Mailing List ArchivesPublic Access |
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesPublic Access |
|
Ian Chesal wrote:
Now, it turns out, I need to mount a drive as part of my Windows hook script. Or at the very least access a share with a UNC path. And I'm in the same position. Because the hook scripts run as SYSTEM I have to go through my Samba server and can't talk directly to my NAS. It's manageable, but it would all be made easier if the hooks could be run in the context of the user who will execute the jobs.
Brain storm thoughts:When you say you need to mount a drive as part of your Windows hook, do you mean the hook itself needs data on the shared file system, or that the hook needs to mount a drive as a preparation step for the user's job to run? Esp if the latter: If you define a USER_JOB_WRAPPER in your condor_config, that wrapper will indeed run as the user, not as system. Your hook script could insert into the job ad (into the job environment perhaps?) information about what share to mount etc, and this would be picked up by your USER_JOB_WRAPPER. Heck, I suppose the hook could even rewrite the job ad's Cmd (executable) attribute to use to point to a dynamically created wrapper that would then of course run as the user when the job is launched.
Another idea: if you are using a "Professional" version of Windows, aka XP Professional and _not_ XP Home etc, and you are using dedicated job run accounts with Condor, perhaps you could use the "runas /savecred" option and then do a runas from inside your hook.
If you haven't looked at it lately, section 6.2.8 of the Condor Manual may inspire some other ideas as well:
http://www.cs.wisc.edu/condor/manual/v7.2/6_2Microsoft_Windows.html#SECTION00728000000000000000 hope this helps, Todd -- Todd Tannenbaum University of Wisconsin-Madison Condor Project Research Department of Computer Sciences tannenba@xxxxxxxxxxx 1210 W. Dayton St. Rm #4257 Phone: (608) 263-7132 Madison, WI 53706-1685