HTCondor Project List Archives

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-devel] information regarding ticket 1264

Date: Tue, 06 Jul 2010 08:43:56 -0500
From: "Timothy St. Clair" <tstclair@xxxxxxxxxx>
Subject: Re: [Condor-devel] information regarding ticket 1264

Alexandre - 

	If you have the logs from both the credd and master during this
scenario it will likely be useful.  Please set D_ALL = D_FULLDEBUG prior
to sending the logs.

In the mean time, you can follow the instructions listed here:
https://condor-wiki.cs.wisc.edu/index.cgi/wiki?p=GitTracAccounts about
signing up for an account, which will allow you to contribute to open
tickets. 

Cheers,
Tim

On Mon, 2010-07-05 at 16:51 +0200, Alexandre Fayolle wrote:
> Hello,
> 
> I'm not sure how I can create an account to contribute information on the 
> tracker. Does submitting bug reports require signing a CLA? 
> 
> Concerning ticket 1264 (https://condor-
> wiki.cs.wisc.edu/index.cgi/tktview?tn=1264,56) "windows daemon refuse to 
> shutdown", I have a very similar issue on 2 computers running win2k3 + condor 
> 7.4.1. 
> 
> One of the computer is acting as Central Manager and runs Credd (using 
> instructions from the condor_config.credd sample file and the documentation). On 
> that computer, stopping the Condor service with net stop condor or the 
> services.msc tool will hang. While the service stopping is hanging, there are 
> two condor executables running: condor_credd.exe and condor_master.exe. 
> Killing condor_credd (through the Task Manager) will allow condor_master to 
> terminate correctly. 
> 
> The other computer is used to run jobs. It does not run condor_credd. On that 
> machine, stopping the service works correctly. 
> 
> Here's the condor_config.local file used on the Central Manager:
> 
> 
> --------------------------8<----------------------------------
> UID_DOMAIN = MELINDA.local
> 
> ## ALLOW_ADMINISTRATOR = *
> ## ALLOW_WRITE = *
> ALLOW_READ = *
> ALLOW_WRITE = */XS205803.MELINDA.local, */XS205804.MELINDA.local
> ALLOW_ADMINISTRATOR = */XS205803.MELINDA.local, */XS205804.MELINDA.local
> ALLOW_CONFIG = */XS205803.MELINDA.local, */XS205804.MELINDA.local
> 
> #ALL_DEBUG = D_ALL
> ADD_WINDOWS_FIREWALL_EXCEPTION = False
> WINDOWS_FIREWALL_FAILURE_RETRY = 1
> 
> # CREDD settings from c:\condor\etc\confor_config.local.credd
> CREDD_HOST = XS205803.MELINDA.local
> STARTER_ALLOW_RUNAS_OWNER = True
> CREDD_CACHE_LOCALLY = True
> 
> # Make environment variables accessible
> JOB_INHERITS_STARTER_ENVIRONMENT = true
> 
> ######################################################################
> ##
> ##  condor_config.credd
> ##
> ##  This is the default local configuration file for the machine
> ##  running the condor_credd.  You should copy this file to the
> ##  appropriate location and customize it for your needs.  
> ##
> ######################################################################
> 
> ## Note: The following settings will need to be present in your
> ## global config file:
> ##
> ##   CREDD_HOST = my-credd.cs.wisc.edu
> ##   STARTER_ALLOW_RUNAS_OWNER = True
> ##   CREDD_CACHE_LOCALLY = True
> ##
> ## You'll also need to ensure that clients are configured to use
> ## PASSWORD authentication on any machine that can run jobs as the
> ## submitting user. For example,
> ##
> ##   SEC_CLIENT_AUTHENTICATION_METHODS = NTSSPI, PASSWORD
> ##
> ## And finally, you'll need to enable CONFIG-level access for all
> ## machines in the pool so that the pool password can be stored:
> ##
> ##   ALLOW_CONFIG = Administrator@*
> ##   SEC_CONFIG_NEGOTIATION = REQUIRED
> ##   SEC_CONFIG_AUTHENTICATION = REQUIRED
> ##   SEC_CONFIG_ENCRYPTION = REQUIRED
> ##   SEC_CONFIG_INTEGRITY = REQUIRED
> ##
> ## See the "Executing Jobs as the Submitting User" section of the
> ## Condor manual for further details.
> 
> ## CREDD_SETTINGS
> 
> ## CREDD logging settings
> ## Customize these if you wish.
> CREDD_LOG = $(LOG)/CreddLog
> CREDD_DEBUG = D_COMMAND
> MAX_CREDD_LOG = 50000000
> 
> #################################################
> ## CREDD Expert settings
> ## Everyting below is for the UBER-KNOWLEDGEABLE only!
> ## Do not change these unless you know what you do!
> #################################################
> 
> 
> DAEMON_LIST = $(DAEMON_LIST), CREDD
> #DC_DAEMON_LIST = \
> #MASTER, STARTD, SCHEDD, KBDD, COLLECTOR, NEGOTIATOR, EVENTD, \
> #VIEW_SERVER, CONDOR_VIEW, VIEW_COLLECTOR, HAWKEYE, CREDD, HAD, \
> #QUILL
> 
> CREDD    = $(SBIN)/condor_credd.exe
> 
> # Timeout session quickly since we normally only get contacted
> # once per starter
> SEC_CREDD_SESSION_TIMEOUT = 10
> 
> 
> # Set security settings so that full security to the credd is required
> CREDD.SEC_DEFAULT_AUTHENTICATION =REQUIRED
> CREDD.SEC_DEFAULT_ENCRYPTION = REQUIRED
> CREDD.SEC_DEFAULT_INTEGRITY = REQUIRED
> CREDD.SEC_DEFAULT_NEGOTIATION = REQUIRED 
> 
> # Require PASSWORD auth for password fetching
> CREDD.SEC_DAEMON_AUTHENTICATION_METHODS = PASSWORD
> 
> # Only honor password fetch requests to the trusted "condor_pool" user
> CREDD.ALLOW_DAEMON = condor_pool@$(UID_DOMAIN)
> 
> # Require NTSSPI for storing credentials
> CREDD.SEC_DEFAULT_AUTHENTICATION_METHODS = NTSSPI
> 
> --------------------------8<----------------------------------
> 
> Thanks for developping Condor. 
>

Follow-Ups:
- Re: [Condor-devel] information regarding ticket 1264
  - From: Alexandre Fayolle

References:
- [Condor-devel] information regarding ticket 1264
  - From: Alexandre Fayolle

Prev by Date: Re: [Condor-devel] LocalCredd match is case sensitive
Next by Date: Re: [Condor-devel] information regarding ticket 1264
Previous by thread: [Condor-devel] information regarding ticket 1264
Next by thread: Re: [Condor-devel] information regarding ticket 1264
Index(es):
- Date
- Thread