Dear All, I’m trying to set up a new Condor central manager / submit host using v. 7.6.2 but I’m tearing my
hair out over a potential security hole. It seems that if I give ordinary users WRITE access so that the can submit jobs then they are also capable of reconfiguring the Condor installation (bit of a scary thought !) and there seems to be no way of preventing them from doing this without preventing them from submitting jobs (Catch 22). In my condor_config I have SEC_DEFAULT_AUTHENTICATION=REQUIRED SEC_DEFAULT_AUTHENTICATION_METHODS=FS CONDOR_USERS = smithic@xxxxxxxxxxxxxxx/ulgp5.liv.ac.uk ADMIN_USERS = condor@xxxxxxxxxxxxxxx/ulgp5.liv.ac.uk ALLOW_WRITE = $(CONDOR_USERS), $(ADMIN_USERS) ALLOW_ADMINISTRATOR = $(ADMIN_USERS) ALLOW_DAEMON = $(ADMIN_USERS) ALLOW_CONFIG = $(ADMIN_USERS) (I’ve not put in the execute hosts yet – I’m trying to keep it simple to begin with). When I do a condor_reconfig as a non-admin user I get see this in MasterLog PERMISSION GRANTED to smithic@xxxxxxxxxxxxxxx from host 138.253.100.17
for command 60012 (DC_RECONFIG_FULL), access level WRITE: reason:
WRITE authorization policy allows IP address 138.253.100.17; identifiers used for this remote host:
138.253.100.17,ulgp5.liv.ac.uk,ulgp5 It seems as if the host based authorization is taking precedence over the user based authorization. I’m wondering if this is something to do with the move to drop/discourage the use of HOSTALLOW_* Any help with this would be extremely useful as I’ve been stuck on this for a week now. Many thanks, -ian. .... Advanced Research Computing, University of Liverpool, UK. PS I’m using Scientific Linux 6.1 on an x86_64 Dell server. |