC_DAEMON_AUTHENTICATION_METHDODS= FS, CLAIMTOBE, but nothing works.

Â

I also donât see in any other config file any mention Âof the root user, so I donât understand why he is authorized and not the others.

Â

What other knobs am I missing that might resolve the issues ?

Â

Thanks,

Â

GaÃtan

Â

Â

PS: I know the beforementioned settings are bad security wise, they are not meant to be permanent or deployed anywhere other than my little test pool, I just want to find the correct macro to configure.

Â


Gaetan Geffroy
Junior Software Engineer,ÂSpace

Terma GmbH
Europaarkaden II, BratustraÃe 7, 64293 Darmstadt, Germany
TÂ+49 6151 86005 43Â(direct)ÂÂâÂÂTÂ+49 6151 86005-0
Terma GmbHÂ-ÂSitz DarmstadtÂÂâÂÂHandelsregisterÂNr.:ÂHRBÂ7411,ÂDarmstadt
GeschÃftsfÃhrer:ÂPoul VighÂ/ÂSteen Vejby SÃrensen
www.terma.comÂâÂLinkedin â Twitter â Instagram â Youtube

Attention:
This e-mail (and attachment(s), if any) - intended for the addressee(s) only - may contain confidential, copyright, or legally privileged information or material, and no one else is authorized to read, print, store, copy, forward, or otherwise use or disclose any part of its contents or attachment(s) in any form. If you have received this e-mail in error, please notify me by telephone or return e-mail, and delete this e-mail and attachment(s). Thank you.

_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/