[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] My Pool is empty--why?


This seems to have done the trick--I changed the HOSTALLOW_READ and HOSTALLOW_WRITE from * to *.my.org and I'm now getting machines in my pool.

It sure would be nice (hint, hint) if the example condor_config file (in etc/examples/condor_config.generic) had default values for the new security model instead of (or in addition to) the old security model.

Thanks for the help.


Taylor, Andrew wrote:
Hi Dave

Looks like a similar problem to what I had. For some reason * was not working. I set read and write to xxx.xxx.* and it worked. What distro are you using? I had to bin a Ubuntu x64 installation as I just could not get condor_status to show the pool.
Andrew Taylor

-----Original Message-----
From: condor-users-bounces@xxxxxxxxxxx [mailto:condor-users-bounces@xxxxxxxxxxx] On Behalf Of Dave Schneider
Sent: 13 March 2008 21:51
To: Condor-Users Mail List
Subject: [Condor-users] My Pool is empty--why?


I've recently installed Condor 7.0.1  using an existing set of local config files from 6.8.x, and I can't seem to get any machines to show up in my queue. For testing purposes, I started up a central manager (which is also an execute node) and one machine that should just be an execute node. Here's what I'm seeing from the central manager and the execute node (running as the condor user):

~/hosts/george/log$ condor_status


The only log file that has scary things in it is the CollectorLog, where I see this:

3/13 16:41:46 ******************************************************
3/13 16:41:46 ** condor_collector (CONDOR_COLLECTOR) STARTING UP
3/13 16:41:46 ** /home/condor/condor-7.0.1_64/sbin/condor_collector
3/13 16:41:46 ** $CondorVersion: 7.0.1 Feb 26 2008 BuildID: 76180 $
3/13 16:41:46 ** $CondorPlatform: X86_64-LINUX_RHEL3 $
3/13 16:41:46 ** PID = 12958
3/13 16:41:46 ** Log last touched time unavailable (No such file or directory)
3/13 16:41:46 ******************************************************
3/13 16:41:46 Using config source: /home/condor/condor_config
3/13 16:41:46 Using local config sources:
3/13 16:41:46    /home/condor/hosts/vela/condor_config.local
3/13 16:41:46 DaemonCore: Command Socket at <>
3/13 16:41:46 In ViewServer::Init()
3/13 16:41:46 In CollectorDaemon::Init()
3/13 16:41:46 In ViewServer::Config()
3/13 16:41:46 In CollectorDaemon::Config()
3/13 16:41:46 enable: Creating stats hash table
3/13 16:41:50 (Sending 0 ads in response to query)
3/13 16:41:50 Got QUERY_STARTD_PVT_ADS
3/13 16:41:50 (Sending 0 ads in response to query)
3/13 16:41:50 NegotiatorAd  : Inserting ** "< vela.cyc.com >"
3/13 16:41:50 stats: Inserting new hashent for 'Negotiator':'vela.cyc.com':''
3/13 16:41:54 Got QUERY_STARTD_ADS
3/13 16:41:54 (Sending 0 ads in response to query)
3/13 16:41:54 DaemonCore: PERMISSION DENIED to unknown user from host <> for command 1 (UPDATE_SCHEDD_AD), access level ADVERTISE_SCHEDD 3/13 16:41:55 DaemonCore: PERMISSION DENIED to unknown user from host <> for command 2 (UPDATE_MASTER_AD), access level ADVERTISE_MASTER
3/13 16:41:57 Got QUERY_STARTD_ADS
3/13 16:41:57 (Sending 0 ads in response to query)
3/13 16:41:59 Got QUERY_STARTD_ADS
3/13 16:41:59 (Sending 0 ads in response to query)
3/13 16:42:02 Got QUERY_STARTD_ADS
3/13 16:42:02 (Sending 0 ads in response to query)
3/13 16:42:03 DaemonCore: PERMISSION DENIED to unknown user from host <> for command 0 (UPDATE_STARTD_AD), access level ADVERTISE_STARTD 3/13 16:42:04 DaemonCore: PERMISSION DENIED to unknown user from host <> for command 0 (UPDATE_STARTD_AD), access level ADVERTISE_STARTD is the central manager. Later on there are similar access denied message from the execute node.

I tried putting these settings in the master condor_config file (btw, even though these are mentioned in the manual for security stuff, they're not in the example config files, only the hostallow* setting are in there).

ALLOW_READ            = */*
ALLOW_WRITE           = */*
ALLOW_ADMINISTRATOR   = condor@xxxxxxx/*
ALLOW_CONFIG          = condor@xxxxxxx/*
ALLOW_NEGOTIATOR      = condor@xxxxxxx/*
ALLOW_DAEMON          = condor@xxxxxxx/*

Previously, I also tried to use these security settings, but they resulted in the same problem:


Anyone have any ideas? I checked DNS (as mentioned in a post to condor-users from some time ago), and it appears that the manager is findable via both name and number.

Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting

The archives can be found at: https://lists.cs.wisc.edu/archive/condor-users/
fn:Dave Schneider
org:Cycorp, Inc.
adr:Suite 250;;7718 Wood Hollow Drive;Austin;TX;78731;USA