Mailing List Archives
Public Access
|
|
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] can't have ADMIN acces
- Date: Mon, 7 Apr 2008 13:24:31 -0400
- From: "Frédéric Bastien" <nouiz@xxxxxxxxx>
- Subject: Re: [Condor-users] can't have ADMIN acces
Hi,
thanks that helped me to get more debut information. The problem is
that I can't trust all user of one machine. So I set
"HOSTDENY_ADMINISTRATOR = *" in my config file. So my config look
like:
#HOSTALLOW_ADMINISTRATOR = $(CONDOR_HOST)
HOSTDENY_ADMINISTRATOR = *
ALLOW_ADMINISTRATOR = *
What I need to to allow only one person and not a whole ip. Is this
possible? I was under the impression that it was.
What I would like minimally is at least to allow one user on the local
machine(me). Ideal, I would like to trust me from all computer on our
network or from the central manager so that I can use the admin
command globally. I thought that
ALLOW_ADMINISTRATOR = test-user@xxxxxxxxxxxxxxxx/*.iro.umontreal.ca
would do that, but it failed. So i tryed ALLOW_ADMINISTRATOR = *,
which also failed.
Any idea how this can be done?
thanks
Frederic Bastien
On Mon, Apr 7, 2008 at 12:48 PM, Dan Bradley <dan@xxxxxxxxxxxx> wrote:
>
> Add D_SECURITY to your configuration setting for ALL_DEBUG and restart
> condor. Then try the same administrative command. There should be
> information in the log file about how condor is building up the
> authorization table. If it doesn't make sense to you, please send this
> information to condor-admin@xxxxxxxxxxxx
>
> --Dan
>
>
>
> Frédéric Bastien wrote:
>
> >Hi,
> >
> >I have a strange error with authentification. In my config file, I set
> >
> >ALLOW_ADMINISTRATOR = *
> >
> >But when I execute condor_restart I get a PERMISSION DENIED in the
> >MasterLog file
> >
> >4/7 11:16:15 ZKM: setting default map to (null)
> >4/7 11:16:21 ZKM: setting default map to test-user@xxxxxxxxxxxxxxxx
> >4/7 11:16:21 DaemonCore: PERMISSION DENIED to
> >test-user@xxxxxxxxxxxxxxxx from host <132.204.26.124:36061> for
> >command 453 (RES
> >TART), access level ADMINISTRATOR
> >4/7 11:16:21 ZKM: setting default map to condor@xxxxxxxxxxxxxxxx
> >
> >The value of ALLOW_ADMINISTRATOR is correctly read as
> >condor_config_val ALLOW_ADMINISTRATOR return:
> >*
> >
> >Do you have any clue what can cause this? I use condor version 7.0.1
> >
> >Also, I don't want to ALLOW_ADMINISTRATOR = *, in the config file. I
> >want to put my username. But they both fail.
> >
> >thanks for your time
> >
> >Frederic Bastien
> >_______________________________________________
> >Condor-users mailing list
> >To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
> >subject: Unsubscribe
> >You can also unsubscribe by visiting
> >https://lists.cs.wisc.edu/mailman/listinfo/condor-users
> >
> >The archives can be found at:
> >https://lists.cs.wisc.edu/archive/condor-users/
> >
> >
> _______________________________________________
> Condor-users mailing list
> To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> https://lists.cs.wisc.edu/mailman/listinfo/condor-users
>
> The archives can be found at:
> https://lists.cs.wisc.edu/archive/condor-users/
>