Re: [Condor-users] condor_fetchlog PERMISSION DENIED

[Zachary Miller <zmiller@xxxxxxxxxxx>]

> 
> The target machine has the following permissions:
> 
> ALLOW_ADMINISTRATOR = mylogin@10.*/10.*
> 
> When I change to:
> 
> ALLOW_ADMINISTRATOR = mylogin@10.*/10.*, 10.*
> 

this is likely an authentication issue.  in the first setting, you have one
entry which contains a username and so authentication will be necessary to
establish that you are in fact that user.

in the second entry, you have added "10.*".  this means that only IP-based
authorization is necessary and no authentication is required.

in order for the first to succeed, you'll have to add a config entry like:
  SEC_ADMINISTRATOR_AUTHENTICATION = REQUIRED

however, if you required authentication, you need to think about what methods
you will use and specify those with:
  SEC_ADMINISTRATOR_AUTHENTICATION_METHODS = ?

check out the relelvant portion of the condor manual for descriptions of the
different methods:
  http://www.cs.wisc.edu/condor/manual/v7.5/3_6Security.html#SECTION00463000000000000000

if you haven't set up authentication at your site, you'll probably be
interested in using the PASSWORD method.  let me know if you have questions
or any problems with this.


cheers,
-zach