Mailing List Archives
Authenticated access
|
|
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] condor_ssh_to_job and ephemeral LVM filesystems with SELinux
- Date: Tue, 07 Oct 2025 14:20:33 +0200
- From: Alexandr Mikula <mikula@xxxxxx>
- Subject: Re: [HTCondor-users] condor_ssh_to_job and ephemeral LVM filesystems with SELinux
On Thu, 2025-10-02 at 09:40 +0200, Alexandr Mikula wrote:
> Hi fellow birdkeepers,
> I am having the problem using condor_ssh_to_jobs (including the
> interactive jobs), due to the combination of the per job LVM and
> enforcing SELinux on EP.
>
> On EP without LVM and with SELinux it works OK.
>
> The condor is unable to create the ssh keypair with this in the audit
> log:
>
> type=AVC msg=audit(1759390053.112:250528): avc: denied { write }
> for
> pid=1383020 comm="ssh-keygen"
> path="/scratch/condor/dir_1364028/.condor_ssh_to_job_2/keygen.log"
> dev="dm-13" ino=27 scontext=system_u:system_r:ssh_keygen_t:s0
> tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
>
> condor_ssh_to_job output:
> #condor_ssh_to_job 31194944
> slot1_2@minis01: condor_ssh_to_job_sshd_setup failed: Failed to
> create
> ssh key /scratch/condor/dir_1364028/.condor_ssh_to_job_2/sshkey with
> command "/usr/bin/ssh-keygen" "-N" "" "-C" "" "-q" "-f"
> "/scratch/condor/dir_1364028/.condor_ssh_to_job_2/sshkey" "-t" "rsa"
>
>
> Any ideas how to fix it?
> Cheers
> AM
Any ideas from HTC developers?
--
Alexandr Mikula
OddÄlenà sÃÅovÃnà a vÃpoÄetnà techniky & VÃpoÄetnà stÅedisko
FyzikÃlnà Ãstav Akademie vÄd Äeskà republiky, v. v. i.
Institute of Physics of the Czech Academy of Sciences
Attachment:
smime.p7s
Description: S/MIME cryptographic signature