Mailing List Archives

Public Access

 		[Computer Systems Lab]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] ERROR: SECMAN:2003:TCP auth connection

It looks like this master is the one that starts your collector. It's probably the master trying to contact the collector (advertise itself) before the collector has fully started up. If you eventually see the master via condor_status -master, you can safely ignore the error. 

Best,


matt

On 12/27/2010 10:25 AM, John Zeka wrote:

Sorry the problem is here :

12/27 15:26:32 SECMAN: TCP connection to <172.16.26.131:9618
<http://172.16.26.131:9618>> failed.
12/27 15:26:32 SECMAN: unable to create security session to
<172.16.26.131:9618 <http://172.16.26.131:9618>> via TCP, failing.
12/27 15:26:32 ERROR: SECMAN:2004:Failed to create security session to
<172.16.26.131:9618 <http://172.16.26.131:9618>> with TCP.
|SECMAN:2003:TCP connection to <172.16.26.131:9618
<http://172.16.26.131:9618>> failed.
12/27 15:26:32 Failed to start non-blocking update to
<172.16.26.131:9618 <http://172.16.26.131:9618>>.

On Mon, Dec 27, 2010 at 3:34 PM, John Zeka <john.zeka@xxxxxxxxxxxxxx
<mailto:john.zeka@xxxxxxxxxxxxxx>> wrote:

    Could you please explain me the possible origin of the issue bellow :

    12/27 15:26:27 KEYCACHE: created: 0xa72f00
    12/27 15:26:27 ******************************************************
    12/27 15:26:27 ** condor_master (CONDOR_MASTER) STARTING UP
    12/27 15:26:27 ** /opt/condor/7.4.4/sbin/condor_master
    12/27 15:26:27 ** SubsystemInfo: name=MASTER type=MASTER(2)
    class=DAEMON(1)
    12/27 15:26:27 ** Configuration: subsystem:MASTER local:<NONE>
    class:DAEMON
    12/27 15:26:27 ** $CondorVersion: 7.4.4 Dec 27 2010 $
    12/27 15:26:27 ** $CondorPlatform: X86_64-LINUX_SuSE_UNKNOWN $
    12/27 15:26:27 ** PID = 13734
    12/27 15:26:27 ** Log last touched 12/27 15:26:24
    12/27 15:26:27 ******************************************************
    12/27 15:26:27 Using config source:
    /opt/condor/default/etc/condor_config
    12/27 15:26:27 Using local config sources:
    12/27 15:26:27    /opt/condor/config/soleil.local
    12/27 15:26:27 DaemonCore: Command Socket at <172.16.26.131:53302
    <http://172.16.26.131:53302>>
    12/27 15:26:27 Started DaemonCore process
    "/opt/condor/default/sbin/condor_schedd", pid and pgroup = 13735
    12/27 15:26:27 DC_AUTHENTICATE: received DC_AUTHENTICATE from
    <172.16.26.131:55063 <http://172.16.26.131:55063>>
    12/27 15:26:27 DC_AUTHENTICATE: added incoming session id
    sunquake:13734:1293459987:0 to cache for 86420 seconds (return
    address is <172.16.26.131:39940 <http://172.16.26.131:39940>>).
    12/27 15:26:27 DC_AUTHENTICATE: received UDP packet from
    <172.16.26.131:50420 <http://172.16.26.131:50420>>.
    12/27 15:26:27 DC_AUTHENTICATE: received DC_AUTHENTICATE from
    <172.16.26.131:50420 <http://172.16.26.131:50420>>
    12/27 15:26:27 DC_AUTHENTICATE: resuming session id
    sunquake:13734:1293459987:0 with return address <172.16.26.131:39940
    <http://172.16.26.131:39940>>:
    12/27 15:26:27 DC_AUTHENTICATE: Success.
    12/27 15:26:27 IPVERIFY: allow READ: * (from config value ALLOW_READ)
    12/27 15:26:27 ipverify: READ optimized to allow anyone
    12/27 15:26:27 IPVERIFY: allow WRITE: * (from config value ALLOW_WRITE)
    12/27 15:26:27 ipverify: WRITE optimized to allow anyone
    12/27 15:26:27 IPVERIFY: allow NEGOTIATOR: soleil (from config value
    ALLOW_NEGOTIATOR)
    12/27 15:26:27 IPVERIFY: allow ADMINISTRATOR: soleil (from config
    value ALLOW_ADMINISTRATOR)
    12/27 15:26:27 IPVERIFY: allow OWNER: soleil, soleil (from config
    value ALLOW_OWNER)
    12/27 15:26:27 IPVERIFY: allow CONFIG: * (from config value
    ALLOW_CONFIG)
    12/27 15:26:27 IPVERIFY: allow DAEMON: * (from config value ALLOW_WRITE)
    12/27 15:26:27 ipverify: DAEMON optimized to allow anyone
    12/27 15:26:27 ipverify: SOAP optimized to allow anyone
    12/27 15:26:27 ipverify: DEFAULT optimized to allow anyone
    12/27 15:26:27 ipverify: CLIENT optimized to allow anyone
    12/27 15:26:27 IPVERIFY: allow ADVERTISE_STARTD: * (from config
    value ALLOW_WRITE)
    12/27 15:26:27 ipverify: ADVERTISE_STARTD optimized to allow anyone
    12/27 15:26:27 IPVERIFY: allow ADVERTISE_SCHEDD: * (from config
    value ALLOW_WRITE)
    12/27 15:26:27 ipverify: ADVERTISE_SCHEDD optimized to allow anyone
    12/27 15:26:27 IPVERIFY: allow ADVERTISE_MASTER: * (from config
    value ALLOW_WRITE)
    12/27 15:26:27 ipverify: ADVERTISE_MASTER optimized to allow anyone
    12/27 15:26:27 Initialized the following authorization table:
    12/27 15:26:27 Authorizations yet to be resolved:
    12/27 15:26:27 allow NEGOTIATOR:  */172.16.26.131
    <http://172.16.26.131> */soleil
    12/27 15:26:27 allow ADMINISTRATOR:  */172.16.26.131
    <http://172.16.26.131> */soleil
    12/27 15:26:27 allow OWNER:  */172.16.26.131 <http://172.16.26.131>
    */172.16.26.131 <http://172.16.26.131> */soleil */soleil
    12/27 15:26:27 allow CONFIG:  */*
    12/27 15:26:27 PERMISSION GRANTED to unauthenticated user from host
    172.16.26.131 for command 60008 (DC_CHILDALIVE), access level
    DAEMON: reason: DAEMON authorization policy allows access by anyone
    12/27 15:26:32 SECMAN: command 2 UPDATE_MASTER_AD to collector
    soleil from UDP port 40415 (non-blocking).

    Precisions:
    ----------------
    1- I'm starting only Master and Schedd. I just need Condor-G.
    2- No active firewall on the machine.
    3- ALLOW_READ = *
        ALLOW_WRITE = *




_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/