Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
There is no name indicated. So I'd expect the FQDN to work, yet
replacing
`schedd` with `credd` in this message does not shed any more light
Can't find address for schedd crab-sched-901.cern.ch
Stefano
[1]
[root@crab-sched-901 condor]# cat
/etc/condor/config.d/83_cms_schedd_credmon.config
SEC_DEFAULT_AUTHENTICATION_METHODS = SCITOKENS
$(SEC_DEFAULT_AUTHENTICATION_METHODS)
DAEMON_LIST = $(DAEMON_LIST) CREDD CREDMON_OAUTH
# arguments to htgettoken
SEC_CREDENTIAL_GETTOKEN_OPTS = -a dwdvault.cern.ch
# secure communication between CREDD and SCHEDD
# Farrukh: I think this might be wrong, we should instead be
# creating the secure channel with SHADOW? cross check later
CREDD.SEC_DEFAULT_ENCRYPTION = REQUIRED
SCHEDD.SEC_DEFAULT_ENCRYPTION = REQUIRED
# credential directory
SEC_CREDENTIAL_DIRECTORY_OAUTH = /var/lib/condor/oauth_credentials
TRUST_CREDENTIAL_DIRECTORY = True
# point to credmon vault as credmon oauth plugin
SEC_CREDENTIAL_STORER = /usr/bin/condor_vault_storer
SEC_CREDENTIAL_MONITOR_OAUTH_LOG = $(LOG)/CredMonOAuthLog
# token tweaks, leaving as is for now. Can be tweaked later
CREDMON_OAUTH_TOKEN_MINIMUM=2700
CREDMON_OAUTH_TOKEN_REFRESH=900
SEC_CREDENTIAL_SWEEP_DELAY=604800
## dwdvault
SEC_CREDENTIAL_VAULT_STORER_OPTS = -v
SEC_CREDENTIAL_STORER = $(SEC_CREDENTIAL_STORER) -v
[root@crab-sched-901 condor]#