[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] condor_fetchlog PERMISSION DENIED




Zach,

Thanks for your hint. I will be working on that and will return if I have any doubt.

Klaus



Zachary Miller <zmiller@xxxxxxxxxxx>
Sent by: condor-users-bounces@xxxxxxxxxxx

22/07/2010 22:46

Please respond to
Condor-Users Mail List <condor-users@xxxxxxxxxxx>

To
Condor-Users Mail List <condor-users@xxxxxxxxxxx>
cc
Subject
Re: [Condor-users] condor_fetchlog PERMISSION DENIED





>
> The target machine has the following permissions:
>
> ALLOW_ADMINISTRATOR = mylogin@10.*/10.*
>
> When I change to:
>
> ALLOW_ADMINISTRATOR = mylogin@10.*/10.*, 10.*
>

this is likely an authentication issue.  in the first setting, you have one
entry which contains a username and so authentication will be necessary to
establish that you are in fact that user.

in the second entry, you have added "10.*".  this means that only IP-based
authorization is necessary and no authentication is required.

in order for the first to succeed, you'll have to add a config entry like:
 SEC_ADMINISTRATOR_AUTHENTICATION = REQUIRED

however, if you required authentication, you need to think about what methods
you will use and specify those with:
 SEC_ADMINISTRATOR_AUTHENTICATION_METHODS = ?

check out the relelvant portion of the condor manual for descriptions of the
different methods:
 http://www.cs.wisc.edu/condor/manual/v7.5/3_6Security.html#SECTION00463000000000000000

if you haven't set up authentication at your site, you'll probably be
interested in using the PASSWORD method.  let me know if you have questions
or any problems with this.


cheers,
-zach

_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/



This message is intended solely for the use of its addressee and may contain privileged or confidential information. All information contained herein shall be treated as confidential and shall not be disclosed to any third party without Embraer’s prior written approval. If you are not the addressee you should not distribute, copy or file this message. In this case, please notify the sender and destroy its contents immediately.
Esta mensagem é para uso exclusivo de seu destinatário e pode conter informações privilegiadas e confidenciais. Todas as informações aqui contidas devem ser tratadas como confidenciais e não devem ser divulgadas a terceiros sem o prévio consentimento por escrito da Embraer. Se você não é o destinatário não deve distribuir, copiar ou arquivar a mensagem. Neste caso, por favor, notifique o remetente da mesma e destrua imediatamente a mensagem.