Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] GSI Auth question

Date: Wed, 22 Mar 2006 08:16:19 -0600 (CST)
From: Steven Timm <timm@xxxxxxxx>
Subject: Re: [Condor-users] GSI Auth question

What does hostname.submit look like..and what kind of universe is
this job, grid/gt2, grid/gt4, or other?

Steve


On Tue, 21 Mar 2006, Adam Lathers wrote:

Hi all,

	I'm learning a bit about GSI authentication to use with our condor
pools.  We have a couple of compute resources I need to work with in
different authentication realms, UID domains, and Filesystem domains.

	At present, I'm trying to submit a job to a pool directly, using my
Grid proxy cert, generated with grid-proxy-init.  I made certain that
the user can submit a job directly to globus, everything worked
fine.  I even did a globus-job-run of "whoami" to make sure that the
username mapping was working ok.  my test user account maps to my
real user account just fine.  However, when I try to submit a job to
condor, I get this:

condor_submit -name remotehost -pool remotehost hostname.submit
Submitting job(s)
ERROR: Failed to set Owner="globus_usermap_test" for job 3683.0 (13)

ERROR: Failed to queue job.


On the remotehost I see this:

==> /opt/condor/local.divot/log/SchedLog <==
3/21 17:38:13 (pid:29045) SetAttribute security violation: setting
owner to "globus_usermap_test" when active owner is "alathers"

	NOTE:  If I run the job from an account of the same name (username:
alathers on both local and remote host, with GSI cert mapped to
alathers also), it works fine.


I did some searching on the archives, and the closest thing I found
was an unanswered post regarding kerberos, found here:
https://lists.cs.wisc.edu/archive/condor-users/pre-2004-June/
msg01373.shtml

	If anyone has any insight, I'd really appreciate it.  I'm not sure
if it's just a matter of how condor does user mapping, and I can't
really use GSI as I'd like, or if it's a configuration issue I'm
overlooking?
I've re-read this section of the docs also, to cover my RTFM bases,
but may well have missed something.
http://www.cs.wisc.edu/condor/manual/v6.7/3_7Security.html

	Thanx again, in advance everyone.  Much appreciated.


_______________________________________________________
Adam Lathers
NCMIR: National Center for Microscopy and Imaging Research
Distributed Systems Engineer
phone: (858) 534-7968
web:   http://ncmir.ucsd.edu


_______________________________________________
Condor-users mailing list
Condor-users@xxxxxxxxxxx
https://lists.cs.wisc.edu/mailman/listinfo/condor-users


--
------------------------------------------------------------------
Steven C. Timm, Ph.D  (630) 840-8525  timm@xxxxxxxx  http://home.fnal.gov/~timm/
Fermilab Computing Div/Core Support Services Dept./Scientific Computing Section
Assistant Group Leader, Farms and Clustered Systems Group
Lead of Computing Farms Team

Follow-Ups:
- Re: [Condor-users] GSI Auth question
  - From: Adam Lathers

References:
- [Condor-users] GSI Auth question
  - From: Adam Lathers

Prev by Date: Re: [Condor-users] condor & scientific linux
Next by Date: Re: [Condor-users] Limit on flocked machines usage?
Previous by thread: [Condor-users] GSI Auth question
Next by thread: Re: [Condor-users] GSI Auth question
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [Condor-users] GSI Auth question