[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Commands '10' & '49' + LDAP server

On 5/6/07, Ralf Auer <Ralf.Auer@xxxxxxxxxxxxxxxxxxxxxx> wrote:
Hello Condor users,

        I have set up a condor pool consisting of 30 Clients (running on Ubuntu
Linux) plus one Xen-server. Everything is working quite smoothly, but
something bothers me though.

When looking into the 'CollectorLog' of my server, I get lots of
"Permission denied" messages for commands 10 and 49 (only these two
commands). On the other hand, sometimes these commands seem to work
properly as you can see from this Log entry:

5/6 21:39:11 DaemonCore: PERMISSION DENIED to unknown user from host
<xxx.xxx.xxx.xxx:9168> for command 10 (QUERY_STARTD_PVT_ADS)
5/6 21:39:11 DaemonCore: PERMISSION DENIED to unknown user from host
<xxx.xxx.xxx.xxx:9482> for command 49 (UPDATE_NEGOTIATOR_AD)
5/6 21:39:57 (Sending 119 ads in response to query)
5/6 21:39:58 Got QUERY_STARTD_PVT_ADS
5/6 21:39:58 (Sending 58 ads in response to query)
5/6 21:40:06 Accumulating data: Time=1178480406
5/6 21:41:06 Accumulating data: Time=1178480466
5/6 21:41:07 NegotiatorAd  : Inserting ** "< servername_goes_here >"

I can find these errors for all of my Clients. I have set the
HOST_ALLOW_READ & HOST_ALLOW_WRITE in the global config-file correctly
(also tried *) so I am quite sure, that is not causing the trouble. (By
the way, all of my clients can successfully submit or call any other
condor command, including condor_status & condor_q).


2. These two error messages are from commands the negotiator sends to
the collector. These commands are at the NEGOTIATOR level, which is
different from the READ and the WRITE level. Make sure you have set
HOSTALLOW_NEGOTIATOR to something, probably:

Are you doing anything different about trying to run a negotiator on a
different machine from the collector? Is DNS setup properly?

I have set up a 'condor' user during installation, Condor is running as
'root' and all the authentication on my network is handled by my LDAP
server. Could LDAP be the problem?


As I said, in principle everything is running fine, but nevertheless I
would like to get rid of these error messages...

Well, if everything is working fine (ie you're matching jobs and
machines) my guess is that you've got a second negotiator running on a
machine in your pool.