Mailing List Archives
Public Access
|
|
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] manager
- Date: Mon, 21 Mar 2005 18:15:43 -0600
- From: Derek Wright <wright@xxxxxxxxxxx>
- Subject: Re: [Condor-users] manager
On Thu, 17 Mar 2005 07:38:43 -0700 Masao Fujinaga wrote:
> I learned during the condor week that one should not allow general
> access to the central manager as this gives (by default) administrator
> powers . Having already made a mistake of making the central manager
> the same as my submit host, will it be sufficient to make the sbin
> directory inaccessible to non-root?
what zach said is all true. i just wanted to add some options on what
you can do about this now that you're in this situation...
1) setup another machine in your pool with restricted login-access to
be your administrative machine. use this host for any
remote-control condor stuff you want to do (condor_off,
condor_reconfig, etc). just change the HOSTALLOW_ADMINSTRATOR
setting in your global config file to list the new machine and NOT
$(CONDOR_HOST), and then, for the last time, run "condor_reconfig
-all" from your existing central manager host. after that,
administrative condor commands will only work from the new host.
2) use something stronger than host-based authentication. for
example, if your site is already using kerberos, you could use
condor's support for kerberos authentication and only allow a
specific *user* on the central manager machine to run condor_off
and friends. check out the section in the manual on security:
http://www.cs.wisc.edu/condor/manual/v6.6.9/3_7Security_In.html
3) move your central manager to a different host than your submit
machine. no major harm in this, assuming you have a host where you
can restrict logins to act as your new central manager...
good luck,
-derek