Re: [Condor-users] submit problem

["Kewley, J (John)" <j.kewley@xxxxxxxx>]

Starting the daemons as root is OK, but root is not allowed
to run jobs.

The IDs should be set to id and group_id of the condor user.
The daemons (typically) are run from root but then drop to condor
user for most of their work (there has been some work in this are
but I think that is still basically the case)

Not allowing root to run jobs is a security restriction.
If this were allowed, then in a pool with certain settings
(shared UID space, appropriate root-squash settings) then:
* Person adds node to pool
* person logs in as root
* person can then run jobs AS ROOT on ANY machine in WHOLE pool

... oops! ...

Hence, jobs cannot be run from root.

Cheers

JK



-----Original Message-----
From: condor-users-bounces@xxxxxxxxxxx on behalf of rosa liarte
Sent: Wed 25/07/2007 17:28
To: condor-users@xxxxxxxxxxx
Subject: [Condor-users] submit problem
 
Hello:
I have managed to launch the daemon "condor_master" .I´m working as root
My problem is that when I try to launch a task it me appears the error:

submitting jobs as user/group 0 (root) is not allowed for security reasons.

In have "condor_config" modified the ids to 0.0

Any idea?

_________________________________________________________________
Moda para esta temporada. Ponte al día de todas las tendencias. 
http://www.msn.es/Mujer/moda/default.asp

_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at: 
https://lists.cs.wisc.edu/archive/condor-users/