Mailing List Archives

Public Access

 		[Computer Systems Lab]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] token_key with remote accesspoint

cweatherby@accesspoint:~$ _CONDOR_DEBUG=D_FULLDEBUG condor_status

Name                          OpSys      Arch   State     Activity LoadAv Mem   ActvtyTime

 

slot1@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990  2+20:21:34

slot2@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990  7+01:40:41

slot3@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990 17+23:11:27

slot4@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990 17+23:11:27

 

               Total Owner Claimed Unclaimed Matched Preempting Backfill  Drain

 

  X86_64/LINUX     4     0       0         4       0          0        0      0

 

         Total     4     0       0         4       0          0        0      0
----

_CONDOR_DEBUG=D_FULLDEBUG condor_status

Error: communication error

AUTHENTICATE:1003:Failed to authenticate with any method

AUTHENTICATE:1004:Failed to authenticate using FS

AUTHENTICATE:1004:Failed to authenticate using IDTOKENS

---

Now here’s the bizzaro thing. If I replace the time limited token with an unrestricted one:

cweatherby@test-condor1:~/.condor/tokens.d$ _CONDOR_DEBUG=D_FULLDEBUG condor_status

Name                          OpSys      Arch   State     Activity LoadAv Mem   ActvtyTime

 

slot1@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990  2+20:21:34

slot2@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990  7+01:40:41

slot3@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990 17+23:11:27

slot4@xxxxxxxxxxxxxxxxxxxxxxx LINUX      X86_64 Unclaimed Idle      0.000 1990 17+23:11:27

 

               Total Owner Claimed Unclaimed Matched Preempting Backfill  Drain

 

  X86_64/LINUX     4     0       0         4       0          0        0      0

 

         Total     4     0       0         4       0          0        0      0

condor_token_list

Header: {"alg":"HS256","kid":"POOL"} Payload: {"iat":1689713938,"iss":"condorcentralmanager.nmrbox.org","jti":"0591c31e6d3747cc778ef2ca2c5658cf","sub":cweatherby@xxxxxxxxxx} File: /home/nmrbox/cweatherby/.condor/tokens.d/t

 

From: Todd L Miller <tlmiller@xxxxxxxxxxx>
Date: Friday, July 21, 2023 at 2:26 PM
To: Weatherby,Gerard <gweatherby@xxxxxxxx>
Cc: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx>
Subject: Re: [HTCondor-users] token_key with remote accesspoint

*** Attention: This is an external email. Use caution responding, opening attachments or clicking on links. ***

        Well, I'm baffled.  Maybe check the file permissions?

        Since the tokens appear identical, try accessing the collector
from the submit node and make sure it's working there?  Running

_CONDOR_DEBUG=D_FULLDEBUG condor_status

should verify that the submit node can find the token in question.

- ToddM